whats wrong with my this php update record form

Question

hi here is my code,

<html> 
 <?php
  $dbhost = 'localhost';
  $dbuser = '*******';
  $dbpass = '*******';
  $connec = mysql_connect($dbhost, $dbuser, $dbpass);
  if(!$connec)
  {
  die('Could not connect: ' . mysql_error());
  }
  $sql = "UPDATE subscribers SET unsubscribed = '0' WHERE email = '$email'";
  mysql_select_db('********');

if (!mysql_query($sql, $connec))
{

  die('Error: ' . mysql_error());

  }

echo "1 record added";



mysql_close($connec)
?> 
<form method="post" name="update" action="removal.php">
<input type="text" name="email" value="email" />
<input type="submit" name="Submit" value="update" />
</form>

</html>

WHAT I WANT : I want to show the echo message only after when i submit the form.

PROBLEM : IT shows a echo message after i refresh the page without form submit,

please do not use mysql_* functions because they're deprecated. Use mysqli_* or even better PDO — STT LCU, Jul 06 '15 at 08:49
Have you used a tutorial, of did you write this script yourself? $email isn't set, mysql_close isn't usually necessary. Your script is vulnerable to SQL injection. Please take a look here: http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php?rq=1 — Stephan Vierkant, Jul 06 '15 at 08:53

score 4 · Accepted Answer · answered Jul 06 '15 at 08:48

4

You need to put if(isset($_POST)){ check: use the below code

   <html> 
     <?php
if(isset($_POST)){
      $dbhost = 'localhost';
      $dbuser = '*******';
      $dbpass = '*******';
      $connec = mysql_connect($dbhost, $dbuser, $dbpass);
      if(!$connec)
      {
      die('Could not connect: ' . mysql_error());
      }
      $sql = "UPDATE subscribers SET unsubscribed = '0' WHERE email = '$email'";
      mysql_select_db('********');

    if (!mysql_query($sql, $connec))
    {

      die('Error: ' . mysql_error());

      }

    echo "1 record added";



    mysql_close($connec)
}
    ?>

answered Jul 06 '15 at 08:48

Vikas Umrao

2,800
1
15
23

no nothing displayed in page after i update the code to this – user2335482 Jul 06 '15 at 08:52
You need to put form also below this code and when you click on submit this will work – Vikas Umrao Jul 06 '15 at 09:02

score 1 · Answer 2 · answered Jul 06 '15 at 08:47

IT shows a echo message after i refresh the page without form submit

That's normal because once the script is called, nothing blocks the interpreter from executing the code, all you have to do is to check first whether there is a submitted from or not

<?php
  if(isset($_POST['Submit']))
  {
    // your code here
  }
?>

Also, note that in the following line:
$sql = "UPDATE subscribers SET unsubscribed = '0' WHERE email = '$email'";
you are using $email without initializing it, you should first copy the form email entry to the variable and use it later

Tismon Varghese · Answer 3 · 2015-07-06T08:55:47.240

1

Add this before your SQL statement

if(isset($_REQUEST['email'])){
   // write post processing code here 
}

edited Jul 06 '15 at 08:55

answered Jul 06 '15 at 08:48

Tismon Varghese

849
1
6
17

wrong answer, this will not stop executing the entire form processing code – Abdo Adel Jul 06 '15 at 08:51

score 0 · Answer 4 · answered Jul 06 '15 at 08:46

0

Does this work?

if (!mysql_query($sql, $connec)) {
    die('Error: ' . mysql_error());
} else {
    echo "1 record added";
}

answered Jul 06 '15 at 08:46

galki

8,149
7
50
62

no its not working, the problem was that when i load that page, it shows the echo when i load page, but i want it shows an echo only when i submit the form – user2335482 Jul 06 '15 at 08:49
i see. then the "if(isset($_POST))" comments are correct – galki Jul 06 '15 at 08:51

whats wrong with my this php update record form

4 Answers4