Update database based on form input - php

I am trying to perform an update on a database based on the input of a form but facing an issue. I have tried the below but it is not executing the command on the database. It needs to read in a value for decision and carry out a query based on the decision.Can anyone spot the issue here ?
html form code :
<center><div class="container">
<form action="update.php" onsubmit="return confirm('Are you sure you wish to update ?');">
<div class="row">
<div class="col-25">
<label for="decision">Would you like to add or subtract from current quantity?</label>
</div>
<div class="col-75">
<select id="decision" name="decision">
<option value="add">Add</option>
<option value="subtract">Subtract</option>
</select>
</div>
</div>
<br>
<div class="row">
<div class="col-25">
<label for="License Group ID">License Group ID</label>
</div>
<div class="col-75">
<input type="number" name="LicenseGroupID" placeholder="LicenseGroupID">
</div>
</div>
<br>
<div class="row">
<div class="col-25">
<label for="Quantity">Quantity</label>
</div>
<div class="col-75">
<input type="number" name="Quantity" placeholder="Quantity">
</div>
</div>
<br>
<div class="row">
<input type="submit" value="Update">
</div>
update.php
<html>
<?php
$serverName = "tcp:xxx,1433";
$options = array( "UID" => "aalicensemanager", "PWD" => "xxx", "Database" => "AALicenseManager");
$conn = sqlsrv_connect($serverName, $options);
if( $conn === false )
{
echo "Could not connect.\n";
die( print_r( sqlsrv_errors(), true));
}
$decision = $_POST['decision'];
$LicenseGroupID = $_POST['LicenseGroupID'];
$Quantity = $_POST['Quantity'];
$query = " CASE WHEN $decision = 'add'
THEN
UPDATE dbo.[tbl_license_group]
SET Quantity = Quantity + '$Quantity'
WHERE License_Group_ID = '$LicenseGroupID'
ELSE WHEN $decision = 'subtract'
THEN
UPDATE dbo.[tbl_license_group]
SET Quantity = Quantity - '$Quantity'
WHERE License_Group_ID = '$LicenseGroupID'" ;
$params1 = array($decision,$LicenseGroupID,$Quantity);
$result = sqlsrv_query($conn,$query,$params1);
sqlsrv_close($conn);
?>
</html>


Your update statement should look something like....
UPDATE dbo.[tbl_license_group]
SET Quantity = CASE
WHEN $decision = 'add' THEN Quantity + '$Quantity'
WHEN $decision = 'subtract' THEN Quantity - '$Quantity'
END
WHERE License_Group_ID = '$LicenseGroupID'
You need to put your case statement inside your update statement not update statement inside your case statement.

Related

How do i detect fields or columns in a mysql database that has been updated?

I am developing an application using MVC concept and I want to maintain a table which keeps record of the columns from different tables that have been updated.
this is the query in my controller:
if(!$error) {
$NAME = $_POST["NAME"];
$FNAME = $_POST["FNAME"];
$SNAME = $_POST["SNAME"];
$DNAME = $_POST["DNAME"];
$DOB = $_POST["DOB"];
$IDMARK = $_POST["IDMARK"];
$ES1NAME = $_POST["ES1NAME"];
$ES2NAME = $_POST["ES2NAME"];
$LANG1 = $_POST["LANG1"];
$LANG2 = $_POST["LANG2"];
$MATHS = $_POST["MATHS"];
$SS = $_POST["SS"];
$SCIENCE = $_POST["SCIENCE"];
$table = $_POST['table'];
$id = $_POST['id'];
$queryStr = mysql_query("UPDATE db_parent.$table SET NAME = '$NAME', FNAME = '$FNAME', SNAME = '$SNAME', DNAME = '$DNAME', DOB = '$DOB', IDMARK = '$IDMARK', ES1NAME = '$ES1NAME', ES2NAME = '$ES2NAME', LANG1 = '$LANG1', LANG2 = $LANG2, MATHS = '$MATHS', SS = '$SS', SCIENCE = '$SCIENCE' WHERE ID = '$id'") or die(mysql_error());
$queryUpdate= mysql_fetch_array($queryStr);
sys_url::redirect(sys_url::site("Department/childDepartment/Update?id=$id&table=$table"));
return;
}
This is the form :
<form id = "form" name = "myForm" method = "POST" onsubmit = "" action = "<?= sys_url::site('Department/childDepartment/Update?id='.$_GET['id'].'&table='.$_GET['table'])?>" >
<div class="row" >
<input type = "hidden" name = "id" value = "<?= $_GET['id']; ?>" >
<input type = "hidden" name = "table" value = "<?= $_GET['table']; ?>" >
<div class="col-lg-2 col-xs-12 col-sm-6" >
<label align = "left" > Name :</label >
<div class="form-group" >
<input class="form-control" name = "NAME" value = "<?= $student['NAME'] ?>" >
</div >
</div >
<div class="col-lg-2 col-xs-12 col-sm-6" >
<label align = "left" > Father's Name :</label>
<div class="form-group">
<input class="form-control" name="FNAME" value="<?= $student['FNAME'] ?>" >
</div>
</div>
.
.
.
.
<div class="col-lg-2 col-xs-12 col-sm-4 pull-right">
<div class="form-group">
<button type="submit" value="1" name="search" class="btn btn-primary">UPDATE</button>
</div>
</div>
</div>
</form>
The form will edit and update the fields. I have another updates_table that I would like to record which columns from which tables have been updated. I don't want to keep record of whole rows as that would overpopulate the database later on. How do I do it? I read somewhere about triggers and column_update() but I am not sure if I understood it properly. Thank you for all the support.

thanks for all your responses... anyways, i got the solution to the issue.
I used an array to store the old data from the database by calling a SELECT query before running the UPDATE query. And then the new data coming from the form is compared to the old data in the array one by one using a foreach loop. If the incoming data is same as the existing data then it is skipped. if not then i use another update query to update the table with the new data.

How to get parent name from its child?

I am going to build a dynamic product category with their subs for my final year project. I tried the tree way but somehow it make me confused so i decided to make it as simple. I want to display Clothe's parent name.I want to display it like this
Can i do it so ?
Here is my PHP code
<form method="post" action="product_category_add_exec.php" enctype="multipart/form-data">
<div class="form-group">
<label for="recipient-level" class="control-label"> Parent Category</label>
<select class="form-control" name="admin_lid" required="">
<option></option>
<?php
$sql_pcat = "SELECT * FROM product_category";
$select_pcat = mysqli_query($db,$sql_pcat) or die (mysqli_error().$sql_pcat);
$x =1;
while($list_pcat = mysqli_fetch_array($select_pcat))
{
$product_cat_id = $list_pcat['product_cat_id'];
$parent_id = $list_pcat['parent_id'];
$product_cat_name = $list_pcat['product_cat_name'];
?>
<?php
if ($parent_id == 0)
{
?>
<option value = "<?php echo $product_cat_id;?>"><?php echo $product_cat_name; ?></option>
<?php
} else
{
$sql_cat = "SELECT * FROM product_category WHERE parent_id= $parent_id ORDER BY product_cat_name ASC";
$select_cat = mysqli_query($db,$sql_cat) or die (mysqli_error().$sql_cat);
$list_cat = mysqli_fetch_array($select_cat);
$product_cat_id = $list_cat['product_cat_id'];
$parent_id = $list_cat['parent_id'];
$product_cat_name = $list_cat['product_cat_name'];
?>
<option value = "<?php echo $parent_id;?>">--<?php echo $parent_id;?><?php echo $product_cat_name; ?></option>
<?php
}
?>
<?php
$x++;
}
?>
</select>
</div>
<div class="form-group">
<label for="recipient-category" class="control-label">Product Name </label>
<input type="text" class="form-control" id="recipient-category" name="product_cat_name">
</div>
</div>
<div class="modal-footer">
<button type="submit" class="btn btn-info">Add</button>
<button type ="reset" class ="btn btn-danger">Reset</button>
</div>
</form>
This is my database table
I want to make it appear like this

Fetching data on textarea & dropdown doesn't work

I'm trying to do an update page, the data that I'm fetching are input texts, dates, dropdowns and a textarea.
The data on input texts & date works completely fine however, the data on my dropdowns and textarea wont appear.
I still can update it, the only problem here is it just won't appear. So I'm hoping if anybody can help me and see what I missed in my coding.
How my form looks like:
Solution:
I've found the solution to this question and below is my new html coding. There a few php coding that I edited at the dropdown and the dates.
Updated html code:
php code that are outside from my html:
<?php
session_start();
require('db.php');
include("auth.php");
$noID=$_REQUEST['noID'];
$query = "SELECT * from daftartempah where noID='".$noID."'";
$result = mysqli_query($con, $query) or die ( mysqli_error());
$row = mysqli_fetch_assoc($result);
?>
php code that are inside my html:
<?php
$status = "";
if(isset($_POST['new']) && $_POST['new']==1)
{
$noID=$_REQUEST['noID'];
$trn_date = date("Y-m-d H:i:s");
$pemohon =$_REQUEST['pemohon'];
$trkhMula = $_REQUEST['trkhMula'];
$trkhAkhir =$_REQUEST['trkhAkhir'];
$n_program = $_REQUEST['n_program'];
$lokasi =$_REQUEST['lokasi'];
$n_anjuran = $_REQUEST['n_anjuran'];
$catatan = $_REQUEST['catatan'];
$status_hr = $_REQUEST['status_hr'];
$submittedby = $_SESSION["username"];
$update="update daftartempah set trn_date='".$trn_date."', pemohon='".$pemohon."', trkhMula='".$trkhMula."', trkhAkhir='".$trkhAkhir."', n_program='".$n_program."', lokasi='".$lokasi."', n_anjuran='".$n_anjuran."', catatan='".$catatan."', status_hr='".$status_hr."', submittedby='".$submittedby."' where noID='".$noID."'";
mysqli_query($con, $update) or die(mysqli_error());
$status = "Record Updated Successfully. </br></br>
<a href='Page8.php'>View Updated Record</a>";
echo '<p style="color:#FF0000;">'.$status.'</p>';
}else {
?>
Dropdowns:
<div class="form-group row text-left">
<label for="example-text-input" class="col-3 col-form-label"><b>Dept/Kelab/Anjuran: </b></label>
<div class="col-8">
<select class="form-control" name="n_anjuran" id="namaAnjuran">
<option selected name="" value="<?php echo $row['n_anjuran'];?>"><?php echo $row['n_anjuran'];?></option>
<?php
$sql = mysqli_query($con, "SELECT kd_dept, desc_dept From koddept");
$rows = mysqli_num_rows($sql);
while ($rows = mysqli_fetch_array($sql)){
echo "<option value='". $rows['kd_dept'] ."'>" .$rows['desc_dept'] ."</option>" ;
}
?>
</select>
</div>
</div>
Textarea:
<div class="form-group row text-left">
<label for="exampleTextarea" class="col-3 col-form-label"><b>Catatan: </b></label>
<div class="col-8">
<textarea class="form-control" rows="3" name="catatan" required><?php echo $row['catatan'];?></textarea>
</div>
</div>
My new form:
All questions are welcome, feel free to comment and ask, I'll try to help.

Saving data in mysql using dynamic field names [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
I have mysql table storing company id, opening/closing hours for days of week and status (closed/open). Made form with fields and updating function. It looks like this. Works, but i believe it can be optimised. Can you suggest how?
FORM:
<form role="form" method="post" action="" autocomplete="off">
<div class="box-body">
<div class="row">
<div class="col-sm-3 text-bold"><div class="padd bg-gray-light">Day</div></div>
<div class="col-sm-3 text-bold"><div class="padd bg-gray-light">Status</div></div>
<div class="col-sm-3 text-bold"><div class="padd bg-gray-light">Opening</div></div>
<div class="col-sm-3 text-bold"><div class="padd bg-gray-light">Closing</div></div>
</div>
<?php while ($h = dbarray($get_hours)) { ?>
<input type="text" name="day" value="<?php echo $h['day_day']; ?>">
<?php
// FORM VALUES
if ($h['day_status'] == 1) {
$status_o = "checked";
$status_c = "";
}
if ($h['day_status'] == 0) {
$status_o = "";
$status_c = "checked";
}
?>
<div class="row">
<div class="col-sm-3">
<h4><?php echo $l['day_'.$h[day_day]]; ?></h4>
</div>
<div class="col-sm-3">
<div class="input-group">
<div class="checkbox">
<label><input type="radio" name="status_<?php echo $h['day_day']; ?>" value="1" <?php echo $status_o; ?>> Dirbame</label>
<label><input type="radio" name="status_<?php echo $h['day_day']; ?>" value="0" <?php echo $status_c; ?>> Uždaryta</label>
</div>
</div>
</div>
<div class="col-sm-3">
<div class="form-group">
<input type="text" name="open_<?php echo $h['day_day']; ?>" class="form-control <?php if ($h['day_status'] == 0) { echo "bg-gray"; } ?>" value="<?php echo $h['day_open']; ?>">
</div>
</div>
<div class="col-sm-3">
<div class="form-group">
<input type="text" name="close_<?php echo $h['day_day']; ?>" class="form-control <?php if ($h['day_status'] == 0) { echo "bg-gray"; } ?>" value="<?php echo $h['day_close']; ?>">
</div>
</div>
</div>
<hr style="margin: 3px 0;">
<?php } ?>
</div>
<div class="box-footer">
<button type="submit" name="save" class="btn btn-success pull-right">Save</button>
</div>
</form>
UPDATING PHP:
<?php
if (isset($_POST['save'])) {
// VALUES
$mon_status = stripinput(descript($_POST['status_1'])); $mon_open = stripinput(descript($_POST['open_1'])); $mon_close = stripinput(descript($_POST['close_1']));
$tue_status = stripinput(descript($_POST['status_2'])); $tue_open = stripinput(descript($_POST['open_2'])); $tue_close = stripinput(descript($_POST['close_2']));
$wed_status = stripinput(descript($_POST['status_3'])); $wed_open = stripinput(descript($_POST['open_3'])); $wed_close = stripinput(descript($_POST['close_3']));
$thu_status = stripinput(descript($_POST['status_4'])); $thu_open = stripinput(descript($_POST['open_4'])); $thu_close = stripinput(descript($_POST['close_4']));
$fri_status = stripinput(descript($_POST['status_5'])); $fri_open = stripinput(descript($_POST['open_5'])); $fri_close = stripinput(descript($_POST['close_5']));
$sat_status = stripinput(descript($_POST['status_6'])); $sat_open = stripinput(descript($_POST['open_6'])); $sat_close = stripinput(descript($_POST['close_6']));
$sun_status = stripinput(descript($_POST['status_7'])); $sun_open = stripinput(descript($_POST['open_7'])); $sun_close = stripinput(descript($_POST['close_7']));
// UPDATE
$result1 = dbquery("UPDATE a_days SET day_status='".$mon_status."', day_open='".$mon_open."', day_close='".$mon_close."' WHERE day_day=1");
$result2 = dbquery("UPDATE a_days SET day_status='".$tue_status."', day_open='".$tue_open."', day_close='".$tue_close."' WHERE day_day=2");
$result3 = dbquery("UPDATE a_days SET day_status='".$wed_status."', day_open='".$wed_open."', day_close='".$wed_close."' WHERE day_day=3");
$result4 = dbquery("UPDATE a_days SET day_status='".$thu_status."', day_open='".$thu_open."', day_close='".$thu_close."' WHERE day_day=4");
$result5 = dbquery("UPDATE a_days SET day_status='".$fri_status."', day_open='".$fri_open."', day_close='".$fri_close."' WHERE day_day=5");
$result6 = dbquery("UPDATE a_days SET day_status='".$sat_status."', day_open='".$sat_open."', day_close='".$sat_close."' WHERE day_day=6");
$result7 = dbquery("UPDATE a_days SET day_status='".$sun_status."', day_open='".$sun_open."', day_close='".$sun_close."' WHERE day_day=7");
}
?>

Loop over the numeric suffixes of the field names.
$results = array();
foreach (range(1, 7) AS $daynum) {
$status = stripinput(descript($_POST['status_' . $daynum]));
$open = stripinput(descript($_POST['open_' . $daynum]));
$close = stripinput(descript($_POST['close_' . $daynum]));
$results[$daynum] = dbquery("UPDATE a_days SET day_status='".$status."', day_open='".$open."', day_close='".$close."' WHERE day_day='.$daynum);
}

Form edit is blanking out my entries

So I've got a form to edit entries which is populating with what has already been entered from the database. When I make an edit, it is saving and redirecting me back to the listing page with no errors, but it's not changing anything. I'm guessing it's getting confused as to where to pull the values from.
This is the the SQL Query to populate the form with the values (this part works):
<?php
// query db
$gigid = $_GET['gigid'];
$con = mysqli_connect("***********","***********","***********","***********");
$result = mysqli_query($con, "SELECT * FROM gigs WHERE gigid=$gigid") or die(mysqli_error());
$row = mysqli_fetch_array($result);
mysqli_close($con);
// check that the 'id' matches up with a row in the databse
if($row)
{
// get data from db
$gig_name = $row['gig_name'];
$gig_type = $row['gig_type'];
$gig_date = $row['gig_date'];
$gig_customer = $row['gig_customer'];
$gig_venue = $row['venue_name'];
$gig_fee = $row['gig_fee'];
$gig_status = $row['gig_status'];
}
?>
This is an excerpt from the form:
<form class="form-horizontal" id="create-ticket" method='post' action='edit_gig_process.php? gigid=<?php echo $_GET['gigid']; ?>'>
<fieldset>
<legend>Edit Gig Information</legend>
<input type="hidden" class="input-xxlarge" id="gig_date_created" name="gig_date_created">
<input type="hidden" class="input-xxlarge" id="userid" name="userid">
<div class="control-group">
<label class="control-label" for="gigid">Gig ID</label>
<div class="controls">
<input type="text" name="gigid" disabled="disabled" value="<?php echo $_GET['gigid']; ?>" />
</div>
</div>
<div class="control-group">
<label class="control-label" for="gig_name">Gig Name (Required)</label>
<div class="controls">
<input type="text" class="input-xxlarge" id="gig_name" value="<?php echo $row['gig_name']; ?>" name="gig_name">
</div>
</div>
This is an excerpt from the update query:
$gigid = $_GET['gigid'];
$sql= "UPDATE gigs set
gig_name='$gig_name',
gig_type='$gig_type',
gig_customer='$gig_customer',
gig_date='$gig_date_created',
gig_start_time='$gig_start_time',
gig_end_time='$gig_end_time',
gig_fee='$gig_fee',
gig_status='$gig_status',
venue_name='$venue_name',
venue_address='$venue_address',
venue_contact='$venue_contact',
WHERE
gigid='$gigid'";
header('Location: http://managegigs.com/cp/my-gigs.php');
mysqli_close($con);

You are not running a update query, your update is just a string.
After
$sql= "UPDATE gigs set
gig_name='$gig_name',
gig_type='$gig_type',
gig_customer='$gig_customer',
gig_date='$gig_date_created',
gig_start_time='$gig_start_time',
gig_end_time='$gig_end_time',
gig_fee='$gig_fee',
gig_status='$gig_status',
venue_name='$venue_name',
venue_address='$venue_address',
venue_contact='$venue_contact'
WHERE
gigid='$gigid'";
add:
mysqli_query($con,$sql);
also, at least change this:
$gigid = $_GET['gigid'];
add:
$gigid = mysqli_real_escape_string($gigid);
directly after to have it a little secured. Putting $_GET directly to DB is dangerous.
Uploadpart in complete:
$gig_name = $_POST['gig_name'];
// fetch all $_POST(ed) data
// and secure with
$gig_name = mysqli_real_escape_string($con,$gig_name);
$gigid = $_GET['gigid'];
$gigid = mysqli_real_escape_string($con,$gigid);
$sql= "UPDATE gigs set
gig_name='$gig_name',
gig_type='$gig_type',
gig_customer='$gig_customer',
gig_date='$gig_date_created',
gig_start_time='$gig_start_time',
gig_end_time='$gig_end_time',
gig_fee='$gig_fee',
gig_status='$gig_status',
venue_name='$venue_name',
venue_address='$venue_address',
venue_contact='$venue_contact'
WHERE
gigid='$gigid'";
mysqli_query($con,$sql);
header('Location: http://managegigs.com/cp/my-gigs.php');
mysqli_close($con);

Categories