I am trying to do a admin panel. I used PDO for database connect. In panel, i want to update site title, site url etc. But i have a problem. I am sure that i did all true.
I need your help.
This is admin panel code :
<?php
include 'config.php';
$ayarsor=$db->prepare("select * from ayar1 where ayar_id=?");
$ayarsor->execute(array(0));
$ayarcek=$ayarsor->fetch(PDO::FETCH_ASSOC);
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css" />
<title></title>
</head>
<body>
<div class="ust">
<h1><center>panel</center></h1>
</div>
<div class="container">
<h2>Send something</h2>
<p> ADMİN PANELİ</p>
</div>
<div class="orta">
<table>
<form action="islem.php" method="POST">
<tr>
<td><label>Site başlığı</label></td>
<td><input type="text" name="ayar_title" /></td>
</tr>
<tr>
<td><label>Duyuru</label></td>
<td><input type="text" name="ayar_duyuru" value="<?php echo $ayarcek['ayar_duyuru']; ?>" /></td>
</tr>
<tr>
<td><label>Düşman</label></td>
<td><input type="text" name="ayar_dusman" /></td>
</tr>
<tr>
<td></td>
<td><button name="genelayarkaydet">Güncelle</button></td>
</tr>
</form>
</table>``
</div>
This is islem.php :
<?php
ob_start();
include 'config.php';
if(isset($_POST['genelayarkaydet'])) {
$ayarkaydet=$db->prepare("UPDATE ayar1 set
ayar_title=sitetitle,
ayar_duyuru=duyuru,
ayar_dusman=dusman
WHERE ayar_id=0");
$update=$ayarkaydet->execute(array(
'sitetitle' => $_POST['ayar_title'],
'duyuru' => $_POST['ayar_duyuru'],
'dusman' => $_POST['ayar_dusman']
));
if($update) {
echo "Degistirildi!!!!!!";
}
else {
echo "olmadı la";
}
}
?>
You need to bind the variables for the database query.
$ayarkaydet = $db->prepare("UPDATE ayar1 set ayar_title = :sitetitle,
ayar_duyuru = :duyuru,
ayar_dusman = :dusman
WHERE ayar_id = 0");
$update = $ayarkaydet->execute(array(
'sitetitle' => $_POST['ayar_title'],
'duyuru' => $_POST['ayar_duyuru'],
'dusman' => $_POST['ayar_dusman']
));
Related
I have this button which takes the first parameter of a row into a table and sends it through the url to another page.
Here's the code:
<?php foreach ($result as $row) { ?>
<tr>
<td><a value="edit" href="Page1.php?Field1=<?php echo $row['Field1'];?>">Add</a></td>
<td><?php echo escape($row["Field1"]); ?></td>
<td><?php echo escape($row["Field2"]); ?></td>
<td><?php echo escape($row["Field3"]); ?></td>
<td><?php echo escape($row["Field4"]); ?></td>
</tr>
<?php } ?>
I have this code in another page, written out the same and it works perfectly, so I'm wondering what the issue here could be.
The first field I have in my table is the one I want to send through the url. It's already showing in my table so the data is existing, everything works fine.
The url ends like this: Page1.php? and it's a blank page.
If I manually put the first field of the table into the url the page shows up with the data I want.
Here's the code of the page that sends Field1:
<html>
<head>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Raleway">
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
<link rel="stylesheet" type="text/css" href="../../style.css">
<link rel="icon" type="image/png" href="../../favicon/elenco.png" sizes="32x32">
<script src="../../highlight.js"></script>
</head>
<?php
try {
require "../../../security/config.php";
require "../../../security/common.php";
$connection = new PDO($dsn, $username, $password, $options);
$sql = "SELECT [...]
FROM [...]
ORDER BY [...]";
$statement = $connection->prepare($sql);
$statement->execute();
$result = $statement->fetchAll();
} catch(PDOException $error) {
echo $sql . "<br>" . $error->getMessage();
}
?>
<body>
<?php
if ($result && $statement->rowCount() > 0) { ?>
<header class="w3-container w3-center w3-padding-12">
<h1>List</h1>
</header>
<h1><br></h1>
<a href="home.php" align='center'>Return Home.</a>
<h1><br></h1>
<table id="display-table" class="my_table" border='1' align='center'>
<thead>
<tr>
<th></th>
<th>Field 1</th>
<th>Field 2</th>
<th>Field 3</th>
<th>Field 4</th>
</tr>
</thead>
<tbody>
<?php foreach ($result as $row) { ?>
<tr>
<td>Add</td>
<td><?php echo escape($row["Field1"]); ?></td>
<td><?php echo escape($row["Field2"]); ?></td>
<td><?php echo escape($row["Field3"]); ?></td>
<td><?php echo escape($row["Field4"]); ?></td>
</tr>
<?php } ?>
</tbody>
</table>
<?php } else { ?>
<div class = "container">
<div class = "center">
<p><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br></p>
</div>
<?php } ?>
<br>
</div>
</body>
</body>
</html>
https://imgur.com/a/gDydUI5
The first column with 'Aggiungi' is the add button in the code, it sends the data of the row to the other page and fills the form with it. I can't make you see the other page as it's blank, but it's just a form that sends data through email.
Here's the code of the other page:
<html>
<head>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Raleway">
<link rel="stylesheet" type="text/css" href="../../style.css">
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
<link rel="icon" type="image/png" href="../../favicon/elenco.png" sizes="32x32">
</head>
<?php
try {
require "../../../security/config.php";
require "../../../security/common.php";
$connection = new PDO($dsn, $username, $password, $options);
$name = $_GET['Field1'];
$sql = "SELECT [...]
FROM [...]
WHERE [...];
$statement = $connection->prepare($sql);
$statement->bindParam(':name', $name, PDO::PARAM_STR);
$statement->execute();
$result = $statement->fetchAll();
} catch(PDOException $error) {
echo $sql . "<br>" . $error->getMessage();
}
?>
<body>
<?php
if ($result && $statement->rowCount() > 0) { ?>
<body class="w3-light-grey">
<header class="w3-container w3-center w3-padding-12">
<h1>Add</h1>
</header>
<p><br></p>
<a href="home.php" align='center'>Return Home</a>
<div class = "container8">
<div class = "center">
<form name="Form1" method="post" action="">
<?php foreach ($result as $row) { ?>
<label for="Field1">Field 1</label>
<input type="text" id="Field1" name="Field1" value="<?php echo escape($row["Field1"]); ?>">
<label for="Field2">Field 2</label>
<select id="Field2" name="Field2" >
<option value="Field11">Field11</option>
<option value="Field12">Field12</option>
<option value="Field13">Field13</option>
<option value="Field14">Field14</option>
</select>
<label for="Field3">Field 3</label>
<input type="text" name="Field3" id="Field3" value="<?php echo escape($row["Field3"]); ?>">
<label for="Field4">Field 4</label>
<input type="text" name="Field4" id="Field4">
<label for="Field5">Field 5</label>
<input type="text" name="Field5" id="Field5" value="<?php echo escape($row["Field5"]); ?>">
<label for="Field6">Field 6</label>
<input type="text" name="Field6" id="Field6" value="<?php echo escape($row["Field6"]); ?>">
<label for="Field7">Field 7</label>
<input type="date" name="Field7" id="Field7" value="<?php echo escape($row["Field7"]); ?>">
<label for="Field8">Field 8</label>
<input type="date" id="Field8" name="Field8">
<label for="Field9">Field 9</label>
<input type="text" name="Field9" id="Field9">
<br><br>
<input type="submit" name="submit" value="Submit" onclick="return OnButton1();">
<input type="submit" name="send" value="Appointment" onclick="return OnButton2();">
<br><br>
</form>
<?php } ?>
</div>
</div>
<?php } else { ?>
<div class = "container">
<div class = "center">
<p><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br></p>
</div>
<?php } ?>
<br>
</div>
</body>
</body>
</html>
<script language="Javascript">
<!--
function OnButton1()
{
document.Form1.action = "add.php"
document.Form1.submit(); // Submit the page
return true;
}
function OnButton2()
{
document.Form1.action = "contact/index.php"
document.Form1.submit(); // Submit the page
return true;
}
-->
</script>
This is the source code given by the browser:
<html>
<head>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Raleway">
<link rel="stylesheet" type="text/css" href="../../style.css">
<link rel="stylesheet" href="https://www.w3schools.com/w3css/4/w3.css">
<link rel="icon" type="image/png" href="../../favicon/elenco.png" sizes="32x32">
</head>
<body>
<div class = "container">
<div class = "center">
<p><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br></p>
</div>
<br>
</div>
</body>
</body>
</html>
<script language="Javascript">
<!--
function OnButton1()
{
document.Form1.action = "aggiungi.php"
document.Form1.submit(); // Submit the page
return true;
}
function OnButton2()
{
document.Form1.action = "contact/index.php"
document.Form1.submit(); // Submit the page
return true;
}
-->
</script>
The whole method I'm using worked using another table.
i have checked out your code, you need to check your SQL Query and SQL result
and specifically check $row["Field1"] that contain any value or not.
how you can perform the check ?
just simply echo $row["Field1"];
if the output would be blank that means it doesn't contain any value
another method is using var_dump($row["Field1"]);
it will give you some detailed information
How did i figured out ? and you can also give it a try
just set the $row["Field1"] = 1; explicitly
and the try to run your code again, if that worked this time , then there is something error with SQL side
Am was already created form like this and working perfect but on last two forms not working, it displays warning-Undefined variable: reg_no and cost. Am trying to follow algorithm as previous forms but nothing happen. My goal is to update inserted data and here is my form
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Edit invoice</title>
<link rel="stylesheet" href="box_style.css" />
</head>
<body>
<?php
include ("db_con.php");
if(isset($_GET['edit_invoice'])){
$edit_i_id = $_GET['edit_invoice'];
$select_invoice = "select * from invoice where i_id='$edit_i_id'";
$run_query = mysqli_query($con, $select_invoice);
while ($row_invoice=mysqli_fetch_array($run_query)){
$i_id = $row_invoice['i_id'];
$reg_no = $row_invoice['reg_no'];
$cost = $row_invoice['cost'];
}
}
?>
<div class='form'>
<form action="" method="post" enctype="multipart/form-data" >
<table width="745" align="center" border="2">
<p style="text-align: center;"><strong><span style="text-decoration: underline;">EDIT INVOICE:</span></strong></p>
<tr>
<td align="right" bgcolor="#dbe5f1"><strong>Registration Number:</strong></td>
<td><input type="text" name="reg_no" id="reg_no" size="35" class="text" placeholder="Registration Number" value="<?php echo $reg_no; ?>" required=""/></td>
</tr>
<tr>
<td align="right" bgcolor="#dbe5f1"><strong>Cost(Tshs):</strong></td>
<td><input type="text" name="cost" id="cost" size="35" class="text" placeholder="Cost" value="<?php echo $cost; ?>" required=""/></td>
</tr>
<tr>
<td colspan="6" align="center" bgcolor="#dbe5f1" ><input type="submit" name="update" class="submit-button" value="SAVE CHANGES"></td>
</tr>
</table>
</form>
</div>
</body>
</html>
Remove while loop from your php code since update is for one record based on id
The code will be as :
if(isset($_GET['edit_invoice'])){
$edit_i_id = $_GET['edit_invoice'];
$select_invoice = "select * from invoice where i_id='$edit_i_id'";
$run_query = mysqli_query($con, $select_invoice);
$row_invoice = mysqli_fetch_array($run_query);
$i_id = $row_invoice['i_id'];
$reg_no = $row_invoice['reg_no'];
$cost = $row_invoice['cost'];
}
if isset($_GET['edit_invoice']) is false, your $reg_no is not present in later script (where you want to echo it).
Put $reg_no above your isset($_GET...) check and set it null or empty string.
$reg_no = null;
if (isset($_GET['edit_invoice'])) {
// your code...
}
Edit: Do the same for $cost and $i_id ;)
PLEASE consider Tom Uddings comment with SQL injections!
I was almost there, but the update is not functioning well especially on the bottom part.
<?php
require('dbconnect.php');//Connects to the database
session_start();
$user_check=$_SESSION['login_user'];
$ses_sql=mysqli_query($link,"SELECT username FROM members WHERE username='$user_check'");
$row=mysqli_fetch_array($ses_sql,MYSQLI_ASSOC);
$loggedin_session=$row['username'];
if(!isset($loggedin_session))
{
header("Location: login.php");
}//To ensure that you must be logged in to access this page
?>
<html>
<head>
<title>Healing Food Form</title>
<meta charset="iso-8859-1"> <!--charset specifies characters available-->
<meta name="author" content="Klarenz Kristoffer M. Qui;ntildeones">
<meta name="description" content="form to update healing food">
<meta name="keywords" content="healing food,form">
</head>
<body>
<?php
$id=$_GET['hf_id'];
$query = "SELECT * FROM healingfood WHERE hf_id='$id'";
if(!mysqli_query($link,$query))
{
die("Sorry. There's a problem with the query.");
}
//stores the result of the query
$result = mysqli_query($link,$query);
while($record = mysqli_fetch_assoc($result))
{
$hf_id=$record['hf_id'];
$hf_title=$record['hf_title'];
$a_id=$record['a_id'];
$hf_image=$record['hf_image'];
$hf_description=$record['hf_description'];
$hf_benefits=$record['hf_benefits'];
$hf_source=$record['hf_source'];
?>
<form action="updatehealingfood.php?hf_id=<?php echo $record['hf_id']; ?>" method="POST">
<table id="container" align="center">
<caption>Update healing food</caption>
<tr>
<td>Title:</td>
<td><input name="hf_title" type="text" value="<?php echo $hf_title; ?>"><br></td>
</tr>
<tr>
<td>Author ID:</td>
<td><input name="a_id" type="text" value="<?php echo $a_id; ?>"><br></td>
</tr>
<tr>
<td>Image URL:</td>
<td><input name="hf_image" type="url" value="<?php echo $hf_image; ?>"><br></td>
</tr>
<tr>
<td>Description:</td>
<td><textarea name ="hf_description" rows="18" cols="60"><?php echo $hf_description; ?></textarea><br></td>
</tr>
<tr>
<td>Benefits:</td>
<td><input name="hf_benefits" type="text" value="<?php echo $hf_benefits; ?>"><br></td>
</tr>
<tr>
<td>Source:</td>
<td><input name="hf_source" type="text" value="<?php echo $hf_source; ?>"><br></td>
</tr>
<tr>
<td colspan="2" align="right"><input type="submit" name="update" value="Update Healing Food"></td>
</tr>
</table>
</form>
</body>
</html>
<?php
}
$id=$_GET['hf_id'];
if(isset($_POST['update']))
{
$hf_title=$_POST['hf_title'];
$a_id=$_POST['a_id'];
$hf_image=$_POST['hf_image'];
$hf_description=$_POST['hf_description'];
$hf_benefits=$_POST['hf_benefits'];
$hf_source=$_POST['hf_source'];
$query2="UPDATE healingfood SET hf_title='$hf_title', a_id='$a_id', hf_image='$hf_image', hf_description='$hf_description', hf_benefits='$hf_benefits', hf_source='$hf_source' WHERE hf_id='$id'";
$result2=mysql_query($query2) or die();
echo "Updated";
}
?>
When I was supposed to update the data, the data remains the same. No one changed. I don't get the $id=$_GET['hf_id']; .
What are my errors?
You are mixing mysqli_* and mysql_*.
At the first part you use mysqli_query(), later you use mysql_query() which has no connection to the database yet.
Stick to mysqli_*.
Change:
$result2=mysql_query($query2) or die();
to:
$result2=mysqli_query($link, $query2) or die( "MySQL error: " . mysqli_error($link) );
I'm struggling now for a few days to get the value of a checkbox in my code.
Basically I have an admin-page where the customer can select and deselect images that will put online.
You can select and deselect images that will be shown on the homepage, and separate on the gallery-page. Both checked is also possible.
I have another checkbox that can be selected to remove the image from the list(image_deleted).
There is still a database entry and the images are still on file-system but later on I'll create a cleanup-job.
Here is my code:
<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);
ob_start();
require('../../lib/dbconnection.php');
require("../../lib/checklogin.php");
require("includes/upload.inc.php");
$query = 'SELECT * FROM gallery where image_deleted != 1 order by id desc';
$result=$conn->query($query);
$count=$result->num_rows;
?>
<!DOCTYPE html>
<html>
<head>
<title>Classic Nails - CMS</title>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="description" content="ClassicNails">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="../css/screen.css">
<link rel="stylesheet" href="../css/libs/magnific-popup.css">
<script src="../js/libs/min/jquery-min.js" type="text/javascript"></script>
<script src="../js/min/custom-min.js" type="text/javascript"></script>
<script src="js/jquery.magnific-popup.js"></script>
<script>
$(document).ready(function() {
$('.image-link').magnificPopup({
type:'image',
gallery:{
enabled:true
}
});
});
</script>
</head>
<body>
<?php include('includes/header.inc.php'); ?>
<?php include('includes/nav.inc.php'); ?>
<div class="wrapper">
<article class="content">
<h1>Foto gallery</h1>
<?php
if (isset($uploadResult)) {
echo "<p><strong>$uploadResult</strong></p>";
}
?>
<form action="" method="post" enctype="multipart/form-data" name="uploadImage" id="uploadImage">
<p>
<label for="image">Upload image:</label>
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo MAX_FILE_SIZE; ?>" />
<input type="file" name="images" id="imagesd" />
</p>
<p>
<input type="submit" name="upload" id="upload" value="Upload" />
</p>
</form>
<div id="maincontent">
<h2>Foto informatie</h2>
<form name="FotoInformatie" id="fotoInformatie" method="post" action="">
<table>
<tr>
<td align="center"><strong>Foto<strong></td>
<td align="center"><strong>Titel</strong></td>
<td align="center"><strong>Beschrijving</strong></td>
<td align="center"><strong>Homepage</strong></td>
</tr>
<?php
while ($rows=$result->fetch_assoc()) {
?>
<tr>
<td class="hide" align="center"><?php $id[]=$rows['id']; ?><?php echo $rows['id']; ?></td>
<td><img src="../img/thumbs/<?php echo $rows['filename']; ?>"></td>
<td align="center"><input name="title[]" type="text" id="title" value="<?php echo $rows['title']; ?>"></td>
<td align="center"><input name="caption[]" type="text" id="caption" value="<?php echo $rows['caption']; ?>"></td>
<td><input type="checkbox" name="checkboxHome[]" id="checkBoxHome" value="<?php echo ($rows['home'] == 1) ? 'checked="checked"' : ''; ?>"/></td>
</tr>
<?php
}
?>
<tr>
<td colspan="4" align="center">
<input type="submit" name="submit" value="Submit">
</tr>
</table>
</form>
</div>
</article> <!-- end of content -->
</div> <!-- end of container -->
<?php include('includes/footer.inc.php'); ?>
</body>
</html>
<?php
if(isset($_POST['submit'])) {
$title = $_POST['title'];
$caption = $_POST['caption'];
if ($_POST['checkboxHome'] == "") {
$checkboxHome[] = '0';
} else {
$checkboxHome[] = '1';
}
for($i=0;$i<$count;$i++){
$result1=mysqli_query($conn, "UPDATE gallery SET title='$title[$i]', caption='$caption[$i]', home='$checkboxHome[$i]' WHERE id='$id[$i]'");
header("location:/admin/foto-admin.php");
}
}
?>
The checkbox only works on the first row in my DB. When I select another record, only the first record in my db will be updated.
Another issue is that my checkbox won't be checked so I don't know based on my screen when a image is online or not. in the database I see a 1 of a 0.
I know that sql-injection is possible and I have to prepare the statements, but that is the next step when I get this checkbox-issue working.
Hope someone can help me with my code. It's giving me a headache.
Check these
Attribute name="id[]" for id field is not given. And it should get inside
if(isset($_POST['submit'])) {
$id = $_POST['id'];
}
Incorrect spelling in getting Post value
change
$checkboxHome = $_POST['checkboxHome'];
$checkboxFotoboek= $_POST['checkboxFotoboek'];
$checkboxDelete = $_POST['image_deleted'];
to
$checkboxHome = $_POST['checkBoxHome'];
$checkboxFotoboek= $_POST['checkBoxFotoboek'];
$checkboxDelete = $_POST['checkboxDelete'];
You are trying to get wrong value.
Your check-box name is checkBoxHome and you are trying to get $_POST['checkboxHome'] instead of $_POST['checkBoxHome'] .
Try $_POST['checkBoxHome'] and print it as print_r('checkBoxHome')
Same mistake in checkBoxFotoboek check-box.
try this
if(isset($_POST['submit'])) {
$title = $_POST['title'];
$caption = $_POST['caption'];
$checkboxHome = $_POST['checkBoxHome'];
$checkboxFotoboek= $_POST['checkBoxFotoboek'];
$checkboxDelete = $_POST['checkboxDelete'];
for($i=0;$i<$count;$i++){
$result1=mysqli_query($conn, "UPDATE gallery SET title='$title[$i]', caption='$caption[$i]', home='$checkboxHome[$i]', fotoboek='$checkboxFotoboek[$i]', image_deleted='$checkboxDelete[$i]' WHERE id='$id[$i]'");
header("location:/admin/foto-admin.php");
}
}
?>
This is my code for a jquery mobile application. But the form i created with php result is not working. Form is not posting data on submit. I even tried data-ajax="flase".
<table id="stock">
<? $sql = mysqli_query($con, "SELECT * FROM products WHERE `product_id` = '1'");
while($row=mysqli_fetch_array($sql)){
$name = $row['name'];
$chamecal = $row['chamecal'];
$price = $row['selling_price'];
$bprice = $row['buying_price'];
$quantity = $row['quantity'];
$manufacturer = $row['manufacturer'];
$date = $row['date'];
$edate = $row['expire'];
$pid = $row['product_id'];
?>
<form id="stockupdate" method="post" action="medupdate.php">
<tr>
<td><?=$name;?></td>
<td><?=$chamecal;?></td>
<td><?=$manufacturer;?></td>
<td><input type="text" name="medbprice" value="<?=$bprice;?>" /></td>
<td><input type="text" name="medprice" value="<?=$price;?>" /></td>
<td><?=$date;?></td>
<td><?=$edate;?></td>
<td><input type="text" name="medstock" value="<?=$quantity;?>" /></td>
<td class="ui-screen-hidden"><input type="text" name="pid" value="<?=$pid;?>" /></td>
<td>
<input type="submit" title="Update" data-icon="gear" data-theme="f" data-inline="true" data-iconpos="notext" />
</td>
</tr>
<?
}
?>
</form>
</table>
Values Handler file medupdate.php
<?php session_start();?>
<?php include_once('include/config.php');?>
<?
$pid = $_POST['pid'];
$medbprice = $_POST['medbprice'];
$medprice = $_POST['medprice'];
$medstock = $_POST['medstock'];
$sql = mysqli_query($con, "UPDATE `products` SET `quantity` = '$medstock', `buying_price` = '$medbprice' , `selling_price` = '$medprice' WHERE `product_id` = '$pid'");
if($sql){
echo 1;
}
?>
If I was to hazard a guess, it's because you're placing
<form id="stockupdate" method="post" action="medupdate.php">
directly within a table element (which is invalid markup). Move this outside your table (before your <table>). When you create invalid markup, the browsers engine tries to correct it which can lead to issues like this.
This is what chrome does to your markup:
You cannot follow the html structure, a form inside table like,
<table>
<form>
<tr>
<td>
</td>
</tr>
</form>
</table>
Here is the working code,
Form php
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<link rel="stylesheet" href="http://code.jquery.com/mobile/1.3.2/jquery.mobile-1.3.2.min.css">
<script src="http://code.jquery.com/jquery-1.9.1.min.js"></script>
<script src="http://code.jquery.com/mobile/1.3.2/jquery.mobile-1.3.2.min.js"></script>
</head>
<body>
<form id="stockupdate" method="post" action="medupdate.php" data-ajax="false">
<table>
<tr>
<td><input type="text" name="medbprice" value="xxxx" /></td>
<td><input type="text" name="medprice" value="yyyyy" /></td>
<td><input type="text" name="medstock" value="zzzzzz" /></td>
<td class="ui-screen-hidden"><input type="text" name="pid" value="111111" /></td>
<td>
<input type="submit" title="Update" data-icon="gear" data-theme="f" data-inline="true" data-iconpos="notext" />
</td>
</tr>
</table>
</form>
</body>
</html>
medupdate.php
<?php
session_start();
$pid = $_POST['pid'];
$medbprice = $_POST['medbprice'];
$medprice = $_POST['medprice'];
$medstock = $_POST['medstock'];
echo $pid;
// your database operations
?>