So, I have made a table called supplies_table and inside the table is id, name, and files. And I also made an upload button where it can upload a pdf BLOB file into the files column. Yes, it can upload a pdf file in the files column but the problem is that when I upload a file to a specific row, the other rows also updates with the same pdf file I uploaded.

Here's my code:

<?php

session_start();

$servername = "localhost";
$username = "root";
$password = "";
$dbname = "myDatabase";

$connect = mysqli_connect($servername, $username, $password, $dbname);

if(count($_FILES) > 0)
{
    if(is_uploaded_file($_FILES['file']['tmp_name']))
    {
        $_SESSION['id'];
        $file = file_get_contents($_FILES['file']['tmp_name']);
        $sql = "UPDATE supplies_table SET files = ? WHERE id=id";
        $statement = $connect->prepare($sql);
        $statement->bind_param('s',$file);
        $current_id = $statement->execute();
    }
}
mysqli_close($connect);
?>

What can I do to update just one row in the table?

I think the problem is in your update statement. Also, what are you trying to do in line 16? Perhaps you were thinking of assigning the value to another variable (e.g. $id = $_SESSION['id'];)?

Try:

$sql = "UPDATE supplies_table SET files = ? WHERE id=" . $_SESSION['id'];

This assumes that $_SESSION['id'] contains the id of the row you want to update.

commented: it doesnt update in the database anymore and the pdf files are still the same +0

I find it useful to debug queries in an interactive DB session before writing the code. For MySql you can use MySQL Workbench. For sqlite you can use sqlite Spy.

Run your query against a test version of your database. If it works then print the query your code is using and verify it is the same as your test case. Also verify that your id is unique.

May I point out that I hate prepared statements :)

But yeah, you have WHERE id=id and what that does is check if the contents of the id field of row X are equal to the contents of the id field of row X, which is going to be true for every single row ... hence why every single row gets updated.

Doh! Of course.

As Dani correctly pointed out, setting the condition to id=id (the comparison is always true) made it so the file was 'uploaded' to all rows in supplies_table.

it doesnt update in the database anymore and the pdf files are still the same

Unless the value assigned to $_SESSION['id'] changes every time you call the script, two things will happen: First, you will continue to update the same row over and over again. Second, the other rows will still have the PDF file you uploaded with your previous (WHERE id=id) condition.

So there has to be a place elsewhere in your code where you set the value of $_SESSION['id'] before you call the upload script. Make sure it matches the id of the row you want to update.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.