Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 5 years ago.
Improve this question
I've created a website where I can upload articles however im having trouble with updating articles that have been created. I have managed to fill in a form with the information from the database pre-filled in but when i submit any changes then to the article then it does not update.
The $var_value is the primary key passed from the previous page to determine which article to load & edit.
Here is my form to update the article.
<?php
$var_value = $_POST['varname'];
$get_studies = "select * from news where `news`.`articleID` = $var_value";
$run_studies = mysqli_query($con,$get_studies);
while($row_studies = mysqli_fetch_array($run_studies)){
$newsTitle = $row_studies['title'];
$newsDate = $row_studies['date'];
$shortBio = $row_studies['shortBio'];
$longBio = $row_studies['longBio'];
$longBio2 = $row_studies['longBio2'];
$image = $row_studies['image'];
}
echo "
<div class='panelContent1' id='addNewsWraper'>
<h2>Dashboard</h2>
<h3>Update Article</h3>
<form method='post' enctype='multipart/form-data' onsubmit='alert('stop submit'); return false;' >
<div class='newsForm'>
<p>Article Title<br /><input type='text' value='$newsTitle' name='newsTitle' /></p>
<p>Short Description<br /><textarea name='newsShort' placeholder='Around a paragraph' />$shortBio</textarea>
<p>Image<br /><input type='file' name='newsImage' /></p>
</div>
<div class='newsForm'>
<p>Date<br /><input type='text' value='$newsDate' name='newsDate' placeholder='2017' /></p>
<p>Story<br /><textarea name='newsLong' placeholder='News article text' />$longBio</textarea>
<p>Story2<br /><textarea name='newsLong2' value='' placeholder='News article text' />$longBio2</textarea>
<button type='submit' name='updateNews'>
Update
</button>
</div>
</form>
</div>
";
?>
Here is how i am trying to update the article. I have tried to update the record based on a primary key, this variable is being passed to the page as its what is loading the content in the form.
<?php
if(isset($_POST['updateNews'])){
$newsTitle = $_POST['newsTitle'];
$newsDate = $_POST['newsDate'];
$newsShort = $_POST['newsShort'];
$newsLong = $_POST['newsLong'];
$newsLong2 = $_POST['newsLong2'];
$newsImage = $_POST['newsImage'];
$insertNews = "UPDATE mods SET title='$newsTitle', date='$newsDate', shortBio='$newsShort', longBio='$newsLong', longBio2='$newsLong2', image='$newsImage' WHERE articleID='$var_value'";
$updateNews = mysqli_query($con,$insertNews);
if($updateNews){
echo "<script>alert('Article updated.');</script>";
}
}
?>
You say $var_value is being passed to your php update script, but I cannot see that is is, nor is it being picked up by a POST and transferred to a local variable. Pass it as a <input type="hidden" and then pick up with a POST to use.
In first php script:
<p>Article Title<br /><input type='text' value='$newsTitle' name='newsTitle' />
<input type="hidden" value='$var_value' name='var_value' />
</p>
In second php script:
$var_value = $_POST['var_value'];
It would also be good to look at protecting your script from sql injection by using a parameterized query.
There is a problem with your query
insertNews = "UPDATE mods SET title='$newsTitle' date='$newsDate' shortBio='$newsShort' longBio='$newsLong' longBio2='$newsLong2' image='$newsImage' WHERE articleID='$var_value'";
Replace this with your current Query you will be good to go.
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 3 years ago.
Improve this question
I have a form that I use to insert data into database and a table in which I display the records from the same database. I have the update button on each record displayed.
When I click on it, the data from the database is displayed in each input from the form; I've modified the information that I want and click Update button from the form.
The problem is that the data I have modified is not updated in the database and is not displayed in the table of my page.
My index-admin.php file:
<?php
include("functions.php");
//fetch record to be updates
if(isset($_GET['update'])){
$id = $_GET['update'];
$update = true;
$query="SELECT * FROM utilizatori WHERE id_user= $id";
$record = mysqli_query($conn,$query);
if (count($record) == 1 ) {
$rec = mysqli_fetch_array($record);
$id=$rec['id_user'];
$nume=$rec['nume'];
$prenume=$rec['prenume'];
$email=$rec['email'];
$pwd=$rec['pass'];
$rol=$rec['rol'];
}
}
?>
My form:
<form method="POST" action="functions.php">
<input type="hidden" name="id" value="<?php echo $id; ?> ">
<div class="input-group">
<label>Nume</label>
<input type="text" name="nume" value="<?php echo $nume; ?>">
</div>
<div class="input-group">
<label>Prenume</label>
<input type="text" name="prenume" value="<?php echo $prenume; ?>" >
</div>
<div class="input-group">
<label>Email</label>
<input type="text" name="email" value="<?php echo $email; ?> ">
</div>
<div class="input-group">
<label>Password</label>
<input type="text" name="pass" value="<?php echo $pwd; ?> ">
</div>
<div class="input-group">
<label>Rol</label>
<input type="text" name="rol" value="<?php echo $rol; ?> " >
</div>
<div class="input-group">
<?php if ($update == false): ?>
<button type="submit" name="save" class="btn">Save</button>
<?php else: ?>
<button type="submit" name="update" class="btn">Update</button>
<?php endif ?>
</div>
</form>
My functions.php file:
if(isset($_POST['update'])) {
$nume = mysqli_real_escape_string($conn,$_POST['nume']);
$prenume = mysqli_real_escape_string($conn,$_POST['prenume']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$pwd = mysqli_real_escape_string($conn, $_POST['pass']);
$rol = mysqli_real_escape_string($conn, $_POST['rol']);
$query="UPDATE utilizatori
SET nume='$nume',
prenume='$prenume',
email='$email',
pass='$pwd',
rol='$rol'
WHERE id_user=$id;";
mysqli_query($conn,$query);
$_SESSION['msg'] = 'Date actualizate!';
header('Location:index-admin.php');
}
It seems that $id is undefined within functions.php. It only existed in index-admin.php, and when the form is submitted, that code is not running. Web applications are stateless and variable values do not persist between requests. Nor are variable values magically passed between separate script files (unless they are called within the same request via an "include" or "require" statement).
However you've actually partially solved that. You have already placed the ID within a hidden field in your form when index-admin is being loaded. Now you just need to create a new variable to read it in functions.php:
if(isset($_POST['update'])) {
$id = $_POST["id"];
As a separate point, I can't see why you also wrote include("functions.php"); within the index-admin script...your form posts back directly to functions.php, rather than to index-admin.php. It makes no sense to include functions.php within that page...it won't do anything useful as far as I can see.
Please pay attention to the warnings within the comments about SQL Injection. This is a serious vulnerability and you should fix it as soon as possible, preferably before you commence testing your code (so that you don't have to re-test it once you've re-written the query code).
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
I have a PHP form which is supposed to add a book to a table of books in a SQLite database. The form submits, however a book is not added to my database.
<?php
session_start();
require("books.php");
require("layout.php");
$db=sqlite_open ("products.db", 0666, $error);
echo $header;
echo "<p>
<a href='./index.php'>Bookshop</a></p>";
echo "<h1> Add Books </h1>
<p>
<form action='' method='get' id='AddBook'>
Author: <input type='text' name='Author'><br>
Title: <input type='text' name='Title'><br>
Brief_Synopsis: <input type='text' name='Synopsis'><br>
ISBN_Number: <input type='text' name='ISBN'><br>
Publisher: <input type='text' name='Publisher'><br>
imgNumber (save img with this name under /img/): <input type='text' name='imgNum'><br>
Price: <input type='text' name='Price'><br>
Category 1: <input type='text' name='Cat1'><br>
Category 2: <input type='text' name='Cat2'><br>
<input type='submit' value='Submit' name='Submit'>
</form>
</p>";
if(isset($_POST['Submit'])){
$author = $_POST['Author'];
$title = $_POST['Title'];
$Synopsis = $_POST['Synopsis'];
$ISBN = $_POST['ISBN'];
$Publisher = $_POST['Publisher'];
$imgNum = $_POST['imgNum'];
$Price = $_POST['Price'];
$Cat1 = $_POST['Cat1'];
$Cat2 = $_POST['Cat2'];
sqlite_query($db,"INSERT INTO Books (Author, Title, Brief_Synopsis, ISBN_Number, Publisher, imgNumber, price, cat1, cat2) VALUES ('$_POST[Author]', '$_POST[Title]', '$_POST[Synopsis]', '$_POST[ISBN]', '$_POST[Publisher]', '$_POST[imgNum]', '$_POST[Price]', '$_POST[Cat1]', '$_POST[Cat2]')");
echo("Book Added!");
$dbh = null;
}
?>
Why is this code not updating my database correctly? Before I added the if statement it added an empty book to the database every time the page loaded, however now it submits and resets the form, my URL looks correct but the database does not get an item added to it.
Your code is failing silently, because you're using a GET method in your form, whereas you're using POST arrays.
Change the form's method to POST.
I also need to point out that your present code is open to SQL injection. Use prepared statements, or PDO with prepared statements, they're much safer.
The if statement is checking if submit exists and is not null. You cannot check the input type submit, there is no associated value. You can add a hidden input and check it:
<input type="hidden" name="checkSubmit" value="Submitted">
if(isset($_POST['checksubmit']))
I also noticed that the sql injection is looking at $_POST['myvariable'] making the previous checks for variable redundant at best.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I want to retrieve the id of the page but the page is dynamic depending upon the id
e.g filepath/Post.php?id=5
Data is sent through a form action where i want to get the other pages id but i don't know how to do it.
echo "<form action='../PHP/Comment.php' method='post'>" . "<input class='comment' type='text' name='comment' placeholder='Add a comment'>" . "</form>"
//then what the action does
$id = isset($_GET['id']); //trying to get the page id but it doesn't
$comment = $_POST['comment'];
//insertion into the table in the database.
mysql_query("INSERT INTO comments (id, comment) VALUES ('$id', '$comment')")
There are better ways to do this. have you tried using a dedicated $_SESSION variable? In PHP, i cud do this:-
<?php $_SESSION['PAGE_ID'] = 10;?>
then retrieve it on the form as
<?php echo $_SESSION['PAGE_ID']?>
Try this
echo "<form action='../PHP/Comment.php' method='post'>
<input class='comment' type='text' name='comment' placeholder='Add a comment'>
<input type="hidden" name="id" value="<?php echo $_GET['id']; ?>" />
<input type="submit" value="Submit" />
</form>"
Then form processing
$id = isset($_POST['id']);
$comment = $_POST['comment'];
mysql_query("INSERT INTO comments (id, comment) VALUES ($id, '$comment')");
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
This is page 2
$var= $_GET['var'];
$id= $_GET['id'];
echo "Book Title:<br>" .$var. "<br> Book id:".$id."<br>";
$result = mysqli_query($con,"SELECT * FROM books WHERE bookid='$id'");
while ($row = mysqli_fetch_array($result)) {
echo "<br><br>Author:<br>".$row['author'];
echo "<br><br>Average rating is:<br>" .$row['avgrating'];
}
?>
<form name='myForm' action='addreview.php' method='POST' >
Give your reviews here:<br>
<input type='textarea' name='review' style='width: 500px; height:200px' ><br>
<input type='hidden' id='ids' name='ids' value=''<?php echo $id ?> ''>
<input type='SUBMIT' name='done' value='DONE'>
</form>
on page 1 I am retrieving bookid from database and then passing it to page 2, and then i have to pass it to page 3. on page 3 I am retrieving it with GET command but it is not working. Kindly help me
$_GET and $_POST in PHP correspond to the form method= in the HTML. If your form's method="POST", you must use $_POST to get to the value.
You've got too many quotes:
<input type='hidden' id='ids' name='ids' value=''<?php echo $id ?> ''>
^^-- ^^--
That'll produce HTML that will be interepreted as (for an id of 8):
<input [...snip...] value="" 8 "" />
value gets an an empty string, followed by an invalid attribute 8, followed by a couple quotes that aren't a valid attribute OR value.
If you are submitting page 1 via POST, you will need to access your submitted data using $_POST, not $_GET.
<input type='hidden' id='ids' name='ids' value=''<?php echo $id ?> ''>
Look at your value:
value=''<?php echo $id ?>''
It shoud be
value='<?php echo $id; ?>'
This question already has answers here:
Closed 11 years ago.
Possible Duplicate:
table updates empty spaces when user do not enter anything to the textbox
greetings :)
i am having problems updating my database whenever the user clicks on the submit button.
i am going to show you the flow of my program,i already tried figuring out the problem,but i just can't find solutions. i hope someone could help me.
i have 2 problems encountered here:
my database won't update after clicking the submit button
the user may choose which to update,if the textbox is empty,it will update the data with empty spaces.and i want the data to remain as it is if the textbox is empty.
in my program,if you want to update the employee information,you must click the name that contains a link in the page. (in my program its the employee name that needs to be clicked) when clicked,a pop up will open.
the link in my index.php contains the following code:
<td class="sub" width="100" align="center">
<a href="" onclick = javascript:newPopup('empinfo.php?emp=<?php echo $eid ?>');><?php echo$ename?></a>
</td>
NOTE the empinfo.php is my pop up window,it calls the pop up when clicked. emp isthe name i assign to pass in the empinfo.php it contains the employee ID. NO PROBLEM HERE,I JUST WANT TO SHOW YOU THE FLOW
when the empinfo.php appears,it will show this format:
Employee name: //textbox here
Position: /textbox here
Department: /textbox here
Employee Tag: /textbox here
**SUBMIT BUTTON**
when the user clicks the submit button, it should have updated the database with the inputted values,but mine won't update :(
here is the codes i used:
<?php
$con=mysql_connect('localhost','root','mariel') or die(mysql_error());
mysql_select_db('intranet',$con);
if(isset($_POST['submitted']))
{
$qry = "UPDATE gpl_employees_list SET emp_nme = '".$_POST['name']."', emp_pos = '".$_POST['pos']."', emp_dep = '".$_POST['dep']."', emp_tag = '".$_POST['tag']."' WHERE emp_id = '".$_GET['emp']."' ";
mysql_query($qry) or die (mysql_error());
}
?>
this is the content code in my form,together with the submit that i used:
<form action="index.php" method="POST">
<input type='hidden' name='submitted' id='submitted' value='1'/>
<input type='hidden' name='eid' id='eid' value= '<?php echo $_GET['emp']?>' />
<fieldset>
<div class='container'>
<label for='ename' >Employee name:</label><br/>
<input type='text' name='ename' id='ename' value='' maxlength="50" /><br/><br/>
</div>
<div class='container'>
<label for='pos' >Position:</label><br/>
<input type='text' name='pos' id='pos' value='' maxlength="50" /><br/><br/>
</div>
<div class='container'>
<label for='dep' >Department/Division:</label><br/>
<input type='text' name='dep' id='dep' value='' maxlength="100" /><br/><br/>
</div>
<div class='container'>
<label for='tag' >Employee Tag:</label><br/>
<select name="tag" id="tag">
<option value="Y">Yes</option>
<option value="N">No</option>
</select> <br/><br/>
</div>
<div class='container'>
<input type='submit' name='Submit' value='Submit' onclick = "location.reload();window.close()"/>
</div>
</fieldset>
</form>
i hope someone could clear it up for me
MisaChan
It's not updating because you probably need to refer to $_POST['eid'] instead of $_GET['emp'] because you don't have it in index.php like index.php?emp=1. You already have that field so use that:
<input type='hidden' name='eid' id='eid' value= '<?php echo $_GET['emp']?>' />
Also you don't need to do this:
onclick = "location.reload();window.close()"
Type submit reloads the page by default.
Lastly, consider #Sam152's pointers :)
There could be a number of things wrong, but these points should help you debug your script.
Firstly you need to escape your post
variables to ensure things like
apostrophes don't mess up your query,
it's also a security vulnerability.
Secondly, make sure your form action is pointing to the PHP script. Maybe put a print statement at the top of the script to make sure PHP is actually receiving the data.
Then assign the value of the SQL query to a variable and print it out before you run it. You can then easily see what's being sent to the SQL server. Maybe run it in an SQL management tool my phpMyAdmin and observe any errors with it.
Hope this helps. Feel free to update your question with new information as it comes.