469,282 Members | 1,810 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,282 developers. It's quick & easy.

Trying to update data in access database

23
I have been trying to update the details in a access database but, all I get is a white screen and all the errors I have built-in give me no help at all.

All help is greatly appreciated.


[PHP]<html>
<head><title> Customer Information Updated</title></head>
<body>

<?php

$connstr = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" . realpath("2PointB.mdb").";";
$conn=odbc_connect($connstr,'','') or die(Print "connect error: ".odbc_error());


if($_POST[Emergency_Contact_Name]=="")$Emergency_Contact_Name='NULL';
else $Emergency_Contact_Name=$_POST[Emergency_Contact_Name];

if($_POST[Emergency_Contact#]=="")$Emergency_Contact#='NULL';
else $Emergency_Contact#=$_POST[Emergency_Contact#];

if($_POST[Telephone]=="")$Telephone='NULL';
else $Telephone=$_POST[Telephone];

if($_POST[Special_Deitary_Requirements]=="")$Special_Deitary_Requirements='NULL';
else $Special_Deitary_Requirements=$_POST[Special_Deitary_Requirements];


$sql="update tblCustomer set Customer_ID='$_POST[Customer_ID]',Surname='$_POST[Surname]',Forename='$_POST[Forename]', DOB='$_POST[DOB]',Sex='$_POST[Sex]',Address='$_POST[Address]', Town ='$_POST[Town]', City='$_POST[City]', Post_Code ='$_POST[Post_Code]', Telephone='$_POST[Town]', Emergency_Contact_Name='$_POST[Emergency_Contact_Name]', Emergency_Contact#='$_POST[Emergency_Contact#]', Special_Deitary_Requirements='$_POST[Special_Deitary_Requirements]' where Customer_ID='$_POST[Customer_ID]'";


$stmt=odbc_exec($conn, $sql)
or die (Print "execute error: ".odbc_error());

odbc_exec($conn, $stmt) or die (Print "error".odbc_error());

print "Thanks ".$Forename "your customer information has been updated";
?>
</body>
</html>
[/PHP]
Apr 16 '08 #1
5 1567
TheServant
1,168 Expert 1GB
[PHP]print ("Thanks ".$Forename.", your customer information has been updated.";[/PHP]

You forgot to join the string between your variable and the rest of the message (and I fixed up a little grammer), which might have confused the output line. Post back if that does not solve it and I will look at the code a bit closer.
Apr 16 '08 #2
ronverdonk
4,258 Expert 4TB
By the way: great SQL statement code for some SQL injection!

Ronald
Apr 16 '08 #3
Yew12
23
Thanks very much that help a lot. At least now I get an error.

[PHP]<html>
<head><title> Customer Information Updated</title></head>
<body>

<?php

$connstr = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" . realpath("2PointB.mdb").";";
$conn=odbc_connect($connstr,'','') or die(Print "connect error: ".odbc_error());


if($_POST[Emergency_Contact_Name]=="")$Emergency_Contact_Name='NULL';
else $Emergency_Contact_Name=$_POST[Emergency_Contact_Name];

if($_POST[Emergency_Contact_No]=="")$Emergency_Contact_No='NULL';
else $Emergency_Contact_No=$_POST[Emergency_Contact_No];

if($_POST[Telephone]=="")$Telephone='NULL';
else $Telephone=$_POST[Telephone];

if($_POST[Special_Deitary_Requirements]=="")$Special_Deitary_Requirements='NULL';
else $Special_Deitary_Requirements=$_POST[Special_Deitary_Requirements];


$sql="update tblCustomer set Customer_ID='$_POST[Customer_ID]',Surname='$_POST[Surname]',Forename='$_POST[Forename]', DOB='$_POST[DOB]',Sex='$_POST[Sex]',Address='$_POST[Address]', Town ='$_POST[Town]', City='$_POST[City]', Post_Code ='$_POST[Post_Code]', Telephone='$_POST[Town]', Emergency_Contact_Name='$_POST[Emergency_Contact_Name]', Emergency_Contact_No='$_POST[Emergency_Contact_No]', Special_Deitary_Requirements='$_POST[Special_Deitary_Requirements]' where Customer_ID='$_POST[Customer_ID]'";

Print $sql;

$stmt=odbc_exec($conn, $sql)
or die (Print "execute error: ".odbc_error());

odbc_exec($conn, $stmt) or die (Print "error".odbc_error());

print ("Thanks ".$Forename. "your customer information has been updated");

?>
</body>
</html>
[/PHP]

The error is odbc error 22005 a date problem I think. Do you know what to do from here.

I don't know if this matters but Im from the uk so my date goes dd/mm/yyyy.


Oh thanks Ronald for making me aware.
Apr 16 '08 #4
TheServant
1,168 Expert 1GB
By the way: great SQL statement code for some SQL injection!

Ronald
One step at a time Ron. But Ron's right, you cannot go public with the code you have now. You need to take some security steps to stop people from using your database how they see fit. This means validating and sanitizing you inputs. Here is one to start you off (you can continue with google). But make another post if you have questions about that - one problem per post.
Apr 16 '08 #5
ronverdonk
4,258 Expert 4TB
....I don't know if this matters but Im from the uk so my date goes dd/mm/yyyy.....
It matters! I do not know the standard date format for Access but I quess it is, just like MySQL, YYYY-MM-DD. If that is true, you'll have to reformat your date before storing it in the database. You can use the PHP strtotime() and date() functions for that.

Ronald
Apr 16 '08 #6

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

16 posts views Thread by robert | last post: by
2 posts views Thread by Joe Fetters via .NET 247 | last post: by
2 posts views Thread by Ville Mattila | last post: by
6 posts views Thread by Tark Siala | last post: by
1 post views Thread by CARIGAR | last post: by
reply views Thread by zhoujie | last post: by
reply views Thread by suresh191 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.