I can't seem to find the error. This form is supposed to update a category in the database.
When I try to update the category it gives me this error
Notice: Undefined variable: cat_id in C:\xampp\htdocs\CMS_project\admin\categories.php on line 90
QUERY FAILED!You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
This is the code below, i've commented where is the line 90.
<form action="categories.php" method="post">
<div class="form-group">
<label for="cat_title">Update Category</label>
<?php
if(isset($_GET['edit']))
{
$cat_id = $_GET['edit'];
$query = "SELECT * FROM categories WHERE cat_id = {$cat_id} ";
$select_categories_id = mysqli_query($connection, $query);
while($row = mysqli_fetch_assoc($select_categories_id))
{
$cat_id = $row['cat_id'];
$cat_title = $row['cat_title'];
?>
<input value="<?php if(isset($cat_title)){echo $cat_title;} ?>" type="text" name="cat_title" class="form-control">
<?php } } ?>
<?php
if(isset($_POST['update_category']))
{
$the_cat_title = $_POST['cat_title'];
//Below is line 90
$query = "UPDATE categories SET cat_title = '{$the_cat_title}' WHERE cat_id = {$cat_id} ";
$update_query = mysqli_query($connection, $query);
if(!$update_query)
{
die("QUERY FAILED!" . mysqli_error($connection));
}
}
?>
</div>
<div class="form-group">
<input type="submit" name="update_category" value="Update Category" class="btn btn-primary">
</div>
</form>
This is where the form gets the ID
<?php
while($row = mysqli_fetch_assoc($select_categories))
{
$cat_id = $row['cat_id'];
$cat_title = $row['cat_title'];
echo "<tr>
<td>{$cat_id}</td>
<td>{$cat_title}</td>
<td><a href='categories.php?delete={$cat_id}'>Delete</a></td>
<td><a href='categories.php?edit={$cat_id}'>Edit</a></td>
</tr>";
}
?>
The $cat_id variable is simply not defined in the scope of your query. This means, that the $cat_id variable is only declared inside if statement where you check if $_GET['edit'] is set.
To fix it, add a hidden field with category id to your form, and then in PHP add:
$cat_id = $_POST['cat_id'];
just before the 90th line.
By the way remember to use mysqli_real_escape_string to prevent SQL-incjection issues.
I figured it out.
I had to delete the categories.php from the action in form, if I leave it blank it works fine. :)
Related
I have tried to write a code that update category in the database using admin panel but whenever i try to do that it won't work and i don't get any errors to look into it, please help guys; thanks a lot
PHP Code:
<?php
if (isset($_GET['edit'])) {
$edit_id = $_GET['edit'];
$query = "SELECT * FROM categories WHERE category_id = $edit_id ";
$edit_get_result = mysqli_query($connection,$query);
if (!$edit_get_result) {
die("Edit Get Result Query FAILED");
}
while ($category_name_row=mysqli_fetch_assoc($edit_get_result)) {
$category_name = $category_name_row['category_name'];
}
?>
<center>
<form action="category.php" method="POST">
<div class="form-group">
<label for="update_category">Update Category</label>
<input type="text" class="form-control" id="update_category" value="<?php if(isset($category_name)){echo $category_name; } ?>" name="update_category" aria-describedby="emailHelp" placeholder="Enter Category Name">
</div>
<button type="submit" name="update_category_submit" class="btn btn-primary">Update</button>
</form>
</center>
<?php
if (isset($_POST['update_category_submit'])) {
$category_name = $_POST['update_category'];
$query = "UPDATE categories SET category_name = '$category_name' WHERE category_id = $edit_id ";
$final_update_query_result = mysqli_query($connection,$query);
if (!$final_update_query_result) {
die("Final Update Query Result FAILED");
}
}
}
?>
Please check below code. You need to pass edit_id in your form POST. I have put it in a hidden input and set it's value according to the GET parameter from top of your php part.
<?php
if (isset($_GET['edit'])) {
$edit_id = mysqli_real_escape_string($connection,$_GET['edit']);
$query = "SELECT * FROM categories WHERE category_id = '$edit_id' ";
$result = mysqli_query($connection,$query);
if(!$result) {
die("Edit Get Result Query FAILED");
}
while ($row=mysqli_fetch_assoc($result)) {
$category_name = $row['category_name'];
}
?>
<center>
<form action="category.php" method="POST">
<div class="form-group">
<label for="update_category">Update Category</label>
<input type="text" class="form-control" id="update_category" value="<?php if(isset($category_name)){echo $category_name; } ?>" name="update_category" aria-describedby="emailHelp" placeholder="Enter Category Name">
</div>
<input type="hidden" name="edit_id" value="<?php if(isset($edit_id)) echo $edit_id;?>">
<button type="submit" name="update_category_submit" class="btn btn-primary">Update</button>
</form>
</center>
<?php
if (isset($_POST['update_category_submit']) && isset($_POST['edit_id'])) {
$category_name = mysqli_real_escape_string($connection,$_POST['update_category']);
$edit_id = mysqli_real_escape_string($connection,$_POST['edit_id']);
$query = "UPDATE categories SET category_name = '$category_name' WHERE category_id = $edit_id ";
$result = mysqli_query($connection,$query);
if (!$result) {
die("Final Update Query Result FAILED");
}
else echo "Final Update Query Result Success";
}
?>
Hi have noticed that you have used raw inputs. try avoiding it. Also noticed your code had extra curly braces at the end.
Please try using the following code after replacing your end page section php script.
if (isset($_POST['update_category_submit'])) {
$category_name = $_POST['update_category'];
$query = "UPDATE categories SET category_name = '$category_name' WHERE category_id = $edit_id ";
$final_update_query_result = mysqli_query($connection,$query);
if (!$final_update_query_result) {
die("Final Update Query Result FAILED");
}
}
And Change your query variable to the following:
$query = "SELECT * FROM categories WHERE category_id = ".$edit_id;
i am not getting any result ..tried a lot ...but didnt know what is the problem.
no results after editing...nothing changed ...and is also not showing any error..please help..i need to submit a project.'
Thankyou.
<form action="acat.php" method="post"> <!--Edit cat form-->
<div class ="form-group">
<label for ="title">Edit Category</label>
<?php
if(isset($_GET['edit'])) {
$editid = $_GET['edit'];
if (!$editid) {
echo "CANNOT BE EDITED";
} else {
$query = "SELECT * FROM categories WHERE cat_id = '$editid'";
$edit_query = mysqli_query($con,$query);
}
while($row=mysqli_fetch_assoc($edit_query)) {
$cat_id = $row['cat_id'];
$cat_title = $row['cat_title'];
?>
<input value="<?php if(isset($editid)) {echo $cat_title;} ?>"
class="form-control" type="text" name="update">
<?php } } ?>
<?php
if(isset($_POST['update_submit']) && isset($_GET['edit'])) {
$editid = $_GET['edit'];
$updatetitle = $_POST['update'];
$query = "UPDATE categories SET cat_title='$updatetitle' where
cat_id='$editid'";
$update_query = mysqli_query($con,$query);
if (!$update_query) {
die('QUERY FAILED' . mysqli_error($con));
}
}
?>
</div>
<div class="form-group">
<input class="btn btn-primary" type="submit"
name="update_submit" value="Update Category">
</div>
</form>
</div>
In the POST condition, it's unable to identify $editid
Change this line:
if(isset($_POST['update_submit'])) {
To this:
if(isset($_POST['update_submit']) && isset($_GET['edit'])) {
$editid = $_GET['edit']; // Add this line
$updatetitle = $_POST['update'];
$query = "SELECT * FROM categories SET cat_title='$updatetitle' WHERE
cat_id = '$editid'"; //error line
$update_query = mysqli_query($con,$query);
I am trying to do a simple edit/update of my data in the database. But somehow it will not work.
So I am able to read out the saved data into the form. I also don't have any errors
I have stared at my code and googled for hours but I don't see where I might have made a mistake with my code.
The printed echo gives the following output which seems to be right:
HTML code:
<form id="formAddCategory" class="FrmCat" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<div class="form-group">
<!-- hidden id from tbl -->
<input type="hidden" name="hiddenId" value="<?php echo $hiddenID ?>" />
<label for="recipient-name" class="control-label">Category Name:</label>
<input type="text" class="form-control" id="recipient-name1" name="category" required="" value="<?php echo $category ?>" />
</div>
<button type="submit" id="btnEditCat" class="btn btn-danger" name="editCategory">Save Category</button>
</form>
Part of my php code to edit/update:
<?php
//edit/update data to db
if(isset($_POST['editCategory'])){
$categoryUpdate = mysqli_real_escape_string($con, $_POST['category']);
$categoryID = mysqli_real_escape_string($con, $_POST['hiddenId']);
$qry = "UPDATE tbl_Category SET category = $categoryUpdate WHERE category_id = $categoryID";
$result = mysqli_query($con, $qry);
echo $qry;
if($result){
header("Location: category.php");
}
}
?>
You need single quote ' to wrap your parameter:
$qry = "UPDATE tbl_Category SET category = '$categoryUpdate' WHERE category_id = '$categoryID'";
You should use single quotes (') for values
$qry = "UPDATE tbl_Category SET category = '$categoryUpdate' WHERE category_id = '$categoryID'";
Also you can use like this to avoid SQL injection (See here)
$stmt = $dbConnection->prepare('SELECT * FROM employees WHERE name = ?');
$stmt->bind_param('s', $name);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
// do something with $row
}
As a school assignment I need to make a cms, in that I need to be able to make post edit them and delete them. so for i can edit and delete them, but for some reason I cant get it to insert the post(and also the categories, same almost the same) I hope you guys can help me.
Here is the code:
The form
<form action="includes/doAddpost.php" method="post">
<label for="PostName">Name</label>
<input type="text" name="PostName" id="PostName" placeholder="Title" autofocus="auto"/>
<label for="PostAuthor">Author</label>
<input type="text" name="PostAuthor" id="PostAuthor" placeholder="Authors name"
value="<?php if (isset($_SESSION['username'])) {
echo $_SESSION['username'];
}
?>"/>
<label for="PostContent">Content</label>
<textarea name="PostContent" id="PostContent" placeholder="content"></textarea>
<label for="PostCats">category</label>
<select name="PostCats">
<?php
$query = "SELECT * FROM categories";
$result = mysqli_query($mysqli, $query);
while ($cat = mysqli_fetch_assoc($result)) {
?>
<option value="<?php echo $cat['id']; ?>"><<?php echo $cat['title']; ?></option>
<?php } ?>
and this part doesnt seem to work either
</select>
<input type="submit" name="submit" value="submit"/>
</form>
Here is the doAddpost page:
<?php
include '../../includes/functions.php';
sec_session_start();
if(isset($_POST['submit'])){
if(isset($_POST['PostName'])){
if(isset($_POST['PostContent'])){
addPost($mysqli,$_POST['PostName'],$_POST['PostAuthor'], $_POST['PostContent'],$_POST['PostCats']);
header("Location: ../posts.php");
}else{
echo"please enter some content!";
}
} else{
echo"please set a category name!";
include('../addpost.php');
}
}else{
header("Location: ../addpost.php");
}
?>
and the function:
function addPost($mysqli, $pName, $pAuthor, $pContent, $pCat = 1)
{
$query = "INSERT INTO posts VALUES ('$pName', '$pAuthor', '$pContent', $pCat)";
mysqli_query($mysqli, $query);
}
Can anyone tell me what is the issue I am facing ?
Just edit your function as ,
function addPost($mysqli, $pName, $pAuthor, $pContent, $pCat = 1)
{
$query = "INSERT INTO posts (`your_column1`, `your_column_2`, `your_column_3`, `your_column_4`) VALUES ('$pName', '$pAuthor', '$pContent', $pCat)";
mysqli_query($mysqli, $query) or die(mysqli_error());
}
and then try...
Also in you select list change it as,
<option value="<?php echo $cat['id']; ?>"><?php echo $cat['title']; ?></option>
You placed an extra < there in your code..check that...:)
Now its time to step by step debugging:-
1) change your select category mysqli_query as below for debugging purpose
mysqli_query( $mysqli , $query ) or trigger_error($mysqli->error."($query)");
2) for you insert query mention column name in which you want to insert record . as you mentioned in comment you dont want id null so you should make you id column as AUTOINCREMENT
e.g
INSERT INTO posts (`column1`,`column2`,`column3`,`column4`) VALUES ('$pName', '$pAuthor', '$pContent', $pCat);
I was wondering if anyone could help, I am creating an update product form which is showing results of data already in the database. I want to display all the checkbox categories and have the ones that have already been selected as checked so the user can easily select and change.
I know I am overcomplicating the code below but I am really no sure how to go about this. The code below currently selects all the categories and displays them as checkboxes but I cant get it to display the ones the user has already selected and saved to the db as checked. Also I am using MySQL original version not the improved one which I know I should be but If anyone could help I would really appreciate it Thanks Louise.
<?php
$query = "SELECT * FROM category, catid_productid WHERE catid_productid.product_id ='$product_id' ORDER BY product_id ASC";
$result = mysql_query($query);
$query = "SELECT * FROM category, catid_productid WHERE category.cat_id = catid_productid.cat_id AND catid_productid.product_id ='$product_id' ORDER BY product_id ASC";
$selected_result = mysql_query($query);
$selected_array = array($selected_result);
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$title= $row ['title'];
$cat_id= $row ['cat_id'];
echo '<li><label for="category-'.$cat_id.'" id="labelleft">'.$title.'</label>';
echo '<input name="category[]" id="category-'.$cat_id.'" type="checkbox" class="formbox" value="'.$cat_id;
if (isset($_GET['product_id']) && in_array($selected_array['$selected_result'], $selected_array)) {
echo 'checked="checked"';
}
echo " /></li>'";
}
?>
form field:
<div class="field-row ">
<label for="categories"> Categories:<?php
if (isset($required) && in_array('category', $required)) { ?>
<span class="warning">*</span><?php } ?></label>
<div class="fields">
<ul>
<?php
$query = "SELECT * FROM category ORDER BY title ASC";
$result = mysql_query($query);
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$title= $row ['title'];
$cat_id= $row ['cat_id'];
echo '<li><label for="category-'.$cat_id.'" id="labelleft">'.$title.'</label>';
echo '<input name="category[]" id="category-'.$cat_id.'" type="checkbox" class="formbox" value="'.$cat_id.'" /></li>';
}
?>
</ul>
</div>
</div>
inserting it into the database
if($result) {
$product_id = mysql_insert_id();
foreach ($category as $cat_id)
{
// connect to mysql database
mysql_query("INSERT INTO catid_productid (cat_id, product_id) VALUES ('$cat_id', '$product_id')");
}
I don't know if you store checked-or-not information in your DB but I do spot mis-quotation here ..
Try changing this
echo '<input name="category[]"
id="category-'.$cat_id.'"
type="checkbox" class="formbox" value="'.$cat_id;
To
echo '<input name="category[]"
id="category-'.$cat_id.'"
type="checkbox" class="formbox" value="'.$cat_id.'"';
AND this
echo " /></li>'";
to
echo ' /></li>';