How to populate php/html form with MySQL data

Question

I am trying to create a program in which a user can update any specific product. When a user click on UPDATE button, a form opens. I want to populate HTML form with MySQL data. I have written the following code but its giving me an error message. I am sharing just the HTML part of the code.I am using this FORM inside PHP echo. Kindly check it.

HTML:

<label>Product Name:</label>  
</td>
<td>
    <input type='text' name='product_name' value='<?php echo $fetch['product_id']; ?'/>*Required  
</td>
</tr>

Error message:

Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE),
expecting identifier (T_STRING) or variable (T_VARIABLE) or number
(T_NUM_STRING) in F:\xampp\htdocs\CMS\update_single_product.php

COMPLETE CODE

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
</body>
</html>

<?php

include 'connect.php';  
$id=    $_GET['product_id'];

    $select_query=  "select * from products Left join product_description 
        ON products.product_id=$id and product_description.product_id=$id";

    if(!$select_query_run=   mysql_query($select_query))
    {
        echo mysql_error();

        }

    else
    {
            $fetch =     mysql_fetch_array ($select_query_run);     



                echo "  
                <form action='insert_product.php' method='POST' enctype='multipart/form-data' >
                <table border=1>
                <tr>
                <td>

                <label>Product Name:</label> </td>  <td><input type='text' 
                name='product_name' value='<?php echo $fetch['product_id']; ?>'  />*Required</td></tr>

                <tr><td><label>Item No:</label></td> <td><input type='text' name='item_no' ></td></tr>


            <tr><td>    Image3:</td><td> <input type='file' name= 'image3' ></td></tr></table>  ";


/*------------------
Drop Down List Start
------------------  */      


            echo "<select name='category'>";

                $select_query=          'Select * from category';
                $select_query_run =     mysql_query($select_query);

                $sub_category_query=    "Select * from sub_categories";
                $sub_query_run=         mysql_query($sub_category_query);



            while   ($select_query_array=   mysql_fetch_array($select_query_run) )
            {

                        echo "<option value='".$select_query_array['category_id']."' >".
                        htmlspecialchars($select_query_array["name"]).

                        "<option value='".$sub_query_run['sub_category_id']."'  >" .
                        htmlspecialchars($sub_query_run['sub_category_name']).   "</option>".

                "</option>";




            }
            echo "</br>";

         $selectTag= "</br><input type='submit' value='Update Product'  /></select></form>";

         echo "</div></div>";

         echo $selectTag;

Thanks

score 2 · Answer 1 · edited May 23 '17 at 12:12

2

$id=    $_GET['product_id'];
$select_query=  "select * from products Left join product_description 
    ON products.product_id=$id and product_description.product_id=$id";

Please notice that you probably building a sql injection here. Please read the follow link how to prevent them. How can I prevent SQL injection in PHP?

edited May 23 '17 at 12:12

Community

1
1

answered Jul 23 '13 at 06:49

Joris Ros

389
2
6

Pankit Kapadia · Accepted Answer · 2013-07-23T06:47:26.703

1

Replace

echo "  
            <form action='insert_product.php' method='POST' enctype='multipart/form-data' >
            <table border=1>
            <tr>
            <td>

            <label>Product Name:</label> </td>  <td><input type='text' 
            name='product_name' value='<?php echo $fetch['product_id']; ?>'  />*Required</td></tr>

            <tr><td><label>Item No:</label></td> <td><input type='text' name='item_no' ></td></tr>


        <tr><td>    Image3:</td><td> <input type='file' name= 'image3' ></td></tr></table>  ";

With:

echo '<form action="insert_product.php" method="POST" enctype="multipart/form-data">
            <table border=1>
            <tr>
            <td>

            <label>Product Name:</label> </td>  <td><input type="text" 
            name="product_name" value="'.$fetch['product_id'].'"  />*Required</td></tr>

            <tr><td><label>Item No:</label></td> <td><input type="text" name="item_no" ></td></tr>


        <tr><td>    Image3:</td><td> <input type="file" name= "image3" ></td></tr></table>';

As you can not use echo inside echo. And another thing you don't need to write <?php tags inside echo because you've already started the php tag.

edited Jul 23 '13 at 06:47

answered Jul 23 '13 at 06:30

Pankit Kapadia

1,579
13
25

1

You fixed it, but it's not the quotes, the close PHP tag was wrong. – John V. Jul 23 '13 at 06:33
I am using it inside the echo. I have posted the complete code. Kindly check it now. – Taha Kirmani Jul 23 '13 at 06:33
@JohnV. agree. I didn't see that !! Editing my answer !! :) Thanks !! – Pankit Kapadia Jul 23 '13 at 06:35
Thanks you so much for the detailed answer. Now its not giving me any error message, but its also not showing any data in the input fields. – Taha Kirmani Jul 23 '13 at 06:48
1

@TahaKirmani Try adding `$select_query_run= mysql_query($select_query)` before `$fetch = mysql_fetch_array ($select_query_run);` line. – Pankit Kapadia Jul 23 '13 at 06:56
It is still not working. It looks like there is some problem in my QUERY, because when I am echoing out the values outside the form, its not showing anything in the output. – Taha Kirmani Jul 23 '13 at 07:08
let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/33953/discussion-between-pankit-kapadia-and-taha-kirmani) – Pankit Kapadia Jul 23 '13 at 07:09

score 1 · Answer 3 · answered Jul 23 '13 at 06:34

1

Use

value="<?php echo $fetch['product_id']; ?>"

instead of

value='<?php echo $fetch['product_id']; ?>'

answered Jul 23 '13 at 06:34

n8coder

691
4
12

South Coast Web · Answer 4 · 2013-07-23T06:47:16.983

Morning try :

    <td><label>Product Name:</label> </td>  
    <td><input type="text" name="product_name" value="<?php echo $fetch['product_id']; ?>" required="required" aria-required="true"  />*Required</td>

that works fine for me..

noticed you have changed the code.. but you could always close the php before the form and use plain html on the form code and just use this... It results in slightly tidier source code (if that matters)

How to populate php/html form with MySQL data

4 Answers4