PHP SQL Update

system · August 5, 2011, 9:52am

Hi,
I was hoping someone would be able to help me.

I have created a SQL database which I want users to be able to update through the web browser.

So I have set up the database table in SQL. THe code to which is is below:


CREATE TABLE Customer
(
Customer_ID int NOT NULL AUTO_INCREMENT,
CustomerName char(50),
CustomerAddress char(255),
CustomerTelNo char(15),
CustomerEmail char(255),
CustomerProduct char(255),
CustomerReason char(255),
Date_Recieved Date,
Notes TEXT(1000),
Outcome char(255),
Date_Returned Date,

PRIMARY KEY (Customer_ID)

)

Insert into Customer Values
(1, 'Joe Bloggs','3 West Street,ME151JL','01622 85512','[email protected]','DR3561 ','No signal','2011/08/02','Update problem','No fault found', '2011/02/02')

I have then created a table to display the records:

[php]

<?php $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $sql="SELECT * FROM Customer1"; $result=mysql_query($sql); ?> <?php while($rows=mysql_fetch_array($result)){ ?>

Customer_ID	Customer Name	Customer Address	Tel No.	Email	Product	Reason	Date Recieved	Notes	Outcome	Date Returned	Update Record
<? echo $rows['Customer_ID']; ?>	<? echo $rows['CustomerName']; ?>	<? echo $rows['CustomerAddress']; ?>	<? echo $rows['CustomerTelNo']; ?>	<? echo $rows['CustomerEmail']; ?>	<? echo $rows['CustomerProduct']; ?>	<? echo $rows['CustomerReason']; ?>	<? echo $rows['Date_Recieved']; ?>	<? echo $rows['Notes']; ?>	<? echo $rows['Outcome']; ?>	<? echo $rows['Date_Returned']; ?>	update

<?php mysql_close(); ?>

[/php]

I have then created code which will show a series of text boxes so the user can edit records in the database:

[php]

<?php $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name $tbl_name="Customer1"; // Table name // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // get value of id that sent from address bar $Customer_ID=$_GET['Customer_ID']; // Retrieve data from database $sql="SELECT * FROM $tbl_name WHERE Customer_ID ='$Customer_ID'"; $result=mysql_query($sql); $rows=mysql_fetch_array($result); ?>



Customer Name	Customer Address	Tel No.	Email	Product	Reason	Date Recieved	Notes	Outcome	Date Returned

<? // close connection mysql_close(); ?>

[/php]

Finally when the submit button is pressed the below code runs so that the record is changed with whatever is entered into the text boxes.

[php]

<?php $host="localhost"; // Host name $username=""; // Mysql username $password=""; // Mysql password $db_name=""; // Database name // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // update data in mysql database $sql="UPDATE Customer1 SET CustomerName='$CustomerName', CustomerAddress='$CustomerAddress', CustomerTelNo='$CustomerTelNo', CustomerEmail='$CustomerEmail', CustomerProduct='$CustomerProduct', CustomerReason='$CustomerReason', Date_Recieved='$Date_Recieved', Notes='$Notes', Outcome='$Outcome', Date_Returned='$Date_Returned' WHERE Customer_ID='$Customer_ID'"; $result=mysql_query($sql); // if successfully updated. if($result){ echo "Successful"; echo "
"; echo "View result"; } else { echo "ERROR"; } ?>

[/php]

This code all works fine. However when I click subit even though successful appears to show that the records should have been updated nothing changes. The data remains exactly the same.

Can anyone shed some light on the problem I may be having?

Thanks in advance

Edd

lothop · August 7, 2011, 9:57am

Your variables have no values Im guessing.

[php]$sql="UPDATE Customer1
SET
CustomerName=’$_POST[‘CustomerName’]’,
CustomerAddress=’$_POST[‘CustomerAddress’]’,
CustomerTelNo=’$_POST[‘CustomerTelNo’]’,
CustomerEmail=’$_POST[‘CustomerEmail’]’,
CustomerProduct=’$_POST[‘CustomerProduct’]’,
CustomerReason=’$_POST[‘CustomerReason’]’,
Date_Recieved=’$_POST[‘Date_Recieved’]’,
Notes=’$_POST[‘Notes’]’,
Outcome=’$_POST[‘Outcome’]’,
Date_Returned=’$_POST[‘Date_Returned’]’

WHERE Customer_ID=’$_POST[‘Customer_ID’]’";[/php]

Not sure if you can use $_POST straight in the SQL or not.
If you get an error you will have to set each variable.
$CustomerName = $_POST[‘CustomerName’];

smokeys_13 · August 7, 2011, 10:59am

You should replace each part that uses a $_POST variable with this:

column='".mysql_real_escape_string($_POST['element'])."',

edwardtong694 · August 8, 2011, 9:44am

Hi Lothop,

Once I had set the variables like you had suggested it works perfectly.

Thanks for your time in looking into this. Thanks also to SmokeyPHP.

Edd,

lothop · August 8, 2011, 12:45pm

Cool, glad you got it to work. Just remember, when posting data from a form retrieve it with $_POST[‘name’] and if you use get, $_GET[‘name’] ($_GET gets values from url’s)