Why won't my sql database update on submit?

Question

I have the following form with a submit button:

<form id ="easytohard" class = "classtest" action="framework.php" method="POST">

<div class="test" style="display:none">

<input type="submit" name="easytohardbutton">

</div>
</form>

Note: I do have session_start(); elsewhere above this script within the code.

When I press the 'submit' button, I want it to update a column titled "FUNCTIONSLEVEL" in a database titled "answers." To do so, I tried using the following code:

<?php  
$id = $_SESSION['id'];

if(isset($_POST['easytohardbutton'])){

  $res6 = $db->query("SELECT FUNCTIONSLEVEL FROM answers WHERE id=$id");
  $data6 = $res6->fetch_array();

    if($data6['FUNCTIONSLEVEL']==0)$db->query("UPDATE answers SET FUNCTIONSLEVEL = 1 WHERE id=$id");

}  
?>

Below is a screenshot of the sql so you can see that there shouldn't be any issues with my database references.

Thanks!

Answer 1

You don't need to use two separate queries, you can do it all in SQL. And you should use a prepared query rather than string substitution.

if(isset($_POST['easytohardbutton'])){
    $stmt = $db->prepare("UPDATE answers SET functionslevel = 1
                          WHERE id = ? AND functionslevel = 0") or die($db->error);
    $stmt->bind_param("i", $id);
    $stmt->execute();
}

Answer 2

It isn't updating because you haven't started your session. You need to put:

session_start();

on every page that you want to use sessions on. So your $id variable essentially equals nothing.

Not to mention it looks like you're using PDO/Mysqli, why aren't you using Prepared Statements with it? Along with the issue that you're assigning instead of comparing:

if($data6['FUNCTIONSLEVEL']=0)...

Should be:

if($data6['FUNCTIONSLEVEL']==0)....