470,815 Members | 1,112 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,815 developers. It's quick & easy.

mysql_error on an update

What's the best practice for handling the following situation, when I
do an update like this:

$sql = "UPDATE haha SET papa="loco" WHERE id=$var";
$res = mysql_query($sql,$db);

If I don't get a match in my where clause, i.e., 12!=44 the UPDATE does
not occur but mysql_errno == 0 and mysql_error = "" so I can't capture
the failure.

Any thoughts?

Jeff

Jan 31 '06 #1
4 1726
>What's the best practice for handling the following situation, when I
do an update like this:

$sql = "UPDATE haha SET papa="loco" WHERE id=$var";
$res = mysql_query($sql,$db);

If I don't get a match in my where clause, i.e., 12!=44 the UPDATE does
not occur but mysql_errno == 0 and mysql_error = "" so I can't capture
the failure.


It's NOT a failure. The query did what you wanted it to.

From an application point of view, sometimes affecting or
retrieving any rows is a failure (consider black lists).

I believe you can look at mysql_affected_rows() and see how many
rows it changed.

Gordon L. Burditt
Jan 31 '06 #2
> On 31 Jan 2006 07:44:15 -0800, "Jeff" <jo******@gmail.com> wrote:
What's the best practice for handling the following situation, when I
do an update like this:

$sql = "UPDATE haha SET papa="loco" WHERE id=$var";
$res = mysql_query($sql,$db);

If I don't get a match in my where clause, i.e., 12!=44 the UPDATE does
not occur but mysql_errno == 0 and mysql_error = "" so I can't capture
the failure.

Any thoughts?


Hi Jeff,

It's actually not an error for an update or delete statement to affect zero
rows, believe it or not. Just as it's not an error for a select query to
return zero rows.

But there may be a solution for you. Check out the mysql_affected_rows
function in PHP.
http://us3.php.net/manual/en/functio...ected-rows.php

By the way, I'd like to give you a gentle reminder to do some verification
on the $var variable in your code to make sure it contains a valid integer
and no other string. If the value is coming from a request parameter, a
malicious user could enter a string such as "44 OR 1=1" and mess up your
database! This is called SQL injection, it's a common security
vulnerability.
See http://en.wikipedia.org/wiki/Sql_injection

Regards,
Bill K.
Feb 1 '06 #3

"Jeff" <jo******@gmail.com> wrote in message
news:11**********************@f14g2000cwb.googlegr oups.com...
What's the best practice for handling the following situation, when I
do an update like this:

$sql = "UPDATE haha SET papa="loco" WHERE id=$var";
$res = mysql_query($sql,$db);
Why are you not escaping your \" quotes around loco?

If I don't get a match in my where clause, i.e., 12!=44 the UPDATE does
not occur but mysql_errno == 0 and mysql_error = "" so I can't capture
the failure.

Any thoughts?

Jeff

Feb 11 '06 #4

"Jim Michaels" <jm******@nospam.yahoo.com> wrote in message
news:Bu******************************@comcast.com. ..

"Jeff" <jo******@gmail.com> wrote in message
news:11**********************@f14g2000cwb.googlegr oups.com...
What's the best practice for handling the following situation, when I
do an update like this:

$sql = "UPDATE haha SET papa="loco" WHERE id=$var";
$res = mysql_query($sql,$db);
Why are you not escaping your \" quotes around loco?


I am surprised you didn't get a parse error from PHP. that middle quote
causes a premature end of string. so your query would be "UPDATE haha SET
papa=" and that's it. that's probably why it was failing. if you want to
really see what it looks like, echo it to see how the parser sees it.

If I don't get a match in my where clause, i.e., 12!=44 the UPDATE does
not occur but mysql_errno == 0 and mysql_error = "" so I can't capture
the failure.

Any thoughts?

Jeff


Feb 11 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

3 posts views Thread by Al | last post: by
7 posts views Thread by Dave | last post: by
8 posts views Thread by Lauren Quantrell | last post: by
27 posts views Thread by VK | last post: by
16 posts views Thread by Philip Boonzaaier | last post: by
8 posts views Thread by Zorpiedoman | last post: by
3 posts views Thread by user | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.