php does not update registry in bd mysql

Question

php does not update registry in bd mysql

Asked 3 years ago

Viewed 64 times

-4

I’m trying to update the database, it returns the message that the update was made, however, when seeing in the database, the update was not made.

What should happen:

When clicking the save button, the modified fields should be changed in the record.

What’s going on:

When I try to change the record, the msg of "saved successfully" appears and goes back to the previous page, as it should. But looking at phpMyAdmin, the record remains unchanged

The whole Code

<?php
session_start();
include_once("conexao.php");

$id = filter_input(INPUT_POST, 'id', FILTER_SANITIZE_NUMBER_INT);
$data = filter_input(INPUT_POST, 'data', FILTER_SANITIZE_STRING);
$acordo = filter_input(INPUT_POST, 'acordo', FILTER_SANITIZE_STRING);
$valor = filter_input(INPUT_POST, 'valor', FILTER_SANITIZE_STRING);
$divida = filter_input(INPUT_POST, 'divida', FILTER_SANITIZE_STRING);


//echo " data " . $data . " - acordo " . $acordo . " - valor " . $valor . " - divida " . $divida  . " - id " . $id;

$atualizacao_data = $_SESSION['atualiza_Pcl-data'];
$atualizacao_divida = $_SESSION['atualiza_Pcl-divida'];
$atualizacao_acordo = $_SESSION['atualiza_Pcl-acordo'];
$atualizacao_valor = $_SESSION['atualiza_Pcl-valor'];
$mudanca = '';
$user = 'gustavo';

/* rastreio */
if ($atualizacao_data != $data) {
    $mudanca = 'DATA => antes - ' . $atualizacao_data . ' | depois - ' . $data . '<br>';
}

if ($atualizacao_divida != $divida) {
    $mudanca = $mudanca . 'DIVIDA => antes - ' . $atualizacao_divida . ' | depois - ' . $divida . '<br>';
}

if ($atualizacao_acordo != $acordo) {
    $mudanca = $mudanca . 'ACORDO => antes - ' . $atualizacao_acordo . ' | depois - ' . $acordo . '<br>';
}

if ($atualizacao_valor != $valor) {
    $mudanca = $mudanca . 'VALOR => antes - ' . $atualizacao_valor . ' | depois - ' . $valor;
}

//echo $mudanca;

/* cadastro rastreio */

$cad_auteracao = "UPDATE parcelamento set aut_por='$user',
                                            data_aut=now,
                                            auteracao='$mudanca',
                                            WHERE id='$id'";
$conect= mysqli_query($conn, $cad_auteracao);

/* cadastro atualização */

$atualiza = "UPDATE parcelamento SET datavenc='$data',
                                        divida='$divida',
                                        acordo='$acordo',
                                        valorpcl'='$valor'
                                        WHERE id='$id'";

$resul_atualiza = mysqli_query($conn, $atualiza);

echo $atualiza;

if(mysqli_affected_rows($conn)){
    $_SESSION['msgAtualiza_pcl'] = "<p style='color:green;'>Usuário editado com sucesso</p>";
    header("Location: ../edit-parcela.php?id=$id"); 
}else{
    $_SESSION['msgAtualiza_pcl'] = "<p style='color:red;'>Usuário não foi editado!</p>";
    header("Location: ../edit-parcela.php?id=$id");
}

?>

I have tested all variables, they are all working as they should. They are receiving the values, however the update is not being made. Could you help me please?

The only part that’s gone wrong is the code part:

Part where you have the problem

$atualiza = "UPDATE parcelamento SET datavenc='$data', divida='$divida', acordo='$acordo', valorpcl'='$valor' WHERE id='$id'";

$resul_atualiza = mysqli_query($conn, $atualiza);

The update (UPDATE) is not updating. It only returns that it was aturized, but when consulting the BD, the update was not done.

1 answer

Browser other questions tagged php mysql database mysqli

You are not signed in. Login or sign up in order to post.

by Leonardo Crispim • 1 point · Answer 1 · 2021-06-08T20:31:47+00:00

-3

There are errors in your SQL’s.

The two are not being executed.

In the first one has a comma before the WHERE and the function now needs NOW parentheses().

In the second it has a single quotes after the field "valorpcl" and before the same (=).

And it lacked a little bit of good practice. When using variables inside strings, put between {keys}.

$cad_auteracao = "
    UPDATE parcelamento 
    SET 
        data_aut = NOW(),
        aut_por = '{$user}',
        auteracao = '{$mudanca}'
    
    WHERE id='{$id}'
";

/**************************************************/


$atualiza = "
    UPDATE parcelamento 
    SET 
        datavenc = '{$data}',
        divida = '{$divida}',
        acordo = '{$acordo}',
        valorpcl = '{$valor}'
    
    WHERE id = '{$id}'
";

Hello my friend. Yes, it solved my problem. What I find funny is that before, that way it worked, and that’s what teachers taught me. But thank you very much. I made the changes you said and in both parts, UPTADE worked. Where can I see more about doing it right?

– Guest 3rr067

2021/06/09 at 21:11
Any duvisa on mysql vc can be found in the documentation on their website. Follow the select page for example. https://dev.mysql.com/doc/refman/8.0/en/select.html

– Leonardo Crispim

2021/06/09 at 22:46
2

It’s ironic an answer quotes good practice teaching to do wrong just because it works. That’s why so many people are doing wrong, one just wants someone else to tell them how to work, even if wrong.

– Maniero

2021/06/10 at 13:07
Since you mentioned "good practice," then it would be better to say that it is not a good idea to concatenate the values directly in the query, as this leaves the application vulnerable to attacks from SQL Injection. Learn more here and here. (cc @Guest3rr067)

– hkotsubo

2021/06/10 at 13:26
So, guys, today I noticed that my doubts are generating repercussions. I confess that I am beginner in the area, and with courses that I managed to buy, I learned as described above. I am immensely grateful that you are opening my eyes to the risk my code is taking. If you can guide me on this journey, I will be immensely grateful.

– Guest 3rr067

2021/06/10 at 18:43