CODEWITHSUNDEEP
phpmysqlarrays
Eddy Blackpool
Eddy Blackpool

Reputation: 97

PHP MySql Update Multi rows

Hello guys I need help with the following code.

I am building a Customer Management System. What I am trying here is to update multi rows for ORDERS table => Multi rows with one click submit. Before this page I have another page i have inputs in my form:

<input type="text" name="qty[]" value="<?php echo $row["qty"]; ?>" />
<input type="text" name="desc[]" value="<?php echo $row["desc"]; ?>" />
<input type="text" name="price[]"value="<?php echo $row["price"]; ?>" />

When submitted the form it will go to next page that follow:

  <?php
    if(isset($_POST["submit"])){


        $qty    =  $_POST['qty'];
        $desc   = $_POST['desc'];
        $price  = $_POST['price'];
        $order  = $_POST['order'];
        $customer   = $_POST['customer'];

    $i = 0;
    $count = count($qty);

    for($i=0; $i < $count; $i++){
        $qty      = $qty[$i];
        $desc     = $desc[$i];
        $price    = $price[$i];


        $update = mysql_query("UPDATE `orders` SET `qty` = '".$qty."', `desc` = '".$desc."', `price` = '".$price."' WHERE `order_id` = '".$order."' ");
    }

?>

This code looks likes update sometimes and not, also I am getting this error for this code when I Update multi rows.

Notice: Uninitialized string offset: 1 in

Please help guys to solve this one.

Thanks From Eddy

Upvotes: 0

Views: 1872

Answers (5)

BlitZ
BlitZ

Reputation: 12168

You have overwritten variables, like $qty.

Try this:

$qty    = $_POST['qty'];
$desc   = $_POST['desc'];
$price  = $_POST['price'];
$order  = $_POST['order'];
$customer   = $_POST['customer'];

$count = count($qty);

for($i = 0; $i < $count; $i++){
    $qty1      = $qty[$i];
    $desc1     = $desc[$i];
    $price1    = $price[$i];

    $update = mysql_query("UPDATE `orders` SET `qty` = '{$qty1}', `desc` = '{$desc1}', `price` = '{$price1}' WHERE `order_id` = '{$order}';");
}

** I suggest use MySQLi or PDO extension instead of MySQL.

UPD:

There might be a possibility, that your $qty, $desc & $price may have different length. I suggest you, to modify cycle like this:

$sql = "UPDATE `orders` SET `qty` = '{$qty1}', `desc` = '{$desc1}', `price` = '{$price1}' WHERE `order_id` = '{$order}';";

$update = mysql_query($sql);

if(mysql_errno())echo PHP_EOL, mysql_error();

It might help you obtain MySQL errors.

Upvotes: 1

feeela
feeela

Reputation: 29932

You are not assuring that all three arrays have an equal length. If one doesn't insert a price or description, the item would not get send with the request (only non-empty values are sent by a browser).

You should rework the HTML output and setup a single array with multiple key-named columns, so that you only will need to iterate over one array, instead of three.

An example would be:

<input type="text" name="product[0][qty]" value="QTY_1" />
<input type="text" name="product[0][desc]" value="DESC_1" />
<input type="text" name="product[0][price]"value="PRICE_1" />

<input type="text" name="product[1][qty]" value="QTY_2" />
<input type="text" name="product[1][desc]" value="DESC_2" />
<input type="text" name="product[1][price]"value="PRICE_2" />

Iterate over the products array with foreach and additionally check, whether the columns are set:

foreach( $_POST['product'] as $inputRow )
{
    if( !isset( $inputRow['qty'] ) || !isset( $inputRow['desc'] ) || !isset( $inputRow['price'] ) )
    {
        echo 'Some input is missing; can\'t store to database';
        continue;
    }

    /* insert to DB here, but please use prepared statement or at least escape the user inputs properly! */
}

Upvotes: 0

Suhel Meman
Suhel Meman

Reputation: 3852

check value is set or not.. And use mysqli or PDO instead of mysql to avoid sql injection

for($i=0; $i < $count; $i++){

    $qty_val      = isset($qty[$i])?$qty[$i]:'';
    $desc_val     = isset($desc[$i])?$desc[$i]:'';
    $price_val    = isset($price[$i])?$price[$i]:'';


    $update = mysql_query("UPDATE `orders` SET `qty` = '".$qty_val."', `desc` = '".$desc_val."', `price` = '".$price_val."' WHERE `order_id` = '".$order."' ");
}

Upvotes: 0

Vladster
Vladster

Reputation: 1

Use foreach instead of for, but we assume that your arrays keep synchronized indexes:

 foreach ($qty as $index => $quantity_entry){
    $update = mysql_query("UPDATE `orders` SET
              `qty` = '" . mysql_real_escape_string($quantity_entry) . "',
              `desc` = '" . mysql_real_escape_string($desc[$index]) . "',
              `price` = '" . mysql_real_escape_string($price[$index]) . "'
               WHERE `order_id` = '" . mysql_real_escape_string($order) . "' ");
}

This way you don't have to worry about non-existent indexes... PS: notice the mysql escape - which you should never skip!

Upvotes: 0

arraintxo
arraintxo

Reputation: 484

You are overriding the $qty, $desc and $price variables in each iteration, so they will only work in the first one 

    $qty    =  $_POST['qty'];
    $desc   = $_POST['desc'];
    $price  = $_POST['price'];
    $order  = $_POST['order'];
    $customer   = $_POST['customer'];

$i = 0;
$count = count($qty);

for($i=0; $i < $count; $i++){
    $currentQty      = mysql_real_escape_string($qty[$i]);
    $currentDesc     = mysql_real_escape_string($desc[$i]);
    $currentPrice    = mysql_real_escape_string($price[$i]);


    $update = mysql_query("UPDATE `orders` SET `qty` = '".$currentQty."', `desc` = '".$currentDesc."', `price` = '".$currentPrice."' WHERE `order_id` = '".$order."' ");
}

Anyway there are so much things wrong in that code. You should filter or escape your entries before sending them to mysql and all your order items will have same qty, desc and price, as you are continuously overwriting the data using the same order_id.

Upvotes: 0

Related Questions