yesterday my question regarding insert and update in one form i did but data are inserted and when i am clicking on edit link which is available on displayp.php it display all data's in field but when i am update any data and click on submit button its not update but it insert data next time in database and i am getting multiple record in database. Actually I had put insert and update in if condition when i am updating its not moving in else part so please help me... Thank You..
<div id="page-wrapper" >
<div id="page-inner">
<div class="row">
<div class="col-md-12">
<h2>Add Product</h2>
</div>
</div>
<!-- /. ROW -->
<hr />
<div class="row">
<?php
include('config.php');
if($_SERVER['REQUEST_METHOD']=='POST')
{
if(isset($_POST['submit'])=='POST')
{
echo "working";
$fileName=$_FILES["filepdf"]["name"];
$fileSize=$_FILES["filepdf"]["size"]/2024;
$fileType=$_FILES["filepdf"]["type"];
$fileTmpName=$_FILES["filepdf"]["tmp_name"];
if($fileType=="application/pdf"){
if($fileSize<=200){
//New file name
$random=rand(1111,9999);
$newFileName=$random.$fileName;
//File upload path
$uploadPath="testUpload/".$newFileName;
//function for upload file
if(move_uploaded_file($fileTmpName,$uploadPath))
{
echo "Successful<BR>";
echo "File Name :".$newFileName."<BR>";
echo "File Size :".$fileSize." kb"."<BR>";
echo "File Type :".$fileType."<BR>";
}
else
{
echo "Maximum upload file size limit is 200 kb";
}
}
else
{
return false;
echo "You can only upload a pdf doc file.";
}
echo "here downld";
$updates = isset($_POST['updates']) ? 'Yes' : 'No';
$catnm=$_POST['catnm'];
$prodnm=$_POST['prodnm'];
$prod_dtl=$_POST['prod_dtl'];
//$updates=$_POST['downld'];
$date=$_POST['date'];
$query=("insert into addproduct(catnm,prodnm,prod_dtl,pdf,downld,date)
values('$catnm','$prodnm','$prod_dtl','$uploadPath','$updates','$date')");
$result = mysql_query($query,$conn);
echo"record inserted";
if($result)
{
header("location:addProduct.php");
}
}
}
}
else if($_SERVER['REQUEST_METHOD']=='GET')
{
if(isset($_GET['id']))
{
$id = $_GET['id'];
if(isset($_POST['submit']))
{
$updates['downld'] = isset($_POST['downld']) ? 'Yes' : 'No';
$cat['catnm']=$_POST['catnm'];
$prodnm['prodnm']=$_POST['prodnm'];
$prod_dtl['prod_dtl']=$_GET['prod_dtl'];
$pdf['pdf']=$_GET['pdf'];
$downld['downld']=$_GET['downld'];
$date['date']=$_GET['date'];
$query3=mysql_query("update addproduct set catnm='$cat',
prodnm='$prodnm',prod_dtl='$prod_dtl'
,pdf='$pdf',downld='$updates',date='$date' where id='$id'");
if($query3)
{
header('location:addProduct.php');
}
}
$query1=mysql_query("select * from addproduct where id='$id'");
$query4=mysql_fetch_array($query1);
//echo "<pre>";
//print_r($query4);
}
}
?>
<div class="col-md-6 col-sm-12 col-xs-12">
<div class="panel-body">
<form role="form" method="post"
enctype="multipart/form-data" name="myform" >
<br/>
<label>Select Category:</label>
<div class="form-group">
<?php
include('config.php');
$query1=mysql_query("select catnm from addcategory");
?>
<select class=form-control m-b-10 name=catnm id=catnm >
<?php
echo"<option>---Select---</option required>";
while($query=mysql_fetch_array($query1))
{
$selectedCat = '';
if($query[catnm] == $query4['catnm'])
{
$selectedCat = "selected";
}
echo "<option value='$query[catnm]' $selectedCat >$query[catnm]</option>";
}
?>
</select>
<br/>
<div class="form-group">
<input type="text" class="form-control"
id="prodnm" placeholder="Product Name" name="prodnm" required
value= " <?php if(isset($query4['prodnm'])){echo $query4['prodnm'];}?>"/>
</div>
<div class="form-group">
<textarea class="form-control" id="catdtl"
name="prod_dtl" placeholder="Product Detail"
"rows="10" cols="62" required>
<?php if(isset($query4['prod_dtl'])){
echo $query4['prod_dtl'];} ?>
</textarea>
</div>
<div class="form-group">
<label for="exampleInputFile">PDF File</label>
<input type="file" id="exampleInputFile"
accept="application/pdf" name="filepdf" required >
file : <?php if(isset($query4['pdf'])){
echo $query4['pdf'];} ?>
</div>
<div class="checkbox">
<label>
<input id="checkbox" type="checkbox" name="updates" required
<?php if(isset($query4['downld']))
{ if($query4['downld'] == 'Yes')
echo "checked='checked'"; echo $query4['downld'];}
?> />
Is Downloadable <br />
</label>
</div>
<input type="text"
placeholder="Date of Upload" id="datepicker-7"
name="date" value="<?php if(isset($query4['date'])){
echo $query4['date'];}?>" required />
<div style="padding-top:20px;padding-bottom:40px;width:650px;">
<input type="submit" name="submit" id="button" tabindex="2"/>
<hr/>
</form>
</div>
<!-- /. ROW -->
</div>
<!-- /. PAGE INNER -->
</div>
<!-- /. PAGE WRAPPER -->
</div>
</body>
</html>
I answered you yesterday, but you not added an hidden input with id. This you can do?
insert and update in one form in php
Also, How you imagine this post in get?
if(isset($_GET['id']))
{
$id = $_GET['id'];
if(isset($_POST['submit']))
{
* * *
}
}
Related
I want to update my form using PHP and SQL but update query not working. select query working but update not working. there is no error. when I am using a select query for show value in the input field and it's working. I am trying much think but not figure out what is the error. I am trying much think but not figure out what is the error.
<?php
include 'connection.php';
include 'config.php';
if (isset($_GET['edit'])) {
{
$topHeading=$_POST['topHeading'];
$mainHeading=$_POST['mainHeading'];
$bottomHeading=$_POST['bottomHeading'];
$filesname = $_FILES['file']['name'];
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["file"]["name"]);
// Select file type
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Valid file extensions
$extensions_arr = array("jpg","jpeg","png","gif","svg");
// Check extension
if( in_array($imageFileType,$extensions_arr) ){
// Convert to base64
$image_base64 = base64_encode(file_get_contents($_FILES['file']['tmp_name']) );
$images = 'data:image/'.$imageFileType.';base64,'.$image_base64;
$sql = "update banner set topHeading='$topHeading', filesname='$filesname', images='$images', mainHeading='$mainHeading', bottomHeading='$bottomHeading' where id='$id'";
if (mysqli_query($connection, $sql)) {
echo "Done";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($connection);
}
// mysqli_close($connection);
// Upload file
move_uploaded_file($_FILES['file']['tmp_name'],$target_dir.$filesname);
if($sql)
{
echo "";
}
else
{
echo "<script>alert('Data not inserted');</script>";
}
}
}
}
$query = mysqli_query($connection, "select * from banner");
while ($row = mysqli_fetch_array($query)) {
echo "<b><a href='editbanner.php?id={$row['id']}'>{$row['topHeading']}</a></b>";
echo "<br />";
}
if (isset($_GET['edit'])) {
echo '<div class="form" id="form3"><br><br><br><br><br><br>
<Span>Data Updated Successfuly......!!</span></div>';
}
?>
<?php
if (isset($_GET['id'])) {
$id = $_GET['id'];
$count = 0;
$mysqli = mysqli_query($connection,"SELECT * FROM banner");
foreach($mysqli as $row){
$count++;
?>
<form class="form-horizontal" method="post" name="form1" id="form1" enctype="multipart/form-data">
<div class="form-group label-floating form-rose">
<label for="brandname" class="control-label col-xs-2">Brand Name of Stock Broker</label>
<div class="col-xs-12">
<input type="text" name="topHeading" id="brandname" class="form-control" value="<?php echo $row["topHeading"]; ?>"/>
<span class="error" id="pointfn"></span>
</div>
</div>
<div class="form-group label-floating form-rose">
<label for="name" class="control-label col-xs-2">Contact Person</label>
<div class="col-xs-12">
<input type="text" name="mainHeading" id="name" class="form-control" value="<?php echo $row["mainHeading"]; ?>"/>
<span class="error" id="pointln"></span>
</div>
</div>
<div class="form-group label-floating form-rose">
<label for="designation" class="control-label col-xs-2">Designation</label>
<div class="col-xs-12">
<input type="text" name="bottomHeading" id="designation" class="form-control" value="<?php echo $row["bottomHeading"]; ?>"/>
<span class="error" id="designationln"></span>
</div>
</div>
<div class="label-floating form-rose file-upload">
<div class="file-select">
<div class="file-select-button" id="fileName">Upload Logo</div>
<div class="file-select-name" id="noFile">No file chosen...</div>
<input type="file" name="file" id="chooseFile" required>
</div>
</div>
<div class="form-group label-floating form-rose">
<div class="col-xs-12"> <input type='checkbox' name='checkbox' id="checkbox" required /> <label for="checkbox" class="col-xs-10 term">I accept the terms and condition</label>
</div>
</div>
<button type="submit" name="edit" value="Submit" id="formT" class="button-cta cta btn" onClick="return validateForm()"> I am Interested!</button>
</form>
<?php }} ?>
</body>
</html>
$id is missing above your update query...
$id = $_REQUEST['id'];
$sql = "update banner set topHeading='$topHeading', filesname='$filesname', images='$images', mainHeading='$mainHeading', bottomHeading='$bottomHeading' where id='$id'";
I created image upload which works fine but I also want it to be updated. When I add a need image it updates correctly but I if don't want to change the image and leave it as it is, then my current image can't be retrieve.i want to update my factory_name(field name) only sometimes. when i update image it updated successfully,but when i update factory_name only the existing image is missing. Please help me how to do this?
this my view file
<form action="<?php echo base_url('login/insert_factory/'.$id); ?>" method="POST" enctype="multipart/form-data">
<?php
$id =$this->uri->segment(3);
if($id == "")
{
?>
<div class="form-group">
<label class="form-label" for="field-1">Factory Name</label>
<!--span class="desc">e.g. "Beautiful Mind"</span-->
<div class="controls">
<input type="text" name="factory_name" class="form-control" >
</div>
</div>
<?php
}
else
{ ?>
<div class="form-group">
<label class="form-label" for="field-1">Factory Name</label>
<!--span class="desc">e.g. "Beautiful Mind"</span-->
<div class="controls">
<input type="text" name="factory_name" value="<?php echo $result->factory_name; ?>" class="form-control" >
</div>
</div>
<?php } ?>
<?php
if($id == "")
{
?>
<div class="form-group">
<label class="form-label" for="field-1">Upload Logo</label>
<!--span class="desc">e.g. "Beautiful Mind"</span-->
<div class="controls">
<input type="file" name="upload_logo" />
</div>
</div>
<?php
}
else
{ ?>
<div class="form-group">
<label class="form-label" for="field-1">Upload Logo</label>
<!--span class="desc">e.g. "Beautiful Mind"</span-->
<div class="controls">
<input type="file" name="upload_logo" value="<?php echo $result->factory_logo; ?>" />
</div>
</div>
<?php } ?>
<?php
if($id == "")
{
?>
<div class="form-group">
<div class="controls">
<input type="submit" class="btn btn-primary" value="submit" />
</div>
</div>
<?php
}
else
{ ?>
<div class="form-group">
<div class="controls">
<input type="submit" class="btn btn-primary" value="Update" />
</div>
</div>
<?php } ?>
</form>
this my controller code:
public function insert_factory()
{
$id =$this->uri->segment(3);
if($id == "")
{
if(isset($_FILES['upload_logo'])){
$errors= array();
$file_name = $_FILES['upload_logo']['name'];
$file_tmp =$_FILES['upload_logo']['tmp_name'];
if(empty($errors)==true){
move_uploaded_file($file_tmp,"assets/uploads/".$file_name);
// echo "Success";
}else{
print_r($errors);
}
$fields = array(
'factory_name' => $this->input->post('factory_name',True),
'factory_logo' => $file_name
);
$result = $this->login_model->insert_factory($fields);
if($result){
$this->session->set_flashdata('success_msg',' Factory Created Successfully!');
redirect('login/view_factory');
}else{
$this->session->set_flashdata('error_msg','Factory Cannot Created.!');
redirect('login/create_factory');
}
}
}else{
if(isset($_FILES['upload_logo'])){
$errors= array();
$file_name = $_FILES['upload_logo']['name'];
$file_tmp =$_FILES['upload_logo']['tmp_name'];
if(empty($errors)==true){
move_uploaded_file($file_tmp,"assets/uploads/".$file_name);
// echo "Success";
}else{
print_r($errors);
}
$fields = array(
'factory_name' => $this->input->post('factory_name',True),
'factory_logo' => $file_name
);
$this->db->where('factory_id', $id);
$this->db->update('create_factory', $fields);
if($this->db->affected_rows()>0)
{
$this->session->set_flashdata('success_msg',' Factory Updated Successfully!');
}else{
$this->session->set_flashdata('error_msg','Factory Cannot Updated.!');
redirect('login/create_factory');
}
redirect(base_url('login/view_factory'));
}
}
}
And this my model file:
public function insert_factory($fields)
{
$this->db->insert('create_factory',$fields);
return ($this->db->affected_rows() != 1) ? false : true;
}
In your controller, in both if and else blocks, please modify your existing code in order to not update empty image when image is not provided and only factory name is provided.
This code in both if and else blocks:
$fields = array(
'factory_name' => $this->input->post('factory_name',True),
'factory_logo' => $file_name
);
Needs to be change to:
$fields['factory_name'] = $this->input->post('factory_name', True);
if (!empty($file_name)) {
$fields['factory_logo'] = $file_name;
}
post id is the common field in both the tables.If I want to select the comments under same post_id,only 1 time the post should display and all its comments under it..
this is my code....
home.php
<?php
$sql="SELECT family_news.post_id,family_news.username,family_news.post,
family_news.fileToUpload,family_news.description,
family_comments.post_id,family_comments.comment,
family_comments.commenter
FROM family_news
LEFT JOIN family_comments ON family_news.post_id = family_comments.post_id
ORDER BY family_news.post_id DESC";
if($result = mysqli_query($con, $sql))
{
while($row = mysqli_fetch_array($result))
{
?>
<div class="form-group">
<b style="font-size:30px;color:brown;">
<?php
echo $row['username'];
?>
</b>
<br>
<?php
if($row['fileToUpload'] != NULL)
{
?>
<form action="post_comment.php" method="POST">
<input class="form-control" type="hidden" name="post_id" value="<?php echo $row['post_id']; ?>">
<br>
<img class="img-responsive" src="../admin_panel/uploads/<?php echo $row['fileToUpload']; ?>" alt="Image Loading" height='80' width='120'>
<div class="form-group" style="font-size:15px;color:purple;">
<?php
echo $row['description'];
?>
<br>
<h3 style="color:black">Comments</h3>
<h3 style="color:red">
<?php
echo $row['commenter'];
?>
</h3>
<h4 style="color:saddlebrown">
<?php
echo $row['comment'];
?>
</h4>
<br>
<input class="form-control" type="text" name="comment" placeholder="Write a comment">
<br>
<input class="form-control" type="hidden" name="commenter" value="<?php echo $_SESSION['uname']; ?>">
<input type="submit" class="btn btn-primary" value="Post">
</div>
</form>
<?php
}
if($row['post'] != NULL)
{
?>
<br>
<div class="form-group" style="font-size:15px;color:purple;">
<form action="post_comment.php" method="POST">
<input class="form-control" type="hidden" name="post_id" value="<?php echo $row['post_id']; ?>">
<?php
echo $row['post'];
?>
<br>
<h3 style="color:black">Comments</h3>
<h3 style="color:red">
<?php
echo $row['commenter'];
?>
</h3>
<h4 style="color:saddlebrown">
<?php
echo $row['comment'];
?>
</h4>
<br>
<input class="form-control" type="text" name="comment" placeholder="Write a comment">
<br>
<input class="form-control" type="hidden" name="commenter" value="<?php echo $_SESSION['uname']; ?>">
<input type="submit" class="btn btn-primary" value="Post">
</form>
<?php
}
?>
</div>
<?php
}
}
?>
</div>
</section>
post_comment.php
<section class="col-lg-6 connectedSortable">
<?php
$post_id=$_POST['post_id'];
$comment=$_POST['comment'];
$commenter=$_POST['commenter'];
if($comment != NULL) {
$sql="INSERT INTO family_comments
(post_id, comment, commenter)
VALUES ('$post_id', '$comment', '$commenter')";
if($con ->query($sql) == TRUE)
{
echo 'Comment saved Successfully...';
}
} else {
echo 'Please Write Something...';
}
?>
</section>
Table name = image_2017.My image is not updating by this UPDATE query in a particular $_GET['id'] instead image is inserting as a new image. I don't know what is wrong in this code.I am new to php. Kindly help me someone.
<?php
include_once "config.php";
session_start();
if(!isset($_SESSION)){
header("index.php");
}
$id = $_GET['id'];
//echo $id;
if(!empty($_FILES)){
$t = time();
$filename = $category."_".$t."_".$_FILES['image']['name'];
$upload = "uploads/";
$fileupload = move_uploaded_file($_FILES['image']['tmp_name'],$upload.$filename);
if($fileupload){
$msg1 = "File uploaded Successfully";
}else{
$msg2 = "File uploaded Failed";
}
}
if(!empty($_POST)){
$category = $_POST['category'];
$image = $_FILES['image'];
$query = "UPDATE image_2017 SET category ='$category', image ='$filename' WHERE id ='$id' ";
$result = $db->query($query);
if($result){
$msg3 = "Image Updated Successfully";
}else{
$msg4 = "Image not Updated";
}
}else{
//echo "Please enter all the details";
}
?>
<html>
<body>
<form class="form news" style="padding:10px;" method="post" action="image-2017.php" enctype="multipart/form-data">
<div class="row">
<div class="form-group">
<label class="control-label col-md-2">category</label>
<div class="col-md-4">
<select class="form-control" name="category">
<option>--> Select <--</option>
<option>Birthday</option>
<option>Christmas</option>
<option>Fruits</option>
<option>Ganesh Chathurthi</option>
<option>Green Day</option>
<option>Guitar Play</option>
<option>Independence Day</option>
<option>Krishna Jayanthi</option>
<option>Onam</option>
<option>Splash Pool</option>
<option>Teddy Bear</option>
<option>Veg Market</option>
<option>Vijayadhasami</option>
</select>
</div>
</div>
</div>
<br>
<div class="row">
<div class="form-group">
<label class="control-label col-md-2">Upload Image</label>
<div class="col-md-10">
<input type="file" name="image">
</div>
</div>
</div>
<div class="form-group">
<label class="control-label col-md-2"></label>
<div class="col-md-10">
<button type="submit" class="btn btn-primary">Submit</button>
<button type="button" class="btn btn-primary">Back</button>
</div>
</div>
</form>
</body>
</html>
I updated html to add a post for id
<?php
include_once "config.php";
session_start();
if(!isset($_SESSION)){
header("index.php");
}
$id = $_POST['id'];
//echo $id;
if(!empty($_FILES)){
$t = time();
$filename = $category."_".$t."_".$_FILES['image']['name'];
$upload = "uploads/";
$fileupload = move_uploaded_file($_FILES['image']['tmp_name'],$upload.$filename);
if($fileupload){
$msg1 = "File uploaded Successfully";
}else{
$msg2 = "File uploaded Failed";
}
}
if(!empty($_POST)){
$category = $_POST['category'];
$image = $_FILES['image'];
$query = "UPDATE image_2017 SET category ='$category', image ='$filename' WHERE id ='$id' ";
$result = $db->query($query);
if($result){
$msg3 = "Image Updated Successfully";
}else{
$msg4 = "Image not Updated";
}
}else{
//echo "Please enter all the details";
}
?>
<html>
<body>
<form class="form news" style="padding:10px;" method="post" action="image-2017.php" enctype="multipart/form-data">
<div class="row">
<div class="form-group">
<label class="control-label col-md-2">category</label>
<div class="col-md-4">
<select class="form-control" name="category">
<option>--> Select <--</option>
<option>Birthday</option>
<option>Christmas</option>
<option>Fruits</option>
<option>Ganesh Chathurthi</option>
<option>Green Day</option>
<option>Guitar Play</option>
<option>Independence Day</option>
<option>Krishna Jayanthi</option>
<option>Onam</option>
<option>Splash Pool</option>
<option>Teddy Bear</option>
<option>Veg Market</option>
<option>Vijayadhasami</option>
</select>
</div>
</div>
</div>
<br>
<div class="row">
<div class="form-group">
<label class="control-label col-md-2">Upload Image</label>
<div class="col-md-10">
<input type="file" name="image">
</div>
</div>
</div>
<div class="form-group">
<label class="control-label col-md-2"></label>
<div class="col-md-10">
<input type="hidden" name="id" value="<?php echo $_GET['id'];?>">
<button type="submit" class="btn btn-primary">Submit</button>
<button type="button" class="btn btn-primary">Back</button>
</div>
</div>
</form>
</body>
</html>
Make sure you reach the page as: mypage.php?id=12
When I submit this form this error appears NO SQL INJECTION.
The action of this form is the same file ..
I tried to do a lot of solutions and nothing works!
How can I escape that error? There is no change on the database.
Here is the php code
<?php
include '../inc/config.php';
include 'dbc.php';
page_protect();
if(!checkAdmin()) {
header("Location: login.php");
exit();
}
$ads_id = (isset($_GET['id']) ? $_GET['id'] : NULL);
if (!is_numeric($ads_id)) { die ('No SQL INJECTION') ;};
if ($ads_id) {
$img_ads_info = $mysqli->query("SELECT * FROM `ads_image` WHERE `id` = '$ads_id'");
$row = $img_ads_info->fetch_object();
$section_id = $row->user_id;
$ads2 = $mysqli->query("SELECT users.company_name FROM ads_image,users where
ads_image.user_id = users.id AND ads_image.user_id='$section_id'");
$row2 = $ads2->fetch_object();
?>
<div class="panel panel-default ">
<div class="panel-heading" id="accordion"><span class="glyphicon
glyphicon-comment"></span><?php echo $row->description; ?></div>
<div class="panel-body">
<form role="form" action="manage_images_ads.php" method="POST">
<div class="form-group">
<input type="hidden" name="id" value="<?php echo $row->id;
?>" />
<label>اسم المؤسسة المعلنة</label>
<input required name="company_name" class="form-
control" type="text" maxlength="255" value="<?php echo $row2->company_name; ?>"/>
</div>
<div class="form-group">
<label>عنوان الإعلان</label>
<input required name="title" class="form-control"
type="text" maxlength="255" value="<?php echo $row->title; ?>"/>
</div>
<div class="form-group">
<label>صورة الإعلان</label>
<img src="upload/<?php echo $row->up; ?>" />
</div>
<div class="form-group">
<label>عدد المشاهدات</label>
<input required name="views" class="form-control"
type="text" maxlength="255" value="<?php echo $row->views; ?>"/>
</div>
<div class="form-group">
<label>رابط الإعلان</label>
<input required name="ad_link" class="form-control"
type="text" maxlength="255" value="<?php echo $row->ad_link; ?>"/>
</div>
<button style="float:left" type="submit"
value="submit" class="btn btn-success btn-md" id="btn-chat">Send</button>
</div>
</form>
<?php
if(isset($_POST['submit'])) {
$title = $mysqli->real_escape_string($_POST['title']);
$ad_link = $mysqli->real_escape_string($_POST['ad_link']);
$views = $mysqli->real_escape_string($_POST['views']);
if ($mysqli->connect_error) {
die("Connection failed: " . $mysqli->connect_error);
}
$sql = "UPDATE ads_image SET `title`='$title',`ad_link`='$ad_link',`views`='$views'
WHERE `id`='$ads_id'";
if ($mysqli->query($sql) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $mysqli->error;
}
$mysqli->close();
}
}
?>
The reason is that your form has 'method="POST"' while php is looking for id in the $_GET superarray. Just change
$ads_id = (isset($_GET['id']) ? $_GET['id'] : NULL);
to
$ads_id = (isset($_POST['id']) ? $_POST['id'] : NULL);
and it should start work properly.