0

I am trying to make a basic dropdown that allows me to change a value in my database. I can read from the database fine (also used in the code below). My table has 3 headers: id, output and source. My code is the following. 

<div id="out1fdiv">
    <select name="out1f">
  <?php
            while ($row = mysqli_fetch_array($resultvanrolepgm3)) {
                echo "<option value=\"" . $row['vanrole'] . "\">" . $row['vanrole'] . "</option>";
            }
        ?>
</select>

<input type="submit" value="Submit" style = "font-size:48px; position: fixed; top: 750px; left: 892px;">
</form>

</div>

<?php
echo $_GET["out1f"];
$varout1f = $_GET["out1f"];
echo $varout1f;

$sqlupdateout1f = "UPDATE 'pagetable' SET 'source' = '$varout1f' WHERE 'output'='out1f'";
mysqli_query($conn, $sqlupdateout1f);


?>

I can see the variables fine on the page, but I am unable to update the database. I am also not bothered by SQL injections as I will be the only person using this when complete, and it will be offline.

Thanks for reading

B. Haynes
  • 1
  • 7

2 Answers2

0

Your SQL Query Has Syntax Error

 $sqlupdateout1f = "UPDATE pagetable SET source = '".$varout1f."' WHERE output='out1f'";
Ajith
  • 258
  • 1
  • 7
0

You should update your syntax at places where call table field or table name to brackets instead of single qoute. I also added mysqli_real_escape_string.

$varout1f = mysqli_real_escape_string($conn, $varout1f);
$sqlupdateout1f = "UPDATE `pagetable` SET `source` = '".$varout1f."' WHERE `output`='".out1f."'";
J Quest
  • 593
  • 2
  • 17