So I'm trying to get this php code to display a textarea and submit button so a user can submit a bio that gets inserted into a db. I have a few issues with this code:
For some reason, the text area is filled with the actual form HTML instead of just a blank box, so it shows as:
<form action='page-bio.php' method='post'>
<textarea name='author_bio' value=<input type='hidden' name='hidden' value=
<input type='submit' name='update' value=update
</form>.
I'm using wordpress, so this is a php template, but I am wondering if this code will properly get the current user and insert the user's bio into the user's bio field in the database? I have a feeling it won't, but I can't tell because I still can't get the submit button to display.
<?php
$con = mysql_connect("localhost","XXXX","XXXX");
if (!$con){
die("can not connect: " . mysql_error());
}
mysql_select_db("i5412",$con);
// Get the current user's info
$current_user = wp_get_current_user();
if(isset($_POST['update'])){
$UpdateQuery = "UPDATE wp_usermeta SET author_bio='".$_POST['author_bio']."'WHERE
user_id=$current_user and author_bio='".$_POST['hidden']."'";
mysql_query($UpdateQuery, $con);
}
$sql = "SELECT * FROM wp_usermeta";
$myData = mysql_query($sql,$con);
while($record = mysql_fetch_array($myData)){
echo "<form action='page-bio.php' method='post'>";
echo "<textarea name='author_bio' cols='10' rows='10' value=" . $record['author_bio'];
echo "<input type='hidden' name='hidden' value=" . $record['author_bio'];
echo "<input type='submit' name='update' value=update";
echo "</form>";
}
mysql_close($con);
?>
You need to change the following lines:
echo "<textarea name='author_bio' cols='10' rows='10' value=" . $record['author_bio'];
echo "<input type='hidden' name='hidden' value=" . $record['author_bio'];
echo "<input type='submit' name='update' value=update";
To
echo "<textarea name='author_bio' cols='10' rows='10'>" . $record['author_bio'] . "</textarea>";
echo "<input type='hidden' name='hidden' value='" . $record['author_bio']. "'>";
echo "<input type='submit' name='update' value='update'>" ;
you forgot to close half of the input tags such as echo "<input type='submit' name='update' value=update"; where you missed the ending >
Related
What I am trying to do is have a PHP page display the contents of a MySQL database and and each line it displays, it give me a delete button so I can delete individual rows. I have the code kind of working. The code delete the lines of code, but not the one I select, instead it deletes the last line and not the one I tell it to delete.
Here is a screenshot, I know it does not look pretty, I was going to clean it up after I get the code working.
HTML:
<?php
// Delete php code
if(isset($_POST['delete_series']))
{
// here comes your delete query: use $_POST['deleteItem'] as your id
$delete = $_POST['delete_series'];
$delete_sql = "DELETE FROM `Dropdown_Series` where `id` = '$delete'";
if(mysql_query($delete_sql, $conn))
{
echo "Row Deleted </br>";
echo "$delete";
};
}
//Insert Code
if(isset($_POST['add_series']))
{
$insert_sql = "INSERT INTO dropdown_series (series) VALUES ('$_POST[add_series]' )";
if(!mysql_query($insert_sql, $conn))
{
die ('Error: ' . mysql_error());
}
echo "Series Added <br><br>";
}
?>
<br />
<h1>Add New Series Title</h1>
<h3>Add New: </h3><br />
<form name = action="add_series.php" method="POST">
<input type = "text" name = "add_series" required/><br /><br />
<input type ="submit" name="submit" value="Add">
</form>
<h3>Current Series: </h3><br />
<?php
//Delete button on each result of the rows
$query = mysql_query("SELECT id, series FROM Dropdown_Series"); // Run your query
// Loop through the query results, outputing the options one by one
echo "<form action='' method='POST'>";
while ($row = mysql_fetch_array($query))
{
echo $row['series'] . " ";
echo $row['id'];
echo "<input type='hidden' name='delete_series' value=' " . $row['id'] . "' />";
echo "<input type='submit' name='submit' value='Delete'>";
//echo $row['series'] . " ". $row['id'] . "<input type='submit' value='delete'>";
echo "<br />";
}
echo "</form>";
?>
Your loop will result in multiple delete_series inputs - within the same form.
You could create separat forms for each option:
while ($row = mysql_fetch_array($query))
{
echo "<form action='' method='POST'>";
// ...
echo "<input type='hidden' name='delete_series' value=' " . $row['id'] . "' />";
echo "<input type='submit' name='submit' value='Delete'>";
// ...
echo "</form>";
}
I believe that a very quick answer would be
while ($row = mysql_fetch_array($query))
{
echo "<form action='' method='POST'>";
echo $row['series'] . " ";
echo $row['id'];
echo "<input type='hidden' name='delete_series' value=' " . $row['id'] . "' />";
echo "<input type='submit' name='submit' value='Delete'>";
//echo $row['series'] . " ". $row['id'] . "<input type='submit' value='delete'>";
echo "<br />";
echo "</form>";
}
If I were you I would prefer injecting some javascript in the logic, and perform the Delete request using an ajax call.
you can refer to this tutorial to get more understanding of what I am refering to https://scotch.io/tutorials/submitting-ajax-forms-with-jquery
let me explain the code I'm getting data from the db and display the data in text input then when the user make changes I get the user input and update the table however when it update it update to empty data
<?php
echo "<form action='' method='get'>";
echo "<td class='data'><input type='product_name' id='product_name' value=" . $row['product_name'] . "> </td>";
echo "<td class='data'><input type='products_price' id='products_price' value=" . $row['products_price'] . "> </td>";
echo "<td class='data'><input type='products_desc' id='products_desc' value=" . $row['products_desc'] . "> </td>";
echo "</form>";
echo "</tr>";
echo "</table>";
echo "<form action='' method='POST'>
<input name='update' type='submit' value='Update' style='margin-left: 720px'>
</form>";
$product_name = isset($_GET['product_name']) ? $_GET['product_name'] : '';
$products_desc = isset($_GET['products_desc']) ? $_GET['products_desc'] : '';
$products_price = isset($_GET['products_price']) ? $_GET['products_price'] : '';
if (isset($_POST["update"])) {
$sql1 = "UPDATE tbl_products SET products_desc='" . $products_desc . "',product_name='" . $product_name . "',products_price='" . $products_price . "' WHERE products_id='" . $product_id . "'";
mysqli_query($conn, $sql1) or die(mysqli_error($conn));
echo "yess";
}
?>
Your input elements have no name attribute, so things like $_GET['product_name'] will always be empty. The name attribute is the key in the key/value pair sent to the server.
Additionally, the type attributes are all broken. (Though I suspect the browser is automatically "correcting" that by defaulting to a text input.)
Add the name attribute (and fix type):
<input type='text' name='product_name' id='product_name' ...
Additionally, you have two forms. So when you click your button, that form doesn't submit any of the inputs. Because they're in a different form.
Put them all into the same form, and decide whether you want to use GET or POST (since your server-side code is going to need to know that).
You defined your data form in one form tag and submit form in the another form tag:
<form action='' method='POST'>
<input name='update' type='submit' value='Update' style='margin-left: 720px'>
</form>
echo "<form action='' method='get'>";
echo "<td class='data'><input type='product_name' id='product_name' value=" . $row['product_name'] . "> </td>";
echo "<td class='data'><input type='products_price' id='products_price' value=" . $row['products_price'] . "> </td>";
echo "<td class='data'><input type='products_desc' id='products_desc' value=" . $row['products_desc'] . "> </td>";
echo "</form>";
When you submit your first form but your data is on another form
this is what is wrong
I want to make radiobutton with mysql
MY CODE
But it isn't make sense (SERVER ERROR:500)
Beacause of html form tag!
So I want to ask you!
"How can I make radiobutton with mysql value?"
I don't know what you are trying to achieve but I think I know what you mean. You want to create a radio button giving it a value from your database.
You don't create a form for each radio button. Instead, create the radio buttons within a single form tag.
Something like this:
echo "<form name='' action='index.php' method='post'>";
while($row=mysqli_fetch_array($res)){
echo "<input type='radio' name='" .$q . "' value='".$q ."'>" .$q . "<br />";
echo "<input type='radio' name='" .$a1 . "' value='".$a1 ."'>" .$a1 . "<br />";
echo "<input type='radio' name='" .$a2 . "' value='".$a2 ."'>" .$a2 . "<br />";
echo "<input type='radio' name='" .$a3 . "' value='".$a3 ."'>" .$a3 . "<br />";
}
echo "</form>";
In your echo statement change the parameter " to '.
Try this it will be defiantly works.
Try like this,
while ($row = mysqli_fetch_array($res))
{
$q = $row['q'];
echo "<tr>
<td>
<form name='' action='index.php' method='post'>
<input type='radio' name='q' value='".$q."'
</form>
</td>
</tr>";
}
Are you properly able to establish a connection to the server? Just var_dump or print_r to see what you are getting from the database.
I'm a beginner with PHP. I watched a tutorial to create a form which modifies my wamp-created mysql database table. Copied the video at first, but then made my own table from scratch and tried to upgrade it.
My add row works correctly, but the update and remove do not. I think the WHERE clause is not correct, referencing reg_id.
I created a unique primary key, which auto-increments and cannot be modified; this is what I want to reference when changes are made (since it cannot be changed).
if (isset($_POST['update'])){
$UpdateQuery = "UPDATE register SET First_Name='$_POST[first_name]', Last_Name='$_POST[last_name]', Breed='$_POST[breed]', Weight='$_POST[weight]', Age='$_POST[age]', Sex='$_POST[sex]' WHERE '$_POST[reg_id]'='$_POST[reg_id]'";
mysqli_query($con,$UpdateQuery);};
if (isset($_POST['delete'])){
$DeleteQuery = "DELETE FROM register WHERE reg_id='$_POST[reg_id]'";
mysqli_query($con,$DeleteQuery);};
Here is the rest of it where the form is located:
while($record=mysqli_fetch_array($myData)){
echo "<form action=register.php method=post>";
echo "<tr>";
echo "<td>" . $record['reg_id'] . " </td>";
echo "<td>" . "<input type=text name=first_name value=" . $record['First_Name'] . " </td>";
echo "<td>" . "<input type=text name=last_name value=" . $record['Last_Name'] . " </td>";
echo "<td>" . "<input type=text name=breed value=" . $record['Breed'] . " </td>";
echo "<td>" . "<input type=int name=weight value=" . $record['Weight'] . " </td>";
echo "<td>" . "<input type=int name=age value=" . $record['Age'] . " </td>";
echo "<td>" . "<input type=text name=sex value=" . $record['Sex'] . " </td>";
echo "<td>" . "<input type=submit name=update value=update" . " </td>";
echo "<td>" . "<input type=submit name=delete value=delete" . " </td>";
echo "</tr>";
echo "</form>";
}
Please help me fix it.
if (isset($_POST['update'])){
$UpdateQuery = "UPDATE register SET First_Name='".$_POST['first_name']."',Last_Name='".$_POST['last_name']."', Breed='".$_POST['breed']."', Weight='".$_POST['weight']."', Age='".$_POST['age']."', Sex='".$_POST['sex']."' WHERE reg_id ='".$_POST['reg_id']."'";
mysqli_query($con,$UpdateQuery);
};
if (isset($_POST['delete'])){
$DeleteQuery = "DELETE FROM register WHERE reg_id='".$_POST['reg_id']."'";
mysqli_query($con,$DeleteQuery);
};
should be enclosed by ' ,that is optional.add hidden will be more better
echo "<td><input type='hidden' name='reg_id' value='".$record['reg_id']."'></td>";
echo "<td><input type='submit' name='update' value='update'></td>";
echo "<td><input type='submit' name='delete' value='delete'></td>";
You are using $_POST without '.
Try this : {$_POST['first_name']} and replace all $_POST according to this.
So your update query will be like this :
"UPDATE register SET First_Name='{$_POST['first_name']}', Last_Name='{$_POST['last_name']}', Breed='{$_POST['breed']}', Weight='{$_POST['weight']}', Age='{$_POST['age']}', Sex='{$_POST['sex']}' WHERE reg_id='{$_POST['reg_id']}'";
There is no field with name reg_id, so your $_POST['reg_id'] will not work.Also please change your where condition. You are matching same value in where condition.
And your delete query will be :
"DELETE FROM register WHERE reg_id='{$_POST['reg_id']}'";
Your query is open for sql injection. Refer this :How can I prevent SQL injection in PHP?
display page
while($record = mysqli_fetch_array($myData)) {
echo "<table>";
echo "<tr>";
echo "<td>".$record['reg_id']."</td>";
echo "<td>".$record['First_Name']."</td>";
echo "<td>".$record['Last_Name']."</td>";
echo "<td>".$record['Breed']."</td>";
echo "<td>".$record['Weight']."</td>";
echo "<td>".$record['Age']."</td>";
echo "<td>".$record['Sex']."</td>";
echo "<td><a href='edit.php?reg_id=".$record['reg_id']."'>EDIT</a></td>";
echo "<td><a href='delete.php?reg_id=".$record['reg_id']."'>DELETE</a></td>";
echo "</tr>";
echo "</table>";
}
delete.php
<?php
if (isset($_POST['delete'])){
$DeleteQuery = "DELETE FROM `register` WHERE `reg_id`={$_GET['reg_id']}'";
mysqli_query($con,$DeleteQuery);
header("Location: your display page");
};
?>
Edit Form
while($record = mysqli_fetch_array($myData)) {
echo '<form action="edit.php" method="Post">
<input type="text" name="First_Name" value="'.$record['reg_id'].'"/>
<input type="text" name="First_Name" value="'.$record['First_Name'].'"/>
<input type="text" name="Last_Name" value="'.$record['Last_Name'].'"/>
<input type="text" name="Breed" value="'.$record['Breed'].'"/>
<input type="text" name="Weight" value="'.$record['Weight'].'"/>
<input type="text" name="Age" value="'.$record['Age'].'"/>
<input type="text" name="Sex" value="'.$record['Sex'].'"/>
<imput type="submit" value="save" name="submit" />
</form>';
}
edit.php
if (isset($_POST['update'])){
$UpdateQuery = "UPDATE `register` SET `First_Name`='{$_POST['first_name']}', `Last_Name`='{$_POST['last_name']}', `Breed`='{$_POST['breed']}', Weight='{$_POST['weight']}', `Age`={$_POST['age']}, Sex='{$_POST['sex']}' WHERE `reg_id`={$_GET['reg_id']}";
mysqli_query($con,$UpdateQuery);
header("Location: your display page");
};
Im a newbie and working on a project for school
I have a website that lists foods.
I have an update table that allows me to change and add data.
For the food group field I have it cross reference another table called food_group which has the food_group(name) and an id.
When you view the food data you can see the name that it pulls instead of the ID. On the update page I would like a drop down to be in the place of the ID. So you can see the "friendly" name instead of the ID number, but it has to store the ID not the friendly name in the food table.
Website can be found at http://web.nmsu.edu/~jrortiz/ICT458/FINAL/
The code I have is:
<html>
<head>
</head>
<body>
<?php
$con = mysqli_connect("localhost","user","pw","db");
if (!$con){
die("Can not connect: " . mysql_error());
}
if(isset($_POST['update'])){
$UpdateQuery = "UPDATE food SET food_group='$_POST[Food_group]', food='$_POST[Food]', ph='$_POST[PH]' WHERE food='$_POST[hidden]'";
mysql_query($UpdateQuery, $con);
};
if(isset($_POST['delete'])){
$DeleteQuery = "DELETE FROM food WHERE Food='$_POST[hidden]'";
mysql_query($DeleteQuery, $con);
};
if(isset($_POST['add'])){
$AddQuery = "INSERT INTO food (Food_group, Food, PH) VALUES ('$_POST[addGroup]','$_POST[addFood]','$_POST[addPH]')";
mysql_query($AddQuery, $con);
};
$sql = "SELECT * FROM food";
$myData = mysqli_query($con,$sql);
echo "<table border=1>
<tr>
<th>Food Group</th>
<th>Food</th>
<th>PH</th>
<th>Update/Add</th>
<th>Delete</th>
</tr>";
while($record = mysqli_fetch_array($myData)){
echo "<form action=updateFood.php method=post>";
echo "<tr>";
echo "<td><input type='text' name='Food_group' value='$record[food_group]'/></td>";
echo "<td><input type='text' name='Food' value='$record[food]'/></td>";
echo "<td><input type='text' name='PH' value='$record[ph]'/></td>";
echo "<td><input type='submit' name='update' value='update'/></td>";
echo "<td><input type='submit' name='delete' value='delete'/></td>";
echo "<td><input type='hidden' name='hidden' value='$record[food]'/></td>";
echo "</tr>";
echo "</form>";
}
echo "<form action=updateFood.php method=post>";
echo "<tr>";
echo "<td><input type='text' name='addGroup'></td>";
echo "<td><input type='text' name='addFood'></td>";
echo "<td><input type='text' name='addPH'></td>";
echo "<td><input type='submit' name='add' value='add'/></td>";
echo "</tr>";
echo "</form>";
echo "</table>";
mysql_close($con);
?>
</body>
</html>
____________ Update 12/2/13 10:30pm ___________________
Ok so if I create a new php page like the following it will work. However, I have no idea how to combine it into the original above... Can anyone help?
<html>
<head>
</head>
<body>
<?php
// Connect to the database server
$con = mysql_connect("localhost","user","pw");
if (!$con){
die("Can not connect: " . mysql_error());
}
mysql_select_db("db",$con);
$sql2="SELECT id, food_group FROM food_group";
$result = mysql_query($sql2,$con) or die(mysql_error());
while ($row = mysql_fetch_array($result)) {
$type=$row["food_group"];
$options.= '<option value="'.$row['id'].'">'.$row['food_group'].'</option>';
};?>
<SELECT NAME=Food_group>
<OPTION VALUE=0>Choose</OPTION>
<?php echo $options; ?>
</SELECT>
</body>
</html>
Thank you for all your help!
Jason
Your script is nice but I just want to point the following:
There's no need to concatenate this
"<td>" . "<input type=text name=Food_group value=" . $record['food_group'] . " </td>";
you can type it like this:
echo "<td><input type=text name=Food_group value='$record[food_group]'</td>";
also you missed to close your input tag
echo "<td><input type=text name=Food_group value='$record[food_group]' /></td>";
and another is you need to quote your attribute values , see below
echo "<td><input type='text' name='Food_group' value='$record[food_group]'</td>";
Last thing is that you're open to SQL injection, so you should start learning mysqli and prepared statement