CODEWITHSUNDEEP
phphtmlmysql
Ozymandias
Ozymandias

Reputation: 309

Update MYSQL with PHP, deletes value instead

So, I have the following problem:

I have a table which I fill with the data from my MySQL database and then display on a site. I want to make it so you can change e.g. the description afterwards. Instead what I get right now is that I empty the value. I can't see where my code goes wrong, so I'd appreciate some help. :)

HTML

<tbody>
    <?php
        foreach($records as $r) {                       

    ?>
        <tr><?php
            echo "<td>" . "<div class=table-image>" . "<img src=Assets/Images/" . escape($r->name) . " </td>". "</div>";
            ?>
            <td><div class="data"><?php echo escape($r->name); ?></div></td>
            <td><div class="data"><?php echo escape($r->location); ?></div></td>
            <td><div class="data"><?php echo escape($r->partners); ?></div></td>
            <td><a href="https://goo.gl/maps/S5Drk" target="_blank">◈ Google Maps</a></td>
            <td class="tDesc">
                <div class="desc">
                    <input class="form-control"  value="<? echo escape($r->description); ?>" name="description" type="text">
                </div>
            </td>
            <td>
                <?php echo escape($r->date); ?>
            </td>
            <td>
                <form method="post" action="" enctype="multipart/form-data">
                    <input type="submit" value="<? echo escape($r->id); ?>" name="delete">
                </form>
            </td>
            <td>
                <form method="post" action="" enctype="multipart/form-data">
                    <input type="submit" value="<? echo escape($r->id); ?>" name="update">
                </form>
            </td>
        </tr>
    <?php
        }
    ?>
</tbody>

PHP

if(isset($_POST['update']) ){
    $des = $_POST['description'];
    $UpdateQuery = "UPDATE repo SET description = '$des', date = NOW() WHERE id ='$_POST[update]' ";          
    mysql_query($UpdateQuery);
};

Upvotes: 1

Views: 70

Answers (1)

Bart Haalstra
Bart Haalstra

Reputation: 1062

Your fields are outside the form, only fields inside the form will be send.

<input name="i_will_not_be_send" />
<form>
    <input name="i_will_be_send" />
</form>

Always escape values you put into your query string, see mysql_real_escape_string

Also read the comments about using the correct mysql library

Upvotes: 3

Related Questions