Update query not working?

donboe · April 9, 2014, 11:46am

I have the following update query:


 if(isset($_POST['submit'])){

    $menu_kaart_item_id       = $_POST['menu_kaart_item_id'];
	$menu_id                  = $_POST['menu_id'];
	$menu_item                = $_POST['menu_item'];
	$menu_item_description    = $_POST['menu_item_description'];
	$menu_item_price          = $_POST['menu_item_price'];

		
	$sql = "UPDATE menu_kaart_items
	           SET menu_item = '$menu_item',
			       menu_item_description = '$menu_item_description',
				   menu_item_price='$menu_item_price'
	         WHERE menu_kaart_item_id = '$menu_kaart_item_id'";
				
	  header('Location: menukaart_listing.php?menu_id='.$menu_id);
	  exit();
}

and this is the form:


	  <form class="content_form" action="" method="post">
        <input type="hidden" name="menu_kaart_item_id" value="<?php echo $row->menu_kaart_item_id;?>" />
		<input type="hidden" name="menu_id" value="<?php echo $row->menu_kaart_id;?>" />
		<label>Gerecht:</label>
		 <input name="menu_item" type="text" class="textfield" value="<?php echo $row->menu_item;?>">
		 <label>Prijs:</label>
		 <input name="menu_item_price" type="text" class="textfield" value="<?php echo $row->menu_item_price;?>">
		 <label>Omschrijving:</label>
		 <textarea name="menu_item_description" class="textarea"><?php echo $row->menu_item_description;?></textarea>
		 <input type="submit" name="submit" value="Submit" class="button" />
      </form>

But for some reason the update is not working. Is it the header location that is causing this?

fretburner · April 9, 2014, 11:59am

The main problem here is that you’re not actually executing the update query before the redirect, which is why the DB is not getting updated.

Other than that, you don’t have any validation in place to make sure you’re getting sensible input from the form (what if someone submits the form with blank values, for example?).

donboe · April 9, 2014, 12:01pm

What could be a short term sollution for now? Take the redirect away? I need to show this in an hour

fretburner · April 9, 2014, 12:22pm

What about something like this?


if (isset($_POST['submit']))
{ 
    $menu_id = $_POST['menu_id'];
    $params = array(
    	':id'          => $_POST['menu_kaart_item_id'], 
	    ':item'        => $_POST['menu_item'], 
	    ':description' => $_POST['menu_item_description'], 
	    ':price'       => $_POST['menu_item_price'],
	);
  
    $sql = "UPDATE menu_kaart_items  
            SET menu_item = :item,
               menu_item_description = :description,
               menu_item_price = :price
         	WHERE menu_kaart_item_id = :id";

 	$conn->prepare($sql);
 	$conn->execute($params);
                  
	header('Location: menukaart_listing.php?menu_id='.$menu_id);  
	exit(); 
}

donboe · April 9, 2014, 6:18pm

Hi fretburner. That works great thank you so much!!