1

I have been working on a project and i am at the final stages of the project. My problem is whenever i try to update data in my database table into returns a blank screen with no error messages. Please find the php script and html form (the form responsible for updating the database table) below, i have divided it 

<?php
Session_start();
if(!isset($_SESSION['username'])){
header('Location: login.php');
}
?>


<!DOCTYPE html>
<html lang="en">
    <head>
        <?php include('config/mm.php')?>
        <?php include('config/db.php')?>
        <?php include('config/function.php')?>
        <?php include('config/setup.php')?>
        <?php include('config/head.php')?>


    <?php
    mysqli_set_charset ($dbc,'utf8');
    if(isset($_GET['edit'])) {

        $edit_id = $_GET['edit'];

        $edit_query = "select * from contact where id='$edit_id'";

        $run_edit = mysqli_query($dbc, $edit_query); 

        while ($edit_row = mysqli_fetch_array($run_edit)){


            $id = $edit_row['id'];
            $title = $edit_row['title'];
            $header = $edit_row['header'];
            $header1 = $edit_row['header1'];
            $body = $edit_row['body'];
            $body1 = $edit_row['body1'];
            $body2 = $edit_row['body2'];
            $body3 = $edit_row['body3'];
            $body4 = $edit_row['body4'];
            $body5 = $edit_row['body5'];
    }
    }
    ?>


</head>
<body class="nav-md">
    <!-- Side Nav Bar -->
    <div class="container body">
        <?php include('config/sidenav.php')?>
    </div>
    <!-- top navigation -->
    <?php include('config/topnav.php')?>
    <!-- /top navigation -->

    <!-- page content -->
    <div class="right_col" role="main">
        <div class="container">
        <form action="updatecontactus.php?edit_form=<?php echo $id; ?>" method="post" enctype="multipart/form-data">
          <h2>Table</h2>                                                                                      
          <div class="table table-bordered table-responsive">          
          <table class="table">
            <thead>
              <tr>
                <th>#</th>
                <th>Name</th>
                <th>Content</th>
              </tr>
            </thead>
            <tbody>
              <tr>
                <td>3</td>
                <td>header</td>
                <td><textarea class="form-control" type="text" name="header" rows="2"><?php echo $header; ?></textarea></td>
              </tr>
              <tr>
                <td>4</td>
                <td>header1</td>
                <td><textarea class="form-control" type="text" name="header1" rows="2"><?php echo $header1; ?></textarea></td>
              </tr>
              <tr>
                <td>5</td>
                <td>body</td>
                <td><textarea class="form-control" type="text" name="body" rows="2"><?php echo $body; ?></textarea></td>
              </tr>
              <tr>
                <td>6</td>
                <td>body1</td>
                <td><textarea class="form-control" type="text" name="body1" rows="2"><?php echo $body1; ?></textarea></td>
              </tr>
              <tr>
                <td>7</td>
                <td>body2</td>
                <td><textarea class="form-control" type="text" name="body2" rows="2"><?php echo $body2; ?></textarea></td>
              </tr>
              <tr>
                <td>8</td>
                <td>body3</td>
                <td><textarea class="form-control" type="text" name="body3" rows="2"><?php echo $body3; ?></textarea></td>
              </tr>
              <tr>
                <td>9</td>
                <td>body4</td>
                <td><textarea class="form-control" type="text" name="body4" rows="2"><?php echo $body4; ?></textarea></td>
              </tr>
              <tr>
                <td>10</td>
                <td>body5</td>
                <td><textarea class="form-control" type="text" name="body5" rows="2"><?php echo $body5; ?></textarea></td>
              </tr>
              <tr>
                    <td align="center" colspan="6"><input type="submit" name="update" value="Update Now"></td>
                </tr>
            </tbody>
          </table>
          </div>
          </form>
        </div>
    </div>  

    <!-- /page content -->

    <!-- footer content -->
    <?php include('config/footer.php')?>
    <!-- /footer content -->
    </div>  
    </div>          
    <!-- jQuery -->
    <script src="vendors/jquery/dist/jquery.min.js"></script>
    <!-- Bootstrap -->
    <script src="vendors/bootstrap/dist/js/bootstrap.min.js"></script>
    <!-- FastClick -->
    <script src="vendors/fastclick/lib/fastclick.js"></script>
    <!-- NProgress -->
    <script src="vendors/nprogress/nprogress.js"></script>
    <!-- bootstrap-wysiwyg -->
    <script src="vendors/bootstrap-wysiwyg/js/bootstrap-wysiwyg.min.js"></script>
    <script src="vendors/jquery.hotkeys/jquery.hotkeys.js"></script>
    <script src="vendors/google-code-prettify/src/prettify.js"></script>

    <!-- Custom Theme Scripts -->
    <script src="build/js/custom.min.js"></script>
</body>

update code:

<?php

        include("config/db.php");
        mysqli_set_charset ($dbc,'utf8');
            if(isset($_POST['update'])){

            $update_id = $_GET['edit_form'];


            $header = $_POST['header'];
            $header1 = $_POST['header1'];
            $body = $_POST['body'];
            $body1 = $_POST['body1'];
            $body2 = $_POST['body2'];
            $body3 = $_POST['body3'];
            $body4 = $_POST['body4'];
            $body5 = $_POST['body5'];

            if($header=='' or $header1=='' or $body=='' or $body1=='' or $body2=='' or $body3=='' or $body4=='' or $body5==''

            )
            {

            echo "<script>alert('Any of the fields is empty')</script>";
            exit();
            }

            else {

                $update_query = "update contact set header='$header',header1='$header1', body='$body', body1='$body1', body2='$body2', body3='$body3', body4='$body4', body5='$body5' where id='$update_id'";

                if(mysqli_query($dbc, $update_query)){

                echo "<script>alert('Post has been updated')</script>";

                echo "<script>window.open('contactus.php','_self')</script>";

                }

            }
            }



        ?>
Dijo
  • 11
  • 1
  • 2
    [Little Bobby](http://bobby-tables.com/) says **[you are at risk for SQL Injection Attacks](https://stackoverflow.com/q/60174/)**. Learn about [Prepared Statements](https://en.wikipedia.org/wiki/Prepared_statement) for [MySQLi](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php). Even **[escaping the string](https://stackoverflow.com/q/5741187)** is not safe! I recommend `PDO`, which I [wrote a function for](http://paragoncds.com/grumpy/pdoquery/#function) to make it extremely **easy**, very **clean**, and way more **secure** than using non-parameterized queries.' – GrumpyCrouton Sep 05 '17 at 18:00
  • A blank white screen often means that there's a 500 error, or there's no output to the page. Have you checked your server error logs? – aynber Sep 05 '17 at 18:06
  • 2
    A blank page can mean a number of things, but in general it means you borked the php somewhere. Could be a wrong include path, could be a typo. Comment out chunks to narrow the crime scene. – deg Sep 05 '17 at 18:09
  • Welcome to Stack Overflow - nice to have you. Please read [How do I ask a good question?](https://stackoverflow.com/help/how-to-ask) and [How to create a Minimal, Complete, and Verifiable example](https://stackoverflow.com/help/mcve) to help keeping Stack Overflows content on the highest possible level and increase your chances getting an appropriate answer. There is nothing wrong with your question but the code you show us could be way shorter I guess... – Axel Sep 05 '17 at 18:21

0 Answers0