Need an extra set of eyes

Posted on 2014-10-03
Last Modified: 2014-10-04
Having a problem with this code.
mysql_query($conn,"UPDATE mapfile SET TYPE = .$type, \" TENANT = .$tenant, FRONTAGE = .%fontage, SIC = .$sic
            WHERE SEQ = .$Building_Id and STOREKEY = .$Space_Id";
Question by:breeze351
LVL 58

Accepted Solution

Gary earned 500 total points
Comment Utility
mysql_query("UPDATE mapfile SET TYPE =\"$type\", TENANT = \"$tenant\", FRONTAGE = \"%fontage\", SIC = \"$sic\"
            WHERE SEQ = \"$Building_Id\" and STOREKEY = \"$Space_Id\"",$conn); 

Open in new window

LVL 82

Expert Comment

by:Dave Baldwin
Comment Utility
Why is there a '%' instead of a '$' in "%fontage"?
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
Fortunately all of the PHP functions are documented in the online man pages.  Example here, showing the mysql_query() function.

When you get to the warning and discover that PHP is doing away with MySQL support, you may find this article helpful.  It shows how to make the required upgrade from MySQL to one of the supported extensions.
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

LVL 51

Expert Comment

by:Julian Hansen
Comment Utility
Did you cut and paste that from your code or type it in - because there are so many things wrong with it as has been pointed out in previous posts it is not surprising it does not work.

The only change I would make to Gary's post is to use single quotes instead of double around the strings - just makes for a neater look but that is personal preference.
Unless you are using multiple connections you don't have to specify the link resource in the mysql_query call
I also have developed a habit of putting {} around my in-string variables - it is not necessary but it does help to highlight where the variables are.

mysql_query("UPDATE mapfile SET TYPE ='{$type}', TENANT = '{$tenant}', FRONTAGE = '%fontage', SIC = '$sic'
            WHERE SEQ = '{$Building_Id}' and STOREKEY = '{$Space_Id}'"); 

Open in new window

And as Ray mentioned in his post post 5.5 the mysql library is no longer supported - mysql lib calls will simply fail - I would consider moving over to mysqli.

Beyond that - try getting the query to work in a query editor SQLYog, MySQL Workbench or PHPMySQL - once it is working there translate it back into your code.
LVL 108

Expert Comment

by:Ray Paseur
Comment Utility
Here is a good way to write a query - construct it in a PHP variable, instead of loading it into the function call.  That way you can visualize the query and you don't have to guess about what might be wrong.

$sql = "SELECT col FROM myTable WHERE name='Ray' LIMIT 1";
$res = mysql_query($sql);
if (!$res)
    echo mysql_error();
    trigger_error("QUERY FAILED", E_USER_ERROR);

Open in new window


Author Closing Comment

Comment Utility
I has a bad day yesterday and I couldn't see it.
You ever had one of those where you stare at the code and you can't see it.

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to count occurrences of each item in an array.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now