SQL PHP Update/Delete/Add

[LingoOutsider]

This is my code so far for updating...

PHP Code:


$namereq = $_REQUEST['namefield'] ;
$emailreq = $_REQUEST['emailfield'] ;
$messagereq = $_REQUEST['messagefield'] ;
$datereq = $_REQUEST['datefield'] ;

$con = mysql_connect("server", "username", "password");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  echo "update failed";
  }

mysql_select_db("database", $con);
global $customernumber;

mysql_query("UPDATE enquiryform SET name=$namereq WHERE customerno = $customernumber LIMIT 1");
mysql_query("UPDATE enquiryform SET email=$emailreq WHERE customerno = $customernumber LIMIT 1");
mysql_query("UPDATE enquiryform SET message=$messagereq WHERE customerno = $customernumber LIMIT 1");
mysql_query("UPDATE enquiryform SET startdate=$datereq WHERE customerno = $customernumber LIMIT 1");

mysql_close($con);

echo $namereq
echo $emailreq
echo $messagereq
echo "Update Compleated"; 


$_REQUEST['field'] have been retreved for previous page and everything echos/prints ok but nothing changes on the database table?!
I've checked field/database/passwords/etc what am I missing?

[kows]

well, first -- you shouldn't be using 4 different queries to update one record. this one query accomplishes the same as your four:

PHP Code:

mysql_query("UPDATE enquiryform SET name='$namereq', email='$emailreq', message='$messagereq', startdate='$datereq' WHERE customerno='$customernumber' LIMIT 1"); 


the reason none of your things are updating is probably because you're not enclosing any values in quotes (like in my example above). MySQL will interpret strings not enclosed in quotes as functions/reserved words. this is why none of your tables are updating.

you should also be checking your user input; you can use mysql_real_escape_string():

PHP Code:

$namereq = mysql_real_escape_string($_REQUEST['namefield']);
$emailreq = mysql_real_escape_string($_REQUEST['emailfield']);
$messagereq = mysql_real_escape_string($_REQUEST['messagefield']);
$datereq = mysql_real_escape_string($_REQUEST['datefield']); 


[manavo11]

To check if there is a problem with your mysql query, you can check the value of mysql_error() after you call a query. Or run your query like this:

PHP Code:

mysql_query($Query) or die("MySQL error: ".mysql_error()); 


So execution will stop and you can see straight away the error.

[LingoOutsider]

Thanks, its updating now!

If I want to use multiple submit buttons (add/delete/update) on the one form whats the easiest way to identify which has been pressed?

PHP Code:

<input type="submit" name="Change" value="Change" /> 


what command will identify my pressed button?

[kows]

you can name the buttons and then check whether or not they've been pressed by using isset(). instead of an IF statement to handle all of it, you could do:

PHP Code:

<?php

  if($_SERVER['REQUEST_METHOD']){

    $button = (isset($_POST['add'])) ? 'add' : ((isset($_POST['update'])) ? 'update' : 'delete');

    switch($button):
      case 'add':

        //add stuff

        break;
      case 'update':

        //update stuff

        break;
      case 'delete':

        //delete stuff

        break;
    endswitch;
  }

?>
<form action="script.php" method="post">
  <input type="submit" name="add" value="add" />
  <input type="submit" name="update" value="update" />
  <input type="submit" name="delete" value="delete" />
</form>