-1

I have two column name varchar and area text

name    area
abc     12a
dfg     test

Now I want to update each of them from my page where I input some text to the textarea fetched from tow rows.

<?
if(isset($_POST['submit'])) {

    $i = 0;
    foreach($_POST['txt'] as $textarea) {
        @$val[$i] = $val[$i].$textarea;
        $i++;
    }

    foreach($val as $value){
    $q= mysql_query("UPDATE table_name SET name = '$value' WHERE `area` = '??'");
    echo "Success"; }

    $sql="select * from table_name";
    $res=mysql_query($sql);
    ?>

    <form name="form1" method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
    <table border="1">

                    <thead>
                      <tr>
                        <th>NAME</th>
                        <th>AREA</th>                        
                    </tr>
    <?php while($row=mysql_fetch_assoc($res)) 
    {
    ?>                            
            <tr>
            <td><?php echo $row['name']; ?></td>     
            <td><textarea rows="4" cols="40"  name="txt[]"><?php  echo $row['area']; ?>    </textarea><br/>            
            </td>             
             </tr>
            <tr>                        
                    </tr>
                <?php } ?>             

     <tr>
     <td><input type="submit" name="submit" id="submit" value="Update" /></td>
     </tr>
     </table>                
     </form>

I am getting the name but could not update/insert it in area for that name. How do I accomplish this?

  • 1
    Please, [don't use `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php), They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). Learn about [prepared statements](http://en.wikipedia.org/wiki/Prepared_statement) instead, and use [PDO](http://us1.php.net/pdo) or [MySQLi](http://us1.php.net/mysqli). – Jay Blanchard Dec 17 '14 at 20:02
  • `$txtarea` and `$textarea` are different vars. And also - what's the purpose of this - `@$val[$i] = $val[$i].$textarea;`? – u_mulder Dec 17 '14 at 20:03
  • see i got this code to do it. i got undefined variable agent so put @ . woah no notice!! please feel free to help me understand this –  Dec 17 '14 at 20:06
  • `@` is the PHP error suppression operator. it's the coding equivalent of stuffing your fingers in your ears and going "lalalalalala can't hear you". it's **NOT** a solution to a problem. It's HIDING the problem. – Marc B Dec 17 '14 at 20:11
  • i can also do it with error_reporting(0) then no need to do @ –  Dec 17 '14 at 20:12
  • `error_reporting(0)` `||` `@` = *"lalalalala....".* – Funk Forty Niner Dec 17 '14 at 20:13
  • ty for throwing some light –  Dec 17 '14 at 20:15

2 Answers2

0

You can embed actual keys in PHP's array-naming hack:

<textarea name="txt[foo]">...</textarea>
<textarea name="txt[bar]">...</textarea>

Which allows you to directly associate a particular form field with the value it represents in the database. In your case:

while($row = fetch_from_db()) {
   output: <texarea name="txt[$row[id]]">$row[area]</textarea>
}

And then, after submitting:

foreach($_POST['txt'] as $key => $value) {
   update database : UPDATE ... SET area=value WHERE id=$key
}

Note that your code is vulnerable to sql injection attacks.

Marc B
  • 356,200
  • 43
  • 426
  • 500
0

the most easy fix is to take a hidden input field and pass the $row['name']

<input type="hidden" name="name[]" value="<?php echo $row['name'];?>"/>

then 

if(isset($_POST['submit'])) {
$area=$_POST['txt'];
$name=$_POST['name'];
$count=count($area);

for($i=0; $i<$count; $i++)
    {

    if(mysql_query("UPDATE table_name SET area = '".$area[$i]."' WHERE `name` = '".$name[$i]."'")) 
{

NB:-if u have a id column then take hidden input field with $row['id'] and do the same

black
  • 729
  • 5
  • 13
  • 28