-1

enter image description hereI have a modal to edit an inventory item (think office tech like pc, printers, etc.).

  1. I have an index page listing all the item in a table with separate buttons to view, edit, and delete the row. <- working great!
  2. On edit I get a modal with textboxes for the fields and can edit and save changes <- working great!
  3. I've added a toggle switch with text of 'active' and 'inactive' that toggles on click <- working great!
  4. I now want save the toggle switch 'state' of active/1 or inactive/0 when updating the other fields <- have tried a few options but nothing worked for me
  5. Problem is I don't have a grasp of the process. The database does have a 'status' field set to bool.

  • start toggle switch code -

     <form method="POST" action="inventory_edit.php?inv_id=<?php echo $row['inv_id'];?>">
              <div class="mb-3 row">
                  <label class ="col-sm-3 col-form-label text-light font-weight-bolder text-right">STATUS</label>
                  <div class="col-sm">
                      <!-- status toggle switch code - changes color and label text on change -->
                      <label class="switch">
                          <input type="checkbox" id="togBtn">
                          <div class="slider round">
                              <span class="off">ACTIVE</span>
                              <span class="on">INACTIVE</span>
                          </div>
                      </label>
                  </div>
              </div>

  • end toggle switch code -

  • start php update code -

<?php
session_start();
require_once './includes/favicon.php';
include_once('./includes/dbconn.php');
if(isset($_POST['inventory_edit'])){
    $database=new Connection();
    $db=$database->open();
    try{
        $inv_id=$_GET['inv_id'];
        $inv_item_status=$_POST['inv_item_status'];
        $inv_item_make=$_POST['inv_item_make'];
        $inv_item_model=$_POST['inv_item_model'];
        $inv_item_sn=$_POST['inv_item_sn'];
        $sql="UPDATE inventory SET inv_item_status = '$inv_item_status', inv_item_make = '$inv_item_make', inv_item_model = '$inv_item_model', inv_item_sn = '$inv_item_sn' WHERE inv_id = '$inv_id'";
        // if-else statement in executing query
        $_SESSION['message']=($db->exec($sql))?'Inventory Item Updated Successfully!'
                    :'ERROR: Inventory Item Not Updated. (PANTHER Error #IE101)';
    }
    catch(PDOException $e){
        $_SESSION['message']=$e->getMessage();
    }
// close database connection
    $database->close();
}
else{
    $_SESSION['message']='All Fields Required!';
}
header('location: inventory_index.php');
WillWalsh
  • 193
  • 2
  • 12
  • **Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/32391315) – Dharman May 25 '23 at 18:53

1 Answers1

0

I know it was something simple I was overthinking. Real issue, beside needing to change sql code to pdo, was that I never initialized the variable used to set the toggle switch. I was always 'off' by 1 record (if first 5 were 1/true and 6th was 0/false and 7th true was was getting true on 1st 6 and false on 7th). Anyway I initialed the variable with the tables Boolean value before using it.

WillWalsh
  • 193
  • 2
  • 12