I'm trying to create a form that allows a user to select a field from a drop down box and then change what is currently written in the field.
My current code allows me to view the drop down list select the field I want to change and then enter my new text into a box. But when I click update, nothing happens.
<?php
mysql_connect("", "", "") or die(mysql_error());
mysql_select_db("") or die(mysql_error());
$query = "SELECT * FROM news_updates";
$result=mysql_query($query) or die("Query Failed : ".mysql_error());
$i=0;
while($rows=mysql_fetch_array($result))
{
$roll[$i]=$rows['Text'];
$i++;
}
$total_elmt=count($roll);
?>
---------------------------------------------------------Now I have the form
<form method="POST" action="">
Select the news post to Update: <select name="sel">
<option>Select</option>
<?php
for($j=0;$j<$total_elmt;$j++)
{
?><option><?php
echo $roll[$j];
?></option><?php
}
?>
</select><br />
Text Field: <input name="username" type="text" /><br />
<input name="submit" type="submit" value="Update"/><br />
<input name="reset" type="reset" value="Reset"/>
</form>
-----------------------------------------------Now I have the update php
<?php
if(isset($_POST['submit']))
{
$username=$_POST['username'];
$query2 = "UPDATE news_updates SET username='$username' WHERE rollno='$value'";
$result2=mysql_query($query2) or die("Query Failed : ".mysql_error());
echo "Successfully Updated";
}
?>
Well, you seem to be missing the $value part. Something like this should do, for the last part:
<?php
if(isset($_POST['submit']))
{
$username = mysql_real_escape_string($_POST['username']);
$value = mysql_real_escape_string($_POST['sel']);
$query2 = "UPDATE news_updates SET username='$username' WHERE rollno='$value'";
echo $query2; //For test, to see what is generated, and sent to database
$result2=mysql_query($query2) or die("Query Failed : ".mysql_error());
echo "Successfully Updated";
}
?>
Also, you should not use mysql_* functions as they are deprecated. You should switch to mysqli or PDO.
First, try adding a value to your options, like so:
for($j=0;$j<$total_elmt;$j++)
{
?>
<option value="<?php echo $roll['id']; ?>"><?php echo $roll['option_name']; ?></option>
<?php
}
Then, when you parse your file, go like so:
$value = $_POST['sel']; // add any desired security here
That should do it for you
You need to change this
<?php
for($j=0;$j<$total_elmt;$j++)
{
?><option><?php
echo $roll[$j];
?></option><?php
}
to this
<?php
for($j=0;$j<$total_elmt;$j++)
{
?><option value="<?php echo $roll[$j];?>"> <?php echo $roll[$j];?></option> <?php
}
And you also need to change the update query from this
$query2 = "UPDATE news_updates SET username='$username' WHERE rollno='$value'";
to this
$query2 = "UPDATE news_updates SET username='$username' WHERE rollno='".$_POST['sel']."'";
N. B.: Here I am assuming that $_POST['sel'] has the value selected by the user from the drop down menu because I could not find anything which corresponds to $value
Related
I've created a mysql table with two columns. One is ID and other is Heading. I have a textarea on which I run UPDATE code and whenever someone submits a form its being updated in the datebase column under heading. And that works fine but I want to show the last inputted submit inside my textarea.
My code is showing the last inputted value but when I reset the page it all turns out blank and its not showing anymore. I looked out in datebase and the heading is still there so I don't know why its dissapearing from the front end.
My page:
<?php
$title = 'Admin Panel - Edit';
include '../config.php';
$heading = mysqli_real_escape_string($link, $_REQUEST['heading']);
$sql = "UPDATE content SET heading='$heading' WHERE id = 1 ";
if(mysqli_query($link, $sql) == false){
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
$value=mysqli_query($link, "SELECT heading FROM content WHERE id = 1");
$currentText = mysqli_fetch_row($value);
?>
<form action="edit.php">
<?php echo $currentText[0]; ?>
<input type="text" name="heading" id="heading" value='<?php echo $currentText[0]; ?>' />
<input type="submit" value="Submit" name="submit" />
</form>
So for example if I type Aleksa, after submit it will get url like edit.php?heading=Aleksa&submit=Submit. And then when I delete url just to edit.php, the value is missing.
You can test the page here: https://www.easybewussterschaffen.com/admin/edit.php
This is happening, because it's always trying to insert the heading when you refresh the page. You should check to see if the request is GET or the request is POST, and only insert it if they're submitting the form.
Update your form method, specify it to POST, and specifically check the method or check for the existance of $_POST['submit'] as shown below:
<?php
$title = 'Admin Panel - Edit';
include '../config.php';
// Use one of the 2 if statements:
if ($_SERVER['REQUEST_METHOD'] === 'POST') { // Trying to insert a new heading
if (isset($_POST['submit'])) { // Alternative
$heading = mysqli_real_escape_string($link, $_REQUEST['heading']);
$sql = "UPDATE content SET heading='$heading' WHERE id = 1 ";
if(mysqli_query($link, $sql) == false){
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
}
$value=mysqli_query($link, "SELECT heading FROM content WHERE id = 1");
$currentText = mysqli_fetch_row($value);
?>
<form action="edit.php" method="POST">
<?php echo $currentText[0]; ?>
<input type="text" name="heading" id="heading" value='<?php echo $currentText[0]; ?>' />
<input type="submit" value="Submit" name="submit" />
</form>
Alternatively, if you still wish to make a GET request, you should check to make sure that the heading is set:
<?php
$title = 'Admin Panel - Edit';
include '../config.php';
if (isset($_GET['submit'])) {
$heading = mysqli_real_escape_string($link, $_GET['heading']);
$sql = "UPDATE content SET heading='$heading' WHERE id = 1 ";
if(mysqli_query($link, $sql) == false){
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
}
$value=mysqli_query($link, "SELECT heading FROM content WHERE id = 1");
$currentText = mysqli_fetch_row($value);
?>
<form action="edit.php" method="GET">
<?php echo $currentText[0]; ?>
<input type="text" name="heading" id="heading" value='<?php echo $currentText[0]; ?>' />
<input type="submit" value="Submit" name="submit" />
</form>
I did it like this, is this good tho? Its working
<?php
$sql = "SELECT * FROM content";
if($result = mysqli_query($link, $sql)){
if(mysqli_num_rows($result) > 0){
echo '';
while($row = mysqli_fetch_array($result)){
echo $row['heading'];
}
// Free result set
mysqli_free_result($result);
} else{
echo "No records matching your query were found.";
}
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
?>
I am creating a webpage wherein an admin can update a student's record(here it is the Demand Draft number), it will update the record for a particular student id.
The code I am working is below, the problem is the DD number gets updated for all the records in the database and not for the id mentioned in the textfield.
If anyone could offer a possible solution I would greatly appreciate it.
Here's the code:
<div class="main row">
<?php
$connect_mysql=mysql_connect("localhost","root","");
$mysql_db=mysql_select_db("mca",$connect_mysql);
?>
<form name="form1" method="POST" action="">
Enter the student's Registration ID :<span style="padding-left:20px"> <input type="text" id="studentsearch" name="studentsearch"></span>
</br> </br><span style="padding-left:190px"><input name="submit" type="submit" value="search"></span></br>
<?php
if(isset($_POST['submit']))
{
$id=$_POST['studentsearch'];
$query1="select 1 from user where id=$id" ;
$result1=mysql_query($query1) or die("Query Failed:".mysql_error());
if(mysql_num_rows($result1)>0)
{
echo 'student present';
}
else
{
echo 'student not present';
}
}
?>
</br>
</br>Enter the Demand Draft no : <span style="padding-left:46px"><input type="text" name="dd"></span>
</br></br><span style="padding-left:190px">
<input name="update" type="submit" value="update"></span><span style="padding-left:10px">
<input name="clear" type="submit" value="cancel" ></span>
<?php
if(isset($_POST['update']))
{
$connect_mysql=mysql_connect("localhost","root","") or die("cannot connect");
$mysql_db=mysql_select_db("mca",$connect_mysql);
$id1=$_POST['studentsearch'];
$dd=$_POST['dd'];
$sql="SELECT id FROM user ";
$result1 =mysql_query($sql,$connect_mysql) or die(mysql_error($connect_mysql));
while($row = mysql_fetch_array($result1))
if($id1=$row['id'])
{
$q="UPDATE user SET DD='$dd'";
$result2=mysql_query($q,$connect_mysql) or die("Query Failed".mysql_error());
}
mysql_close($connect_mysql);
}
?>
</form>
</div>
Although mysql_ is deprecated, the problem is here
$q="UPDATE user SET DD='$dd'";
This should be
$q="UPDATE user SET DD='$dd' WHERE id='$id1'";
And the same for this line, it needs a WHERE clause
$sql="SELECT id FROM user ";
AS
$sql="SELECT id FROM user WHERE id='$id1'";
EDIT:
Try this and let me know what your result is
if(isset($_POST['update'])) {
$connect_mysql=mysql_connect("localhost","root","") or die("cannot connect");
$mysql_db=mysql_select_db("mca",$connect_mysql);
$id1=$_POST['studentsearch'];
$dd=$_POST['dd'];
$sql="SELECT id FROM user WHERE id='$id1'";
$result1 =mysql_query($sql,$connect_mysql) or die(mysql_error($connect_mysql));
while($row = mysql_fetch_array($result1)) {
if(($row['id']) == $id1) {
$q="UPDATE user SET DD='$dd' WHERE id='$id1'";
$result2=mysql_query($q,$connect_mysql) or die("Query Failed".mysql_error());
}
mysql_close($connect_mysql);
} // Close While Loop
}
Add for troubleshooting data issues underneath the $dd variable:
echo $id1;
echo $dd;
Add the following just above the update submit button input:
<input type="hidden" name="ssresult" value="<?php if(isset($_POST['studentsearch'])) { echo $_POST['studentsearch']; } ?>">
And change your code to this:
if(isset($_POST['update'])) {
$connect_mysql=mysql_connect("localhost","root","") or die("cannot connect");
$mysql_db=mysql_select_db("mca",$connect_mysql);
$id1=$_POST['ssresult'];
$dd=$_POST['dd'];
$sql="SELECT id FROM user WHERE id='$id1'";
$result1 =mysql_query($sql,$connect_mysql) or die(mysql_error($connect_mysql));
while($row = mysql_fetch_array($result1)) {
if(($row['id']) == $id1) {
$q="UPDATE user SET DD='$dd' WHERE id='$id1'";
$result2=mysql_query($q,$connect_mysql) or die("Query Failed".mysql_error());
}
mysql_close($connect_mysql);
} // Close While Loop
}
As a school assignment I need to make a cms, in that I need to be able to make post edit them and delete them. so for i can edit and delete them, but for some reason I cant get it to insert the post(and also the categories, same almost the same) I hope you guys can help me.
Here is the code:
The form
<form action="includes/doAddpost.php" method="post">
<label for="PostName">Name</label>
<input type="text" name="PostName" id="PostName" placeholder="Title" autofocus="auto"/>
<label for="PostAuthor">Author</label>
<input type="text" name="PostAuthor" id="PostAuthor" placeholder="Authors name"
value="<?php if (isset($_SESSION['username'])) {
echo $_SESSION['username'];
}
?>"/>
<label for="PostContent">Content</label>
<textarea name="PostContent" id="PostContent" placeholder="content"></textarea>
<label for="PostCats">category</label>
<select name="PostCats">
<?php
$query = "SELECT * FROM categories";
$result = mysqli_query($mysqli, $query);
while ($cat = mysqli_fetch_assoc($result)) {
?>
<option value="<?php echo $cat['id']; ?>"><<?php echo $cat['title']; ?></option>
<?php } ?>
and this part doesnt seem to work either
</select>
<input type="submit" name="submit" value="submit"/>
</form>
Here is the doAddpost page:
<?php
include '../../includes/functions.php';
sec_session_start();
if(isset($_POST['submit'])){
if(isset($_POST['PostName'])){
if(isset($_POST['PostContent'])){
addPost($mysqli,$_POST['PostName'],$_POST['PostAuthor'], $_POST['PostContent'],$_POST['PostCats']);
header("Location: ../posts.php");
}else{
echo"please enter some content!";
}
} else{
echo"please set a category name!";
include('../addpost.php');
}
}else{
header("Location: ../addpost.php");
}
?>
and the function:
function addPost($mysqli, $pName, $pAuthor, $pContent, $pCat = 1)
{
$query = "INSERT INTO posts VALUES ('$pName', '$pAuthor', '$pContent', $pCat)";
mysqli_query($mysqli, $query);
}
Can anyone tell me what is the issue I am facing ?
Just edit your function as ,
function addPost($mysqli, $pName, $pAuthor, $pContent, $pCat = 1)
{
$query = "INSERT INTO posts (`your_column1`, `your_column_2`, `your_column_3`, `your_column_4`) VALUES ('$pName', '$pAuthor', '$pContent', $pCat)";
mysqli_query($mysqli, $query) or die(mysqli_error());
}
and then try...
Also in you select list change it as,
<option value="<?php echo $cat['id']; ?>"><?php echo $cat['title']; ?></option>
You placed an extra < there in your code..check that...:)
Now its time to step by step debugging:-
1) change your select category mysqli_query as below for debugging purpose
mysqli_query( $mysqli , $query ) or trigger_error($mysqli->error."($query)");
2) for you insert query mention column name in which you want to insert record . as you mentioned in comment you dont want id null so you should make you id column as AUTOINCREMENT
e.g
INSERT INTO posts (`column1`,`column2`,`column3`,`column4`) VALUES ('$pName', '$pAuthor', '$pContent', $pCat);
I have a problem with a delete from database..So, I have:
<?php
include('createdb.php');
if(!empty ($_POST['tribuna']))
{
$delete = mysql_query("DELETE FROM tb_tribuna WHERE id = '".$_POST['tribuna']."';");
header("Location:index.php?a=buy"); //redirect
exit;
}
?>
<form id="formid" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
<label>Tribuna :</label> <select name="tribuna" class="tribuna">
<option selected="selected">-Select-</option>
<?php
$sql=mysql_query("select id,tribune_number from tb_tribuna ");
while($row=mysql_fetch_array($sql))
{
$id=$row['id'];
$tribune_number=$row['tribune_number'];
echo '<option value="'.$id.'">'.$tribune_number.'</option>';
} ?>
</select><br/><br/>
<input name="delete" type="submit" id="delete" value="Delete">
</form>
When I push on submit nothing happens...
I want that when I select an option and when I press delete to delete from the database row...
Help plizzz friends..
Assuming that "createdb.php" has the correct database connection information:
$conn = mysql_connect("$host","$db_uid","$db_pwd");
mysql_select_db("$db", $conn);
make your delete function look like this:
$sql = "DELETE FROM tb_tribuna WHERE id = '$_POST[tribuna]' ";
$result = mysql_query($sql, $conn) or die(mysql_error());
You need to pass the db connection to mysql_query.
And add "or die mysql_error()" to your mysql statements so that when something doesn't work, you get an error message that helps point you to where the problem is.
I've got an admin area where the admins can set the level of repair and it shows on a progress bar in the users area. I have it all working apart from updating the mySQL database to the value submitted.
My database has a table called 'users' and fields 'UserID', 'Username', 'Password', 'progress', 'admin'.
Here is the code I'm using to try and make the magic happen:
<?php
$query="SELECT * FROM users";
$result=mysql_query($query);
$num=mysql_numrows($result);
?>
<form id="chooseuseredit" method="post" action="<?php echo $PHP_SELF;?>">
<select name="ChooseUser">
<?php
$i=0;
while ($i < $num) {
$f1=mysql_result($result,$i,"UserID");
$f2=mysql_result($result,$i,"Username");
$f3=mysql_result($result,$i,"progress");
$f4=mysql_result($result,$i,"admin");
?>
<option value="<?php echo $f1; ?>"><?php echo $f2; ?></option>
<?php
$i++;
}
?>
</select>
<input type="submit" name="chooseSubmit" id="chooseSubmit" value="Choose User" />
</form>
<?php
if(isset($_POST['chooseSubmit']) )
{
$varID = $_POST['ChooseUser'];
$errorMessage = "Jesus Christ Benton, Choose a User!!";
?>
<br>
<p><strong>Editing UserID: <?php echo "$varID"; ?></strong></p>
<p>Progress:<br>
<form name="edituserform" method="post" action="<?php echo $PHP_SELF;?>">
<select name="editinguser">
<option value="0">Phone Not Recieved</option>
<option value="20">Phone Recieved</option>
<option value="40">Parts Recieved</option>
<option value="60">Repair Started</option>
<option value="80">Repair Finished</option>
<option value="100">Posted Back</option>
</select>
<input type="hidden" name="edituserid" id="edituserid" value="<?php echo "$varID"; ?>" />
<input type="submit" name="edituser" id="edituser" value="Edit" />
</form>
<?php
if(isset($_POST['edituser'])){
$add = $_POST['edituser'];
$varIDe = $_POST['edituserid'];
$errorMessage = "Jesus Christ Benton, Choose a User!!";
$query1 = mysql_query("UPDATE users SET progress = $add WHERE UserID = $varIDe");
mysql_query($query1) or die("Cannot update");
echo $add;
echo $varIDe;
}
?>
<?php
}
?>
I'm not sure if the variables are working or not, or if it's the way I've used the submit button before? Its got me a little stumped.
You're query should be
$query1 = mysql_query("UPDATE users SET progress = '$add' WHERE UserID = $varIDe");
Don't forget the quotes
and it would be best to change your
mysql_query($query1) or die("Cannot update");
to mysql_query($query1) or die("MySQL ERROR: ".mysql_error());
to get it to display errors
edit
Found a few errors
mysql_numrows should be mysql_num_rows
and major error
$query1 = mysql_query("UPDATE users SET progress = $add WHERE UserID = $varIDe");
is running a query, change it to
$query1 = "UPDATE users SET progress = '".$add."' WHERE UserID = '".$varIDe."'";
I think your getting the wrong variable
if(isset($_POST['edituser'])){
$add = $_POST['edituser']; // this is a button
should be :
if(isset($_POST['editinguser'])){
$add = $_POST['editinguser']; // this is a select list
But please read the following about SQL Injection
When something's going wrong, with respect to query, you better debugging, adding one: or die ( mysql_error ( ) ) ; and then the error message is displayed.
$query1 = mysql_query("UPDATE `users` SET `progress` = '".$add."' WHERE UserID = '".$varIDe."'");
if(mysql_query($query1))
{
//DO SOME ACTION
}
else
{
die(mysql_error());
}