This question is unlikely to help any future visitors; it is only relevant to a small geographic area, a specific moment in time, or an extraordinarily narrow situation that is not generally applicable to the worldwide audience of the internet. For help making this question more broadly applicable, visit the help center.
Closed 10 years ago.
I have a point system were there's a quiz. when they click submit from the quiz i want them to get +1 into points in mysql. i got a datbase called login and table users, and in the users i want the points to be updated with 1+ when they have taken the quiz.
the code for the quiz_form i use:
:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Registration Form</title>
</head>
<body>
<table width="328" border="0" align="center">
<form id="form1" name="form1" method="post" action="script.php">
<tr>
<td colspan="2"><h2 style="color:#FF0000">Quiz1</h2></td>
</tr>
<tr>
<td>UserName:</td>
<td>
<input name="txtusername" type="text" id="txtusername" value="<?php
session_start();
if ($_SESSION['username'])
{
echo "".$_SESSION['username'];
}
else
header ("location: welcome1.html");
?>
" />
</td>
</tr>
<tr>
<td>Who is Obama?</td>
<td><input type="password" name="txtPassword" id="txtPassword" /></td>
</tr>
<tr>
<td>What was the bing thing that were going to happend in 2012?</td>
<td><input type="text" name="txtemail" id="txtemail" /></td>
</tr>
<tr>
<td>What is a farrari?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>What is a spoon used for?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>Witch letter does this url start with?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>Are COD a game?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="btnRegister" id="btnRegister" value="submit" />
</td>
</tr>
</form>
</table>
<table width="328" border="0" align="center">
<form id="form1" name="form1" method="post" action="script2.php">
<tr>
<td colspan="2"><h2 style="color:#FF0000">Quiz2</h2></td>
</tr>
<tr>
<td>UserName:</td>
<td>
<input name="txtusername" type="text" id="txtusername" value="<?php
if ($_SESSION['username'])
{
echo "".$_SESSION['username'];
}
else
header ("location: welcome1.html");
?>
" />
</td>
</tr>
<tr>
<td>Who evented facebook?</td>
<td><input type="password" name="txtPassword" id="txtPassword" /></td>
</tr>
<tr>
<td>What is a cat?</td>
<td><input type="text" name="txtemail" id="txtemail" /></td>
</tr>
<tr>
<td>What is a lamborgini?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>What is goodel used for?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>What is the last letter in this url</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>Are Counter strik a game?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="btnRegister" id="btnRegister" value="submit" />
</td>
</tr>
</form>
</table>
<table width="328" border="0" align="center">
<form id="form1" name="form1" method="post" action="script3.php">
<tr>
<td colspan="2"><h2 style="color:#FF0000">Quiz3</h2></td>
</tr>
<tr>
<td>UserName:</td>
<td>
<input name="txtusername" type="text" id="txtusername" value="<?php
if ($_SESSION['username'])
{
echo "".$_SESSION['username'];
}
else
header ("location: welcome1.html");
?>
" />
</td>
</tr>
<tr>
<td>What is yourube used for?</td>
<td><input type="password" name="txtPassword" id="txtPassword" /></td>
</tr>
<tr>
<td>What is a dog?</td>
<td><input type="text" name="txtemail" id="txtemail" /></td>
</tr>
<tr>
<td>What is a kebab?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>Who is the most famed tenager in 2012/13?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>What is the 4th letter in this url?</td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td>100*2 - 5 +105 -55 +45= </td>
<td>
<input type="text" name="txtnummer" id="txtnummer" />
</td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="btnRegister" id="btnRegister" value="submit" />
</td>
</tr>
</form>
</table>
</body>
</html>
here is the script i use for the quiz:
<?php
//=============Configuring Server and Database=======
$host = 'localhost';
$user = 'root';
$password = '';
//=============Data Base Information=================
$database = 'login';
$conn = mysql_connect($host,$user,$password) or die('Server Information is not Correct'); //Establish Connection with Server
mysql_select_db($database,$conn) or die('Database Information is not correct');
//===============End Server Configuration============
//=============Starting Registration Script==========
$username = mysql_real_escape_string($_POST['txtusername']);
//=============To Encrypt Password===================
//============New Variable of Password is Now with an Encrypted Value========
if(isset($_POST['btnRegister'])) //===When I will Set the Button to 1 or Press Button to register
{
$query = mysql_query("SELECT * FROM quiz WHERE username='$username'");
if(mysql_num_rows($query) > 0 ){
echo "Sorry but you can only take a quize once:S";
}else{
mysql_query ("insert into quiz(username)values('$username')");
$sql = "UPDATE users SET points = COALESCE(level,0)+1 WHERE username = $username";
header('location: succes.php');
}
}
?>
again, this work great. but i just need so they get 1 more points. so if they have 10 points and take this quiz they get 11 after clicking submit
Try this update query
$qry = "UPDATE users SET points = points+1 WHERE username = $username"
and as was said in comments, start using PDO or MySqli with prepared statements for your future codes, as old mysql commands are deprecated.
I think you have a problem over here:
$sql = "UPDATE users SET points = COALESCE(level,0)+1 WHERE username = $username";
so, if you are doing like this.
try this,
$sql = "UPDATE users SET points = COALESCE(level+1,0) WHERE username = $username";
Related
I want to insert value in a database and it inserted empty. I want help for this necessary.
This is the variable of time :
$rm_time = $_POST['rm-time'];
PHP
if(empty($_POST['rm-name']) or empty($_POST['rm-details'])){
?>
<h3 style="margin-top: 30px;text-align: center;font-size: 25px;color: red;" dir="rtl">Error</h3>
<?php
}else{
$rm_name = $_POST['rm-name'];
$rm_details = $_POST['rm-details'];
$rm_date = $_POST['rm-date'];
$rm_time = $_POST['rm-time'];
$rm_insert_query = $db->query("INSERT INTO reminders (r_name, r_details, r_date, r_time) VALUES ('$rm_name', '$rm_details', '$rm_date', '$rm_time')");
}
}
?>
<form action="reminder.php?rm=make" method="post">
<table class="rm" width="auto" border="0px">
<tr>
<td class="rm-form-text">Reminder date/time :</td>
<td><input autofocus="" name="rm-date" type="date" id="rm" /> / <input name"rm-time" type="time" id="rm" /></td>
</tr>
<tr>
<td class="rm-form-text">Remimnder name :</td>
<td><input name="rm-name" type="text" id="rm" /></td>
</tr>
<tr>
<td class="rm-form-text">Reminder details :</td>
<td><textarea dir="rtl" name="rm-details" id="rm-ta"></textarea></td>
</tr>
<tr>
<td colspan="2"><input name="save-reminder" type="submit" class="sp-submit" value="Save!" /></td>
</tr>
</table>
</form>
<?
exit;
here your syntax is wrong.
Use
<input name= "rm-time" type="time" id="rm" />
instead of
<input name"rm-time" type="time" id="rm" />
change this
FROM : <input name"rm-time" type="time" id="rm" /></td>
TO : <input name="rm-time" type="time" id="rm" /></td>
This is probably the most asked question here. I have made a simple user registration form. The values are not inserted into the database. I used echo and the query is returning false. The form was working well before but then i separated the name into first and last name and dropped the previous table and made a new one. Here is the registration page code:
<!DOCTYPE html>
<?php
session_start();
include('includes/connect.php');
?>
<html>
<head>
<?php
if(isset($_POST['register_ok'])){
global $con;
$user_first_name = $_POST['user_first_name'];
$user_last_name = $_POST['user_last_name'];
$email = $_POST['email'];
$password = $_POST['password'];
echo "<script type='text/javascript'>alert(\"$user_first_name\");</script>"; //This echo is returning username successfully!
$query = "insert into user(user_first_name, user_last_name, user_email, password) values('$user_first_name', '$user_last_name', '$email', '$password')";
if(mysqli_query($con, $query)){
$_SESSION['user'] = 'user';
$_SESSION['user_first_name'] = $user_first_name;
echo "header('Location:index.php')";
} else {
echo "<script type='text/javascript'>alert(\"Values not inserted\");</script>"; //This is running which means query is not successfull.
}
} else {
echo "<script type='text/javascript'>alert(\"Page didn't receive post values\");</script>";
}
?>
<link rel="stylesheet" type="text/css" href="styles/register_style.css">
<title>New User Registration</title>
</head>
<body>
<div class="wrapper">
<header></header>
<div class="form_div">
<div class="form">
<form id="register_form" method="post" action="" autocomplete="autocomplete">
<table>
<tr>
<td id="label">First Name: </td>
<td id="input"><input type="text" name="user_first_name" required="required" id="input_box"></td>
</tr>
<tr>
<td id="label">Last Name: </td>
<td id="input"><input type="text" name="user_last_name" required="required" id="input_box"></td>
</tr>
<tr>
<td id="label">Email: </td>
<td id="input"><input type="text" name="email" required="required" id="input_box"></td>
</tr>
<tr>
<td id="label">Password: </td>
<td id="input"><input type="password" name="password" id="input_box"></td>
</tr>
<tr>
<td id="label">Confirm Password: </td>
<td id="input"><input type="password" name="confirm_password" id="input_box"></td>
</tr>
<tr id="button_row">
<td colspan="2"><input type="reset" value="Reset" id="button">
<input type="submit" value="Register" id="button" name="register_ok"></td>
</tr>
</table>
</form>
</div>
</div>
</div>
</body>
</html>
And this is the table :
The table is empty and the first alert is returning user first name and the second alert runs when the query returns false. It is returning false.
I think it may be a typo but cannot narrow it down. Any help would be welcome.
Change your column types from int to varchar. I'm talking about string columns (names and email). Mysql has an option to check for the data type you are trying to insert and fail if they don`t match.
Firstly,
Change column name from INT to VARCHAR using this query.
"ALTER TABLE `user`
MODIFY COLUMN `user_first_name` VARCHAR(225),
MODIFY COLUMN `user_last_name` VARCHAR(225),
MODIFY COLUMN `user_email` VARCHAR(225),
MODIFY COLUMN `password` VARCHAR(225);";
Secondly,
You kept id for both input & <td> as same in each and every row. ID can't be same.
Change it to.
<table>
<tr>
<td id="label1">First Name: </td>
<td id="input1"><input type="text" name="user_first_name" required="required" id="input_box1"></td>
</tr>
<tr>
<td id="label2">Last Name: </td>
<td id="input2"><input type="text" name="user_last_name" required="required" id="input_box2"></td>
</tr>
<tr>
<td id="label3">Email: </td>
<td id="input3"><input type="text" name="email" required="required" id="input_box3"></td>
</tr>
<tr>
<td id="label4">Password: </td>
<td id="input4"><input type="password" name="password" id="input_box4"></td>
</tr>
<tr>
<td id="label5">Confirm Password: </td>
<td id="input5"><input type="password" name="confirm_password" id="input_box5"></td>
</tr>
<tr id="button_row">
<td colspan="2"><input type="reset" value="Reset" id="button">
<input type="submit" value="Register" id="button" name="register_ok"></td>
</tr>
</table>
You need to learn about sql injections and also about securing your passwords, use mysqli prepared statements / PDO what ever you find easy to learn
<!DOCTYPE html>
<?php
session_start();
include('includes/connect.php');
?>
<html>
<head>
<?php
if(isset($_POST['register_ok'])){
$user_first_name = $_POST['user_first_name'];
$user_last_name = $_POST['user_last_name'];
$email = $_POST['email'];
$password = $_POST['password'];
// Lets encrypt the password;
$hash = pasword_hash($password,PASSWORD_DEFAULT);
// lets insert then
$query = $con->prepare("INSERT INTO user (user_id,user_first_name, user_last_name, user_email, password) VALUES(?,?,?,?)");
$query->bind_param("ssss", $user_first_name, $user_last_name, $email,$hash);
$query->execute();
if ($query->execute()) {
echo "<script type='text/javascript'>alert(\"$user_first_name\");</script>"; //This echo is returning username successfully!
} else {
echo "<script type='text/javascript'>alert(\"Values not inserted\");</script>"; //This is running which means query is not successfull.
}
}
?>
<link rel="stylesheet" type="text/css" href="styles/register_style.css">
<title>New User Registration</title>
</head>
<body>
<div class="wrapper">
<header></header>
<div class="form_div">
<div class="form">
<form id="register_form" method="post" action="" autocomplete="autocomplete">
<table>
<tr>
<td id="label">First Name: </td>
<td id="input"><input type="text" name="user_first_name" required="required" id="input_box"></td>
</tr>
<tr>
<td id="label">Last Name: </td>
<td id="input"><input type="text" name="user_last_name" required="required" id="input_box"></td>
</tr>
<tr>
<td id="label">Email: </td>
<td id="input"><input type="text" name="email" required="required" id="input_box"></td>
</tr>
<tr>
<td id="label">Password: </td>
<td id="input"><input type="password" name="password" id="input_box"></td>
</tr>
<tr>
<td id="label">Confirm Password: </td>
<td id="input"><input type="password" name="confirm_password" id="input_box"></td>
</tr>
<tr id="button_row">
<td colspan="2"><input type="reset" value="Reset" id="button">
<input type="submit" value="Register" id="button" name="register_ok"></td>
</tr>
</table>
</form>
</div>
</div>
</div>
</body>
</html>
NB : You need to check if the username does not exist before inserting it.
In my case, the strict mode setting was causing the issue. It requires values for all the columns to be specified in the INSERT command. Everything worked after the strict mode setting was disabled.
Check for strict mode (this should be blank):
SHOW VARIABLES LIKE 'sql_mode';
Turn off strict mode:
SET GLOBAL sql_mode = '';
Turn on strict mode:
SET GLOBAL sql_mode = 'STRICT_TRANS_TABLES';
Credit: this post
I have a PHP form posting to a database fine. Have included it within a jQuery web page. The form is not posting to the database. Below is the code for the webpage and the PHP file. The form behaves fine when it the javascript files are not included.
form
<link href="jquery.mobile-1.0.min.css" rel="stylesheet" type="text/css"/>
<script src="jquery-1.6.4.min.js" type="text/javascript"></script>
<script src="jquery.mobile-1.0.min.js" type="text/javascript"></script>
<meta name="viewport" content="width=device-width; initial-scale= -3.0; maximum-scale=0.0; user-scalable=0;"/>
<meta name="format-detection" content="telephone=no" />
</head>
<body>
<table border="1">
<tr>
<td align="center">Form Input Employees Data</td>
</tr>
<tr>
<td>
<table>
<?php include 'input.php'; ?>
<form method="post" action="input.php">
<tr>
<td>Date</td>
<td><input type="date" name="date" size="20">
</td>
</tr>
<tr>
<td>Name</td>
<td><input type="text" name="name" size="20">
</td>
</tr>
<tr>
<td>Address</td>
<td><input type="text" name="address" size="40">
</td>
</tr>
<tr>
<td>Phone</td>
<td><input type="tel" name="phone" size="20">
</td>
</tr>
<tr>
<td>Email</td>
<td><input type="email" name="email" size="20">
</td>
</tr>
<tr>
<td>Problem</td>
<td><input type="text" name="problem" size="40">
</td>
</tr>
<tr>
<td>Description</td>
<td><textarea cols="40" rows="5" name="description"></textarea>
</td>
</tr>
<tr>
<td>Time Arrived</td>
<td><input type="time" name="timeArrived" size="20">
</td>
</tr>
<tr>
<td>Time Departed</td>
<td><input type="time" name="timeDeparted" size="20">
</td>
</tr>
<tr>
<td>Cost of Material</td>
<td><input type="number" name="material" size="40">
</td>
</tr>
<tr>
<td>Total Job Cost</td>
<td><input type="number" name="total" size="40">
</td>
</tr>
<tr>
<td>Completed Yes/No</td>
<td><input type="checkbox" name="completed" value="Yes">Yes<br>
<input type="checkbox" name="completed" value="No">No
</td>
</tr>
<tr>
<td>Reason fo Incompletion</td>
<td><textarea cols="40" rows="5" name="incomplete"></textarea>
</td>
</tr>
<tr>
<td></td>
<td align="right"><input type="submit" name="submit" value="Sent"></td>
</tr>
</form>
</table>
</td>
</tr>
</table>
</body>
</html>
PHP File:
<?
mysql_connect("localhost","$user","$password");//database connection
mysql_select_db("&database");
$order = "INSERT INTO table1
(date, first_name, address, phone, email, problem, description, time_arrived, time_departed, cost_material, total, completed, reason)
VALUES
('$_POST[date]', '$_POST[name]', '$_POST[address]', '$_POST[phone]','$_POST[email]','$_POST[problem]','$_POST[description]','$_POST[timeArrived]','$_POST[timeDeparted]',
'$_POST[material]','$_POST[total]','$_POST[completed]','$_POST[incomplete]')";
$result = mysql_query($order); //order executes
if($result){
echo("<br>Input data is succeed");
} else{
echo("<br>Input data is fail");
}
?>
First, I'd rewrite the php code to use mysqli or PDO and prepared statements. As it is right now, it's very vulnerable to sql injections.
Next, I'd revise the javascript code using to actually submit the form.
Finally, I'd either fire up a PHP debugger or print out the _POST array to make sure that the values are being passed correctly.
I think the code where you include the script is right, I don't underestand what do you wanna do when you say that: "the javascript files are not included" but the code to include the script is right, that code should work unless you have a problem with PATH.
<?php
if(isset($_POST['submit']))
{
$uname=$_POST['uname'];
$pswd=$_POST['pswd'];
$cpswd=$_POST['cpswd'];
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$email=$_POST['email'];
$address=$_POST['add'];
$mobile=$_POST['mobile'];
$con=mysqli_connect("localhost","root","","registration");
$sql1="select usname, email from registration1 where usname='$uname' or email='$email'";
$query=mysqli_query($con,$sql1) or die(mysqli_error($con));
$rownum=mysqli_num_rows($query);
if($rownum != 0)
{
echo "User With This User Name or Email Address Is Already Available";
}
else
{
$sql2="insert into registration1 (usname,psswd,fsname,lsname,email,address,mobileno) values ('$uname','$pswd','$fname','$lname','$email','$address','$mobile')";
mysqli_query($con,$sql2) or die(mysqli_error($con));
echo "Registration Successful";
}
}
?>
I am redirecting to home.php which is written in form action, the php code in this is not executing. can anybody help me to resolve this
this is my html code i am redirecting to home .php on clicking submit button values entered in textbox is not entering into database on clicking submit button.
`<html>
<head>
<title>Registration Form</title>
</head>
<body>
<center>
<form method="post" action="home.php">
<table>
<tr>
<td>
<p>User Name</p>
</td>
<td>
<input type="text" name="uname"/>
</td>
</tr>
<tr>
<td>
<p>Password</p>
</td>
<td>
<input type="password" name="pswd" />
</td>
</tr>
<tr>
<td>
<p>Confirm Password</p>
</td>
<td>
<input type="password" name="cpswd" />
</td>
</tr>
<tr>
<td>
<p>First Name</p>
</td>
<td>
<input type="text" name="fname" />
</td>
</tr>
<tr>
<td>
<p>Last Name</p>
</td>
<td>
<input type="text" name="lname" />
</td>
</tr>
<tr>
<td>
<p>Email Address</p>
</td>
<td>
<input type="email" name="email" />
</td>
</tr>
<tr>
<td>
<p>Address</p>
</td>
<td>
<input type="text" name="add" />
</td>
</tr>
<tr>
<td>
<p>Mobile No.</p>
</td>
<td>
<input type="text" name="mobile" />
</td>
</tr>
<tr>
<td>
<input type="submit" value="submit" name="submit" />
</td>
</tr>
</table>
</form>
</center>
</body>
</html>`
If there is no Output / No Errors .. Please Make Sure $_POST['submit'] Variable is Posted Vai From..
at first want to say please describe the error properly.there can be many reason.
option 1:maybe $_POST['submit'] or other values is not initialized properly.then it wont enter the if block ever
option 2:$con=mysqli_connect("localhost","root","password"); check if this connection establishment is okay or not.
option 3:i am not sure.but i think while fetching multiple column you need to use an array().
please debug the code..find out after which line the code stop executing.you can do this by using echo 'xxx'; as checkpoint in your code and report us
note:use mysqli_real_escape_string() and various php mysqli function to be safe from mysqli injection
<input type="submit" value="submit" name="submit" />
<input type="hidden" name="submit" value="submit" />
</form>
this is how your form should be done..add that hidden type
EDIT 1: if it doesn't work.then put echo 'step 1,2,3...' in your home.php.and check after which statement it stops executing.for exemple you can put a echo right after if() to check if it is entering in your if block or not
I wonder whether someone may be able to help me please.
I've put together a form and php code (below) that allows an administrator to search for member records from a mysql database using the email address as the search criteria.
HTML Form
<form name="memberpasswordresetform" id="memberpasswordresetform" method="post" action="search.php">
<div class="container">
<p align="justify">Member Details </p>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="26%" height="25"><strong>Email Address </strong></td>
<td width="4%"> </td>
<td width="70%"><input name="email" type="email" id="email" size="50" /></td>
</tr>
<tr>
<td height="25"><strong>Confirm Email Address </strong></td>
<td> </td>
<td><input name="conf_email" type="email" id="conf_email" size="50" /></td>
</tr>
<tr>
<td height="25"><label>
<input type="submit" name="Submit" value="search" />
</label></td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"><strong>First Name </strong></td>
<td> </td>
<td><input name="fname" type="text" id="fname" size="30" /></td>
</tr>
<tr>
<td height="25"><strong>Last Name </strong></td>
<td> </td>
<td><input name="lname" type="text" id="lname" size="30" /></td>
</tr>
<tr>
<td height="25"> </td>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="25"><strong>New Password</strong></td>
<td> </td>
<td><input name="newpass" type="password" id="newpass" size="30" /></td>
</tr>
<tr>
<td height="25"><strong>Confirm New Password </strong></td>
<td> </td>
<td><input name="conf_newpass" type="password" id="conf_newpass" size="30" /></td>
</tr>
<tr>
<td height="25"><input type="submit" name="save" value="save" /></td>
<td> </td>
<td> </td>
</tr>
</table>
</div>
</form>
PHP Script
<?php
include("admin/link.php");
include("admin/opendb.php");
mysql_select_db ("userdetails");
$term = $_POST['email'];
$sql = mysql_query("select forename, surname, email address from userdetails where emailaddress like '%$email%'");
while ($row = mysql_fetch_array($sql)){
echo '<br/> First Name: '.$row['forename'];
echo '<br/> Last Name: '.$row['surname'];
echo '<br/><br/>';
}
?>
The search functionality works fine, but I can't work out how to populate the forename and surname fields on my form from the records retrieved from my database. I've been looking for, and found examples on how to do this, if I want to simply show the data as a table, but I can't find any that explain how to populate the fields in a form.
I just wondered whether it would be at all possible that someone could provide some guidance please on how I can do this.
Many thanks
The previous answer will work fine if short tags are enabled on the server. You should stick to the long syntax as below in case you change hosting providers at a later date.
<input name="fname" type="text" id="fname" size="30" value="<?php echo $row['surname']; ?>" />
just set the value of your input element
<tr>
<td height="25"><strong>First Name </strong></td>
<td> </td>
<td><input name="fname" type="text" id="fname" size="30" value="<?= $row['surname'] ?>" /></td>
</tr>