PHP values don't UPDATE mysql table

Question

In my first php file I fetch results from mysql and show them in table. Every row value in one column must have value "Yes" or "No". When adding new request that value is "No". On "No" click I want to open another php (zatvaranje_zadatka.php) and send id_zadatka and broj_zadatka to new php file with form to input solution of request. On Submit in new php file I want to change flag in mysql table1 to "Yes" and write solution to another table in mysql. In short notes in first php:

while ($row = mysql_fetch_array($result)) 
{
    echo '<tr><td>' .$row["id_zadatka"] .'</td>';
    echo '<td><a href="zatvaranje_zadatka.php?id_zadatka='.$row["id_zadatka"].'">Zatvori</a></td>';
}

In zatvaranje_zadatka.php I have:

$id_zadatak = isset($_GET['id_zadatka']) ? $_GET['id_zadatka'] : '';
$br_zht = isset($_GET['broj_zadatka']) ? $_GET['broj_zadatka'] : '';
if($id_zadatak != '') {
    echo '<form action="zatvaranje_zadatka.php?go.php" method="POST" id="zatv_zad" name="zatv_zad">';
    echo '<fieldset>';
    echo ' Broj zadatka je:';
    echo '<legend>Rješenje zadatka</legend>';
    echo ' <textarea id= "rjesenje" name = "rjesenje" rows="4" cols="50"></textarea>';
    echo '</fieldset>';
    echo '<button type="submit" id="submit_zatv" name="submit_zatv"> Zatvori zadatak </button>';
    echo '</form>';

    $rjesenje = isset($_GET['rjesenje']) ? $_GET['rjesenje'] : '';

    $query2 = "INSERT INTO rjesenje(broj_zadatka, rjesenje_zadatka) VALUES ('$br_zht', '$rjesenje')";
    $result2 = mysql_query($query2) or die ("Nije uspio zapis u bazu" .mysql_error());
}

Output to table rjesenje is nothing.

score 0 · Answer 1 · answered Dec 15 '16 at 16:19

0

This is probably due to a typo. You need to leave a space between your table name and the row names. (e.g. rjesenje_(broj_zadatka, rjesenje_zadatka))

But whats worse is that your database is vulnerable for SQL injections. Please take a look at prepared statements

answered Dec 15 '16 at 16:19

Sigert Goeminne

76
1
4

1

"You need to leave a space between your table name and the row names." --- this is incorrect. you don't HAVE to. the space between the table name and the parenthesis is optional. you can even write a query like this `insert into users(id,download)values(4,7)` and it would still insert correctly. The more likely error is that `$_GET['rjesenje']` is not set. Possibly because the form is post and the request checked for is $_GET – Dec 15 '16 at 16:22

score 0 · Answer 2 · edited May 23 '17 at 12:09

Your form is method="POST" and you check for $_GET variables. Thus the error rjesenje is empty. This should have resulted in an error, however you checked whether or not $_GET['rjesenje'] was set. It was not, thus the value of the variable is nothing, as specified when you check if it's set.

$rjesenje = isset($_GET['rjesenje']) ? $_GET['rjesenje'] : '';

returns false => $rjesenje = nothing

change the line to the following:

$rjesenje = isset($_POST['rjesenje']) ? $_POST['rjesenje'] : '';

To solve the problem, either change the request method of the form to method="get" or check for $_POST variables instead, as suggested above.

One way to check if this is true, you could try printing out the variables while debugging:

print_r($_GET);

or

print_r($_POST);

Make sure that you have your errors on while debugging

error_reporting(E_ALL);

read more: How to get useful error messages in PHP?

Additionally, I'd like to advise you to use mysqli or pdo functions instead of mysql. As mysql functions are deprecated as of php version 5.5 and completely removed in php 7.0, and because mysql functions are prone to attacks.

http://php.net/manual/en/intro.mysql.php

That is indeed the purpose of SO, I'm happy to hear that @MikeL :) — , Dec 16 '16 at 11:23

Joe May · Accepted Answer · 2016-12-15T17:36:18.457

This all code looks messy and questionable, but you might try this for testing in order to figure out how this all is working at the end..

    $id_zadatak = $_GET['id_zadatka']; // we set this via URL
    //$br_zht = $_GET['id_zadatka']; // id i broj su ista stvar
    $rjesenje = $_POST['rjesenje'];


    if($id_zadatak != '') {

            echo '<form action="zatvaranje_zadatka.php?id_zadatka='.$id_zadatak.'" method="POST" id="zatv_zad" name="zatv_zad">';
                echo '<fieldset>';
                   echo ' Broj zadatka je:';
                    echo '<legend>Rješenje zadatka</legend>';
                   echo ' <textarea id= "rjesenje" name = "rjesenje" rows="4" cols="50"></textarea>';
                echo '</fieldset>';
                echo '<button type="submit" id="submit_zatv" name="submit_zatv"> Zatvori zadatak </button>';
            echo '</form>';




        if(isset($rjesenje))
{
                $query2 = "INSERT INTO rjesenje(broj_zadatka, rjesenje_zadatka) VALUES ('$id_zadatak', '$rjesenje')";
                $result2 = mysql_query($query2) or die ("Nije uspio zapis u bazu" .mysql_error());
}

        }

This solved my problem with slightly modification of $rjesenje to (isset($_POST['rjesenje']) ? $_POST['rjesenje'] : ''); Thx a lot! — MikeL, Dec 16 '16 at 11:24
@JoeMay another way to determine whether a variable is empty or not, is by using the `empty()` function. it checks if a variable contains a value and if the variable is set. http://php.net/manual/en/function.empty.php — , Dec 16 '16 at 21:47

PHP values don't UPDATE mysql table

3 Answers3