0

I am trying to add an edit functionality to my table currently displaying MYSQL table content.

I can add and delete records, but I cannot seem to edit them.

Below is my code. Can anyone tell me what I am doing wrong??

//Editing a record


    $name=$_POST['editc'];
    $sql="UPDATE course SET name='$name' WHERE id='$id'";
    $result=mysql_query($sql);

// if successfully updated.
    if($result)
    {
        echo "Successful";
        echo "<BR>";
    }
    else 
    {
        echo "ERROR";
    }

  echo'
        <form action"'.$_SERVER['PHP_SELF'].'" method="POST">
            <table border="1" width="80%" align="center"> 
                <tr>
                    <td>
                        <h4>Record ID</h4>
                    </td>
                    <td>
                        <h4>Record Name</h4>
                    </td>
                    <td>
                        <h4>Add/Edit Record</h4>
                    </td>
                    <td>
                        <h4>Remove Selected Record(s)</h4>
                    </td>
                </tr>
                <tr>
                    <td>
                        <h5>Create New Record</h5>
                    </td>
                    <td>
                        <input type="text" name="cname" value="Type New Record Name Here" size="50"/>
                    </td>
                    <td>
                        <input type="Submit" name="Add" value="Add Record"/>
                    </td>
                    <td>
                        <h5> Select items you wish to remove, then click "Delete Selected" </h5>
                    </td>
                </tr>
                ';
                    while ($row=mysql_fetch_array($query))
                        {
                            echo'<tr>
                                    <td>
                                        '.$row['cid'].'
                                    </td>
                                    <td>
                                        '.$row['cname'].'
                                    </td>
                                    <td align="center">
                                        <input type="text" name="editc" value="Modify record Name">
                                        <input type="submit" name="cedit"   value="Edit" />

                                    </td>
                                    <td align="center">
                                        <input type="checkbox" name="cid[]" value="'.$row['cid'].'"/>
                                    </td>
                                </tr>';
                        }

            mysql_free_result($query);

            echo '

            </table>
            <br/>
            <br/>

            <div align = "center">
                <input type="submit" name="deletesel" value="Delete Selected"/>
                ---
                <input type="reset" name="unselect" value="Deselect All"/>
            </div>
        </form>

    ';
Improve this question
5
  • 5
    Nice SQL Injection here... Commented Sep 25, 2013 at 13:57
  • 2
    have you tried mysql_error() ? Commented Sep 25, 2013 at 13:57
  • 1
    You're assuming that the query works. Check the return value, and handle it accordingly - also, look in mysql_error() to see if there's an issue. Otherwise - do you define $id anywhere? Does the code even run? Commented Sep 25, 2013 at 13:57
  • Please don't use any mysq_* functions as they are deprecated. Consider using PDO or MySQLi Commented Sep 25, 2013 at 13:57
  • ppeterka66 Thank you! =) Virus721 Yes, it is in my script, nothing came up though andrewsi Thank you for spotting that!Well, everything works perfectly, except for the edit functionality aldanux the query is actually just above the script I provided. Silly me just did not copy everything! Commented Sep 25, 2013 at 17:12

2 Answers 2

Reset to default
2

You forgot to initialize $id

$id=intval($_POST["cid"][0]);
$sql="UPDATE course SET name='$name' WHERE id='$id'";

Move away from mysql_* before you are forced to do so in an emergency :) and also of course sanitize $name

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Hello! Thank you for the advice. Yes, I noticed that everyone is talking about mysqli, but I first want to get mysql under the belt before I move on. With regards to the answer above, I did as you suggested, but alas, no change. I will continue to search for any other possible mistake...
Hey, I tried the changes you suggested. When running my script I get back that the update was successful, but it actually was not. So the record is not edited at all. Any more ideas as to what I might be forgetting??
0

Thank you for all the input and advice, it was greatly appreciated.

I have now managed to fix my problem!!

Please find the new code below:(should anyone else experience the same problem in future...)

//Editing a record


  if (isset($_POST['cedit']))
        {
        $UpdateQuery = "UPDATE  tablename SET columnname='$_POST[cname]' WHERE cname='$_POST[hidden]'";

            mysql_query($UpdateQuery, $connect);
        };

echo'
    <form action"'.$_SERVER['PHP_SELF'].'" method="POST">
        <table border="1" width="80%" align="center"> 
            <tr>
                <td>
                    <h4>Record ID</h4>
                </td>
                <td>
                    <h4>Record Name</h4>
                </td>
                <td>
                    <h4>Add/Edit Record</h4>
                </td>
                <td>
                    <h4>Remove Selected Record(s)</h4>
                </td>
            </tr>
            <tr>
                <td>
                    <h5>Create New Record</h5>
                </td>
                <td>
                    <input type="text" name="cname" value="Type New Record Name Here" size="50"/>
                </td>
                <td>
                    <input type="Submit" name="Add" value="Add Record"/>
                </td>
                <td>
                    <h5> Select items you wish to remove, then click "Delete Selected" </h5>
                </td>
            </tr>
            ';
                while ($row=mysql_fetch_array($query))
                    {
                        echo'<tr>
                                <td>
                                    '.$row['cid'].'
                                </td>
                                <td>
                                   <form action="course_man.php" method="post">
                                        <input type=text name=cname value="'.$row['cname'].'"/>
                                        <input type=hidden name=hidden value="'.$row['cname'].'"/>


                                    </td>
                                    <td align="center">
                                        <input type="submit" name="cedit"   value="Edit " />
                                        </form>
                                </td>
                                <td align="center">
                                    <input type="checkbox" name="cid[]" value="'.$row['cid'].'"/>
                                </td>
                            </tr>';
                    }

        mysql_free_result($query);

        echo '

        </table>
        <br/>
        <br/>

        <div align = "center">
            <input type="submit" name="deletesel" value="Delete Selected"/>
            ---
            <input type="reset" name="unselect" value="Deselect All"/>
        </div>
    </form>

';
Improve this answer

1 Comment

Only one thing wrong with it now. You have to click on Edit Twice before the record is updated on the page. I.O.W. on first click, update is done in the database, second click the change can be seen on browser... Anyone know why this is happening?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.