0

I've been trying to make this code work for hours now but I can't seem to find solution. I've serached all relevant topics and tried to change the code, punctuation etc. but none of them worked for me.

The result is always "Success!" but the database update never works (checked in phpmyadmin). I hope that you can find the error. The code is the following:

if(empty($_POST['nev']) || empty($_POST['orszag']) || empty($_POST['telefonszam']) || empty($_POST['iranyitoszam'])
    || empty($_POST['megye']) || empty($_POST['varos']) || empty($_POST['utca'])) {
    echo "Failure! Missing data...";
}
else {
    $nev = mysql_real_escape_string($_POST['nev']);
    $orszag = mysql_real_escape_string($_POST['orszag']);
    $telefonszamm = mysql_real_escape_string($_POST['telefonszam']);
    $iranyitoszam = mysql_real_escape_string($_POST['iranyitoszam']);
    $megye = mysql_real_escape_string($_POST['megye']);
    $varos = mysql_real_escape_string($_POST['varos']);
    $utca = mysql_real_escape_string($_POST['utca']);

    $shipping_query = mysql_query("UPDATE users 
        SET Name=".$nev.", Phone=".$telefonszam.", 
        Country=".$orszag.", State=".$megye.", 
        City=".$varos.", ZIP=".$iranyitoszam.", 
        Road=".$utca." 
        WHERE EmailAddress='" . $_SESSION['EmailAddress'] . "'");   

    echo "Success!";
}

Thank you for your help!

Improve this question
1
  • Please don't use mysql_*; it's deprecated. Use MySQLi or PDO instead. Commented Jan 10, 2014 at 21:24

3 Answers 3

Reset to default
3

You're missing quotes around the strings in your query.

$shipping_query = mysql_query("UPDATE users
SET Name='".$nev."', Phone='".$telefonszam."',
Country='".$orszag."', State='".$megye."',
City='".$varos."', ZIP='".$iranyitoszam."',
Road='".$utca."'
WHERE EmailAddress='" . $_SESSION['EmailAddress'] . "'");

You also no error checking on your query. So whether it succeeds or fails it will always say, "success". You need to check to see if there is a MySQL error ir rows updated before you can declare success.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thank you! I thought that I made a really simple, yet huge mistake. It solved the problem!
0

Name, Phone, Country etc etc seam like VARCHARs. so, it should be treated as a string.

So, query should be like.

"UPDATE users SET Name='".$nev."', Phone='".$telefonszam."',Country='".$orszag."', State='".$megye."',City='".$varos."', ZIP='".$iranyitoszam."',Road='".$utca."' WHERE EmailAddress='" . $_SESSION['EmailAddress'] . "'"
Improve this answer

Comments

0

As other answers have pointed out, you're missing quotes around your string variables.

When you're MySQL queries are failing to execute, try echoing your queries while debugging to see what exactly you're sending to the database.

$myValue = "Green";
$mySQL = "UPDATE MyTable SET MyColor = " . $myValue;
$myQuery = mysql_query($mySQL);
echo $mySQL;

Spotting the error visually is much easier when the entire SQL string is assembled in one piece.

You can also copy the assembled SQL string and paste it straight into a phpmyadmin query to get debugging information from it.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.