0

code updated

i have a table called vote with three fields ans_1,ans_2,ans_3 query strings number is 2 or 3 according to answers the admin is going to save so they look like this ?1=aaa&2=bbb or ?1=aaa&2=bbb&3=ccc my point is to save every query string in a column so i use the code below but it keeps using the last value of the query string only 

$queries = $_SERVER['QUERY_STRING'];
$answers = explode("&",$queries );
$num = count($answers);
foreach($answers as $val){
$chars= strlen($val);
$test = substr($val,2,$chars-2);
for($x=1; $x<=$num; $x++){
    $Q = "update vote set ans_'$x' = '$test' where Vote_ID = '1'";
    $R = mysql_query($Q);
    if($R) { echo "done"; } else { echo mysql_errno(); }    
    }
}
Improve this question

4 Answers 4

Reset to default
2

If you have dynamic columns for which you are substituting $x, do not enclose $x in quotes:

$Q = "update vote set ans_$x = '$test' where Vote_ID = '1'";

Please be sure to escape the contents of $_SERVER['QUERY_STRING'] with mysql_real_escape_string().

$test = mysql_real_escape_string($test);

The proper way to parse a query string in PHP is with parse_str(), rather than attempting to explode() on the &.

$queryvars = array();
$parse_str($_SERVER['QUERY_STRING'], $queryvars);
foreach ($queryvars as $key=>$value) {
   // do the loop
}

However, since you are grabbing the whole query string, and not filtering any specific variables, why not just use $_GET?

$x = 0;
foreach ($_GET as $key=>$value) {
   // do the loop...
   $test = mysql_real_escape_string($value);
   $Q = "update vote set ans_'$x' = '$test' where Vote_ID = '1'";
   $x++;
}

Update

To help you understand why your code isn't working, I'll modify it here. However, this is not the preferred method of performing this task. Using foreach($_GET) as above is much better. Indenting the loop properly will help reveal the problem:

$queries = $_SERVER['QUERY_STRING'];
$answers = explode("&",$queries );
$num = count($answers);

// Your foreach loops over the available querystring params:
// Start by initializing $x to 0
$x = 0;
foreach($answers as $val){
  $chars= strlen($val);
  $test = substr($val,2,$chars-2);

  // You are already inside the foreach loop, so
  // you don't want to start another loop which uses the same value for $test
  // on each iteration.  Instead $x was set to 0 before the outer foreach...
  // There is no need for an inner loop.
  //for($x=1; $x<=$num; $x++){
    // On first iter here, $x is 0. Increments at the end of the loop iter.
    $Q = "update vote set ans_$x = '$test' where Vote_ID = '1'";
    $R = mysql_query($Q);
    if($R) {
      echo "done"; 
    } else { 
      echo mysql_errno(); 
    }
    // On each iteration, increment $x here.
    $x++;
  //} // the inner for loop, commented out...
}
Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

sure i use mysql_real_escape_string for security but i tried to make it as simple as possible here thanks a lot
still there's an error it keeps updating all columns with the last query string only
no the main version after replacing ans_'$x' with ans_$x didn't try GET yet was just checking if the main code is going to work
@Yasser because in your code you set $test outside of the for loop which increments $x. It isn't going to work at all.
i'm trying to learn and get more experience so if there's any answer with some explanation i'd appreciate it thanks
|
1

You need to remove the single quotes. Try:

$Q = "update vote set ans_$x = '$test' where Vote_ID = '1'";
Improve this answer

1 Comment

still there's an error it keeps updating all columns with the last query string only
1

Remove the quotes around your variable..may want to use mysql_real_escape_string if you're getting values for the query.

$Q = "update vote set `ans_$x` = '" . mysql_real_escape_string($test) . "' where Vote_ID = '1'";
Improve this answer

2 Comments

sure i use mysql_real_escape_string for security but i tried to make it as simple as possible here thanks a lot
still there's an error it keeps updating all columns with the last query string only
1

My suggestion would be to not use SQL/PHP in this method.

However to answer why it is not working, you cannot use a PHP variable to set the column in a query as you currently have it.

You would need to change $Q = "update vote set ans_'$x' = '$test' where Vote_ID = '1'"; to:

$Q = "update vote set ans_$x = '$test' where Vote_ID = '1'";

Be sure to sanitize the user input for the type of data you are expecting.

Improve this answer

4 Comments

sure i use mysql_real_escape_string for security but i tried to make it as simple as possible here thanks a lot
still there's an error it keeps updating all columns with the last query string only
@Yasser is there an error code, or is the code not doing what you expect?
not doing what i expect though it's a simple for loop it keeps updating columns with the last value guess i should review it from the beginning

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.