i have a little problem here. What i am trying to achieve is User types in unique id into textbox then presses load button, script is looking for this parameter in MySql database. When found match data should be loaded into textbox below.
UPDATED VERSION
<?php
mysql_connect ("localhost", "root","84946dff6e1") or die (mysql_error());
mysql_select_db ("employees");
if(isset($_POST["loadbtn"]))
{
$load = $_POST["loadbtn"];
$sql = mysql_query("SELECT * FROM titles WHERE emp_no = '$load' ");
$details = mysql_fetch_array($sql);
$savedTitle = $details["title"];
}
?>
<form method="post" action="changeTitleView.php">
<table width="400" border="0" cellspacing="1" cellpadding="2" align="center">
<tr>
<td width="150">Employee number</td>
<td><input type="text" name="load" /></td>
<td><input type="submit" name="loadbtn" value="Load" /></td>
</tr>
</table>
</form>
<br />
<br />
<form method="get" action="changeTitleView.php">
<table width="400" border="0" cellspacing="1" cellpadding="2" align="center">
<td width="150">Employee Title</td>
<td><input name="salary" type="text" value="<?php echo $savedTitle; ?>"></td>
</tr>
<td width="150"> </td>
<td>
<input name="add" type="submit" id="add" value="Update">
</td>
</tr>
</table>
</form>
thank you for looking and help :)
Try this
<?php
error_reporting(-1);// show all errors when debugging
// don't use these database commands
//mysql_connect ("localhost", "root","84946dff6e1") or die (mysql_error());
//mysql_select_db ("employees");
// do it this way and don't show us your database credentials.
$conn = new mysqli('localhost', "root", "84946dff6e1", 'employees');
//declare your variables so if POST isn't true you don't have errors later
$load = "some Id";
$savedTitle = "no value yet!"; // use something interesting when testing
//you want the value of the textbox which name is load
if(isset($_POST["load"]))
{
//never trust the user directly
//$load = $_POST["load"];
// do this
$load = $conn->real_escape_string($_POST["load"]);
$result = $conn->query("SELECT * FROM titles WHERE emp_no = '$load' ");
$details = $result->fetch_assoc();
$savedTitle = $details["title"];
// show me error when testing to see if something is wrong with query
echo $conn->error;
}
?>
<form method="post" action="changeTitleView.php">
<table width="400" border="0" cellspacing="1" cellpadding="2" align="center">
<tr>
<td width="150">Employee number</td>
<td><input type="text" name="load" value="<?php echo $load; ?>" /></td>
<td><input type="submit" name="loadbtn" value="Load" /></td>
</tr>
</table>
</form>
<br />
<br />
<form method="get" action="changeTitleView.php">
<table width="400" border="0" cellspacing="1" cellpadding="2" align="center">
<td width="150">Employee Title</td>
<td><input name="salary" type="text" value="<?php echo $savedTitle; ?>"></td>
</tr>
<td width="150"> </td>
<td>
<input name="add" type="submit" id="add" value="Update">
</td>
</tr>
</table>
</form>
You will want to add another if branch to handle the second form which updates the title
And remember that form is GET instead of POST like the first form.
<td><input name="salary" type="text" value="<? echo $empTitle; ?>"></td>
try change that line to this:
<td><input name="salary" type="text" value="<?php echo $empTitle; ?>"></td>
Related
I have those codes that help to update and delete a row from a table:
html:
<table class="imagetable" cellpadding="3" cellspacing="1" width="400px" border="1">
<th>ID</th>
<th>Name</th>
<th>Informations</th>
<th>Actions</th>
<tr>
<td><input type="text" name="id" value="<?php echo $rows['id'] ?>"/></td>
<td><input type="text" name="med_name" value="<?php echo $rows['med_name'] ?>"/></td>
<td><input type="text" name="info" value="<?php echo $rows['info']?>"/></td>
<td>
<form action="update_del.php" method="post">
<input class="imgClass_update" type="submit" name="submit1" value="" />
<input class="imgClass_dell" type="submit" name="submit2" value=""/>
</form>
</td>
</tr>
<tr>
PHP:
<?php
require_once('../include/global.php');
$id=$_POST['id'];
if(isset($_POST['submit1']))
{
$name=$_POST['med_name'];
$info=$_POST['info'];
$sql = "UPDATE med SET med_name='$name',
info='$info'
WHERE id='$id'";
$result=mysqli_query($con,$sql) or die('Unable to execute query. '. mysqli_error($con));
if($result){
header("location:med.php");
}
else
{
header("location:update_false.php");
}
}
if(isset($_POST['submit2']))
{
$sql = "DELETE FROM med WHERE id='$id'";
$result=mysqli_query($con,$sql) or die('Unable to execute query. '. mysqli_error($con));
if(mysqli_affected_rows($con) == 1)
{
header("location:med.php");
}
else
{
header("location:update_false.php");
}
}
?>
Nothing is updated nor deleted. And no errors are shown. If someone could help me, I think the problem is too easy but can't see it where.
You are placing <form> tag at wrong place.
Therefore, your other elements: id, med_name and info are not children of form.
And they are not getting posted.
You should start <form> before table and end after table.
Corrected Code:
<form action="update_del.php" method="post">
<table class="imagetable" cellpadding="3" cellspacing="1" width="400px" border="1">
<tr>
<th>ID</th>
<th>Name</th>
<th>Informations</th>
<th>Actions</th>
</tr>
<tr>
<td><input type="text" name="id" value="<?php echo $rows['id'] ?>"/></td>
<td><input type="text" name="med_name" value="<?php echo $rows['med_name'] ?>"/></td>
<td><input type="text" name="info" value="<?php echo $rows['info']?>"/></td>
<td>
<input class="imgClass_update" type="submit" name="submit1" value="Update" />
<input class="imgClass_dell" type="submit" name="submit2" value="Delete"/>
</td>
</tr>
</table>
</form>
just do this -
<table class="imagetable" cellpadding="3" cellspacing="1" width="400px" border="1">
<form action="update_del.php" method="post">
<th>ID</th>
<th>Name</th>
<th>Informations</th>
<th>Actions</th>
<tr>
<td><input type="text" name="id" value="<?php echo $rows['id'] ?>"/></td>
<td><input type="text" name="med_name" value="<?php echo $rows['med_name'] ?>"/></td>
<td><input type="text" name="info" value="<?php echo $rows['info']?>"/></td>
<td>
<input class="imgClass_update" type="submit" name="submit1" value="" />
<input class="imgClass_dell" type="submit" name="submit2" value=""/>
</td>
</tr>
</form>
The below PHP script should update multiple rows on a MySQL database, but the update values in the size input field is empty after submit.
First time in table all values are shown correctly, but after submission the size field is empty, it seems that the values are not transferred.
Does anyone has any idea?
<?php
$host="localhost"; // Host name
$username="dbu"; // Mysql username
$password="mypw"; // Mysql password
$db_name="mydb"; // Database name
$tbl_name="files"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$sql="SELECT * FROM $tbl_name";
$result=mysql_query($sql);
// Count table rows
$count=mysql_num_rows($result);
?>
<table width="500" border="0" cellspacing="1" cellpadding="0">
<form name="form1" method="post" action="">
<tr>
<td>
<table width="500" border="0" cellspacing="1" cellpadding="0" class="table">
<tr>
<td align="left"><strong>Id</strong></td>
<td align="left"><strong>Name</strong></td>
<td align="left"><strong>Size</strong></td>
<td align="left"><strong>Type</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center">
<?php $id[]=$rows['id']; ?><?php echo $rows['id']; ?>
</td>
<td align="center">
<input name="name[]" type="text" id="name" value="<?php echo $rows['name']; ?>">
</td>
<td align="center">
<input name="size[]" type="text" id="size" value="<?php echo $rows['size']; ?>">
</td>
<td align="center">
<input name="type[]" type="text" id="type" value="<?php echo $rows['type']; ?>">
</td>
</tr>
<?php
}
?>
<tr>
<td colspan="4" align="center"><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</td>
</tr>
</form>
</table>
<?php
// Check if button name "Submit" is active, do this
//if($Submit){
if(isset($_POST['Submit'])){
for($i=0;$i<$count;$i++){
$sql1="UPDATE $tbl_name SET size='$size[$i]' WHERE id='$id[$i]'";
$result1=mysql_query($sql1);
}
}
if($result1){
header("location:index_table.php");
}
mysql_close();
?>
Submit also the ID. You can hide it as this is not needed (usually) for the front-user to see.
<input name="id[]" type="hidden" id="name" value="<?php echo echo $rows['id']; ?>">
And then use count() function of PHP to determine the number of rows submitted
Use a for loop based on the number of rows submitted
Your checking if the query has run successfully is outside the isset(), I changed it and put it inside
Use mysql_real_escape_string to prevent some of SQL injections
Your PHP code:
if(isset($_POST['Submit'])){
$count = count($_POST["id"]);
for($i=0;$i<$count;$i++){
$size = mysql_real_escape_string($_POST["size"][$i]);
$id = mysql_real_escape_string($_POST["id"][$i]);
$sql1="UPDATE $tbl_name SET size='$size' WHERE id='$id'";
$result1=mysql_query($sql1);
} /* END OF FOR LOOP */
if($result1){
header("location:index_table.php");
}
mysql_close();
} /* END OF ISSET */
Recommendation:
You should be using mysqli_* prepared statement instead of deprecated mysql_* to prevent SQL injection
<table width="500" border="0" cellspacing="1" cellpadding="0">
<form name="form1" method="post" action="">
<tr>
<td>
<table width="500" border="0" cellspacing="1" cellpadding="0" class="table">
<tr>
<td align="left"><strong>Id</strong></td>
<td align="left"><strong>Name</strong></td>
<td align="left"><strong>Size</strong></td>
<td align="left"><strong>Type</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)) {
?>
<tr>
<td align="center">
<?php $id[]=$rows['id']; ?><?php echo $rows['id']; ?>
<input name="id[]" type="hidden" id="name" value="<?php echo $rows['id']; ?>">
</td>
<td align="center">
<input name="name[]" type="text" id="name" value="<?php echo $rows['name']; ?>">
</td>
<td align="center">
<input name="size[]" type="text" id="size" value="<?php echo $rows['size']; ?>">
</td>
<td align="center">
<input name="type[]" type="text" id="type" value="<?php echo $rows['type']; ?>">
</td>
</tr>
<?php
}
?>
<tr>
<td colspan="4" align="center"><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</td>
</tr>
</form>
</table>
<?php
// Check if button name "Submit" is active, do this
//if($Submit){
if(isset($_POST['Submit'])){
for($i=0;$i<$count;$i++){
$sql1="UPDATE $tbl_name SET size='{$_POST['size'][$i]}' WHERE id='{$_POST['id'][$i]}'";
$result1 = mysql_query($sql1);
}
}
if(isset($result1)) {
header("location:index_table.php");
}
mysql_close();
?>
My form is not submitting, My database insert class works and I have tested. But my form seems not to want to submit or post values from my form. Is there something I left out?
<form name="form1" method="post" action="sub_newsletter.php" enctype="multipart/form-data">
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td colspan="2">Newsletter</td>
</tr>
<tr>
<td>Name : </td>
<td><input name="name" type="text"></td>
</tr>
<tr>
<td>Email : </td>
<td><input name="email" type="text"></td>
</tr>
<tr>
<td> <input type="text" name="check_spam" id="check_spam" size="30" style="display:none;" /> </td>
<td> </td>
</tr>
<tr>
<td colspan="2" align="center"><input type="image" name="submit" src="images/sub.jpg" style="width:180px; height:70px;"></td>
</tr>
</form>
</table>
My submit script
<?php
include('includes/database.php');
include('includes/settings.php');
include('includes/newsletter.php');
if (isset($_POST['submit'])){
//to check if posting
echo $username=rtrim($_POST['name']);
echo $myemail=rtrim($_POST['email']);
//
$check=$_POST['check_spam'];
if(!empty($check)){ echo "You are spam"; } else{
$username=rtrim($_POST['name']);
$myemail=rtrim($_POST['email']);
$news = new Newsletter();
$new->first_name=$username;
$new->email=$myemail;
$new->create();
echo "<script>alert(\"Thank you for your subscription\"); </script>";
echo "<script>window.location.replace(\"index.html\"); </script>";
}
}
?>
You obviously missed submit button
<input type="submit" name="submit">
Since you have already a field with that name, just change it or use a different name.
I am trying to update a data in a table which has 5 fields.
The fields are the following: proj_name, cust_name, address, cost and details.
Here is my code for the update (update_orde.php):
<?php
include("connect.php");
// get value of id that sent from address bar
$id=$_GET['id'];
// Retrieve data from database
$sql="SELECT * FROM project WHERE id='$id'";
$result=mysql_query($sql);
$rows=mysql_fetch_array($result);
?>
<table width="400" border="0" cellspacing="1" cellpadding="0">
<tr>
<form name="form1" method="post" action="update_orde_suc.php">
<td>
<table width="100%" border="0" cellspacing="1" cellpadding="0">
<tr>
<td colspan="5"><strong>Update Data</strong> </td>
</tr>
<tr>
<td align="center"><strong>Project Name</strong></td>
<td align="center"><strong>Customer</strong></td>
<td align="center"><strong>Address</strong></td>
<td align="center"><strong>Cost</strong></td>
<td align="center"><strong>Details</strong></td>
</tr>
<tr>
<td><input name="pn" type="text" id="pn" value="<? echo $rows['proj_name']; ?>"></td>
<td align="center"><input name="cn" type="text" id="cn" value="<? echo $rows['cust_name']; ?>" size="15"></td>
<td align="center"><input name="add" type="text" id="add" value="<? echo $rows['address']; ?>" size="15"></td>
<td><input name="cost" type="text" id="cost" value="<? echo $rows['cost']; ?>" size="15"></td>
<td><input name="details" type="text" id="details" value="<? echo $rows['details']; ?>" size="15"></td>
</tr>
<tr>
<td align="center" colspan="5"><input name="id" type="hidden" id="id" value="<? echo $rows['id']; ?>"> <input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
<?
// close connection
mysql_close();
?>
and here's the successful insertion into the database (update_orde_suc.php):
<?php
include("connect.php");
$id=$_POST['id'];
$pn = $_POST['proj_name'];
$cn = $_POST['cust_name'];
$add = $_POST['address'];
$cost = $_POST['cost'];
$det = $_POST['details'];
// update data in mysql database
$sql="UPDATE project SET proj_name='$pn', cust_name='$cn',address='$add', cost='$cost', details='$det' WHERE id='$id'";
$result=mysql_query($sql);
// if successfully updated.
if($result){
echo "Successful";
echo "<BR>";
echo "<a href='orders_edit.php'>View result</a>";
}
else {
echo "ERROR";
}
?>
The problem is that when I try to change the data there is an error that says the 3 first indexes of update_orde_suc.php are undefined (cost and details are ok).
The weirdest thing is that I used the exact same code for another table update and it worked just fine, the only thing i did now was to change the names of the variables to correspond to the names of the new table.
You mixed up the variables badly. For example you save the proj_name coming from input as $pn and later when you are inserting it in the database you use $proj_name. You have to stick with the variable names throughout the code to work.
I created a html form to enable users to update data. However the input data (array values) are not passed through to php SUBMIT, thus clicking SUBMIT does not update the table. When I go into the SUBMIT portion of the script and change the SET to specific numbers or text, the table is updated. Meaning that the values from the html input data array are not being passed through properly to the SUBMIT portion of the script. Any help appreciated.
<?php
//Mysql connection and initial select query placed above
?>
<table width="400" border="0" cellspacing="1" cellpadding="0">
<form name="Contacts" method="post" action="">
<tr>
<td>
<table width="400" border="0" cellspacing="1" cellpadding="0">
<tr>
<td align="center"><strong>Id</strong></td>
<td align="center"><strong>Name</strong></td>
<td align="center"><strong>Lastname</strong></td>
<td align="center"><strong>Email</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center"><?php $id[]=$rows['id']; ?><?php echo $rows['id']; ?></td>
<td align="center"><input name="name[]" type="text" id="name" value="<?php echo $rows['name']; ?>"></td>
<td align="center"><input name="lastname[]" type="text" id="lastname" value="<?php echo $rows['lastname']; ?>"></td>
<td align="center"><input name="email[]" type="text" id="email" value="<?php echo $rows['email']; ?>"></td>
</tr>
<?php
}
?>
<tr>
<td colspan="4" align="center"><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</td>
</tr>
</form>
</table>
<?php
// Check if button name "Submit" is active, do this
if(isset($_POST['Submit'])){
$id=$_POST['id'];
$name=$_POST['name'];
for($i=0;$i<$num;$i++){
$sql1="UPDATE contacts SET name= ".$name[$i]." WHERE id= ".$id[$i]."";
$result1=mysql_query($sql1);
}
}
if($result1){
header("location:updated.php");
}
mysql_close();
?>
Thanks!
You are missing single quotes around your $name[$i] in the SQL statement. If id is not always numeric, you will also need to surround $id[$i] in single quotes.
$sql1="UPDATE contacts SET name= '".$name[$i]."' WHERE id= ".$id[$i]."";
//------------------------------^^^-----------^^^
Some error checking in your mysql_query() call would make this clearer. See below.
And you must filter these against SQL injection before passing them to the query.
for($i=0;$i<$num;$i++) {
// Call mysql_real_escape_string() to sanitize these...
$id[$i] = mysql_real_escape_string($id[$i]);
$name[$i] = mysql_real_escape_string($name[$i]);
$sql1="UPDATE contacts SET name= '".$name[$i]."' WHERE id= ".$id[$i]."";
$result1 = mysql_query($sql1);
// Error checking:
if (!$result1) {
echo mysql_error();
}
}
My Mistake. I didn't look at the form enough. You are assigning an array here. PHP is easy to debug-
Right here:
$id=$_POST['id'];
$name=$_POST['name'];
After those lines use var_dump($id) or print_r($id) to check out the contents in your variables.
Thanks very much for the prompt responses and the assistance provided. After implementing the recommended changes, the final working script (using PHP 5.2) is as shown below (for anyone who might need it).
<?php
Mysql connection, initial query and then close Mysql connection
?>
<table width="500" border="0" cellspacing="1" cellpadding="0">
<form name="Contacts" method="post" action="">
<tr>
<td>
<table width="500" border="0" cellspacing="1" cellpadding="0">
<tr>
<td align="center"><strong>Id</strong></td>
<td align="center"><strong>Name</strong></td>
<td align="center"><strong>Lastname</strong></td>
<td align="center"><strong>Email</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center"><?php $id[]=$rows['id']; ?><?php echo $rows['id']; ?></td>
<td align="center"><input name="name[]" type="text" id="name" value="<?php echo $rows['name']; ?>"></td>
<td align="center"><input name="lastname[]" type="text" id="lastname" value="<?php echo $rows['lastname']; ?>"></td>
<td align="center"><input name="email[]" type="text" id="email" value="<?php echo $rows['email']; ?>"></td>
</tr>
<?php
}
?>
<tr>
<td height="75" colspan="4" align="center"><input type="submit" name="Submit" value=" save for later "></td>
</tr>
</table>
</td>
</tr>
</form>
</table>
<?php
// Check if button name "Submit" is active, do this
if(isset($_POST['Submit'])){
mysql_connect($dbhost,$username,$password);
#mysql_select_db($database) or die( "Unable to select database");
$name=$_POST['name'];
for($i=0;$i<$num;$i++) {
// sanitize...
$id[$i] = mysql_real_escape_string($id[$i]);
$name[$i] = mysql_real_escape_string($name[$i]);
$sql1="UPDATE test_mysql SET name= '".$name[$i]."' WHERE id= ".$id[$i]."";
$result1 = mysql_query($sql1);
// Error checking:
if (!$result1) {
echo mysql_error();
}
}
if($result1){
header("location:updated.php");
}
}
mysql_close();
?>