|
|
Posted by Pedro Graca on 10/10/06 01:17
Garry Jones wrote:
> This is misfiring. Anyone see the problem?
>
> mysql_query("UPDATE scfmforening SET scfmpad=$scfmpad, scfmpnm=$scfmpnm,
> scfmort=$scfmort, scfmwww=$scfmwww, scfmwww=$scfmwww, scfmept=$scfmept,
> scfmkom=$scfmkom WHERE scfmnum=$scfchknum ");
Another way to validate SQL commands (the way I most often use) is:
a) instead of putting the command inside the mysql_query() build it
outside
b) check the return value from mysql_query()
c) output an error message and stop the script (or, maybe better,
log the error somewhere and let the user know there was an error)
<?php
// a)
$sql = "UPDATE scfXXX SET scfYYY=$scfZZZ WHERE scfKKK=$scfQQQ";
// b)
$res = mysql_query($sql);
// c)
if (!$res === false) {
// There was an error in the query
exit('Error in [' . $sql . ']: ' . mysql_error());
/* or
mail('me@somewhere.com', 'SQL Error',
'Error in [' . $sql . ']: ' . mysql_error());
exit('Cannot do that right now. Please try again in a few minutes.');
*/
}
--
File not found: (R)esume, (R)etry, (R)erun, (R)eturn, (R)eboot
Navigation:
[Reply to this message]
|