Problem is in the INSERT INTO statement. I'm trying to insert $today, $id, $stat_sum, $klientas. Everything is inserting except the $id. After I press the submit button, everything is inserting, but where there should be the $id, it shows NULL. I tried to echo $id , it showing normally as it should be.
$today = date('Y-m-d G:i:s');
if( isset($_GET['pas']) )
{
$id = $_GET['pas'];
$res= mysql_query("SELECT MAX(statymo_suma) FROM statymai WHERE aukciono_id = '$id'");
$row= mysql_fetch_array($res);
echo $id;
}
if( isset($_POST['stat_sum']) )
{
echo '<input type="hidden" name="id" value="<?php echo $row[2]; ?>">';
$stat_sum = $_POST['stat_sum'];
$id = $_POST['id'];
$res1= mysql_query("SELECT kliento_id FROM klientai WHERE vartotojo_vardas = '$user_check'");
$row1 = mysql_fetch_assoc($res1);
$klientas = $row1['kliento_id'];
$sql = "INSERT INTO statymai (statymo_laikas,aukciono_id,statymo_suma,kliento_id) VALUES ('$today','$id','$stat_sum','$klientas')";
$res =mysql_query($sql)
or die("Negaliu redaguoti".mysql_error());
//echo "<meta http-equiv='refresh' content='0;url=redaguoti.php'>";
}
?>
<form action="pasiulymas.php" method="POST">
Statymo suma: <input type="text" name="stat_sum" value="<?php echo $row[0]; ?>"><br />
<input type="hidden" name="id" value="<?php echo $row[2]; ?>">
<input type="submit" value=" =Redaguoti "/>
</form>
var_dump($sql) result:
string(123) "INSERT INTO statymai (statymo_laikas,aukciono_id,statymo_suma,kliento_id) VALUES ('2015-12-20 15:04:50','','123456','KL01')"
Related
Yes, I know there is a lot of 'Undefined index' questions floating around here and i have been looking through them before asking this question. I copied the codes from those questions to try and test it out but it still doesn't work for my own project. Also, I'm still a beginner in PHP.
So here is my problem. I wanted to try coding a simple edit form after I have finished coding the delete and view form.
This is my code
<?php
require("config.php");
$id = $_GET['id'];
echo "id: ".$id;
$sql = "SELECT * FROM contracts WHERE id= '$id'";
$result = $con->query($sql);
$row = $result->fetch_assoc()
?>
<form action="editform.php" method="GET">
ID:
<?php echo $id; ?><br>
Contract Title<br>
<input type="text" name="contract_title" value="<?php echo $row['contract_title']; ?>" /><br>
<input type="submit" name = "edit "value="Update" />
</form>
?php
if(isset($_POST['edit']) ){
$id = $_GET['id'];
$upd= "UPDATE `contracts` SET
`contract_title`='".$_POST['contract_title']."',
WHERE `id`='".$_POST['id']."";
if($do_upd = $con->query($upd))
{
echo "Update Success";
}
else
{
echo "Update Fail";
}
}
?>
This is the before the error.
This is the error I received.
In line 3, the id is not retrieved after I clicked the button update.
It didn't retrieved the values.
What mistakes did I do in the coding and how do I fix it? Thanks in advance.
Right below:
<form action="editform.php" method="GET">
Add:
<input type="hidden" name="id" value="<?php echo $id; ?>" />
Update:
Fixed other errors in your code:
<?php
require("config.php");
$id = $_GET['id'];
echo "id: ".$id;
$sql = "SELECT * FROM contracts WHERE id= '$id'";
$result = $con->query($sql);
$row = $result->fetch_assoc()
?>
<form action="editform.php" method="GET">
ID: <?php echo $id; ?><br>
Contract Title<br>
<input type="hidden" name="id" value="<?php echo $id; ?>" />
<input type="text" name="contract_title" value="<?php echo $row['contract_title']; ?>" /><br>
<input type="submit" name="edit" value="Update" />
</form>
<?php
if(isset($_GET['edit']) ){
// needs escaping!~~~
$upd= "UPDATE `contracts` SET `contract_title` = '".$_GET['contract_title']."' WHERE `id` = '".$id;
if($do_upd = $con->query($upd)) {
echo "Update Success";
} else {
echo "Update Fail";
}
}
Please consider escaping your database input to prevent SQL injection
<?php
require("config.php");
$id = $_GET['id'];
echo "id: ".$id;
$sql = "SELECT * FROM contracts WHERE id= '$id'";
$result = $con->query($sql);
$row = $result->fetch_assoc()
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$contract_title = $row['contract_title'];
}
} else {
echo "0 results";
}
if(isset($_POST['edit']) ){
$upd = "UPDATE contracts SET contract_title='$contract_title' WHERE id='$id'";
if($do_upd = $con->query($upd))
{
echo "Update Success";
}
else
{
echo "Update Fail";
}
}
?>
<form action="" method="POST">
ID:
<?php echo $id; ?><br>
Contract Title<br>
<input type="text" name="contract_title" value="<?php echo $row['contract_title']; ?>" /><br>
<input type="submit" name = "edit" value="Update" />
</form>
I have built a database named "artStore" and a table within that database named "inventory". I've been able to figure out how to create a new entry to the database, but I'm trying to create a page that can edit those entries.
Here is "inventory" the table I created:
$sql = "CREATE TABLE inventory (
id INT(6) AUTO_INCREMENT PRIMARY KEY,
product VARCHAR(30),
category VARCHAR(30),
seller VARCHAR(30)
)";
Here is what I'm currently trying:
<?php
$resultProduct = "product";
$resultCategory = "category";
$resultSeller = "seller";
if ($result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$resultProduct = $row["product"];
$resultCategory = $row["category"];
$resultSeller = $row["seller"];
}
} else {
echo "No Results";
}
?>
<form action="update.php" method="POST">
<label for="product">Product</label>
<input id="product" type="text" name="product" value="<?php echo $resultProduct; ?>">
<br>
<label for="category">Category:</label>
<input id="category" type="text" name="category" value="<?php echo $resultCategory; ?>">
<br>
<label for="seller">Seller:</label>
<input id="seller" type="text" name="seller" value="<?php echo $resultSeller; ?>">
<br>
<input id="id" type="text" name="id" value="<?php echo $resultId; ?>" style="display:none;">
<input type="submit" value="Update My Record">
</form>
What I'm trying in update.php
$product = $_POST['product'];
$category = $_POST['category'];
$seller = $_POST['seller'];
$sql = "INSERT INTO inventory (product, category, seller) VALUES ('$product', '$category', '$seller')";
if ($connection->query($sql) === true) {
echo "Inserted Successfully";
} else {
echo "Error occured in the insert: " . $connection->error;
}
$connection->close();
Try the below code I added hidden field on form and changes on your sql query
<?php
$resultProduct = "product";
$resultCategory = "category";
$resultSeller = "seller";
if ($result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$resultProduct = $row["product"];
$resultCategory = $row["category"];
$resultSeller = $row["seller"];
$resultId = $row["id"];
}
} else {
echo "No Results";
}
?>
<form action="update.php" method="POST">
<input type="text" name="update_id" value="<?php echo $resultId; ?>">
<label for="product">Product</label>
<input id="product" type="text" name="product" value="<?php echo $resultProduct; ?>">
<br>
<label for="category">Category:</label>
<input id="category" type="text" name="category" value="<?php echo $resultCategory; ?>">
<br>
<label for="seller">Seller:</label>
<input id="seller" type="text" name="seller" value="<?php echo $resultSeller; ?>">
<br>
<input id="id" type="text" name="id" value="<?php echo $resultId; ?>" style="display:none;">
<input type="submit" value="Update My Record">
</form>
In update.php
$product = $_POST['product'];
$category = $_POST['category'];
$seller = $_POST['seller'];
$updateId = $_POST['update_id'];
$sql = "UPDATE inventory set product = '$product',category='$category',seller='$seller' WHERE id = '$updateId'";
<?php
$resultProduct = "product";
$resultCategory = "category";
$resultSeller = "seller";
$resultId = "product_id";
if ($result->num_rows > 0) {
while ($row = $result->fetch_assoc()) {
$resultProduct = $row["product"];
$resultCategory = $row["category"];
$resultSeller = $row["seller"];
$resultid = $row["id"];
}
} else {
echo "No Results";
}
?>
You were using $resultId in the form but you have not declared and assigned a value to it in the loop.
<form action="update.php" method="POST">
<input id="id" type="hidden" name="id" value="<?php echo $resultId; ?>">
<label for="product">Product</label>
<input id="product" type="text" name="product" value="<?php echo $resultProduct; ?>">
<br>
<label for="category">Category:</label>
<input id="category" type="text" name="category" value="<?php echo $resultCategory; ?>">
<br>
<label for="seller">Seller:</label>
<input id="seller" type="text" name="seller" value="<?php echo $resultSeller; ?>">
<br>
<input type="submit" value="Update My Record">
</form>
<!-- Instead of passing the ID in textbox with display: none you can pass it directly in hidden -->
<?php
$product = $_POST['product'];
$category = $_POST['category'];
$seller = $_POST['seller'];
$product_id = $_POST['id'];
if($product_id!='')//MEANS WE HAVE TO UPDATE THE RECORD
{
// UPDATE QUERY WILL UPDATE THE SAME RECORD ONLY MATCHING THE UNIQUE PRODUCT ID
$sql = "UPDATE inventory SET product = '$product', category = '$category', seller = '$seller' WHERE id = '$product_id' LIMIT 1";
if ($connection->query($sql) === true) {
echo "Updated Successfully";
} else {
echo "Error occured in the insert: " . $connection->error;
}
}
else// If id is blank it means you have a new record
{
$sql = "INSERT INTO inventory (product, category, seller) VALUES ('$product', '$category', '$seller')";
if ($connection->query($sql) === true) {
echo "Inserted Successfully";
} else {
echo "Error occured in the insert: " . $connection->error;
}
}
$connection->close();
?>
I have a page of entries with an edit button behind each entry, clicking it brings you to the edit page of that entry, the form has the existing data of that entry as default values. I change the values and click update, it redirects where it should, no errors but also no change in the data entry values.
My form:
<form method="post" action="edit.php" enctype="multipart/form-data">
Item name:</br>
<input type="text" name="item_name" value="<?php echo $row[1]; ?>"></br></br>
<input type="hidden" name="item_id" value="<?php echo $row[0]; ?>">
Item price:</br>
<input type="text" name="item_price" value="<?php echo $row[3]; ?>" ></br></br>
Item image:</br>
<input type="file" name="item_image"value="<?php echo $row[4]; ?>" ></br></br>
Item description:</br>
<textarea type="text" class="txtinput" cols="55" rows="20" name="item_description"><?php echo $row[2]; ?>"</textarea></br></br>
<input type="submit" name="submit" value="Uppdate entry">
</form>
My PHP:
<?php
include("includes/connect.php");
if( isset($_GET['edit']))
{
$id= $_GET['edit'];
$res= mysql_query("SELECT * FROM shop_items WHERE item_id=$id");
$row= mysql_fetch_array($res);
}
if( isset($_POST['submit']))
{
$item_name = $_POST['item_name'];
$id = $_POST['item_id'];
$item_price = $_POST['item_price'];
$item_image = $_FILES['item_image'];
$image_tmp = $_FILES['item_image'] ['tmp_name'];
$item_description = $_POST['item_description'];
if ($item_name=='' or $item_price=='' or $item_image=='' or $item_description==''){
echo "<script>alert('One or more of your fields are blank, please ensure you have entered content in ALL fields.')</script>";
}
else {
move_uploaded_file($image_tmp,"images/$item_image");
$sql = "UPDATE shop_item SET item_name='$item_name', item_price='$item_price,' item_image='$item_description', item_name='$item_description' WHERE item_id='$id'";
echo "<meta http-equiv='refresh' content='0;url=admin_shop.php'>";
}
}
?>
You're not actually running your SQL query to update the database! You've stored the SQL query in a variable, $sql, but you haven't actually called mysql_query($sql);
} else {
move_uploaded_file($image_tmp,"images/$item_image");
$sql = "UPDATE shop_item SET item_name='$item_name', item_price='$item_price,' item_image='$item_description', item_name='$item_description' WHERE item_id='$id'";
// Add this line
mysql_query($sql);
echo "<meta http-equiv='refresh' content='0;url=admin_shop.php'>";
}
However, MySQL functionality is deprecated. You should look into PDO: http://uk3.php.net/pdo or mysqli: http://uk3.php.net/mysqli
Change this -
$sql = "UPDATE shop_item SET
item_name='".mysql_real_escape_string($item_name)."',
item_price='".mysql_real_escape_string($item_price)."',
item_image='".mysql_real_escape_string($item_description)."',
item_name='".mysql_real_escape_string($item_description)."'
WHERE item_id='$id'";
$exe = mysql_query($sql) or die(mysql_error());
NOTE: Avoid using mysql_* function since they are deprecated and use mysql_* or PDO instead.
I have written an Edit part of my Form but somehow it will not Update the edited Fields. The Code does not give any Errors but it will not update?!
If possible could somebody take a look please?
<?php
include "connect.php";//database connection
if (isset($_GET["id"])) {
$id = intval($_GET["id"]);
if (isset($_POST["edited"]))
{
$update = "UPDATE traumprojekt SET";
$update .= sprintf("quantityProduct='%s', " , mysql_real_escape_string($_POST["quantityProduct"]));
$update .= sprintf("titleProduct='%s', " , mysql_real_escape_string($_POST["titleProduct"]));
$update .= sprintf("informationProduct='%s'", mysql_real_escape_string($_POST["informationProduct"]));
$update .= "WHERE id = '$id'";
mysql_query($update);
}
$sql = "SELECT * FROM `traumprojekt` WHERE id=$id";
$res = mysql_query($sql) or die (mysql_error());
if (mysql_num_rows($res) == 1)
{
$row = mysql_fetch_assoc($res);
?>
<form method="post" action="edit_form.php?id=<?php echo $row["id"] ?>">
ID: <?php echo $row["id"] ?><br />
Quantity: <input type="text" name="quantityProduct" value="<?php echo $row["quantityProduct"] ?>"><br />
Product Title: <input type="text" name="titleProduct" value="<?php echo $row["titleProduct"] ?>"><br />
Product Information: <input type="text" name="informationProduct" value="<?php echo $row["informationProduct"] ?>"><br />
<input type="submit" name="submit" value="Update"><br />
<input type="hidden" name="edited" value="1">
</form>
<?php
}
}
?>
I'm using the following code to update a record. Bad thing is that it's not updating a record but it's adding a new record.
What am I doing wrong? I want it to update the record and not create a now one.
My modify url looks like this: http://randomsite.com/modify.php?id=1
Modify.php code:
<?php
require_once("connect.php");
$query = "SELECT * FROM cars WHERE id = :id";
$result = $odb->prepare($query);
$result->execute(array(':id' => $_REQUEST['id']) );
while ($row = $result->fetch(PDO::FETCH_ASSOC)) { ?>
<h1>Modify a car</h1>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
Brand: <input type="text" name="brand" value="<?php echo $row['brand']; ?>" /><br />
Model: <input type="text" name="model" value="<?php echo $row['model']; ?>" /><br />
Year: <input type="text" name="year" value="<?php echo $row['year']; ?>" /><br />
ID: <input type="text" name="id" value="<?php echo $row['id']; }?>" /><br />
<input type="submit" value="Modify" />
</form>
<?php
if(isset($_POST['submit'])) {
$id = $_POST['id'];
$brand = $_POST['brand'];
$model = $_POST['model'];
$year = $_POST['year'];
$q = "UPDATE cars WHERE id = $_GET[id] (id, brand, model, year) VALUES(:id, :brand, :model, :year)";
$query = $odb->prepare($q);
$results = $query->execute(array(
":id" => $id,
":brand" => $brand,
":model" => $model,
":year" => $year,
));
}
?>
Your SQL should look something more like this:
$q = "UPDATE cars SET
id = :id,
brand = :brand,
model = :model,
year = :year
WHERE id = :oldid";
$query = $odb->prepare($q);
$results = $query->execute(array(
":id" => $id,
":brand" => $brand,
":model" => $model,
":year" => $year,
":oldid" => $_GET['id'],
));
As a side note, try not to put variables in your SQL (like your $_GET['id']), part of the idea of using PDO is to avoid doing that.
Got it to work!
Working code:
<?php
require_once("connect.php");
$query = "SELECT * FROM cars WHERE id = :id";
$result = $dbh->prepare($query);
$result->execute(array(':id' => $_REQUEST['id']) );
while ($row = $result->fetch(PDO::FETCH_ASSOC)) { ?>
<h1>Modify a car</h1>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
Brand: <input type="text" name="brand" value="<?php echo $row['brand']; ?>" /><br />
Model: <input type="text" name="model" value="<?php echo $row['model']; ?>" /><br />
Year: <input type="text" name="year" value="<?php echo $row['year']; ?>" /><br />
ID: <input type="text" name="id" value="<?php echo $row['id']; }?>" /><br />
<input type="submit" value="Modify" name="submit"/>
</form>
<?php
if(isset($_POST['submit'])) {
$brand = $_POST['brand'];
$model = $_POST['model'];
$year = $_POST['year'];
$id = $_POST['id'];
$queryupdate = "UPDATE cars SET
brand= :brand, model= :model, year= :year WHERE id= :id";
$q = $dbh->prepare($queryupdate);
$q->execute(array(
":id" => $id,
":brand" => $brand,
":model" => $model,
":year" => $year));
//Send them back to the page they were at/
header("location:admin.php");
}
?>