CODEWITHSUNDEEP
phpmysql
GY22
GY22

Reputation: 785

Simple update/edit of data not working with PHP/MySql

I am trying to do a simple edit/update of my data in the database. But somehow it will not work.

So I am able to read out the saved data into the form. I also don't have any errors

enter image description here

I have stared at my code and googled for hours but I don't see where I might have made a mistake with my code.

The printed echo gives the following output which seems to be right:

enter image description here

HTML code:

<form id="formAddCategory" class="FrmCat" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
    <div class="form-group">
        <!-- hidden id from tbl -->
        <input type="hidden" name="hiddenId" value="<?php echo $hiddenID ?>" />
        <label for="recipient-name" class="control-label">Category Name:</label>
        <input type="text" class="form-control" id="recipient-name1" name="category" required="" value="<?php echo $category ?>" />
     </div>
     <button type="submit" id="btnEditCat" class="btn btn-danger" name="editCategory">Save Category</button>
</form>

Part of my php code to edit/update:

<?php
//edit/update data to db
if(isset($_POST['editCategory'])){
  $categoryUpdate = mysqli_real_escape_string($con, $_POST['category']);
  $categoryID = mysqli_real_escape_string($con, $_POST['hiddenId']);
  $qry = "UPDATE tbl_Category SET category = $categoryUpdate WHERE category_id = $categoryID"; 
  $result = mysqli_query($con, $qry);
  echo $qry;

  if($result){
    header("Location: category.php"); 
  }
}

?>

Upvotes: 1

Views: 200

Answers (2)

Tamil
Tamil

Reputation: 1203

You should use single quotes (') for values

 $qry = "UPDATE tbl_Category SET category = '$categoryUpdate' WHERE category_id = '$categoryID'";

Also you can use like this to avoid SQL injection (See here)

$stmt = $dbConnection->prepare('SELECT * FROM employees WHERE name = ?');
$stmt->bind_param('s', $name);

$stmt->execute();

$result = $stmt->get_result();
while ($row = $result->fetch_assoc()) {
    // do something with $row
}

Upvotes: 1

Blank
Blank

Reputation: 12378

You need single quote ' to wrap your parameter:

$qry = "UPDATE tbl_Category SET category = '$categoryUpdate' WHERE category_id = '$categoryID'";

Upvotes: 2

Related Questions