mayman212 Posted September 6, 2011 Share Posted September 6, 2011 Hi I have a list created using php and mysql linked together. I have an edit and a delete button which edits and deletes data on the database. When I click edit it brings up current information and I can change it, which is fine. But I click to edit it in the database it changes all the records I have in the database!!! Instead of the specific record!!!! Could anybody please help!!!! Quote Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/ Share on other sites More sharing options...
mayman212 Posted September 6, 2011 Author Share Posted September 6, 2011 Here is the code by the way: <?php if ((!isset($_GET['id']) || trim($_GET['id']) == '')) { die('Missing record ID!'); echo "<a href='display.php'>List</a>"; } $con= mysql_connect('localhost','root','') or die ('Unable to connect!'); mysql_select_db("project1", $con); $id= $_GET['id']; mysql_query("UPDATE project_data SET Date_Of_Birth='".$_POST[dateofbirth]."',Gender='".$_POST[gender]."',Title='".$_POST[title]."',First_Name='".$_POST[firstname]."',Last_Name='".$_POST[surname]."',Address_Line_1='".$_POST[address1]."',Address_Line_2='".$_POST[address2]."',City='".$_POST[city]."',Postcode='".$_POST[postcode]."',Contact_No='".$_POST[contactno]."',Email='".$_POST."',Additional_Comment='".$_POST[note]."'") or die ("Error in query: $query. " . mysql_error()); mysql_close($con); echo 'Data Has Been Successfuly Updated.'; echo '<a href=display.php>Go Back</a>'; ?> Quote Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/#findComment-1265909 Share on other sites More sharing options...
Muddy_Funster Posted September 6, 2011 Share Posted September 6, 2011 Of course it does, you have no WHERE statement in your UPDATE to specify that you only want a single record updated. Quote Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/#findComment-1265911 Share on other sites More sharing options...
mayman212 Posted September 6, 2011 Author Share Posted September 6, 2011 Sorry anyone have any idea where to put the WHERE statement....My mind has gone blank!! Quote Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/#findComment-1265927 Share on other sites More sharing options...
Muddy_Funster Posted September 6, 2011 Share Posted September 6, 2011 at the end Quote Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/#findComment-1265932 Share on other sites More sharing options...
flappy_warbucks Posted September 6, 2011 Share Posted September 6, 2011 As a side note: Read a book about PHP security and application design, and also touch up on your mysql. However, the query should be: "UPDATE project_data SET Date_Of_Birth='".$_POST[dateofbirth]."', Gender='".$_POST[gender]."', Title='".$_POST[title]."', First_Name='".$_POST[firstname]."', Last_Name='".$_POST[surname]."', Address_Line_1='".$_POST[address1]."', Address_Line_2='".$_POST[address2]."', City='".$_POST[city]."', Postcode='".$_POST[postcode]."', Contact_No='".$_POST[contactno]."', Email='".$_POST[email]."', Additional_Comment='".$_POST[note]. "' where { ENTER YOUR CONDITIONS HERE (i.e. where username='". $_POST['username']. "') });" Also look into uses of mysql_real_escape_string() and add_slashes(). Putting data directly into a database query is asking for trouble. Quote Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/#findComment-1265935 Share on other sites More sharing options...
AyKay47 Posted September 6, 2011 Share Posted September 6, 2011 Sorry anyone have any idea where to put the WHERE statement....My mind has gone blank!! this should help.. http://dev.mysql.com/doc/refman/5.0/en/where-optimizations.html Quote Link to comment https://forums.phpfreaks.com/topic/246535-editing-gone-wrong/#findComment-1265939 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.