how to update table row data with unique id?

Question

code:

<?php
if(isset($_POST['save']))
{
  $comment1 = $_POST['comment2'].",".date('Y-m-d');
  $comment2 = $_POST['comment2'];
  $id = $_POST['id'];
  $query = "update enquires2 set comment1 = '$comment1', comment2 = '$comment2', s_date = '$s_datee' where id='$id'";
  $result = mysqli_query($link,$query);
  if($result==true)
  {
    echo "successfull";
  }
  else
  {
    echo "error!";
  }
}
?>

<form method="post" name="myform">
<table>
  <tr>
    <th>comment1</th>
    <th>comment2</th>
    <th>Action</th>
  </tr>
  <?php
    $sql = "select * from enquires2 ";
    $result = mysqli_query($link,$sql);
    while ($row = mysqli_fetch_array($result)) 
    {
  ?>
  <tr>
    <td>
      <input type='hidden' name='id' value='<?php echo $row['id']; ?>'>
    </td>

    <td>
     <?php echo $row['comment1']; ?>
    </td>

    <td>
      <input type='text' name='comment2' id='comment2' value=""/>
    </td>

    <td>
      <input type ='submit' name='save' id='save' value='Save' />
    </td>
  </tr>
  <?php
    }
  ?>
</table>
</form>

In this code I want to update table enquires2 with unique id. In following image you see that table row having save button this is only one row similarly it have multiple row which having save button in each row. Now I want that when I click on save button of particular row only that row data will be update. How can I fix this problem ? Please help.

Thank You

Possible duplicate of [Create a HTML table where each TR is a FORM](http://stackoverflow.com/questions/4035966/create-a-html-table-where-each-tr-is-a-form) — Ivar, May 09 '17 at 06:58
@Demonyowh Why not? If you make a form of every row, only the id of that row will be submitted. You read it and know what row you are editing. — Ivar, May 09 '17 at 07:07
It is useless to use mysqli if you parse the input field directly into your query btw. You are vulnerable for SQL injection. — Ivar, May 09 '17 at 07:09
@Ivar the question is not about creating a form but about updating a row — Masivuye Cokile, May 09 '17 at 07:41
@MasivuyeCokile Which is done by making a form of each row in the context of this question. — Ivar, May 09 '17 at 07:44
but the proper duplicate will be something to do with update a row... the form is created I see no problem with the form @Ivar the problem is within the php code — Masivuye Cokile, May 09 '17 at 07:47
Possible duplicate of [PHP: "Notice: Undefined variable", "Notice: Undefined index", and "Notice: Undefined offset"](http://stackoverflow.com/questions/4261133/php-notice-undefined-variable-notice-undefined-index-and-notice-undef) — Masivuye Cokile, May 09 '17 at 07:48
@MasivuyeCokile The problem _is_ with the form, as submitting the form will in this case submit every row and every hidden id, hence you cannot determine what id you are actually trying to update. The update statement actually expects a single id in this code. — Ivar, May 09 '17 at 07:49
@Ivar I hear u but still the dup u supplied is incorrect, the form here is dynamic and the form you supplied its static., And if u look closely on the update statement there's an undefined variable — Masivuye Cokile, May 09 '17 at 07:52

score 0 · Answer 1 · edited May 09 '17 at 07:11

You could use AJAX and jQuery to do this and send the data to a separate PHP file and assigning the $row['ID'] to a data-value attribute of the button,

$("#save-btn").click(function(){
    id = $(this).attr(data-value);
    ***** rest of values here
    $.ajax({
       method: "GET",
       data: {id: id, rest of: data here},
       url: phpfile.php,
       success: function(){
          console.log("Success");
       }
   })
});

While in the PHP file you would take get the id like,

$_GET['id'], and same with the other values since we are using the GET method and then put them in the update query.

score 0 · Answer 2 · edited May 23 '17 at 12:18

First of all, for security reason you need to change this query to a prepared statement see PHP MySQLI Prevent SQL Injection:

  $id = $_POST['id'];
  $query = "update enquires2 set comment1 = '$comment1', comment2 = $comment2', s_date = '$s_datee' where id='$id'";
  $result = mysqli_query($link,$query);

This line is bad anyway, you are missing a opening quote for $comment2.

  $query = "update enquires2 set comment1 = '$comment1', comment2 = $comment2', s_date = '$s_datee' where id='$id'";

Are you sure $link is an actual mysqli link?

As for the html part, you need to mkae one form for each record. See the link posted HTML: Is it possible to have a FORM tag in each TABLE ROW in a XHTML valid way?

alternatively you could do something bad like only adding the $id to evry field for every row (similar to:)

<input type ='submit' name='save[<?=$id;?>]' id='save' value='Save' />

and in the php code check witch key is set.

if(isset($_POST['save']) && is_array($_POST['save'])){
   $id=key($_POST['save']);
}

You will need to replicate the bad thing for your comments as well but as a proof of concept you can run this snippet on phpfiddle.org

<?php
print_r($_POST);
if(isset($_POST['save']) && is_array($_POST['save'])){
  echo key($_POST['save']);
}
?>
<html>
    <form method='post'>
        <input type='submit' name='save[1]' value='1' />
        <input type='submit' name='save[2]' value='2' />
    </form>
</html>

Wish i could provide you a really full answer but there's alot of work to be done on your code for it to be 'proper coding'. Again this becaome a matter of opinion beside the fact that your code is vunerable to sql injection and is NOT accepable.

score -1 · Answer 3 · edited Jun 20 '20 at 09:12

-1

Don't use your code at all for security vulnerability. Read more about sql injection Here. After all, For each row () create a form with a hidden input storing id of row .

edited Jun 20 '20 at 09:12

Community

1
1

answered May 09 '17 at 07:10

Stephan

594
7
17

score -1 · Answer 4 · edited May 23 '17 at 12:02

-1

I revised my code to make it work,create a nested table inside your td, so that tag will be accepted,

also see this link for a working reference, HTML: Is it possible to have a FORM tag in each TABLE ROW in a XHTML valid way?

    <?php
    if(isset($_POST['save']))
    {
      $comment1 = $_POST['comment2'].",".date('Y-m-d');
      $comment2 = $_POST['comment2'];
      $id = $_POST['id'];
      $query = "update enquires2 set comment1 = '$comment1', comment2 = '$comment2', s_date = '$s_datee' where id='$id'";
      $result = mysqli_query($link,$query);
      if($result==true)
      {
        echo "successfull";
      }
      else
      {
        echo "error!";
      }
    }
    ?>


    <table>
      <tr>
        <th>comment1</th>
        <th>comment2</th>
        <th>Action</th>
      </tr>
      <?php
        $sql = "select * from enquires2 ";
        $result = mysqli_query($link,$sql);
        while ($row = mysqli_fetch_array($result)) 
        {
      ?>
<tr><td><table>

    <form method="post" name="myform">

      <tr>
        <td>
          <input type='hidden' name='id' value='<?php echo $row['id']; ?>'>
        </td>

        <td>
         <?php echo $row['comment1']; ?>
        </td>

        <td>
          <input type='text' name='comment2' id='comment2' value=""/>
        </td>

        <td>
          <input type ='submit' name='save' id='save' value='Save' />
        </td>
      </tr>
    </form>

</table>
</td>
</tr>
      <?php
        }
      ?>
    </table>

edited May 23 '17 at 12:02

Community

1
1

answered May 09 '17 at 07:14

apelidoko

782
1
7
23

It's not allowed to put a form wrapped around a tr tag. [`tr` can only have `table`, `thead`, `tbody` or `tfood` as parent.](https://developer.mozilla.org/en-US/docs/Web/HTML/Element/tr) – Ivar May 09 '17 at 07:16
it may not be allowed, but it will work, probably on some browsers – apelidoko May 09 '17 at 07:17
And maybe not on others. I wouldn't take the chance and just keep following the rules. Rather use an answer that WILL work in all cases. – Ivar May 09 '17 at 07:27
@apelidoko please don't teach bad coding practises.. form can not be a child element of a table, some browsers will render different output – Masivuye Cokile May 09 '17 at 07:38
use this a reference instead, http://stackoverflow.com/questions/1249688/html-is-it-possible-to-have-a-form-tag-in-each-table-row-in-a-xhtml-valid-way ,,,, it will be accepted when you nest a table inside td – apelidoko May 09 '17 at 07:44
i just said that, if i stick with his original code, that would be an option,,, it may not be the bestway, but it will be the easiest adjustment he can do to accomplish his task, now if he wants the best way he can learn ajax and jquery to accomplish his task,, – apelidoko May 09 '17 at 07:47

how to update table row data with unique id?

4 Answers4