On Tue, 11 Mar 2008 08:47:10 +0100, <su****@hotmail.comwrote:
When trying to update a table, the following works only occasionally;
it doesn't work reliably. Can anyone show me where I'm going wrong,
please?
// $commenrts_new is the data from the form ;
$Query="SELECT comments FROM clients WHERE id='$cli_update_id' ";
Where does $cli_update_id come from, and is it sanatised?
$Result=mysql_db_query ($DBName, $Query, $Link);
if(!$Result) echo mysql_error();//or log mysql_error() to a file in case
of a live website
while ($Row=mysql_fetch_array ($Result))
{
$comments_old=$Row[comments];
}
$comments=$comments_old." <br>".$comments_new;
$comments = mysql_real_escape_string($comments);
$Query="UPDATE clients SET comments='$comments' WHERE
id='$cli_update_id' ";
$Result=mysql_db_query ($DBName, $Query, $Link);
Again:
if(!$Result) echo mysql_error();//or log mysql_error() to a file in case
of a live website
I'd say the most likely scenario for failure is a ' in either
$comments_old or $comments_new.
Also: why not do this:
$cli_update_id = mysql_real_escape_string($cli_update_id);
$comments_new = mysql_real_escape_string($comments_new);
mysql_query("UPDATE clients SET comments =
CONCAT(comments,'<br>','$comments_new' WHERE id = '$cli_update_id'");
--
Rik Wasmus