[RESOLVED] Updating a field

turtleton09

I'm just trying to edit some code to update a field in an orders table with a transaction code that wasn't there before, using some code in the return.php page.

At the moment it updates the the order status field using the code :

mysql_select_db($database_connOriental, $connOriental);
  $Result1 = mysql_query($updateSQL, $connOriental) or die(mysql_error());
}

if ("" == "") {
  $updateSQL = sprintf("UPDATE Orders SET OrderStatus=%s, WHERE OrderID=%s",
                       GetSQLValueString("Accepted", "text"),
                       GetSQLValueString($_SESSION['OrderNumber'], "int"));
	//die($updateSQL);
  mysql_select_db($database_connOriental, $connOriental);
  $Result1 = mysql_query($updateSQL, $connOriental) or die(mysql_error());
}

The transaction code appears on the page as :

$VendorTxCode = $values['VendorTxCode'];

and correctly displays using :

<? echo ($VendorTxCode); ?>

So I thought I needed to change the update code to :

mysql_select_db($database_connOriental, $connOriental);
  $Result1 = mysql_query($updateSQL, $connOriental) or die(mysql_error());
}

if ("" == "") {
  $updateSQL = sprintf("UPDATE Orders SET OrderStatus=%s WHERE OrderID=%s", VendorTxCode=%s
                       GetSQLValueString("Accepted", "text"),
		       GetSQLValueString($_POST['VendorTxCode'], "text"),
                       GetSQLValueString($_SESSION['OrderNumber'], "int"));
	//die($updateSQL);
  mysql_select_db($database_connOriental, $connOriental);
  $Result1 = mysql_query($updateSQL, $connOriental) or die(mysql_error());
}

But no joy - am I barking up the right tree with this?

turtleton09

Had a typo in the second part - the update part should have been :

 $updateSQL = sprintf("UPDATE Orders SET OrderStatus=%s WHERE OrderID=%s", VendorTxCode=%s 
                       GetSQLValueString("Accepted", "text"), 
               GetSQLValueString($_POST['VendorTxCode'], "text"), 
                       GetSQLValueString($_SESSION['OrderNumber'], "int"));

Still not working tho'.

liquorvicar

Not quite sure what you're trying to achieve, are you trying to add "VendorTxCode" to the conditions of the update (i.e. to the WHERE clause). If so

mysql_select_db($database_connOriental, $connOriental);
  $Result1 = mysql_query($updateSQL, $connOriental) or die(mysql_error());
}

if ("" == "") {
  $updateSQL = sprintf("UPDATE Orders SET OrderStatus=%s WHERE OrderID=%s and  VendorTxCode=%s",
                       GetSQLValueString("Accepted", "text"),
                       GetSQLValueString($_SESSION['OrderNumber'], "int"),
               GetSQLValueString($_POST['VendorTxCode'], "text"));
    //die($updateSQL);
  mysql_select_db($database_connOriental, $connOriental);
  $Result1 = mysql_query($updateSQL, $connOriental) or die(mysql_error());
}

Note, I can't see why you would want to do this as you only need one unique ID in the WHERE clause.

turtleton09

Argh! Sorry - that last bit is actually :

$updateSQL = sprintf("UPDATE Orders SET OrderStatus=%s, VendorTxCode=%s  WHERE OrderID=%s", 
                       GetSQLValueString("Accepted", "text"), 
               GetSQLValueString($_POST['VendorTxCode'], "text"), 
                       GetSQLValueString($_SESSION['OrderNumber'], "int"));

Basically added the VendorTxCode into my orders table, which is generated by the payment processor, so that the site owner can match up orders to the customer details he has access to via the payment processor.

turtleton09

Got this working finally - think it might have been because the code updating the database was before the code that unpacked the encrypted fields back from the payment processor.