Dear Jason

I need a secure way of updating mysql on the website, phpadmin is not
secure enough

So I have created these pages in order:
A page to choose the databases
Next a page to choose the table
Next a list of the records in the table
Next to edit the page using textboxes and textareas
I pass the database name, table name, and the records to change to the
page with the problem.
The passed values have the same field name as the record in the database
e.g. id
The problem I can see is that I cannot access the passed variables, that
is why the update is failing , although I do not get any errors.

I am trying to access the passed variables with this line $fieldname2 =

Does this make sense



  $MySQLLink = mysql_pconnect ("davecp4", "root", "")
   or die("Could not attach to database. Please try later or contact
   mysql_select_db($database_name, $MySQLLink) or die("ERROR--CAN'T CONNECT
TO DB");

   $result = mysql_query("SELECT * FROM ".$table_name) or die("Error: " .

   for($i = 1; $i < mysql_num_fields($result); $i++)
    $fieldname = mysql_field_name($result, $i);
    $fieldname2 = "$".$fieldname;
    mysql_query("UPDATE $table_name SET $fieldname=$fieldname2 WHERE id
    echo $fieldname."<br>".$fieldname2."<br>";


Jason Wong wrote:
> On Wednesday 17 September 2003 23:42, David wrote:
>>Here is my original problem below as I am treated as spam. When it
>>reaches the next page, when the update query is run, it does not update
>>the database.
> *sigh*
> Could you please describe *exactly* what happens. Eg does your error messages 
> kick-in? Does the php error logs show anything? etc

PHP Database Mailing List (
To unsubscribe, visit:

Reply via email to