Timelord Posted May 10, 2015 Report Share Posted May 10, 2015 Salutare!Am un site cu o baza de date cu o tablea cu useri si vreau sa adaug o optiune prin care userul loggat sa poata adauga diferite detalii cum ar fi emailu' in campuri deja existente din tabela useri,dar n-am reusit,imi adauga informatiile dar nu pentru useri ci intr-un rand nou cu restul campurilor goale.Codul:$query = mysql_query("INSERT INTO users (email) VALUES('".$email."')");Exista vreo modalitate de a rezolva problema fara sa creez o noua tabela? Quote Link to comment Share on other sites More sharing options...
Gio33 Posted May 10, 2015 Report Share Posted May 10, 2015 Fiindca nu e corect ceea ce faci, in loc sa updatezi detaliile userului logat, tu inserezi detalii pe un rand nou (gol) din tabelul de useri.Normal ar fi ceva de genu :$sql = "UPDATE users SET email = '{$email}' WHERE id = {$id_user_logat};"; Quote Link to comment Share on other sites More sharing options...
TheTime Posted May 10, 2015 Report Share Posted May 10, 2015 $query = mysql_query("UPDATE users SET email = '".$email."' WHERE userid = '".$email."'");Read me! Quote Link to comment Share on other sites More sharing options...
Timelord Posted May 10, 2015 Author Report Share Posted May 10, 2015 Multumesc pentru ajutor Quote Link to comment Share on other sites More sharing options...
behave Posted May 10, 2015 Report Share Posted May 10, 2015 @TimelordDesi sunt baieti buni au omis sa-ti zica sa citesti asta: https://www.google.ro/search?q=sql+injectionSi apoi citeste si asta https://www.google.ro/search?q=xss* Link 2 te ajuta la afisaremysql_query este deprecated dar daca tot ai inceput sa te folosesti si de mysql_real_escape_string** Cauta tu mai multe ca doar asa inveti Quote Link to comment Share on other sites More sharing options...
EAdrian Posted May 10, 2015 Report Share Posted May 10, 2015 Folose?te PDO Quote Link to comment Share on other sites More sharing options...
AlexSK Posted May 23, 2015 Report Share Posted May 23, 2015 Sau mai simplu<?php$db = new MySQLi('localhost', 'nume_utilizator', 'parola', 'nume_baza_de-date');if($db->connect_error) { die("Connection failed: " . $db->connect_error);}$sql = $db->query("UPDATE `users` SET `email` = '{$email}' WHERE `id` = {$id_user_logat} LIMIT 1;");if(!$sql->error) { die("Query Error".$sql->error);succes. este mult mai usor mysqli si eficient decat mysql Quote Link to comment Share on other sites More sharing options...