Database update using php

Question

Database update using php

The only way to make me work if I used to empty. However, this is not what I want. I want me to have something empty, if necessary. Does anyone know how I can change the code for this?

Change page:

<form name="homePage" action="update.php" method="POST">
<Strong>Change home title:</Strong>
<p>
    <input style="width: 300px;" type="text" name="homeTitleChange" value="<?php echo $homeTitle ?>">
    <input type="hidden" name="rowHomeID" value="<?php echo $getHomeID?>">
</p>

<Strong>Change home subtitle:</Strong>
<p>
    <input style="width: 600px;" type="text" name="homeSubtitleChange" value="<?php echo $homeSubtitle ?>">
    <input type="hidden" name="rowHomeID" value="<?php echo $getHomeID?>">
</p>
<input type="submit" class="btn btn-skin" name="homepage" value="save" />
</form>

Request Page: -

include("../conn.php");
include("../conn.php");
if(isset($_POST['homepage'])){
    if(
        !empty($_POST["homeTitleChange"])&& 
        !empty($_POST["homeSubtitleChange"]) &&  
        !empty($_POST["rowHomeID"])
    ){
        $homeTitleUpdate = $_POST["homeTitleChange"];
        $homeSubtitleUpdate = $_POST["homeSubtitleChange"]; 
        $homeEditRow = $_POST["rowHomeID"];
        $query = "UPDATE Home SET 
            title = '$homeTitleUpdate', 
            subtitle ='$homeSubtitleUpdate' 
            WHERE homeID = '$homeEditRow' ";
        $result = mysqli_query($conn, $query) or die(mysqli_error($conn));

        if ($result) {
            echo "<p> - Success!</p>";
        }else{
            echo "<p> - Something went wrong</p>";
        }
    }
}

Thank!

+4

html database php

monkey232 Dec 13 '16 at 14:01

source share

4 answers

KDOT · Answer 1 · 2016-12-13T14:29:58+0000

Without indicating your mistakes, we can only guess your problem. Only you can debug your program, so for further notice, run the following lines of code at the top of your scripts and tell us your mistakes.

ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

, script , $_POST !empty(), . , , , .

, , if:

 // an array of all the index's
$index = ['homeSubtitleChange', 'homeTitleChange', 'rowHomeID'];

 // loop through each index and check they're not empty
foreach($index as $_index)
{
    if( empty( $_POST[$_index] ) && !isset( $_POST['homepage'] ) )
    {
         // if empty - halt the program with an error
        die("Expected POST index: $_index or homepage.");
    }
}
unset($_index); //cleanup

 // if it got here - all index have values
 // as Martin said in the comments, I assume you can wrap mysqli_real_escape_string()
 // and intval() ensuring the value is type (int) to protect
 // your database against SQL attacks
$subtitle = mysqli_real_escape_string($conn, $_POST[$index[0]]);
$title    = mysqli_real_escape_string($conn, $_POST[$index[1]]);
$row_id   = intval($_POST[$index[2]]);

 // consider upgrading to a PDO driver and using prepare() statements
 // this SQL statement is prone to SQL injections

$sql      = "UPDATE Home SET title = '$title', subtitle = '$subtitle' WHERE homeID = '$row_id'";

if( mysqli_query( $conn, $query ) )
{
    die("Success.");
}

die("Failed.");

Martin · Answer 2 · 2016-12-13T15:34:51+0000

:

script.
<input type="hidden" name="rowHomeID" value="<?php echo $getHomeID?>"> . .
enctype='multipart/form-data'.

MySQL, , , , , :

PHP '', NULL, , - , ( , , ).

$homeEditRow - . UPDATE table SET column=value WHERE column=<empty> (, , ).

:

if(
    !empty($_POST["homeTitleChange"])&& 
    !empty($_POST["homeSubtitleChange"]) &&  
    !empty($_POST["rowHomeID"])
 )

:

if(!empty($_POST["rowHomeID"]){
     //run MySQL Update query.
}

, , :

$homeEditRow = (int)$_POST['rowHomeID']; //force to int.
if($homeEditRow > 0 ){
  //run MySQL Update query.
}

, , .

, , - MySQL, ( ) `, ', --, # .

, .

""

$homeTitleUpdate = mysqli_real_escape_string($conn,$_POST["homeTitleChange"]);
$homeSubtitleUpdate = mysqli_real_escape_string($conn,$_POST["homeSubtitleChange"]); 
//assuming to be integer required
$homeEditRow = (int)$_POST["rowHomeID"];

, . , , , PDO MySQLi .

, , , MySQL:

 //after your query regardless of outcome:
var_dump(mysqli_error($conn));

, ( .. ..). , MySQL.

, IF, , , , , , MySQL , false, .

Brett · Answer 3 · 2016-12-13T16:14:52+0000

, , ; , .

, , , , , , !?

, , isset.

//...
    if(
        isset($_POST["homeTitleChange"])&&
        isset($_POST["homeSubtitleChange"]) &&
        isset($_POST["rowHomeID"])
    ){
//...

POST, , ; true, $_POST["rowHomeID"]= 0, , , !empty , , 0.

Rei · Answer 4 · 2016-12-13T16:22:12+0000

, . , isset() !empty().

, :

!empty($_POST["homeTitleChange"])&& 
!empty($_POST["homeSubtitleChange"]) &&  
!empty($_POST["rowHomeID"])

:

isset($_POST["homeTitleChange"],$_POST["homeSubtitleChange"],$_POST["rowHomeID"])

.

Database update using php

""

More articles: