3

I am new to PHP and want to create a script that will update the users first and last name if they need to do so. I have the code below and it ends up echoing out UPDATE fixableusers SET first='trenton' WHERE id='6' on the settings.inc.php page but it is not updating the table. Is there a reason it is not updating the table? 

<?php
include_once('dbh.php');

session_start();
$userSession = $_SESSION['id'];

if(isset($_SESSION['id'])) {
    $postTest = $_POST['first'];
    $sql = "UPDATE fixableusers SET first='$postTest' WHERE id='$userSession'";
} else {
    echo 'Do something else';
}

My dbh.php file includes the following code:

<?php

$conn = mysqli_connect('localhost', 'root', 'root', 'users');
Improve this question
6
  • what do you have in dbh.php ? Commented Dec 23, 2016 at 3:19
  • 'WHERE id='$userSession'";' dosnt exist in the db yet Commented Dec 23, 2016 at 3:20
  • did you execute that query? Commented Dec 23, 2016 at 3:21
  • 3
    please use prepared statements to fix your sql injection vunlerability ( malicious things passed in post ). There's no point in not making a good habit starting now. Commented Dec 23, 2016 at 3:26
  • 1
    stackoverflow.com/questions/60174/… Commented Dec 23, 2016 at 3:30

3 Answers 3

Reset to default
5

You are excluding the mysqli_query function,

Add this mysqli_query($conn, $sql); after build the $sql.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Inside your if statement you're just declaring variables, in order to actually execute a query you need to :
if(isset($_SESSION['id'])) { $postTest = $_POST['first']; $sql = "UPDATE fixableusers SET first='$postTest' WHERE id='$userSession'"; mysqli_query($conn, $sql); }

And you need to improve this ( handle errors ..etc)

Improve this answer

Comments

1 
<?php
// Connect your DB
include_once('dbh.php');

//Start Session    
session_start();

if(isset($_SESSION['id'])) {

// Update Query
$updateqry = "UPDATE fixableusers SET first='".$_POST['first']."' WHERE id='".$_SESSION['id']."'";
mysqli_query($conn, $updateqry);

} else {

        echo 'Do something else';
}

?>
Improve this answer

1 Comment

Please add some explanation to the code so the OP and further readers can understand your code. The OP is a beginner and so are many others on this site.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.