PHP - Trouble Updating Database From Form
Hey guys, I have made an admin page for a game Im working on to quickly allow me to update many aspects of the game. My form is sending the correct data because i can echo the $_post but for some reason it isnt updating my database. I just get a blank white page. Could anyone see what i have done wrong. Thanks
Code: [Select] <?php require($DOCUMENT_ROOT . "/game/includes/connection.php"); require($DOCUMENT_ROOT . "/game/includes/settings.php"); ?> <?php $name = $_POST['admin_name']; $img = $_POST['admin_img']; $current_hp = $_POST['admin_current_hp']; $max_hp = $_POST['admin_max_hp']; $current_energy = $_POST['admin_current_energy']; $max_energy = $_POST['admin_max_energy']; $level = $_POST['admin_level']; $exp_total = $_POST['admin_exp_total']; $exp = $_POST['admin_exp']; $exp_level = $_POST['admin_exp_level']; $pos_x = $_POST['admin_pos_x']; $pos_y = $_POST['admin_pos_y']; $potion = $_POST['admin_potion']; $ether = $_POST['admin_ether']; $elixir = $_POST['admin_elixir']; $zenni = $_POST['admin_zenni']; $sector = $_POST['admin_sector']; $battle = $_POST['admin_battle']; ?> <?php $sql_1 = "UPDATE game_character SET name='$name', img='$img', current_hp='$current_hp', max_hp='$max_hp', current energy='$current_energy', max_energy='$max_energy', level='$level', exp_total='$exp_total', exp='$exp', exp_level='$exp_level', pos_x='$pos_x', pos_y='$pos_y', potion='$potion', ether='$ether', elixir='$elixir', zenni='$zenni' WHERE id=1"; $sql_2 = "UPDATE game_status SET sector='$sector', battle='$battle' WHERE id=1"; $statement_1 = $dbh->prepare($sql_1); $statement_2 = $dbh->prepare($sql_2); $statement_1->execute(); $statement_2->execute(); ?> <SCRIPT LANGUAGE="JavaScript"> redirTime = "1"; redirURL = "<?php echo $r_admin ?>"; function redirTimer() { self.setTimeout("self.location.href = redirURL;",redirTime); } </script> <BODY onLoad="redirTimer()"> Similar TutorialsHello Everyone, I am pretty new to the forums and was curious if i could get some help here. Basically, in a nutshell, i have PayPal integrated into my website. I will use this to collect money from clients. when a client logs into his/her account they see their balance (which is pulled from the database to correspond with the user that's logged-in). Now, everytime a payment is submitted a notify_url is contacted after payment has been verified, that notify_url is the code written below. What I am trying to execute here is when this notify_url is called the current balance is reduced from the amount paid through paypal. In the second If condition, you will see that the word success is being entered into the paypal.txt file, which is working perfectly fine. Now, you will also see the variable $update_balance; which is suppose to update the original balance with the balance paid through PayPal BUT IT'S NOT!! WHY?? LOL Thank You in advance! <?php ob_start(); session_start(); include_once ('/home/rdewebde/public_html/includes/paypal.php'); $myPaypal = new Paypal(); $myPaypal->ipnLog = TRUE; include_once "/home/rdewebde/public_html/includes/_config.php"; $username = "".$_SESSION['username'].""; $users_data = mysql_query("SELECT * FROM `members` WHERE `username`='".$username."'"); $user_info = mysql_fetch_array($users_data); $current_amount = $user_info['balance']; $deduct_amount = $myPaypal->ipnData['payment_gross']; $new_amount = $current_amount - $deduct_amount; $update_balance = mysql_query("UPDATE `members` SET `balance` = '$new_amount' WHERE `username` = '".$username."'"); if ($myPaypal->validateIpn()) { if ($myPaypal->ipnData['payment_status'] == 'Completed') { $update_balance; file_put_contents('/home/rdewebde/public_html/lounge/paypal.txt', 'SUCCESS'); } else { file_put_contents('/home/rdewebde/public_html/lounge/paypal.txt', "FAILURE\n\n" . $myPaypal->ipnData); } } ?> Code: [Select] <?php $host="xxxx"; // Host name $username="xxxx"; // Mysql username $password="xxxx"; // Mysql password $db_name="xxxx"; // Database name $tbl_name="xxxx"; // Table name // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // get value of id that sent from address bar $model_id=$_GET['model_id']; // Retrieve data from database $sql="SELECT model_id, model_name, location, email_1 FROM $tbl_name WHERE model_id='$model_id'"; $result=mysql_query($sql); $rows=mysql_fetch_array($result); ?> <table width="400" border="0" cellspacing="1" cellpadding="0"> <tr> <form name="form1" method="post" action="updated.php"> <td> <table width="100%" border="0" cellspacing="1" cellpadding="0"> <tr> <td> </td> <td colspan="3"><strong>Update data in mysql</strong> </td> </tr> <tr> <td align="center"> </td> <td align="center"> </td> <td align="center"> </td> <td align="center"> </td> </tr> <tr> <td align="center"> </td> <td align="center"><strong>Name</strong></td> <td align="center"><strong>Location</strong></td> <td align="center"><strong>Email</strong></td> </tr> <tr> <td> </td> <td align="center"><input name="name" type="text" id="name" value="<? echo $rows['model_name']; ?>"></td> <td align="center"><input name="location" type="text" id="location" value="<? echo $rows['location']; ?>"></td> <td><input name="email" type="text" id="email" value="<? echo $rows['email_1']; ?>"></td> </tr> <tr> <td> </td> <td><input name="id" type="hidden" id="id" value="<? echo $rows['model_id']; ?>"></td> <td align="center"><input type="submit" name="Submit" value="Submit"></td> <td> </td> </tr> </table> </td> </form> </tr> </table> <? // close connection mysql_close(); ?> This is the part that isn't working Code: [Select] <td align="center"><input name="name" type="text" id="name" value="<? echo $rows['model_name']; ?>"></td> <td align="center"><input name="location" type="text" id="location" value="<? echo $rows['location']; ?>"></td> <td><input name="email" type="text" id="email" value="<? echo $rows['email_1']; ?>"></td> The echo values aren't being fetched and left blank when I run the script. Any ideas? Hi I making some forms that write to mysql database, Im now in the process of making the update form so the user can update there details on the form, I want it to populate the form with existing data but its not doing it at all. Thanks in advance
Attached Files
delete.php 210bytes
2 downloads
modify.php 4.03KB
4 downloads
index.php 473bytes
3 downloads Hi All, I've searched long and hard accross the web for an answer to this and finnally given in and requesting help. Here's what i have, i have a database setup and working fine. What i would like to do is for an administrator to be able to update my users details. It may sound odd, why don't you let your users update their own details? Well the administrators are dispatchers if you like, and my users are the 'dispatchees', for want of a better word. So i would like my administrators to be able to dispatch my users with routes and my users be able to see the routes that have been dispatched to them. I've setup a login area and a page that pulls there routes off the database, depending on their login details, i.e. jack will see his routes and jill will see her's independantly. This works by me editing the appropriate columns/rows of my database using phpmyadmin. What i'd like now is for administrators (who are directed to a seperate page, with more controls) to be able to do the same as me (updating the database) but by using a php form/script. I'd like to be able to select the routes from a second table on the same database if possible, to try and keep everything tidy. So my dispatcher would select Route001 from a drop down list, this would fill in the text fields next to the route field with From To, so my dispatcher would know what route001 actually is from/ too, choose a username (now being driven from my other table) and hit dispatch. My user would login to their area, hit view dispatched routes and it would display Route 001 with the correct information. The login area was a downloaded script i modified to suit and is called Login-Redirect_v1.31_FULL Many thanks in advance, hope you can sort of understand what i want Josh PHP/MySQL ability:Novice ok it updates the posts table , but not the notifications table , helP! Code: [Select] <?php include("../includes.php"); $session =$logOptions_id; if($session) { $id = $_POST['id']; if(!$id) { $id = $session; } $post = mysql_real_escape_string($_POST['post']); $date = mktime(); $action_type = 0; mysql_query("INSERT INTO posts SET to_id='$id',from_id='$session',post='$post',type='$action_type',date='$date'"); $post_id = mysql_insert_id(); $query = mysql_query("SELECT id,to_id,from_id,post,type,state,date FROM posts WHERE id='$post_id' AND state='0' ORDER BY id DESC LIMIT 15"); print posts($query, "newPost"); if($id!=$session) { mysql_query("INSERT INTO notifications SET user_id='$id', from_id='$session', post_id='$post_id', action_type='$action_type', date='$date'"); } } ?> Hey all, I've recently been coding a Bank for my game in which users can desposit there money into. But while coding it I've came though a few errors in which I carn't seem to sort <?php session_start(); include_once ("includes/functions.php"); include ("includes/config.php"); require ("crewtop.php"); logincheck(); ini_set ('display_errors', 1); error_reporting (E_ALL); $username = $_SESSION['username']; $getuser = mysql_query("SELECT * FROM users WHERE username='$username'"); $user = mysql_fetch_object($getuser); $themembers = mysql_query("SELECT * FROM users WHERE crew = '$user->crew'"); $ammoutmembers = mysql_num_rows($themembers); $crew = mysql_query("SELECT * FROM crews WHERE name = '$user->crew'"); $crewstuff = mysql_fetch_object($crew); // Got everything needed.... if ($_POST['desposit']){ $desposit = strip_tags($_POST['desposit']); if ($desposit > $user->money){ // *** This Line *** echo ("You haven't got that much Money to Desposit!"); }elseif ($desposit <= $user->money){ if (ereg('[^0-9]',$desposit)){ echo ("Invalid Numbers Posted!"); }elseif(!ereg('[^0-9]',$desposit)){ mysql_query("UPDATE crews SET bank=bank+$desposit WHERE name='$user->crew'"); mysql_query("UPDATE users SET money=money-$desposit WHERE username='$username'"); echo ('You successfully Deposited £".number_format($desposit)."!'); } } } /* Deposit done - Now Withdraw... */ if ($_POST['withdraw']){ $withdraw = strip_tags($_POST['withdraw']); if ($withdraw > $crewstuff->bank){ // *** This Line *** echo ("You don't have that much Money in the Bank!"); }elseif ($withdraw <= $crewstuff->bank){ if (ereg('[^0-9]',$withdraw)){ echo "Invalid Numbers Posted!"; }elseif(!ereg('[^0-9]',$withdraw)){ $leftinbank = $crewstuff->bank - $withdraw; mysql_query("UPDATE crews SET bank=bank-$withdraw WHERE name='$user->crew'"); mysql_query("UPDATE users SET money=money+$withdraw WHERE username='$username'"); echo ('£".number_format($withdraw)." has been Withdraw from the Crew Bank!'); } } } // Withdraw done! ?> <html> <head> <title>Crew Bank || SD</title> <link rel="stylesheet" href="style.css" type="text/css"> </head> <body class='body'> <form action='' method='POST' name='crewbank'> <?php echo ("$username , $user->money"); ?> <?php if ($username != $crewstuff->boss || $username != $crewstuff->coowner || $username != $crewstuff->underboss || $username == $crewstuff->recruiter || $username == $crewstuff->recruiterone || $crewstuff->boss == $username || $crewstuff->coowner == $username || $crewstuff->underboss == $username){ ?> <table width='50%' cellpadding='0' cellspacing='0' border='1' class='table' colspan='2' align='center'> <tr> <td class='header' align='center' colspan='2'>Crew Bank</td> </tr> <tr> <td class='omg' colspan='2' align='center'>You Have <strong>£<?php echo "".number_format($crewstuff->bank).""; ?></strong> in the Crew Bank!</td> </tr> <tr> <td align='center' width='50%'>Deposit:</td><td align='center' width='50%'><input type='text' name='desposit' class='input' id='desposit'></td> </tr> <tr> <td align='center' colspan='2' align='center'><input type='submit' name='desposit' class='button' id='despositmoney' Value='Deposit!'></td> </tr> <?php } // Boss ?> </table> <br /> <?php if ($crewstuff->boss == $username || $crewstuff->coowner == $username || $crewstuff->underboss == $username){ ?> <table width='50%' cellpadding='0' cellspacing='0' border='1' class='table' colspan='2' align='center'> <tr> <td class='header' align='center' colspan='2'>Crew Bank - Withdraw</td> </tr> <tr> <td class='omg' align='center' colspan='2'>You carn't Withdraw more Money then there is in your Bank!</td> </tr> </tr> <tr> <td align='center' width='50%'>Withdraw:</td><td width='50%' align='center'><input type='text' name='withdraw' class='input' id='withdraw'></td> </tr> <tr> <td align='center' colspan='2' align='center'><input type='submit' name='withdraw' class='button' id='withdrawmoney' Value='Withdraw!'></td> </tr> </table> <?php } // Boss .. Underboss ?> </form> </body> </html> The two lines with the Comments on " // *** This Line *** " are the parts I've got a problem with. When a User is either despositing or Withdrawing there money it says there isn't enouth Money in the Bank, or that they don't have enouth Money, even when they have enouth. Anyone see why its saying the Error? Thanks in advance do you see anything wrong with this update code? i am having trouble setting the acntStatus=1. Code: [Select] <?php mysql_select_db($database_uploader, $uploader); $query = "SELECT * FROM members WHERE uname='$_SESSION[user]'"; $result = mysql_query($query) or die(mysql_error()); if (mysql_num_rows($result) > 0) { $row = mysql_fetch_array($result) or die(mysql_error()); $usedSpace = $row['bandwhitch']; $acntType = $row['acntType']; if ($acntType == 1) { $totalSpace = 500; } else { $totalSpace = 250; } if($usedSpace > $totalSpace) { echo "There is something wrong with your account. Please contact us!"; $usageError = true; mysql_query(sprintf("UPDATE members SET acntStatus='%s' WHERE uname='%d'", mysql_real_escape_string(1), $_SESSION['user'])) or die(mysql_error()); mysql_close($con); } $usagePercent = (round(($usedSpace/$totalSpace), 2)) * 100; // Convert to percentage } ?> why does this code not update database.....any errors you see off the bat? none of the messages are displaying for whether it posts or not......so I think there is something wrong with posting or a loop or something. Code: [Select] <?php session_start(); include "config2.php"; if (!isset($_SESSION['id'])) { echo 'Please <a href="login.php">log in</a> to access your account'; exit(); } //Connect to the database through our include include_once "connect_to_mysql.php"; // Place Session variable 'id' into local variable $userid = $_SESSION['id']; ?> <?php //action: view users ----------------------------------------------------------------------------- if (isset($_GET['viewUsers'])) { //get all active users $query = "SELECT name, username, phone, address, city, state, zip, cell, email, accounttype, badges, password, rank, userid FROM members WHERE userid=userid"; $rs = mysql_query($query); ?> <table width="563" border='1'> <tr> <th width="54">Name</th><th width="84">Username</th><th width="47">Email</th> <th width="148">Access Level</th> <th width="105"> </th> <th width="85"> </th> </tr> <?php //show the users while ($row = mysql_fetch_assoc($rs)) { ?> <tr> <td><?php echo $row['name'];?></td> <td><?php echo $row['username'];?></td> <td><?php echo $row['email'];?></td> <td><?php echo $row['accounttype']?></td> <td> </td> <td><a href='admin.php?edit&id=<?php echo $row['userid'];?>'>Edit</a>, <a href='admin.php?delete&id=<?php echo $row['userid'];?>'>Delete</a></td> </tr> <?php } ?> </table> <?php } //action: edit user ----------------------------------------------------------------------------- if (isset($_GET['edit']) && isset($_GET['id'])) { $userid = (int) $_GET['id']; if ($userid == 0) { die("Invalid ID provided."); } //execution when completed the edit user form and pressed submit button --------------------- if (isset($_POST['editUser'])) { //validate data ------------------------------------------------------------------------ //check empty fields $notRequired = array("email","phone","address", "city", "state","zip","cell" ); //passwords won't be checked, as they are not required foreach ($_POST as $k=>$v) { if ($v == "" && !in_array($k,$notRequired)) { $error[$k] = "<strong>This field is empty</strong>"; } } //escape string $name = "mysql_real_escape_string{$_POST['fname']} {$_POST['last']}"; $phone = mysql_real_escape_string($_POST['phone']); $address = mysql_real_escape_string($_POST['address']); $city = mysql_real_escape_string($_POST['city']); $state = mysql_real_escape_string($_POST['state']); $zip = mysql_real_escape_string($_POST['zip']); $email = mysql_real_escape_string($_POST['email']); $cell = mysql_real_escape_string($_POST['cell']); $username = mysql_real_escape_string($_POST['username']); $last = mysql_real_escape_string($_POST['last']); $first = mysql_real_escape_string($_POST['fname']); //check email validation, the function is available at config.php //check username exists in database $res = mysql_query("SELECT username FROM members WHERE username='".$username."' AND username != '".$username."'"); if (mysql_num_rows($res) == 1) { $error['username'] .= " <strong>Username already existst in database!</strong>"; } //check both passwords are the same when password fields are not empty //end validate data --------------------------------------------------------------------- //save to database when no errors are detected ------------------------------------------ if (count($error) == 0) { $query = "UPDATE members SET username='$username', email='$email', name='".$name."', phone='".$phone."',address='".$address."', city='".$city."',state='".$state."', zip='".$zip."',cell='".$cell."',badges='".$badges."', rank='".$rank."', first='".$first."', last='".$last."' WHERE userid='".$_GET['userid']."'"; $query1 = "UPDATE sessions SET username='".$username."', email='".$email."',name='".$name."', phone='".$phone."',address='".$address."', city='".$city."',state='".$state."', zip='".$zip."',cell='".$cell."',badges='".$badges."', rank='".$rank."' WHERE id='".$userid."'"; //update username session if you edit yourself if ($userid == $_SESSION['auth_admin_userid']) { $_SESSION['auth_admin_username'] = $username; } if (mysql_query($query)|| mysql_query($query1)) { echo "<p><strong>User has been edited and saved to the database.</strong></p>"; } else { echo "<strong>User has NOT been edited and saved into the database. ".mysql_error()."</strong>"; } } } //get user from the database and put data into $_POST variables. $rs = mysql_query("SELECT first, last, username, phone, address, city, state, zip, cell, email, badges, rank, accounttype FROM members WHERE userid = ".$userid.""); if (mysql_num_rows($rs) == 0) { die("User does not exists!"); } $row = mysql_fetch_assoc($rs); $_POST['fname'] = $row['first']; $_POST['last'] = $row['last']; $_POST['username'] = $row['username']; $_POST['phone'] = $row['phone']; $_POST['address'] = $row['address']; $_POST['city'] = $row['city']; $_POST['state'] = $row['state']; $_POST['zip'] = $row['zip']; $_POST['cell'] = $row['cell']; $_POST['email'] = $row['email']; $_POST['badges'] = $row['badges']; $_POST['rank'] = $row['rank']; $_POST['accounttype'] = $row['accounttype']; //if is admin, then $_POST['admin'] exists ?> <form action="admin.php?edit&id=<?php echo $userid; ?>" method="post"> <div id="TabbedPanels1" class="TabbedPanels"> <ul class="TabbedPanelsTabGroup"> <li class="TabbedPanelsTab" tabindex="0">My Info</li> <li class="TabbedPanelsTab" tabindex="0">Merit Badges</li> <li class="TabbedPanelsTab" tabindex="0">Scout Rank</li> </ul> <div class="TabbedPanelsContentGroup"> <div class="TabbedPanelsContent"> <table align="center" cellpadding="8" cellspacing="8"> <tr> <td><div align="right">First Name:</div></td> <td> <input type="text" name="name" value='<?php echo $_POST['fname'];?>' /> <?php echo(isset($error['fname']))?$error['fname']:"";?></td> </tr> <tr> <td><div align="right">Last Name:</div></td> <td> <input type="text" name="name" value='<?php echo $_POST['last'];?>' /> <?php echo(isset($error['last']))?$error['last']:"";?></td> </tr> <tr> <td><div>Phone Number:</div></td> <td><input type="text" name="phone" value='<?php echo $_POST['phone'];?>' /> <?php echo(isset($error['phone']))?$error['phone']:"";?></td> </tr> <tr> <td><div align="right">Address:</div></td> <td><input type="text" name="address" value='<?php echo $_POST['address'];?>' /> <?php echo(isset($error['address']))?$error['address']:"";?></td> </tr> <tr> <td><div align="right">City:</div></td> <td><input type="text" name="city" value='<?php echo $_POST['city'];?>' /> <?php echo(isset($error['city']))?$error['city']:"";?></td> </tr> <tr> <td><div align="right">State:</div></td> <td><input type="text" name="state" value='<?php echo $_POST['state'];?>' /> <?php echo(isset($error['state']))?$error['state']:"";?></td> </tr> <tr> <td><div align="right">Zip Code:</div></td> <td><input type="text" name="zip" value='<?php echo $_POST['zip'];?>' /> <?php echo(isset($error['zip']))?$error['zip']:"";?></td> </tr> <tr> <td><div align="right">Email:</div></td> <td> <input type="text" name="email" value='<?php echo $_POST['email'];?>' /> <?php echo(isset($error['email']))?$error['email']:"";?></td> </tr> <tr> <td><div align="right">Cell Phone:</div></td> <td><input type="text" name="cell" value='<?php echo $_POST['cell'];?>' /> <?php echo(isset($error['cell']))?$error['cell']:"";?></td> </tr> <tr> <td class="aaaaaaa" align="right"><div>Username:</div></td> <td><label for="username"></label> <input type="text" name="username" value='<?php echo $_POST['username'];?>' /> <?php echo(isset($error['username']))?$error['username']:"";?> </td> </tr> <input name="userid" type="hidden" value="<?php echo $userid; ?>" /> </table> <p> </div> <div class="TabbedPanelsContent"> <label for="badges"></label> <input name="badges" type="text" id="badges" value='<?php echo $_POST['badges'];?>' /> <?php echo(isset($error['badges']))?$error['badges']:"";?> </div> <div class="TabbedPanelsContent"> <input name="rank" type="text" id="rank" value='<?php echo $_POST['rank'];?>' /> <?php echo(isset($error['rank']))?$error['rank']:"";?> </div> </div> </div> <input name="editUser" type="submit" value="Save" /> </form> <p> <script type="text/javascript"> var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1"); </script> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <p> </p> <?php } ?> <br /><br /> </div></div> <script type="text/javascript"> var MenuBar1 = new Spry.Widget.MenuBar("MenuBar1", {imgDown:"../SpryAssets/SpryMenuBarDownHover.gif", imgRight:"../SpryAssets/SpryMenuBarRightHover.gif"}); </script> Hello, I have been staring at my screen for the last couple of days and have finally run out of solutions. I have the code below where the data is generated form another page. The correct data is displayed but for some reason when I try to alter any data it does not work. I simply get the message, "Your profile has been successfully updated..." but nothing has been changed in the database. I think the code is not connecting to the correct table in the database.. I fail to see why this would be. Any help greatly appreciated. Code: [Select] <?php error_reporting(E_ALL); session_start(); ?> <?php require_once('appvars.php'); require_once('connectvars1.php'); // Connect to the database $dbc = mysqli_connect(DB_Host, DB_User, DB_Password, DB_Name); if (!isset($_GET['user_id'])) { $query = "SELECT * FROM antique WHERE user_id = '" . $_SESSION['user_id'] . "'"; } else { $query = "SELECT * FROM antique WHERE user_id = '" . $_GET['user_id'] . "'"; } $data = mysqli_query($dbc, $query); if (mysqli_num_rows($data) == 1) { $row = mysqli_fetch_array($data); } ?> <?php require_once('appvars.php'); require_once('connectvars1.php'); // Make sure the user is logged in before going any further. if (!isset($_SESSION['user_id'])) { echo '<p class="login">Please <a href="login1.php">log in</a> to access this page.</p>'; exit(); } // Connect to the database $dbc = mysqli_connect(DB_Host, DB_User, DB_Password, DB_Name); if (isset($_POST['submit'])) { // Grab the profile data from the POST $name = mysqli_real_escape_string($dbc, trim($_POST['name'])); $phone = mysqli_real_escape_string($dbc, trim($_POST['phone'])); $address1 = mysqli_real_escape_string($dbc, trim($_POST['address1'])); $address2 = mysqli_real_escape_string($dbc, trim($_POST['address2'])); $postcode = mysqli_real_escape_string($dbc, trim($_POST['postcode'])); $webadd = mysqli_real_escape_string($dbc, trim($_POST['webadd'])); $email = mysqli_real_escape_string($dbc, trim($_POST['email'])); $old_picture = mysqli_real_escape_string($dbc, trim($_POST['old_picture'])); $new_picture = mysqli_real_escape_string($dbc, trim($_FILES['new_picture']['name'])); $new_picture_type = $_FILES['new_picture']['type']; $new_picture_size = $_FILES['new_picture']['size']; $username = mysqli_real_escape_string($dbc, trim($_POST['username'])); $user_id = mysqli_real_escape_string($dbc, trim($_POST['user_id'])); if (!empty($_FILES['new_picture']['tmp_name'])) {list($new_picture_width, $new_picture_height) = getimagesize($_FILES['new_picture']['tmp_name']); } //list($new_picture_width, $new_picture_height) = getimagesize($_FILES['new_picture']['tmp_name']); $error = false; // Validate and move the uploaded picture file, if necessary if (!empty($new_picture)) { if ((($new_picture_type == 'image/gif') || ($new_picture_type == 'image/jpeg') || ($new_picture_type == 'image/pjpeg') || ($new_picture_type == 'image/png')) && ($new_picture_size > 0) && ($new_picture_size <= MM_MAXFILESIZE) && ($new_picture_width <= MM_MAXIMGWIDTH) && ($new_picture_height <= MM_MAXIMGHEIGHT)) { if ($_FILES['new_picture']['error'] == 0) { // Move the file to the target upload folder $target = MM_UPLOADPATH . basename($new_picture); if (move_uploaded_file($_FILES['new_picture']['tmp_name'], $target)) { // The new picture file move was successful, now make sure any old picture is deleted if (!empty($old_picture) && ($old_picture != $new_picture)) { } } else { // The new picture file move failed, so delete the temporary file and set the error flag @unlink($_FILES['new_picture']['tmp_name']); $error = true; echo '<p class="error">Sorry, there was a problem uploading your picture.</p>'; } } } else { // The new picture file is not valid, so delete the temporary file and set the error flag @unlink($_FILES['new_picture']['tmp_name']); $error = true; echo '<p class="error">Your picture must be a GIF, JPEG, or PNG image file no greater than ' . (MM_MAXFILESIZE / 1024) . ' KB and ' . MM_MAXIMGWIDTH . 'x' . MM_MAXIMGHEIGHT . ' pixels in size.</p>'; } } $error = false; // Update the profile data in the database if (!$error) { if (!empty($name)&& !empty($phone) && !empty($address1) && !empty($address2)) { // Only set the picture column if there is a new picture if (!empty($new_picture)) { //if (!empty($postcode)){ $query = "UPDATE antique SET name = '$name', phone = '$phone', address1 = '$address1', address2 = '$address2', postcode = '$postcode', " . " email = '$email', webadd = '$webadd', picture = '$new_picture', username = '$username' WHERE user_id = '" . $row['user_id'] ."'"; }} else { $query = "UPDATE antique SET name = '$name', phone = '$phone', address1 = '$address1', address2 = '$address2', postcode = '$postcode', " . " email = '$email', webadd = '$webadd', username = '$username' WHERE user_id = '" . $row['user_id'] ."'"; } mysqli_query($dbc, $query) or die("<br>Query $query<br>Failed with error: " . mysqli_error($dbc) . '<br>On line: ' . __LINE__); // Confirm success with the user echo '<p>Your profile has been successfully updated. Would you like to <a href="viewprofile4.php">view your profile</a>?</p>'; mysqli_close($dbc); exit(); } else { echo '<p class="error">You must enter all of the profile data (the picture is optional).</p>'; } } // End of check for form submission else { // Grab the profile data from the database $query="SELECT * FROM antique WHERE user_id= '" . $row['user_id'] . "'"; $data = mysqli_query($dbc, $query); $row = mysqli_fetch_array($data); if ($row != NULL) { $name = $row['name']; $phone = $row['phone']; $address1 = $row['address1']; $address2 = $row['address2']; $postcode = $row['postcode']; $email = $row['email']; $webadd = $row['webadd']; $old_picture = $row['picture']; $username = $_SESSION['username']; $user_id = $row['user_id']; } else { echo '<p class="error">There was a problem accessing your profile.</p>'; } } mysqli_close($dbc); ?> <form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo MM_MAXFILESIZE; ?>" /> <fieldset> <legend>Personal Information</legend> <label for="name">Name:</label> <input type="text" id="name" name="name" value="<?php if (!empty($name)) echo $name; ?>" /><br /> <label for="phone">Phone:</label> <input type="text" id="phone" name="phone" value="<?php if (!empty($phone)) echo $phone; ?>" /><br /> <label for="address1">Address1:</label> <input type="text" id="address1" name="address1" value="<?php if (!empty($address1)) echo $address1; ?>" /><br /> <label for="address2">Address2:</label> <input type="text" id="address2" name="address2" value="<?php if (!empty($address2)) echo $address2; ?>" /><br /> <label for="postcode">Postcode:</label> <input type="text" id="postcode" name="postcode" value="<?php if (!empty($postcode)) echo $postcode; ?>" /><br /> <label for="email">Email:</label> <input type="text" id="email" name="email" value="<?php if (!empty($email)) { echo $email; } else { echo 'No email entered';} ?>" /><br /> <label for="webadd">Web address:</label> <input type="text" id="webadd" name="webadd" value="<?php if (!empty($webadd)) { echo $webadd; } else { echo 'No web entered';} ?>" /><br /> <input type="hidden" name="old_picture" value="<?php if (!empty($old_picture)) echo $old_picture; ?>" /> <label for="new_picture">Pictu </label> <input type="file" id="new_picture" name="new_picture" /> <?php if (!empty($old_picture)) { echo '<img class="profile" src="' . MM_UPLOADPATH . $old_picture . '" alt="Profile Picture" style: height=100px;" />'; } ?> <br /> <label for="address2">username:</label> <input type="text" id="username" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br /> <label for="user_id">User ID:</label> <input type="text" id="user_id" name="user_id" value="<?php echo '' . $row['user_id'] . '' ; ?>" /><br /> </fieldset> <input type="submit" value="Save Profile" name="submit" /> </form> <?php echo('<p class="login">You are logged in as ' . $_SESSION['username'] . '. <a href="logout3.php">Log out</a>.</p>'); echo '<class = "label">USER ID: ' . $row['user_id'] . ''; ?> <p><a href="index.php">Return to homepage</a></p> <?php require_once('footer.php'); ?> </body> </html> Hi I am trying my first OOP update. I have it working exactly as I want except for one thing. For some reason if I try to update the database with the same information (every column exactly the same) it returns 0 affected rows. is there anyway of getting the database to update, even if all columns are exactly the same? Code: Code: [Select] $membershipID = Profile_membership::find_membership_ID($UID); $MID = $membershipID->id; $new_member = Profile_membership::make($MID, $UID, $acc_type, $membership, $upgradeL, $date, $dateUpgraded); if($new_member && $new_member->save()){ $flag = 1; }else{ $message .= "Error: Sorry, there was an error creating your membership. <br> Please try again<br>"; $flag = 0; } $new_member->save() will create the database entry if no ID exists, and will update if an ID does exist. So, I want the save() to return success. If it does, move on else give an error. However, I'm getting the error, if a user accidentally clicks submit, when no fields have been changed. I what it to still update, so $flag will be 1 Thanks i have this small problem trying to update the database.... what i have is a members site in which they can view a variety of topics, however i want the user to be able to say delete a topic they are not interested in but still keep that topic open to other users who have not blocked it I'm tying to figure out how to do this, i initially had the following code: $update_db = mysql_query("UPDATE topics SET view='2' WHERE topicID='$topicID'") or die(mysql_error()); I had it set to to 2 meaning that all the topics that were set to 1 were visible to the user, only those they blocked were set to 2 and only be blocked to those users who blocked them not everyone The problem with that was that it blocked it to everyone Can anyone help me? Hey guys, I've been doing a little bit of exerementing with PDO's and it seems I can't get it to update the database... I don't know why... Anyway here is the code: index.php Code: [Select] <?php /** * @author Jragon * @copyright 2011 */ require_once('includes/include.php'); $user = new user(); $user->newUser('Jragon', 'blenders', $DBH); echo '=D'; ?> /includes/connect.inc.php Code: [Select] <?php /** * @author Jragon * @copyright 2011 */ //Define connection details //host define('HOST', 'localhost'); //DataBase define('DB', 'rankometer'); //Username define('USER', 'root'); //Password define('PASS', ''); ?> /includes/connect.php Code: [Select] <?php /** * @author Jragon * @copyright 2011 */ //Include connection crap require_once('connect.inc.php'); //connect try { //new PDO $DBH = new PDO("mysql:host=" . HOST . ";dbname=" . DB, USER, PASS); //check for errors } catch(PDOException $e) { echo $e->getMessage(); } ?> /classes/user.class.php Code: [Select] <?php /** * @author Jragon * @copyright 2011 */ class user{ private $username; private $password; private $newPassword; private $salt; private $DBH; public function newUser($user, $pass, $DBH){ //name varibles $this->password = $pass; $this->username = $user; $this->DBH = $DBH; $this->getSalt(); $this->hashPass(); $this->createUser(); } private function getSalt(){ //pick random number $a = rand(1, 100); $b = rand(1, 100); $this->salt = rand($a, $b) * 5; } private function hashPass(){ //encrypt $this->password with md5 and a salt $plainPass = $this->password . $this->salt; $this->newPassword = md5($plainPass); } private function createUser(){ //prepare statement $STH = $this->DBH->prepare(" INSERT INTO `users` ( `user` , `pass` , `salt` ) VALUES ( '$this->username', '$this->newPassword', '$this->salt' ); "); //execute statement $STH->execute(); //prepare statement $STH = $this->DBH->prepare(" INSERT INTO `ranks` ( `rank` ) VALUES ( ); "); //execute statement $STH->execute(); } } ?> SQL dump Code: [Select] -- phpMyAdmin SQL Dump -- version 3.3.9 -- http://www.phpmyadmin.net -- -- Host: localhost -- Generation Time: Jun 02, 2011 at 06:05 PM -- Server version: 5.5.8 -- PHP Version: 5.3.5 SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"; -- -- Database: `cakes` -- -- -------------------------------------------------------- -- -- Table structure for table `cakes` -- CREATE TABLE IF NOT EXISTS `cakes` ( `UID` int(11) NOT NULL AUTO_INCREMENT, `cake` int(11) NOT NULL, PRIMARY KEY (`UID`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ; -- -- Dumping data for table `cakes` -- -- -------------------------------------------------------- -- -- Table structure for table `users` -- CREATE TABLE IF NOT EXISTS `users` ( `UID` int(11) NOT NULL AUTO_INCREMENT, `userName` varchar(11) NOT NULL, `passWord` varchar(32) NOT NULL, `salt` int(11) NOT NULL, PRIMARY KEY (`UID`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ; -- -- Dumping data for table `users` -- I have no idea what is going wrong... I don't get an error. All the output I get is '=D'. Thanks -Jragon Hey i have this code that should update database on submit of a form. i have multiple rows selected from a database and i need to be able to update each row individually...however currently as the code stands it updates all rows with the data entered into the bottom row. i dont know how to solve this its very frustrating could someone take a look and help me? here is the code <?php session_start(); ?> <a href="adminlogout.php">Logout</a><br /> <?php $id = $_GET['id']; if(!isset($_SESSION['myusername'])) { header("location:adminlogin.php"); } $dbhost = 'localhost'; $dbuser = 'root'; $dbpass = ''; $db = 'bank'; $conn = mysql_connect($dbhost,$dbuser,$dbpass); mysql_select_db($db); if(isset($_POST['submit'])){ $select = mysql_query("SELECT * FROM accounts WHERE cusid=$id"); $row3 = mysql_fetch_array($select); $update = mysql_query("UPDATE accounts SET balance='".$_POST['balance']."', type='".$_POST['type']."', name='".$_POST['name']."', active='".$_POST['active']."' WHERE cusid=$id"); } $result = mysql_query("SELECT * FROM customer WHERE cusid=$id"); $row2 = mysql_fetch_array($result); echo $row2['name'] . "'s bank accounts" . "<br><br>"; $result2 = mysql_query("SELECT * FROM accounts WHERE cusid=$id"); echo "<form method='post' action='accounts.php?id=$id'>"; while($row = mysql_fetch_array($result2)) { echo "<input type='text' name='accno' style='background-color:lightgrey;' readonly='readonly' value='$row[accno]'>" . "<input type='text' name='name' value='$row[name]'>"; if($row['type'] == "Current"){echo"<select name='type'>" . "<option selected='Selected'>Current</option>" . "<option>Savings</option>" . "</select>";} else{echo"<select name='type'>" . "<option selected='Selected'>Savings</option>" . "<option>Current</option>" . "</select>";} echo"<input type='text' name='balance' value='$row[balance]'>"; if($row['active'] == "No"){ echo "<select name='active'>" . "<option value='No' selected='selected'>No</option>" . "<option value='Yes'>Yes</option>" . "</select>";} elseif($row['active'] == "Yes"){echo "<select name='active'>" . "<option value='Yes' selected='selected'>Yes</option>" . "<option value='No'>No</option>" . "</select>";} echo "<input type='submit' name='submit' value='Update'>" . "<br>"; } echo "</form>"; ?> so my database table already exists but i need to add new columns to the table so this is how the table looks now
CREATE TABLE IF NOT EXISTS `users` ( `id` int(255) NOT NULL AUTO_INCREMENT, `birthday` varchar(10) COLLATE utf8_unicode_ci NOT NULL DEFAULT '1-1-1990', `comment_privacy` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'everyone', `confirm_followers` int(11) NOT NULL DEFAULT '0', `current_city` text COLLATE utf8_unicode_ci NOT NULL, `follow_privacy` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'everyone', `gender` varchar(6) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'male', `hometown` text COLLATE utf8_unicode_ci NOT NULL, `message_privacy` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'everyone', `post_privacy` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'everyone', `timeline_post_privacy` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'everyone', PRIMARY KEY (`id`), UNIQUE KEY `id` (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=1 ;and this is what I need it to look.... but every time I insert in the sql to do the update but it does not do it as the table already there... CREATE TABLE IF NOT EXISTS `users` ( `id` int(11) NOT NULL AUTO_INCREMENT NOT NULL, `job_title` mediumtext COLLATE utf8_unicode_ci NOT NULL, `job_at` mediumtext COLLATE utf8_unicode_ci NOT NULL, `birthday` varchar(10) COLLATE utf8_unicode_ci NOT NULL DEFAULT '1-1-1990', `comment_privacy` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'everyone', `confirm_followers` int(11) NOT NULL DEFAULT '0', `current_city` text COLLATE utf8_unicode_ci NOT NULL, `relationship` varchar(15) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'Not Applicable', `relationship_to` mediumtext COLLATE utf8_unicode_ci NOT NULL, `follow_privacy` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'everyone', `gender` varchar(6) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'male', `hometown` text COLLATE utf8_unicode_ci NOT NULL, `message_privacy` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'everyone', `post_privacy` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'everyone', `timeline_post_privacy` varchar(255) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'everyone', PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;how can I do this update>? its ok i know how to do this.. but the code i sell needs this update but i cant get them to delete there table as there mybe data already in the table Hi friends, the below code, which I've worked on quite a while, creates a dropdown, selects a record with a link to visit the url of that record. one ? can I update the table b4 closing? -------------------------------------------------- below is code: <?php include ('homedb-connect.php'); ?> <!DOCTYPE><html><head> <title>lookup menu</title> </head> <body><center><b> <form name="form" method="post" action="">
<?php //This creates the drop down box echo "<select name= 'target'>"; echo '<option value="">' . '--- Select account ---' . '</option>'; $query = mysqli_query($conn, "SELECT target FROM infotbl"); if ($query === false) { echo "Something went wrong<br />"; echo mysqli_error($conn); } else { while ($row = mysqli_fetch_array($query)) { echo "<option value='" . $row['target'] . "'>" . $row['target'] . '</option>'; } } echo '</select>'; ?> <input type="submit" name="submit" value="Submit"/> </form><center>
<?php // ============================================== if (isset($_REQUEST['target'])) { $target = $_REQUEST['target']; // =============================================== $fetch = "SELECT id, target, purpose, user, password, email, visits, lastused FROM infotbl WHERE target = '" . mysqli_real_escape_string($conn, $target) . "'"; // ===============================================================================
$result = mysqli_query($conn, $fetch); if (!$result) { echo "Error:" . (mysqli_error($conn)); }
//display the table echo '<table border="1"><tr><td bgcolor="cyan" align="center">lookup menu</td></tr> <tr><td> <table border="1"> <tr> <td>id</td> <td bgcolor="#ccffff"> Target </td> <td bgcolor="violet"> Purpose </td> <td bgcolor="#ccffff"> User </td> <td bgcolor="#ccffff">Password </td> <td bgcolor="#ccffff"> Email </td> <td bgcolor="#cyan"> Visits </td> <td bgcolor="#cyan"> lastused</td> </tr>';
while ($data = mysqli_fetch_row($result)) {
// ========================================================== $url = "http://$target"; $link = '<a href="' . $url . '">' . $data[0] . '</a>'; // ===========================================================
echo ("<tr><td> $link </td><td>$data[1]</td><td>$data[2]</td><td>$data[3]</td> <td>$data[4]</td><td>$data[5]</td><td>$data[6]</td><td>$data[7]</td></tr>"); } echo '</table> </td></tr></table>'; } ?> </body></html> ------------------------------------------------------ this is my update code: <?php $target = $_POST["target"]; $visits = 'visits'; $Lastused = 'Lastused'; $sql = "UPDATE receiptno SET visits=visits+1, lastused=NOW() WHERE target=$target"; if ($conn->query($sql) === TRUE) { echo "Record updated successfully"; } else { echo "Error updating record: " . $conn->error; } $conn->close(); ?> Hello, I'm having a little trouble getting my head around my code here. Basically, I have a table based PHP form in my html page that loops and adds a new row to the table depending on my variables The table itself displays the amount of 'squads' you have, the name of the individual squads, how many people are in your squad, and an 'add button': Your Squads: | People | Form Button Squad 'name' | 2/5 | Add More? Squad 'name' | 3/5 | Add More? Squad 'name' | 1/5 | Add More? Etc ..... Code for this table: Code: [Select] <p><strong> Add Soliders To Squads:</strong> <br />Soliders avalible: <? echo $solidersToAdd ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table width="500" border="0" cellspacing="0" cellpadding="0"> <?PHP $max = $squadNumbers - 1; $i = 0; while($i <= $max){ $print = $i + 1; echo"<tr>"; echo"<td width=\"200\" height=\"30\"><strong>Squad: ".$names_split[$i]."</strong></td>"; echo"<td width=\"200\" height=\"30\">".$content_split[$i]."/5</td>"; if($content_split[$i] != 5){ echo"<td height=\"30\">"; echo"<input name=\"submitAdd\" type=\"submit\" class=\"SquadWeaponSelector\" id=\"submitAdd_".$i."\" value=\"Add (".$solidersToAdd.")\" /></td>"; } else{ echo"<td height=\"30\">Squad is full</td>"; } $i++; } ?> </table> </form> This all works fine, but its the action form I'm struggling with, what I want is to be able to add a person to the specific squad the user pushed the button for and add to the database. NOTE: my database stores the content (players in squad) like so: 2,3,1 as a varchar and I use explode to split it into an array (this is the same with my squad names too). So here is a snippet of what I got at the top of my document, the form action: Code: [Select] $squadNumbers = $info['squadNumbers']; // = 3 $squadNames = $info['squadNames']; // = Alpha,Beta,Oscar $squadContent = $info['squadContent']; // = 2,3,1 // split the squad content \\ $content_split = explode(",", $squadContent); // split the squad names \\ $names_split = explode(",", $squadNames); $solidersToAdd = 3; // will soon be retrieving off DB if (isset($_POST['submitAdd']) && $solidersToAdd != 0) { $i = 0; $max = $squadNumbers - 1; $newContentArray = array(); while($i <= $max){ $print = $i + 1; $newContentArray[whatever button was pressed] = 1 + $squadContent[whatever button was pressed]; $i++; } //$solidersToAdd--; $glueContent = $_POST['submitAdd_1']; //implode(",",$newContentArray); $result = mysql_query("UPDATE users SET squadContent='$glueContent' WHERE username = '$username'") or die(mysql_error()); } First of, I dont know how to have a button actually pass on a value such as '+1', and I need it to talk specifically to that squad. I would appreciate any help, many thanks in advance. I am trying to update last logged in entry in the database upon succesful login. I may be way off in the logic here or I may be missing something simple. I don't get any errors and it logs in fine. Just does not update the lastvisit field in the database. Code: [Select] //record date of most recent login $result = mysql_query("SELECT username FROM users WHERE user_id ='".$_SESSION['userId'] . "'"); $dtCreated = date('Y-m-d'); mysql_query("UPDATE users SET lastvisit=('$dtCreated') WHERE username = $result"); Im not to sure what I have done wrong here, I have tried a few }'s in places incase I have missed one, im still quite new to pdo so im not sure. Can anyone see why it isnt updating the database? Cheers Code: [Select] <?php if ($enemy_hp <= 0) { $sql = "UPDATE game_status SET battle = '1' WHERE id=1"; } else { $sql = "UPDATE game_character SET current_hp = (current_hp-100) WHERE id=1"; $statement = $dbh->prepare($sql); $statement->execute(); } ?> Okay guys, so i have a status checker connected to a mySql database. Now, what i want to do is have it check the status, then update the field in the table. Here is my code, please someone add or tell me how to add the update mysql thing. Code: [Select] <?php error_reporting(0); include '../dbc.php'; if(isset($_GET['id'])) { $id = intval($_GET['id']); //We check if the user exists $dn = mysql_query('select * from users where id="'.$id.'"'); if(mysql_num_rows($dn)>0) { $dnn = mysql_fetch_array($dn); //We display the user datas $offline='<font color="red">Offline</font>'; $online='<font color="green">Online</font>'; $host=(htmlentities($dnn['server_ip'])); $style=(htmlentities($dnn['style'])); $port=htmlentities($dnn['port']); $fp = fsockopen($host, 43594, $errno,$errstr, 4); if (!$fp){ echo('<font color="red">Offline</font>'); } else { $online=echo('<font color="green">Online</font>'); fclose($fp); } } } ?> Thanks, hope so one can help me I have created a form that i can see the form input info in to the form boxes but once submitted it is not updating or adding new input to the database. I am trying to keep it as simple as possible. I am also new at PHP.
Here is my code:
<?php // define variables and set to empty values $amp_20_parts_idErr = $part_numberErr = $locationErr = $quantityErr = ""; $amp_20_parts_id = $part_number = $discription = $location = $quantity = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["amp_20_parts_id"])) { $amp_20_parts_idErr = "ID is required."; } else { $amp_20_parts_id= test_input($_POST["amp_20_parts_id"]); } if (empty($_POST["part_number"])) { $part_numberErr = "Part number is required."; } else { $email = test_input($_POST["part_number"]); } if (empty($_POST["description"])) { $descriptionErr = ""; } else { $description = test_input($_POST["description"]); } if (empty($_POST["location"])) { $locationErr = "A location is required."; } else { $location = test_input($_POST["location"]); } if (empty($_POST["quantity"])) { $quantityErr = "Quantity is required"; } else { $quantity = test_input($_POST["quantity"]); } } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } ?> <div id="update_form"> Please follow instructions for updating the data base.<br>instructional text goes here.<br/><br/> <table><tr><form method="POST" action="new path"> <td>ID: <input name="amp_20_parts_id" type="text"><span><?php echo $amp_20_parts_idErr; ?></span><br/><br/></td> <td>Part Number: <input name="part_number" type="text"><span><?php echo $part_numberErr; ?></span><br/><br/></td> <td><label>Discription: <textarea name="description" rows="3" col="20"></textarea> <br/><br/></td> <td>Location: <input name="location" type="text"><span><?php echo $locationErr;?> </span><br/><br/></td> <td>Quantity: <input name="quantity" type="text"><span><?php echo $quantityErr; ?> </span><br/><br/></td><br/> <td><input type="submit"></td> </form></tr></table> <?php $con=mysqli_connect("server","user","password","db"); // Check connection if (mysqli_connect_errno()) { echo("Connect failed: %s\n", mysqli_connect_error()); // escape variables for security $amp_20_parts_id = mysqli_real_escape_string($con, $_POST['amp_20_parts_id']); $part_number = mysqli_real_escape_string($con, $_POST['part_number']); $discription = mysqli_real_escape_string($con, $_POST['description']); $location = mysqli_real_escape_string($con, $_POST['location']); $quantity = mysqli_real_escape_string($con, $_POST['quantity']); $sql="INSERT INTO amp_20 (amp_20_parts_id, part_number, description, location, quantity) VALUES ('$amp_20_parts_id', '$part_number', '$description', '$location', '$quantity')"; if (!mysqli_query($con,$sql)) { die('Error: ' . mysqli_error($con)); } echo "1 record added"; mysqli_close($con); } ?> |