0

i am very new at this.I want to create the form with edit field for each row in php.when i run my code edited values are not updating in the main page but when i echoed the query it is running correctly.where is the mistake.??please help

table1.php

<?php
include('config\dbconfig.php');
$row = mysql_query("select * from admin");
if (isset($_POST['submit']))
{
    if ($_POST['submit'] == 'Submit')
    {    $uid = $_POST['uid'];
        $name = $_POST['name'];
        $uid = $_POST['uid'];
        $email_id = $_POST['email_id'];
        $password = $_POST['password'];
        $gender = $_POST['gender'];
        $address = $_POST['address'];
        $qualification = implode(",",$_POST['qualification']);
        $bdaytime = $_POST['bdaytime']; 
        $target_dir = "uploads/";
        $target_file = $target_dir . basename($_FILES["myimage"]["name"]);
        if (move_uploaded_file($_FILES["myimage"]["tmp_name"], $target_file)) 
        {
            echo "The file ". basename( $_FILES["myimage"]["name"]). " has been uploaded.";
        } else {
            echo "Sorry, there was an error uploading your file.";
        }
        $b=$_FILES["myimage"]["name"] ;
        if($_REQUEST['uid']=="")
        {
            $sql = "INSERT INTO `admin`
                            (`uid`,`name`,`email`, `password`,
                             `gender`,`address`,`qualification`,
                             `bdaytime`,`myimage`) 
                    VALUES ('$uid','$name','$email_id',
                            DES_ENCRYPT('$password'),
                            '$gender','$address','$qualification',
                            '$bdaytime','$b')";
        echo $sql;
        //mysql_query($sql);
        } else {
            $sql = "UPDATE `admin` SET `name`='$name', `email`='$email',
                            `password`='DES_ENCRYPT('$password')',
                            `gender`='$gender', `address`='$address', 
                            `qualification`='$qualification', 
                            `bdaytime`='$bdaytime' 
                    WHERE id=".$_REQUEST['uid'];
            echo $sql;
            //mysql_query($sql);
        }
    }
}
$f=mysql_query("select * from admin where id=$_GET[id]");
$row=mysql_fetch_array($f);
$name=$row['name'];
$email=$row['email'];
$password=$row['password'];
$gender=$row['gender']; 
$address=$row['address'];
$bdaytime= $row['bdaytime'];
$qualification= $row['qualification'];
?>
<!DOCTYPE html>
<html>
<head>
<title>Password Input Control</title>
</head>
<body>
<form  action = "" method = "POST"  enctype="multipart/form-data">
<input type="text" name="uid" value="<?php echo $_GET['id'];?>"> 
Name :  <input type="text" name="name" value="<?php echo $name;?>" />
<br>
Email ID :  <input type="text" name="email_id"  value="<?php echo $email;?>"/>
<br>
Password :  <input type="password" name="password"  value="<?php echo $password;?>"/>
<br>
Gender :  <input type="radio" name="gender" value="male">
<?php 
if($gender=='male')
{
echo 'checked';
}else
{echo ''; }
?>  Male <br>
<input type="radio" name="gender" value="female"> 
<?php 
if($gender=='female') {
    echo 'checked' ;
}else {
    echo " "; 
}
?> Female <br>
Address :  <input type="text" name="address" value="<?php echo $address;?>" />
<br>
Qualification :   <input type="checkbox" name="qualification[]" value="12th" > 
<?php 
if($gender=='12th') {
    echo 'checked';
}else {   
    echo ''; 
}
?> 12th 
 <input type="checkbox" name="qualification[]" value="btech">
<?php 
if($gender=='btech'){
    echo 'checked';
}else{
    echo ''; 
}
?> B.Tech <br>
 <input type="checkbox" name="qualification[]" value="mtech" >
<?php 
if($gender=='mtech'){
    echo 'checked';
}else{
    echo ''; 
}
?> M.Tech <br>
Birthday (date and time):
  <input type="datetime-local" name="bdaytime" value="<?php echo $bdaytime;?>" >
 <br>
Myimage : <input type="file" name="myimage">
 <br>
<input type="submit" name="submit" value="Submit" />
<input type="reset" name="reset"  value="Reset" />
</form>
</body>
</html>

index.php

<?php
include('config\dbconfig.php');
//print_r ($_REQUEST);

    $row = mysql_query("select * from admin");

    /*echo "<table>";*/
?>
<!DOCTYPE html>
<html>
<head>

    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <meta name="description" content="">
    <meta name="author" content="">

    <title>SB Admin - Bootstrap Admin Template</title>

    <!-- Bootstrap Core CSS -->
    <link href="css/bootstrap.min.css" rel="stylesheet">

    <!-- Custom CSS -->
    <link href="css/sb-admin.css" rel="stylesheet">

    <!-- Morris Charts CSS -->
    <link href="css/plugins/morris.css" rel="stylesheet">

    <!-- Custom Fonts -->
    <link href="font-awesome/css/font-awesome.min.css" rel="stylesheet" type="text/css">

    <!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
    <!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
    <!--[if lt IE 9]>
        <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
        <script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
    <![endif]-->

</head>
<?php
echo $_GET['msg'];
?>

<table class="table table-bordered table-hover">
<thead>
    <tr>
        <th>id</th>
        <th>name</th>
        <th>email</th>
        <th>password</th>
        <th>gender</th>
        <th>address</th>
        <th>qualification</th>
        <th>bdaytime</th>
        <th>Image</th>
        <th>action</th> 
    </tr>
</thead>
<tbody>
<?php
    while($column = mysql_fetch_array($row)) {
       echo "<tr><td>".$column['id'].
            "</td><td>".$column['name'].
            "</td><td>".$column['email'].
            "</td><td>".$column['password']. 
            "</td><td>".$column['gender'].
            "</td><td>".$column['address'].
            "</td><td>".$column['qualification'].
            "</td><td>".$column['bdaytime'].
            "</td><td>".$column['myimage'].
            "</td><td><a href='delete.php?id=$column[id]'>Delete</a> <a href='table1.php?id=$column[id]'>Edit</a></td></tr>" ;
    }
?>                             
</tbody>
</table>

delete.php

<?php
include('config\dbconfig.php');
if(isset($_GET['id']))
{
    $c= mysql_query("delete from `admin` WHERE id=$_GET[id]");
    if($c==1)
        $e="Rowdeleted";
    if($c==0)
        $e="Rownotdeleted";
    header("Location: index.php?msg=$e");
}
?>
RiggsFolly
  • 93,638
  • 21
  • 103
  • 149
Pragati Gupta
  • 1
  • 1
    Some sensible code indentation would be a good idea. It helps us read the code and more importantly it will help **you debug your code** [Take a quick look at a coding standard](http://www.php-fig.org/psr/psr-2/) for your own benefit. You may be asked to amend this code in a few weeks/months and you will thank me in the end. – RiggsFolly Jun 26 '17 at 16:32
  • 1
    Every time you use [the `mysql_`](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php) database extension in new code **[this happens](https://media.giphy.com/media/kg9t6wEQKV7u8/giphy.gif)** it is deprecated and has been for years and is gone for ever in PHP7. If you are just learning PHP, spend your energies learning the `PDO` or `mysqli` database extensions and prepared statements. [Start here](http://php.net/manual/en/book.pdo.php) – RiggsFolly Jun 26 '17 at 16:33
  • please use `mysqli_` functions, also be careful about sql injection, so did you get any error in your update query ? if so please post them too – Akshay Hegde Jun 26 '17 at 16:38
  • Please dont __roll your own__ password hashing. PHP provides [`password_hash()`](http://php.net/manual/en/function.password-hash.php) and [`password_verify()`](http://php.net/manual/en/function.password-verify.php) please use them. And here are some [good ideas about passwords](https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet) If you are using a PHP version prior to 5.5 [there is a compatibility pack available here](https://github.com/ircmaxell/password_compat) – RiggsFolly Jun 26 '17 at 16:39
  • Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) – RiggsFolly Jun 26 '17 at 16:39
  • Direct quote from the flagging section: _" Questions seeking debugging help ("why isn't this code working?") must include the desired behavior, a specific problem or error and the shortest code necessary to reproduce it in the question itself. Questions without a clear problem statement are not useful to other readers."_ –  Jun 26 '17 at 16:41
  • Its also a VERY BAD IDEA to store a comma seperated list in a column. It makes querying that column at best MUCH MORE DIFFICULT and at worst IMPOSSIBLE. – RiggsFolly Jun 26 '17 at 16:46

0 Answers0