How do I fill each input value with the data fetched from $row?

Question

The first part of the code, where the id is fetched from another sheet works fine and the data from while($row = mysqli_fetch_assoc($result)) are returned correctly. What I'm trying to do though is put this data in each input value by doing this <input name="visitingdate" type="date" value="<?=$row['visitingdate']?>">. I'm getting this error: "Notice: Trying to access array offset on value of type null in "Directory" on line "line"." This is what I've got so far:

<?php
require('config.php');
$id=$_REQUEST['id'];
$query = "SELECT * from records where id='".$id."'"; 
$result = mysqli_query($link, $query) or die ( mysqli_error());
while($row = mysqli_fetch_assoc($result))
{
    echo "<tr>";
    echo "<td>" . $row["visitingdate"]. "</td>";
    echo "<td>" . $row["department"] . "</td>";
    echo "<td>" . $row["visitingreason"]. "</td>";
    echo "<td>" . $row["importance"]. "</td>";
    echo "<td>" . $row["visitorname"]. "</td>";
    echo "<td>" . $row["company"]. "</td>";
    echo "<td>" . $row["internalrecipientname"]. "</td>";
    echo "<td>" . $row["visitinglocation"]. "</td>";
    echo "<td>" . $row["ETA"]. "</td>";
    echo "<td>" . $row["ETD"]. "</td>";
    echo "<td>" . $row["HRverification"]. "</td>";
    echo "<td>" . $row["visitcompleted"]. "</td>";
}

?>
<!DOCTYPE html>
<html>
<body>
<form action="records.php" method="post">
<br><br><br>
Visiting Date<br><input name="visitingdate" type="date" value="<?=$row['visitingdate']?>"><br><br>
Department <br><input name="department" type="text" value="<?=$row['department']?>"><br><br>
Visiting Reason<br><input name="visitingreason" type="text" value="<?=$row['visitingreason']?>"><br><br>
Importance<br><input name="importance" type="text" value="<?=$row['importance']?>"> <br><br>
Visitor Name<br><input name="visitorname" type="text" value="<?=$row['visitorname']?>"><br><br>
Company<br><input name="company" type="text" value="<?=$row['company']?>"><br><br>
Internal Recipient Name<br><input name="internalrecipientname" type="text" value="<?=$row['internalrecipientname']?>"><br><br>
Visiting Location<br><input name="visitinglocation" type="text" value="<?=$row['visitinglocation']?>"><br><br>
ETA<br><input name="ETA" type="time" value="<?=$row['ETA']?>"><br><br>
ETD<br><input name="ETD" type="time" value="<?=$row['ETD']?>"><br><br>
HR Verification<br><input name="HRverification" type="checkbox" value="<?=$row['HRverification']?>"><br><br>
Visit Completed<br><input name="visitcompleted" type="checkbox" value="<?=$row['visitcompleted']?>"><br><br>
<input name="submit1" type="submit"  value="Update">
</form>
<?php
?>
</body>
</html>

The error is because `$row` doesn't exist any more - it only exists inside the `while($row = mysqli_fetch_assoc($result))` loop. So you're displaying the data in a table ok because that code is within the loop, but the form is not. Hopefully that's enough information for you to understand the problem and how to fix it. — ADyson, May 19 '20 at 12:38
**Warning:** Your code is vulnerable to SQL Injection attacks. You should use parameterised queries and prepared statements to help prevent attackers from compromising your database by using malicious input values. http://bobby-tables.com gives an explanation of the risks, as well as some examples of how to write your queries safely using PHP / mysqli. **Never** insert unsanitised data directly into your SQL. The way your code is written now, someone could easily steal, incorrectly change, or even delete your data. — ADyson, May 19 '20 at 12:38
https://phpdelusions.net/mysqli also contains good examples of writing safe SQL using mysqli — ADyson, May 19 '20 at 12:38
P.S. you need to ensure you properly understand the structure of a HTML document as well. Right now all those `echo` statements are outputting HTML _outside_ the boundaries of the document's body. Some browsers might be forgiving and display it anyway, but a) you shouldn't rely on that, and b) it might have unpredictable effects on the page layout. — ADyson, May 19 '20 at 12:41
@ADyson I'm not worried about SQL Injection attacks because the project is for personal use. Now as far as the code is concerned, it's my first time writing in php so I barely understand anything, I figured that what you mentioned is probably the problem but I have no idea about how to fix it. I'd appreciate it if you provided some insight. Thanks for taking the time to answer my question. — isidoros _, May 19 '20 at 12:45
The echo statements were put there to make sure that the data is at least returned in one way or another, as I mentioned before I'm quite new to this so that's why there are so many trivial mistakes. — isidoros _, May 19 '20 at 12:47
" I'm not worried about SQL Injection attacks because the project is for personal use"...ok but you should still get into good habits now - learn it the correct way now and then it won't be hard later on when you need to do it for real. It's not difficult to write the queries correctly. And it also protects you against other unexpected SQL errors due to un-escaped input - e.g. your query would crash if someone sent the value `don't` in the $id field. Also, even if the project is for personal use, if you put it on a public site anywhere, it could still be hacked. — ADyson, May 19 '20 at 12:49
" have no idea about how to fix it"...well, clue 1) If it doesn't work **outside** the loop, then where else might you be able to put it so that it does work? clue 2) the code which is already **inside** the loop works to get at the data. So what do you think you might have to do with the code which doesn't work?? TBH I thought the info in my first comment was pretty obvious in that regard. — ADyson, May 19 '20 at 12:51
You are right, I'll try getting into the habit. Also, I did try many things before posting but the whole concept of the structure of php/html is still foreign so I never thought I'd be that simple, that's why your answer wasn't very obvious to me. And again, thanks for answering my questions, cheers. — isidoros _, May 19 '20 at 13:06
You have an error. [`mysqli_error()`](https://www.php.net/manual/en/mysqli.error.php) needs one argument. Please consider switching error mode on instead. [How to get the error message in MySQLi?](https://stackoverflow.com/a/22662582/1839439) — Dharman, May 20 '20 at 15:46

Kapil Karangeeya · Accepted Answer · 2020-05-19T13:09:41.257

The problem is you're trying to access data which is never defined outside the loop.

The varialbe you're trying to access $row will work within the loop only.

To achieve what you want you need to define a variable outside the loop and than set the value of variable in loop.

For example, below sharing an example with one input, for rest you can do the same or tweak around as per your need :

<?php
require('config.php');
$id=$_REQUEST['id'];
$query = "SELECT * from records where id='".$id."'"; 
$result = mysqli_query($link, $query) or die ( mysqli_error());
$visitingdate = "";
while($row = mysqli_fetch_assoc($result))
{
    echo "<tr>";
    echo "<td>" . $row["visitingdate"]. "</td>";
    $visitingdate = $row["visitingdate"];
}

?>
<!DOCTYPE html>
<html>
<body>
<form action="records.php" method="post">
<br><br><br>
Visiting Date<br><input name="visitingdate" type="date" value="<?=$visitingdate?>"><br><br>

<input name="submit1" type="submit"  value="Update">
</form>
<?php
?>
</body>
</html>

I hope this will help you. Thank you.

FYI: Your code is vulnerable to SQL Injection, please write safe code. Provided solution for the requested code in case for learning beginner purpose.

You have an error. [`mysqli_error()`](https://www.php.net/manual/en/mysqli.error.php) needs one argument. Please consider switching error mode on instead. [How to get the error message in MySQLi?](https://stackoverflow.com/a/22662582/1839439) — Dharman, May 20 '20 at 15:45
If you fix the answer I can take my downvote away. Please ping me once you fix above problems. — Dharman, May 20 '20 at 15:48

How do I fill each input value with the data fetched from $row?

1 Answers1