I have a table displaying the content of a MySQL table. For every row I added an 'edit button' so our users can update the content.
The 'edit button' goes to a link ?edit_entry.php?sid=4 with 4 the sid of the entry.
This works but I get a blank form.
Question 1: Is there any way to already display the content of the specific MySQL row in the text fields of the form?
Here is the edit_entry.php code:
<?php require('includes/config.php');
//if not logged in redirect to login page
if(!$user->is_logged_in()){ header('Location: login.php'); }
// Create connection
$conn = new mysqli(DBHOST, DBUSER, DBPASS, DBNAME);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sid = $_GET['sid'];
$sql = "SELECT * FROM orders WHERE sid = '$sid'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = mysqli_fetch_array($sql)) {
$sid = $row['sid'];
$q1_requested_by = $row['q1_requested_by'];
$q2_productname = $row['q2_productname'];
$q3_supplier = $row['q3_supplier'];
$q4_productnumber = $row['q4_productnumber'];
$q5_quantity = $row['q5_quantity'];
$q6_price = $row['q6_price'];
$q7_budget = $row['q7_budget'];
$q8_link = $row['q8_link'];
}
?>
<form action="update_script.php" method="post">
<input type="hidden" name="sid" value="<?=$sid;?>">
Requested by: <input id="q1" type="text" style="width:400px" name="ud_q1_requested_by" value="<?=$q1_requested_by?>" required="true" tabindex="1"><br>
Product name: <input id="q2" type="text" style="width:400px" name="ud_q2_productname" value="<?=$q2_productname?>" required="true" tabindex="2"><br>
Supplier: <input id="q3" type="text" style="width:400px" name="ud_q3_supplier" value="<?=$q3_supplier?>" required="true" tabindex="3"><br>
Product number: <input id="q4" type="text" style="width:400px" name="ud_q4_productnumber" value="<?=$q4_productnumber?>" required="true" tabindex="4"><br>
Quantity: <input id="q5" type="text" style="width:400px" name="ud_q5_quantity" value="<?=$q5_quantity?>" required="true" tabindex="5"><br>
Price: <input id="q6" type="text" style="width:400px" name="ud_q6_price" value="<?=$q6_price?>" tabindex="6"><br>
Budget: <input id="q7" type="text" style="width:400px" name="ud_q7_budget" value="<?=$q7_budget?>" tabindex="7"><br>
Link: <input id="q8" type="text" style="width:400px" name="ud_q8_link" value="<?=$q8_link?>" tabindex="8"><br>
<input type="submit" name="submit" id="submit" value="Update your input!" tabindex="9" />
</form>
<?php
}else{
echo 'No entry found. Go back';
}
?>
And here is update_script.php:
<?php require('includes/config.php');
//if not logged in redirect to login page
if(!$user->is_logged_in()){ header('Location: login.php'); }
// Create connection
$conn = new mysqli(DBHOST, DBUSER, DBPASS, DBNAME);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sid = $_POST["sid"];
$ud_q1_requested_by = mysqli_real_escape_string($_POST["ud_q1_requested_by"]);
$ud_q2_productname = mysqli_real_escape_string($_POST["ud_q2_productname"]);
$ud_q3_supplier = mysqli_real_escape_string($_POST["ud_q3_supplier"]);
$ud_q4_productnumber = mysqli_real_escape_string($_POST["ud_q4_productnumber"]);
$ud_q5_quantity = mysqli_real_escape_string($_POST["ud_q5_quantity"]);
$ud_q6_price = mysqli_real_escape_string($_POST["ud_q6_price"]);
$ud_q7_budget = mysqli_real_escape_string($_POST["ud_q7_budget"]);
$ud_q8_link = mysqli_real_escape_string($_POST["ud_q8_link"]);
$sql= "UPDATE orders
SET q1_requested_by = '$ud_q1_requested_by', q2_productname = '$ud_q2_productname', ud_q3_supplier = '$ud_q3_supplier', ud_q4_productnumber = '$ud_q4_productnumber', ud_q5_quantity = '$ud_q5_quantity', ud_q6_price = '$ud_q6_price', ud_q7_budget = '$ud_q7_budget', ud_q8_link = '$ud_q8_link'
WHERE sid='$sid'";
$result = $conn->query($sql);
if(mysqli_affected_rows()>=1){
echo "<p>($sid) Record Updated<p>";
}else{
echo "<p>($sid) Not Updated<p>";
}
?>
There must be a problem in this last part because I get the (4) Not updated message.
Question 2: Does anyone see the problem here?
I've been trying a few things to tackle the problem but neither are working.
Thank you
mysqli_real_escape method requires the connection to be provided; this was not the case in deprecated mysqli_* methods..
see documentation at http://php.net/manual/en/mysqli.real-escape-string.php
In your case, since you are using object of mysqli:
$conn->real_escape_string($string)
Also for the record, you have a possible inject despite your attempts not to.
You should update $sid = $_POST["sid"]; to $sid = (int) $_POST["sid"]; if it is supposed to be an integer or escape it as well.
With this many variables needing to be escaped though, you should probably look at how to conduct a prepared statement. http://php.net/manual/en/mysqli.quickstart.prepared-statements.php
You use mysqli, not mysql that is good news.
But you continue to use old techniques to pass parameter to query.
So let just try to bind parameters as it should be done with mysqli:
$sql= "UPDATE orders
SET
q1_requested_by = ? ,
q2_productname = ?,
ud_q3_supplier = ?,
ud_q4_productnumber = ?,
ud_q5_quantity = ?,
ud_q6_price = ?,
ud_q7_budget = ?,
ud_q8_link = ?
WHERE sid=? ";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param('ssssiddsi', $ud_q1_requested_by, $ud_q2_productname, $ud_q3_supplier, $ud_q4_productnumber, $ud_q5_quantity, $ud_q6_price, $ud_q7_budget, $ud_q8_link, $sid);
$result = $stmt->execute();
if($result && $stmt->affected_rows>0){
echo "<p>($sid) Record Updated<p>";
}else{
echo "Error:\n";
print_r($stmt->error_list);
echo "<p>($sid) Not Updated<p>";
}
I got it to work using the following code:
<?php require('includes/config.php');
//if not logged in redirect to login page
if(!$user->is_logged_in()){ header('Location: login.php'); }
$conn = new mysqli(DBHOST, DBUSER, DBPASS, DBNAME);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sid = (int)$_POST["sid"];
$ud_q1_requested_by = $conn->real_escape_string($_POST["ud_q1_requested_by"]);
$ud_q2_productname = $conn->real_escape_string($_POST["ud_q2_productname"]);
$ud_q3_supplier = $conn->real_escape_string($_POST["ud_q3_supplier"]);
$ud_q4_productnumber = $conn->real_escape_string($_POST["ud_q4_productnumber"]);
$ud_q5_quantity = $conn->real_escape_string($_POST["ud_q5_quantity"]);
$ud_q6_price = $conn->real_escape_string($_POST["ud_q6_price"]);
$ud_q7_budget = $conn->real_escape_string($_POST["ud_q7_budget"]);
$ud_q8_link = $conn->real_escape_string($_POST["ud_q8_link"]);
$sql= "UPDATE orders
SET
q1_requested_by = '$ud_q1_requested_by',
q2_productname = '$ud_q2_productname',
q3_supplier = '$ud_q3_supplier',
q4_productnumber = '$ud_q4_productnumber',
q5_quantity = '$ud_q5_quantity',
q6_price = '$ud_q6_price',
q7_budget = '$ud_q7_budget',
q8_link = '$ud_q8_link'
WHERE sid='$sid'";
$result = $conn->query($sql);
header("Location: edit_orders.php");
?>
which is just simple query, as the original form to enter a new row of data also does. I also decided to remove the error handling at the end since it didn't seem to work with mysqli_affected_rows()>0...
It's probably not a very elegant solution, but it works. Still I'd like to learn more so if anybody would have a useful link explaining php+mysqli basics that would help me much. The links to php.net or mysql.com are for me too brief at this moment though, for me they don't explain what is going on. I'm a total novice to php and mysql and could use some more explanatory/introductary text, maybe with examples, but mostly providing me with an overview of what is going on... Thanks anyway for all the help!
Related
Can I please have some help with a problem I'm having updating a mysql database with PHP.
I'm sorry to ask a question that has been asked a lot of times before, it's just driving me a bit nuts, and I've looked through similar questions but the answers don't seem to help with my problem.
I'm using two files, an admin page (admin.php) to edit content with, and an update file that is meant to update the database when the submit button is pressed.
Everything seems to be working fine, the values are being posted to the update.php page (I can see them when I echo them out) but it wont update the database.
If anyone can please point me in the right direction or tell me what I'm doing wrong I'd be very grateful!
Thank you very much:)
This is my admin.php page;
<head>
<?php
/*
Check to see if the page id has been set in the url.
If it has, set it as the $pageid variable,
If it hasn't, set the $pageid variable to 1 (Home page)
*/
if (isset($_GET['pageid'])) {
$pageid = $_GET['pageid'];
}
else {
$pageid = '1';
}
//Database connection variables
$servername = "localhost";
$username = "root";
$password = "";
$database = "cms";
// Create connection
$conn = new mysqli($servername, $username, $password, $database);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
//Get information from the database
$sql = "SELECT title, sub_title, tab1, tab2, tab3, content FROM data WHERE id='$pageid'";
$result = $conn ->query($sql);
if ($result->num_rows > 0)
{
while($row = $result->fetch_assoc()) {
$conn->close();
//Store database information in variables to display in the form
$title = $row["title"];
$sub_title = $row["sub_title"];
$tab1 = $row["tab1"];
$tab2 = $row["tab2"];
$tab3 = $row["tab3"];
$content = $row["content"];
}
} else {
echo "0 results";
}
?>
</head>
<body>
//basic navigation
Page 1 | Page 2 | Page 3
<form action="update.php" method="post" name="adminform">
<input type="hidden" name="pageid" value="<?php echo "$pageid";?>">
NAME:<br>
<input type="text" name="title" value="<?php echo $title;?>"><br><br>
EMAIL:<br>
<input type="text" name="sub_title" value="<?php echo $sub_title;?>"><br><br>
CONTENT:<br>
<input type="text" name="tab1" value="<?php echo $tab1;?>"><br><br>
CONTENT:<br>
<input type="text" name="tab2" value="<?php echo $tab2;?>"><br><br>
CONTENT:<br>
<input type="text" name="tab3" value="<?php echo $tab3;?>"><br><br>
CONTENT:<br>
<textarea rows="4" cols="50" name="content">
<?php echo $content;?>
</textarea>
<br><br>
<input type="submit">
</form>
</body>
And this is the update.php page;
<?php
/*Values passed from the admin form, to be used as update variables*/
if (isset($_POST['adminform']))
{
$pageid = $_POST["pageid"];
$titleu = $_POST["title"];
$sub_titleu = $_POST["sub_title"];
$tab1u = $_POST["tab1"];
$tab2u = $_POST["tab2"];
$tab3u = $_POST["tab3"];
$contentu = $_POST["content"];
}
?>
<?php
if(isset($_POST['adminform']))
{
// Create connection
$conn = new mysqli($servername, $username, $password, $database);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
//Update the database
$sql = "UPDATE data SET title='$titleu', sub_title='$sub_titleu', tab1='$tab1u', tab2='$tab2u', tab3='$tab3u', content='$contentu' WHERE id =='$pageid'";
$result = $conn ->query($sql);
$conn->close();
}
?>
You're using == instead of = on the where clause.
On the other hand, don't pass user values to the query without validation and sanitization if you don't want to be vulnerable to sql injection attacks.
$sql = "UPDATE data SET title='" . $conn->real_escape_string($titleu) . "', sub_title='" . $conn->real_escape_string($sub_titleu) . "', tab1='" . $conn->real_escape_string($tab1u) . "', tab2='" . $conn->real_escape_string($tab2u) . "', tab3='" . $conn->real_escape_string($tab3u) . "', content='" . $conn->real_escape_string($contentu) . "' WHERE id = " . (int)$pageid;
This will work, but is not very elegant solution. You may use prepared statements instead, to pass the correct types and prevent sql injection.
Check your DB Connections and test whether you are connected to DB or not.
Change your query as below
$sql = "UPDATE data SET title='".$titleu."', sub_title='".$sub_titleu."', tab1='".$tab1u."', tab2='".$tab2u."', tab3='".$tab3u."', content='".$contentu."' WHERE id ='$pageid'";
the registration form is connected to the database via db.php but I am having trouble in submitting the login details.
<html>
<head>
<?php
include('db.php');
$username = #$_POST['username'];
$password = #$_POST['password'];
$submit = #$_POST['submit'];
the main problem is after the submit button is clicked by an existing user it should give the message but there's problem in the if statement, because on the wamp server its showing only the else message i.e. Error.
if ($submit)
{
$result = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
if (mysql_num_rows($result)) {
$check_rows = mysql_fetch_array($result);
$_POST['username'] = $check_rows['username'];
$_POST['password'] = $check_rows['password'];
echo "<center>";
echo "You are now Logged In. ";
echo "</center>";
}
else {
echo "<center>";
echo "No User found. ";
echo "</center>";
}
}
else echo "Error";
?>
</head>
<body>
<form method="post">
Username : <input name="username" placeholder="Enter Username" type="text"><br></br>
Password : <input name="password" placeholder="Enter Password" type="password"><br>
<input type="submit" value="Submit">
</body>
</html>
You want get $_POST with name submit, but do not send it to the form
Try change
<input type="submit" value="Submit">
to
<input type="submit" name="submit" value="Submit">
Firstly this is old style of php/mysql. So look at PDO on php.net seeing as you are setting out on new project it really wont be hard to make the change now rather than later.
Now onto your issue. if you intend on carrying on with your old method try this.
$sql = "SELECT * FROM user WHERE username=' . $username . ' AND password=' . $password . '";
// check the query with the die & mysql_error functions
$query = mysql_query($sql) or die(mysql_error());
$result = mysql_num_rows($query);
// checking here equal to 1 In a live case, for testing you could use >= but not much point.
if ($result == 1) {
// Checking needs to be Assoc Now you can use the field names,
// otherwise $check_rows[0], $check_rows[1] etc etc
$check_rows = mysql_fetch_assoc($query); // oops we all make mistakes, query not result, sorry.
// This is bad but for example il let this by,
// please dont access user supplied data without
// validating/sanitising it.
$_POST['username'] = $check_rows['username'];
$_POST['password'] = $check_rows['password'];
} else {
// do not logged in here
}
The same in PDO
$sql=" Your query here ";
$pdo->query($sql);
$pdo->execute();
$result = $pdo->fetch();
if ($result = 1) {
// do login stuff
} else {
// no login
}
Remember though that you need to set up PDO and it may not be available on your server by default (older php/mysql versions) but your host should be happy enough to set them up.
i am trying display a the rows in my database table using the array of ids gotten from another table. i want it to display the first row which is $rowsfriend. and display the second row which is rows .......... but it only displays $rowsfriend
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "ochat";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT * FROM friends where friend1='".($_POST[id])."'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
$rowsfriend = $row["friend2"];
echo $rows;
}
}
$sqll = "SELECT * FROM users WHERE id IN ($rowssfriend)";
$resultt = $conn->query($sqll);
if ($resultt->num_rows > 0) {
while($roww = $resultt->fetch_assoc()) {
$rowsss = $row["username"];
echo $rowss;
}
}
else {
?>
<h1>Register</h1>
<form action="selectfriends.php" method="post">
id:<br />
<input type="text" name="id" value="" />
<br /><br />
<input type="submit" value="enter" />
</form>
<?php
}
?>
Instead of two queries, you can write this nested query.
$sqll = "SELECT * FROM USERS WHERE ID IN (SELECT friend2 FROM friends WHERE friend1='".$_POST[$id]."')";
$resultt = $conn->query($sqll);
if ($resultt->num_rows > 0)
{
while($roww = $resultt->fetch_assoc())
{
$rowsss = $row["username"];
echo $rowss;
}
}
Hope this solve your problem .
Please try this version of code instead, if you might:
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "ochat";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT users.* FROM users WHERE users.id IN (SELECT friend2 FROM friends where friend1='".($_POST[id])."')";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
$rows = $row["username"];
echo $rows;
}
}
else {
?>
<h1>Register</h1>
<form action="selectfriends.php" method="post">
id:<br />
<input type="text" name="id" value="" />
<br /><br />
<input type="submit" value="enter" />
</form>
<?php
}
?>
As far as I understood the code well, the problem was with the variable name typo as #Admieus wrote but also in the fact that in each iteration of the first loop variable $rowsfriend got overriden with a new value so after the end of the loop, $rowsfriend contained the last id from the result of the first query $sql.
The above version makes only one query using subquery in it to get directly usernames who are friends of friend1 given in $_POST[$id].
I hope it helps.
There are typos in the second loop.
You assign the value to $rowsss and try to echo from $rowss notice the difference.
Also, you assign the fetch_assoc result to $roww and then try to call it again with $row.
$sqll = "SELECT * FROM users WHERE id IN ($rowsfriend)";
$resultt = $conn->query($sqll);
if ($resultt->num_rows > 0) {
while($roww = $resultt->fetch_assoc()) {
$rowsss = $roww["username"];
echo $rowsss;
}
}
Point of improvement is: check your variable names, make names that are easy to understand and hard to mix up.
For instance, the variable containing the sql query should not be named $sql and to make it worse a second query shoul not be named sqll. Instead use names that imply what you are doing.
$querySelectFriendsFrom = "SELECT * FROM users WHERE id IN ($friendId)";
Don't take this as a hard rule, it's more of a tip to prevent silly mistakes.
Update: there was also a type in the query referring to rowssfriend instead of rowsfriend. Fixed above.
I am trying to create a form where everything is filled out from the user's previous entry. Its suppose to work by the user selecting the "update" link. However the form is not being filled at all.
I've been trying to figure this out for 2 days now but i cant seem to figure it out. Some help would be greatly appreciated, thanks!
up.php
<form method="POST" action="up1.php">
<?php
$connection = mysql_connect("xxxxx","xxxxx","xxxxx")
or die("Could not make connection.");
$db = mysql_select_db("xxxxx")
or die("Could not select database.");
$sql1 = "SELECT * FROM emp ORDER BY primeID DESC ";
$sql_result = mysql_query($sql1) or die("Invalid query: " . mysql_error());
while ($row = mysql_fetch_array($sql_result))
{
$prime = $row["primeID"];
}
?>
Update
</form>
up1.php
<form action="up2.php" method="post">
<?
$connection = mysql_connect("xxxxx","xxxxx","xxxxx")
or die("Could not make connection.");
$db = mysql_select_db("xxxxx")
or die("Could not select database.");
$sql1 = "SELECT * FROM emp WHERE primeID = '$up22'";
$sql_result = mysql_query($sql1)
or die("Invalid query: " . mysql_error());
while ($row = mysql_fetch_array($sql_result))
{
$prime = $row["primeID"];
$a1 = $row["country"];
$a2 = $row["job"];
$a3 = $row["pos_type"];
$a4 = $row["location"];
$a5 = $row["des"];
$a6 = $row["des_mess"];
$a7 = $row["blurb"];
$a8 = $row["restitle"];
$a9 = $row["res"];
$a10 = $row["knowtitle"];
$a11 = $row["know"];
$a12 = $row["mis"];
$a13 = $row["mis_des"];
}
?>
<input name="aa1" value="<? echo $a1; ?>" type="text" id="textfield" size="60">
<input name="a1" type="text" value="<? echo $a2; ?>" id="textfield" size="60">
<input name="a2" type="text" value="<? echo $a3; ?>" id="a2" size="60">
<input name="a4" type="text" value="<? echo $a5; ?>" id="a4" size="60">
</form>
Based upon the limited information I could get out of your post I think I found the problem:
Starting with up.php
Update
Actually sends a "GET request" (Loading the page with a query string). We need to rebuild that:
<a href="JavaScript: void(0)" onclick="this.parentElement.submit()" >Update</a>
Now this link is going to send the form. However we need to send the value $prime. Let's use a hidden input inside the form.
<input type="hidden" name="up22" value="<? echo $prime; ?>" />
Now when the user clicks the link it posts the form and loads up1.php with the post var up22.
Changes to up1.php
$sql1 = "SELECT * FROM emp WHERE primeID = '".$_POST['up22']".'";
PDO
To update your code even further: PDO is a safer way to do queries. mysql queries are deprecated. They shouldn't be used anymore.
Replace your database calls with the following code:
function openDBConnection()
{
$name = "xxxxxx";
$pw = "xxxxxx";
$server = "xxxxxxx";
$dbConn = new PDO("mysql:host=$server;dbname=xxx", $name, $pw, , array( PDO::ATTR_PERSISTENT => false));
}
catch( PDOException $Exception )
{
echo "120001 Unable to connect to database.";
}
return $dbConn;
}
function doPDOQuery($sql, $type, $var = array())
{
$db = openDBConnection();
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
if ($type == "prepare")
{
$queryArray = $var;
$sth = $db->prepare($sql, array(PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY));
$sth->execute($queryArray);
}
else if ($type == "query")
{
$sth = $db->query($sql);
}
else
{
echo "Supplied type is not valid.";
exit;
}
if (!$sth)
{
$error = $db->errorInfo();
echo $error;
exit;
}
return $sth;
}
These functions you can use to make PDO queries to the database. The first function opens a database connection, while the second functions actually performs the query. You do not need to call the first function. It's called in the second one.
Example based upon your code:
$sql1 = "SELECT * FROM emp WHERE primeID = :id";
$sql_result = doPDOQuery($sql1, 'prepare', array(":id" => $_POST['up22']));
while ($row = $sql_result->fetchAll() )
{
//loop through the results.
}
PDO works as follows: instead of passing php variables into the SQL string (and risking SQL-injection), PDO passes the SQL string and variables to the database and let's the database's driver build the query string.
PDO variables can be declared by name or by index:
By name: use : to declare a named variable. SELECT * FROM TABLE WHERE id = :id. Each key must be unique.
By index: use ? to declare an indexed variable. SELECT * FROM TABLE WHERE id = ?
An array containing the variables needs to be passed to PDO.
named array:
array(":id" => 1);
indexed array:
array(1);
With named arrays you don't have to worry about the order of the variables.
http://php.net/manual/en/book.pdo.php
I have a database that users can search by any number of predetermined fields (chosen from a drop down). The problem I'm having is being able to edit existing records. The first script prompts for the record ID to edit. If no record is found the user is told to try again.
When a record is found the results are suppose to display in HTML input boxes. The user can then modify the data, hit submit and the record updates (another script).
Enabled errors. This is what is thrown:
Fatal error: Call to undefined method mysqli_result::fetch__assoc() in (path to script) on line 37
Any ideas on what is wrong?
<?php
//Include everything but the password to connect to db
include 'includes/connect_pw.php';
//User supplies password on previous form
$dbpass = $_POST['password'];
//User supplies id on previous form
$rec_id = $_POST['query'];
//Create connection to database using mysqli
$conn = new mysqli($dbhost, $dbuser, $dbpass, $db);
//Check connection. If error then kill process, show error and tell user to retry
if ($conn->connect_error) {
die ("<br><br>" . $conn->connect_error . "<p></p>Did you forget the password?");
}
//If no error then set select statement as variable
$sql = "SELECT * FROM dcr_master
WHERE (`ID` = '".$rec_id."')";
//Pass select ($sql) into connection ($conn) with result to ($result)
//Set new variables to populate input boxes. ex: $variable = $row['record field']
$result = $conn->query($sql);
if ($result->num_rows >=1) {
while ($row = $result->fetch__assoc()) {
$Server_Name = $row['Server_Name'];
$Description = $row['Description'];
$IP_Address = $row['IP_Address'];
$Wiki_Link = $row['Wiki_Link'];
}
?>
<form action="modify_dcr_3.php" method="POST">
<input type="hidden" name="ID" value="<?=$rec_id;?>">
Server Name<input type="text" name="Server_Name" value="<?=$Server_Name;?>">
Description<input type="text" name="Description" value="<?=$Description;?>">
IP_Address<input type="text" name="IP_Address" value="<?=$IP_Address;?>">
Wiki_Link<input type="text" name="Wiki_Link" value="<?=$Wiki_Link;?>">
<input type="submit">
</form>
<?php
}
else {
echo "<rb><br>No matching ID found.
<p></p>Try again. Just don't use " .$rec_id. " OK?";
}
?>
You have a double underscore on fetch__assoc(), this should have only a single underscore: fetch_assoc(). Specifically change this:
while ($row = $result->fetch__assoc()) {
...
}
To:
while ($row = $result->fetch_assoc()) {
...
}