ansaurus

Question

Answer 1

+3 A:

Your PHP probably looks like this now:

$sql = 'UPDATE `subscribers` SET `curDate` = NOW() WHERE `e_mail` = "$resEmail"';

The single quotes prevent the variable's value from being substituted into the string. You will need to change it to this:

$sql = "UPDATE `subscribers` SET `curDate` = NOW() WHERE `e_mail` = '$resEmail'";

You should also be aware that you may have an SQL injection vulnerability here. Consider using mysql_real_escape_string to escape the email address.

$sql = "UPDATE `subscribers` SET `curDate` = NOW() WHERE `e_mail` = '" .
       mysql_real_escape_string($resEmail) . "'";

Mark Byers 2010-04-27 19:25:14

Can I insert php-variables in single quotes?

Ockonal 2010-04-27 19:26:01

@Ockonal: If the entire string is in double quotes, the single quotes inside that string don't prevent the php-variable from being interpreted.

Mark Byers 2010-04-27 19:27:20

"In MySQL strings must be surrounded by single quotes, not double quotes." - only true if the server mode `ANSI_QUOTES` is set, see http://dev.mysql.com/doc/refman/5.0/en/string-syntax.html

VolkerK 2010-04-27 19:29:10

@VolkerK: Sorry... you are right: +1, I removed that incorrect line. But the change I suggested should still work because the single quotes that I assume are there (but not included in the question) will prevent the variable from being substituted into the string in PHP. Swapping the single and double quotes should fix this.

Mark Byers 2010-04-27 19:32:20

Answer 2

A:

Since you're using timedate function which is based on proper timestamp, try setting it with Timestamp(Now()).

Mikulas Dite 2010-04-27 19:35:12

ansaurus

tags:

views:

answers:

Mysql - NOW() function calling

related questions