Data already Inserted I want to update the data

Question

I am getting issue in update code.I am able to inserted data in database.I am passing null values in table. I want to update that null values.I am getting the sccessfully message but data is not updating. Please help me....

    //Insert code


<?php
// Start the session
session_start();
?>

<?php
// Start the session
session_start();
?>


<?php


try{

$product=$_POST['product'];
/*
$product2=$_POST['product2'];
$product3=$_POST['product3'];
*/
    // form data





    //database Connection details
    $servername = "localhost";
    $username = "root";
    $password = "";
    $database="store";
    $error = "";

    $conn=mysql_connect($servername, $username, $password) or die('Connection failed: ' . mysql_error());

    @mysql_select_db($database, $conn) or die("Could not select your database".mysql_error());


        $insertQuery = "Insert into contactus(Id,Product) values('null','$product')";

        $result = mysql_query($insertQuery);

        if($result){
            echo "<script>alert('Thank You. Your Data Received Succefully.');location.href = '../index.html';</script>";
        }
        else
        {
           echo "<script>alert('Something went wrong with your data inserted. Please fill the form again.');location.href = '../index.html';</script>"; 
        }


    mysql_close($conn);
    header('Location: /newstore/contact.html');   

}

catch(Exception $e) {
    echo ("<script>alert('Something went terribly wrong. Please try again later.');location.href = ''../index.html';</script>");
    return false;
}

?>

    //Update code

    <?php
// Start the session
session_start();
?>


<?php


try{

    // form data
    $name=$_POST['name'];
    $email=$_POST['email'];
    $mobile=$_POST['mobile'];
    $product=isset($_POST['product']);


    //database Connection details
    $servername = "localhost";
    $username = "root";
    $password = "";
    $database="store";
    $error = "";

    $conn=mysql_connect($servername, $username, $password) or die('Connection failed: ' . mysql_error());

    @mysql_select_db($database, $conn) or die("Could not select your database".mysql_error());
;if ((strlen($name) < 3) or (strlen($email) < 3) or(strlen($mobile) < 3))
{
    echo ("<script>alert('Something went wrong with your data inserted. Please fill the form again.');location.href = '../newstore/index.html';</script>");
}else
{



    $UpdateQuery = "update contactus set Name='$name',Email='$email',Mobile='$mobile' where Id='(select count(*) from contactus)' ";

        $result = mysql_query($UpdateQuery);

        if($result){
            echo "<script>alert('Thank You. Your Data Received Succefully.');location.href = '../newstore/index.html';</script>";
        }
        else
        {
           echo "<script>alert('Something went wrong with your data inserted. Please fill the form again.');location.href = '../newstore/index.html';</script>"; 
        }
    }

    mysql_close($conn);
}

catch(Exception $e) {
    echo ("<script>alert('Something went terribly wrong. Please try again later.');location.href = ''../newstore/index.html';</script>");
    return false;
}

?>

Does anything match your `WHERE` clause in the update? Why are you updating by anything other than the `Id`? Do some debugging, find out exactly what SQL command is being issued and whether or not it works by itself. Since your code is *wide open to SQL injection* then literally *anything* could be executing against the database. — David, Jul 06 '15 at 17:48
If you can, you should [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) [statements](http://php.net/manual/en/pdo.prepared-statements.php) instead, and consider using PDO, [it's really not hard](http://jayblanchard.net/demystifying_php_pdo.html). — Jay Blanchard, Jul 06 '15 at 17:48
[Your script is at risk for SQL Injection.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) — Jay Blanchard, Jul 06 '15 at 17:49
Does where clause match with any product. Better practice is update table by using Id. — innovative kundan, Jul 06 '15 at 17:51
innovative kundan .tell me the code so that i can understand — Naren verma, Jul 06 '15 at 17:58
You need to collect the ID that is a result of the Insert, and then use that in your Update. I do not see why you do Insert and then update, why not do them all in one? — Twisty, Jul 06 '15 at 18:08
Twisty I have two HTML form in first form i am adding Id and product and second form is contact us form. I have created one table with column name is ID,Product,name,email,mobile.In first form i am adding id and product and rest of values are NULL,than form will redirect to contact us form there i am updating name,email,mobile. — Naren verma, Jul 07 '15 at 06:33
I would advise you to edit your question and clarify that . Since you did not, I think it lead a lot of people to see the issue much differently. For myself, I thought it was all one form handler and was confused by why you were calling different queries. Try to be as clear and descriptive as you can about the issue while keeping it specific enough to the one problem. — Twisty, Jul 07 '15 at 16:09
thanks for your replying now my issue is resolved now i was used session to retrieve id value and call in second form i got my output — Naren verma, Jul 07 '15 at 16:13

Twisty · Answer 1 · 2015-07-07T16:27:01.550

I see no point in doing an Insert and then doing an Update. You already have all the data, so just Insert it all at once.

EDIT AFTER COMMENTS

First Handler:

<?php
start_session();

if(isset($_POST['product'])){
    $product=$_POST['product'];

    //database Connection details
    $servername = "localhost";
    $username = "root";
    $password = "";
    $database="store";
    $error = "";

    $mysqli = new mysqli($servername, $username, $password, $database);
    /* check connection */
    if (mysqli_connect_errno()) {
        echo "<script>alert('Something went wrong with your data inserted. Please fill the form again. (" .  mysqli_connect_error() . ")');location.href = '../newstore/index.html'</script>");
        exit();
    }
    if ($result = $mysqli->query("INSERT INTO contactus (Id,Product) VALUES ('null','$product')")) {
        // Grab new ID when INSERT is successfull, add it to Session
        $_SESSION['contact_id'] = $mysqli->insert_id;
        echo "<script>alert('Thank You. Your Data Received Succefully.');location.href = '../index.html';</script>";
    } else {
        echo "<script>alert('Something went wrong with your data inserted. Please fill the form again.');location.href = '../index.html';</script>";
        $mysqli->close();
        exit();
    }
    $mysqli->close();
}
header('Location: /newstore/contact.html');
?>

Second Handler:

<?php
start_session();
// form data
$name=isset($_POST['name'])?$_POST['name']:"";
$email=isset($_POST['email'])?$_POST['email']:"";
$mobile=$_POST['mobile'];
if ((strlen($name) < 3) || (strlen($email) < 3) || (strlen($mobile) < 3)){
    echo "<script>alert('Something went wrong with your data inserted. Please fill the form again.');location.href = '../newstore/index.html';</script>";
    exit();
}

//database Connection details
$servername = "localhost";
$username = "root";
$password = "";
$database="store";
$error = "";

$mysqli = new mysqli($servername, $username, $password, $database);
/* check connection */
if (mysqli_connect_errno()) {
    echo "<script>alert('Something went wrong with your data inserted. Please fill the form again. (" .  mysqli_connect_error() . ")');location.href = '../newstore/index.html'</script>");
    exit();
}

if ($stmt = $mysqli->prepare("UPDATE contactus SET `Name`=?, `Email`=?, `Mobile`=?) WHERE `ID`=?")){
    /* bind parameters for markers */
    $stmt->bind_param("sssi", $name, $email, $mobile, $_SESSION['contact_id']);
    /* execute query */
    $stmt->execute();
    $result = $stmt->get_result();
    if($result){
        echo "<script>alert('Thank You. Your Data Received Succefully.');location.href = '../newstore/index.html';</script>";
    } else {
        echo "<script>alert('Something went wrong with your data inserted. Please fill the form again.');location.href = '../newstore/index.html';</script>"; 
    }
    $stmt->close();
}
$mysqli->close();
?>

Data already Inserted I want to update the data

1 Answers1