Hi,

I am trying to update data from a column in a database using a php script. But for some reason it doesn't update the database, but i get no error feedback.
So first i select a random entry from the database and i add it as a parameter to the next page. This page contains the form and the php script to get the parameter:

<?
  $server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);


' ' . htmlspecialchars($_GET["param"]) . '';

if(empty($_GET))
    echo "<h2>The request is invalid</h2>";
else
	$param_code = ($_GET[param]); 
	
?>
    <form name="form1" method="post" action="insert.php">
    	<input type="text" name="param" disabled value="<? print_r ($param_code); ?>">
		<input type="submit" name="submit" id="submit" value="Submit">
    </form>

here is the insert.php:

<?
  $server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);
  
if(isset($_POST['submit']))
{
   $submit = $_POST['param_code'];
}

mysql_query(" UPDATE table_name SET code_used= '0' WHERE param_code ='{$submit}' ") or die (mysql_error());

mysql_close($con);

     ?>

My database is very simple. It has only one table and 3 columns.

| id | param_code | code_used|
| 1  | abc2qsaa   |     1    |  --> This is a not used code
| 2  | safd3235   |     0    |  --> This is a used code.

<input type="text" name="param" ...> means you need to use $submit = $_POST['param'];

And i am using it like that, it was an edit error..(just checked)

the error is in line fourteen. To update the "mysql_query" requires connection identifier, like this;

mysql_query(" UPDATE table_name SET code_used= '0' WHERE param_code ='{$submit}' ", $con) or die (mysql_error());

Just updated it, and is still not working. The database remains un-updated

No error, the webpage acts like it just did what it was supposed to.
Is there a way to check that the $submit parameter is correctly imported? Like print_r or something similar (I tried print_r but it didn't work)

O.k, unless the field "param_code" has its contents with curly bracket, you need to remove the curly bracket from the update query. Like this;

mysql_query(" UPDATE table_name SET code_used= '0' WHERE param_code ='$submit' ", $con) or die (mysql_error());

Hey, i updated the script. Still no changes to the database. I think there is something i am missing

Hey, i updated the script. Still no changes to the database. I think there is something i am missing

What do you currently have?

The logic of the website is like this: When you get to it, you will get a coupon, if you press use the coupon then that coupon cannot be used again. This is why i am trying to update the database with value 0 for coupon used.

Here is the code again:

page1.php

<?
$server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);

$num_displayed = 1 ;

$result = mysql_query ("SELECT * FROM coupons WHERE coupon_used=1 ORDER BY RAND() LIMIT $num_displayed");


while ($row = mysql_fetch_array($result)) 

{

echo "<a href=\"coupon.php?coupon=".$row["coupon_code"]."\">Get a coupon</a>" ;
}
?>

coupon.php

<?
  $server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);

' ' . htmlspecialchars($_GET["coupon"]) . '';

if(empty($_GET))
    echo "<h2>The request is invalid</h2>";
else
    $coupon_code = ($_GET[coupon]); 

?>
<--!html form-->
    <form name="forma1" method="post" action="insert.php">
        <input type="text" name="couponcode" disabled value="<? print_r ($coupon_code); ?>">
        <input type="submit" name="usecode" value="Use Coupon">
    </form>

insert.php:

<?

  $server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);


  if(isset($_POST['usecode']))
{
  $submit = $_POST['couponcode'];
  $sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";
}

mysql_query($sql, $con) or die(mysql_error());

mysql_close($con);

?>

database example:

| id | param_code | code_used|
| 1  | abc2qsaa   |     1    |  --> This is a not used code
| 2  | safd3235   |     0    |  --> This is a used code.

Check line number 9 in coupon.php.

' ' . htmlspecialchars($_GET["coupon"]) . '';

What is this ? Perhaps, you should have.

$coupon = htmlspecialchars($_GET["coupon"]);

And then, if...else statement should go like below

if($coupon == ''){
echo "<h2>The request is invalid</h2>";
}
else{
$coupon_code = $coupon; 
}

And the final one is, print_r in input field. Line 19 in coupon.php.

<input type="text" name="couponcode" disabled value="<? print_r ($coupon_code); ?>">

Replace above with:

<input type="text" name="couponcode" disabled value="<?php echo $coupon_code; ?>">

'<? ?>', may be the problem, you must enable to support this syntax in php.ini file.

well, the code as i posted it works if i change this line:

$sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";

to

$sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = 'abc2qsaa' ";

where abc2qsaa is one of the codes in my database.

I have made the changes you suggested as well, but the database still doesn't get updated.

well, the code as i posted it works if i change this line:

to

$sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = 'abc2qsaa' ";

where abc2qsaa is one of the codes in my database.

I have made the changes you suggested as well, but the database still doesn't get updated.

this information is useful. Now, print the value of $submit and hence whole $sql and post result

this information is useful. Now, print the value of $submit and hence whole $sql and post result

Is not printing it. Maybe i am doing it wrong:

if(isset($_POST['usecode']))
{
  $submit = $_POST['couponcode'];
  $sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";
  print $submit;
}

Is not printing it. Maybe i am doing it wrong:

if(isset($_POST['usecode']))
{
  $submit = $_POST['couponcode'];
  $sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";
  print $submit;
}

do this

print_r($_POST);
echo "<br />";
 if(isset($_POST['usecode']))
{
  $submit = $_POST['couponcode'];
  $sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";
  echo $submit;
die()
}

This is shown on the webpage:

Array ( [usecode] => Use Coupon )

Remove white space from this line.

$sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";

Should be

$sql = "UPDATE `coupons` SET `coupon_used` = '0' WHERE `coupon_code` = '$submit'";

And print the above the query line, copy and past it into phpMyadmin and run it manually, and check how it works.

The sql command works without the " ' " . As i said above:

well, the code as i posted it works if i change this line:

$sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";

to

$sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = 'abc2qsaa' ";

where abc2qsaa is one of the codes in my database.

Array ( [usecode] => Use Coupon )

As you posted above. $submit has wrong value stored. Check where $submit comes from.

This is shown on the webpage:

That means the only thing in POST is that one. Post your form code!

<form name="forma1" method="post" action="insert.php">
    	<input type="text" name="couponcode" disabled value="<?php echo $coupon_code; ?>">
		<input type="submit" name="usecode" value="Use Coupon">
    </form>

You need to post the original start of $coupon_code.

I cannot see anything wrong with your code. please post two files contents (full) one with form and insert.php

alrighty then:

<?
  $server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);

$coupon = htmlspecialchars($_GET["coupon"]);

if(empty($_GET))
    echo "<h2>The request is invalid</h2>";
else
	$coupon_code = ($_GET[coupon]); 
	
?>
<--!html form-->
    <form name="forma1" method="post" action="insert.php">
    	<input type="text" name="couponcode" disabled value="<? print_r ($coupon_code); ?>">
		<input type="submit" name="usecode" value="Use Coupon">
    </form>
<?

  $server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);
  
print_r($_POST);
echo "<br />";
 if(isset($_POST['usecode']))
{
  $submit = $_POST['couponcode'];
  $sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";
  echo $submit;
die();
}

mysql_query($sql, $con) or die(mysql_error());
  
mysql_close($con);

?>
if(empty($_GET))
    echo "<h2>The request is invalid</h2>";
else
	$coupon_code = ($_GET[coupon]);

This will not check if specific field is empty. Since $_GET will always have submit button value so it will pass. Do something like this

if(empty($_GET['couponcode']))
    echo "<h2>The request is invalid</h2>";
else
	$coupon_code = ($_GET['couponcode']);
<input type="text" name="couponcode" disabled value="<? print_r ($coupon_code); ?>">

print_r is for arrays

I'm not sure if I can answer your question directly. I'd say double check the correct param is being passed - because if you type the wrong param you wont get an error and nothing will update.

Anyways, I went ahead and tried to rewrite the code. This should work and give you errors and success messages:

<?php
/****************************************************
*                     Settings
*****************************************************/
// MySQL Connection Settings
$settings['mysql']['host'] = "localhost";
$settings['mysql']['user'] = "root";
$settings['mysql']['pass'] = "af981t58time";
$settings['mysql']['dbname'] = "dev_andy_sms";
/****************************************************
*                     Connections
*****************************************************/
$con = mysql_connect($settings['mysql']['host'], $settings['mysql']['user'], $settings['mysql']['pass']) or die('Error: Could not connect to mysql, Please check server, username and password.');
@mysql_query("CREATE DATABASE IF NOT EXISTS ".$settings['mysql']['dbname']);
$ok = mysql_select_db($settings['mysql']['dbname'], $con) or die("Could not connect to the specified database on line ".__LINE__.": ".mysql_error());

//Set the param variable from the URL via $_GET
$gparam = mysql_real_escape_string(htmlspecialchars(trim($_GET["param"])));
?>
<form action="<?php echo $PHP_SELF; ?>" method="post" name="form1">
<input type="text" name="param" value="<?php echo $gparam; ?>" disabled="disabled" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
<?php
if(isset($_POST['submit'])){
//Get param from the form
$param = mysql_real_escape_string(htmlspecialchars(trim($_POST["param"])));
if(!empty($param)){

//First, lets check if the param exists...if you type the wrong param, then you wont get an error message and no result.
$c = mysql_query("SELECT * FROM table_name WHERE param_code='$param' LIMIT 1");
$cc = mysql_num_rows($c);

if($cc > 0){
$ud = mysql_query("UPDATE table_name SET code_used='0' WHERE param_code='$param'");
if($ud){
echo "Successfully Updated!";
}else{
echo "There was an error: ".mysql_error();
}
}else{
echo "There Param does not exists in the database!";
/*$code = "0";
// or
$code = "1";
$ins = mysql_query("INSERT INTO table_name (id,param_code,code_used) VALUES (id,'$param','$code')");

if($ins){
echo "Successfully Inserted!";
}else{
echo "There was an error inserting: ".mysql_error();
}
*/
}
}else{
echo "No param was present";
}
}
 
mysql_close($con);
 
?>

O.k remove the apostrophe enclosing the "0", if the field is not char, varchar, text, etc.

mysql_query(" UPDATE table_name SET code_used= 0 WHERE param_code ='$submit' ", $con) or die (mysql_error());
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.