PHP posting values but database not updating

Question

I'm having a problem where my form is submitting the values but they aren't getting entered into the database?

I have tried echo'ing the $_POST to see what is getting posted and everything is posting as it should but its failing at the point of entering into the database.

Here is my code

if(isset ($_POST["update_detail"])) {

    foreach($_POST["id"] AS $id) {


        $name = mysqli_real_escape_string($_POST["name"][$id]);
        $age = mysqli_real_escape_string($_POST["age"][$id]);
        $update1 = "UPDATE `booked_peoples` SET `name` = '$name',`age` = '$age' WHERE `booked_peoples`.`id` = ".$id;
        $update2 = mysqli_query($con,$update1);
        if($update2){
            echo '<script>window.location.href="add_passengers.php?book_id='.$book_id.'";</script>';
        }
        else {

            echo 'OOPS';
        } } }

and here is the php form code

if(isset($_GET['book_id']) and $_GET['action']=='edit')
                            {

                                $sq_edit_ps = "select * from booked_peoples where booking_id = ".$book_id;
                                $qr_edit_ps = mysqli_query($con,$sq_edit_ps);

                                while($rw_edit_ps = mysqli_fetch_array($qr_edit_ps))


                                {
                                    $ps_id = $rw_edit_ps['id'];
                                echo '<form action="" method="POST" role="form">';

                                echo '<div class="row">
                                        <div class="col-sm-9">
                                            <label>Name</label>
                                            <input class="form-control" type="text" name="name['.$ps_id.']" value="'.$rw_edit_ps['name'].'"/>

                                        </div>
                                        <div class="col-sm-3">
                                            <label>Age</label>
                                            <input class="form-control" type="text" name="age['.$ps_id.']" value="'.$rw_edit_ps['age'].'"/>
                                            <input type="hidden" name="id[]" value="'.$ps_id.'"/>
                                        </div>
                                    </div>';

                                }
                                echo '
                                            <button class="btn btn-info btn-flat" type="submit" name="update_detail" >Update</button>

                                    </form>
                                </div>';

                            }

Im getting code blind.......:(

I have removed that and now its working, but obviously I want to stop any injections so how do I fix that? — Helen Marie, Jun 24 '16 at 12:16
http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php?rq=1 — u_mulder, Jun 24 '16 at 12:17

Helen Marie · Answer 1 · 2016-06-24T12:28:05.357

0

It was the mysql_real_escape_string that was stopping it form working.

It needed to be $name = mysqli_real_escape_string($con, $_POST["name"][$id]);

Thank you to the poster above for pointing it out :)

Wanted to post the solution in case anyone else comes across the same problem

edited Jun 24 '16 at 12:28

answered Jun 24 '16 at 12:15

Helen Marie

25
3

PHP posting values but database not updating

1 Answers1