MySQL update

[MattD00]

I am trying to update the content of my website which is all stored in a MySQL database.

 

Currently on the page I am displaying all the data stored in the database using MySQL SELECT and a while loop. Using JavaScript when the text is clicked the element changes into a text box allowing the text to be edited.

 

What I want to do is be able to change the data in the text box and then store it into the database updating the current data.

 

<form method="post" action="editindex.php">
<?php
$sql = "SELECT * FROM home ORDER BY id ASC";
$result = mysql_query($sql);
while($row = mysql_fetch_assoc($result)){
echo "<span id=\"itm1\" onclick=\"exchange(this);\">" . $row['title'] . "</span><input ondblclick=\"exchange(this);\" id=\"itm1b\" class=\"replace\" type=\"text\ name=\"title\">";?>
<input type="submit" value="Save" name="submit">
<input type="hidden" name="id" value="<?php  $row['id'] ?>"
</form>
<?php 
if (isset ($_POST['submit'])) {
$update = "UPDATE home SET title=".$_POST['title']." WHERE id=".$_POST['id']."";
mysql_query($update);
}
?>

 

I have more text being output from the while loop below but I just want to get it working on the title first.

 

Any ideas of why the update is not working?

 

[Pikachu2000]

String values need to be quoted in the query string. Also, your query is open to SQL injection. You need to validate and sanitize all user submitted data.

[MattD00]

I'm an not bothered about the SQL injection right now I just want to get it all working first. It is behind a login so its not my main priority.

Thanks for the help.

 

[dyr]

Hi, did you get this working?

[sunfighter]

See if this helps Matt:

 

<form method="post" action="editindex.php">
<?php
//$row["title"] = "TheTitle";
//$row["id"] = "TheId";
$sql = "SELECT * FROM home ORDER BY id ASC";
$result = mysql_query($sql);
while($row = mysql_fetch_assoc($result))
{
echo "
<span id=\"itm1\" onclick=\"exchange(this);\">".$row['title']."</span>
<input ondblclick=\"exchange(this);\" id=\"itm1b\" class=\"replace\" type=\"text\" name=\"title\" >
<input ondblclick=\"exchange(this);\" id=\"itm1b\" class=\"replace\" type=\"text\" name=\"title\">
<input type=\"submit\" value=\"Save\" name=\"submit\">
<input type=\"hidden\" name=\"id\" value=".$row['id'].">
";
}
?>
</form>




<?php
if (isset ($_POST['submit']))
{
$update = "UPDATE home SET title = '".$_POST['title']."' WHERE id = '" .$_POST['id']."'";
mysql_query($update);
}
?>

[MattD00]

It is still now workning I have no idea what the problem is. I can never seem to get update queries to work.

[Pikachu2000]

"Still not working" is a pretty broad description. Post your revised code.

[MattD00]

<form method="post" action="editindex.php">
<?php
//$row["title"] = "title";
//$row["id"] = "id";
$sql = "SELECT * FROM home ORDER BY id ASC";
$result = mysql_query($sql);
while($row = mysql_fetch_assoc($result)){
echo "<span id=\"itm1\" onclick=\"exchange(this);\">" . $row['title'] . "</span>
<input ondblclick=\"exchange(this);\" id=\"itm1b\" class=\"replace\" type=\"text\ name=\"title\">";
}
?>
<input type="submit" value="Save" name="update">
<input type="hidden" name="id" value="<?php  $row['id'] ?>"
</form>
<?php 
if (isset ($_POST['update']))
{
//$row["title"] = "title";
//$row["id"] = "id";
$update = "UPDATE home SET title = '".$_POST['title']."' WHERE id = '" .$_POST['id']."'";
mysql_query($update);
}
?>

[sunfighter]

This line:

<input ondblclick=\"exchange(this);\" id=\"itm1b\" class=\"replace\" type=\"text\ name=\"title\">";

is missing a "

<input ondblclick=\"exchange(this);\" id=\"itm1b\" class=\"replace\" type=\"text\" name=\"title\">";

 

And this line:

<input type="hidden" name="id" value="<?php  $row['id'] ?>"

is missing the word echo and the terminator.

<input type="hidden" name="id" value="<?php  echo $row['id'];  ?>"