0

I have this query

$sql = ("SELECT * FROM reception WHERE date = '$date'");
  $result = $conn->query($sql);

which then displays results in a table. 

<?php while ($row=$result->fetch_assoc()) { 
    $id = $row['id']; ?>

<tr> 
<td ><?php echo  $id; ?></td>
<td>   
    <form method="post" action="que.php">
    <input type="text" name="bill" placeholder="amount in pula" value="<?php echo  $row['bill']; ?>

        <input type="submit" class="btn btn-info" value="UPDATE" name="update_bill" >   

        <?php   if( isset($_POST['update_bill']) ){

$bill = mysqli_real_escape_string($conn, $_POST['bill']);
$sql =("UPDATE reception SET bill = '$bill' WHERE id = '$id' ");
$result = $conn->query($sql);




}
        ?>
    </div>
    </div>
</td>
</form>
</tr>

                      <?php }  ?> 


</table>

so on that table i have a form with input fields to be updated later after an encounter is completed, but no matter which record i select, it only updates the first one, is there any way i can update my query or code to be able to update records which i have chosen?

Morena Toxx
  • 25
  • 5
  • You can pass on the $id with your input value and you can use that in where condition with update query. – Himanshu Upadhyay Jun 21 '17 at 18:13
  • You have to put your update query in `que.php` it will not update on same page if you wrote `action` in form – Nirav Joshi Jun 21 '17 at 18:15
  • okay as an input value, like value="" ? can you please show me how i can use it in my query too.. i am a bit lost @NiravJoshi my query is on que.php yes – Morena Toxx Jun 21 '17 at 18:17
  • As a side note, use prepared statements instead of allowing SQL injection: https://stackoverflow.com/questions/32391315/is-mysqli-real-escape-string-enough-to-avoid-sql-injection-or-other-sql-attack. Please look into methods that use prepared statements like `PDO` or `mysqli`. – ctwheels Jun 21 '17 at 18:18
  • @ctwheels thank you, im very much aware of prepared statements – Morena Toxx Jun 21 '17 at 18:20

1 Answers1

0
$sql = ("SELECT * FROM reception WHERE date = '$date'");
$result = $conn->query($sql); 
    <?php while ($row=$result->fetch_assoc()) { 
    $id = $row['id']; ?>

<tr> 
<td ><?php echo $id; ?></td>
<td>   
    <form method="post" action="que.php">
    <input type="text" name="bill" placeholder="amount in pula" value="<?php echo  $row['bill']; ?>
          <input type="hidden" value="<?php echo $id; ?>" name="id" >
        <input type="submit" class="btn btn-info" value="UPDATE" name="update_bill" >
    </div>
    </div>
</td>
</form>
</tr>
<?php }  ?> 
</table>

que.php

<?php   if( isset($_POST['update_bill']) ){
    $id = $_POST['id'];
    $bill = mysqli_real_escape_string($conn, $_POST['bill']);
    $sql =("UPDATE reception SET bill = '$bill' WHERE id = '$id' ");
    $result = $conn->query($sql);
}
?>

You should add connection in que.php to use that code.

Here is solution hope it will helps you

Nirav Joshi
  • 2,924
  • 1
  • 23
  • 45