Andre Fernandes
Reputation: 35
Can't make the user update there information
Here is the code, I search in the net for the UPDATE statement, and this is what I learned, but even if it doesn't make an error, it doesnt change the information in database.
update.inc.php:
<?php
session_start();
include '../data_base.php';
include 'header.php';
$first = $_POST['first'];
$last = $_POST['last'];
$uid = $_POST['uid'];
$pwd = $_POST['pwd'];
$number = $_POST['number'];
$age = $_POST['age'];
$email = $_POST['email'];
$sql = "UPDATE user
SET first = $first, last = $last, uid = $uid, pwd = $pwd, number = $number, age = $age, email = $email
WHERE id = $id";
$result = mysqli_query($conn,$sql);
header("Location: ../index.php");
?>
update.php:
<?php
include 'header.php';
?>
<?php
if (isset($_SESSION['id'])) {
echo "You Can Edit Your Files!";
} else {
echo "You Need To Create An Account First!";
}
?>
<br><br><br>
<?php
if (isset($_SESSION['id'])) {
echo "<form action='includes/update.inc.php' method='POST'>
<input type='text' name='first' placeholder='FirstName'><br>
<input type='text' name='last' placeholder='LastName'><br>
<input type='text' name='uid' placeholder='UserName'><br>
<input type='password' name='pwd' placeholder='Password'><br>
<input type='text' name='number' placeholder='Telemóvel'><br>
<input type='text' name='age' placeholder='Idade'><br>
<input type='text' name='email' placeholder='Email'><br>
<button type='submit'>EDIT</button>
</form>";
}
?>
Need Help.
Upvotes: 0
Views: 42
Answers (2)
Veshraj Joshi
Reputation: 3579
Your code is open to sql injection so I would like to prefer to make use of prepared statement with mysqli(preferred is PDO one)
$sql = "UPDATE user
SET first = ?,
last = ?,
uid = ?,
pwd = ?,
number = ?,
age = ?,
email = ?
WHERE id = ?";
$stmt = $mysqli->prepare($sql);
// here s represnts string and i represents integer to the corresponding variable
// example $firstname is string, i $uid is integer
$stmt->bind_param("ssisiisi",$firstname,$lastname,$uid,$pwd,$number,$age,$email,$id);
$first = $_POST['first'];
$last = $_POST['last'];
$uid = $_POST['uid'];
$pwd = $_POST['pwd'];
$number = $_POST['number'];
$age = $_POST['age'];
$email = $_POST['email'];
// in above your $id is missing
$id = $_POST["id"];
// now execute the statement now your database changes
$stmt->execute();
echo "Record updated successfylly";
header("Location: ../index.php");
Upvotes: 0
urfusion
Reputation: 5501
First enable error in your file and change your query with
$sql = "UPDATE user
SET first = '$first', last = '$last', uid = '$uid', pwd = '$pwd', number = '$number', age = '$age', email = '$email'
WHERE id = $id";
enable errors
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
Upvotes: 1
Related Questions
- Users cannot update information in MySQL database using PHP form
- Updating data not working in Php and MySql
- Can't update/change data in MySQL from PHP
- Can't update data in mysql from php
- Info not updated in database
- MySQL data can not be updated
- Issue with updating a user's information in mysql
- Database not updating row
- PHP updating user information
- Trouble with updating Data trough PHP