Jump to content

MySQL query is not working


Recommended Posts

The code is too long to paste here, but I've already found a place where the error might be, by taking away headers (header: location) and adding echo $_POST['send']. This is the file that process (update query) data from HTML form. The code was not completed and, as I suppose, taken from adding information (insert query) file, because there were these lines of code:

if ($_POST['password'] == $_POST['confirm_password']) 
{
[there is a code with processing information and mysql queries]
} 
else {    echo $_POST['send']."2";
               // header("Location: ".SITE_PATH."&result=3");
                exit;
         }

This testing echo was reflected after I commented header (location)

 

 

I've decided to delete the if clause, the code works, but the queries are still not sending.

 

I will attach the whole file here, if it helps to solve the issue.

Link to post
Share on other sites

Unfortunately, you may need to rewrite a lot of your code.

 

You should never mix variables into your queries because, aside from the potential to throw errors, they also provide a mean of breaking into your database.

 

The mysql library is deprecated due to security vulnerabilities and no longer works in recent versions of PHP. If your server gets an upgrade at any point your whole program will stop working. There are two alternatives: mysqli and PDO. Personally, I prefer PDO.

 

Now before you jump into either of these, remember that you must not put variables into your SQL even when using these new libraries. So how do you put values into your query? Use prepared statements: http://www.w3schools.com/php/php_mysql_prepared_statements.asp

 

There's a better description of prepared statements in the PHP manual: http://php.net/manual/en/pdo.prepared-statements.php

 

strip_tags() and htmlspecialchars() are operations you should do when retrieving information from the database, not before storing them.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...