how to update specific user ? update.php - php

Below is my update.php code. However, I am seeking for code to update specific user. For example
Search Id: ___________ [search]
If the user wants to search id details for id : 11
Then update.php will show open a page that can update that 11 details.
For my code, it is not specific.
Hope someone can help me please.
update.php
<center>
<h1><u>Library Database</u></h1>
</center>
<?php
$con = mysql_connect("localhost","root","");
if(!$con){
die("Can not connect: " . mysql_error());
}
mysql_select_db("c_database",$con);
if(isset($_POST['update'])){
$UpdateQuery="UPDATE myaduan SET id='$_POST[id]', nama_pengadu='$_POST[nama_pengadu]' WHERE id='$_POST[hidden]'";
mysql_query($UpdateQuery,$con);
};
if(isset($_POST['delete'])){
$DeleteQuery="DELETE FROM myaduan WHERE id='$_POST[hidden]'";
mysql_query($DeleteQuery,$con);
};
$sql="SELECT * FROM myaduan";
$myEdit=mysql_query($sql,$con);
echo "<table style=border:1px solid silver cellpadding=5px cellspacing=0px align=center border=0>
<tr>
<td colspan=4 style=background:0066FF; color:#FFFFFF; fontsize: 20px>UPDATE RECORD</td></tr>
<tr>
<td>ISBN</td>
<td>Title</td>
</tr>";
while($record = mysql_fetch_array($myEdit)){
echo "<form action=update.php method=post>";
echo "<tr>";
echo "<td>" . "<input type=text name=id value=".$record['id'] . " </td>";
echo "<td>" . "<input type=text name=nama_pengadu value=".$record['nama_pengadu']. " </td>";
echo "<td>". "<input type=hidden name=hidden value=".$record['id']. " </td>";
echo "<td>"."<input type=submit name=update value=update"." </td>";
echo "<td>"."<input type=submit name=delete value=delete"." </td>";
echo "</tr>";
echo"</form>";
}
echo"</table>";
mysql_close($con);
?>


First of all you should stop using mysql_connect . It was deprecated , instead use another one such as PDO.
You can run a query to display all your users then have tow links in front of each one like:
-User1 update *delete*
-User2 update *delete*
.
.
.
if u hit delete you post all your info to ur processing page and delete the user .If you hit update you load a form to another div using Jquery/ajax or you redirect to another page with your form on it and you update your user info .
This way you ll have a cleaner/user freindly area to do your thing .

Related

Mysql database updates but my table in php html won't update even if I refresh

I have code that search for my field name(familycode) then displays a table. I have the code enclosed in the table to update table and database.
My issue - after updating - My display information does't update and won't refresh or ever show correct data from mysql database. Database is updated.
I am new and this is first post. I tried many many different ways no luck. I would appreciate some thoughts!! Thank you!
my code for main page d7.php
<?php
// connection
$dbcon= NEW Mysqli("localhost", "root", "", "xxx");
if (!$dbcon) {
echo " ----------Error connecting to database--------------";
}
else {
echo " ----------Connected to Database Successfully----------- <br>" ;
}
include 'updatedata.php';
?>
<html>
<head>
<title> View_Update Family</title>
<link rel="stylesheet" type="text/css" href="d7css.css">
</head>
<body>
<form action=d7.php method=post>
<input type="text" name="valueToSearchfamily" placeholder="Family To
Search"><br><br>
<input type="submit" name="searchfamily" value="Search Family"><br>
<br>
</form>
<?php
if(isset($_POST['searchfamily']))
{
$valueToSearchfamily=$_POST['valueToSearchfamily'];
// search in all table columns
$select = "SELECT * FROM families WHERE Familycode LIKE
'%".$valueToSearchfamily."%' ";
$mydata=mysqli_query($dbcon, $select);
}
else {
$notselect = "SELECT * FROM families ORDER BY Familycode ";
$mydata=mysqli_query($dbcon, $notselect);
}
echo "<table class='updatetable' >";
echo "<tr>
<th>Id</th>
<th>Familycode</th>
<th>Name</th>
<th>Street</th>
<th>City</th>
<th>State</th>
<th>Zip</th>
</tr>";
while($record = mysqli_fetch_array($mydata)){
echo "<form action=updatedata.php method=post>";
echo "<tr>";
echo "<td>" . "<input type=text name=aid value=" . $record['Aid'] .
" </td>";
echo "<td>" . "<input type=text name=familycode value=" .
$record['Familycode'] . " </td>";
echo "<td>" . "<input type=text name=name_mailing value=" .
$record['Name_mailing'] . " </td>";
echo "<td>" . "<input type=text name=street_mailing value=" .
$record['Street_mailing'] . " </td>";
echo "<td>" . "<input type=text name=city_mailing value=" .
$record['City_mailing'] . " </td>";
echo "<td>" . "<input type=text name=st_mailing value=" .
$record['St_mailing'] . " </td>";
echo "<td>" . "<input type=text name=zip_mailing value=" .
$record['Zip_mailing'] . " </td>";
echo "<td>" . "<input type=hidden name=hidden value=" .
$record['Aid'] . " </td>";
echo "<td>" . "<input type=submit name=update value=update" . "
</td>";
echo "</form>";
};
?>
</body>
</html>
my other file as I tried separating them is updatedata.php
<?php
// connection
$dbcon= NEW Mysqli("localhost", "root", "", "xxx");
if (!$dbcon) {
echo " ----------Error connecting to database--------------";
}
else {
echo " ----------Connected to Database Successfully----------- <br>" ;
}
// ==========================================================
if(isset($_POST['update'])) {
$updatequery="UPDATE families SET Aid='$_POST[aid]',
Familycode='$_POST[familycode]', Name_mailing='$_POST[name_mailing]',
Street_mailing='$_POST[street_mailing]',
City_mailing='$_POST[city_mailing]', St_mailing='$_POST[st_mailing]',
Zip_mailing='$_POST[zip_mailing]' WHERE Aid='$_POST[hidden]'";
mysqli_query($dbcon, $updatequery);
header("location: index_dir.php");
};
?>

Welcome Don T to stackoverflow! It seems like your echoing onto the page in an instance, recall that when you Echo something out, it doesn't change when it changes inside your database because you aren't making the call again, its on the same page. To fix this, you need to use Javascript + Ajax, I recommend picking up jQuery and harnessing its basics for POST'ing and GET'ing data from a PHP page.
Here is the link for jQuery Ajax: http://api.jquery.com/jquery.ajax/
Simple example using jQuery ajax:
$.ajax({
url: 'PHP SCRIPT PAGE URL',
method: 'POST', // Your sending data, use POST
data: 'Your Data!', // This can be also be a form object
success: function(response) { // Response is your PHP scripts answer to this request.
console.log(response); // You may Echo or use JSON format as a response.
} // If you use JSON, add dataType: 'JSON' in the ajax call to the left.
})
Remember if this answer has helped you resolve your issue, select it as the Answer!
Thanks!

Being able to delete data from the click of a button on a page which also deletes the data from the database

I have multiple text boxes within a table on my web page which is populated from a form on my website users fill out. I have the feature of being able to delete each row as well as edit each row of data displayed on my website. The problem I'm having with it is only the last row of the table can be edited/deleted. For example, When I click the delete button on the first row of the table, it deletes the last row for some reason and not the first row. Also, it's the same with the update/edit button, only the last row can be modified and not anything above the last row of the table on my website.
More information:
form_id is the primary key within my database.
My code:
<?php
$con = #mysql_connect("localhost","root","");
if (!$con){
die("Can not connect: " . mysql_error());
}
mysql_select_db("formsystem", $con);
if(isset($_POST['update'])){
$UpdateQuery = "UPDATE form SET form_name='$_POST[name]', form_description='$_POST[description]' WHERE form_id='$_POST[hidden]'";
mysql_query($UpdateQuery, $con);
};
if(isset($_POST['delete'])){
$DeleteQuery = "DELETE FROM form WHERE form_id='$_POST[hidden]'";
mysql_query($DeleteQuery, $con);
};
$sql = "SELECT * FROM form";
$myData = mysql_query($sql,$con);
echo "<table>
<tr>
<th>Title</th>
<th>Description</th>
<th></th>
<th></th>
<th></th>
</tr>";
while($record = mysql_fetch_array($myData)){
echo "<form action=findGroup.php method=post>";
echo "<tr>";
echo "<td>" ."<input type=text name=name value='" . $record['form_name'] . "'/> </td>";
echo "<td>" ."<input type=text name=description value='" . $record['form_description'] . "'/> </td>";
echo "<td>" ."<input type=hidden name=hidden value='" . $record['form_id'] . "'/></td>";
echo "<td>" ."<input type=submit name=update value='update" . "'/> </td>";
echo "<td>" ."<input type=submit name=delete value='delete" . "'/> </td>";
echo "</tr>";
}
echo "</table>";
?>

Update
Enclose the form element properly:
<?php
$con = #mysql_connect("localhost","root","");
if (!$con){
die("Can not connect: " . mysql_error());
}
mysql_select_db("formsystem", $con);
if(isset($_POST['update'])){
$UpdateQuery = "UPDATE form SET form_name='".$_POST['name']."', form_description='".$_POST['description']."' WHERE form_id='".$_POST['hidden']."';";
mysql_query($UpdateQuery, $con);
};
if(isset($_POST['delete'])){
$DeleteQuery = "DELETE FROM form WHERE form_id='".$_POST['hidden']."';";
mysql_query($DeleteQuery, $con);
};
$sql = "SELECT * FROM form";
$myData = mysql_query($sql,$con);
echo "<table>
<tr>
<th>Title</th>
<th>Description</th>
<th></th>
<th></th>
<th></th>
</tr>";
while($record = mysql_fetch_array($myData)){
echo "<form action=findGroup.php method=post>";
echo "<tr>";
echo "<td>" ."<input type=text name=name value='" . $record['form_name'] . "'/> </td>";
echo "<td>" ."<input type=text name=description value='" . $record['form_description'] . "'/> </td>";
echo "<td>" ."<input type=hidden name=hidden value='" . $record['form_id'] . "'/></td>";
echo "<td>" ."<input type=submit name=update value='update" . "'/> </td>";
echo "<td>" ."<input type=submit name=delete value='delete" . "'/> </td>";
echo "</tr>"
echo "</form>";
}
echo "</table>";
?>
And for security issue, it's better to wrap variable using mysqli_real_escape_string, for example:
"DELETE FROM form WHERE form_id='".mysqli_real_escape_string($_POST['hidden'])."';";
But this is another question, here is the thread.

First off, check these potential issues:
You are connecting as root. Not recommended. You should connect as a MySQL user with M.A.D rights on that table (modify, add, delete).
Have you checked the MySQL & system/PHP logs to see if any errors are being reported? Then you can adjust your code based on those errors.
Have you attempted to run the delete statement manually to confirm that it deletes the desired row?
In your code, have you tried using the $sql = DELETE... syntax on your delete statement?

SQL Query only fetching the first word from a string column

<?php
include('common/connect.class.php');
include('common/admin.class.php');
session_start();
$user = $_SESSION['user'];
$con2 = new connection();
$con = $con2->connect();
$sql = "SELECT * FROM xam_category"; //Select Query
$myData = mysql_query($sql,$con) or die(mysql_error());;
echo "<table align='center'>
<tr>
<th>Category name</th>
<th>Category Description</th>
</tr>";
while($record = mysql_fetch_array($myData))
{
echo "<form action=user_book.php method=post>";
echo "<tr>";
echo "<td>" . "<input type=text size=10 readonly='true' name=usrname value=" . $record['category_name'] . " </td>";
echo "<td>" . "<input type=text size=15 readonly='true' name=usrmail value=" . $record['category_desc'] . " </td>";
echo "<td>" . "<input type=submit name=delete value=DELETE" . " </td>";
echo "<td>" . "<input type=submit name=update value=UPDATE" . " </td>";
echo "</tr>";
echo "</form>";
}
mysql_close($con);
echo "</table>";
?>
My SELECT query and data fetching is working fine. But, while i echo the fetched data, it only shows the first word "Computer" where it's actual value is "Computer Science".
The data stored in database viewed through PhpMyAdmin seems ok. But,
The data shown in the .php page is different and not ok.
I'm Stuck.
How to display the right string from MySQL database on the PHP page?
Note: I'm using html inside echo to loop & display all data. Sorry, I have to use mysql() functions could'nt do msqli(). I also viewed other same type questions in StackOveflow. But, Couldn't find a solution.

If you have a value with a space in it, you must enclose that value within quotes in your HTML. Try with
echo "<td><input type=text size=10 readonly='true' name='usrname' value='".$record['category_name']."'</td>";

Try to use mysql_fetch_assoc instead of mysql_fetch_array if you would like to access to variable like $record['category_name'].
Please read this article: mysql_fetch_row() vs mysql_fetch_assoc() vs mysql_fetch_array()

PHP form update mysql database not completing updates [closed]

Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
so I have been tinkering around with mysql database update function for my invoice management system for work, but I cant seem to get it to actually edit the records in my mysql database for an unknown reason. Here is my code for my edit.php page
<?php
$con = mysql_connect("localhost", "name", "password");
if (!$con) {
die("Can not connect: " . mysql_error());
}
mysql_select_db("inventory",$con);
if (isset($_POST['update'])){
$UpdateQuery = "UPDATE invoice SET Inv #='$_POST[inv_number]', Date Type='$_POST[date_type]', ID='$_POST[id]' WHERE id='$_POST[id]'";
mysql_query($UpdateQuery, $con);
};
$sql = "SELECT * FROM invoice";
$myData = mysql_query($sql,$con);
echo "<table border=1>
<tr>
<th>Inv #</th>
<th>Date Type</th>
<th>ID</th>
</tr>";
while($record = mysql_fetch_array($myData)){
echo "<form action=edit.php method=post>";
echo "<tr>";
echo "<td>" . "<input type=text name=inv_number value=" . $record['inv_number'] . " </td>";
echo "<td>" . "<input type=text name=date_type value=" . $record['date_type'] . " </td>";
echo "<td>" . "<input type=text name=id value=" . $record['id'] . " </td>";
echo "<td>" . "<input type=hidden name=hidden value=" . $record['id'] . " </td>";
echo "<td>" . "<input type=submit name=update value=update" . " </td>";
echo "</tr>";
echo "</form>";
}
echo "</table>";
mysql_close($con);
?>
This is the button I have on my search.php page where my records are being shown.
<a href='edit.php?edit=$row[id]'>edit</a>
Upon entering the edit.php page when i click on my edit button for a specific record, it shows all the records in my table, which is not ideal as I would much rather see only the record that I want to edit/update. These two problems are a problem that I have been unable to solve. Any help is appreciated. Thx in advance everyone.

Is your MySQL column name really Inv #? If so, you need to add backticks like this:
`Inv #`
But looking at your form, it looks like the field name is inv_number. Also, you are seeing all records because your select clause does not have a where modifier.

Replace your line:
$sql = "SELECT * FROM invoice";
with this line
$where = '';
if(!empty($_GET) && !empty($_GET['edit'])) {
$where = ' where id='.$_GET['edit'];
}
$sql = "SELECT * FROM invoice".$where;

PHP Required fields (No HTML)

So I need help with a required form field. I want the 3 fields (exam_id, subject, exam_date) to be required fields when filling out the PHP form. So when the insert button is hit, if a field is left blank and error will display or the action won't complete unless every field is filled in.
I'm using all php, no HTML and no, I don't want to redo my form as HTML calling the php, I want it like this. There's no security problems either, this is just a simple project.
My code:
<?php
echo '<link rel="stylesheet" type="text/css" href="css/tables.css" />';
$con = mysql_connect("localhost","root");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("StudentExams", $con);
if (isset($_POST['update']))
{
$UpdateQuery = "UPDATE Exam SET exam_id='$_POST[exam_id]', subject='$_POST[subject]', exam_date='$_POST[exam_date]' WHERE exam_id='$_POST[hidden]'";
mysql_query($UpdateQuery, $con);
};
if (isset($_POST['delete']))
{
$DeleteQuery = "DELETE FROM Exam WHERE exam_id='$_POST[hidden]'";
mysql_query($DeleteQuery, $con);
};
if (isset($_POST['insert']))
{
$InsertQuery = "INSERT INTO Exam (exam_id, subject, exam_date) VALUES ('$_POST[uexam_id]','$_POST[usubject]','$_POST[uexam_date]')";
mysql_query($InsertQuery, $con);
};
$sql = "SELECT * FROM Exam";
$Data = mysql_query($sql,$con);
echo "<table id='size' border='1'>
<tr>
<th>Exam_ID</th>
<th>Subject</th>
<th>Exam_Date</th>
</tr>";
while($record = mysql_fetch_array($Data))
{
echo "<form action=examisud.php method=post>";
echo "<tr>";
echo "<td>" . "<input type=text name=exam_id value=" . $record['exam_id'] . " </td>";
echo "<td>" . "<input type=text name=subject value=" . $record['subject'] . " </td>";
echo "<td>" . "<input type=text name=exam_date value=" . $record['exam_date'] . " </td>";
echo "<td>" . "<input type=hidden name=hidden value=" . $record['exam_id'] . " </td>";
echo "<td>" . "<input type=image name=update value=update id=submit src=images/update.png" . " </td>";
echo "<td>" . "<input type=image name=delete value=delete id=submit src=images/delete.png" . " </td>";
echo "</tr>";
echo "</form>";
}
echo "<form action=examisud.php method=post>";
echo "<tr>";
echo "<td><input type=text name=uexam_id></td>";
echo "<td><input type=text name=usubject></td>";
echo "<td><input type=text name=uexam_date></td>";
echo "<td>" . "<input type=image name=insert value=insert id=submit src=images/insert.png" . " </td>";
echo "</form>";
echo "</table>";
echo "<a href='ExamForm.html'> Back to main page </a>";
mysql_close($con);
?>
Thanks in advance for anyone who can help me out! I feel there is either a very simple solution i'm missing or it's very convoluted due to the absence of a generic HTML form.

Just do a check on the top with isset
if(!isset($_POST['exam_id'],$_POST['subject'],$_POST['exam_date']))
{
echo "These fields are required ! Please fill it up";
header("location:backtoform.php");exit;
}
Warning : Since you are passing the $_POST parameters directly onto your query, you are prone to SQL Injection attacks.
This(mysql_*) extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should be used. Switching to PreparedStatements is even more better to ward off SQL Injection attacks !

isset( ... ) is only used to see if a field is set or not. It doesn't care if the value of the field is empty.
You need to use empty( .. ) instead. It would return true only if the field was ever set and is not empty. Two apples with one shot.
Across all your if statements, use !empty. Maintain an $error variable and initialize it to FALSE. Whenever an error occurs, set $error to TRUE.
In the end, perform the required operation only when $error == FALSE.
$error = false;
if ( !empty($_POST['update'] ){
// stuff
}
else {
// display error message
$error=true;
}
if(!$error){
// operations
}
This way you can neatly separate validations from operations.

Categories