0

I'm just having a bit of trouble with updating a database via a php form process, I've tried various things thus far to get it working but to no avail, All the pages seem to be working except for the _process.php itself; 

  <?php
    /*saves the form data to the database */

    //read data passed via form
    $cabinID = $_POST['txtcabinID'];
    $cabintype = $_POST['txtCabinType'];
    $cabindesc = $_POST['txtCabinDesc'];
    $pricepern= $_POST['txtppN'];   
    $priceperw = $_POST['txtppW'];
    $photo = $_POST['txtPhoto'];

    //connect to server and database 
    include 'sqldb_connect.inc.php';

    //set up query
             $query =  "update tblCabins set
            cabinType='$cabintype' 
            cabinDescription='$cabindesc', 
            pricePerNight='$pricepern', 
            pricePerWeek='$priceperw', 
            PHOTO='$photo', 
            where cabinID ='$cabinID'"; // important

    //execute query
    $result = mysql_query($query);

    if(!$result)
    {
        mysql_close();
        exit("Query failed");
    }

    mysql_close();
    exit ("Cabin updated successfully");    
  ?>

</body>
</html>

Can anyone see any problems within the page that stand out? Appreciate it :)

artemis11
  • 3
  • 1
  • Some advise: When you are developing you dan do this: `mysql_query($query) or die(mysql_error());`, this will give you a descriptive error of the problem in your query. Aside from that, don't use `mysql_*` functions, the extension is deprecated and will be removed in the future, use `PDO` or `mysqli_*` functions instead – Sal00m May 07 '14 at 07:45

3 Answers3

1

Comma is missing in the query:

 $query =  "update tblCabins set
            cabinType='$cabintype' 
                                  ^
            cabinDescription='$cabindesc', 
            pricePerNight='$pricepern', 
            pricePerWeek='$priceperw', 
            PHOTO='$photo', 
            where cabinID ='$cabinID'";

Try with,

 $query =  "update tblCabins set
            cabinType='$cabintype',
            cabinDescription='$cabindesc', 
            pricePerNight='$pricepern', 
            pricePerWeek='$priceperw', 
            PHOTO='$photo', 
            where cabinID ='$cabinID'";
Jenz
  • 8,280
  • 7
  • 44
  • 77
1

You're missing one comma and one comma too many:

(Rewrite)

$query = "UPDATE tblCabins SET
    cabinType='$cabintype', 
    cabinDescription='$cabindesc', 
    pricePerNight='$pricepern', 
    pricePerWeek='$priceperw', 
    PHOTO='$photo' 
WHERE cabinID ='$cabinID'"; // important
  • One missing after cabinType='$cabintype' and one too many for PHOTO='$photo',

Error reporting:

Add error reporting to the top of your file(s) which will help during production testing.

error_reporting(E_ALL);
ini_set('display_errors', 1);

Footnotes:

Your present code is open to SQL injection. Use prepared statements, or PDO.

mysql_* functions deprecation notice:

http://www.php.net/manual/en/intro.mysql.php

This extension is deprecated as of PHP 5.5.0, and is not recommended for writing new code as it will be removed in the future. Instead, either the mysqli or PDO_MySQL extension should be used. See also the MySQL API Overview for further help while choosing a MySQL API.

These functions allow you to access MySQL database servers. More information about MySQL can be found at » http://www.mysql.com/.

Documentation for MySQL can be found at » http://dev.mysql.com/doc/.

Community
  • 1
  • 1
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
1
cabinType='$cabintype' 
        cabinDescription='$cabindesc',

You're missing a comma. Should be 

 cabinType='$cabintype',
        cabinDescription='$cabindesc',

Also, just a note, as soon as you start feeling comfortable with mysql_query, I'd recommend skipping STRAIGHT into PDO and using prepared statements. It makes your SQL easier to read, and a lot safer :)

Christopher Wirt
  • 1,108
  • 1
  • 10
  • 21