James Hayes James Hayes - 7 months ago 8
HTML Question

MYSQL and PHP database update wont update database

I am having an issue trying update the database with a form.

So, my issue is when I click on update nothing happens. The database doesn't update.

Another issue is when i use POST in my form and SQL query. It doesn't pull the information through to the edit page, it is blank.

I'm sorry if this hard to read etc. but this is my first time posting. Also, I know there is security flaws in my GET/POST queries I'm just trying to get the thing to work before I start using the prepared statements or whatever they are called.

FYI, if I echo the query and define a if/else statement, I can see it doesn't work but I just don't know why. I have spent 3 days on this and change the code so many times using examples I have found on the internet.


Index.php


<?php

$servername = "localhost";
$username = "***";
$password = "****";
$dbname = "****";

$link = new mysqli("$servername", "$username", "$password", "$dbname");

if ($link->connect_error) {
die("Connection failed: " . $link->connect_error);
}
echo "Connected successfully";


mysqli_select_db($link,"jamesrph_myphp");


$sql = "SELECT * FROM article";

$result = mysqli_query($link,$sql);

$id = 'id';
$title = 'title';


?>
<html>
<head>

<link rel="stylesheet" type="text/css" href="style.css"/>
<title>PHP </title>

</head>

<body>

<h1> My title </h1>

<table>

<tr>
<?php
while($row=mysqli_fetch_array($result)){

?>
<td><?php echo $row["title"]; ?> </td>

<td><a href="article_detail.php?id=<?php echo $row["id"]; ?>">Read More</a></td>

<td><a href="edit.php?id=<?php echo $row["id"]; ?>">Edit</a></td>

</tr>
<?php
}
?>
</table>
</body>
</html>



edit.php


<?php

$link = mysqli_connect("localhost","******","******", "*****");

$query = "SELECT * FROM article WHERE id=".mysqli_real_escape_string($link, $_GET['id'])." LIMIT 1";

$result = mysqli_query($link,$query);

$row = mysqli_fetch_array($result);


$title = $row['title'];

$content = $row['content'];

?>

<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css"/>
</head>
<body>


<p> Edit Article </p>

<form method="get" action="processarticle.php">

<input type="hidden" name="id" value="<?php echo $row["id"]; ?>" />

<input id="titlearea" type="text" name="title" value="<?php echo $row["title"]; ?>"/>

<textarea id="contentarea" name="content" rows="10" cols="40"><?php echo $row["content"];?></textarea>

<input type="submit" name="submit" id="update_article"/>

</form>
</body>

</html>



processarticle.php


<<?php
//Database Connection
include 'connection.php';
//Get ID from Database
if(isset($_GET['edit_id'])){
$sql = "SELECT * FROM article WHERE id =" .$_GET['edit_id'];
$result = mysqli_query($link, $sql);
$row = mysqli_fetch_array($result);
}
//Update Information
if(isset($_POST['btn-update'])){
$title = $_POST['title'];
$content = $_POST['content'];
$id = $_POST['id'];
$update = "UPDATE article SET title=?, content=? WHERE id=?";
$up = mysqli_query($link, $update);

if($stmt = $mysqli->prepare($update)){
$stmt->bind_param("ssi" ,$title ,$content ,$id);
$stmt->excute();
}
header("location: disp.php");
}
?>

Answer

Ok your edit.php form has a GET method, yet you are using POST variables in you processarticle.php and you have a GET variable in there.

Lets just say a form can only do one thing either GET or POST

The URL you specified in your form then will access either GET or POST variables based on form method

So if you want to update your article based off your form first lets look at the id = this should be $POST['id'] the hidden field in your form, not that hidden though

$update = "UPDATE article SET title='$title', content='$content' WHERE id=". $_POST['id'];

The more I look at this the more this is going to turn in to a 3 part mini series

Ok on your processarticle.php for starters I would use a prepared statement for the update http://php.net/manual/en/mysqli.prepare.php

process.php

//Update Information
if(isset($_POST['Update_Article'])){
$title = $_POST['title'];
$content = $_POST['content'];
$id = $_POST['id'];

$SQL = "UPDATE
        article 
        SET title=?, content=?    
        WHERE id=?";

if ($stmt = $mysqli->prepare($SQL)) { 
     $stmt->bind_param("sss", $title ,$content ,$id );
     $stmt->execute();  
}
}

Start here http://www.w3schools.com/php/default.asp and go from crawling to walking Honest to god work through that from top to bottom then go here https://symfony.com/ and hope in a F1 Car

Then try http://www.w3schools.com/bootstrap/default.asp because you are going to want your page to look cool

Comments