I have been trying to create a CRUD for a project and everything works great, except the update part. When I click the href of the edit of the specified row it does appear on the input fields. However when I click the editbtn the variables of the specific row are not updated and i am redirected where I was and the url gives me ?user=edited meaning that it went through the decision but for some reason they werent updated.
In my database there is one table(users) with the following rows user_id, user_uid, user_email, user_pwd, user_status and user_level. I am fairly new to php so i was hoping that you could pinpoint my mistake/s.
The connection to the database
dbh.inc.php
<?php
$dbServername = "localhost";
$dbUsername = "username";
$dbPassword = "*******";
$dbName = "username_Project";
$conn = mysqli_connect($dbServername, $dbUsername, $dbPassword, $dbName );
?>
The index
admin_panel_users.php
<?php
session_start();
include 'includes/dbh.inc.php';
if (isset($_GET['edit'])) {
$id = $_GET['edit'];
$update = true;
$record= mysqli_query($conn, "SELECT * FROM users WHERE user_id=$id");
if ($record == 1 ) {
$n = mysqli_fetch_array($record);
$uid = $n['user_uid'];
$email = $n['user_email'];
$pwd = $n['user_pwd'];
$status = $n['user_status'];
$level = $n['user_level'];
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
.....
</head>
<body>
<?php
$result = mysqli_query($conn,"SELECT * FROM users");?>
<table border='2'>
<tr>
<th>Username</th>
<th>Email</th>
<th>Password</th>
<th>Status</th>
<th>Level</th>
<th>Actions</th>
</tr>
<?php while($row = mysqli_fetch_array($result)){?>
<tr>
<td><?php echo $row['user_uid'];?> </td>
<td><?php echo $row['user_email'];?></td>
<td><?php echo $row['user_pwd'];?></td>
<td><?php echo $row['user_status'];?></td>
<td><?php echo $row['user_level'];?></td>
<td>
<a href="admin_panel_users.php?edit=<?php echo $row['user_id']; >"
class="edit_btn">
<span class="glyphicon glyphicon-pencil"></span></a>
<a href="includes/deleteusers.inc.php?user_id=<?php echo $row['user_id'];>">
<span class="glyphicon glyphicon-trash"></span></a></td>
</tr>
<?php } ?>
<tr>
<form class="something" action="includes/addusers.inc.php" method="POST">
<td><input type="text" name="uid" class="uid" placeholder="Username"
value="<?php echo $uid; ?>"></td>
<td><input type="text" name="email" class="email" placeholder="Email"
value="<?php echo $email; ?>"></td>
<td><input type="text" name="pwd" class="pwd" placeholder="Password"
value="<?php echo $pwd; ?>"></td>
<td><input type="text" name="status" class="status" placeholder="Status"
value="<?php echo $status; ?>"></td>
<td><input type="text" name="level" class="level" placeholder="Level"
value="<?php echo $level; ?>"></td>
<td>
<?php if ($update == true): ?>
<button type="submit" name="update" class="updatebtn">
<span class="glyphicon-pencil"></span> </button>
<?php else: ?>
<button type="submit" name="submit8" class="addbtnuser">
<span class ="glyphicon-plus"></span> </button>
<?php endif ?>
</td>
</form>
</tr>";
</table>";
<?php mysqli_close($conn); ?>
</body>
</html>
The functions
addusers.inc.php
<?php
include 'dbh.inc.php';
$uid = "";
$email = "";
$pwd = "";
$status = "";
$level = "";
$id = 0;
$update = false;
if (isset($_POST['submit8'])){
//INSERTS INTO
......
}
if (isset($_POST['update'])) {
$uid = mysqli_real_escape_string( $conn , $_POST['uid']);
$email = mysqli_real_escape_string( $conn , $_POST['email']);
$pwd = mysqli_real_escape_string( $conn , $_POST['pwd']);
$status = mysqli_real_escape_string( $conn , $_POST['status']);
$level = mysqli_real_escape_string( $conn , $_POST['level']);
$sql = "UPDATE users SET user_uid='$uid', user_email='$email',
user_pwd='$pwd', user_status='$status', user_level='$level' WHERE
user_id=$id";
mysqli_query($conn, $sql);
header ("Location: ../admin_panel_users.php?user=edited");
exit();
}
else{
header("Location: ../admin_panel_users.php");
exit();
}
From your addusers.inc.php, on the line that says:
$sql = "UPDATE users SET user_uid='$uid', user_email='$email',
user_pwd='$pwd', user_status='$status', user_level='$level' WHERE
user_id=$id";
It appears you didnt get the $id variable so as to update that particular row in your table. You defaulted it to 0 on line 8 of addusers.inc.php. So, it wont update any row at all because table rows start from 1 and increments.
On line 8, change it to
$id = $_GET['edit'] since you already passed it as a GET parameter here:
<a href="admin_panel_users.php?edit=<?php echo $row['user_id']; >"
class="edit_btn">
Your SQL text includes this:
WHERE user_id = $id
And $id is set to 0, so that's equivalent to
WHERE user_id = 0
Related
I trying to insert my data from table_request into table_list by clicking the approve/reject button under the table.
Users will click the checkboxes to select all or select a specific row. After approve, the data in the table_request insert into table_list and deleted from table_request.
The current problem is about the foreach and inserts statement is wrong.
After I click approve, it can only insert table_request id into table_list.
This is my table_request.php
<form name="bulk_action_form" action="action.php" method="post" onSubmit="return approve_confirm();"/>
<table class="bordered">
<tr>
<th><input type="checkbox" name="select_all" id="select_all" value=""/></th>
<th>Name</th>
<th>Remark</th>
</tr>
<?php
$query = "select * from `table_request`;";
if(count(fetchAll($query))>0){
foreach(fetchAll($query) as $row){
?>
<tr>
<td><input type="checkbox" name="checked_id[]" class="checkbox" value="<?php echo $row['id']; ?>"/></td>
<td><?php echo $row['Name'] ?></td>
<td><?php echo $row['Remark'] ?></td>
</tr>
<?php } }else{ ?>
<tr><td colspan="5">No records found.</td></tr>
<?php } ?>
</table>
<input type="submit" name="approve_btn" value="Approve"/>
</form>
This is my action.php
<?php
session_start();
include_once('connection.php');
if(isset($_POST['approve_btn']))
{
$idArr = $_POST['checked_id'];
$Name = $_POST['Name'];
$Remark = $_POST['Remark'];
foreach($idArr as $key => $value)
{
$save = "INSERT INTO table_list(id,Name,Remark) VALUES ('".$value."','".$Name[$key]."','".$Remark[$key]."')";
$query = mysqli_query($conn,$save);
}
$query .= "DELETE FROM `table_request` WHERE `table_request`.`id` = '$id';";
header("Location:table_request.php");
}
?>
connection.php file
<?php
$server_name = "localhost";
$user_name = "username";
$password = "password";
$db_name = 'database';
// Create connection
$conn = mysqli_connect($server_name, $user_name, $password, $db_name);
// Check connection
if (mysqli_connect_errno()) {
die("Connection failed: ");
}
table_request.php file
<?php include_once('connection.php'); ?>
<form name="bulk_action_form" action="action.php" method="post" onSubmit="return approve_confirm();"/>
<table class="bordered">
<tr>
<th>Select</th>
<th>Name</th>
<th>Remark</th>
</tr>
<?php
$query = mysqli_query($conn, "SELECT * FROM table_request");
if (mysqli_num_rows($query) > 0) : foreach($query as $row) : ?>
<tr>
<td><input type="checkbox" name="checked_id[]" class="checkbox" value="
<?php echo $row['id']; ?>"/></td>
<td><?php echo $row['Name']; ?></td>
<td><?php echo $row['Remark']; ?></td>
</tr>
<?php endforeach; else : ?>
<tr><td colspan="5">No records found.</td></tr>
<?php endif; ?>
</table>
<input type="submit" name="approve_btn" value="Approve"/>
</form>
action.php file
<?php
include_once('connection.php');
if(isset($_POST['approve_btn'])) {
foreach ($_POST['checked_id'] as $id) {
$query = mysqli_query($conn, "SELECT * FROM table_request WHERE id = $id");
$result = $query->fetch_object();
$save = "INSERT INTO table_list(id, Name, Remark) VALUES ('".$result->id."','".$result->Name."','".$result->Remark."')";
// For save data
mysqli_query($conn, $save);
// For delete data
mysqli_query($conn, "DELETE FROM table_request WHERE id = $id");
}
header('Location:table_request.php');
}
I am still trying out PHP and with database capability. I'm new to stack overflow as well.
I'm having a problem with updating and deleting a row in my database but for now updating is the concern and surely deletion will follow if I manage to get assisted for this.
I have database "dbSample" and it has 3 columns "id, name, address, email".
I am having problems redirecting correctly to my update classes and it shows an error every time.
Below is the said connection file:(sample/class/dbconnection.php):
<?php
/*
==============================SQL Connection=================================
*/
$connections = mysqli_connect("localhost","root","","dbSample"); //checks database connection
if(mysqli_connect_errno()){
echo '<script type="text/javascript">alert("' . "Database Status: " . mysqli_connect_error() . '")</script>';
}
?>
Below serves as my index php file(sample/dbsample.php):
<?php require 'class/dbconnection.php';?>
<html>
<head>
</head>
<body>
<div>
<?php include 'class/dbupdate.php'; ?>
</div>
</body>
</html>
Below is the said dbupdate file:(sample/class/dbupdate.php):
<?php
/*
==============================SQL Update=================================
*/
$view_query = mysqli_query($connections, "SELECT * FROM tblSample");
echo "<table border = '1'>";
echo "<tr>
<td>Name</td>
<td>Address</td>
<td>Email</td>
<td>Option</td>
</tr>";
while($row = mysqli_fetch_assoc($view_query)){ //make variables to hold the values from the table
$user_id = $row["id"];
$db_name = $row["name"];
$db_address = $row["address"];
$db_email = $row["email"];
//get the value id and pass it
echo "<tr>
<td>$db_name</td>
<td>$db_address</td>
<td>$db_email</td>
<td><a href='class/updatepass.php?id=$user_id'>Update</a></td>
</tr>";
}
echo "</table>";
?>
Below is the said updatepass file:(sample/class/updatepass.php):
<?php
require_once(__DIR__."\dbconnection.php");
$user_id = $_REQUEST["id"];
$get_record = mysqli_query($connections, "SELECT * FROM tblSample WHERE id='$user_id'");
while($row_edit = mysqli_fetch_assoc($get_record)){
$db_name = $row_edit["name"];
$db_address = $row_edit["address"];
$db_email = $row_edit["email"];
}
?>
<form method="POST" action="class/updatenow.php">
<input type="hidden" name="user_id" value="<?php echo $user_id; ?>">
Name: <input type="text" name="new_name" value="<?php echo $db_name; ?>">
<hr />
Address: <input type="text" name="new_address" value="<?php echo $db_address; ?>">
<hr />
Email: <input type="text" name="new_email" value="<?php echo $db_email; ?>">
<hr />
<input type="submit" value="Update">
</form>
Below is the said updatenow file:(sample/class/updatenow.php):
<?php
header('Content-Type: text/plain; charset=utf-8');
require_once(__DIR__."\class\updatepass.php");
require_once(__DIR__."\class\dbconnection.php");
$user_id = $_POST["id"];
$new_name = $_POST["new_name"];
$new_address = $_POST["new_address"];
$new_email = $_POST["new_email"];
mysqli_query($connections, "UPDATE tblSample SET name='$new_name', address='$new_address', email='$new_email' WHERE id='$user_id'");
echo '<script type="text/javascript">alert("' . "Record has been updated" . '")</script>';
header('location: dbsample.php');
?>
Thank you for the help in advance, I will deeply appreciate it.
my problem it's I'm trying to develop a back-end where I need to update but my problem is, when I update one field my script update all fields and all data of my mysqli database.
My code for now is:
<html>
<body>
<?php
ini_set('display_errors', 1);
error_reporting(~0);
$serverName = "localhost";
$userName = "root";
$userPassword = "";
$dbName = "hotel_vaniet";
$strCustomerID = null;
if(isset($_GET["cod"]))
{
$cod = $_GET["cod"];
}
$serverName = "localhost";
$userName = "root";
$userPassword = "";
$dbName = "hotel_vaniet";
$conn = mysqli_connect($serverName,$userName,$userPassword,$dbName);
$sql = "SELECT * FROM quartos WHERE cod=$cod";
$query = mysqli_query($conn,$sql);
$result=mysqli_fetch_array($query,MYSQLI_ASSOC);
?>
<div id="main">
<form action="editar_quartos_final.php" name="frmAdd" method="post">
<br><h1>Página de Edição</h1>
<br><hr/>
<div id="login2">
<table width="284" border="1">
<tr>
<th width="120">Tipo</th>
<td width="238"><input type="text" name="tipo" size="50" value="<?php echo $result["tipo"];?>"></td>
</tr>
<tr>
<th width="120">Capacidade</th>
<td><input type="text" name="capacidade" size="50" value="<?php echo $result["capacidade"];?>"></td>
</tr>
<tr>
<th width="120">Preço p/ Noite</th>
<td><input type="text" name="preco" size="50" value="<?php echo $result["preco"];?>"></td>
</tr>
<tr>
<th width="120">Reservado</th>
<td><input type="text" name="reservado" size="50" value="<?php echo $result["reservado"];?>"></td>
</tr>
</table>
<br><input id="submitbuttoneditar" type="submit" value=" Editar " name="submit"/><br />
</div>
</form>
<?php
mysqli_close($conn);
?>
</body>
</html>
This the first page ,this page send me to another where makes all changes. The second page :
<html>
<head>
<title>Página de Edição do Cliente</title>
</head>
<body>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "hotel_vaniet";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "UPDATE quartos SET
tipo = '".$_POST["tipo"]."' ,
capacidade = '".$_POST["capacidade"]."' ,
preco = '".$_POST["preco"]."' ,
reservado = '".$_POST["reservado"]."'
WHERE cod=cod";
if ($conn->query($sql) === TRUE) {
echo "Dados actualizados com sucesso!";
header("Location: quartos.php");
} else {
echo "Erro na edição dos dados! " . $conn->error;
header("Location: quartos.php");
}
$conn->close();
?>
</body>
</html>
On your first page you have $cod variable which equals $_GET["cod"].
On your second page $cod variable is not defined. So your try to update
WHERE cod=cod
means - update where value of field cod is the same as value of field cod. And as it is true for all records - all your records are updated.
So, the solution is to pass your $cod value to your second script.
For example, you can do it with a hidden field from your first form:
<form action="editar_quartos_final.php" name="frmAdd" method="post">
<br><h1>Página de Edição</h1>
<br><hr/>
<input type="hidden" name="cod" value="<?php echo $cod?>" />
<div id="login2">
<table width="284" border="1">
<tr>
<th width="120">Tipo</th>
<td width="238"><input type="text" name="tipo" size="50" value="<?php echo $result["tipo"];?>"></td>
</tr>
<tr>
See this field with hidden type?
And in your second script use $_POST['cod']:
$sql = "UPDATE quartos SET
tipo = '".$_POST["tipo"]."' ,
capacidade = '".$_POST["capacidade"]."' ,
preco = '".$_POST["preco"]."' ,
reservado = '".$_POST["reservado"]."'
WHERE cod=" . $POST['cod'];
And of course, your code is vulnerable to sql injections.
So you should start using prepared statements asap.
What i have is an event table list that shows a list of events for a team. beside each row is an edit button that when clicked brings you to an edit page where you can edit that selected event. however when i click the button i get nothing but a blank page. iv included the connection file and the index file
Index.php
<?php
require('model/connection.php');
require('model/functions.php');
if (isset($_POST['action'])) {
$action = $_POST['action'];
} else if (isset($_GET['action'])) {
$action = $_GET['action'];
} else {
$action = 'root_menu';
}
if ($action == 'root_menu') {
include('homePage.php');
} else if ($action == 'add_user') {
$email = $_POST['email'];
$password = $_POST['password'];
$last_name = $_POST['last_name'];
$first_name = $_POST['first_name'];
$country = $_POST['country'];
$city_town = $_POST['city_town'];
$user_type_id = $_POST['user_type_id'];
add_user($email, $password, $last_name, $first_name, $country, $city_town, $user_type_id);
$team_manager = get_users();
include('homePage.php');
} else if ($action == 'add_team') {
$name = $_POST['name'];
$sport = $_POST['sport'];
$country = $_POST['country'];
$city_town = $_POST['city_town'];
$age_profile = $_POST['age_profile'];
$user_id = $_POST['user_id'];
add_team($name, $sport, $country, $city_town, $age_profile, $user_id);
$team_manager = get_teams();
include('userPage.php');
} else if ($action == 'add_player') {
$last_name = $_POST['last_name'];
$first_name = $_POST['first_name'];
$dob = $_POST['dob'];
$position = $_POST['position'];
$email = $_POST['email'];
$country = $_POST['country'];
$city_town = $_POST['city_town'];
$password = $_POST['password'];
$team_id = $_POST['team_id'];
$user_type_id = $_POST['user_type_id'];
add_player($last_name, $first_name, $dob, $position, $email, $country, $city_town, $password, $team_id, $user_type_id);
$team_manager = get_players();
$from = "teammanager0#outlook.com"; // this is the web app's Email address
$subject = "Welcome to Team Manager";
$message = "You have been added to a team on our web app TEAM MANAGER!" . "\n\n" . "In order to login to your team please use
the following details: " . "\n\n" . "Email: " . $email . "\n\n" . "Password: " . $password;
$headers = "From:" . $from;
mail($email, $subject, $message, $headers);
header("location: http://localhost/TeamManager/teamPage.php?id=$team_id");
} else if ($action == 'add_event') {
$event_type = $_POST['event_type'];
$event_desc = $_POST['event_desc'];
$event_date = $_POST['event_date'];
$event_start = $_POST['event_start'];
$event_end = $_POST['event_end'];
$team_name = $_POST['team_name'];
$age_profile = $_POST['age_profile'];
$user_id = $_POST['user_id'];
$team_id = $_POST['team_id'];
add_event($event_type, $event_desc, $event_date, $event_start, $event_end, $team_name, $age_profile, $user_id, $team_id);
$team_manager = get_events();
header("location: http://localhost/TeamManager/teamPage.php?id=$team_id");
} else if ($action == 'delete_event') {
$event_id = $_POST['event_id'];
delete_event($event_id);
header("location: http://localhost/TeamManager/userPage.php");
} else if ($action == 'edit_event_form') {
$event_id = $_POST('event_id');
$event = get_event($event_id);
$event_type = $event['event_type'];
$event_desc = $event['event_desc'];
$event_date = $event['event_date'];
$event_start = $event['event_start'];
$event_end = $event['event_end'];
$team_name = $event['team_name'];
$age_profile = $event['age_profile'];
$user_id = $event['user_id'];
$team_id = $event['team_id'];
include('editEvent.php');
}
?>
connection.php
<?php
$mysql_hostname = "localhost";
$mysql_user = "brendan";
$mysql_password = "admin";
$mysql_database = "team_manager";
$bd = mysql_connect($mysql_hostname, $mysql_user, $mysql_password) or die("Could not connect database");
mysql_select_db($mysql_database, $bd) or die("Could not select database");
?>
eventPage.php
<?php
require_once('auth.php');
session_start();
if (trim($_SESSION['SESS_USER_TYPE']) == '2') {
header("location: playerPage.php");
exit();
}
require_once('model/connection.php');
require_once('model/deleteEvent.php');
$query = "SELECT * FROM events WHERE user_id = '" . $_SESSION['SESS_USER_ID'] . "'";
$team_manager = mysql_query($query) or die(mysql_error());
?>
<div id="sectionLeft">
<div class="eventsTable">
<h3>Events</h3>
<table>
<tr>
<td>Team Name</td>
<td>Event</td>
<td>Description</td>
<td>Date</td>
<td>Start Time</td>
<td>End Time</td>
</tr>
<?php while ($row = mysql_fetch_assoc($team_manager)) { ?>
<tr>
<td><?php echo $row['team_name']; ?> <?php echo $row['age_profile']; ?></td>
<td><?php echo $row['event_type']; ?></td>
<td><?php echo $row['event_desc']; ?></td>
<td><?php echo $row['event_date']; ?></td>
<td><?php echo $row['event_start']; ?></td>
<td><?php echo $row['event_end']; ?></td>
<td>
<form action="index.php" method="post" id="delete_event_button" name="form">
<input type="hidden" name="action" value="delete_event"/>
<input type="hidden" name="event_id"
value="<?php echo $row['event_id']; ?>" />
<input type="submit" value="Delete" />
</form>
</td>
<td>
<form action="index.php" method="post" id="edit_event_button" name="form">
<input type="hidden" name="action" value="edit_event_form"/>
<input type="hidden" name="event_id"
value="<?php echo $row['event_id']; ?>" />
<input type="submit" value="Edit" />
</form>
</td>
</tr>
<?php } ?>
</table>
</div>
<br /><br />
</div>
editEvent.php
<?php
require_once('auth.php');
session_start();
if (trim($_SESSION['SESS_USER_TYPE']) == '2') {
header("location: playerPage.php");
exit();
}
require_once('model/connection.php');
require_once('model/deleteEvent.php');
$query = "SELECT * FROM events WHERE user_id = '" . $_SESSION['SESS_USER_ID'] . "'";
$team_manager = mysql_query($query) or die(mysql_error());
?>
<div id="sectionLeft">
<div class="eventsTable">
<h3>Events</h3>
<table>
<tr>
<td>Team Name</td>
<td>Event</td>
<td>Description</td>
<td>Date</td>
<td>Start Time</td>
<td>End Time</td>
</tr>
<?php while ($row = mysql_fetch_assoc($team_manager)) { ?>
<tr>
<td><?php echo $row['team_name']; ?> <?php echo $row['age_profile']; ?></td>
<td><?php echo $row['event_type']; ?></td>
<td><?php echo $row['event_desc']; ?></td>
<td><?php echo $row['event_date']; ?></td>
<td><?php echo $row['event_start']; ?></td>
<td><?php echo $row['event_end']; ?></td>
<td>
<form action="index.php" method="post" id="delete_event_button" name="form">
<input type="hidden" name="action" value="delete_event"/>
<input type="hidden" name="event_id"
value="<?php echo $row['event_id']; ?>" />
<input type="submit" value="Delete" />
</form>
</td>
<td>
<form action="index.php" method="post" id="edit_event_button" name="form">
<input type="hidden" name="action" value="edit_event_form"/>
<input type="hidden" name="event_id"
value="<?php echo $row['event_id']; ?>" />
<input type="submit" value="Edit" />
</form>
</td>
</tr>
<?php } ?>
</table>
</div>
<br /><br />
</div>
get event function from functions.php
function get_event($event_id) {
global $bd;
$query = "SELECT * FROM events
WHERE event_id = '$event_id'";
$events = $bd->query($query);
$event = $events->fetch();
return $event;
}
line 77 wrong paranthesis -> $event_id = $_POST('event_id');
need square ones
I have virtually no programming experience and trying this first project, I am a bit stuck on how to update the database, so I click on edit and the correct record gets loaded into the edit screen update.php
When I click update, I get the message from updated.php saying that the database has been updated, but the database does not get updated, when I display the records they are the same as before the update, thanks in advance for all your help.
the following code:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Form Edit Data</title>
</head>
<body>
<table border=1>
<tr>
<td align=center>Form Edit Employees Data</td>
</tr>
<tr>
<td>
<table>
<?
$user_name = "";
$password = "";
$database = "";
$server = "localhost";
mysql_connect($server, $user_name, $password);
$db_found = mysql_select_db($database);
$id = $_GET['id'];
$order = "SELECT * FROM MY_ID where ID = ' " .$id . " ' ";
$result = mysql_query($order);
$row = mysql_fetch_array($result);
?>
<form method="post" action="edit_data.php"?id=<?= $id ?>>
<input type="text" name="id" value="<? echo "$row[ID]"?>">
<tr>
<td>First Name</td>
<td>
<input type="text" name="FirsName" size="20" value="<? echo "$row[FirstName]"?>">
</td>
</tr>
<tr>
<td>Sur Name</td>
<td>
<input type="text" name="SurName" size="40" value="<? echo "$row[SurName]"?>">
</td>
</tr>
<tr>
<td>Address</td>
<td>
<input type="text" name="Address" size="40" value="<? echo "$row[Address]"?>">
</td>
</tr>
<tr>
<td align="right">
<input type="submit" name="submit" value="submit">
</td>
</tr>
</form>
</table>
</td>
</tr>
</table>
</body>
</html>
and here is the other file
<?php
$user_name = "";
$password = "";
$database = "";
$server = "";
mysql_connect($server, $user_name, $password);
$db_found = mysql_select_db($database);
$id = $_REQUEST['ID'];
$FirstName = trim(mysql_real_escape_string($_POST["FirstName"]));
$SurName = trim(mysql_real_escape_string($_POST["SurName"]));
$Address = trim(mysql_real_escape_string($_POST["Address"]));
$sql = "UPDATE MY_ID SET FirstName='$FirstName',SurName='$SurName',Address='$Address' WHERE ID='$id'";
$result=mysql_query($sql);
if ($result){
echo "Successful";
echo "<BR>";
echo "<a href='edit.php'>View result</a>";
}
else {
echo "ERROR";
}
?>
Looks like you forget the double quotation mark and the full stop. You should write it as: '".$example."'
$sql = "UPDATE MY_ID SET FirstName='".$FirstName."',SurName='".$SurName."',Address='".$Address.:' WHERE ID='".$id."'";
It is because your form method is POST, and you are trying to GET ID.
Probably ID returns null.
My suggestion is to put a hidden input in your form as with name="ID", then read it in your posted page as $_POST["ID"];
Yes, the answer is as Mansours said. You should not use single quota to your variable.
So, it's bad practice writing code something like this:
<input type="text" value="<?php echo "$row[name]"; ?>">
it should be
<input type="text" value="<?php echo $row['name']; ?>">
it would be clear, and also, when inserting or updating the record you should write as follow:
$sql = "UPDATE MY_ID SET FirstName='" . $FirstName . "',
SurName='" . $SurName . "',
Address='" . $Address . "'
WHERE ID='" . $id . "'";
mysql_query($sql);