mayman212 Posted September 6, 2011 Share Posted September 6, 2011 Hi I have a list created using php and mysql linked together. I have an edit and a delete button which edits and deletes data on the database. When I click edit it brings up current information and I can change it, which is fine. But I click to edit it in the database it changes all the records I have in the database!!! Instead of the specific record!!!! Could anybody please help!!!! Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/ Share on other sites More sharing options...
mayman212 Posted September 6, 2011 Author Share Posted September 6, 2011 Here is the code by the way: <?php if ((!isset($_GET['id']) || trim($_GET['id']) == '')) { die('Missing record ID!'); echo "<a href='display.php'>List</a>"; } $con= mysql_connect('localhost','root','') or die ('Unable to connect!'); mysql_select_db("project1", $con); $id= $_GET['id']; mysql_query("UPDATE project_data SET Date_Of_Birth='".$_POST[dateofbirth]."',Gender='".$_POST[gender]."',Title='".$_POST[title]."',First_Name='".$_POST[firstname]."',Last_Name='".$_POST[surname]."',Address_Line_1='".$_POST[address1]."',Address_Line_2='".$_POST[address2]."',City='".$_POST[city]."',Postcode='".$_POST[postcode]."',Contact_No='".$_POST[contactno]."',Email='".$_POST."',Additional_Comment='".$_POST[note]."'") or die ("Error in query: $query. " . mysql_error()); mysql_close($con); echo 'Data Has Been Successfuly Updated.'; echo '<a href=display.php>Go Back</a>'; ?> Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/#findComment-1265909 Share on other sites More sharing options...
Muddy_Funster Posted September 6, 2011 Share Posted September 6, 2011 Of course it does, you have no WHERE statement in your UPDATE to specify that you only want a single record updated. Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/#findComment-1265911 Share on other sites More sharing options...
mayman212 Posted September 6, 2011 Author Share Posted September 6, 2011 Sorry anyone have any idea where to put the WHERE statement....My mind has gone blank!! Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/#findComment-1265927 Share on other sites More sharing options...
Muddy_Funster Posted September 6, 2011 Share Posted September 6, 2011 at the end Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/#findComment-1265932 Share on other sites More sharing options...
flappy_warbucks Posted September 6, 2011 Share Posted September 6, 2011 As a side note: Read a book about PHP security and application design, and also touch up on your mysql. However, the query should be: "UPDATE project_data SET Date_Of_Birth='".$_POST[dateofbirth]."', Gender='".$_POST[gender]."', Title='".$_POST[title]."', First_Name='".$_POST[firstname]."', Last_Name='".$_POST[surname]."', Address_Line_1='".$_POST[address1]."', Address_Line_2='".$_POST[address2]."', City='".$_POST[city]."', Postcode='".$_POST[postcode]."', Contact_No='".$_POST[contactno]."', Email='".$_POST[email]."', Additional_Comment='".$_POST[note]. "' where { ENTER YOUR CONDITIONS HERE (i.e. where username='". $_POST['username']. "') });" Also look into uses of mysql_real_escape_string() and add_slashes(). Putting data directly into a database query is asking for trouble. Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/#findComment-1265935 Share on other sites More sharing options...
AyKay47 Posted September 6, 2011 Share Posted September 6, 2011 Sorry anyone have any idea where to put the WHERE statement....My mind has gone blank!! this should help.. http://dev.mysql.com/doc/refman/5.0/en/where-optimizations.html Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/#findComment-1265939 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.