spanner206 Posted October 22, 2013 Share Posted October 22, 2013 (edited) hi ive been trying to sort this update button out but i keep getting errors and got no clue how to fix it. heres the code. <?php $con=mysqli_connect("localhost","","","lcm"); // Check connection if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } $sql = "Select * from tbl_contactinfo"; if (isset($_POST['update'])){ $UpdateQuery = "UPDATE tbl_contactinfo SET Name='$_POST[Name]', Address='$_POST[Address]' WHERE Name = '$_post[hidden]'"; mysql_query($UpdateQuery,$con); }; if ($result = mysqli_query($con, $sql)){ echo "<table border='1'> <tr> <th>Name</th> <th>Address</th> </tr>"; while($row = mysqli_fetch_array($result)) { echo "<form action = index1.php method =post>"; echo "<tr>"; echo "<td>" . "<input type= text name =Name value =" . $record['Name'] . "</td>"; echo "<td>" . "<input type= text name =address value =" . $record['Address'] . "</td>"; echo "<td>" . "<input type= hidden hidden =Name value =" . $record['hidden'] . "</td>"; echo "<td>" . "<input type= submit name = update value=update". " </td>"; echo "</form>"; } echo "</table>"; mysql_close($con); ?> if someone could help id really apreciate it. Edited October 22, 2013 by spanner206 Quote Link to comment Share on other sites More sharing options...
trq Posted October 22, 2013 Share Posted October 22, 2013 You might want to mention the errors. You might also want to find some beginner books on using databases with PHP. Placing user inputted data like that directly into your sql is a major security concern that will get your script easily hacked. Quote Link to comment Share on other sites More sharing options...
spanner206 Posted October 22, 2013 Author Share Posted October 22, 2013 this is the error ( ! ) Parse error: syntax error, unexpected end of file in C:\wamp\www\Index1.php on line 39 Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted October 22, 2013 Share Posted October 22, 2013 (edited) There are a few issues with your script Variable names are case sensitive. so $_POST and $_post are completely different variables. $_post[hidden'] should be $_POST['hidden'] You should also sanitize any user input before using it within an sql query $name = mysql_real_escape_string($_POST['name']); $address = mysql_real_escape_string($_POST['address']); $hidden = mysql_real_escape_string($_POST['hidden']); $UpdateQuery = "UPDATE tbl_contactinfo SET Name='$name', Address='$address' WHERE Name='$hidden'"; If you don't sanitize user input you'll be prone to SQL Injection attacks which will allow a malicious user to run SQL queries to perform harmful operations. Your HTML form is incorrect for the field named hidden echo "<td>" . "<input type= hidden hidden =Name value =" . $record['hidden'] . "</td>"; hidden =Name should be Name = hidden Also always output valid HTML syntax while($row = mysqli_fetch_array($result)) { echo '<form action="index1.php" method="post">'; echo '<tr>'; echo '<td><input type="text" name="Name" value="' . $record['Name'] . '" /></td>'; echo '<td><input type="text" name="address" value="' . $record['Address'] . '" /></td>'; echo '<td><input type="hidden" name="hidden" value="' . $record['hidden'] . '" /></td>'; echo '<td><input type="submit" name="update" value="update" /></td>'; echo '</form>'; } Also you have miss match curly braces { and } , before the closing php tags ?> you need a } Your fixed code <?php $con = mysqli_connect("localhost","root","","lcm"); // Check connection if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } if (isset($_POST['update'])) { $name = mysql_real_escape_string($_POST['name']); $address = mysql_real_escape_string($_POST['address']); $hidden = mysql_real_escape_string($_POST['hidden']); $UpdateQuery = "UPDATE tbl_contactinfo SET Name='$name', Address='address' WHERE Name='$hidden'"; mysql_query($UpdateQuery,$con); } $sql = "Select * from tbl_contactinfo"; if ($result = mysqli_query($con, $sql)) { echo "<table border='1'> <tr> <th>Name</th> <th>Address</th> </tr>"; while($row = mysqli_fetch_array($result)) { echo '<form action="index1.php" method="post">'; echo '<tr>'; echo '<td><input type="text" name="name" value="' . $record['Name'] . '" /></td>'; echo '<td><input type="text" name="address" value="' . $record['Address'] . '" /></td>'; echo '<td><input type="hidden" name="hidden" value="' . $record['hidden'] . '" /></td>'; echo '<td><input type="submit" name="update" value="update" /></td>'; echo '</form>'; } echo "</table>"; mysql_close($con); } ?> Edited October 22, 2013 by Ch0cu3r Quote Link to comment Share on other sites More sharing options...
spanner206 Posted October 22, 2013 Author Share Posted October 22, 2013 HI again ive pasted the new code in and now im starting to get another error (as you can probably tell i barely no anything ) ( ! ) Parse error: syntax error, unexpected 'Name' (T_STRING), expecting ',' or ';' in C:\wamp\www\Index1.php on line 33 Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted October 22, 2013 Share Posted October 22, 2013 Did you copy and paste my code correctly? I have copied and pasted it and I get no syntax errors for line 33 echo '<td><input type="text" name="name" value="' . $record['Name'] . '" /></td>'; Quote Link to comment Share on other sites More sharing options...
Strychnine Posted October 22, 2013 Share Posted October 22, 2013 (edited) The loop should be as followed: while($row = mysqli_fetch_array($result)) { echo '<form action="index1.php" method="post">'; echo '<tr>'; echo '<td><input type="text" name="name" value="' . $row['Name'] . '" /></td>'; echo '<td><input type="text" name="address" value="' . $row['Address'] . '" /></td>'; echo '<td><input type="hidden" name="hidden" value="' . $row['hidden'] . '" /></td>'; echo '<td><input type="submit" name="update" value="update" /></td>'; echo '</form>'; } $record was being used for data but there was no assignment of the variable, you were using $row on the result. Edited October 22, 2013 by Strychnine Quote Link to comment Share on other sites More sharing options...
spanner206 Posted October 22, 2013 Author Share Posted October 22, 2013 YES, GET IN, CHEERS FOR EVERYONES HELP :D :D :D :D Quote Link to comment Share on other sites More sharing options...
spanner206 Posted October 22, 2013 Author Share Posted October 22, 2013 actually scratch that when i press update these messages comes up. ( ! ) Notice: Undefined index: Name in C:\wamp\www\Index1.php on line 12 Call Stack # Time Memory Function Location 1 0.0000 146432 {main}( ) ..\Index1.php:0 ( ! ) Notice: Undefined index: Address in C:\wamp\www\Index1.php on line 13 Call Stack # Time Memory Function Location 1 0.0000 146432 {main}( ) ..\Index1.php:0 Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted October 22, 2013 Share Posted October 22, 2013 In the form code I changed the field names to all lowercase, to get the name use $_POST['name'] for address use $_POST['address']. Are you using my code as it is in reply #4? Quote Link to comment Share on other sites More sharing options...
spanner206 Posted October 22, 2013 Author Share Posted October 22, 2013 yh sorry about that i was playing around trying to figure it out but now ive changed it back im getting no error messages but the update button is more like a reset because when i press it it resets the changes i make to the records, any ideas?? Quote Link to comment Share on other sites More sharing options...
Solution Barand Posted October 22, 2013 Solution Share Posted October 22, 2013 (edited) $UpdateQuery = "UPDATE tbl_contactinfo SET Name='$name', Address='address' WHERE Name='$hidden'"; Name='address' should be Name='$address' Edited October 22, 2013 by Barand Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.