0

Need some help here. I am trying to update my date in my database using textarea. At first, I get the date from my database and post it in the textarea. But now I am trying to change the date by editing the date in the text area.

Here is my query. 

$sql=mysqli_query($con,"UPDATE tblevent SET title='".$_POST['title']."' , 
eventdate='".$_POST['datee']."' body='".$_POST['body']."' , 
timestart='".$_POST['begtime']."' , timeend='".$_POST['endtime']."' WHERE 
eventid='".$_POST['id']."'" ) or mysqli_error(die($con));

eventdate='".$_POST['datee']."' is always getting an error

"Catchable fatal error: Object of class mysqli could not be converted to string"

here is my textarea 

<?php echo "Date: <textarea name='datee' rows=1 cols=25>".$rows['eventdate']."</textarea>"; ?>
Anshu Dwibhashi
  • 4,617
  • 3
  • 28
  • 59
benary lagadan
  • 11
  • 2
  • 1
    Textarea for `date`. I mean Why ? – Rikesh Jan 09 '14 at 14:01
  • 6
    **Danger**: You are **vulnerable to [SQL injection attacks](http://bobby-tables.com/)** that you need to [defend](http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php) yourself from. – Quentin Jan 09 '14 at 14:03
  • As addition to Quentin: https://www.owasp.org/index.php/Main_Page – lt.kraken Jan 09 '14 at 14:05
  • I suggest looking into the datepicker plug-in provided by JQuery UI. http://jqueryui.com/datepicker/ It's easy to implement and looks fancy. The textarea for a single item is not what a textarea is ment for. – lt.kraken Jan 09 '14 at 14:06
  • We are have this as an activity in our school and I am just a beginner in programming. we have to get the date from the data base and let it be automatically editable so I just input it in the textarea. any advice on where can I best put the date? – benary lagadan Jan 09 '14 at 14:08
  • you are missing a comma after $_POST['datee'] – Nouphal.M Jan 09 '14 at 14:11
  • 1
    If you're not going to use the JQuery Plug-in, which i assume you're not.. If you're using HTML5 i'd suggest: ` `otherwise `` – lt.kraken Jan 09 '14 at 14:11
  • still having a problem in my query sir. I keep on having this error in updating my date in the database Catchable fatal error: Object of class mysqli could not be converted to string – benary lagadan Jan 09 '14 at 14:16
  • Please post more of your code, where is `$rows` populated? – UnholyRanger Jan 09 '14 at 14:22
  • $sql=mysqli_query($con,"SELECT * FROM tblevent WHERE eventid='$id'"); $rows=mysqli_fetch_array($sql); here it is sir – benary lagadan Jan 09 '14 at 14:26

1 Answers1

2

You have missed a comma in this line

eventdate='".$_POST['datee']."' body='".$_POST['body']."'

it should be,

eventdate='".$_POST['datee']."', body='".$_POST['body']."'

Furthermore its better to use mysql_escape_string() for each user input to avoid sql injection, rather than directly concatenating POST variables to SQL query string.

madushak
  • 250
  • 1
  • 5