insert data to replace data already there

not quite sure if theres a better way to describe that but im trying to insert data into a field thats set to be default ‘NULL’ (i’ve also tried just having it say “none”) and i’ve gotten this to work in a register setting but for some reason its not working now.

my form to get the name they want for “crewname”

Crew Name:


my “createcrew.php”
trys to inserts “crewname” into the user’s line in teh user table
and inserts the crewname adn user into the crew table
the rest is pretty much just to check if it worked


<? echo "$_POST[crewname]"; mysql_query("INSERT INTO users (crew) VALUES ('$_POST[crewname]') WHERE (username = '$_SESSION[username]')"); //this is my problem line (i think) mysql_query("INSERT INTO crew (crewname, member1) VALUES('$_POST[crewname]', '$_SESSION[username]') "); $query = mysql_query("SELECT crew FROM users WHERE(username = '$_SESSION[username]')"); while($row = mysql_fetch_array($query)) { $crew = $row['crew']; echo $crew; } if ($crew = "NULL"){ echo "
didnt work"; } else { echo "
worked"; } ?>


im not sure what ive done wrong, can i not use the same variable twice like i did? or did i mess up in my form?
also i am connected to my database by an included php file.

thanks yall

I do not think there is valid SQL construct INSERT … WHERE …
You need to use UPDATE statement if you wish to modify record, like this:

mysql_query(“UPDATE users SET crew=’$_POST[crewname]’ WHERE username = ‘$_SESSION[username]’”);

Also, make sure you sanitized the $_POST[crewname] and $_SESSION[username] values before using them in SQL query. For example if you have magic_quotes_gpc turned Off, and somebody choose crew name like O’Reilly - your query will return error, because you need to escape single quote in this case.

Sponsor our Newsletter | Privacy Policy | Terms of Service