PHP Update Working one day, not the next?

CalvT · November 18, 2015, 12:25pm

I’ve written a simple PHP query to update a row in a MySQL database with the information from a form. I tested it, and it worked perfectly. The next day, I worked on it and it stopped work, so I removed my changes, but it still doesn’t work. It says it has been successful, but the update has not been made. My Code is as follows.

First PHP file - upsf.php

<?php
include 'cxn.php';
$supplier_id = $_GET['id'];
$query = "SELECT * FROM Suppliers WHERE Suppliers.ID =$supplier_id";
$result = mysqli_query($cxn,$query)
or die ("Couldn't execute query");
$data = mysqli_fetch_array($result);
echo "<html><head><title>Update ".$data['Name']."</title>";
include 'header.php';
echo "<div class='body'>
<h1>Update ".$data['Name']."</h1><br>
<form method='post' name='update' action='update/uds.php' />
<input type='text' name='supplier_id' value='".$data['ID']."' disabled /><br>
<input type='text' name='name' value='".$data['Name']."' /><br>
<input type='submit' name='Submit' value='Update' />
</form>
</div></div>
<script src='script.js'></script>
</body></html>";
?>

When the form is submitted, it posts the data to uds.php

<?php
include '../cxn.php';
$supplier_id = $_POST['supplier_id'];
$name = $_POST['name'];
$query = "UPDATE `Suppliers` SET `Name` = '$name' WHERE ID = '$supplier_id'";
echo "<html><head><title>Certificates</title><link rel='stylesheet' type='text/css' href='../style.css' />";
include '../header.php';
echo "<div class='body'>";
if(mysqli_query($cxn,$query)){
echo "Supplier Name Updated to ".$name.".";
}else{
echo "Update Failed";
}
echo "</div></div><script src='../script.js'></script></body></html>";
?>

For good measure here is cxn.php

<?php
$host = "localhost";
$user = "user";
$password = "xxxxxx";
$dbname = "tradel9_suppliers";
$cxn = mysqli_connect($host,$user,$password,$dbname)
or die ("Couldn't connect to server");
?>

Can anyone see where I’ve gone wrong?

Thanks

Gandalf · November 18, 2015, 12:33pm

In one file you have

and in the other you have

Could this be the problem?

CalvT · November 18, 2015, 12:39pm

Sorry - I forgot to say that the second one is stored in a folder called update - so it needs the …/ to access the cxn.php

If you look on the form you will see that the path is update/uds.php

droopsnoot · November 18, 2015, 12:39pm

If you echo the POST variables and your query in uds.php, are the values as you would expect? If you then paste the contents of $query into phpmyadmin (or your preferred equivalent) and run the query, does it work as you expected?

CalvT · November 18, 2015, 12:42pm

Yes when I echo the data it outputs the data expected - see the if function.

I haven’t tried phpMyAdmin, but I have Navicat, and what works in one generally does in the other.

droopsnoot · November 18, 2015, 12:43pm

Do you have error reporting or logging enabled?

CalvT · November 18, 2015, 1:20pm

Um not less it’s enabled by default. How can I check this?

Thanks for your help

DaveMaxwell · November 18, 2015, 1:47pm

Not to be smart or anything, but you ARE changing the name in the form to ensure it changes, correct?

CalvT · November 18, 2015, 1:50pm

Yes - For example the Name Field will have Example Name in it, and I might change it to Example

I know its not a problem with the POST as the $name in the if > echo outputs the new value (in this case it would output Example)

CalvT · November 18, 2015, 2:02pm

Take a look at this query:

And then this one. Notice a difference?

The $values are enclosed in ’ in the second query. But, if I remove them the query returns error.

Any thoughts?

DaveMaxwell · November 18, 2015, 2:14pm

That’s because Name is a reserved word. If you put the back ticks back around just that, it should run.

CalvT · November 18, 2015, 2:20pm

Nope it still fails. Could you give an example of what you mean?

Thanks

DaveMaxwell · November 18, 2015, 2:35pm

This should work…

$query = "UPDATE Suppliers SET `Name` = '$name' WHERE ID = '$supplier_id'";

I don’t know how picky mySQL is (it’s been a while), but I noticed in the SELECT statement above doesn’t quote out the id

$query = "UPDATE Suppliers SET `Name` = '$name' WHERE ID = $supplier_id";

Have you done an echo of $query just to be sure what you’re executing is what you think?

You should also consider moving towards prepared statements, which is safer that just using the value directly…

$stmt = $mysqli->prepare("UPDATE Suppliers SET `Name` = ? WHERE ID = ?");

$stmt->bind_param("si", $name, $supplier_id);
$stmt->execute();
$stmt->close();

CalvT · November 19, 2015, 11:57am

Unfortunately it doesn’t. Well - neither of them do. The first one simply doesn’t update it, and the second one returns error.

system · February 18, 2016, 6:58pm

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.