Can anyone find problem with SQL statement?

Question

0.00/5 (No votes)

See more:

Hi, i recently resolved this - but of course i lost my work

I am working on update query which inserts points into table

Currently, i have var_dump every possible variable and all of them are correct.

The SQL statement also coming back as TRUE but it's not changing anything in database

Can anyone HELP asap?

What I have tried:

while ($dbRow=$dbQuery->fetch(PDO::FETCH_ASSOC)) {
$points = $dbRow['Points'];
$pointsDeduction =-20;
 }

if($daysLeft == $End) {
		 $stmt = $conn->prepare("UPDATE Profile SET Points = $points - $pointsDeduction WHERE UserID= $UserID WHERE UserID= $UserID");
		$dbQuery->execute();
	echo" - 20 points will be deducted</h4></center></h4>";
  }

Posted 27-Mar-18 13:16pm

Member 13637584

Updated 27-Mar-18 21:13pm

Add a Solution

Comments

Paulo Zemek 27-Mar-18 20:03pm

Not sure about this code as I never used PHP, but there are many things I see that aren't quite fine.

First: you have WHERE UserID= $UserID WHERE UserID... I don't think two WHERE together are ever going to work.

Anyways, don't you need to commit the transaction or something? Again, I don't know PHP, but most databases require a Commit, or else all the actions would be rolled-back.

Maciej Los 28-Mar-18 2:26am

Good point!
A Where clause can not occur twice.

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Patrice T · Answer 1 · 2018-03-27T14:21:00

Just to know what is hoing on, I would do a couple changes:

PHP

// the loop will do something useful only on last row
while ($dbRow=$dbQuery->fetch(PDO::FETCH_ASSOC)) {
  $points = $dbRow['Points'];
  $pointsDeduction =-20; // this is constant value and should be out of loop
}

if($daysLeft == $End) {
  $stmt = $conn->prepare("UPDATE Profile SET Points = $points - $pointsDeduction WHERE UserID= $UserID WHERE UserID= $UserID");
  $dbQuery->execute();
  echo" - 20 points will be deducted</h4></center></h4>";
}

This "$points - $pointsDeduction" translate to "$points - -20" and to "$points + 20".
Are you sure about it ?
Your SQL command repeat the where clause 2 times.

I would change the sql command to smething like:

PHP

$stmt = $conn->prepare("UPDATE Profile SET Points = Points - 20 WHERE UserID= $UserID");

-----
Learn to indent properly your code, it show its structure and it helps reading and understanding. It also helps spotting structures mistakes.

PHP

while ($dbRow=$dbQuery->fetch(PDO::FETCH_ASSOC)) {
  $points = $dbRow['Points'];
  $pointsDeduction =-20;
}

if($daysLeft == $End) {
  $stmt = $conn->prepare("UPDATE Profile SET Points = $points - $pointsDeduction WHERE UserID= $UserID WHERE UserID= $UserID");
  $dbQuery->execute();
  echo" - 20 points will be deducted</h4></center></h4>";
}

Professional programmer's editors have this feature and others ones such as parenthesis matching and syntax highlighting.
Notepad++ Home[^]
ultraedit[^]

Jochen Arndt · Answer 2 · 2018-03-27T21:14:00

As already mentioned you have two WHERE clauses. This won't work.
You are also passing a calculated value which might also not work as expected.

This should work:

PHP

if($daysLeft == $End) {
    newPoints = $points - 20;
    $stmt = $conn->prepare("UPDATE Profile SET Points=$newPoints WHERE UserID=$UserID");
    $dbQuery->execute();
}

When $UserID is not a numerical value it should be quoted (must be when it might contain spaces):

PHP

$stmt = $conn->prepare("UPDATE Profile SET Points=$newPoints WHERE UserID='$UserID'");

But then you should use a parameterised queries instead when $UserID is from a user input to avoid SQL injections.

Can anyone find problem with SQL statement?

2 solutions

Solution 1

Solution 2

Add your solution here

Preview 0