The sql_update()
function updates one or several records in an SQL table. The elements passed are not automatically filtered against SQL injection attacks as with sql_updateq()
, so you must watch out for SQL injection attacks and use sql_quote()
functions to secure the content when necessary.
The function accepts 6 parameters:
-
$table
is the SQL table in question, -
$exp
contains the modifications to be made, -
$where
, -
$desc
, -
$serveur
, -
$option
.
This function is principally used to modify values which use the same value as the column being updated, e.g.
// increment the column by 1
sql_update('table', array('column' => 'column + 1'));
Whenever data added with this function are likely to include apostrophes or originate from user data entry, it is important to secure the insert with the use of the sql_quote()
function:
sql_update('table', array('column' => sql_quote($value)));