dcsimg
www.webdeveloper.com
Results 1 to 4 of 4

Thread: php mysqli menu updateHi,

  1. #1
    Join Date
    Apr 2013
    Location
    gastonia NC
    Posts
    99

    php mysqli menu updateHi,

    Hi, the following code does not update. please advise what is I'm doing wrong.

    HTML Code:
    <!DOCTYPE><html><head><title>dropdown</title>
        <form name="form_update" method="post" action="">
    PHP Code:
    <?php
        $con
    =mysqli_connect("localhost","root","cookie","test");
        
    //============== check connection
        
    if(mysqli_errno($con))
        {echo 
    "Can't Connect to mySQL:".mysqli_connect_error();}
        else
        {echo 
    "Connected to database</br>";} 
       
       
    $id '';
       
    $cost ''
       if(isset(
    $_POST['cost']))
     { 
     
    $name $_POST['cost'];
        
    $fetch="SELECT cost FROM testbl WHERE cost = '".$name."'";
        
    $result mysqli_query($con,$fetch);    
        
    mysqli_query($con,"UPDATE testbl SET cost='$cost' WHERE id = '$id'");
        
    mysqli_close($con);
     } 
      
    ?>
    HTML Code:
     <form name="form" method="post" action="">
    <table border="0" cellspacing="1" cellpadding="2">
    <tr>
    <td>
    <select name="cost">
    <option value="" selected>Select product</option>
    <option value="10.00">doll</option>
    <option value="5.00">yoyo</option>
    </SELECT>
    <tr>
    <td><input name="update" type="submit" id="update" value="Update"></td>
    </tr></table></form>
    </body></html>

  2. #2
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,674
    Probably because $id is empty?

    PS: Never use user-supplied values directly in a DB query -- either escape them with the appropriate function, or better yet, since you're using MySQLi, use a prepared statement with bound parameters.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  3. #3
    Join Date
    Jul 2013
    Location
    Voorheesville NY USA
    Posts
    960
    As nogdog says, you need to sanitized your inputs to your queries.

    In addition, you run a query that you then do not use, followed by a query that has no inputs. If you re-read your work you will see that you left an important step out of you hasty algorithm. I'm sure you slap yourself silly when you see what you've done.

  4. #4
    The queries really don't make any sense.

    SELECT cost FROM testbl WHERE cost = '".$name."'"

    You already know what cost is... why are you pulling it? Did you mean to pull the ID?

    UPDATE testbl SET cost='$cost' WHERE id = '$id'"

    You never set ID. If you pulled it from the previous query that would be circular logic.

    Where is the ID coming from?

    Might also be nice if you had a semantically built from using proper markup with a LABEL, instead of the tables for layout and what should be the label as a option.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles