Why am I getting a MySQL "Request Empty" error?

Question

Why am I getting a MySQL "Request Empty" error?

$id = $_REQUEST['id']; $Section = $_REQUEST['section']; $Subject = $_REQUEST['subject']; $type = $_REQUEST['type']; $Start_date1 = isset($_REQUEST['startTxt'])?($_REQUEST['startTxt']):""; $Venue = isset($_REQUEST['venTxt'])?($_REQUEST['venTxt']):""; $Facilitator = isset($_REQUEST['faciTxt'])?($_REQUEST['faciTxt']):""; $Level = isset($_REQUEST['lvlLst'])?($_REQUEST['lvlLst']):""; $Date1 = $_REQUEST['date1']; if(isset($_REQUEST['EDIT'])) { mysql_query("UPDATE service SET Start_date='$Date1', Venue='$Venue', Facilitator='$Faci' WHERE ServiceID ='$id'"); if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo '<script type="text/javascript">'; echo 'alert("Changes have been save!");'; echo 'window.location="Admin_RecSchedMapLst.php";'; echo '</script>'; mysql_close($con); }

When I click "Save", it returns "Error: the request was empty" - why is this?

+6

php mysql

phpaddict Mar 11 '09 at 19:40

source share

3 answers

Please, for the love of the Internet, do not build your own SQL query. Use PDO .

+4

Paul tarjan Oct 15 '09 at 2:37

source share

You do not set the $ sql variable and call mysql_query () twice.

+3

jonstjohn Mar 11 '09 at 19:44

source share

Greg · Accepted Answer · 2009-03-11T19:44:19+0000

You call mysql_query() twice, once with a non-existent $sql parameter:

 mysql_query("UPDATE service SET Start_date='$Date1', Venue='$Venue', Facilitator='$Faci' WHERE ServiceID ='$id'"); if (!mysql_query($sql,$con))

it should be:

 if (!mysql_query("UPDATE service SET Start_date='$Date1', Venue='$Venue', Facilitator='$Faci' WHERE ServiceID ='$id'"))

You also do not avoid input, leaving you open for SQL injection. You should use the bound parameters ideally, or at least run your parameters with mysql_real_escape_string() .

For example:

 $Date1 = mysql_real_escape_string($Date1, $conn);

Why am I getting a MySQL "Request Empty" error?

More articles: