How do I update my php/mysql by adding the previous vote and new vote
for example, in mysql. the vote point is 25. when I entered again with 25points. it became 50points. this is the scenario. I have table name"subj_eva" with coloumn of id, facultyname and totalvotes. how do I update my totalvotes by adding the old points and new points?
<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password="password"; // Mysql password
$db_name="ramon_pascual"; // Database name
$tbl_name="subj_eva"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Get values from form
$profname=$_POST['profname'];
$votecount=$_POST['votecount'];
$subj=$_POST['subject'];
// Insert data into mysql
$sql = "UPDATE $tbl_name SET facultyname='$profname', totalvotes='$votecount', subjects='$subj'";
$result=mysql_query($sql);
// if successfully insert data into database, displays message "Successful".
if($result){
echo "Successful";
echo "<BR>";
echo "<a href='indextest.php'>Back to main page</a>";
}
else {
echo "ERROR";
}
?>
<?php
// close connection
mysql_close();
?>
and this is my html code
<html>
<head><title> index test</title></head>
<body>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1">
<tr>
<td><form name="form1" method="post" action="welcome.php">
<table width="100%" border="0" cellspacing="1" cellpadding="3">
<tr>
<td colspan="3"><strong>Insert Data Into mySQL Database </strong></td>
</tr>
<tr>
<td width="71">Professor Name</td>
<td width="6">:</td>
<td width="301"><input name="profname" type="text" id="profname"></td>
</tr>
<tr>
<td>vote count</td>
<td>:</td>
<td><input name="votecount" type="text" id="votecount"></td>
</tr>
<tr>
<td>subject</td>
<td>:</td>
<td><input name="subject" type="text" id="subject"></td>
</tr>
<tr>
<td colspan="3" align="center"><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
</body>
</html>
You can modify your query to add the new value to the current value. I recommend converting votecount to an integer beforehand.
$votecount = intval($votecount);
$sql = "UPDATE $tbl_name SET facultyname='$profname', totalvotes=totalvotes + $votecount, subjects='$subj'";
Try:
$sql = "UPDATE $tbl_name SET facultyname='$profname', totalvotes=totalvotes + '$votecount', subjects='$subj'";
I do not understand what you want, but is always use in the transmission function mysql_real_escape_string() database any string variables! Otherwise possible Mysql injections. And in double quotes variables highlight the brackets {}, otherwise the function will give the database is not the variable.
Try this..
$votecount=$_POST['votecount'];
$getprevious =mysql_fetch_array(mysql_query("select * from $tbl_name order by id desc"));
$previouspoint= $getprevious[0]['totalvotes'];
$votecount = intval($previouspoint) + intval($votecount);
$sql = "UPDATE $tbl_name SET facultyname='$profname', totalvotes='$votecount', subjects='$subj'";
$result=mysql_query($sql);
try using like this
$query="update table_name set 'totalvotes'=(select `totalvotes` from `table_name` where id='".$id."')+'".$current_count."' where id='".$id."' ";
Related
I try to use the below code to update multiple rows, the below code can view the results of rows but it can not be updated, where is wrong place? How to modify it ?
<?php
$host="localhost"; // Host name
$username="abc"; // Mysql username
$password="abc123"; // Mysql password
$db_name="abc"; // Database name
$tbl_name="BRAddress"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("Cannot connect");
mysql_select_db("$db_name")or die("Cannot select Database");
$sql="SELECT * FROM $tbl_name WHERE br_no='62779457'";
$result=mysql_query($sql);
// Count table rows
$count=mysql_num_rows($result);
?>
<table width="100%" border="0" cellspacing="1" cellpadding="0">
<form name="form1" method="post" action="">
<tr>
<td>
<table width="100%" border="0" cellspacing="1" cellpadding="0">
<tr>
<td align="center"><strong>BR No.</strong></td>
<td align="center"><strong>Date of Register</strong></td>
<td align="center"><strong>Address</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center">
<? $br_no[]=$rows['br_no']; ?><? echo $rows['br_no']; ?>
</td>
<td align="center">
<input name="br_date_of_register[]" type="date" id="br_date_of_register" value="<? echo $rows['br_date_of_register']; ?>">
</td>
<td align="center">
<input name="br_address[]" type="text" size="60" id="br_address" value="<? echo $rows['br_address']; ?>">
</td>
</tr>
<?php
}
?>
<tr>
<td colspan="3" align="center"><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</td>
</tr>
</form>
</table>
<?php
// Check if button name "Submit" is active, do this
if($Submit){
for($i=0;$i<$count;$i++){
$sql1="UPDATE $tbl_name SET
br_date_of_register='$br_date_of_register[$i]',
br_address='$br_address[$i]'
WHERE br_no='$br_no[$i]'";
$result1=mysql_query($sql1);
}
}
if($result1){
header("location:update_sample.php");
}
mysql_close();
?>
Thank you very much for your help & support !
I think that you need to change this part
if($Submit){
to
if($_POST('Submit')){
I haven't run the whole or looked at entire code, but you have nothing that defines $Submit variable though from what I see.
Or you can put in
$Submit = $_POST('Submit');
before the if statement.
Let me know how you go.
Cheers
Your POST variable are empty. $br_date_of_register has no value. You must use this like following
$br_date_of_register = $_POST[br_date_of_register];
$br_address = $_POST[br_address];
for($i=0;$i<$count;$i++){
$sql1="UPDATE $tbl_name SET
br_date_of_register='$br_date_of_register[$i]',
br_address='$br_address[$i]'
WHERE br_no='$br_no[$i]'";
$result1=mysql_query($sql1);
}
Edit
if($Submit)
To
if($_SERVER['REQUEST_METHOD'] == "POST")
Considering your Submit check,
you can use this,
if(isset($_POST["Submit"]))
{
}
Further in your SQL statement, do this,
$sql1='UPDATE ' . $tbl_name . ' SET
br_date_of_register = ' . $br_date_of_register[$i] .
' , br_address = ' . $br_address[$i] .
' WHERE br_no = ' . $br_no[$i];
I want to update a database using this code but it fails every time and I cannot find why the form fails. if someone could help, i would appreciate that alot!!
These are the codes i use to update the DB (these are three files total)
When you go to my editor you will see this screen.(everything works exept the update) it says cannot update data. it doesn't show any other errors.
did i miss something?
<html>
<body>
<?php
session_start(); // Start the session
$loggedin = $_SESSION['loggedin']; // Are they loggedin?
// They are not logged in, Kill the page and ask them to login.
if ($loggedin != "1") {
die('Sorry your not loggedin, please login to gain acces. Here to login');}
?>
<?php
$host=""; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name=""; // Database name
$tbl_name=""; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$sql="SELECT * FROM $tbl_name";
$result=mysql_query($sql);
?>
<head>
<style>
div
{
fload:center;
width:1000px;
margin:0 0 15px 20px;
padding:15px;
border:1px solid black;
}
</style>
<div align="center">
</head>
<img src="http://www.emiclaer.nl/Portals/39/Tuinen.jpg" alt="DTlogo.img" width="880" height="280">
</div>
<body style="margin:15px;">
<div>
Druk op <font color="blue"><u>Update</u></font> om de App te Updaten.<br>
<p></p>
<center>
<table width="400" border="0" cellspacing="1" cellpadding="0">
<tr>
<td>
<table width="400" border="1" cellspacing="0" cellpadding="3">
<tr>
<td colspan="4"><strong>Iphone aanbiedingen.</strong> </td>
</tr>
<tr>
<td align="center"><strong>Naam</strong></td>
<td align="center"><strong>Omschrijving</strong></td>
<td align="center"><strong>Prijs</strong></td>
<td align="center"><strong>Promotext</strong></td>
<td align="center"><strong>URL</strong></td>
<td align="center"><strong>Image URL</strong></td>
<td align="center"><strong>Update</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td><? echo $rows['naam']; ?></td>
<td><? echo $rows['omschrijving']; ?></td>
<td><? echo $rows['promotext']; ?></td>
<td><? echo $rows['prijs']; ?></td>
<td><? echo $rows['url']; ?></td>
<td><? echo $rows['iurl']; ?></td>
<td align="center">Update</td>
</tr>
<?php
}
?>
</table>
</td>
</tr>
</table>
<?php
mysql_close();
?>
</div>
</center>
</form>
</body>
</html>
This is the second screen you will go to
<html>
<?php
session_start(); // Start the session
$loggedin = $_SESSION['loggedin']; // Are they loggedin?
// They are not logged in, Kill the page and ask them to login.
if ($loggedin != "1") {
die('Sorry your not loggedin, please login to gain acces. Here to login');}
?>
<?php
$host=""; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name=""; // Database name
$tbl_name=""; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// get value of id that sent from address bar
$id=$_GET['id'];
// Retrieve data from database
$sql="SELECT * FROM $tbl_name WHERE id='$id'";
$result=mysql_query($sql);
$rows=mysql_fetch_array($result);
?>
<head>
<style>
div
{
fload:center;
width:1000px;
margin:0 0 15px 20px;
padding:15px;
border:1px solid black;
}
</style>
<div align="center">
</head>
<img src="http://www.emiclaer.nl/Portals/39/Tuinen.jpg" alt="DTlogo.img" width="880" height="280">
</div>
<body style="margin:15px;">
<div>
Vul hier de updates in.<br>
<p></p>
<center>
<table width="400" border="0" cellspacing="1" cellpadding="0">
<tr>
<td>
<table width="100%" border="0" cellspacing="1" cellpadding="0">
<tr>
<td> </td>
<td colspan="3"><strong>Update Iphone App</strong> </td>
</tr>
<tr>
<td align="center"> </td>
<td align="center"> </td>
<td align="center"> </td>
<td align="center"> </td>
</tr>
<tr>
<td align="center"> </td>
<td align="center"><strong>Naam</strong></td>
<td align="center"><strong>Omschrijving</strong></td>
<td align="center"><strong>Prijs</strong></td>
<td align="center"><strong>Promotext</strong></td>
<td align="center"><strong>URL</strong></td>
<td align="center"><strong>Image URL</strong></td>
<td align="center"><strong>Update</strong></td>
</tr>
<form name="form1" method="post" action="updateform.php">
<tr>
<td> </td>
<td align="center">
<input name="inp_naam" type="text" id="inp_naam" value="<? echo $rows['naam']; ?>">
</td>
<td align="center">
<input name="inp_omschrijving" type="text" id="inp_omschrijving" value="<? echo $rows['omschrijving']; ?>" size="15">
</td>
<td>
<input name="inp_prijs" type="text" id="inp_prijs" value="<? echo $rows['prijs']; ?>" size="15">
</td>
<td align="center">
<input name="inp_promotext" type="text" id="inp_promotext" value="<? echo $rows['promotext']; ?>">
</td>
<td align="center">
<input name="inp_url" type="text" id="inp_url" value="<? echo $rows['url']; ?>" size="15">
</td>
<td>
<input name="inp_iurl" type="text" id="inp_iurl" value="<? echo $rows['iurl']; ?>" size="15">
</td>
</tr>
<tr>
<td> </td>
<td>
<input name="id" type="hidden" id="id" value="<? echo $rows['id']; ?>">
</td>
<td align="center">
<input type="submit" name="Submit" value="Submit">
</form>
</td>
<td> </td>
</tr>
</table>
</td>
</tr>
</table>
</div>
</center>
<?php
// close connection
mysql_close();
?>
</body>
</html>
This Code is what has to Update the database. (i have updated this one to most comments on the page, mysqli and PDO don't work for me.)
<html>
<body>
<?php
session_start(); // Start the session
$loggedin = $_SESSION['loggedin']; // Are they loggedin?
// They are not logged in, Kill the page and ask them to login.
if ($loggedin != "1") {
die('Sorry your not loggedin, please login to gain acces. Here to login');}
?>
<?php
$inp_naam=$_POST['inp_naam'];
$inp_prijs=$_POST['inp_prijs'];
$inp_promotext=$_POST['inp_promotext'];
$inp_url=$_POST['inp_url'];
$inp_iurl=$_POST['inp_iurl'];
$id=$_POST['id'];
$host=""; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name=""; // Database name
$tbl_name=""; // Table name
// Connect to server and select database.
$conn = mysql_connect("$host", "$username", "$password")or die("cannot connect Host");
mysql_select_db("$db_name")or die("cannot select DB");
// update data in mysql database
$sql="UPDATE `$db_name`.`$tbl_name`
SET `naam` = '$inp_naam',
`omschrijving` = '$inp_omschrijving',
`prijs` = '$inp_prijs',
`promotext` = '$inp_promotext',
`url` = '$inp_url',
`iurl` = '$inp_iurl'
WHERE `$tbl_name`.`id` = '$id'";
$result = mysql_query($conn, $sql);
if (!$result) {
// if successfully updated.
echo "Successful";
echo "<BR>";
echo "<a href='list_records.php'>View result</a>";
} else {
die('cannot update DataBase'. mysql_error());
}
?>
</body>
</html>
To
<html>
<body>
<?php
session_start(); // Start the session
$loggedin = $_SESSION['loggedin']; // Are they loggedin?
// They are not logged in, Kill the page and ask them to login.
if ($loggedin != "1") {
die('Sorry your not loggedin, please login to gain acces. Here to login');}
?>
<?php
$host=""; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name=""; // Database name
$tbl_name=""; // Table name
session_start();
// Connect to server and select database.
$conn = mysql_connect("$host", "$username", "$password")or die("cannot connect Host");
mysql_select_db("$db_name")or die("cannot select DB");
// update data in mysql database
$sql="UPDATE tblProducts
SET naam = '".$_POST['inp_naam']."',
omschrijving = '".$_POST['inp_omschrijving']."',
prijs = '".$_POST['inp_prijs']."',
promotext = '".$_POST['inp_promotext']."',
url = '".$_POST['inp_url']."',
iurl = '".$_POST['inp_iurl']."'
WHERE id = '".$_POST['inp_id']."'";
$result = mysql_query($sql,$conn);
if (!result) {
// if successfully updated.
echo "Successful";
echo "<BR>";
echo "<a href='list_records.php'>View result</a>";
} else {
die('cannot update DataBase'. mysql_error());
}
mysql_close();
?>
</body>
</html>
Thank you alot for your time!
Mysqli.
// Connect to database
$con=mysqli_connect("$host","$user","$pass","$db_name");
// Check connection
if (mysqli_connect_errno($con))
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// Get id from URL bar
$id=$_GET['id']
// connect to table
$sql="SELECT * FROM `tblProducts` WHERE `id` = '$id'";
$result=mysqli_query($con,$sql);
// get table information
$rows=mysqli_fetch_array($result,MYSQLI_ASSOC);
mysqli_free_result($result);
?>
First of all, the syntax for your query is incorrect. The SQL query should be passed as the first parameter, with the connection identifier as the second, for example:
$result = mysql_query($sql, $conn);
Secondly, your UPDATE query contains invalid characters. You should use backticks to escape field names in MySQL,not quotes. Update your code as follows:
$sql="UPDATE `$db_name`.`$tbl_name`
SET `naam` = '$inp_naam',
`omschrijving` = '$inp_omschrijving',
`prijs` = '$inp_prijs',
`promotext` = '$inp_promotext',
`url` = '$inp_url',
`iurl` = '$inp_iurl'
WHERE `$tbl_name`.`id` = $id";
You'll see that I also removed the erroneous squared brackets ([]) as well.
Please be advised that mysql_* functions are now deprecated. You should look into MySQLi or PDO. Also be advised that your code is wide open to SQL injection. You should learn about sanitizing your input, and in particular, Prepared Statements.
I am not sure this ' is the correct symbol for using with table and column names.
UPDATE '$db_name'.'$tbl_name'
SET 'naam' = ['$inp_naam'], 'omschrijving' = ['$inp_omschrijving'], 'prijs' = ['$inp_prijs'], 'promotext' = ['$inp_promotext'], 'url' = ['$inp_url'], 'iurl' = ['$inp_iurl']
WHERE '$tbl_name'.'id' = $id
Maybe you wanted to use ` ?
$sql="UPDATE '$db_name'.'$tbl_name'
SET naam = ['$inp_naam'], omschrijving = ['$inp_omschrijving'], prijs = ['$inp_prijs'], promotext = ['$inp_promotext'], url = ['$inp_url'], iurl = ['$inp_iurl']
WHERE '$tbl_name'.id = $id";
Remove single quote from column name
This code of yours has some serious security issues. You are writing POST/GET-variables without quoting to an SQL query, which let's users inject SQL into your query (see http://xkcd.com/327/ :)).
For DB interaction I usually use PDOs (http://www.php.net/manual/de/pdo.prepare.php).
Your code will look like this:
$sth = $dbh->prepare('UPDATE '.$db_name.'.'.$tbl_name.' SET naam = ?, omschrijving = ?, prijs = ?, promotext = ?, url = ?, iurl = ? WHERE '.$tbl_name.'.id = ?');
$sth->execute(array($inp_naam, $inp_omschrijving, $inp_prijs, $inp_promotext, $inp_url, $inp_iurl, $id));
Edit: Without PDO this would look like this:
$sql = "UPDATE ".$db_name.".".$tbl_name." SET"
." naam = '".mysql_real_escape_string($inp_naam)
."', omschrijving = '".mysql_real_escape_string($inp_omschrijving)
."', prijs = '".mysql_real_escape_string($inp_prijs)
."', promotext = '".mysql_real_escape_string($inp_promotext)
."', url = '".mysql_real_escape_string($inp_url)
."', iurl = '".mysql_real_escape_string($inp_iurl)
."' WHERE ".$tbl_name.".id = '".mysql_real_escape_string($id)."'");
I'm making a web app to help determine whose turn it is to make tea in my office, giving me a focus to learn the use of PHP/MySQL. Apologies for newbie ignorance.
For new users signing up I need to populate the user table with their selections from a dropdown, which is itself populated from a separate table. So when a user signs up, I wan them to select the name of their favourite drink from the dropdown/drinks table and I want the ID of that drink saved in the defaultdrink field of the user table. I also understand this should be done using POST, not GET.
Have so far successfully made a form that populates the DB and have made a dropdown populated from the DB - but no success yet in doing both.
The form page is...
<?php
require "insert_dropdown.php";
?>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1">
<tr>
<td><form name="form1" method="post" action="insert_ac.php">
<table width="100%" border="0" cellspacing="1" cellpadding="3">
<tr>
<td colspan="3"><strong>Sign up to the Tea App</strong></td>
</tr>
<tr>
<td width="71">Name</td>
<td width="6">:</td>
<td width="301"><input name="name" type="text" id="name"></td>
</tr>
<tr>
<td colspan="3" align="center"><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
<?php
$dropdown = "<select name='drinkname'>";
while($row = mysql_fetch_assoc($dresult)) {
$dropdown .= "\r\n<option value='{$row['drinkname']}'>{$row['drinkname']}</option>";
}
$dropdown .= "\r\n</select>";
echo $dropdown;
?>
The form actions are led by insert_ac.php...
<?php
$host=""; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="tea"; // Database name
$tbl_name="users"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Get values from form
$name=$_POST['name'];
$pref=$_POST['pref']; // Drink preference
// Insert data into mysql
$sql="INSERT INTO $tbl_name(name, pref)VALUES('$name', '$pref')";
$result=mysql_query($sql);
// if successfully insert data into database, displays message "Successful".
if($result){
echo "Successful";
}
else {
echo "ERROR";
}
// close connection
mysql_close();
?>
And I'm populating the dropdown using insert_dropdown.php...
<?php
$host=""; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// Write out our query.
$dquery = "SELECT drinkname FROM drinks";
// Execute it, or return the error message if there's a problem.
$dresult = mysql_query($dquery) or die(mysql_error());
// if successfully insert data into database, displays message "Successful".
if($dresult){
echo "Drink Successful";
echo "<BR />";
}
else {
echo "ERROR";
}
// close connection
mysql_close();
?>
Am I beyond saving?
Cheers,
Alex
Do not close mysql connection.
Or - even better - store the actual db rows into array and use that array to populate drop-down.
and put your select box inside of the form.
Well if you want yo learn something useful yet simple
config.php
<?php
$host=""; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="tea"; // Database name
// Connect to server and select database.
mysql_connect($host, $username, $password);
mysql_select_db($db_name);
// A function! greatest invention since wheel.
function dbgetarr($query){
$a = array();
$res = mysql_query($query);
if (!$res) {
trigger_error("dbget: ".mysql_error()." in ".$query);
} else {
while($row = mysql_fetch_assoc($res)) $a[]=$row;
}
return $a;
}
main page.
<?php
include 'config.php';
$data = dbGetArr("SELECT drinkname FROM drinks");
$tpl = 'tea.tpl.php';
include 'main.tpl.php';
main site template main.tpl.php
<html>
<body>
<?php include $tpl ?>
</body>
</html>
tea page template tea.tpl.php
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1">
<tr>
<td><form name="form1" method="post" action="insert_ac.php">
<table width="100%" border="0" cellspacing="1" cellpadding="3">
<tr>
<td colspan="3"><strong>Sign up to the Tea App</strong></td>
</tr>
<tr>
<td width="71">Name</td>
<td width="6">:</td>
<td width="301"><input name="name" type="text" id="name"></td>
</tr>
<tr>
<td width="71">Name</td>
<td width="6">:</td>
<td width="301"><input name="drink" type="text" id="name">
<select name="drinkname">
<?php foreach($data as $row)): ?>
<option value="<?=$row['drinkname']?>"><?=$row['drinkname']?></option>
<?php endforeach ?>
</select>
</td>
</tr>
<tr>
<td colspan="3" align="center">
<input type="submit" name="Submit" value="Submit">
</td>
</tr>
</table>
</form>
</td>
</tr>
</table>
insert_ac.php
<?php
include 'config.php';
$tbl_name="users"; // Table name
// Get values from form and formatting them as SQL strings
$name = mysql_real_escape_string($_POST['name']);
$pref = mysql_real_escape_string($_POST['pref']); // Drink preference
// Insert data into mysql
$sql="INSERT INTO `$tbl_name` (name, pref) VALUES('$name', '$pref')";
$result=mysql_query($sql);
// if successfully insert data into database, displays message "Successful".
if($result){
echo "Successful";
}else {
echo "ERROR";
}
I'm trying to update multiple mysql records, with this code:
<strong>Update multiple rows in mysql</strong><br>
<?php
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="test"; // Database name
$tbl_name="test_mysql"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$sql="SELECT * FROM $tbl_name";
$result=mysql_query($sql);
// Count table rows
$count=mysql_num_rows($result);
?>
<table width="500" border="0" cellspacing="1" cellpadding="0">
<form name="form1" method="post" action="">
<tr>
<td>
<table width="500" border="0" cellspacing="1" cellpadding="0">
<tr>
<td align="center"><strong>Id</strong></td>
<td align="center"><strong>Name</strong></td>
<td align="center"><strong>Lastname</strong></td>
<td align="center"><strong>Email</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center"><? $id[]=$rows['id']; ?><? echo $rows['id']; ?></td>
<td align="center"><input name="name[]" type="text" id="name" value="<? echo $rows['name']; ?>"></td>
<td align="center"><input name="lastname[]" type="text" id="lastname" value="<? echo $rows['lastname']; ?>"></td>
<td align="center"><input name="email[]" type="text" id="email" value="<? echo $rows['email']; ?>"></td>
</tr>
<?php
}
?>
<tr>
<td colspan="4" align="center"><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</td>
</tr>
</form>
</table>
<?php
// Check if button name "Submit" is active, do this
if($Submit){
for($i=0;$i<$count;$i++){
$sql1="UPDATE $tbl_name
SET name='$name[$i]',
lastname='$lastname[$i]',
email='$email[$i]'
WHERE id='$id[$i]'";
$result1=mysql_query($sql1);
}
}
if($result1){
header("location:update_multiple.php");
?>
It shows records from the DB in input text boxes, but when I change old records with new ones and then submit, nothing happens, page refreshes with old values.
You will need to check if the form is submitted using $_POST['Submit'].
Also you could use a hidden input field to keep track of each row to update:
<input type="hidden" name="id[]" value="<?php echo $row['id']; ?>" />
Then when handling your submission you should do something like this:
if(isset($_POST['Submit'])) {
$ids = $_POST['id'];
$names = $_POST['name'];
$lastnames = $_POST['lastname'];
$emails = $_POST['email'];
//
foreach($ids as $id) {
// update the record based on the id and supplied data
}
}
And of course the update process should be executed before you retrieve you rows from the database. In other words the above code should be placed near the top of your script. At least before the:
$sql="SELECT * FROM $tbl_name";
$result=mysql_query($sql);
Submit should define that form if sent
move update code before select because you first view, and just after that update info, so you'll view previous results all the time
...
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
if($Submit){
for($i=0;$i<$count;$i++){
$sql1="UPDATE $tbl_name SET name='$name[$i]', lastname='$lastname[$i]', email='$email[$i]' WHERE id='$id[$i]'";
$result1=mysql_query($sql1
);
}
$sql="SELECT * FROM $tbl_name";
$result=mysql_query($sql);
// Count table rows
...
Using if($Submit){ is not the correct way to determinate if a form has been submitted ...
you should use :
if($_SERVER['REQUEST_METHOD'] == "POST")
then process your submitted values.
Note : you should update the DB before showing the values ....
And please make sure you read about SQL Injection
First of all mysql_query() doesn't return anything when you execute an update command.
You could use instead mysql_affected_rows to retrieve the number of rows changed by the previous query:
http://php.net/manual/en/function.mysql-affected-rows.php
Then, you should also do some refactoring like moving the update code before displaying the results, otherwise the header location directive won't work if you already sent output to the browser.
did you apply the varaible names in single code?
$sql1="UPDATE $tbl_name SET name='$name[$i]', lastname='$lastname[$i]', email='$email[$i]' WHERE id='$id[$i]'";
change above query to
$sql1="UPDATE $tbl_name SET name='".$name[$i]."', lastname='".$lastname[$i]."', email='".$email[$i]."' WHERE id=$id[$i]";
I'm attempting to modify this script so that, instead of returning all results in the database, I am limited to a small set.
However, when I utilize POST to get the passed search term I break the ability to delete records.
I can use a query with no variables or where variables are set beforehand, but not with the POST command.
e.g.
$sql="SELECT * FROM $table WHERE name='bob'"; //deleting items works after this query
$name='bobo';
$sql="SELECT * FROM $table WHERE name='$name'"; //deleting items works after this query
$name=mysql_real_escape_string($_POST['searchterm'];
$sql="SELECT * FROM $table WHERE name='$name'"; //deleting items fails after this query
I've attempted to see what the result set returns but can't seem to capture any output from the query.
I'm not sure why utilizing the post command breaks the query.
Here is my modified code:
<?php
$host="localhost";
$username="foo";
$password="bar";
$db_name="Alerts";
$tbl_name="SearchTermsAndContactAddress";
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$address=mysql_real_escape_string($_POST['SearchAddress']);
$sql=sprintf( "SELECT * FROM $tbl_name WHERE contactaddress = '007#gmail.com' ORDER BY searchterms ASC"); //the delete does work
$sql=sprintf( "SELECT * FROM $tbl_name WHERE contactaddress = '$address' ORDER BY searchterms ASC"); //delete doesn't work
$sql=sprintf( "SELECT * FROM $tbl_name WHERE contactaddress = '%s' ORDER BY searchterms DESC", mysql_real_escape_string($_POST['SearchAddress']) ); //this doesn't work either
$sql=sprintf( "SELECT * FROM $tbl_name WHERE contactaddress = '$_POST[SearchAddress]' ORDER BY searchterms DESC" ); // it doesn't work with this query
#$sql=sprintf( "SELECT * FROM $tbl_name ORDER BY searchterms DESC" ); //it does work with this query
echo $sql;
$result=mysql_query($sql);
$count=mysql_num_rows($result);
?>
<table width="400" border="0" cellspacing="1" cellpadding="0">
<tr>
<td><form name="form1" method="post" action="">
<table width="400" border="0" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td bgcolor="#FFFFFF"> </td>
<td colspan="4" bgcolor="#FFFFFF"><strong>Delete multiple rows in mysql</strong> </td>
</tr>
<tr>
<td align="center" bgcolor="#FFFFFF">#</td>
<td align="center" bgcolor="#FFFFFF"><strong>Id</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Search Term</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Address</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Attach Image</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center" bgcolor="#FFFFFF"><input name="checkbox[]" type="checkbox" id="checkbox[]" value="<? echo $rows['prim_key']; ?>"></td>
<td bgcolor="#FFFFFF"><? echo $rows['prim_key']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['searchterms']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['contactaddress']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['ImageAttachment']; ?></td>
</tr>
<?php
}
?>
<tr>
<td colspan="5" align="center" bgcolor="#FFFFFF"><input name="delete" type="submit" id="delete" value="Delete"></td>
</tr>
<?
//try closing and starting a new connection
/*
mysql_close();
mysql_connect("$host", "$username", "$password") or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB"); // yeah this didn't work
*/
// Check whether delete button active, start this
if ($delete) {
for ($i=0;$i<$count;$i++) {
$del_id = $checkbox[$i];
$sql = "DELETE FROM $tbl_name WHERE prim_key='$del_id'";
// $sql = "DELETE FROM $tbl_name WHERE id='10'"; //using a static query didn't solve the problem.
$result = mysql_query($sql);
}
// if successful redirect to delete_multiple.php
if ($result) {
echo $result; // this will return "Resource id #2" when it fails or it will return the # of affected rows when it succeeds
// while($row = mysql_fetch_assoc($result)) {
while ($row = mysql_fetch_array($result)) {
echo $row['num'];
echo "damn"; //this isn't being printed
}
echo "<meta http-equiv=\"refresh\" content=\"4;URL=delete_multiple3.php\">";
}
}
mysql_close();
?>
</table>
</form>
</td>
</tr>
</table>
I'm quite new to php and moderately knowledgeable about MySQL.
$sql=sprintf( "SELECT * FROM $tbl_name WHERE contactaddress = '%s' ORDER BY searchterms DESC", mysql_real_escape_string($_POST['SearchAddress']) );
That should be working, assuming that you have the correct value in $_POST['SearchAddress']
print_r($_POST);
Run that, see if the values you expect are there, then start moving onto the broader issues that #Chris has touched on.
Why are you using sprintf but not supplying any arguments to it (so you really aren't doing anything with sprintf).
Here:
$sql = 'SELECT * FROM `'.$tbl_name.'` WHERE contactaddress = \''.mysql_real_escape_string($_POST['SearchAddress']).'\' ORDER BY searchterms ASC';
You should really look into Mysqli or PDO, though, since the ext/mysql library is deprecated.
NOTE: Yes, I took out variable parsing in the string because I, personally, HATE it.
EDIT: I didn't read your code far enough down. Where do you set $delete? You aren't using register_globals, are you...?
EDIT of the EDIT: What are you trying to do in this code. You are throwing around variables like crazy, thinking they are what they aren't and vise versa. Can you explain what your intent of this code is?
FINAL EDIT:
I understand why the code is not working as you want it to. When you first submit to the page, you send it the $_POST['SearchAddress'] variable, so the first query executes correctly. However, when you submit which fields to delete (from the HTML that is printed from the first select query), you POST to the exact same page. This makes $_POST['SearchAddress'] blank and fills the other $_POST variables. Because that first SELECT query fails the second time (returns 0 rows), $count = 0, which would make none of the DELETE statements execute. You have to either separate the code, or add:
<input type="hidden" name="SearchAddress" value="<? echo $_POST['SearchAddress']; ?>" />
in your HTML (within the form).
You are also relying on register globals, which is a BAD idea. An example of what that is can be found here: http://php.net/manual/en/security.globals.php