Reputation: 27
I have a page of entries with an edit button behind each entry, clicking it brings you to the edit page of that entry, the form has the existing data of that entry as default values. I change the values and click update, it redirects where it should, no errors but also no change in the data entry values.
My form:
<form method="post" action="edit.php" enctype="multipart/form-data">
Item name:</br>
<input type="text" name="item_name" value="<?php echo $row[1]; ?>"></br></br>
<input type="hidden" name="item_id" value="<?php echo $row[0]; ?>">
Item price:</br>
<input type="text" name="item_price" value="<?php echo $row[3]; ?>" ></br></br>
Item image:</br>
<input type="file" name="item_image"value="<?php echo $row[4]; ?>" ></br></br>
Item description:</br>
<textarea type="text" class="txtinput" cols="55" rows="20" name="item_description"><?php echo $row[2]; ?>"</textarea></br></br>
<input type="submit" name="submit" value="Uppdate entry">
</form>
My PHP:
<?php
include("includes/connect.php");
if( isset($_GET['edit']))
{
$id= $_GET['edit'];
$res= mysql_query("SELECT * FROM shop_items WHERE item_id=$id");
$row= mysql_fetch_array($res);
}
if( isset($_POST['submit']))
{
$item_name = $_POST['item_name'];
$id = $_POST['item_id'];
$item_price = $_POST['item_price'];
$item_image = $_FILES['item_image'];
$image_tmp = $_FILES['item_image'] ['tmp_name'];
$item_description = $_POST['item_description'];
if ($item_name=='' or $item_price=='' or $item_image=='' or $item_description==''){
echo "<script>alert('One or more of your fields are blank, please ensure you have entered content in ALL fields.')</script>";
}
else {
move_uploaded_file($image_tmp,"images/$item_image");
$sql = "UPDATE shop_item SET item_name='$item_name', item_price='$item_price,' item_image='$item_description', item_name='$item_description' WHERE item_id='$id'";
echo "<meta http-equiv='refresh' content='0;url=admin_shop.php'>";
}
}
?>
Upvotes: 0
Views: 635
Reputation: 8970
Change this -
$sql = "UPDATE shop_item SET
item_name='".mysql_real_escape_string($item_name)."',
item_price='".mysql_real_escape_string($item_price)."',
item_image='".mysql_real_escape_string($item_description)."',
item_name='".mysql_real_escape_string($item_description)."'
WHERE item_id='$id'";
$exe = mysql_query($sql) or die(mysql_error());
NOTE: Avoid using mysql_* function since they are deprecated and use mysql_* or PDO instead.
Upvotes: 1
Reputation: 9302
You're not actually running your SQL query to update the database! You've stored the SQL query in a variable, $sql, but you haven't actually called mysql_query($sql);
} else {
move_uploaded_file($image_tmp,"images/$item_image");
$sql = "UPDATE shop_item SET item_name='$item_name', item_price='$item_price,' item_image='$item_description', item_name='$item_description' WHERE item_id='$id'";
// Add this line
mysql_query($sql);
echo "<meta http-equiv='refresh' content='0;url=admin_shop.php'>";
}
However, MySQL functionality is deprecated. You should look into PDO: https://www.php.net/pdo or mysqli: https://www.php.net/mysqli
Upvotes: 2