开发者

Problem updating sql database using PHP

问答 作者:

i am having some urgent problem with my UPDATE command in PHP.

The thing is, whenever i update my data in PHP, it does not flow to the mySQL Database and thus no changes were made even though it still goes back to the 'edit_event.php' (This is the page where my list of added events would be)

Also, another problem is, how should i transfer my data so that whenever i click 'edit' in 'edit_event.php' , my information can be seen in the respective textfields in 'update_form.php'?

Thank you so much in advance!! Really appreciate it!

This is the update_form.php:

//Update_form.php

    <title>Update Form</title>
</head>

<body>
<?
$host = 'localhost';
$dbusername='root';
$dbpassword='';
$database='mp19';


// Connect to server and select database.
mysql_connect('localhost', 'root', '')or die("cannot connect"); 
mysql_select_db("mp19")or die("cannot select DB");

// get value of id that sent from address bar
$ID=$_GET['ID'];


// Retrieve data from database 
$query="SELECT * FROM events WHERE ID='$ID'";
$result=mysql_query($query);

$rows=mysql_fetch_array($result);

?>

<script type="text/javascript">

function show_alert () 
{

if (document.getElementById('e.title').value.length=="0")
{
alert ("ERROR! You cannot leave the event title blank!")
return false;
}

else if (document.getElementById('content').value.length=="0") 
{
alert ("ERROR! You cannot leave the description blank!")
return false;
}

else if (document.getElementById('venue').value.length=="0")
{
alert ("ERROR! You cannot leave the venue blank!")
return false;
}

else if (document.getElementById('month').value=="0") 
{
alert ("ERROR! You cannot leave the month blank!")
return false;
}

else if (document.getElementById('date').value=="0") 
{
alert ("ERROR! You cannot leave the day blank!")
return false;
}

else if (document.getElementById('year').value=="0") 
{
alert ("ERROR! You cannot leave the year blank!")
return false;
}

else 
{

    return true;
}
}
</script>

<form id="update" onSubmit="return show_alert();" name="update" method="post" action="update_entry_now.php">
  <h2><strong>Update Form</strong></h2>


  <table width="390" border="1">
    <tr>
      <td  width="82"><strong>Event Title:</strong></td>
      <td  width="292"><label for="e.title"></label>
      <input name="e.title" type="text" id="e.title" value= <? echo $rows['e.title']; ?>></td>
    </tr>
    <tr>
      <td ><strong>Description:</strong></td>
      <td ><label for="description"></label>
      <textarea name="description" id="content" cols="45" rows="5" value= <? echo $rows['content']; ?>></textarea></td>
    </tr>
    <tr>
      <td ><strong>Venue:</strong></td>
      <td ><input type="text" name="venue" id="venue" value= <? echo $rows['venue']; ?>></td>
    </tr>
    <tr>
      <td ><strong>Date:</strong></td>
      <td ><select name="date" size="1" id="event_date" value= <? echo $rows['event_date']; ?>> 
        <option value="0">Day</option>
      <option>1</option>
      <option>2</option>
      <option>3</option>
      <option>4</option>
      <option>5</option>
      <option>6</option>
      <option>7</option>
      <option>8</option>
      <option>9</option>
      <option>10</option>
      <option>11</option>
      <option>12</option>
      <option>13</option>
      <option>14</option>
      <option>15</option>
      <option>16</option>
      <option>17</option>
      <option>18</option>
      <option>19</option>
      <option>20</option>
      <option>21</option>
      <option>22</option>
      <option>23</option>
      <option>24</option>
      <option>25</option>
      <option>26</option>
      <option>27</option>
      <option>28</option>
      <option>29</option>
      <option>30</option>
      <option>31</开发者_运维百科option>
    </select>
        <select name="month" size="1" id="month">
          <option value="0">Month</option>
          <option>1</option>
          <option>2</option>
          <option>3</option>
          <option>4</option>
          <option>5</option>
          <option>6</option>
          <option>7</option>
          <option>8</option>
          <option>9</option>
          <option>10</option>
          <option>11</option>
          <option>12</option>
        </select>
    <select name="year" size="1" id="year">
      <option value="0">Year</option>
      <option>2011</option>
      <option>2012</option>
    </select>
      </td>
    </tr>
    <tr>
      <td >&nbsp;</td>

      <td >
     <input type="hidden" name="ID" method="post" value="<? echo $row['ID']; ?>" />
      <input type="submit" name="submit" id="submit" value="Submit">
      <input type="reset" name="Reset" id="button" value="Reset" /></td>
    </tr>
  </table>
</form>

</body>
</html>

This is the update_entry_now.php:

//update_entry_now.php

<?
 session_start();
$host = 'localhost';
$dbusername='root';
$dbpassword='';
$database='mp19';

$link = mysql_connect('localhost', 'root', '');
if (!$link)
  {
  die('Could not connect: ' . mysql_error());
  }

$_SESSION['username'] = $admin;
$_SESSION['password'] = $password; 

$ID = $_POST['ID'];
    $content = $_POST['content'];
    $event_date = $_POST['event_date'];
    $venue = $_POST['venue'];

$db_selected =mysql_select_db('mp19', $link);
$query = "UPDATE events SET content = '$content', event_date = '$event_date', venue = '$venue' WHERE ID = '$ID' LIMIT 1";

$result = mysql_query($query,$link);

if (!mysql_query($query,$link))
  {
  die('Error: ' . mysql_error());
  }
header ('Location:edit_events.php');

mysql_close();
?>

This is the edit_events.php:

//edit_events.php

<?
 session_start();
$host = 'localhost';
$dbusername='root';
$dbpassword='';
$database='mp19';

$link = mysql_connect('localhost', 'root', '');
if (!$link)
  {
  die('Could not connect: ' . mysql_error());
  }

$_SESSION['username'] = $admin;
$_SESSION['password'] = $password; 

    $day = $_POST['day'];
    $month=$_POST['month'];
    $year = $_POST['year'];

$event_date = $day.'-'.$month.'-'.$year;

$db_selected =mysql_select_db('mp19', $link);
$query = "SELECT * FROM events ORDER BY '$event_date' DESC";    
$result = mysql_query($query,$link);

?>

 <table width="1500" border="1">
      <tr>
        <td><div align="center">Event ID</td>
        <td><div align="center">Admin No.</td>
        <td><div align="center">Name</td>
        <td><div align="center">Event Title</td>
        <td><div align="center">Content</td>
        <td><div align="center">Venue</td>
        <td><div align="center">Event Date</td>
        <td>&nbsp;</td>
        <td>&nbsp;</td>
      </tr>
      <tr>
      <?


$i = 1;
while($row = mysql_fetch_assoc($result))
{

?>


        <td width="59"><div align="center"> <?= $i; ?></td>
        <td width="153"><div align="center"><?= $row['ID']; ?></td>
        <td width="200"><div align="center"><?= $row['name']; ?></td>
        <td width="191"><div align="left"><?= $row['e.title']; ?></td>
        <td width="220"><div align="left"><?= $row['content']; ?></td>
        <td width="143"><div align="left"><?= $row['venue']; ?></td>
        <td width="132"><div align="left"><?= $row['event_date'];?></td>
<td width="70"><div align="center"><a href="update_form.php?e.id=<?php echo $i; ?>">Edit</a></td>
<td width="70"><div align="center"><a href="delete_entry_now.php?ID=<?php echo $row['ID']; ?>">Delete</a></td>
      </tr>
<? 
$i++;
}

mysql_close(); ?>
  </table>

Your form fields are not named the same as the keys you're reading from $_POST. That's probably why the values aren't making it to your database.

You should also go through and clean up your code. You have lots of unused variables, inconsistent formatting, you run the update query twice every time the form is submitted, etc.

Your code is susceptible to SQL injection attacks, as you don't call mysql_real_escape_string on any of the input before putting it in the query. Aside from being dangerous, it'll simply break your site as soon as someone puts a single quote mark into one of the form inputs.

Your queries also contain numerous logic errors that won't cause them to fail, but will cause them to do unexpected things. You have put single quotes around numeric values that shouldn't be quoted, and on your last code snippet you are ordering the results by a literal string instead of a column name. I'm not sure if you intended that to sort the results by date, or to filter the results by date, but either way it's not doing anything but randomly ordering your results.

For your first problem that why data is not showing in respect fields in update_form.php. when you want to show data in textbox then show like this

<input name="e.title" type="text" id="e.title" value"= <?php echo $rows['e.title']; ?">>

You are missing two things one you are not placing double quotes(" ") after value and also you are not starting php tag in value section properly. if you want to show data in textarea then you should show the data after closing the textarea tag and before </textare> like this

<textarea name="description" id="content" cols="45" rows="5"><?php echo $rows['content']; ?>

and for the select you should generate your options through loop rather than writing each option.like this

<select name="date"> <?php for($i=1;$i<32;$i++) { if($row['date']==$i) $selected='selected'; else $selected=''; echo('<option value="'.$i.'"'.$selected.'>'.$i.'</option>'); } ?> </select>

继续阅读:databasephptextfield

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9