Editing tables in SQL database with PHP

Question

Ok it's been about 5 hours since I've worked on this bit & I just can't get it to work. I've looked everywhere but my codes just seem to be...unique. Anyway I'm trying to change entries in a particular table in my SQL database. The name of the table is userdb. I've got 5 text boxes, name, username, password, email, and ID. Where ID would be the primary key needed for the query to look for the entry I'm looking for and the remaining 4 text boxes are filled with new entries that I'd like to have.

Here's the contents of my main PHP file called admin.php, this one's in the head tag:

<script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js"></script>
<script>
     $(document).ready(function() { 
      $(".test4").click(function() { 
             var id = $("#txUserid").val();
             $.post("updateUser.php", { id: id }, function(data) { 
                 alert(data);
             });
      });
 });

this one in the body:

     <font color="white">Name</font><input class="test1" type="text" id="txNm" value="" onkeyup="nospaces(this)">
                <font color="white">Username</font><input class="test1" type="text" id="txUsn" value="" onkeyup="nospaces(this)">
                <font color="white">Password</font><input class="test1" type="password" id="txPwd" value="" onkeyup="nospaces(this)">
                <font color="white">E-Mail</font><input class="test1" type="text" id="txEml" value="" onkeyup="nospaces(this)">
                <font color="white">Updater - ID, only affected by the Delete & Update button.</font><input class="test1" type="text" id="txUserid" value="" onkeyup="nospaces(this)">

<input class="test4" name="Submit" type="submit" value="" id="submit"/>

This one's my updateUser function which is stored in 'mshop2.script.js':

function updateUser(){
var name = $('#txNm').val();
var username = $('#txUsn').val(); 
var password = $('#txPwd').val(); 
var email = $('#txEml').val();
var id = $('#txUserid').val();

var finalData = {
    nm: name,
    usn: username, 
    pwd: password,
    eml: email,
    uid: userid
};



$.post('updateUser.php', finalData, function(resp){
    if(resp == 'success'){
        alert('User successfully modified.');
        getUserList();
    }
}); 

}

this one's my updateUser.php file:

<?php
include 'config.php';

$nm = mysql_real_escape_string($_POST["nm"]);
$usn = mysql_real_escape_string($_POST["usn"]);
$pwd = mysql_real_escape_string($_POST["pwd"]);
$eml = mysql_real_escape_string($_POST["eml"]);
$id = mysql_real_escape_string($_POST["id"]);

$sql = "SELECT ID FROM userdb WHERE ID='$id'";
$result = mysql_query($sql);
if(mysql_num_rows($result) >0)
{
   //found
  $q = "UPDATE userdb
SET `name` = '$nm',
`username` = '$usn',
`password` = '$pwd',
`email` = '$eml'
WHERE ID ='$uid'";
}
else
{
   //not found
   die('Error: The ID does not exist.' . mysql_error());
echo mysql_error();
}

$result = mysql_query($q);
if(empty($_POST['nm'])) {
die('You need to enter a value for the Name field');
}
if(empty($_POST['usn'])) {
die('You need to enter a value for the Name field');
}
if(empty($_POST['pwd'])) {
die('You need to enter a value for the Name field');
}
if(empty($_POST['eml'])) {
die('You need to enter a value for the Name field');
}
if(empty($_POST['uid'])) {
die('You need to enter a value for the Name field');
}
if(empty($_POST['id'])) {
die('You need to enter a value for the Name field');
}



if(!mysql_query($q, $con)){
    die('Error: ' . mysql_error());
    echo mysql_error();
}else{
    echo 'success';
}


mysql_close($con);


  ?>

I can't figure out what's been causing it not to work, the intended entry I'd like to entry, say, if I entered '50' in the ID textbox. The ID will stay the same but the rest of the fields are empty. What did I do wrong this time?

"I wrote some code but have no idea what does it do. Please fix it for me" — Your Common Sense, Jun 21 '13 at 15:26
give me a break I've been reading my text books like hell for hours -.- — velga bell, Jun 21 '13 at 15:30
Please get yourself a book on *debugging* which is the Art of Spotting Errors by Running the Code instead of Watching It. You really need such a book. http://www.ibm.com/developerworks/library/os-debug/ is a good start — Your Common Sense, Jun 21 '13 at 15:37

score 2 · Answer 1 · answered Jun 21 '13 at 15:30

2

I think you are making things alot more complicated than they have to be - First I would stop right where you are and switch to using SQLi.

http://php.net/manual/en/book.mysqli.php

Using regular SQL is not recommended to say the least. I would check out the MySQLi manual. You will find what you are looking for.. Goodluck!

answered Jun 21 '13 at 15:30

Robert Dickey

816
14
35

I'll take a look, the errors that are coming up on this one are like a shipwreck compared to what I usually get. – velga bell Jun 21 '13 at 15:33
I would not 'suggest' switching to MySQLi; I would say that you shouldn't be developing if you are still using the mysql api ;). Also, I would actually advocate using the PDO API. also, please don't use "die". That's horrible practice. You should instead use `try...catch` and throw exceptions when something fails – Goldentoa11 Jun 21 '13 at 15:55
http://stackoverflow.com/questions/16760590/pdo-vs-mysqli-prepared-statemens-and-binding-parameters lol @YourCommonSense – Robert Dickey Jun 23 '13 at 15:45
Velga, it is up to you if you use MySQLi or PDO. I use MySQLi because I do not plan to move away from a MySQL db(at least when programming in PHP). The biggest difference between PDO and MySQLi is that PDO Can support many different DB types. Should I ever need to switch away from MySQL for whatever reason, I will not be using PHP. For the applications I create with PHP - MySQLi I use every time. – Robert Dickey Jun 23 '13 at 15:51

Editing tables in SQL database with PHP

1 Answers1