Help With Editing MySQL

PHP
1

Hello All,

I am making a page where I can edit the MySQL records via a PHP page. However, it wont display from the database. It keeps telling me the query was empty. However, I know there is stuff there.

And then, I do not know where to start with the page to edit it, like the HTML form. Can anyone help me?

<?php
session_start(); 
 
if(!isset($_SESSION['logged_in']) ||
   !isset($_SESSION['username'])) {
 
   header("location: login.php");
 
}


$con = mysql_connect("localhost","*****","*****");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("*****", $con);

$result = mysql_query("SELECT name,location,bought,warranty,comments FROM equipment");
$data = mysql_fetch_array($result);
?>

code here to display.

<?php
if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }

mysql_close($con)
?>
2

If this is where you are getting the error from, then I know why:


if (!mysql_query($sql,$con))

  {

  die('Error: ' . mysql_error());

  }

$sql is not defined anywhere, so it is going to return an error that it is empty.

3

I’ve edited the page… Here is what I have now. It comes up on the page, but when I hit update, it just doesn’t update…

<?php 
$host="localhost"; // Host name 
$username="*****"; // Mysql username 
$password="*****"; // Mysql password 
$db_name="*****"; // Database name 
$tbl_name="equipment"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

$sql="SELECT * FROM $tbl_name";
$result=mysql_query($sql);

// Count table rows 
$count=mysql_num_rows($result);
?>
<table width="500" border="0" cellspacing="1" cellpadding="0">
<form name="form1" method="post" action="">
<tr> 
<td>
<table width="500" border="0" cellspacing="1" cellpadding="0">


<tr>
<td align="center"><strong>Unit ID</strong></td>
<td align="center"><strong>Name</strong></td>
<td align="center"><strong>Location</strong></td>
<td align="center"><strong>Date Purchased</strong></td>
<td align="center"><strong>Warranty Expiration</strong></td>
<td align="center"><strong>Comments</strong></td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center"><? $id[]=$rows['id']; ?><? echo $rows['id']; ?></td>
<td align="center"><input name="name[]" type="text" id="name" value="<? echo $rows['name']; ?>"></td>
<td align="center"><input name="location[]" type="text" id="lastname" value="<? echo $rows['location']; ?>"></td>
<td align="center"><input name="bought[]" type="text" id="bought" value="<? echo $rows['bought']; ?>"></td>
<td align="center"><input name="warranty[]" type="text" id="warranty" value="<? echo $rows['warranty']; ?>"></td>
<td align="center"><input name="comments[]" type="text" id="comments" value="<? echo $rows['comments']; ?>"></td>
</tr>
<?php
}
?>
<tr>
<td colspan="4" align="center"><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</td>
</tr>
</form>
</table>
<?php
// Check if button name "Submit" is active, do this 
if($Submit){
for($i=0;$i<$count;$i++){
$sql1="UPDATE $tbl_name SET name='$name[$i]', location='$location[$i]', ='$bought[$i]' warranty='$warranty[$i]', comments='$comments[$i]', WHERE id='$id[$i]'";
$result1=mysql_query($sql1);
}
}

if($result1){
header("location:update_multiple.php");
}
mysql_close();
?>
4

Just to be sure, have you checked the database directly to see if it updates? You are running the display before you run the update call, so it is going to display the same data until you load the page again. You should move your update code above this line:

$sql=“SELECT * FROM $tbl_name”;

If that doesn’t work, then you should check for an error or echo your query and make sure that it looks like it is supposed to.

On a side note:
header(“location:update_multiple.php”);

Is going to generate an error message, because you will be calling the header() function after output has been generated. Per the PHP documentation: “Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP.”

5

The variable $Submit doesn’t exist, that would be one thing.

6

Wow. I totally missed that. Good point.

7

It exists now… Still not working for me…

Any other suggesstions?

8

Did you try what I suggested above?

It looks like, if this is the entire script, that you are depending on register_globals to be turned on. If that is the case, then you should start reworking your code now, because that is a function that is turned off by default now as it was a security risk.

As I suggested before, echo your query to see what query is actually being run when you are trying to update. That will, most likely, help you see why your records are not being updated.

9

You script probably assumes that register_globals is on. And then there is a serious flaw in your code: What does the variable $id contain? You did not pass the ids as hidden variable.

10

I think webdesignhouston had a right caught. The only problem I also doubt on is with that you are working in register_globals ON and the coding seems pretty old style.

Few suggestions:

  1. Always use PHP full tag <?php not <?
  2. Do not use multiple tags having same id (i.e. id=“name” it should be something like id=“name_<id>”).
  3. See the update SQL statement, there is an error field name ‘bought’ and a comma after that are missing (location=‘$location[$i]’, =‘$bought[$i]’ warranty=‘$warranty[$i]’).
  4. Use specific super global variables like POST, GET in respective cases. While updating you may need to do something like this (untested):

if($_SERVER['REQUEST_METHOD'] == 'POST'){ // ensure if the form was posted.
	$errors 	= array();
	$name 		= $_POST['name'];
	$location 	= $_POST['location'];
	$bought 	= $_POST['bought'];
	$warranty 	= $_POST['warranty'];
	$comments 	= $_POST['comments'];
	$count 		= count($name);
	for($i = 0; $i < $count; $i++){ 
		$sql = "UPDATE $tbl_name SET 
					name='$name[$i]', 
					location='$location[$i]', 
					bought='$bought[$i]',
					warranty='$warranty[$i]',
					comments='$comments[$i]',
					WHERE id='$id[$i]'"; 
		if(!mysql_query($sql)){
			$errors[] = "There was an error with '" . $name[$i] . "' with the error " . mysql_error();
		}
	}
	if(count($errors)){
		print_r($errors);
	}
}
  1. Always put this type of update/insert script on top of the page (not at the bottom of the page) and redirect to the same page or different after successful action. This will avoid the header already sent warnings.
  2. Always terminate the script with die() or exit() after header location redirection.

Hope this will help you.

11

there’s still a dangling comma in the UPDATE statement

it’s a lot easier to spot if you had adopted the “leading comma” coding convention …

UPDATE $tbl_name 
   SET name='$name[$i]'
     , location='$location[$i]'
     , bought='$bought[$i]'
     , warranty='$warranty[$i]'
     , comments='$comments[$i]'
     , 
 WHERE id='$id[$i]'";

can you see it more easily now? :wink:

12

Ahh… :blush:

Indeed will follow leading comma convention now onwards :slight_smile:

Hope OP will follow the same.


if($_SERVER['REQUEST_METHOD'] == 'POST'){ // ensure if the form was posted.
    $errors     = array();
    $name     = $_POST['name'];
    $location   = $_POST['location'];
    $bought     = $_POST['bought'];
    $warranty   = $_POST['warranty'];
    $comments   = $_POST['comments'];
    $count   = count($name);
    for($i = 0; $i < $count; $i++){ 
        $sql = "UPDATE $tbl_name SET 
                    name='$name[$i]', 
                    location='$location[$i]', 
                    bought='$bought[$i]',
                    warranty='$warranty[$i]',
                    comments='$comments[$i]'
                    WHERE id='$id[$i]'"; 
        if(!mysql_query($sql)){
            $errors[] = "There was an error with '" . $name[$i] . "' with the error " . mysql_error();
        }
    }
    if(count($errors)){
        print_r($errors);
    }
}