Yikes!! Really weird bug.

[ViciOuS]

Hello!, I have been getting this really weird bug when I update mysql table rows.

i.e.
$do = mysql_query("UPDATE Users SET Password = '$password' WHERE Password = '$pw' LIMIT 1") or die(mysql_error());

It updates the top row instead of the one its supposed to and doesn't leave me any errors (which can be very hectic, especially when changing passwords). I have tryed a wide variety of things but still I cannot figure this out.

Not only have i been getting this bug with my editing news script, but I am getting it Everywhere i try to update a table row.

Help would be much appreciated

[scrowler]

try using WHERE id = '$id' instead of WHERE Password = '$pw', provided that ID is a unique key, it can only update 1 row.

[Order]

LIMIT seems kinda pointless, if you are specific and use ids, you probably can drop it safely.

[ViciOuS]

Okay, I fixed up the change pw script for now but i'm still getting the same bug with my news script.

editnews.php

Code:

<?php
session_start();
if($_SESSION['s_logged_n'] == 'true'){

include('config.php');

$ID = $_GET['id'];

$sql = mysql_query("SELECT * FROM news WHERE id='$ID'");
$row = mysql_fetch_array($sql);
$title = $row['title'];
$news = $row['news'];

 if(!$action)
{
?>

<html><head><title></title>
<style>
<!--
a{text-decoration:none}
//-->
</style>
<style>
a:visited{color:blue; text-decoration:none; }
a:active{color:red; text-decoration:none; }
a:link{color:red; text-decoration:none; }
a:hover{color:orange; text-decoration:underline; }
</style>
<link href="style.css" type="text/css" rel="stylesheet">
</head>
<div align="center">
 <FORM method="post" action="?action=submit" name="editnews">
  <TABLE width="80%" valign="center">
    <tr>
      <td><font color="#555555" face="Verdana, Arial, Helvetica, sans-serif" size="2">
&nbsp;<b>Title </b></td>
      <td><INPUT class="input-box1" type="text" name="title" value="<?php echo $title; ?>"></td>
    </tr>
    <tr>
      <td><font color="#555555" face="Verdana, Arial, Helvetica, sans-serif" size="2">
&nbsp;<b>News </b></td>
      <td><TEXTAREA class="input-box1" Name="news" Rows="15" Cols="55"><?php echo $news; ?></TEXTAREA></td>
    </tr>
  </TABLE>
  <TABLE width="80%" valign="center">
    <tr>
     <td><center>
        <INPUT class="submit1" type="submit" tabindex="5" name="submit" value="Update News">
       </center></td>
    </tr>
  </TABLE>
 </FORM>
<br>
<hr width="50%">
<center>
 <FORM action="editnews_interface.php" method="post" name="back">
   <INPUT class="submit2" type="submit" name="back" value="Back">
 </FORM>
</div>

<?php
}
 else if($action == "submit")
 {
  $sql = mysql_query("SELECT * FROM news ORDER BY id DESC LIMIT 1");
   while($row = mysql_fetch_array($sql)) {

    $title = trim(addslashes($_POST['title']));
    $date = date("m.d.y");
    $news = $_POST['news'];
    $id = $row['id'];

    $worked1 = mysql_query("UPDATE news SET title='$title' WHERE id='$id'");
    $worked3 = mysql_query("UPDATE news SET date='$date' WHERE id='$id'");
    $worked2 = mysql_query("UPDATE news SET news='$news' WHERE id='$id'");

 if((!$worked1) || (!$worked2) || (!$worked3)) {
   die('Didn\'t work because' . mysql_error());}

else{
   echo 'Successfully updated ' . $title . '. (ID# ' . $id . ')<br><br>
<a href="editnews_interface.php" target="iframe2">Return to Editing/Deleting News</a>';}
}
}

}
 else{ header("Location: login.php");
} 
?>

[scrowler]

$id = $row['id'];

should it be

$id = $_GET['id'];

?

[BlodoPKNZ]

Quote:

Originally Posted by Order

LIMIT seems kinda pointless, if you are specific and use ids, you probably can drop it safely.

Yeh well some people get used to it as a safety measure. It doesnt do too much good but it wont cause any errors either.

[ViciOuS]

Well, $_GET['id'] just returns null and if i put + 0 at the end then it just returns 0. So I tryed using the row id instead and it updates the very top row and nothing else.

Also, I use $_GET['id'] at the top of my script, and that seems to work fine because it displays the right row content.