Impossible to UPDATE SQL data

Username (e.g. epiz_XXX) or Website URL

http://www.injehaks1k.epizy.com/

Error Message

Mycode:

$connect=mysqli_connect ($db_host,$db_user,$db_password,$db_name);

    switch($_GET['mode']){
        
        case 'modify':
           $result=mysqli_query('UPDATE haksik SET message = '.$_POST['Adminmessage'].' WHERE id = 1');
         
            header("Location: index.php");
            break;}

__________Modify Code

<form method="POST" action="server_up.php?mode=modify">
<input type="submit" name="Adminmessage" value="Available" style="color:black">

SQL content_____________

id | message
1 | 가나다라

Other Information

And, also data, ‘가나다라’(which is Korean) is presented as’???’
I’ve checked

  1. meta tag = utf-8
  2. table = utf8_general_ci
  3. As I know, I don’t have rights to change Database(image below is my current status)
    Plz HELP!
    )
    (other information and details relevant to your question)

Never, never avoid Prepared Statements while taking value from user and inserting it in your table without proper filtration, In your case I didn’t found any User Input but I’d like to suggest you about Prepared Statements.

Try this:-

PHP

<?php
$servername = "hostname";
$username = "username";
$password = "password";
$dbname = "myDB";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
  die("failed to connect: " . $conn->connect_error);
}
$msg = strip_tags($conn->real_escape_string($_POST['Adminmessage']));
$id = 1;
if($_GET['mode'] == "modify"){
$upd = $conn->prepare("UPDATE haksik SET message = ? WHERE id = ?");
$upd->bind_param("si", $msg, $id); 
$upd->execute();
} else if($_GET['mode'] == "anything"){
# then do something 
} else{
# then do something 
}

?>

HTML

<form method="POST" action="server_up.php?mode=modify">
<input type="submit" name="Adminmessage" value="Available" style="color:black">
</form>

I only make some changes try this code and then tell is this working or not.

7 Likes

It’s a known Bug in PHPMYADMIN, that’s why recommend to do not put special letters into the database via phpmyadmin.

6 Likes

Thanks! Super helpful tip!!!

Wow… I feel tremendous GAP btw you and me.
How GENIUS you are…! :open_mouth:

why did my code not work?

1 Like

Glad to help you

Because I believe the statement was incorrect.

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.