current community

your communities

more stack exchange communities

Stack Exchange
tour help
careers 2.0
Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 2 down vote favorite
1

I created a html form to enable users to update data. However the input data (array values) are not passed through to php SUBMIT, thus clicking SUBMIT does not update the table. When I go into the SUBMIT portion of the script and change the SET to specific numbers or text, the table is updated. Meaning that the values from the html input data array are not being passed through properly to the SUBMIT portion of the script. Any help appreciated.

<?php
//Mysql connection and initial select query placed above
?>

<table width="400" border="0" cellspacing="1" cellpadding="0">
<form name="Contacts" method="post" action="">
<tr> 
<td>
<table width="400" border="0" cellspacing="1" cellpadding="0">


<tr>
<td align="center"><strong>Id</strong></td>
<td align="center"><strong>Name</strong></td>
<td align="center"><strong>Lastname</strong></td>
<td align="center"><strong>Email</strong></td>
</tr>

<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center"><?php $id[]=$rows['id']; ?><?php echo $rows['id']; ?></td>
<td align="center"><input name="name[]" type="text" id="name" value="<?php echo $rows['name']; ?>"></td>
<td align="center"><input name="lastname[]" type="text" id="lastname" value="<?php echo $rows['lastname']; ?>"></td>
<td align="center"><input name="email[]" type="text" id="email" value="<?php echo $rows['email']; ?>"></td>
</tr>
<?php
}
?>
<tr>
<td colspan="4" align="center"><input type="submit" name="Submit" value="Submit"></td>
</tr>
</table>
</td>
</tr>
</form>
</table>

<?php
// Check if button name "Submit" is active, do this 
if(isset($_POST['Submit'])){
$id=$_POST['id'];
$name=$_POST['name'];
for($i=0;$i<$num;$i++){
$sql1="UPDATE contacts SET name= ".$name[$i]." WHERE id= ".$id[$i]."";
$result1=mysql_query($sql1);
}
}

if($result1){
header("location:updated.php");
}
mysql_close();
?>

Thanks!

share|improve this question
    
You're creating HTML with a loop, and your inputs have an id. You'll have duplicate ids if the while loop executes more than once –  Mikhail Dec 30 '11 at 20:07

3 Answers 3

up vote 1 down vote accepted

You are missing single quotes around your $name[$i] in the SQL statement. If id is not always numeric, you will also need to surround $id[$i] in single quotes.

$sql1="UPDATE contacts SET name= '".$name[$i]."' WHERE id= ".$id[$i]."";
//------------------------------^^^-----------^^^

Some error checking in your mysql_query() call would make this clearer. See below.

And you must filter these against SQL injection before passing them to the query.

for($i=0;$i<$num;$i++) {
  // Call mysql_real_escape_string() to sanitize these...
  $id[$i] = mysql_real_escape_string($id[$i]);
  $name[$i] = mysql_real_escape_string($name[$i]);

  $sql1="UPDATE contacts SET name= '".$name[$i]."' WHERE id= ".$id[$i]."";

  $result1 = mysql_query($sql1);
  // Error checking:
  if (!$result1) {
     echo mysql_error();
  }
}
share|improve this answer
    
Issue fixed. Thanks for your assistance. I will post the final script later today for anyone who might need it later. –  Paul Thomas Dec 30 '11 at 21:50
up vote 0 down vote

My Mistake. I didn't look at the form enough. You are assigning an array here. PHP is easy to debug-

Right here:

     $id=$_POST['id'];
     $name=$_POST['name'];

After those lines use var_dump($id) or print_r($id) to check out the contents in your variables.

share|improve this answer
    
Issue fixed. Thanks for your assistance. I will post the final script later today for anyone who might need it later. –  Paul Thomas Dec 30 '11 at 21:50
up vote 0 down vote

Thanks very much for the prompt responses and the assistance provided. After implementing the recommended changes, the final working script (using PHP 5.2) is as shown below (for anyone who might need it). 

  <?php
    Mysql connection, initial query and then close Mysql connection
  ?>

<table width="500" border="0" cellspacing="1" cellpadding="0">
<form name="Contacts" method="post" action="">
<tr> 
<td>
<table width="500" border="0" cellspacing="1" cellpadding="0">


<tr>
<td align="center"><strong>Id</strong></td>
<td align="center"><strong>Name</strong></td>
<td align="center"><strong>Lastname</strong></td>
<td align="center"><strong>Email</strong></td>
</tr>

<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td align="center"><?php $id[]=$rows['id']; ?><?php echo $rows['id']; ?></td>
<td align="center"><input name="name[]" type="text" id="name" value="<?php echo $rows['name']; ?>"></td>
<td align="center"><input name="lastname[]" type="text" id="lastname" value="<?php echo $rows['lastname']; ?>"></td>
<td align="center"><input name="email[]" type="text" id="email" value="<?php echo $rows['email']; ?>"></td>
</tr>
<?php
}
?>
<tr>
<td height="75" colspan="4" align="center"><input type="submit" name="Submit" value=" save for later "></td>
</tr>
</table>
</td>
</tr>
</form>
</table>

<?php
// Check if button name "Submit" is active, do this 
if(isset($_POST['Submit'])){
mysql_connect($dbhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");

$name=$_POST['name'];

for($i=0;$i<$num;$i++) {

// sanitize...
  $id[$i] = mysql_real_escape_string($id[$i]);
  $name[$i] = mysql_real_escape_string($name[$i]);

  $sql1="UPDATE test_mysql SET name= '".$name[$i]."' WHERE id= ".$id[$i]."";

  $result1 = mysql_query($sql1);
  // Error checking:
  if (!$result1) {
     echo mysql_error();
  }
}
if($result1){
header("location:updated.php");
}
}

mysql_close();
?>
share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.