Results 1 to 4 of 4

Thread: php mysqli menu updateHi,

  1. #1
    Join Date
    Apr 2013
    gastonia NC

    php mysqli menu updateHi,

    Hi, the following code does not update. please advise what is I'm doing wrong.

    HTML Code:
        <form name="form_update" method="post" action="">
    PHP Code:
    //============== check connection
    "Can't Connect to mySQL:".mysqli_connect_error();}
    "Connected to database</br>";} 
    $id '';
    $cost ''
    $name $_POST['cost'];
    $fetch="SELECT cost FROM testbl WHERE cost = '".$name."'";
    $result mysqli_query($con,$fetch);    
    mysqli_query($con,"UPDATE testbl SET cost='$cost' WHERE id = '$id'");
    HTML Code:
     <form name="form" method="post" action="">
    <table border="0" cellspacing="1" cellpadding="2">
    <select name="cost">
    <option value="" selected>Select product</option>
    <option value="10.00">doll</option>
    <option value="5.00">yoyo</option>
    <td><input name="update" type="submit" id="update" value="Update"></td>

  2. #2
    Join Date
    Aug 2004
    Probably because $id is empty?

    PS: Never use user-supplied values directly in a DB query -- either escape them with the appropriate function, or better yet, since you're using MySQLi, use a prepared statement with bound parameters.
    "Well done....Consciousness to sarcasm in five seconds!" ~ Terry Pratchett, Night Watch

    How to Ask Questions the Smart Way (not affiliated with this site, but well worth reading)

    My Blog
    cwrBlog: simple, no-database PHP blogging framework

  3. #3
    Join Date
    Jul 2013
    Voorheesville NY USA
    As nogdog says, you need to sanitized your inputs to your queries.

    In addition, you run a query that you then do not use, followed by a query that has no inputs. If you re-read your work you will see that you left an important step out of you hasty algorithm. I'm sure you slap yourself silly when you see what you've done.
    PS - If you're posting here you should be using:

    ini_set('display_errors', '1');

    at the top of ALL php code while you develop it!

  4. #4
    The queries really don't make any sense.

    SELECT cost FROM testbl WHERE cost = '".$name."'"

    You already know what cost is... why are you pulling it? Did you mean to pull the ID?

    UPDATE testbl SET cost='$cost' WHERE id = '$id'"

    You never set ID. If you pulled it from the previous query that would be circular logic.

    Where is the ID coming from?

    Might also be nice if you had a semantically built from using proper markup with a LABEL, instead of the tables for layout and what should be the label as a option.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
HTML5 Development Center

Recent Articles