-1

enter image description here

I'm trying to update the variable description with the value of the textarea. Here is my html:

<form action="index.php" method="post">
<div class="search">
        <label for="animalId">Search for Id</label><br>
        <input type="text" name="animalId" value="<?php echo $animalId; ?>">
</div>
<div class="animal_description">
    <label for="animalDescription">Animal's description:</label><br>
    <textarea name="animalDescription" id="animal-Description" cols="30" rows="10"><?php echo 
    $animalDescription; ?></textarea>
</div>
<button type="submit" name="Update">Update</button>
</form>

Here is my php code to update the description variable:

    //if the update button is clicked
if (isset($_POST['update'])) {
    //getting variable
    $animalId = $_POST['animalId'];
    $animalDescription = $_POST['animalDescription'];

    //checking if any empty field
    if(empty($animalId)){
        $ERRORS['animal-description'] = "The id field is requiered";
    }
    else {
        $idQuery = "UPDATE animals SET description='$animalDesription' WHERE id_num='$id'";
        $stmt = $conn->prepare($idQuery);
        if ($stmt->execute()) {
            $ERRORS['final-message'] = "Successfully updated the database";
        }
        else {
            $ERRORS['final-message'] = "Failed to connect";
        }
    }
}

When I enter an existent Id and some text in the textarea, it does nothing just refresh the page.

Ryan
  • 29
  • 1
  • 8
  • 1
    Please note that the way you're building your query is unsafe. You're open to [SQL injection](https://stackoverflow.com/questions/332365/how-does-the-sql-injection-from-the-bobby-tables-xkcd-comic-work). You're defeating the purpose of preparing by directly inserting values. Parametrize your query. – El_Vanja Nov 28 '20 at 20:40
  • 2
    And your issue is as simple as can be, `name="Update"`, while you check for `isset($_POST['update'])`. Case matters. – El_Vanja Nov 28 '20 at 20:42

1 Answers1

0

Try:

<form action="index.php" method="post">
  <div class="search">
    <label for="animalId">Search for Id</label><br>
    <input type="text" name="animalId" id = "animalId" value="<?php echo 
    $animalId; ?>">
  </div>
  <div class="animal_description">
    <label for="animalDescription">Animal's description:</label><br>
    <textarea name="animalDescription" id="animalDescription" cols="30" 
     rows="10"><?php echo 
     $animalDescription; ?></textarea>
  </div>
<button type="submit" name="Update">Update</button>
</form>








//if the update button is clicked
if (isset($_POST['Update'])) {
//getting variable
  $animalId = $_POST['animalId'];
  $animalDescription = $_POST['animalDescription'];

  //checking if any empty field
  if(empty($animalId)){
      $ERRORS['animal-description'] = "The id field is requiered";
  } else {
    $idQuery = "UPDATE animals SET description=? WHERE 
    id_num=?";
    $stmt = $conn->prepare($idQuery);
    $stmt->bind_param("si", $animalDescription, $animalId);
    if ($stmt->execute()) {
        $ERRORS['final-message'] = "Successfully updated the database";
    }
    else {
        $ERRORS['final-message'] = "Failed to connect";
    }
}
}
MoonDarius
  • 61
  • 5