Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
I'm trying to update my MySQL Table via PHP - It says successful, but isn't actually updating. Here is snippets of my PHP code used;
List of rows in my Table.
<?php
$sql="SELECT * FROM $tbl";
$result=mysql_query($sql);
while($rows=mysql_fetch_array($result)){
echo $rows['title'];
echo $rows['date'];
echo $rows['month'];
?>
update
Edit Forum
<?php
$id=$_GET['id'];
$sql="SELECT * FROM $tbl WHERE id='$id'";
$result=mysql_query($sql);
$rows=mysql_fetch_array($result);
?>
<form name="form" method="post" action="update.php">
<input name="title" type="text" id="title" value="<? echo $rows['title']; ?>">
<input name="date" type="text" id="date" value="<? echo $rows['date']; ?>" >
<input name="month" type="text" id="month" value="<? echo $rows['month']; ?>">
<input name="id" type="hidden" id="id" value="<? echo $rows['id']; ?>">
<input type="submit" name="Submit" value="Submit">
Process of the Table update
<?php error_reporting(E_ALL); ini_set('display_errors', 1); //added to all pages
$title = $_POST['title']
$date = $_POST['date']
$month = $_POST['month']
$id = $_POST['id']
$sql="UPDATE $tbl SET title='$title', date='$date', month='$month' WHERE id='$id'";
$result=mysql_query($sql);
if (!$sql) {
die(mysql_error());
}
?>
If I update my table directly running SQL Queries in PhpMyAdmin it works perfectly fine. But when I do it through PHP it outputs as successful but doesn't actually change the data. Where am I going wrong?
PS: I have tried using mysql_error()); but nothing reports back.
You are missing the semicolons (;) after assigning your $_POST variables:
$title = $_POST['title']
$date = $_POST['date']
$month = $_POST['month']
$id = $_POST['id']
Add a ; right after each of those statements and you should be good to go.
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 3 years ago.
Improve this question
I have a form that I use to insert data into database and a table in which I display the records from the same database. I have the update button on each record displayed.
When I click on it, the data from the database is displayed in each input from the form; I've modified the information that I want and click Update button from the form.
The problem is that the data I have modified is not updated in the database and is not displayed in the table of my page.
My index-admin.php file:
<?php
include("functions.php");
//fetch record to be updates
if(isset($_GET['update'])){
$id = $_GET['update'];
$update = true;
$query="SELECT * FROM utilizatori WHERE id_user= $id";
$record = mysqli_query($conn,$query);
if (count($record) == 1 ) {
$rec = mysqli_fetch_array($record);
$id=$rec['id_user'];
$nume=$rec['nume'];
$prenume=$rec['prenume'];
$email=$rec['email'];
$pwd=$rec['pass'];
$rol=$rec['rol'];
}
}
?>
My form:
<form method="POST" action="functions.php">
<input type="hidden" name="id" value="<?php echo $id; ?> ">
<div class="input-group">
<label>Nume</label>
<input type="text" name="nume" value="<?php echo $nume; ?>">
</div>
<div class="input-group">
<label>Prenume</label>
<input type="text" name="prenume" value="<?php echo $prenume; ?>" >
</div>
<div class="input-group">
<label>Email</label>
<input type="text" name="email" value="<?php echo $email; ?> ">
</div>
<div class="input-group">
<label>Password</label>
<input type="text" name="pass" value="<?php echo $pwd; ?> ">
</div>
<div class="input-group">
<label>Rol</label>
<input type="text" name="rol" value="<?php echo $rol; ?> " >
</div>
<div class="input-group">
<?php if ($update == false): ?>
<button type="submit" name="save" class="btn">Save</button>
<?php else: ?>
<button type="submit" name="update" class="btn">Update</button>
<?php endif ?>
</div>
</form>
My functions.php file:
if(isset($_POST['update'])) {
$nume = mysqli_real_escape_string($conn,$_POST['nume']);
$prenume = mysqli_real_escape_string($conn,$_POST['prenume']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$pwd = mysqli_real_escape_string($conn, $_POST['pass']);
$rol = mysqli_real_escape_string($conn, $_POST['rol']);
$query="UPDATE utilizatori
SET nume='$nume',
prenume='$prenume',
email='$email',
pass='$pwd',
rol='$rol'
WHERE id_user=$id;";
mysqli_query($conn,$query);
$_SESSION['msg'] = 'Date actualizate!';
header('Location:index-admin.php');
}
It seems that $id is undefined within functions.php. It only existed in index-admin.php, and when the form is submitted, that code is not running. Web applications are stateless and variable values do not persist between requests. Nor are variable values magically passed between separate script files (unless they are called within the same request via an "include" or "require" statement).
However you've actually partially solved that. You have already placed the ID within a hidden field in your form when index-admin is being loaded. Now you just need to create a new variable to read it in functions.php:
if(isset($_POST['update'])) {
$id = $_POST["id"];
As a separate point, I can't see why you also wrote include("functions.php"); within the index-admin script...your form posts back directly to functions.php, rather than to index-admin.php. It makes no sense to include functions.php within that page...it won't do anything useful as far as I can see.
Please pay attention to the warnings within the comments about SQL Injection. This is a serious vulnerability and you should fix it as soon as possible, preferably before you commence testing your code (so that you don't have to re-test it once you've re-written the query code).
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 5 years ago.
Improve this question
I've created a website where I can upload articles however im having trouble with updating articles that have been created. I have managed to fill in a form with the information from the database pre-filled in but when i submit any changes then to the article then it does not update.
The $var_value is the primary key passed from the previous page to determine which article to load & edit.
Here is my form to update the article.
<?php
$var_value = $_POST['varname'];
$get_studies = "select * from news where `news`.`articleID` = $var_value";
$run_studies = mysqli_query($con,$get_studies);
while($row_studies = mysqli_fetch_array($run_studies)){
$newsTitle = $row_studies['title'];
$newsDate = $row_studies['date'];
$shortBio = $row_studies['shortBio'];
$longBio = $row_studies['longBio'];
$longBio2 = $row_studies['longBio2'];
$image = $row_studies['image'];
}
echo "
<div class='panelContent1' id='addNewsWraper'>
<h2>Dashboard</h2>
<h3>Update Article</h3>
<form method='post' enctype='multipart/form-data' onsubmit='alert('stop submit'); return false;' >
<div class='newsForm'>
<p>Article Title<br /><input type='text' value='$newsTitle' name='newsTitle' /></p>
<p>Short Description<br /><textarea name='newsShort' placeholder='Around a paragraph' />$shortBio</textarea>
<p>Image<br /><input type='file' name='newsImage' /></p>
</div>
<div class='newsForm'>
<p>Date<br /><input type='text' value='$newsDate' name='newsDate' placeholder='2017' /></p>
<p>Story<br /><textarea name='newsLong' placeholder='News article text' />$longBio</textarea>
<p>Story2<br /><textarea name='newsLong2' value='' placeholder='News article text' />$longBio2</textarea>
<button type='submit' name='updateNews'>
Update
</button>
</div>
</form>
</div>
";
?>
Here is how i am trying to update the article. I have tried to update the record based on a primary key, this variable is being passed to the page as its what is loading the content in the form.
<?php
if(isset($_POST['updateNews'])){
$newsTitle = $_POST['newsTitle'];
$newsDate = $_POST['newsDate'];
$newsShort = $_POST['newsShort'];
$newsLong = $_POST['newsLong'];
$newsLong2 = $_POST['newsLong2'];
$newsImage = $_POST['newsImage'];
$insertNews = "UPDATE mods SET title='$newsTitle', date='$newsDate', shortBio='$newsShort', longBio='$newsLong', longBio2='$newsLong2', image='$newsImage' WHERE articleID='$var_value'";
$updateNews = mysqli_query($con,$insertNews);
if($updateNews){
echo "<script>alert('Article updated.');</script>";
}
}
?>
You say $var_value is being passed to your php update script, but I cannot see that is is, nor is it being picked up by a POST and transferred to a local variable. Pass it as a <input type="hidden" and then pick up with a POST to use.
In first php script:
<p>Article Title<br /><input type='text' value='$newsTitle' name='newsTitle' />
<input type="hidden" value='$var_value' name='var_value' />
</p>
In second php script:
$var_value = $_POST['var_value'];
It would also be good to look at protecting your script from sql injection by using a parameterized query.
There is a problem with your query
insertNews = "UPDATE mods SET title='$newsTitle' date='$newsDate' shortBio='$newsShort' longBio='$newsLong' longBio2='$newsLong2' image='$newsImage' WHERE articleID='$var_value'";
Replace this with your current Query you will be good to go.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
I have a PHP form which is supposed to add a book to a table of books in a SQLite database. The form submits, however a book is not added to my database.
<?php
session_start();
require("books.php");
require("layout.php");
$db=sqlite_open ("products.db", 0666, $error);
echo $header;
echo "<p>
<a href='./index.php'>Bookshop</a></p>";
echo "<h1> Add Books </h1>
<p>
<form action='' method='get' id='AddBook'>
Author: <input type='text' name='Author'><br>
Title: <input type='text' name='Title'><br>
Brief_Synopsis: <input type='text' name='Synopsis'><br>
ISBN_Number: <input type='text' name='ISBN'><br>
Publisher: <input type='text' name='Publisher'><br>
imgNumber (save img with this name under /img/): <input type='text' name='imgNum'><br>
Price: <input type='text' name='Price'><br>
Category 1: <input type='text' name='Cat1'><br>
Category 2: <input type='text' name='Cat2'><br>
<input type='submit' value='Submit' name='Submit'>
</form>
</p>";
if(isset($_POST['Submit'])){
$author = $_POST['Author'];
$title = $_POST['Title'];
$Synopsis = $_POST['Synopsis'];
$ISBN = $_POST['ISBN'];
$Publisher = $_POST['Publisher'];
$imgNum = $_POST['imgNum'];
$Price = $_POST['Price'];
$Cat1 = $_POST['Cat1'];
$Cat2 = $_POST['Cat2'];
sqlite_query($db,"INSERT INTO Books (Author, Title, Brief_Synopsis, ISBN_Number, Publisher, imgNumber, price, cat1, cat2) VALUES ('$_POST[Author]', '$_POST[Title]', '$_POST[Synopsis]', '$_POST[ISBN]', '$_POST[Publisher]', '$_POST[imgNum]', '$_POST[Price]', '$_POST[Cat1]', '$_POST[Cat2]')");
echo("Book Added!");
$dbh = null;
}
?>
Why is this code not updating my database correctly? Before I added the if statement it added an empty book to the database every time the page loaded, however now it submits and resets the form, my URL looks correct but the database does not get an item added to it.
Your code is failing silently, because you're using a GET method in your form, whereas you're using POST arrays.
Change the form's method to POST.
I also need to point out that your present code is open to SQL injection. Use prepared statements, or PDO with prepared statements, they're much safer.
The if statement is checking if submit exists and is not null. You cannot check the input type submit, there is no associated value. You can add a hidden input and check it:
<input type="hidden" name="checkSubmit" value="Submitted">
if(isset($_POST['checksubmit']))
I also noticed that the sql injection is looking at $_POST['myvariable'] making the previous checks for variable redundant at best.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
this code is for showing data and updating data.when query string is setted text boxes appersand submit button will also appears
<!DOCTYPE html>
<!--
To change this license header, choose License Headers in Project Properties.
To change this template file, choose Tools | Templates
and open the template in the editor.
-->
<html>
<head>
<meta charset="UTF-8">
<title></title>
</head>
<body>
<from action="category_listing.php" method="post">
<table border="5" width="250">
<?php
$queryy="select COUNT(*) from category"; //count rows
$results= mysqli_query($link, $queryy);
while ($res= mysqli_fetch_array($results))
{$total_rows=$res[0];}
$offset=$total_rows-1;
$qry="select ID from category LIMIT $offset,1";
$res= mysqli_query($link, $qry);
while ($res2= mysqli_fetch_array($res))
{
$lastvalue=$res2[0];
}
$query="select * from category";
$result= mysqli_query($link, $query);
while ($r= mysqli_fetch_array($result))
{
if(isset($_REQUEST['id']) && is_numeric($_REQUEST['id']) && ($_REQUEST['id']>=0 ) && $_REQUEST['id']<=$lastvalue)
{
$id=$_REQUEST['id'];
if($r[0]==$id)
{
$name=$r[1];
echo '<tr><td>';
echo 'Name';
echo '</td>';
echo '<td><input type=text value="'.$r[1].'"></td></tr>';
echo '<tr><td colspan="2">';
echo '<input type="submit" name="btnupdate" value="Update">';
echo '<input type="submit" value="Cancel">';
echo '</td></tr>';
}
}
else
{
static $var=1;
if($var==1){echo '<tr><th>ID</th><th>Name</th> <th>Action</th></tr>';} //headers of category
echo "<tr><td>$r[0]</td><td>$r[1]</td>";
echo "<td><a href='category_listing.php?id=$r[0]'>Edit</a></td></tr>";
$var++;
}
}
?>
</table>
<input type="hidden" name="hidden" value="<?php if(isset($id)) echo $id;?>"/>
</from>
</body>
</html>
I just set query string. when it is setted in URL. Text box appears and after pressing submit, page is not submitting.
change
<from action="category_listing.php" method="post">
to
<form action="category_listing.php" method="post">
</from> to </form>
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I want to retrieve the id of the page but the page is dynamic depending upon the id
e.g filepath/Post.php?id=5
Data is sent through a form action where i want to get the other pages id but i don't know how to do it.
echo "<form action='../PHP/Comment.php' method='post'>" . "<input class='comment' type='text' name='comment' placeholder='Add a comment'>" . "</form>"
//then what the action does
$id = isset($_GET['id']); //trying to get the page id but it doesn't
$comment = $_POST['comment'];
//insertion into the table in the database.
mysql_query("INSERT INTO comments (id, comment) VALUES ('$id', '$comment')")
There are better ways to do this. have you tried using a dedicated $_SESSION variable? In PHP, i cud do this:-
<?php $_SESSION['PAGE_ID'] = 10;?>
then retrieve it on the form as
<?php echo $_SESSION['PAGE_ID']?>
Try this
echo "<form action='../PHP/Comment.php' method='post'>
<input class='comment' type='text' name='comment' placeholder='Add a comment'>
<input type="hidden" name="id" value="<?php echo $_GET['id']; ?>" />
<input type="submit" value="Submit" />
</form>"
Then form processing
$id = isset($_POST['id']);
$comment = $_POST['comment'];
mysql_query("INSERT INTO comments (id, comment) VALUES ($id, '$comment')");