update multiple columns in mysql database using $_GET

Question

I want to update 3 fields in a row in 3 columns but I don't know how to do it. I already searched google and searcedh here but couldn't find any solution for it. I want to change title, paragraph and category of a blog post using $_GET using this way:

<?php
$id = $_GET['id'];
?>
<div class="middle">
  <div class="content" style="width:100%;">
    <div class="context" style="width:100%">
      <?php
    if(isset($_POST['submit'])){
        $title = $_POST['title'];
        $txt = $_POST['txt'];
$query = ("UPDATE tbl_post SET title='$title' WHERE id=$id");
$query = ("UPDATE tbl_post SET txt='$txt' WHERE id=$id");

when I use only one of $_title or $_txt, it works. But I couldn't find a way to update both fields together and couldnt update category selection.

full code of update.php page :

<?php require_once("config.php"); ?>
<?php require_once("header.php"); ?>
<?php
$id = $_GET['id'];
?>
<div class="middle">
  <div class="content" style="width:100%;">
    <div class="context" style="width:100%">
     <?php
    if(isset($_POST['submit'])){
        $title = $_POST['title'];
        $txt = $_POST['txt'];
   $query = ("UPDATE tbl_post SET title='$title' WHERE id=$id");
    $query = ("UPDATE tbl_post SET txt='$txt' WHERE id=$id");
    $query = ("UPDATE tbl_post SET cat='$cat' WHERE id=$id");

mysql_query($query,$con);
header("location:insert.php");
exit(); 
        }
?>
      <form action="" method="post">
        <?php

      $id = $_GET['id'];

$query = "SELECT * FROM `tbl_post` WHERE(id=$id)";
$res = mysql_query($query,$con);
while($rows = mysql_fetch_array($res,MYSQL_ASSOC)){
?>
        <p>عنوان مطلب</p>
        <input type="text" name="title" style="width:200px; border:1px solid #8C8C8C" value="<?php echo $rows['title'] ?>">
        <p>محتوای پست</p>
        <textarea name="txt" style="width:300px"><?php echo $rows['txt'] ?></textarea>
        <div class="clear"></div>
        <?php } ?>
        <p>دسته بندی</p>
        <select name="cat" style="width:200px">
          <?php

$query = "SELECT * FROM `tbl_cat` ORDER BY `id` ASC";
$res = mysql_query($query,$con);
while($rows = mysql_fetch_array($res,MYSQL_ASSOC)){


?>
          <option value="<?php echo $rows ['id'] ?>"><?php echo $rows ['name'] ?></option>
         </li>
          <?php } ?>
        </select>
        <input type="submit" name="submit" class="" value="ثبت در دیتابیس" style="width:200px; margin-top:15px;">
      </form>
    </div>
  </div>
</div>
<?php require_once("footer.php"); ?>

and insert.php :

<?php require_once("config.php"); ?>
<?php require_once("header.php"); ?>
<div class="middle">
  <div class="content" style="width:100%;">
    <div class="context" style="width:100%">


    <?php
    if(isset($_POST['submit'])){
        $title = $_POST['title'];
        $cat = $_POST['cat'];
        $txt = $_POST['txt'];
        echo 'title = '.$title.'<br>'.'category ='.$cat.'<br>'.'txt = '.$txt;
$query = "INSERT INTO tbl_post(`title`,`txt`,`cat_id`) VALUES  ('$title','$txt','$cat')";   
mysql_query($query,$con);
header("location:insert.php");
exit(); 
        }
?>

 <form action="" method="post">
        <p>عنوان مطلب</p>
        <input type="text" name="title" style="width:200px; border:1px solid #8C8C8C;">
        <p>دسته بندی</p>
        <select name="cat" style="width:200px">
          <?php

$query = "SELECT * FROM `tbl_cat` ORDER BY `id` ASC";
$res = mysql_query($query,$con);
while($rows = mysql_fetch_array($res,MYSQL_ASSOC)){


?>
          <option value="<?php echo $rows ['id'] ?>"><?php echo $rows ['name'] ?></option>
          </li>
          <?php } ?>
        </select>
        <p>محتوای پست</p>
        <textarea name="txt" style="width:300px"></textarea>
        <div class="clear"></div>
        <input type="submit" name="submit" class="" value="ثبت در دیتابیس" style="width:200px; margin-top:15px;">



      </form>
    </div>
  </div>
</div>
<?php require_once("footer.php"); ?>

U dont need to run 2 queries to update 1 table u can do it like this `UPDATE table SET this='$that', abc='$xyz' WHERE sun='$moon'` — Shehary, Jul 17 '15 at 23:18
"I want to update 3 fields..." I only see 2: `title` and `txt`. What is the third? — kittykittybangbang, Jul 17 '15 at 23:18
If you do each field in separate queries, you have to execute the query between the `$query` assignments. My guess is you're executing the query at the end, so it only does the last `$query` that you assign. — Barmar, Jul 17 '15 at 23:22
full code added .title and txt updated.but still couldn't update category. — nakhoda, Jul 18 '15 at 12:01

score 2 · Answer 1 · edited May 23 '17 at 10:26

2

Combine all the fields into a single query:

$title = $_POST['title'];
$txt = $_POST['txt'];
$cat = $_POST['cat'];

$query = "UPDATE tbl_post SET title='$title', txt = '$txt', cat = '$cat' WHERE id = $id";

Also, you should switch to parametrized queries instead of substituting into the SQL; this means using PDO or mysqli. Otherwise you need to escape the input data. See

How can I prevent SQL injection in PHP?

edited May 23 '17 at 10:26

Community

1
1

answered Jul 17 '15 at 23:25

Barmar

741,623
53
500
612

thanks.first problem resolved.problem was only (,) after '$title' !! but '$cat' still doesn't work and i couldn't update category selection(drop down menu),in database. – nakhoda Jul 18 '15 at 09:48
Hi, your problem that the $query is variable, and not you don't call query function for db, then query valui is: "UPDATE tbl_post SET cat='$cat' WHERE id=$id" you can see mysql update syntax and working description: https://dev.mysql.com/doc/refman/5.0/en/update.html @Barmar's answer good. – Dienes László Jul 18 '15 at 10:27

update multiple columns in mysql database using $_GET

1 Answers1