i posting in order see if me solve little problem. right have code:
visible $sqlupdate = "update user.user set level='1' id='".$_get['char']."' , level >249 , power>0 limit 1";
what want if query runs, print correct
, otherwise, error
.
what tried:
visible $sqlupdate = "update user.user set level='1' id='".$_get['char']."' , level >249 , power>0 limit 1"; $updatepos = mysql_query($sqlupdate); if($sqlupdate==1) { } else { echo'<p class="as">correct.</p>'; } } else { echo'<p class="as">error .</p>'; }
but not work.
use mysql_affected_rows()
returns number of affected rows on success, and -1 if last query failed.
$chrval = $_get['char']; $sqlupdate = "update user set level = '1' id = '$chrval' , level > 249 , power > 0 limit 1"; $updatepos = mysql_query($sqlupdate); if(mysql_affected_rows() >= 1) { echo'<p class="as">correct.</p>'; } else { echo'<p class="as">error .</p>'; }
as sidenote, query vulnerable sql injection
if value(s) of variables came outside. please take @ article below learn how prevent it. using preparedstatements
can rid of using single quotes around values.
Comments
Post a Comment