0

I'm currently creating a ban form that bans users through the MySQLi database, however currently when I try to ban them, the 'active' changes to 0 as opposed to 2 and the banreason does not get updated... Here is the code

$qry = "UPDATE members SET active = '2' AND breason = '".$_POST['reason']."' WHERE login =  '".$_POST['login']."'";
$result = @mysqli_query($GLOBALS["___mysqli_ston"], $qry);
if($result) {
    header("location: banneduser?login=$login&reason=$reason");
    exit();
}else {
    die("Error:".((is_object($GLOBALS["___mysqli_ston"])) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)));
}

I am not receiving any error on the page.

Improve this question
15
  • Side question....where are you declaring $login and $reason, they are used as $_POST variables in the statement, and in your header they are just $login and $reason. Commented Jun 7, 2013 at 22:25
  • Try outputting your query before executing to see if it's correct: echo $qry; Commented Jun 7, 2013 at 22:26
  • @KyleK I initially used the variables, and I switched to $_Post wondering if it'd have any effect (I'm a noob when it comes to PHP) Commented Jun 7, 2013 at 22:31
  • @showdev I outputted the query and it displayed this UPDATE members SET active = '2' AND breason = 'omg' WHERE login = 'Test' Which is correct Commented Jun 7, 2013 at 22:37
  • 2
    also....just a quick thing to try....take the @ sign off of mysqli_query Commented Jun 7, 2013 at 22:37

1 Answer 1

Reset to default
1

Despite the fact that given the comments your code is insecure and you are ok with that, columns to be updated should not be separated by the AND operator in an UPDATE statement.

UPDATE [LOW_PRIORITY] [IGNORE] table_reference
    SET col_name1={expr1|DEFAULT} [, col_name2={expr2|DEFAULT}] ...
    [WHERE where_condition]
    ...

Replace your AND with a comma.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.