CODEWITHSUNDEEP
phpmysql
dplatt
dplatt

Reputation: 79

PHP won't update MySQL

I've done some research into some other people's problems on here, but I can't quite see what's going wrong. I'm trying to update my form which already has the current user (who is logged in)'s data, but I want them to be able to update their profile.

This is what my code looks like:

  <?php
      // Retreive db data
    $me = $_SESSION['username'];
    require('db.php');

    $data = "SELECT username, email FROM users WHERE username='$me'";

    $query = mysql_query($data);
    $data2 = mysql_fetch_array($query);



    // Updating
    $Username=$data2['username'] ;
    $Email= $data2['email'] ;

    if(isset($_POST['save']))
    {
    $username_save = mysql_real_scape_string($_POST['username']);
    $email_save = mysql_real_scape_string($_POST['email']);

    mysql_query("UPDATE users SET username ='$username_save', email ='$email_save' WHERE username = '$me'")
    or die(mysql_error());
    echo "Saved!";

    }
       ?>




       <form role="form">
         <div class="form-group">
           <label for="username">Username: </label>
           <input type="text" class="form-control" name="username_save" value="<?php echo $data2['username']?>">
         </div>
         <div class="form-group">
           <label for="pwd">Email Address: </label>
           <input type="email" class="form-control" name="email_save" value="<?php echo $data2['email']?>">
         </div>
         <button input type="Submit" name="save" class="btn btn-info">Submit</button>
          <button input type="Sumbit" name="delete" class="btn btn-danger">Delete</button>
      </form>

When I submit my new values (the echo values works fine) and press submit (username=danielleeee [email protected]), my url looks like this:

pages/admin/edit.php?username_save=danielleeee&email_save=test%40danielle.com&save=

If anyone could shed some light on this for me that would be fantastic! Thank you.

Upvotes: 1

Views: 82

Answers (1)

Funk Forty Niner
Funk Forty Niner

Reputation: 74230

<form> defaults to a GET method if not explicitly implied <form role="form">.

So, => <form role="form" method="post">

since you're using POST arrays.

Strangely enough, error reporting would not have thrown you anything about it neither.

  • I learned that lesson the hard way once, "once".

Also, make sure you started the session since you are using sessions.

Yet, error reporting would have caught that one if it wasn't started and would have thrown you something about it.

However, name="username_save" and name="email_save" those are not the same as your POST arrays here.

  • $_POST['username'] => $_POST['username_save']
  • $_POST['email'] => $_POST['email_save']

Those need to match and error reporting would have thrown you undefined index notices.

Add error reporting to the top of your file(s) which will help find errors.

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

// Then the rest of your code

Sidenote: Displaying errors should only be done in staging, and never production.

Footnotes:

It's best to use a conditional !empty() for your POST arrays. The ! is the "NOT" operator in PHP.

and will ensure that no empty values are being passed.

I.e.:

if(isset($_POST['save']))
{

if(!empty($_POST['username_save']) && !empty($_POST['email_save']) ){
$username_save = mysql_real_scape_string($_POST['username_save']);
$email_save = mysql_real_scape_string($_POST['email_save']);

mysql_query("UPDATE users SET username ='$username_save', email ='$email_save' 
             WHERE username = '$me'")
or die(mysql_error());
echo "Saved!";

}

}

Sidenote: You can replace && (AND) for an || (OR) depending on the condition you wish to use.

Plus, as stated. The MySQL_ API will be removed from future PHP versions. It's best to move on to either the MySQLi or PDO API and with a prepared statement.

References:

Upvotes: 1

Related Questions