Update MySQL using HTML Form

Question

I'm trying to create a form which allows you to update a database table using php. I'm kinda new to PHP so excuse me if I make a stupid mistake in the code.

This is my edit.php code:

<html>
<head>
</head>
<body>

<?php

$con=mysqli_connect("localhost","root","root","test");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

 $result = mysqli_query($con,"SELECT * FROM cats");

?>


<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>

<?php 

while($row = mysqli_fetch_array($result))
            {

$name = $row['name'];
$email = $row['email'];
$rank = $row['rank'];
$birth = $row['birth'];
$joined = $row['joined'];
$steamid = $row['steamid'];
?>


<td width="100"></td>
<td><?=$name?></td>
</tr>
<tr>
<td width="100">Email</td>
<td><input name="emailid" type="text" value="<?=$email?>"></td>
</tr>
<tr>
<td width="100">Rank</td>
<td><input name="rankid" type="text" value="<?=$rank?>"></td>
</tr>
<tr>
<td width="100">Birth</td>
<td><input name="birthid" type="text" value="<?=$birth?>"></td>
</tr>
<tr>
<td width="100">Joined</td>
<td><input name="joinedid" type="text" value="<?=$joined?>"></td>
</tr>
<tr>
<td width="100">Steamid</td>
<td><input name="steamidid" type="text" value="<?=$steamid?>"></td>
</tr>
<?php } ?>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>



<?php

if(isset($_POST['update']))
{

$name = $row['nameid'];
$email = $row['emailid'];
$rank = $row['rankid'];
$birth = $row['birthid'];
$joined = $row['joinedid'];
$steamid = $row['steamidid'];

$update = mysqli_query($con,"UPDATE cats SET email = '$email', rank = '$rank', birth = '$birth', joined = '$joined', steamid = '$steamid' WHERE name = '$name';");

$retval = mysqli_query($con,"UPDATE cats SET email = '$email', rank = '$rank', birth = '$birth', joined = '$joined', steamid = '$steamid' WHERE name = '$name';");
if (!$update) {
    echo "Could not update data: " . mysqli_error($con);
}
echo "Updated data successfully\n";

}
mysqli_close($con);

?>
</body>
</html>

It shows the table and information but the updating isn't working.

Updated data successfully

I've checked the database but it's not updating anything.

Answer 1

Informations:

With mysqli_error() you need to write about which connection you want to get errors, like this:

mysqli_error($con);

With mysqli_query() you need to give two parameters, connection and query like this:

$update = mysqli_query($con,"UPDATE cats SET email = '$email', rank = '$rank', birth = '$birth', joined = '$joined', steamid = '$steamid' WHERE name = '$name';");

How to debug:

If you want to check that UPDATE query return any error you can do something like this:

if (!$update) {
    echo "Could not update data: " . mysqli_error($con);
}

You can try to debug your query with something like this:

$sql = "UPDATE cats SET email = '$email', rank = '$rank', birth = '$birth', joined = '$joined', steamid = '$steamid' WHERE name = '$name';";
echo $sql; // this output write in your phpMyadmin to check if there are any errors.
$update = mysqli_query($con, $sql);

Other problem we got:

1. I think also you should have else in your code, f.ex.:

if (!$update) {
    echo "Could not update data: " . mysqli_error($con);
} else {
    echo "Updated data successfully\n";
}

2. You are not getting data from $_POST it should be like:

$name = $_POST['nameid']; // not $row['nameid']
$email = $_POST['emailid'];
$rank = $_POST['rankid'];
$birth = $_POST['birthid'];
$joined = $_POST['joinedid'];
$steamid = $_POST['steamidid'];

More about used functions:

PHP: mysqli::$error

PHP: mysqli::query

In your case it is Procedural style

Answer 2

Dear i think you change the record based on Name because you can use $name in where clause and you can also change the Name than never true where clause so that your query execute successfully but not effected on any of the row.

you want to get for editable record and that's unique id base update row it will defiantly work.

Answer 3

Try to use PHP PDO database access functions, your code as it stands is vulnerable to SQL-Injection! PDO will also make debugging and working with the database much easier.

I think your check for "update" in $_POST is not working because update is not a field inside your form but the submit button itself, try to check for one of the fields instead.