[thelist] SQL statement construction
Adrian Fischer
adrian at logo-logic.com
Wed Oct 11 00:17:12 CDT 2000
Hi Guys 'n Gals,
By no means do I confess to knowing anything about SQL.....
This sub is supposed to access a table, search it until the data in column
usAuthenticate is equal to the data in $form{'CONFIRM'} and return that row
of information. It returns data but only the first row in the table. It
doesnt find the WHERE bit...
I have printed out the $form{'CONFIRM'} in the table at the end of the sub
and it is what I would expect so I assume it is being passed to the
statement correctly(?) I have changed it from int($form....) to
sqlEncode($form....) but that doesnt work at all.
I am sure its very simple. It just doesnt search through until it finds the
match with the inputed data and the data in the column...
The update part of the sub works fine...
Can someone point me in the right direction please?
sub update_confirmed {
my $db = &dbconnect;
my $dbh=$db->prepare("SELECT
usNum,usName,UsEmail,usPassword,usFullname,usStreet,usSuburb,usCity,usState,
usZip,usPhone,usAuthenticate FROM changeConfirm WHERE usAuthenticate=" .
int($form{'CONFIRM'}));
$dbh->execute();
($usernum,$username,$email,$password,$fullname,$street,$suburb,$city,$state,
$postcode,$phone,$confirm) = $dbh->fetchrow_array();
$dbh=$db->do("UPDATE tblUsers SET usEmail='" . sqlEncode($email) .
"',usPassword='" . sqlEncode($password) . "',usFullname='" .
sqlEncode($fullname) . "',usStreet='" . sqlEncode($street) . "',usSuburb='"
. sqlEncode($suburb) . "',usCity='" . sqlEncode($city) . "',usState='" .
sqlEncode($state) . "',usZip='" . sqlEncode($postcode) . "',usPhone='" .
sqlEncode($phone) . "' WHERE usNum=" . int($usernum));
&dbdisconnect($db);
print <<"EOF";
<TABLE><TR><TD>$username, your User Details have been successfully
updated.</td></tr></table>
EOF
}
Thanks
Adrian Fischer
More information about the thelist
mailing list