FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.
Home » Imported messages » comp.lang.php » Help required with UPDATE columns
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Help required with UPDATE columns [message #179542 is a reply to message #179540] Tue, 06 November 2012 17:59 Go to previous messageGo to previous message
Thomas 'PointedEars' is currently offline  Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma:
Senior Member
Shake wrote:

> El 06/11/2012 13:40, Dynamo escribió:
>> $query1 = ("UPDATE mytable SET drawing = 'mydrawing.pdf' WHERE id=2");
> [...]
>> $query1 = ("UPDATE mytable SET drawing = $drawing WHERE id=2");
>
> -------------------------------------------^
>
> There are no quotes.

Either one allows for SQL injection. The OP should read on Prepared
Statements (but at least mysql_real_escape_string()) instead.

> Incorrect:
> - $query1 = ("UPDATE mytable SET drawing = $drawing WHERE id=2");
> correct:
> - $query1 = ("UPDATE mytable SET drawing = '$drawing' WHERE id=2");

The parentheses are unnecessary and misleading. The names should be
backtick-quoted.

> That's not a PHP problem. Is a SQL one.

_MySQL_, and you do not appear to know either very well.


PointedEars
--
Danny Goodman's books are out of date and teach practices that are
positively harmful for cross-browser scripting.
-- Richard Cornford, cljs, <cife6q$253$1$8300dec7(at)news(dot)demon(dot)co(dot)uk> (2004)

Report message to a moderator

[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Output status during processing
Next Topic: How awesome Virtual Sailor 7 is
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Tue Nov 26 02:37:43 GMT 2024

Total time taken to generate the page: 0.04615 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.1.3.
Copyright ©2001-2023 FUDforum Bulletin Board Software