I'm trying to update some fileds in the database using a form and for some reason it just refreshes the page without doing anything. Here's the code I used:
<?php
$id = $_GET["id"];
$select = "SELECT * FROM blog_members WHERE memberID = '$id'";
$result = mysqli_query($link, $select);
$row=mysqli_fetch_assoc($result);
$id2=$row['memberID'];
$username=$row['username'];
$password = $row['password'];
$email = $row['email'];
?>
<form id="form" action="#" method="post">
<br><table cellspacing='0' cellpadding='0'>
<tr><td>Username:</td>
<td><input name="username" type="text" id="username" placeholder="<?php echo $username; ?>" size="25" /></td></tr>
<tr><td>Password:</td>
<td><input name="password" type="text" id="password" placeholder="<?php echo $password; ?>" size="25" /></td></tr>
<tr><td>Email:</td>
<td><input name="email" type="text" id="email" placeholder="<?php echo $email; ?>" size="25" /></td></tr>
</table>
<br>
<input type="submit" name="Edit" value="Save" />
</center></form>
<?php
if(isset($POST['Edit'])){
$username2 = $_POST['username'];
$password2 = $_POST['password'];
$email2 = $_POST['email'];
$edit = mysqli_query($link, "UPDATE blog_members SET username='$username2',password='$password2',email='$email2' WHERE memberID='$id2'");
$result1 = mysqli_query($link,$edit);
if(!$result){
echo mysqli_error($link);
}else{
echo "Changes have been saved successfully!";
echo "<meta http-equiv=\"refresh\" content=\"2;URL=view-users.php\">";
}
}
?>
I think the query $edit it's not working properly since the page just gets refreshed and the fields from the databse are not updated. I feel like I'm missing something. Any suggestions?
Also change below code
if(isset($POST['Edit'])){
with this, $_POST is right syntax not $POST
if(isset($_POST['Edit'])){
Try This..
<input name="username" type="text" id="username" value="<?php echo $username; ?>" size="25" />
<input name="password" type="text" id="username" value="<?php echo $password; ?>" size="25" />
<input name="email" type="text" id="email" value="<?php echo $email; ?> " size="25" />
I got two things..
You lost the ID that is gets $id = $_GET["id"];.
Mysql Update Query two times.
Solution:
Post your id in the form and get the posted id and use it to update and use a single query to update.
Updates: I miss the main point and that is $POST, you need to change the if(isset($POST['Edit'])) to if(isset($_POST['Edit'])).
Let me know, if you need more support from me.
Related
I have a MySQL database that holds customer orders. I am trying to create a form that a user would enter after selecting the ID of a row they would like to modify.
What the code below is suppose to do is auto-populate a html form with all of the data from the MySQL row. It would take the ID given to it by a previous php file and then use that to grab the row it needs from the database. Unfortunately, no matter what I change or do, the webpage only produces blank boxes where the data is suppose to be.
Here's the code for edit.php (the form that is suppose to auto-populate.)
<!DOCTYPE html>
<html>
<body>
<form action="update_submit.php" method="post">
<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
$servername = "server";
$username = "book";
$password = "pass";
$dbname = "book";
$db_selected = new mysqli($servername, $username, $password, $dbname);
if ($db_selected->connect_error) {
die("Connection failed: " . $dbc->connect_error);
}
if(!empty($_GET['ID'])){
$id = intval($_GET['ID']);
}
try {
$results = $db_selected -> prepare("SELECT * FROM customerorders WHERE ID = ?");
$results -> bind_param("i", $id);
$results -> execute();
} catch(Exception $e) {
echo $e -> getMessage();
die();
}
$row = $results->get_result()->fetch_assoc();
?>
<input type="hidden" name="ID" value="<?php echo $row['ID']; ?>">
<input type="text" name="lastName" value="<?php echo $row['lastName']; ?>" required><br />
<input type="text" name="firstName" value="<?php echo $row['firstName']; ?>" required><br />
<input type="text" name="email" value="<?php echo $row['email']; ?>" required><br />
<input type="text" name="phoneNumber" value="<?php echo $row['phoneNumber']; ?>" required><br />
<input type="text" name="department" value="<?php echo $row['department']; ?>" ><br />
<input type="text" name="typeOfOrder" value="<?php echo $row['typeOfOrder']; ?>" required><br />
<input type="text" name="vendor" value="<?php echo $row['vendor']; ?>" required><br />
<input type="text" name="product" value="<?php echo $row['product']; ?>" required><br />
<input type="text" name="PONumber" value="<?php echo $row['PONumber']; ?>" required><br />
<input type="text" name="accountNumber" value="<?php echo $row['accountNumber']; ?>" required><br />
<input type="text" name="dateOrdered" value="<?php echo $row['dateOrdered']; ?>" required><br />
<input type="text" name="dateExpected" value="<?php echo $row['dateExpected']; ?>" required><br />
<input type="text" name="comments" value="<?php echo $row['comments']; ?>" required><br />
<input type="submit" name="sumbit">
</form>
</body>
</html>
I have error reporting on and nothing ever comes up when I try to find problems. I've also switched around my ' and " multiple times just to see if it ever makes a difference. Nothing I have tried seems to work. I've also looked through every stack overflow question I could possibly find relating to my issue and I still can't find anything that would fix my problem.
Any help is appreciated. I am a novice to php and MySQL so I apologize in advance if the code seems nonsensical or if there is an already obvious solution.
I am having trouble updating my database data. I put the data that I want to update but when I click on the "Update" button it does
nothing. I have called the file on another php file by using Update
It also shows this error
Notice: Undefined variable: fname in
C:\xampp\htdocs\project\change1.php on line 71
Can someone help me figure this issue, please?
<?php include("config.php"); ?>
<?php
if (isset($_GET['edit'])) {
$update = true;
$record = mysqli_query($con, "SELECT * FROM employee WHERE id='".$_GET['edit']."'");
$row = mysqli_fetch_array($record,MYSQLI_BOTH);
}
if (isset($_POST['update'])) {
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$password = $_POST['password'];
$addr = $_POST['addr'];
$phone = $_POST['phone'];
$id=$_GET['edit'];
$query = "UPDATE employee SET fname='".$fname."',lname='".$lname."',password='".$password."',addr='".$addr."',phone='".$phone."' WHERE id='".$id."'";
$result = mysqli_query($con,$query) or die ("problem inserting new record into database");
if($result){
header('location: show_db.php');
}
else {echo "Update not successful"; }
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Update Data</title>
</head>
<body>
Home
<br/><br/>
<input type="hidden" name="id" value="<?php echo $id; ?>">
Name:<input type="text" name="fname" value="<?php echo $fname ; ?>">
Surname:<input type="text" name="lname" value="<?php echo $lname; ?>">
Password:<input type="text" name="password" value="<?php echo $password; ?>">
Address:<input type="text" name="addr" value="<?php echo $addr; ?>">
Contact:<input type="text" name="phone" value="<?php echo $phone; ?>">
<input type="submit" name="update" value="Update">
</body>
</html>
Put the html inputs inside a form
<form name ="form1" method ="get" action="">
<input type="hidden" name="id" value="<?php echo $id; ?>">
Name:<input type="text" name="fname" value="<?php echo $fname ; ?>">
Surname:<input type="text" name="lname" value="<?php echo $lname; ?>">
Password:<input type="text" name="password" value="<?php echo $password; ?>">
Address:<input type="text" name="addr" value="<?php echo $addr; ?>">
Contact:<input type="text" name="phone" value="<?php echo $phone; ?>">
<input type="submit" name="update" value="Update">
</form>
i have this code for the user-edit.php
what i need with this code is to fetch user data from database and show it to the textbox and also the user able to edit the textbox value and updating the database
<?php
include("config/session.php");
include("config/connection.php");
$user_id = $_SESSION['LOGGED_USER_ID'];
?>
<?php
$sql_query = "SELECT * FROM table_users WHERE `SNo` = '$user_id'";
$query = mysql_query($sql_query);
//$i = 1;
$fetch = mysql_fetch_assoc($query);
//$user_id = $_GET['id'];
?>
<form name="form1" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" >
<fieldset>
<p>
<label for="simple-input" >User Name</label>
<input type="text" id="UserName" class="round default-width-input" autofocus name="UserName" value="<?php echo $fetch['UserName'];?>" readonly="readonly" />
</p>
<p>
<label for="simple-input" >Password</label>
<input type="text" id="pass_word" class="round default-width-input" autofocus name="pass_word" value="<?php echo $fetch['pass_word'];?>" />
</p>
<p>
<label for="simple-input" >Email ID</label>
<input type="text" id="Email" class="round default-width-input" autofocus name="Email" value="<?php echo $fetch['Email'];?>" />
</p>
<p>
<label for="simple-input" >Website</label>
<input type="text" id="website" class="round default-width-input" autofocus name="website" value="<?php echo $fetch['website'];?>" />
</p>
</fieldset>
<input type="submit" class="btn btn-primary btn-large" name="form_submit" value="Update Data"/>
</form>
<?php
if(isset($_POST['form_submit']))
{
"UPDATE `table_users` SET `pass_word` = '".$_POST['pass_word']."',`Email` = '".$_POST['Email']."',`website` = '".$_POST['website']."', WHERE `SNo` = '$user_id'";
// sql query for update data into database
if(mysql_query($sql_query))
{
echo '<script type="text/javascript">';
echo 'alert("Data Are Updated Successfully");';
echo '</script>';
}
else
{
echo '<script type="text/javascript">';
echo 'alert("error occured while updating data");';
echo '</script>';
}
}
?>
</div>
</div>
</div>
been working with this for hours and still the data are not updated to the mysql database, been trying several way but still the textbox value cant update the database, please help
remove , before where in query
$sql_query="UPDATE `table_users` SET `pass_word` = '".$_POST['pass_word']."',`Email` = '".$_POST['Email']."',`website` = '".$_POST['website']."' WHERE `SNo` = '$user_id'";
store query in $sql_query because you not store update string into variable
without store in $sql_query you run sql query
if(mysql_query($sql_query)) so store update query in $sql_query
I'm very new to PHP and MySQL. I've created a form which creates rows in my MySQL tables, I created a page that shows all those entries. Now I'm trying to edit those entries. I created another form that should populate with info from the selected row..the only problem is that it's not. Here's all my code including login.php...just in case. Please let me . I've looked everywhere for an answer and couldn't find one. All I found was mysql and not mysqli.
<?php //login.php
$db_hostname = 'localhost';
$db_database = 'mydata';
$db_username = 'user';
$db_password = '123#';
// Connect to server.
$link = mysqli_connect($db_hostname, $db_username, $db_password);
if (!$link) {
die('Not connected : ' . mysqli_error());
}
// Select the database.
$db_selected = mysqli_select_db($link, $db_database);
if (!$db_selected) {
die ('Can\'t use database : ' . mysqli_error());
}
?>
edit_client.php
<?php
$title = "Edit Client Form";
?>
<!DOCTYPE html>
<html>
<head>
<title><?php echo $title ?></title>
</head>
<body>
<div> <!-- form container div -->
<form action="" method="post">
<div> <!-- form description div -->
<h2><?php echo $title ?></h2>
<p>Edit a client here.</p>
</div>
<?php
require_once = 'login.php';
// get value of id that sent from address bar
$id=$_GET['id'];
if(isset($id)) {
$sql="SELECT * FROM `clients` WHERE client_id='$id'";
$result=mysqli_query($sql);
$row=mysqli_fetch_assoc($result);
?>
<input type="hidden" name="id" value="<?php echo $row['client_id']; ?>">
<input type="text" name="first_name" value="<?php echo $row['first_name']; ?>" required><br />
<input type="text"name="last_name" value="<?php echo $row['last_name']; ?>" required><br />
<input type="text"name="company_name" value="<?php echo $row['company_name']; ?>" ><br />
<input type="text" name="address" value="<?php echo $row['address']; ?>"><br />
<input type="text" name="city" value="<?php echo $row['city']; ?>" required><br />
<input type="text" name="state" value="<?php echo $row['state']; ?>" required><br />
<input type="number" name="zip_code" value="<?php echo $row['zip_code']; ?>" required><br />
<input type="tel" name="tel_number" value="<?php echo $row['tel_number']; ?>" required><br />
<input type="email" name="email" value="<?php echo $row['email']; ?>" required><br />
<input value="Submit" type="submit">
</form>
</div>
</body>
</html>
here's the table from "display_client" that sends the ID to the edit_form.php page
<td align="left">' . '<a href="\edit_client.php?id=' . $row['client_id'] . '/">Edit</td>
any pointers in the right direction would be much appreciated. thank you.
As suggested below I have used PDO Prepared statements to achieve my desired result. Thank you thank you! #nomistic !
<?php
$title = "Edit Client Form";
?>
<!DOCTYPE html>
<html>
<head>
<title><?php echo $title ?></title>
</head>
<body>
<div> <!-- form container div -->
<form action="update_client_submit.php" method="post">
<div> <!-- form description div -->
<h2><?php echo $title ?></h2>
<p>Edit a client here.</p>
</div>
<?php
require_once 'login.php';
if(!empty($_GET['id'])){
$client_id = intval($_GET['id']);
}
try {
$results = $db -> prepare('SELECT * FROM clients WHERE client_id = ?');
$results -> bindParam(1, $client_id);
$results -> execute();
} catch(Exception $e) {
echo $e -> getMessage();
die();
}
$row = $results -> fetch(PDO::FETCH_ASSOC);
?>
<input type="hidden" name="client_id" value="<?php echo $row['client_id']; ?>">
<input type="text" name="first_name" value="<?php echo $row['first_name']; ?>" required><br />
<input type="text" name="last_name" value="<?php echo $row['last_name']; ?>" required><br />
<input type="text" name="company_name" value="<?php echo $row['company_name']; ?>" required><br />
<input type="text" name="address" value="<?php echo $row['address']; ?>" required><br />
<input type="text" name="city" value="<?php echo $row['city'] ?>" ><br />
<input type="text" name="state" value="<?php echo $row['state'] ?>" required><br />
<input type="text" name="zip_code" value="<?php echo $row['zip_code']; ?>" required><br />
<input type="text" name="tel_number" value="<?php echo $row['tel_number']; ?>" required><br />
<input type="text" name="email" value="<?php echo $row['email']; ?>" required><br />
<input type="submit" name="sumbit">
</form>
</body>
</html>
Edit, reducing this and correcting a potential problem in you query.
you need a loop to get the data. It should be have something like this (using your data)
$id=$_GET['id'];
if(isset($id)) {
$sql="SELECT * FROM clients WHERE client_id=$id";
$result=mysqli_query($sql);
$row=mysqli_fetch_assoc($result);
while($row=mysqli_fetch_assoc($result)) {
echo '<input type="hidden" name="id" value="'.$row['client_id']. '">';
}
Note: You may want to look into using prepared statements; they are pretty easy to learn, especially at this stage, and you will have a lot of advantages, such as not having to worry about whether you are quoting int and varchar variables in your query; you'd declare them separately. They are also MUCH more secure (preventing SQL injection) and can make large queries run faster. You would just need to switch to object oriented style. (note, listing your variables in your select is what you should be doing anyway rather than select from *). The select is shortened a little for ease of explanation.
Here's an example of how yours would work with mysqli:
This is your database connection (not much different, just slightly different syntax)
$db_selected = new mysqli($db_hostname, $db_username, $db_password, $db_database)
if ($db_selected->connect_error) {
die("Connection failed: " . $dbc->connect_error);
}
Here are your queries. bind_param just identifies the item as an INT and then replaces the ? in the query with the variable $id, and bind_result takes the results of your query and turns them into variables.
The rest is fairly self-explanatory
$sql = $db_selected->prepare("SELECT client_id, first_name, last_name FROM clients WHERE client_id= ? ");
$sql->bind_param("i", $id);
$sql->execute();
$sql->store_result();
$sql->bind_result($client_id, $first_name,$last_name);
while ($sql->fetch()) {
echo '<input type="hidden" name="id" value="'.$client_id. '">';
echo '<input type="text" name="first_name" value="'.$first_name. '" required><br />';
echo '<input type="text" name="last_name" value="'. $last_name. '" required><br />';
}
$sql->free_result();
$sql->close();
If you need some more information, here are some resources: mysqli prepared statements
Trying to get an edit page to work and im getting this error Incorrect parameter count in the call to native function 'SHA1'. The error is only on the SHA1. everything else works fine other then this error. Any helped is greatly appreciated. I don't want the password showing or the encryption that is to stay blank as it is an admin editing a staff members details and they dont need to know the password.
<?php
if(empty($_POST['submit'])) {
$query = "SELECT * FROM user WHERE user_id = '$_GET[id]'";
// $supplier_id = $_GET['supplier_id'];
$result = mysqli_query($dbc, $query);
$row = mysqli_fetch_array($result);
}
else{
$update = "UPDATE user SET
title= '$_POST[inputtitle]',
first_name ='$_POST[inputfirst_name]',
middle_name = '$_POST[inputmiddle_name]',
last_name = '$_POST[inputlast_name]',
gender = '$_POST[inputgender]',
email = '$_POST[inputemail]',
pass = SHA1($_POST[inputSHA1pass]);
car_make = '$_POST[inputcar_make]'
car_model = '$_POST[inputcar_model]',
prefer_car = '$_POST[inputprefer_car]',
car_age = '$_POST[inputcar_age]',
st_no = '$_POST[inputst_no]',
st_name = '$_POST[inputst_name]',
suburb = '$_POST[inputsuburb]',
state = '$_POST[inputstate]',
country = '$_POST[inputcountry]',
postcode = '$_POST[inputpostcode]',
WHERE user_id = $_POST[user_id]";
mysqli_query($dbc, $update) or die(mysqli_error($dbc));
echo "User has been modified!";
header("Location: view_user.php");
}
?>
<form action="<?php echo $_SERVER['PHP_SELF'].htmlspecialchars($_GET[‘id’]); ?>" method="POST">
<input type="hidden" value="<?php echo $supplier = $_GET['id']; ?>" name="supplier_id">
<p>Title:
<input type="text" name="inputtitle" size="20" maxlength="30"
value="<?php echo $row["title"]; ?>"/>
</p>
<p>First Name:
<input type="text" name="inputfirst_name" size="20" maxlength="30"
value="<?php echo $row["first_name"]; ?>"/></p>
<p>Middle Name:
<input type="text" name="inputmiddle_name" size="30" maxlength="100"
value="<?php echo $row["middle_name"]; ?>"/></p>
<p>Last Name:
<input type="text" name="inputlast_name" size="20" maxlength="30"
value="<?php echo $row["last_name"]; ?>"/></p>
<p>Gender:
<input type="text" name="inputgender" size="20" maxlength="30"
value="<?php echo $row["gender"]; ?>"/></p>
<p>Email:
<input type="text" name="inputemail" size="10" maxlength="5"
value="<?php echo $row["email"]; ?>"/>
</p><br>
<p>Password:
<input type="text" name="inputSHA1pass" size="30" maxlength="40"
value="<?php if (isset($_POST['pass'])) echo $_POST['pass']; ?>"/></p>
<p>Car Make:
<input type="text" name="inputcar_make" size="20" maxlength="30"
value="<?php echo $row["car_make"]; ?>"/></p>
<p>Car Model:
<input type="text" name="inputcar_model" size="20" maxlength="30"
value="<?php echo $row["car_model"]; ?>"/></p>
<p>Prefered Car:
<input type="text" name="inputprefer_car" size="20" maxlength="30"
value="<?php echo $row["prefer_car"]; ?>"/></p>
<p>Car Age:
<input type="text" name="inputcar_age" size="20" maxlength="30"
value="<?php echo $row["car_age"]; ?>"/></p>
<p>Street Number:
<input type="text" name="inputst_no" size="20" maxlength="30"
value="<?php echo $row["st_no"]; ?>"/></p>
<p>Street Name:
<input type="text" name="inputst_name" size="20" maxlength="30"
value="<?php echo $row["st_name"]; ?>"/></p>
<p>Suburb:
<input type="text" name="inputsuburb" size="20" maxlength="30"
value="<?php echo $row["suburb"]; ?>"/></p>
<p>State:
<input type="text" name="inputstate" size="20" maxlength="30"
value="<?php echo $row["state"]; ?>"/></p>
<p>Country:
<input type="text" name="inputcountry" size="20" maxlength="30"
value="<?php echo $row["country"]; ?>"/></p>
<p>Postcode:
<input type="text" name="inputpostcode" size="20" maxlength="30"
value="<?php echo $row["postcode"]; ?>"/></p>
<p>
<input type="submit" name="submit" value="Submit"/></p>
</form>
<?php
mysqli_close($dbc);
?>
<br>
<br>
</div>
<br>
<?php
include ('../includes/footer.php');
?>
A few things:
Check that $_POST['inputSHA1pass'] is not empty
Enclose $_POST[inputSHA1pass] in quote marks and curly braces: SHA1('{$_POST[inputSHA1pass]}'). SHA1() expects a string and will error without one
Look into prepared statements. As this code stands, it is wide open to SQL injection attacks as none of your passed data is checked for validity
Change the semi-colon to a comma in the SHA1 line
Finally, once the UPDATE query has been built, capture it and try running it directly on the database server. It should give you a more meaningful error message and make debugging easier