--- Tedit kap <[EMAIL PROTECTED]> wrote:
> Hi,
>
> The code below takes variables vrb1 through vrb5 from a form and it is
> supposed to update a database. It is displaying the results coming from the
> form on the screen (so the form works correctly) but this code can not update
> the database, displaying "I could not update the database" as below - and
> when I check it is really not updated. Can anybody tell me why it can not
> update the database? The columns written here also match with database
> columns.
>
> $query="INSERT INTO table1 (iid, title1, par1, par2, par3) VALUES
> ($vrb1,$vrb2,$vrb3,$vrb4,$vrb5)";
> mysql_query($query) or die (' I could not update the database');
You haven't told us anything about your table structure so we have to make a
guess to attempt to help you. You can get the MySQL error by adding something
like this to the die() part of the statement:
or die('I could not update the database<hr>' . mysql_error() . '<hr>' .
$query);
The mysql_error() function will display the last error message supplied by the
MySQL server.
My prediction is that your column is not named "iid" but rather "id". I also
wonder about the "1" after "title". Again, these are issues we could more
directly resolve with info about the table structure (ie the output of a "DESC
table1;" query.
I also don't see quotes around your values and this is another problem which
would cause your query to fail.
$query="INSERT INTO table1 (iid, title1, par1, par2, par3) VALUES
('$vrb1','$vrb2','$vrb3','$vrb4','$vrb5')";
I find it easy to make an error with the INSERT syntax you have. I would
normally use:
$query="INSERT INTO table1 SET iid='$vrb1', title1='$vrb2', par1='$vrb3',
par2='$vrb4', par3='$vrb5'";
This way you have the field/column names next to their corresponding values.
I know you are just beginning but you will want to look at validating the data
received from the form to make sure that it is the kind of information you are
expecting. This form would be vulnerable to SQL Injection which could cause
some nasty surprises down the road.
James Keeline
