The way I've structured my form data is by creating them in a while loop, but each time they are created the form will take a unique id.
So my question is, how do I access them individually and update specified data to a MYSQL server.
I've attempted to do it in the code at the end of the script, but I'm not sure how to access the forms individually
<?php
include 'user_data.php';
include 'core.inc.php';
$query = mysql_query("SELECT `post_text` FROM `posts`,`sub_posts` WHERE sub_posts.post_id = posts.id AND sub_posts.user_id='$user_id'");
while($row = mysql_fetch_array($query)){
?><?php echo $row[post_text].'<br>'?>
<form action="<?php $curent_file ?>" method="POST">
<textarea name="answer_field" > </textarea><br />
<input type="submit" value="Submit Answer">
<input type="hidden" name="post_id" value="<?php echo $row['post_id']; ?>" />
</form>
<?php
}//While Loop
if (isset($_POST['answer_field']) && !empty($_POST['answer_field'])){
$answer = mysql_real_escape_string($_POST['answer_field']);
$id = intval($_POST ['post_id']);
$query = "UPDATE `sub_posts` SET `sub_answer`='$answer' WHERE `post_id`='$id'";
}
?>
Only a single form gets posted when clicking the "submit" field. The form name does not get submitted by itself. Instead, you would place the post ID to which the form corresponds as a hidden field:
<input type="hidden" name="post_id" value="<?php echo $row['post_id']; ?>" />
And then later:
$answer = mysql_real_escape_string ($_POST ['answer']);
$id = intval ($_POST ['post_id']);
$query = "UPDATE `sub_posts` SET `sub_answer`='{$answer}' WHERE `post_id`={$id}";
Note that you definitely need to escape the answer before putting it in the query and make sure that the ID is a number. Otherwise, you're opening up your code to SQL injection attacks.
Related
I have a created an HTML form where users sign up and input there data into an SQL database. I have then retrieved that data in a webpage where they can view their profile. I have created a page where users can edit there profile by creating a form which updates the value in the SQL database for there user id.
I would like the form to use the current value of the SQL cell as the default for that user to make alterations easier. Example: currently user 7 has their city set as New York, when they visits the edit info page, the city field in the form already hase New York as the default value.
I have no problem getting the SQL info and assigning it to a variable, I just don't understand how to set it as the default value. I am aware of how you set default values for input fields though.
My code:
<?php
$id = $_SESSION["user_id"];
// Create a query for the database
$query = "SELECT full_name FROM users WHERE id = $id LIMIT 1";
// Get a response from the database by sending the connection
// and the query
$response = #mysqli_query($dbc, $query);
// If the query executed properly proceed
if($response){
while($row = mysqli_fetch_array($response)){
echo $row['full_name'];
echo mysqli_error();
}
}
?>
<input type="text" name="aboutme" defualt="<?php echo $row['aboutme'] ?>" >
There's no default value for html input.
Input can has value, using attribute value:
<input type="text" name="some_name" value="Some value" />
In your case it's
<input type="text" name="aboutme" value="<?php echo $row['aboutme']?> />
Input can also has placeholder - some value that is present in an input, but erased when user starts to edit input's content:
<input type="text" name="aboutme" value="<?php echo $row['aboutme']?> placeholder="some value" />
How about
<?php
$id = $_SESSION["user_id"];
// Create a query for the database
$query = "SELECT full_name FROM users WHERE id = $id LIMIT 1";
// Get a response from the database by sending the connection
// and the query
$response = #mysqli_query($dbc, $query);
// If the query executed properly proceed
if($response){
while($row = mysqli_fetch_array($response)){
echo $row['full_name'];
?>
<input type="text" name="aboutme" value="<?php echo $row['aboutme'] ?>" >
<?php
echo mysqli_error();
}
}
?>
And here is a good example http://www.w3schools.com/php/showphpfile.asp?filename=demo_db_select_pdo
Neither of the answers worked and upon further research and trial and error I created a solution.
I changed the value that was store in the array to just be a normal php variable:
$aboutme = $row['aboutme'];
I then called that variable using the following code:
<input type="text" name="aboutme" value="<?php echo htmlspecialchars($aboutme); ?>" >
Thanks for your help.
I hope you find my answer useful.
Why don't you try using it as a place holder? This will provide editable text.
<input type="text" name="aboutme" placeholder="<?php echo $row['aboutme'];" />
I make file details.php that show list of data from MySQL, and I make edit.php for it.
When I click edit.php it's automatically go to edit.php?id=detailsid (it works) but when I click submit on edit data, it's nothing changed and error.
This is my Edit.php
<form method="post" action="editdata.php">
<?php
include 'config.php';
$id=$_GET['id'];
$sqlTampil="select * from data_korban Where kasus_id=$id";
$qryTampil=mysql_query($sqlTampil);
$dataTampil=mysql_fetch_array($qryTampil);
$data=mysql_fetch_array($qryTampil);
?>
This is some of my HTML form
<input type="DATE" name="tanggal" size="20" value="<?php echo $dataTampil['tanggal']; ?>">
<input type="text" name="namakorban" size="40" value="<?php echo $dataTampil['namakorban']; ?>">
<input type="text" name="umurkorban" size="5" value="<?php echo $dataTampil['umurkorban']; ?>">
<input type="submit" name="submit" value="SUBMIT">
When I click Submit it's automatically call editdata.php but there is no change on my MySQL row ..
This is my editdata.php
<?php
include "config.php";
$id=$_GET['id'];
$tanggal = $_POST['tanggal'];
$namakorban = $_POST['namakorban'];
$umurkorban = $_POST['umurkorban'];
$update = "UPDATE data_korban SET tanggal='$tanggal', namakorban='$namakorban', umurkorban='$umurkorban' WHERE kasus_id = '$id'";
$hasil = mysql_query($update);
if ($hasil)
echo "<center>Update Success<center>";
else
echo "<center><h3><a href=pencarian.php>Back Tampil Data</a></h3></center>";
?>
There is something in my Error_Log
PHP Notice: Undefined index: id in /home/lombokdi/public_html/dbanak/editdata.php on line 4 ------ it's $id=$_GET['id'];
I have change to $_POST['id']; it's still error.
Your form does not seem to include the id named field.
And you are trying to read the non existing field from the request.
Request is formed to send data over post method but you tried to read id parameter using get method. As the value for id is not found, a null is used in where clause and that affected no rows updated.
$id=$_GET['id'];
$tanggal = $_POST['tanggal'];
$namakorban = $_POST['namakorban'];
$umurkorban = $_POST['umurkorban'];
the value for ID is $id=$_GET['id']; ... id come from detail.php?id=24 (example) go to edit.php?id=24 .. If I'm wrong, how to set the ID ??
In edit.php add id named element to the form with value read from the request. And on submitting the form, id goes to editdata.php page.
<input type="DATE" name="tanggal" size="20" value="<?php echo $dataTampil['tanggal']; ?>">
<input type="hidden" name="id" value="<?php echo $id['id']; ?>">
<input type="text" name="namakorban" size="40" value="<?php echo $dataTampil['namakorban']; ?>">
<input type="text" name="umurkorban" size="5" value="<?php echo $dataTampil['umurkorban']; ?>">
And in editdata.php:
Change:
$id=$_GET['id'];
To:
$id=$_POST['id'];
It's because you don't have the filed "id" if you switch to editdata.php
add: <input type="hidden" name="id" value="<?php $_GET['id']; ?>">
to your form in Edit.php
and replace
$id=$_GET['id']; with $id= $_POST['id']; in editdata.php.
Try like this
$id=$_GET['id'];
$sql=mysqli_query($con,"Update client set nama='$nama',instansi='$instansi',telepon='$telepon',email='$email' where id = '".$_GET['id']."'");
if($sql)
{
$msg="Your Client updated Successfully";
header('location:manage-client.php');
}
for after body add this query
$sql=mysqli_query($con,"select * from client where id = '".$_GET['id']."'");
while($data=mysqli_fetch_array($sql))
You are using $_GET to get the id. It is best do var_dump($_REQUEST);
I need to delete a record, in this case a categories from my forum, from the database based on its id.
<?php
if(isset($_SESSION['signed_in']) && $_SESSION['user_level'] == 1)
{
?>
<td>
<form method="post">
<input type="hidden" value="<?= ['cat_id']; ?>">
<input type="submit" name="submit" value="Remover" />
</form>
<?php
if(isset($_POST['submit']))
{
mysql_query("DELETE FROM categories where cat_id = 'cat_id'");
}
?>
</td>
<?php
}
?>
i cant get a "good" way to do it... :(
EDIT: This is for a programming lesson not a real forum!!
Your HTML Input Field needs a name so it can be identified by your PHP.
Then, in your Code Block where you attempt to delete the category, you need to acces the category id using the $_POST array.
Another thig you want to do is read up onj the dangers of SQL injections.
If you're just playing around with PHP and MySQL at the moment: Go Ahead. But if you actually want to develop, maybe you should read up on a few other things as well, even if it seems like overkill at first: PHP The Right Way.
Nontheless, try this:
<?php
if(isset($_SESSION['signed_in']) && $_SESSION['user_level'] == 1)
{
?>
<td>
<form method="post">
<input type="hidden" name="hid_catid" id="hid_catid" value="<?php echo $cat_id; ?>">
<input type="submit" name="submit" value="Remover" />
</form>
<?php
if(isset($_POST['submit']))
{
$query = "DELETE FROM categories where cat_id = '".(int)$_POST['hid_catid']."'";
mysql_query($query);
}
?>
</td>
<?php
}
?>
--> hidden field should have name and id to use
--
Thanks
Your hidden input field needs a name to be accessable after the post. Also I am not sure if ['cat_id'] is the correcty way to reference this variable. Where does it come from?
<form method="post">
<input type="hidden" name="cat_id" value="<?= $cat_id ?>">
<input type="submit" name="submit" value="Remover" />
</form>
Then your query has to look like this to correctly grab the id from the post.
mysql_query("DELETE FROM categories where cat_id = " . mysql_real_escape_string($_POST['cat_id']));
So I have searched for how to insert items from a MySQL database into a form. From what I understand, for each field, I need to add value="<?php echo htmlentities($Variable); ?>" is there a way to insert the fields all at once? Like in a PHP script? Each field already has a name identifier, that's how the insert.php insert the values into the database, like this:
//SQL Query to insert data
$sql="INSERT INTO case_info (Volunteer,CaseShortTitle,CaseNumber,HearingDate...)
VALUES ('$_POST[Volunteer]','$_POST[CaseShortTitle]','$_POST[CaseNumber]','$_POST[HearingDate]'...)
and the form fields look like this:
<div><input type="text" id="p1f5c" name="CaseShortTitle" class="fieldcontent"><div class="fielderror"></div></div>
Then the Submit button goes to this insert.php file
Is there a way to use GET to populate the fields in this manner?
Thank you!
It's generally bad practice to input data into your database directly from the $_POST variables, you should consider sanitizing them first.
If I understand what you are asking, you can do something like this;
<form action="" id="myForm" title="myForm">
<?php
$query = "SELECT * FROM case_info LIMIT 1";
$result = myqsl_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result)){
?>
<input type="text" id="volunteer" value="<?php echo $row['Volunteer']; ?>"
<input type="text" id="CaseShortTitle" value="<?php echo $row['CaseShortTitle']; ?>"
<?php
} //Close while{} loop
?>
</form>
I have a while loop generating information with a checkbox, I would like to update the database with the new "completed" value. How can I select the specific checkbox that is generated. Please help with showing me how I can grab the specific value of a checkbox and the task_name.
Thanks, Ryan
while ($row = mysql_fetch_array($query)){
$task_name = $row['task_name'] ;
$task_description = $row['task_description'];
$task_completed = $row['completed'];
$tasks .= '<div id="tasksBody">
<form action="" method="post">Completed? <input name="completed" type="checkbox" '.
($task_completed == 1?'checked="checked"':'').
' /><input type="submit" value="Update"><br /><br />
<b>'.$task_name.'</b><br /><br />'.$task_description.'<hr><br /></form></div>';
}
}
echo $tasks;
You need to name your input with something unique for the row, such as the task_name, or better, a database record ID.
Then when the user submits the form, you will use $_POST["YourTaskNameOrIDHere"] to check the value.
What you have currently calls all the check boxes the same thing.
EDIT: I'm sorry, you're isolating all of these in their own forms, I just realized that.
What you can add is an <input type="hidden" value="$task_name" name="TaskName" /> to the form, so you can look what the checkbox is corresponding to. Then, when the user submits the form, use $_POST["TaskName"] to find out the name of the task.
Add a hidden field to each of your forms containing the task_id
<form action="" method="post">
Completed?
<input name="completed" type="checkbox" <?=($task_completed == 1?'checked="checked"':'')?> value="1" />
...
<input name="task_id" value="<?=$task_id"?> type="hidden" />**strong text**
</form>
After submit:
if (isset($_POST['task_id']) { // form has been submitted
$task_id = $_POST['task_id'];
$completed = $_POST['completed'];
$sql = "UPDATE task SET task_completed=$completed WHERE task_id=$task_id LIMIT 1";
// code for updating database
// better use PDO or mysqli-* instead of old and deprecated mysql_*
}