oracle update with php

Navigation
2

Good I want to do an update from php to a database oracle.But I get the following bug

  

connection made Warning: oci_execute (): ORA-00911: invalid   character in C: \ xampp \ htdocs \ Challenge \ activation.php on line 20 

<?php 
$codigo=$_POST["codigo"];




$conn = oci_connect('admin', '123', '192.168.0.28/XE');
if (!$conn) {
    $e = oci_error();
    trigger_error(htmlentities($e['message'], ENT_QUOTES), E_USER_ERROR);
}else{
    echo"conexion realizada";
}



$query = "UPDATE usuarios SET activacion= 0 WHERE codigo = '$codigo';";

$stid = oci_parse($conn, $query);
oci_execute($stid);

?>
    
asked by francisco 23.05.2018 в 01:25
source

1 answer

1

You have to remove the semicolon at the end of the sentence: 

$query = "UPDATE usuarios SET activacion= 0 WHERE codigo = '$codigo'";

That's why the Manual says:

  

SQL statements should not end with a semicolon   (";") . The PL / SQL statements should end with a period and   comma (";").

Note on security

Consider giving security to your code by applying the criteria of prepared queries. 

$query = "UPDATE usuarios SET activacion= 0 WHERE codigo = :codigo";
$stid = oci_parse($conn, $query);
oci_bind_by_name($stid, ":codigo", $codigo);
oci_execute($stid);

That way you will shield your code against SQL Injection attacks.

    
answered by 23.05.2018 / 01:34
source
Revert output from print_r to its original PHP array mysql delete row "almost" duplicated