0

My database doesn't get updated after admin's update like changing a name of an event ... etc

here is a part of code:

in displayEventData:

<?php

//write qry
 $qry="SELECT * FROM event WHERE id='".$_POST['country_id']."'";

//run qry
$result=mysql_query($qry);

//print

$row=mysql_fetch_array($result);

Print '<br/>Event Name: <input type="text" name="newEventName" value="' .$row['name'].'"><br/>';
Print 'Event Description: <input type="text" name="newEventDescription" value="'.$row['description'].'"><br/>';
Print 'Event Location: <input type="text" name="newEventLocation" value="' .$row['location'].'"><br/>';
Print 'Event Date: <input type="text" name="newEventDate" value="' .$row['date'].'"><br/>';
Print 'Event Time: <input type="text" name="newEventTime" value="' .$row['time'].'"><br/>';


?>

in executeEdit.php:

 $name = $_POST['newEventName'];
 $description = $_POST['newEventDescription'];
 $location = $_POST['newEventLocation'];
 $date = $_POST['newEventDate'];
 $time = $_POST['newEventTime'];

     //Create query

     $qry="UPDATE event SET name='".$name."',description='".$description."',location='".$location."',date='".$date."',time='".$time."'  WHERE id='".$_GET['country_id'].'">';


 $result=mysql_query($qry);
Funk Forty Niner
  • 74,450
  • 15
  • 68
  • 141
user3633859
  • 3
  • 2
  • Do this `$qry="UPDATE event SET name='".$name."',description='".$description."',location='".$location."',date='".$date."',time='".$time."' WHERE id='".$_GET['country_id']."'>";` quotes mixed up. – Funk Forty Niner May 13 '14 at 23:59
  • 4
    [Please, don't use `mysql_*` functions in new code](http://bit.ly/phpmsql). They are no longer maintained [and are officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). See the [red box](http://j.mp/Te9zIL)? Learn about [*prepared statements*](http://j.mp/T9hLWi) instead, and use [PDO](http://php.net/pdo) or [MySQLi](http://php.net/mysqli) - [this article](http://j.mp/QEx8IB) will help you decide which. If you choose PDO, [here is a good tutorial](http://j.mp/PoWehJ). **You are also wide open to [SQL injections](http://stackoverflow.com/q/60174)** – John Conde May 13 '14 at 23:59
  • 1
    However, in one query you're using POST `WHERE id='".$_POST['country_id']."'";` and the other it's GET `WHERE id='".$_GET['country_id']` which one is it? – Funk Forty Niner May 14 '14 at 00:02

0 Answers0