एक अद्यतन क्वेरी पास करने पर, mysql_query()
सफलता के लिए बूलियन TRUE और विफलता के लिए FALSE लौटाता है, जबकि mysql_num_rows()
केवल परिणामसेट संसाधन को इसके तर्क के रूप में स्वीकार करता है। यह निर्धारित करने के लिए कि UPDATE क्वेरी ने कितनी पंक्तियों को प्रभावित किया, mysql_affected_rows()
पर कॉल करें कनेक्शन संसाधन के साथ इसके तर्क के रूप में।
इससे आपको अभी समस्या नहीं हो रही है, लेकिन आपको or die(mysql_error())
जोड़ने की सलाह दी जाएगी। आपके mysql_query()
. पर होने वाली किसी भी MySQL त्रुटि को पकड़ने के लिए कॉल करता है। बेहतर होगा कि आप mysql_*
. को छोड़ दें पूरी तरह से PHP पीडीओ एक्सटेंशन के पक्ष में कार्य करता है, जैसा कि PHP मैनुअल में अनुशंसित है, और जो वास्तव में क्षमता और सुरक्षा में प्रदान किए जाने वाले विशाल लाभों के बदले में अधिक संज्ञानात्मक ओवरहेड नहीं लेता है।
इसे छोड़कर, यहां बताया गया है कि मैं आपका कोड कैसे बदलूंगा ताकि यह आपके मन की तरह व्यवहार करे:
<?php
// obtain a database connection
$dbConn = mysql_connect($serverName, $user_name, $password)
or die("Cannot connect to server: " . mysql_error() . "<br />\n");
// mysql error number rarely adds enough information to be worth including
// select the database
mysql_select_db($db_name, $dbConn)
or die("Couldn't select $db_name: " . mysql_error() . "<br />\n");
// obtain escaped versions of query data for inclusion in update query
// it is imperative to use mysql_real_escape_string() or equivalent if you're
// going to use mysql_* functions instead of the far preferable PDO
// prepared statements; if you don't escape your data, you leave open the
// possibility of SQL injection, which someone will certainly soon use to
// screw up your website horribly
$id = mysql_real_escape_string($_GET['id']);
$additional_notes = mysql_real_escape_string($_GET['additional_notes']);
// assemble query to pass to mysql_query()
// no need for parentheses around the string; in fact i'm surprised that
// didn't result in a parse error
// also FYI re backticks, MySQL uses them to denote literal database/table/
// column names -- they're optional unless required to disambiguate between
// an entity name and a reserved word. for example, you can create a table
// containing a column named 'key', which is a MySQL reserved word, but you
// thereafter must refer to that column as `key`, with backticks, in any
// queries, to hint to MySQL's parser that you mean the column by that name
// and not the reserved word; otherwise, it's a parse error.
$sql = "UPDATE `rmstable2` SET `additional_notes` = '$additional_notes' WHERE `id` = '$id'";
// actually run the query
// this being an UPDATE query, the result is boolean and offers no
// additional useful information, so you need not capture it in a variable;
// the 'or die' clause will fire if it's false, and if it's true, you'll
// use mysql_affected_rows() to get the additional info you need.
mysql_query($sql)
or die(mysql_error());
// if the query failed, the script die()d on the previous line and didn't
// get here; if it did get here, you know the query succeeded
$resultcount = mysql_affected_rows($dbConn);
// this is technically correct but semantically odd; since you already included
// the 'additional_notes' value in the previous UPDATE query, and since
// that query certainly succeeded if we're evaluating this code at all,
// why run the same query again?
if ($resultcount == 1) {
mysql_query("UPDATE `rmstable2` SET `additional_notes` = '$additional_notes' WHERE `id` = '$id'")
or die(mysql_error());
}
// again, the 'or die' clauses mean that we can only have reached this point
// if the queries succeeded, so there's no need for an if() test here
echo "Update Successful!";
echo '<h3>Your case has been updated.</h3>';
// note the backslashes before the embedded double quotes; single quotes in
// tag attributes are technically invalid but most browsers will accept them,
// but you can use double quotes within a double-quoted string if you precede
// the embedded quotes with backslashes (called "escaping") to indicate that
// they're not to be taken as the end of the string
// (i.e., "\"\"" == '""')
echo "To see your changes please click <a href=\"/fullcase.php?id=$id\">here</a></b>";
?>