-1

I'm trying to update my MySQL Table via PHP - It says successful, but isn't actually updating. Here is snippets of my PHP code used;

List of rows in my Table.

<?php 
$sql="SELECT * FROM $tbl";
$result=mysql_query($sql);
while($rows=mysql_fetch_array($result)){
echo $rows['title']; 
echo $rows['date']; 
echo $rows['month']; 
?>
<a href="update.php?id=<? echo $rows['id']; ?>">update</a>

Edit Forum

<?php
$id=$_GET['id']; 
$sql="SELECT * FROM $tbl WHERE id='$id'";
$result=mysql_query($sql);
$rows=mysql_fetch_array($result);
?>
<form name="form" method="post" action="update.php">
<input name="title" type="text" id="title" value="<? echo $rows['title']; ?>">
<input name="date" type="text" id="date" value="<? echo $rows['date']; ?>" >
<input name="month" type="text" id="month" value="<? echo $rows['month']; ?>">
<input name="id" type="hidden" id="id" value="<? echo $rows['id']; ?>">
<input type="submit" name="Submit" value="Submit">

Process of the Table update

<?php error_reporting(E_ALL); ini_set('display_errors', 1); //added to all pages

$title = $_POST['title']
$date = $_POST['date']
$month = $_POST['month']
$id = $_POST['id']

$sql="UPDATE $tbl SET title='$title', date='$date', month='$month' WHERE id='$id'";
$result=mysql_query($sql);
if (!$sql) {
die(mysql_error());
}
?>

If I update my table directly running SQL Queries in PhpMyAdmin it works perfectly fine. But when I do it through PHP it outputs as successful but doesn't actually change the data. Where am I going wrong?

PS: I have tried using mysql_error()); but nothing reports back.

Shanie93
  • 75
  • 8
  • 1
    Where is `$tbl` defined? – D4V1D Sep 21 '15 at 21:22
  • It's on every page with my connection info. `$tbl="events";` – Shanie93 Sep 21 '15 at 21:24
  • *"It says successful, but isn't actually updating"* - that isn't the best way. Use `mysql_affected_rows()` for trueness. *"PS: I have tried using mysql_error()); but nothing reports back."* - that's not in your shown code. – Funk Forty Niner Sep 21 '15 at 21:24
  • [Your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) – Jay Blanchard Sep 21 '15 at 21:26
  • I didn't think it was relevant since it's thinking it has done it - Apologies. – Shanie93 Sep 21 '15 at 21:26
  • 3
    If you can, you should [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). [These extensions](http://php.net/manual/en/migration70.removed-exts-sapis.php) have been removed in PHP 7. Learn about [prepared](http://en.wikipedia.org/wiki/Prepared_statement) statements for [PDO](http://php.net/manual/en/pdo.prepared-statements.php) and [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) and consider using PDO, [it's really not hard](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Sep 21 '15 at 21:27
  • 2
    Where is your `
    ` tag?
     – D4V1D Sep 21 '15 at 21:28
  • @Fred-ii-: I took time to notice it also :) – D4V1D Sep 21 '15 at 21:29
  • I tried to leave out as much as I didn't think would be needed. I'll update it, – Shanie93 Sep 21 '15 at 21:31
  • @Shanie93: Right, so you then need to retrieve your values with `$_POST['title']` because, as of now, `$title`, `$date`, `$month` and `$id` are not defined. – D4V1D Sep 21 '15 at 21:31
  • 3
    and that's ^ where error reporting kicks into gear. Add error reporting to the top of your file(s) right after your opening PHP tag for example ` – Funk Forty Niner Sep 21 '15 at 21:37
  • I've updated the bottom section of the code - This is what I'm using now; however there' is nothing showing after submit now. I've checked my php.ini file and error display is set on. Also thank you for your time, I really appreciate it. – Shanie93 Sep 21 '15 at 21:47
  • 1
    You forgot to add `or die(mysql_error());` after your MySQL query. Please do as asked. And you're missing `;` after assigning those `POST` variables. Are you **sure** error reporting is enabled? – D4V1D Sep 21 '15 at 21:53
  • You beat me too it - Yes it was, I had a slight miss placement in my code. I got the error reporting to show; The issue was as you stated the `;` after the `POST` variables. It is now working. Thank you so much David & Fred. I'm very grateful for your time and knowledge. – Shanie93 Sep 21 '15 at 22:00

1 Answers1

1

You are missing the semicolons (;) after assigning your $_POST variables:

$title = $_POST['title']
$date = $_POST['date']
$month = $_POST['month']
$id = $_POST['id']

Add a ; right after each of those statements and you should be good to go.

D4V1D
  • 5,805
  • 3
  • 30
  • 65