Jump to content

My Code updates all my Database Entries. Not just the one referenced by the id

mhoard8110

By mhoard8110
in PHP Coding Help

Recommended Posts

mhoard8110 Newbie

mhoard8110

Posted
Posted

Not sure why it is doing this.  The process is you log in, which brings you to a screen showing a populated list of customer names by their database id and when you click each name, an information page opens showing al their editable data.  when this page is submitted, it should update that particular id's info, but it is updating all my customers.  Here's the code:

 

<?php

session_start();

include "auth_admin.inc.php";

include "conn.inc.php";

?>

<html>

<head>

<title>Roofers Compete - Estimator Realm</title>

</head>

<body>

<h1>Update Customer Information</h1>

<p>

<?php

if (isset($_POST['submit']) && $_POST['submit'] == "Update") {

  $query_update = "UPDATE customerdata SET fname = '" .

                  $_POST['fname'] . "', lname = '" .

                  $_POST['lname'] . "', address = '" .

                  $_POST['address'] . "', city = '" .

                  $_POST['city'] . "', zip = '" .

                  $_POST['zip'] . "'";

  $result_update = mysql_query($query_update)

    or die(mysql_error());

 

  $query = "SELECT * FROM customerdata WHERE id = '" . $_POST['id'] . "'";

  $result = mysql_query($query)

    or die(mysql_error());

 

  $row = mysql_fetch_array($result);

?>

  <b>Customer information has been updated.</b><br>

  <a href="admin_area.php">Click here</a> to return to the admin area.

  <form action="update_user.php" method="post">

    <input type="hidden" name="id" value="<?php echo $_POST['id']; ?>">

    First Name: <input type="text" name="fname"

                  value="<?php echo $row['fname']; ?>"><br>

    Last Name: <input type="text" name="lname"

                value="<?php echo $row['lname']; ?>"><br>

    Email: <input type="text" name="email"

            value="<?php echo $row['email']; ?>"><br>

    City: <input type="text" name="city"

            value="<?php echo $row['city']; ?>"><br>

    Zip Code: <input type="text" name="zip"

            value="<?php echo $row['zip'];?>"><br>

    <br><br>

    <input type="submit" name="submit" value="Update">

  </form>

<?php

} else {

  $query = "SELECT * FROM customerdata WHERE id = '" . $_GET['id'] . "'";

  $result = mysql_query($query)

    or die(mysql_error());

 

  $row = mysql_fetch_array($result);

?>

  <form action="update_user.php" method="post">

    <input type="hidden" name="id" value="<?php echo $_GET['id']; ?>">

    First Name: <input type="text" name="fname"

                  value="<?php echo $row['fname']; ?>"><br>

    Last Name: <input type="text" name="lname"

                value="<?php echo $row['lname']; ?>"><br>

    Email: <input type="text" name="email"

            value="<?php echo $row['email']; ?>"><br>

    City: <input type="text" name="city"

            value="<?php echo $row['city']; ?>"><br>

    Zip Code: <input type="text" name="zip"

            value="<?php echo $row['zip']; ?>"><br>

    <br><br>

    <input type="submit" name="submit" value="Update">  

    <input type="button" value="Cancel" onClick="history.go(-1);">

  </form>

<?php

}

?>

</p>

</body>

</html>

 

 

.josh Advanced Member

.josh

Posted
Posted

That's because you didn't specify the customer's id in your query.  It should be

 

update table set col1=var,col2=var...where idcolumn=customerid

 

looks like you're passing the id as a hidden field in the form. Just got to add it to your query.

flyhoney Member

flyhoney

Posted
Posted 

$query_update = "
    UPDATE 
        customerdata 
    SET 
        fname = '" . $_POST['fname'] . "', 
        lname = '" . $_POST['lname'] . "', 
        address = '" . $_POST['address'] . "', 
        city = '" . $_POST['city'] . "', 
        zip = '" . $_POST['zip'] . "'
    WHERE
        id = '" . $_POST['id'] . "'";

 

 

Jesus loves pretty queries.

 

Also, you need to escape your database inputs with mysql_real_escape_string or something.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.