I have done this before and for some reason I just can't get it to work this time!
I'm pulling my hair out over this! Because there is no errors, it just wont update the database.
Basically I Have a Table with student data in....
ID | IMGNU | Firstname | Surname | FBID
Let's use row 233 for an example.
I can view a specific row by going to view.php?ID=233
Then that works, but now i want to be able to go to edit.php?ID=233
and it should load a form, that already has the info from row 233.
I should then be able to edit the data in the fields and submit the form,
which would change the information in the database.
Here is what i have already.
edit.php
<?php
mysql_connect('localhost', 'admin', 'passw0rd') or die(mysql_error());
echo "Tick <p>";
mysql_select_db("students") or die(mysql_error());
echo "Tick";
$UID = $_GET['ID'];
$query = mysql_query("SELECT * FROM stokesley_students WHERE id = '$UID'")
or die(mysql_error());
while($row = mysql_fetch_array($query)) {
echo "";
$firstname = $row['firstname'];
$surname = $row['surname'];
$FBID = $row['FBID'];
$IMGNU = $row['IMGNU'];
};
?>
<form action="update.php?ID=<?php echo "$UID" ?>" method="post">
IMGNU: <input type="text" name="ud_img" value="<?php echo "$IMGNU" ?>"><br>
First Name: <input type="text" name="ud_firstname" value="<?php echo "$firstname" ?>"><br>
Last Name: <input type="text" name="ud_surname" value="<?php echo "$surname" ?>"><br>
FB: <input type="text" name="ud_FBID" value="<?php echo "$FBID" ?>"><br>
<input type="Submit">
</form>
And here is update.php
<
?php
$ud_ID = $_GET["ID"];
$ud_firstname = $_POST["ud_firstname"];
$ud_surname = $_POST["ud_surname"];
$ud_FBID = $_POST["ud_FBID"];
$ud_IMG = $_POST["ud_IMG"];
mysql_connect('localhost', 'admin', 'passw0rd') or die(mysql_error());
echo "MySQL Connection Established! <br>";
mysql_select_db("students") or die(mysql_error());
echo "Database Found! <br>";
$query="UPDATE * stokesley_students SET firstname = '$ud_firstname', surname = '$ud_surname',
FBID = '$ud_FBID' WHERE ID ='$ud_IMG'";
mysql_query($query);
echo "<p>Record Updated<p>";
mysql_close();
?>
Any ideas would be much appreciated, maby im just missing something stupid?
Thanks
Alex
edit.php - with some changes
<?php
mysql_connect('localhost', 'admin', 'passw0rd') or die(mysql_error());
mysql_select_db("students") or die(mysql_error());
$UID = (int)$_GET['ID'];
$query = mysql_query("SELECT * FROM stokesley_students WHERE id = '$UID'") or die(mysql_error());
if(mysql_num_rows($query)>=1){
while($row = mysql_fetch_array($query)) {
$firstname = $row['firstname'];
$surname = $row['surname'];
$FBID = $row['FBID'];
$IMGNU = $row['IMGNU'];
}
?>
<form action="update.php" method="post">
<input type="hidden" name="ID" value="<?=$UID;?>">
IMGNU: <input type="text" name="ud_img" value="<?=$IMGNU;?>"><br>
First Name: <input type="text" name="ud_firstname" value="<?=$firstname?>"><br>
Last Name: <input type="text" name="ud_surname" value="<?=$surname?>"><br>
FB: <input type="text" name="ud_FBID" value="<?=$FBID?>"><br>
<input type="Submit">
</form>
<?php
}else{
echo 'No entry found. Go back';
}
?>
update.php (Apart from the asterisk, Your query was also matching ID with the $ud_IMG variable)
<?php
mysql_connect('localhost', 'admin', 'passw0rd') or die(mysql_error());
mysql_select_db("students") or die(mysql_error());
$ud_ID = (int)$_POST["ID"];
$ud_firstname = mysql_real_escape_string($_POST["ud_firstname"]);
$ud_surname = mysql_real_escape_string($_POST["ud_surname"]);
$ud_FBID = mysql_real_escape_string($_POST["ud_FBID"]);
$ud_IMG = mysql_real_escape_string($_POST["ud_IMG"]);
$query="UPDATE stokesley_students
SET firstname = '$ud_firstname', surname = '$ud_surname', FBID = '$ud_FBID'
WHERE ID='$ud_ID'";
mysql_query($query)or die(mysql_error());
if(mysql_affected_rows()>=1){
echo "<p>($ud_ID) Record Updated<p>";
}else{
echo "<p>($ud_ID) Not Updated<p>";
}
?>
"UPDATE * stokesley_students SET firstname = '$ud_firstname', surname = '$ud_surname',
FBID = '$ud_FBID' WHERE ID ='$ud_IMG'"
That query is wrong, remove the asterisk. Also, you don't know if there is an error because you don't check the return type of mysql_query or use mysql_error.
The update query is wrong. You need to tell it which table then which fields specifically. The asterisk is only used on select statements.
Also it would be helpful if you checked for whether or not the query was successful. Take a look below. I have rewritten your code a bit. I also allowed for the ID to come from the POST or the GET by using REQUEST. And I removed the mysql_close() call since it is completely unneeded as it will be closed when the script stops running.
<?php
$ud_ID = $_REQUEST["ID"];
$ud_firstname = $_POST["ud_firstname"];
$ud_surname = $_POST["ud_surname"];
$ud_FBID = $_POST["ud_FBID"];
$ud_IMG = $_POST["ud_IMG"];
mysql_connect('localhost', 'admin', 'passw0rd') or die(mysql_error());
echo "MySQL Connection Established! <br>";
mysql_select_db("students") or die(mysql_error());
echo "Database Found! <br>";
$query = "UPDATE stokesley_students SET firstname = '$ud_firstname', surname = '$ud_surname',
FBID = '$ud_FBID' WHERE ID = '$ud_ID'";
$res = mysql_query($query);
if ($res)
echo "<p>Record Updated<p>";
else
echo "Problem updating record. MySQL Error: " . mysql_error();
?>
Quick little reference on the PHP mysql_query function: http://nl.php.net/manual/en/function.mysql-query.php
Also I bet you would like a few good tutorials to help you out learning PHP and MySQL. Check out this site: http://net.tutsplus.com/category/tutorials/php/
Related
I'm trying to create a form that allows a user to select a field from a drop down box and then change what is currently written in the field.
My current code allows me to view the drop down list select the field I want to change and then enter my new text into a box. But when I click update, nothing happens.
<?php
mysql_connect("", "", "") or die(mysql_error());
mysql_select_db("") or die(mysql_error());
$query = "SELECT * FROM news_updates";
$result=mysql_query($query) or die("Query Failed : ".mysql_error());
$i=0;
while($rows=mysql_fetch_array($result))
{
$roll[$i]=$rows['Text'];
$i++;
}
$total_elmt=count($roll);
?>
---------------------------------------------------------Now I have the form
<form method="POST" action="">
Select the news post to Update: <select name="sel">
<option>Select</option>
<?php
for($j=0;$j<$total_elmt;$j++)
{
?><option><?php
echo $roll[$j];
?></option><?php
}
?>
</select><br />
Text Field: <input name="username" type="text" /><br />
<input name="submit" type="submit" value="Update"/><br />
<input name="reset" type="reset" value="Reset"/>
</form>
-----------------------------------------------Now I have the update php
<?php
if(isset($_POST['submit']))
{
$username=$_POST['username'];
$query2 = "UPDATE news_updates SET username='$username' WHERE rollno='$value'";
$result2=mysql_query($query2) or die("Query Failed : ".mysql_error());
echo "Successfully Updated";
}
?>
Well, you seem to be missing the $value part. Something like this should do, for the last part:
<?php
if(isset($_POST['submit']))
{
$username = mysql_real_escape_string($_POST['username']);
$value = mysql_real_escape_string($_POST['sel']);
$query2 = "UPDATE news_updates SET username='$username' WHERE rollno='$value'";
echo $query2; //For test, to see what is generated, and sent to database
$result2=mysql_query($query2) or die("Query Failed : ".mysql_error());
echo "Successfully Updated";
}
?>
Also, you should not use mysql_* functions as they are deprecated. You should switch to mysqli or PDO.
First, try adding a value to your options, like so:
for($j=0;$j<$total_elmt;$j++)
{
?>
<option value="<?php echo $roll['id']; ?>"><?php echo $roll['option_name']; ?></option>
<?php
}
Then, when you parse your file, go like so:
$value = $_POST['sel']; // add any desired security here
That should do it for you
You need to change this
<?php
for($j=0;$j<$total_elmt;$j++)
{
?><option><?php
echo $roll[$j];
?></option><?php
}
to this
<?php
for($j=0;$j<$total_elmt;$j++)
{
?><option value="<?php echo $roll[$j];?>"> <?php echo $roll[$j];?></option> <?php
}
And you also need to change the update query from this
$query2 = "UPDATE news_updates SET username='$username' WHERE rollno='$value'";
to this
$query2 = "UPDATE news_updates SET username='$username' WHERE rollno='".$_POST['sel']."'";
N. B.: Here I am assuming that $_POST['sel'] has the value selected by the user from the drop down menu because I could not find anything which corresponds to $value
I want to create a book inventory with Create, Read, Update and Delete. I got it all going except for the Update query. Here is my code. First is the proj.php
<html>
<body>
<b>BOOK INVENTORY</b>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
Title: <input type="text" name="title">
Subtitle: <input type="text" name="subtitle">
Author: <input type="text" name="author">
Genre/Type: <select name="genre">
<option value="Business">Business</option>
<option value="Family">Family</option>
<option value="Romance">Romance</option>
<option value="Education">Education</option>
<option value="Self-help">Self-help</option>
<option value="Spiritual">Spiritual</option>
<option value="Music">Music</option>
</select>
Publish Date: <input type="date" name="publishdate">
Publisher: <input type="text" name="publisher">
Series: <input onkeypress="return isNumberKey(event)" type="text" name="series">
ISBN: <input type="text" name="isbn">
Pages: <input onkeypress="return isNumberKey(event)" type="text" name="pages">
Price: <input type="text" value="$" name="price">
<input type="submit" value="Create" name="submit">
</form>
<!--create new book entry-->
<?php
include 'connection.php';
if (!isset($_POST['submit'])) {
// form not submitted
}
else {
// get form input
// check to make sure it's all there
// escape input values for greater safety
$title = empty($_POST['title']) ? die ("ERROR: Enter a Title") : mysql_escape_string($_POST['title']);
$subtitle = empty($_POST['subtitle']) ? die ("ERROR: Enter an Subtitle") : mysql_escape_string($_POST['subtitle']);
$author = empty($_POST['author']) ? die ("ERROR: Enter an Author") : mysql_escape_string($_POST['author']);
$genre = empty($_POST['genre']) ? die ("ERROR: Enter a Genre/Type") : mysql_escape_string($_POST['genre']);
$publishdate = empty($_POST['publishdate']) ? die ("ERROR: Enter a Publish Date") : mysql_escape_string($_POST['publishdate']);
$publisher = empty($_POST['publisher']) ? die ("ERROR: Enter a Publisher") : mysql_escape_string($_POST['publisher']);
$series = empty($_POST['series']) ? die ("ERROR: Enter a Series") : mysql_escape_string($_POST['series']);
$isbn = empty($_POST['isbn']) ? die ("ERROR: Enter an ISBN") : mysql_escape_string($_POST['isbn']);
$pages = empty($_POST['pages']) ? die ("ERROR: Enter a Pages") : mysql_escape_string($_POST['pages']);
$price = empty($_POST['price']) ? die ("ERROR: Enter a Price") : mysql_escape_string($_POST['price']);
// create query
$insert = "INSERT INTO books (Title, Subtitle, Author, Genre, Publishdate, Publisher, Series, ISBN, Pages, Price)
VALUES ('$title', '$subtitle', '$author', '$genre', '$publishdate', '$publisher', '$series', '$isbn', '$pages', '$price')";
// execute query
$result = mysql_query($insert) or die ("Error in query: $insert. ".mysql_error());
// print message of the new book inserted
//echo "New book record created entitled "."$ ";
}
if (!isset($_POST['submit'])) {
}
$query = "SELECT * FROM symbols";
?>
<!------------><!------------><!------------><!------------><!------------>
<!------------><!------------><!------------><!------------><!------------>
<!--Delete Record-->
<?php
// set server access variables
$host = "localhost";
$user = "root";
$pass = "";
$db = "david";
// create mysqli object
// open connection
$mysqli = new mysqli($host, $user, $pass, $db);
// check for connection errors
if (mysqli_connect_errno()) {
die("Unable to connect!");
}
// if id provided, then delete that record
if (isset($_GET['id'])) {
// create query to delete record
$query = "DELETE FROM books WHERE id = ".$_GET['id'];
// execute query
if ($mysqli->query($query)) {
// print number of affected rows
echo $mysqli->affected_rows." row(s) affected";
}
else {
// print error message
echo "Error in query: $query. ".$mysqli->error;
}
}
// query to get records
$query = "SELECT * FROM books";
// execute query
if ($result = $mysqli->query($query)) {
// see if any rows were returned
if ($result->num_rows > 0) {
// yes
// print them one after another
echo "<table cellpadding=10 border=1>";
while($row = $result->fetch_array()) {
echo "<tr>";
echo "<td>".$row[0]."</td>";
echo "<td>".$row[1]."</td>";
echo "<td>Delete</td>";
echo "<td>More...</td>";
echo "</tr>";
}
}
// free result set memory
$result->close();
}
else {
// print error message
echo "Error in query: $query. ".$mysqli->error;
}
// close connection
$mysqli->close();
?>
<?php
include 'edit.php';
if (!isset($_POST['submit'])) {
}
?>
And here is my edit.php where I get the error undefined index : id at line 5
<?php
mysql_connect('localhost', 'root', '') or die(mysql_error());
mysql_select_db("david") or die(mysql_error());
$UID = (int)$_GET['id'];
$query = mysql_query("SELECT * FROM books WHERE 'id' = '$UID'") or die(mysql_error());
if(mysql_num_rows($query)>=1){
while($row = mysql_fetch_array($query)) {
$title = $row['title'];
$subtitle = $row['subtitle'];
$author = $row['author'];
$genre = $row['genre'];
$publishdate = $row['publishdate'];
$publisher = $row['publisher'];
$series = $row['series'];
$isbn = $row['isbn'];
$pages = $row['pages'];
$price = $row['price'];
}
?>
<form action="update.php" method="get">
<input type="hidden" name="id" value="<?=$UID;?>">
Title: <input type="text" name="ud_title" value="<?=$title?>"><br>
Subtitle: <input type="text" name="ud_subtitle" value="<?=$subtitle?>"><br>
Author: <input type="text" name="ud_author" value="<?=$author?>"><br>
Genre: <input type="text" name="ud_genre" value="<?=$genre?>"><br>
Publish Date: <input type="text" name="ud_publishdate" value="<?=$publishdate?>"><br>
Publisher: <input type="text" name="ud_publisher" value="<?=$publisher?>"><br>
Series: <input type="text" name="ud_series" value="<?=$series?>"><br>
ISBN: <input type="text" name="ud_isbn" value="<?=$isbn?>"><br>
Pages: <input type="text" name="ud_pages" value="<?=$pages?>"><br>
Price: <input type="text" name="ud_price" value="<?=$price?>"><br>
<input type="Submit">
</form>
<?php
}else{
}
?>
and here is my update.php with the update query
<?php
mysql_connect('localhost', 'root', '') or die(mysql_error());
mysql_select_db("david") or die(mysql_error());
$ud_ID = (int)$_POST["id"];
$ud_title = mysql_real_escape_string($_POST["ud_title"]);
$ud_subtitle = mysql_real_escape_string($_POST["ud_subtitle"]);
$ud_author = mysql_real_escape_string($_POST["ud_author"]);
$ud_genre = mysql_real_escape_string($_POST["ud_genre"]);
$ud_publishdate = mysql_real_escape_string($_POST["ud_publishdate"]);
$ud_publisher = mysql_real_escape_string($_POST["ud_publisher"]);
$ud_series = mysql_real_escape_string($_POST["ud_series"]);
$ud_isbn = mysql_real_escape_string($_POST["ud_isbn"]);
$ud_pages = mysql_real_escape_string($_POST["ud_pages"]);
$ud_price = mysql_real_escape_string($_POST["ud_price"]);
$query="UPDATE books
SET title = '$ud_title', subtitle = '$ud_subtitle', author = '$ud_author', genre = '$ud_genre', publishdate = '$ud_publishdate',
publisher = '$ud_publisher', series = '$ud_series', isbn = '$ud_isbn', pages = '$ud_pages', price = '$ud_price'
WHERE id='$ud_ID'";
mysql_query($query)or die(mysql_error());
if(mysql_affected_rows()>=1){
echo "<p>($ud_ID) Record Updated<p>";
}else{
echo "<p>($ud_ID) Not Updated<p>";
}
?>
Please kindly help me get rid of this error:
undefined index: id at edit.php.
I'm shocked by the terrible formating and not able to read the code.
But according to your description, you get undefined index: id because you either did not include the id field in the form, or you include it in the url but use $_POST instead of $_GET.
EDIT:
If this is exactly the code you have, then the problem should be the last few lines in proj.php.
include 'edit.php' is not the correct way to call edit page, but you should use a link tag which links to edit.php?id=some_id, just like you did with show.php
I am trying to delete , edit and add new recodes on the same page but it seems am failing to make it work .And I do not want to do it using ajax jquery or java script but only php .I need some help please below are my code :
<?php
include_once('con.php');
$strSQL = "SELECT film_id, name
from
filmsbox";
$rs = mysql_query($strSQL);
echo "<table border='1' ><tr bgcolor='#eeeeee'><td>Name</td> <td colspan='2'>Action</td></tr>";
while($row = mysql_fetch_assoc($rs))
{
$film_id = $row['film_id'];
$name = $row['name'];
$hometeam= mysql_real_escape_string($name);
echo "<tr bgcolor='#eeeee'><td>$name</td> <td><a href='index.php?film_id=$film_id' name ='edit'>Edit</a></td><td><a href='index.php?film_id=$film_id' name ='delete'>Delete</a></td></tr>";
}
?>
<?php
$strSQL = "SELECT film_id, name
from
filmsbox";
$rs = mysql_query($strSQL);
$row = mysql_fetch_assoc($rs);
$film_id= $row['film_id'];
$name = $row['name'];
$name = mysql_real_escape_string($name);
$film_id= $_GET['film_id'];
?>
<?php
if(isset($_POST['edit'])){
?>
<table>
<form action="index.php" method="post">
<tr>
<td>
Name
</td>
<td>
<input type = "text" name = "name" value="<?php echo $name;?>">
</td>
</tr>
<input name="film_id" type="hidden" id="film_id" value="<?php echo $film_id; ?>">
<tr>
<td>
<input type = "submit" name = "submit" value="update">
</td>
</tr>
<?php
$name = (isset($_POST['name']))? trim($_POST['name']): '';
$film_id = $_POST['film_id'];
$sql = "UPDATE filmsbox SET name='$name'
WHERE film_id ='$film_id'";
$result = mysql_query($sql);
if($result)
{
echo "Success";
}
else
{
echo "Error";
}
}
?>
<?php
/*Delete section*/
if(isset($_POST['delete']))
{
$film_id = $_GET['film_id'];
$delete = "DELETE FROM filmsbox WHERE film_id = '$film_id'";
$result = mysql_query($delete);
if($result)
{
echo "Record deleted successfuly ";
}
else
{
echo "No data deleted";
}
}
?>
Couple of pointers:
You only need to escape values before they go into the database, not when they come out and are used in HTML i.e $hometeam = mysql_real_escape_string($name);
You are pulling the same query from the database twice in quick succession which is not needed. You can remove one of the 2 $strSQL = "SELECT film_id, name
from
filmsbox";
$rs = mysql_query($strSQL); sections from the top of your code
You need to run any update/delete queries on the data before you then do your select query to pull out the records for the page, otherwise your changes will not be shown
You should be escaping the values for your update and delete queries to prevent SQL injection
Edit:
To reload the page in an edit mode, you need to change the link URL in the table to something like
<a href='index.php?film_id=$film_id&edit=1' name ='edit'>Edit</a>
Then your edit block needs to be
if ($_GET['edit']) {
I want to be clear this is not in any way a secure method of editing values, as anyone can put ?edit=1 on the url and get to the form
I need some help with PHP and SQL. Im doing a website where you can post notes in different subjects (Work, Home, School, and so on). After every note that being selected from my database I want a button that can delete that specific post when it's not needed anymore. I can make it delete but is deletes wrong note, always the one above or below. I don't know whats wrong with my code? Please help me.
<?php
$query = "SELECT * FROM notes WHERE subject='Work' order by id desc";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {
$id = $row['id'];
$subject = $row['subject'];
$date = $row['date'];
$note = $row['note'];
print "<p><strong>$subject</strong> ($id), $date </p>";
print "<p> $note </p>";
?>
//delete button starts here here
<form id="delete" method="post" action="">
<input type="submit" name="delete" value="Delete!"/>
<?php
if(isset($_POST['delete'])){
$query = "DELETE FROM notes WHERE id=$id";
$result = mysql_query($query);
}
?>
</form>
<?php
}
?>
And when I press delete I get this:
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/mirho663/www-pub/webbpage/menu2.php on line 40
What does that mean and how do I fix it?
I updated your script below, try it if it works.
<?php
if(isset($_POST['delete'])){
$id = $_POST['delete_rec_id'];
$query = "DELETE FROM notes WHERE id=$id";
$result = mysql_query($query);
}
$query = "SELECT * FROM notes WHERE subject='Work' order by id desc";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {
$id = $row['id'];
$subject = $row['subject'];
$date = $row['date'];
$note = $row['note'];
print "<p><strong>$subject</strong> ($id), $date </p>";
print "<p> $note </p>";
?>
//delete button starts here here
<form id="delete" method="post" action="">
<input type="hidden" name="delete_rec_id" value="<?php print $id; ?>"/>
<input type="submit" name="delete" value="Delete!"/>
</form>
<?php
}
?>
again I'm trying to study php mysql and it seems that I tried everything thing to figure the problem out.. but it seems as a beginner codes in the internet are not helping.. I really can't update the records in the database.
<html>
<body>
<?php
$db = mysql_connect("localhost", "root");
mysql_select_db("dbtry",$db);
$id = isset($_GET['id']) ? $_GET['id'] : null;
$submit = isset($_POST['submit']);
if ($id) {
if ($submit) {
$result = mysql_query("select * from employees where id = " . mysql_real_escape_string($_GET['id']) );
$row = mysql_num_rows($result);
if ($myrow != 0) {
mysql_query ("UPDATE employees SET firstname='$first',lastname='$last',address='$address',position='$position' WHERE id = '$id'");
}
echo "Thank you! Information updated.\n";
} else {
// query the DB
$result = mysql_query("SELECT * FROM `employees` WHERE `id` = " . mysql_real_escape_string($_GET['id']), $db);
$myrow = mysql_fetch_array($result);
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']?>">
<input type=hidden name="id" value="<?php echo $myrow["id"] ?>">
First name:<input type="Text" name="first" value="<?php echo $myrow["firstname"] ?>"><br>
Last name:<input type="Text" name="last" value="<?php echo $myrow["lastname"] ?>"><br>
Address:<input type="Text" name="address" value="<?php echo $myrow["address"]
?>"><br>
Position:<input type="Text" name="position" value="<?php echo $myrow["position"]
?>"><br>
<input type="Submit" name="submit" value="Enter information">
</form>
<?php
}
} else {
// display list of employees
$result = mysql_query("SELECT * FROM employees",$db);
while ($myrow = mysql_fetch_array($result)) {
printf("%s %s<br>\n", $_SERVER['PHP_SELF'], $myrow["id"],
$myrow["firstname"], $myrow["lastname"]);
}
}
?>
</body>
</html>
There are two things potentially causing you a problem: firstly, the values you are trying to set are variables which have not been defined. I'm assuming the begginers code you found assumed you had register globals enabled, you really don't want to do this!
The second problem, is that if you do have register globals enabled, the data isn't being sanitized, so a quotation mark could send the update awry.
Try this instead:
$first = mysql_real_escape_string( $_POST['first'] );
$last = mysql_real_escape_string( $_POST['last'] );
$address= mysql_real_escape_string( $_POST['address'] );
$position = mysql_real_escape_string( $_POST['position'] );
mysql_query ("UPDATE employees SET firstname='$first',lastname='$last',address='$address',position='$position' WHERE id = '$id'");
This should at least get you up and running. I'd strongly advise that you use either the MySQLi library, or PHP PDO, and think about using prepared statements for added security.
mysql_query("UPDATE `employees` SET `firstname`='".$first."', `lastname`='".$last."',
`address`='".$address."', `position`='".$position."' WHERE `id` = '".$id".' ; ", $db) or
die(mysql_error());
I think the problem may lie in your connection to the database. The third parameter of the mysql_connect function is a password. Therefore this:
$db = mysql_connect("localhost", "root");
should be:
$db = mysql_connect("localhost", "root", "yourPassword");
It would also help a lot if you posted what type of error you are getting.
You need to differentiate post and get. Follow the working example below. It will sort you out :D
<html>
<body>
<?php
$db = mysql_connect("localhost", "root","");
mysql_select_db("test",$db);
if($_SERVER['REQUEST_METHOD']=='POST')
{
//SUBMIT FORM
$id=isset($_POST['id'])?$_POST['id']:0;
if ($id) {
$result = mysql_query("select * from parameter where id = " . mysql_real_escape_string($id) );
$rows = mysql_num_rows($result);
if ($rows != 0) {
mysql_query ("UPDATE parameter SET name='".$_POST['name']."',value='".$_POST['value']."' WHERE id = '".$id."'");
echo "Thank you! Information updated.\n";
}
}
}
if($_SERVER['REQUEST_METHOD']=='GET')
{
//SELECT WHERE ID=GER VAR AND DISPLAY
$id = isset($_GET['id']) ? $_GET['id'] :0;//
if ($id) {
// query the DB
$result = mysql_query("SELECT * FROM parameter WHERE `id` = " . mysql_real_escape_string($_GET['id']), $db);
$myrow = mysql_fetch_array($result);
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']?>">
<input type=hidden name="id" value="<?php echo $myrow["id"] ?>">
First name:<input type="Text" name="name" value="<?php echo $myrow["name"] ?>"><br>
Last name:<input type="Text" name="value" value="<?php echo $myrow["value"] ?>"><br>
<input type="Submit" name="submit" value="Enter information">
</form>
<?php
}
else {
// display list of employees
$result = mysql_query("SELECT * FROM parameter",$db);
while ($myrow = mysql_fetch_array($result)) {
echo "<a href='".$_SERVER['PHP_SELF']."?id=".$myrow['id']."'>".$myrow['name'].": ".$myrow['value']."</a><br>";
}
}
}
?>
</body>
</html>
Usually when I run into this problem, it's because auto commit is off and I forgot to tell the connection explicitly to commit.
EDIT: Have you tried this: How can I implement commit/rollback for MySQL in PHP?? Depending on your settings, InnoDB can be set to auto commit off, which means you need to tell MySQL explicitly to commit updates after your done.