Jump to content

Update Button


spanner206
Go to solution Solved by Barand,

Recommended Posts

hi ive been trying to sort this update button out but i keep getting errors and got no clue how to fix it. heres the code.

 

<?php
 
$con=mysqli_connect("localhost","","","lcm");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
 
 
$sql = "Select * from tbl_contactinfo";
 
if (isset($_POST['update'])){
$UpdateQuery = "UPDATE tbl_contactinfo SET Name='$_POST[Name]', Address='$_POST[Address]' WHERE Name = '$_post[hidden]'";
mysql_query($UpdateQuery,$con);
 
 
 
};
if ($result = mysqli_query($con, $sql)){
 
echo "<table border='1'>
<tr>
<th>Name</th>
<th>Address</th>
</tr>";
 
while($row = mysqli_fetch_array($result))
{ echo "<form action = index1.php method =post>";
echo "<tr>";
echo "<td>" . "<input type= text name =Name value =" . $record['Name'] . "</td>"; 
echo "<td>" . "<input type= text name =address value =" . $record['Address'] . "</td>";
echo "<td>" . "<input type= hidden hidden =Name value =" . $record['hidden'] . "</td>"; 
echo "<td>" . "<input type= submit name = update value=update". " </td>";
echo "</form>";
}
echo "</table>";
mysql_close($con);
?>
 
 
if someone could help id really apreciate it.
Edited by spanner206
Link to comment
Share on other sites

You might want to mention the errors.

 

You might also want to find some beginner books on using databases with PHP. Placing user inputted data like that directly into your sql is a major security concern that will get your script easily hacked.

Link to comment
Share on other sites

There are a few issues with your script

 

Variable names are case sensitive. so $_POST and $_post are completely different variables. $_post[hidden'] should be $_POST['hidden']

 

You should also sanitize any user input before using it within an sql query

$name    = mysql_real_escape_string($_POST['name']);
$address = mysql_real_escape_string($_POST['address']);
$hidden  = mysql_real_escape_string($_POST['hidden']);

$UpdateQuery = "UPDATE tbl_contactinfo SET Name='$name', Address='$address' WHERE Name='$hidden'";

If you don't sanitize user input you'll be prone to SQL Injection attacks which will allow a malicious user to run SQL queries to perform harmful operations.

 

Your HTML form is incorrect for the field named hidden

echo "<td>" . "<input type= hidden hidden =Name value =" . $record['hidden'] . "</td>"; 

hidden =Name    should be    Name = hidden

 

Also always output valid HTML syntax

while($row = mysqli_fetch_array($result))
{
   echo '<form action="index1.php" method="post">';
   echo '<tr>';
   echo '<td><input type="text" name="Name" value="' . $record['Name'] . '" /></td>'; 
   echo '<td><input type="text" name="address" value="' . $record['Address'] . '" /></td>';
   echo '<td><input type="hidden" name="hidden" value="' . $record['hidden'] . '" /></td>'; 
   echo '<td><input type="submit" name="update" value="update" /></td>';
   echo '</form>';
}
 
Also you have miss match curly braces { and } , before the closing php tags ?> you need a }
 
Your fixed code
<?php
 
$con = mysqli_connect("localhost","root","","lcm");
// Check connection
if (mysqli_connect_errno())
{
	echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

if (isset($_POST['update']))
{
	$name    = mysql_real_escape_string($_POST['name']);
	$address = mysql_real_escape_string($_POST['address']);
	$hidden  = mysql_real_escape_string($_POST['hidden']);

	$UpdateQuery = "UPDATE tbl_contactinfo SET Name='$name', Address='address' WHERE Name='$hidden'";
	mysql_query($UpdateQuery,$con);
}

$sql = "Select * from tbl_contactinfo";
if ($result = mysqli_query($con, $sql))
{
	echo "<table border='1'>
	<tr>
	<th>Name</th>
	<th>Address</th>
	</tr>";
	 
	while($row = mysqli_fetch_array($result))
	{
		echo '<form action="index1.php" method="post">';
		echo '<tr>';
		echo '<td><input type="text" name="name" value="' . $record['Name'] . '" /></td>'; 
		echo '<td><input type="text" name="address" value="' . $record['Address'] . '" /></td>';
		echo '<td><input type="hidden" name="hidden" value="' . $record['hidden'] . '" /></td>'; 
		echo '<td><input type="submit" name="update" value="update" /></td>';
		echo '</form>';
	}
	echo "</table>";
	mysql_close($con);
}
?>
Edited by Ch0cu3r
Link to comment
Share on other sites

The loop should be as followed:

	while($row = mysqli_fetch_array($result))
	{
		echo '<form action="index1.php" method="post">';
		echo '<tr>';
		echo '<td><input type="text" name="name" value="' . $row['Name'] . '" /></td>'; 
		echo '<td><input type="text" name="address" value="' . $row['Address'] . '" /></td>';
		echo '<td><input type="hidden" name="hidden" value="' . $row['hidden'] . '" /></td>'; 
		echo '<td><input type="submit" name="update" value="update" /></td>';
		echo '</form>';
	}

$record was being used for data but there was no assignment of the variable, you were using $row on the result.

Edited by Strychnine
Link to comment
Share on other sites

actually scratch that when i press update these messages comes up.

( ! ) Notice: Undefined index: Name in C:\wamp\www\Index1.php on line 12 Call Stack # Time Memory Function Location 1 0.0000 146432 {main}( ) ..\Index1.php:0

 

( ! ) Notice: Undefined index: Address in C:\wamp\www\Index1.php on line 13 Call Stack # Time Memory Function Location 1 0.0000 146432 {main}( ) ..\Index1.php:0
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.