Issue In Update database Query?

Question

I am new in php and as well in database. I am facing issue to update table in database. i am getting values in input field but when i update query is not working.

    $edit_id=$_GET['edit_id'];
    $get_data = mysqli_query($con, "SELECT * FROM userform WHERE id='$edit_id' ");
    $run = mysqli_fetch_array($get_data);
    if (!$run) {
        echo "something went wrong";
    }
    else{
        echo "Working Fine";
    }
    if(isset($_POST['update'])){
        $name = $_POST['name'];
        $email = $_POST['email'];
        $subjects = $_POST['subjects'];
        $phone = $_POST['phone'];
        $country = $_POST['country'];
        $city = $_POST['city'];
        $address = $_POST['address'];
        $position = $_POST['position'];
        $about = $_POST['about'];
        $query = mysqli_query($con, "UPDATE userform SET name='$name', email='$email', subjects='$subjects', phone='$phone', country='$country', city='$city', address='$address', position='$position', about='$about', WHERE id='$edit_id' ");      
        //$run = mysqli_query($query);          
        if ($query) {
            echo "<script>alert('User Date Inserted Successfully'); </script>";
            //header('location:records.php');            
        }
        else{
            echo "<br> Something went wrong";
        }
        exit();
    }
?>
<div id="outer">
    <form method="POST" enctype="multipart/form-data">
        <input type="text" name="name" value="<?php echo $run['name']; ?>" >
        <input type="email" name="email" value="<?php echo $run['email']; ?>" >
        <input type="text" name="subjects" value="<?php echo $run['subjects']; ?>" >
        <input type="text" name="phone" value="<?php echo $run['phone']; ?>" >
        <input type="text" name="country" value="<?php echo $run['country']; ?>" >
        <input type="text" name="city" value="<?php echo $run['city'] ?>" >
        <input type="text" name="address" value="<?php echo $run['address']; ?>" >
        <input type="text" name="position" value="<?php echo $run['position']; ?>" >
        <textarea name="about" value="<?php echo $run['about']; ?>" ></textarea>
        <input id="sbmt" type="submit" value="Update Value" name="update">
    </form>

</div>

Error message? What "is not working"? And you should do prepare statement, it's vulnerable to SQL injection to add what user send you directly in your query ! — Mickaël Leger, May 31 '18 at 11:53
Your `$edit_id` is null because you're using `GET` when you should be using `POST`. — waterloomatt, May 31 '18 at 11:55
Yes but WHAT is not working? Nothing happen? You go in your else statement? — Mickaël Leger, May 31 '18 at 11:56
@waterloomatt The `$edit_id` is in the URL I think and not in the form — Mickaël Leger, May 31 '18 at 11:57
are you getting all the values in variable which are used in update query? — prit.patel, May 31 '18 at 11:58
There is at least one error in your `UPDATE` query: After you set all the values for the columns there is a `,` after `... about='$about,'`, you have to remove this last comma so the query becomes valid. — Tobias F., May 31 '18 at 11:59
I still don't understand how OP is `GET`ting `$edit_id` when the form is `POST`ed. It will always be empty on a `POST` request. +fully open to SQL injection. — waterloomatt, May 31 '18 at 12:09
@waterloomatt Maybe because the `$edit_id` comes from other page through the url. — Ende, May 31 '18 at 12:19

prit.patel · Answer 1 · 2018-05-31T12:01:19.707

0

Remove the trailing ,(comma) from your update query. Just before WHERE there is a comma which let compiler think there should be another column which need to be updated. So just remove that. So remove the , after $about.

edited May 31 '18 at 12:01

answered May 31 '18 at 12:00

prit.patel

330
3
12

You don't need to put this as an answer, this is obviously a typo – Ende May 31 '18 at 12:01
It can be a solution. I have checked it. If you keep a trailing comma the query won't execute.@Ende – prit.patel May 31 '18 at 12:02
I know that it is the solution but you don't need to use answer for this just comment it. – Ende May 31 '18 at 12:03
@Ende Posting an answer will help other peoples who will see this question after. – prit.patel May 31 '18 at 12:04
A typo is not something that will help people after... I hope you understand that aswell. If it was a real answer I wouldn't have said this – Ende May 31 '18 at 12:06
@pradeep: This is **an answer**. If you find it wrong or low-quality, you may downvote it. Flagging the post for deleting is intended for NAA (Not-an-answer). That meta post - https://meta.stackexchange.com/questions/225370/your-answer-is-in-another-castle-when-is-an-answer-not-an-answer - describes, what NAA is and what NAA is not. – Tsyvarev May 31 '18 at 12:58

score 0 · Answer 2 · answered May 31 '18 at 12:10

First you have to remove ,(comma) after '$about' in your update query. It should be like below.

$query = mysqli_query($con, "UPDATE `userform` SET name='$name', email='$email', subjects='$subjects', phone='$phone', country='$country', city='$city', address='$address', position='$position', about='$about' WHERE id='$edit_id' ");

And one more thing, If you are using textarea as input then you should replace ' with \' for update the data in mysql.So your $run['about'] should be replaced like below.

$run['about']=str_replace("'","\'",$run['about']);

Let make this changes first.

Issue In Update database Query?

2 Answers2