CODEWITHSUNDEEP
phpmysql
Sebastiaan Schillebeeckx
Sebastiaan Schillebeeckx

Reputation: 29

Update a table in Mysql using a form

I'm building a simple bug tracker tool.

When you've created a project, you can select a project status (open, in progress, finished).

You can change this status on the project page with this select form, : 

<form action="classes/changestatus.class.php" method="post">
    <label> Change Project Status </label>
    <select name="status" id="status">
        <option value="open">Open</option>
        <option value="inprogress">In Progress</option>
        <option value="finished">Finished</option>
    </select>
    <input class="small button" value="Change Status" type="submit"> 
</form>

The form posts the action to this class: 

     $status = $_POST['status'];    
     $sql = "UPDATE INTO projects ( status ) VALUES ('$status')";    
     $result = mysql_query( $sql ); 
     $result = mysql_real_escape_string( $sql );     
     $latestID = mysql_insert_id();

     if ( $result ) {
         header('Location: ../projectpage.php?id='.$latestID); 
     } else { 
         echo "There is something wrong. Try again later.";
     }

     mysql_close();

So, when you submit the form it will run the query above and go back to the project page, with the changed project status, but this doesn't work. I always get redirected to the wrong project page and the data doesn't update in the mysql table.

The problem is that I can't get the id, when I have this link for example 'projectpage?id=20', it always redirects me to 'projectpage?id=0'.

Can anyone help me ? I know the code isn't fully sql injection proof and I don't use mysqli, I just like to have an anwser on my question.

Thanks!

Upvotes: 0

Views: 230

Answers (3)

Manish Chauhan
Manish Chauhan

Reputation: 570

Try This,

$sql="UPDATE projects SET status = '$status', id = LAST_INSERT_ID(id)"; 
$latestID = mysql_insert_id();

It will works for you.

Upvotes: 0

GautamD31
GautamD31

Reputation: 28763

Use

$sql="UPDATE projects SET status = '$status'";

And mysql_insert_id will only work when an INSERT query is executed.You need an id to update it or either to redirect it...If you are giving id then you can do like

$sql="UPDATE projects SET status = '$status' WHERE id = $id";

And redirection will be like

header('Location: ../projectpage.php?id='.$id);

Upvotes: 0

user2417483
user2417483

Reputation:

You're not keeping the $id so the this data isn't being transferred. on your form use:

<input type='hidden' name='hdnID' value="<?php echo $id;?>"> 
<input class="small button" value="Change Status" type="submit">

Then on your form use:

$status = $_POST['status'];
$id = $_POST['hdnID'];

Upvotes: 2

Related Questions