I am deleting a row instead of updating it,,,oh and i am very new to php

General PHP Help
#1

I have edited this page from a free template and i want it to update a table in a mysql db, it shows the row i want and the data is correct but when i try to update it just deletes the existing content and does not update…If anyone is kind enough to give me a steer i would really appreciate it thank you, code below, oh and please make it simple i am just a pensioner trying to get to grips with php…

<?php
session_start();

include("connection.php");

if (!isset($_SESSION['username'])) {
    header("location: login.php");
}
?>

<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Update Profile</title>
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
    <link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel="stylesheet"
        integrity="sha384-9ndCyUaIbzAi2FUVXJi0CjmCapSmO7SnpJef0486qhLnuZ2cdeRhO02iuK6FUUVM" crossorigin="anonymous">
    <link rel="stylesheet" href="css/style1.css">
</head>

<body>

    <div class="container">
        <div class="form-box box">

            <?php

            if (isset($_POST['update'])) {
                $username = $_POST['username'];
                $email = $_POST['email'];
                $password = $_POST['password'];

                $id = $_SESSION['id'];
                $edit_query = mysqli_query($conn, "UPDATE individual SET username='$username', email='$email', password='$password', contactno='$contactno', firstname='$firstname', lastname='$lastname', postcode='$postcode', aline1='$aline1', aline2='$aline2', county='$county', country='$country' ,qualifications='$qualifications', dob='$dob', workwanted='$workwanted', skills='$skills',  available='$available', driver='$driver', volunteer='$volunteer', parttime='$parttime', fulltime='$fulltime' , maxtravelradius='$maxtravelradius', specialneeds='$specialneeds', fitnesslevel='$fitnesslevel', notes='$notes', nationality='$nationality', gender='$gender' WHERE id = $id");

                if ($edit_query) {
                    echo "<div class='message'>
                <p>Profile Updated!</p>
                </div><br>";
                    echo "<a href='home.php'><button class='btn'>Go Home</button></a>";
                }
            } else {

                $id = $_SESSION['id'];
                $query = mysqli_query($conn, "SELECT * FROM individual WHERE id = $id") or die("error occurs");

                while ($result = mysqli_fetch_assoc($query)) {
                    $res_username = $result['username'];
                    $res_email = $result['email'];
                    $res_password = $result['password'];
                    $res_id = $result['id'];
					$res_contactno = $result['contactno'];
					$res_firstname = $result['firstname'];
					$res_lastname = $result['lastname'];
				    $res_postcode = $result['postcode'];
					$res_aline1 = $result['aline1'];
					$res_aline2 = $result['aline2'];
					$res_county = $result['county'];
				    $res_country = $result['country'];
					$res_qualifications = $result['qualifications'];
					$res_dob = $result['dob'];
				    $res_workwanted = $result['workwanted'];
					$res_skills = $result['skills'];
					$res_available = $result['available'];
					$res_driver = $result['driver'];
					$res_volunteer = $result['volunteer'];
					$res_parttime = $result['parttime'];
					$res_fulltime = $result['fulltime'];
					$res_maxtravelradius = $result['maxtravelradius'];
					$res_specialneeds = $result['specialneeds'];
					$res_fitnesslevel = $result['fitnesslevel'];
					$res_notes = $result['notes'];
					$res_nationality = $result['nationality'];
					$res_gender = $result['gender'];
						  
					 
					 
					 
					 
					 
					 
					 
                }

                ?>

                <header>Update Profile</header>
                <form action="#" method="POST" enctype="multipart/form-data">

                    <div class="form-box">

                        <div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Username" name="username"
                                value="<?php echo $res_username; ?>" required>
                        </div>

                        <div class="input-container">
                            <i class="fa fa-envelope icon"></i>
                            <input class="input-field" type="email" placeholder="Email Address" name="email"
                                value="<?php echo $res_email; ?>" required>
                        </div>

                        <div class="input-container">
                            <i class="fa fa-lock icon"></i>
                            <input class="input-field password" type="password" placeholder="Password" name="password"
                                value="<?php echo $res_password; ?>" required>
                            <i class="fa fa-eye toggle icon"></i>
                        </div>
						<div class="input-container">
                            <i class="fa fa-lock icon"></i>
                            <input class="input-field password" type="text" placeholder="ID Number" name="id"
                                value="<?php echo $res_id; ?>" required>
                            <i class="fa fa-eye toggle icon"></i>
                        </div>
					
			  <div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Contact Number" name="contactno"
                                value="<?php echo $res_contactno; ?>" required>
                        </div>
			  
			  
			
			 <div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="First Name" name="firstname"
                                value="<?php echo $res_firstname; ?>" required>
                        </div>
			 
			 
			 
			 
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Last Name" name="lastname"
                                value="<?php echo $res_lastname; ?>" required>
                        </div>
			
			
			
			
			
			
				
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Postcode" name="postcode"
                                value="<?php echo $res_postcode; ?>" required>
                        </div>
			
			
			
		
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="First line address" name="aline1"
                                value="<?php echo $res_aline1; ?>" required>
                        </div>
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Second line address" name="aline2"
                                value="<?php echo $res_aline2; ?>" required>
                        </div>
			
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="County" name="county"
                                value="<?php echo $res_county; ?>" required>
                        </div>
			
			
			
			
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Country" name="country"
                                value="<?php echo $res_country; ?>" required>
                        </div>
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Qualifications" name="qualifications"
                                value="<?php echo $res_qualifications; ?>" required>
                        </div>
			
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Date of Birth" name="dob"
                                value="<?php echo $res_dob; ?>" required>
                        </div>
			
			
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Work wanted" name="workwanted"
                                value="<?php echo $res_workwanted; ?>" required>
                        </div>
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Skills" name="skills"
                                value="<?php echo $res_skills; ?>" required>
                        </div>
			
			
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Availability" name="available"
                                value="<?php echo $res_available; ?>" required>
                        </div>
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Driver Y/N" name="driver"
                                value="<?php echo $res_driver; ?>" required>
                        </div>
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Volunteer Y/N" name="volunteer"
                                value="<?php echo $res_volunteer; ?>" required>
                        </div>
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Parttime" name="parttime"
                                value="<?php echo $res_parttime; ?>" required>
                        </div>
			
			
			
			
			
			
		
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Full Time Y/N" name="fulltime"
                                value="<?php echo $res_fulltime; ?>" required>
                        </div>
			
			
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Max Travel Radius" name="maxtravelradius"
                                value="<?php echo $res_maxtravelradius; ?>" required>
                        </div>
			
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Special Needs Y/N" name="specialneeds"
                                value="<?php echo $res_specialneeds; ?>" required>
                        </div>
			
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Fitness Level 1-10" name="fitnesslevel"
                                value="<?php echo $res_fitnesslevel; ?>" required>
                        </div>
			
			
			
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Notes" name="notes"
                                value="<?php echo $res_notes; ?>" required>
                        </div>
			
			
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Nationality" name="nationality"
                                value="<?php echo $res_nationality; ?>" required>
                        </div>
			
			
			
			
			<div class="input-container">
                            <i class="fa fa-user icon"></i>
                            <input class="input-field" type="text" placeholder="Gender" name="gender"
                                value="<?php echo $res_gender; ?>" required>
                        </div>

                    </div>


                    <div class="field">
                        <input type="submit" name="update" id="submit" value="Update" class="btn">
                    </div>


                </form>
            </div>
        <?php } ?>
    </div>

    <script>
        const toggle = document.querySelector(".toggle"),
            input = document.querySelector(".password");
        toggle.addEventListener("click", () => {
            if (input.type === "password") {
                input.type = "text";
                toggle.classList.replace("fa-eye-slash", "fa-eye");
            } else {
                input.type = "password";
            }
        })
    </script>

</body>

</html>
#2

If you are just starting out, you should start with one form field of one type, get your code fully working for that one form field, then go on to a field of a different type, … Once you have mastered how to use each different type of field, you can worry about all the code needed for the rest of the fields. If you have more than 2-3 fields, you should use a data-driven design, where you have an array that defines all the expected fields, their data type, validation rules, and what processing they are used for. You would then loop over this definition to control what general-purpose code does to dynamically validate, then process the data. In other words, typing out repetitive code for a couple of dozen of fields may help your typing skills, but it is just a waste of time if you are trying to learn how to program.

The reason the UPDATE query is deleting most of the values, is because there is no code for those values, and you should be getting php undefined variable errors at the point where the UPDATE query is being built to alert you to the problem.

Here’s a laundry list of things that will help you to produce code that is simple, secure, and will either work or it will tell you why it doesn’t work -

  1. The lack of php errors indicates that php’s error related settings are not setup on your system so that php will help you. Php’s error_reporting should always be set to E_ALL. When learning, developing, or debugging code/query(ies), display_errors should be set to ON. When running code on a live/public server, display_errors should be set to OFF and log_errors should be set to ON. These settings should be in the php.ini on your system so that they can be set or changed at a single point. Stop and start your web server to get any changes made the php.ini to take effect and test using a phpinfo(); statement on a .php page that the settings actually got changed to the desired values.
  2. The code for any page should be laid out in this general order - 1) initialization, 2) post method form processing, 3) get method business logic - get/produce data needed to display the page, 4) html document.
  3. Use ‘require’ for things your code must have.
  4. include/require are not functions. The () around the filename do nothing and should be removed.
  5. The login code should only put the user id (auto-increment primary index) in a session variable. You should query on each page request to get any other user data, permissions.
  6. Every redirect needs an exit/die statement to stop php code execution. Your current code continues to run everything after the redirect, when the user isn’t logged in.
  7. Don’t attempt to detect if a submit button is set. There are cases where it won’t be. Instead, test if a post method form was submitted.
  8. Keep the form data as a set, in a php array variable, then operate on elements in this array variable throughout the rest of the code, i.e. don’t write out code copying variables to other variables for every form field.
  9. Trim all the input data, mainly so that you can detect if a value was all white-space characters, before validating it.
  10. Validate all the now trimmed data, before using it, storing user/validation errors in an array using the field name as the main array index.
  11. After the end of the validation logic, if there are no error (the array holding the user/validation errors will be empty), use the form data.
  12. Build an sql query statement in a php variable to help with debugging (you can echo it to see what is actually is.)
  13. Don’t put external, unknown, dynamic values directly into sql query statements, where any sql special character can break the sql query syntax. Use a prepared query instead. If it seems like using a prepared query with the mysqli extension is overly complicated and inconsistent, it is. This would be a good time to switch to the much simpler and more modern PDO extension.
  14. The password value should be hashed. See php’s password_hash() and password_verify() functions.
  15. Don’t use or die() for error handling. Use exceptions for database statement errors (this is the default setting now in php8+), and only catch and handle database exceptions for user recoverable errors, such as when inserting/updating duplicate data. For all other error numbers and all other type of queries, simply let php catch and handle any database exception.
  16. Because an UPDATE query can result in duplicate data, any columns that must be unique (username, email) need to be defined as a unique index. You would then catch any exception from the update query, test if the error number is for a duplicate index error, and setup an error message letting the user know what was wrong with the data that they submitted.
  17. After the end of using the form data, if there are no errors, perform a redirect to the exact same URL of the current page to cause a get request for that page.
  18. To display a one-time success message, store it in a session variable, then test, display, and clear that session variable at the appropriate location in the html document.
  19. If there are any errors, the code will continue on to display the html document, display any errors, display the form, populating the field values with the submitted form data so that the user doesn’t need to keep reentering values over and over.
    20 . To allow you to get the initial data to be edited and keep the submitted form data, you need to copy the form data into a ‘working’ array variable inside the post method form processing code, that you also put the initial data into, but only when there is no existing form data.
  20. Don’t use a loop to fetch a single row of data. just directly call the single fetch statement.
  21. Any SELECT query may not match any data. If this occurs, you should display a message stating so. For an edit/update operation, this would indicate either a programming mistake or attempting to edit data that has been deleted.
  22. In general, you should list out the columns you are SELECTing in a query. This helps prevent mistakes and only selects the data that you want.
  23. Any dynamic value you output in a html context should have htmlentities() applied to it to help prevent cross site scripting.
  24. Client-side validation is a nicety for legitimate visitors. You must validate data on the server before using it.

If you have any questions about these points, I can post an example.

#3

I recommend get 99 percent of you PHP out of the body - here’s an example of my login in page

<body class="site">
<?php include 'assets/includes/inc-header-nav.php'; ?>

<main class="main_container" itemprop="mainContentOfPage">

            <form class="login_style" method="post" action="login.php">
                <input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
                <div class="screenName">
                    <label class="text_username" for="username">Username</label>
                    <input id="username" class="io_username" type="text" name="username" value="" autocomplete="username" required>
                </div>

                <label class="text_password" for="password">Password</label>
                <input id="password" class="io_password" type="password" name="password" required>

                <div class="submitForm">
                    <button class="submitBtn" id="submitForm" type="submit" name="submit" value="login">Login</button>
                </div>
            </form>


</main>


<aside class="sidebar">

</aside>
<footer class="colophon" itemprop="footer">
    <p>&copy; <?php echo date("Y") ?> Clear Web Concepts</p>
</footer>
<script src="assets/js/navigation.js"></script>
</body>

my inc-header-nav.php file is basically HTML that is constantly used over and over again in multiple files. I would also suggest keep your adding and updating to the database in different HTML files. Yes you will have to have forms for each page, but it will be less confusing especially starting out.

#4

Thank you very much i appreciate your help, and i will create seperate pages as you suggest, thanks again for your time, regards Richard

#5

Thank you for your help and words of wisdom i shall take them all onboard .

Sponsor our Newsletter | Privacy Policy | Terms of Service