http://qs1969.pair.com?node_id=1231417


in reply to Re: mysql update table how to
in thread mysql update table how to

near '<> '

what is near <>? Right before it is an equals sign. So you are asing for "Disabled equals-to not-equals-a-value". so which is it, equals or not-equals that you want?

Replies are listed 'Best First'.
Re^3: mysql update table how to
by VC (Novice) on Mar 19, 2019 at 16:29 UTC

    That is the code poj gave me so I don't know?

      Nonsense. poj wrote

      my $sql = 'SELECT ID,DISABLED FROM EmployerJobs WHERE Username = ? AND UserPassword = ? AND Userid = ? AND Disabled <> ?';

      which is valid SQL. Whereas you wrote

      my $sql = 'SELECT ID,Disabled FROM EmployerJobs WHERE Username = ? AND Password = ? AND USERID = ? AND Disabled = <> ?';

      which is not.

Re^3: mysql update table how to
by VC (Novice) on Mar 19, 2019 at 16:02 UTC

    what you see in the code

      let me be clear as to what I want to do, I want to update only one field (Disabled) among 27 fields and I am not sending info (param())for the other 26 fields at the same time.

      I did notice when I used the code below that worked once, that it deleted the information other fields, except the Disabled, Username, Password and ID which were in the current param(). The user has multiple ads that need to be Disabled & re enabled when the administrator wants, can this be done and How? I was thinking that I should not use the tbl_info to do it, as it uses all the fields to update using the param() to do it, Please help!

      use strict; use warnings; use DBI; my $userid = DB::trim( param('Userid') ); # ?? my $username = DB::trim( param('Username') ); my $password = DB::trim( param('Password') ); my $DISABLED = ucfirst ( DB::trim( param('Disabled') ) || '' ); $DISABLED = 'No' unless $DISABLED eq 'Yes'; my $sql = 'SELECT ID,Disabled FROM EmployerJobs WHERE Username = ? AND Password = ? AND USERID = ? AND Disabled = <> ?'; my $dbh = DB::connect(); my $tbl_info = DB::TableInfo->get ($dbh, "EmployerJobs"); my $sth = $dbh->prepare($sql); $sth->execute($username, $password, $userid, $DISABLED); while ( my $row = $sth->fetchrow_hashref() ){ param (-name => "Disabled", -value => $DISABLED); param (-name => "ID", -value => $row->{ID}); $tbl_info->update_record ($dbh, "ID"); #print "Content-Type: text/html\n\n"; #printf "Updated ID '%s' from '%s' to '%s'\n",$row->{ID},$row->{DISA +BLED},$DISABLED; };

      This is the correct code to do the JOB

      use strict; use warnings; use DBI; my $userid = DB::trim( param('USERID') ); my $DISABLED = DB::trim( param('Disabled')); my $sql= "UPDATE EmployerJobs SET Disabled = ". "'$DISABLED' where USERID = '$userid'"; $dbh = DB::connect (); $dbh->prepare($sql); $dbh->do($sql); $dbh->disconnect ();

      Thanks everyone!

        And now guess what happens when someone calls it with the parameter USERID set to
        Robert'; DROP TABLE EmployerJobs; --

        Update: Fixed the SQL syntax to make it real.

        map{substr$_->[0],$_->[1]||0,1}[\*||{},3],[[]],[ref qr-1,-,-1],[{}],[sub{}^*ARGV,3]