MySQL Db is not updating from html form with php script

Question

observ 0 Newbie Poster

13 Years Ago

Hi,

I am trying to update data from a column in a database using a php script. But for some reason it doesn't update the database, but i get no error feedback.
So first i select a random entry from the database and i add it as a parameter to the next page. This page contains the form and the php script to get the parameter:

<?
  $server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);


' ' . htmlspecialchars($_GET["param"]) . '';

if(empty($_GET))
    echo "<h2>The request is invalid</h2>";
else
	$param_code = ($_GET[param]); 
	
?>
    <form name="form1" method="post" action="insert.php">
    	<input type="text" name="param" disabled value="<? print_r ($param_code); ?>">
		<input type="submit" name="submit" id="submit" value="Submit">
    </form>

here is the insert.php:

<?
  $server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);
  
if(isset($_POST['submit']))
{
   $submit = $_POST['param_code'];
}

mysql_query(" UPDATE table_name SET code_used= '0' WHERE param_code ='{$submit}' ") or die (mysql_error());

mysql_close($con);

     ?>

My database is very simple. It has only one table and 3 columns.

| id | param_code | code_used|
| 1  | abc2qsaa   |     1    |  --> This is a not used code
| 2  | safd3235   |     0    |  --> This is a used code.

html-css mysql php

6 Contributors
45 Replies
883 Views
2 Days Discussion Span
Latest Post 13 Years Ago Latest Post by Stefano Mtangoo

faroukmuhammad 10 Junior Poster

13 Years Ago

the error is in line fourteen. To update the "mysql_query" requires connection identifier, like this;

mysql_query(" UPDATE table_name SET code_used= '0' WHERE param_code ='{$submit}' ", $con) or die (mysql_error());

faroukmuhammad 10 Junior Poster

13 Years Ago

O.k, unless the field "param_code" has its contents with curly bracket, you need to remove the curly bracket from the update query. Like this;

mysql_query(" UPDATE table_name SET code_used= '0' WHERE param_code ='$submit' ", $con) or die (mysql_error());

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

pritaeas 2,194 ¯\_(ツ)_/¯ Moderator Featured Poster · Answer 1 · 2011-07-16T03:16:15+00:00

<input type="text" name="param" ...> means you need to use $submit = $_POST['param'];

observ 0 Newbie Poster · Answer 2 · 2011-07-16T03:21:57+00:00

And i am using it like that, it was an edit error..(just checked)

observ 0 Newbie Poster · Answer 3 · 2011-07-16T03:47:00+00:00

Just updated it, and is still not working. The database remains un-updated

faroukmuhammad 10 Junior Poster · Answer 4 · 2011-07-16T04:23:52+00:00

faroukmuhammad 10 Junior Poster

13 Years Ago

any error massage?

observ 0 Newbie Poster · Answer 5 · 2011-07-16T04:28:11+00:00

No error, the webpage acts like it just did what it was supposed to.
Is there a way to check that the $submit parameter is correctly imported? Like print_r or something similar (I tried print_r but it didn't work)

observ 0 Newbie Poster · Answer 6 · 2011-07-16T19:37:13+00:00

Hey, i updated the script. Still no changes to the database. I think there is something i am missing

Stefano Mtangoo 455 Senior Poster · Answer 7 · 2011-07-16T21:46:18+00:00

Hey, i updated the script. Still no changes to the database. I think there is something i am missing

What do you currently have?

observ 0 Newbie Poster · Answer 8 · 2011-07-16T21:58:56+00:00

The logic of the website is like this: When you get to it, you will get a coupon, if you press use the coupon then that coupon cannot be used again. This is why i am trying to update the database with value 0 for coupon used.

Here is the code again:

page1.php

<?
$server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);

$num_displayed = 1 ;

$result = mysql_query ("SELECT * FROM coupons WHERE coupon_used=1 ORDER BY RAND() LIMIT $num_displayed");


while ($row = mysql_fetch_array($result)) 

{

echo "<a href=\"coupon.php?coupon=".$row["coupon_code"]."\">Get a coupon</a>" ;
}
?>

coupon.php

<?
  $server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);

' ' . htmlspecialchars($_GET["coupon"]) . '';

if(empty($_GET))
    echo "<h2>The request is invalid</h2>";
else
    $coupon_code = ($_GET[coupon]); 

?>
<--!html form-->
    <form name="forma1" method="post" action="insert.php">
        <input type="text" name="couponcode" disabled value="<? print_r ($coupon_code); ?>">
        <input type="submit" name="usecode" value="Use Coupon">
    </form>

insert.php:

<?

  $server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);


  if(isset($_POST['usecode']))
{
  $submit = $_POST['couponcode'];
  $sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";
}

mysql_query($sql, $con) or die(mysql_error());

mysql_close($con);

?>

database example:

| id | param_code | code_used|
| 1  | abc2qsaa   |     1    |  --> This is a not used code
| 2  | safd3235   |     0    |  --> This is a used code.

ko ko 97 Practically a Master Poster · Answer 9 · 2011-07-16T22:15:56+00:00

Check line number 9 in coupon.php.

' ' . htmlspecialchars($_GET["coupon"]) . '';

What is this ? Perhaps, you should have.

$coupon = htmlspecialchars($_GET["coupon"]);

And then, if...else statement should go like below

if($coupon == ''){
echo "<h2>The request is invalid</h2>";
}
else{
$coupon_code = $coupon; 
}

And the final one is, print_r in input field. Line 19 in coupon.php.

<input type="text" name="couponcode" disabled value="<? print_r ($coupon_code); ?>">

Replace above with:

<input type="text" name="couponcode" disabled value="<?php echo $coupon_code; ?>">

'<? ?>', may be the problem, you must enable to support this syntax in php.ini file.

observ 0 Newbie Poster · Answer 10 · 2011-07-16T22:27:29+00:00

well, the code as i posted it works if i change this line:

$sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";

to

$sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = 'abc2qsaa' ";

where abc2qsaa is one of the codes in my database.

I have made the changes you suggested as well, but the database still doesn't get updated.

Stefano Mtangoo 455 Senior Poster · Answer 11 · 2011-07-16T22:37:44+00:00

well, the code as i posted it works if i change this line:
to
$sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = 'abc2qsaa' ";
where abc2qsaa is one of the codes in my database.
I have made the changes you suggested as well, but the database still doesn't get updated.

this information is useful. Now, print the value of $submit and hence whole $sql and post result

observ 0 Newbie Poster · Answer 12 · 2011-07-16T22:45:10+00:00

this information is useful. Now, print the value of $submit and hence whole $sql and post result

Is not printing it. Maybe i am doing it wrong:

if(isset($_POST['usecode']))
{
  $submit = $_POST['couponcode'];
  $sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";
  print $submit;
}

Stefano Mtangoo 455 Senior Poster · Answer 13 · 2011-07-16T22:58:16+00:00

Is not printing it. Maybe i am doing it wrong:

if(isset($_POST['usecode']))
{
  $submit = $_POST['couponcode'];
  $sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";
  print $submit;
}

do this

print_r($_POST);
echo "<br />";
 if(isset($_POST['usecode']))
{
  $submit = $_POST['couponcode'];
  $sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";
  echo $submit;
die()
}

observ 0 Newbie Poster · Answer 14 · 2011-07-16T23:03:13+00:00

This is shown on the webpage:

Array ( [usecode] => Use Coupon )

ko ko 97 Practically a Master Poster · Answer 15 · 2011-07-16T23:05:58+00:00

Remove white space from this line.

$sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";

Should be

$sql = "UPDATE `coupons` SET `coupon_used` = '0' WHERE `coupon_code` = '$submit'";

And print the above the query line, copy and past it into phpMyadmin and run it manually, and check how it works.

observ 0 Newbie Poster · Answer 16 · 2011-07-16T23:11:29+00:00

The sql command works without the " ' " . As i said above:

well, the code as i posted it works if i change this line:
$sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";
to
$sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = 'abc2qsaa' ";
where abc2qsaa is one of the codes in my database.

ko ko 97 Practically a Master Poster · Answer 17 · 2011-07-16T23:18:55+00:00

Array ( [usecode] => Use Coupon )

As you posted above. $submit has wrong value stored. Check where $submit comes from.

Stefano Mtangoo 455 Senior Poster · Answer 18 · 2011-07-16T23:25:54+00:00

This is shown on the webpage:

That means the only thing in POST is that one. Post your form code!

observ 0 Newbie Poster · Answer 19 · 2011-07-16T23:32:43+00:00

<form name="forma1" method="post" action="insert.php">
    	<input type="text" name="couponcode" disabled value="<?php echo $coupon_code; ?>">
		<input type="submit" name="usecode" value="Use Coupon">
    </form>

ko ko 97 Practically a Master Poster · Answer 20 · 2011-07-16T23:39:04+00:00

You need to post the original start of $coupon_code.

Stefano Mtangoo 455 Senior Poster · Answer 21 · 2011-07-16T23:40:42+00:00

I cannot see anything wrong with your code. please post two files contents (full) one with form and insert.php

observ 0 Newbie Poster · Answer 22 · 2011-07-16T23:41:14+00:00

http://www.daniweb.com/web-development/php/threads/372581/1603471#post1603471

Stefano Mtangoo 455 Senior Poster · Answer 23 · 2011-07-16T23:56:05+00:00

http://www.daniweb.com/web-development/php/threads/372581/1603471#post1603471

But you did change some code removing htmspecialchar et al

observ 0 Newbie Poster · Answer 24 · 2011-07-17T00:04:56+00:00

alrighty then:

<?
  $server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);

$coupon = htmlspecialchars($_GET["coupon"]);

if(empty($_GET))
    echo "<h2>The request is invalid</h2>";
else
	$coupon_code = ($_GET[coupon]); 
	
?>
<--!html form-->
    <form name="forma1" method="post" action="insert.php">
    	<input type="text" name="couponcode" disabled value="<? print_r ($coupon_code); ?>">
		<input type="submit" name="usecode" value="Use Coupon">
    </form>

<?

  $server = "myserver";
  $username = "myusername";
  $password = "mypass";
  $database = "dbname";
  $con = mysql_connect($server, $username, $password);
  $ok = mysql_select_db($database, $con);
  
print_r($_POST);
echo "<br />";
 if(isset($_POST['usecode']))
{
  $submit = $_POST['couponcode'];
  $sql = " UPDATE coupons SET coupon_used= '0' WHERE coupon_code = '$submit' ";
  echo $submit;
die();
}

mysql_query($sql, $con) or die(mysql_error());
  
mysql_close($con);

?>

Stefano Mtangoo 455 Senior Poster · Answer 25 · 2011-07-17T00:55:31+00:00

if(empty($_GET))
    echo "<h2>The request is invalid</h2>";
else
	$coupon_code = ($_GET[coupon]);

This will not check if specific field is empty. Since $_GET will always have submit button value so it will pass. Do something like this

if(empty($_GET['couponcode']))
    echo "<h2>The request is invalid</h2>";
else
	$coupon_code = ($_GET['couponcode']);

<input type="text" name="couponcode" disabled value="<? print_r ($coupon_code); ?>">

print_r is for arrays

cjohnweb 14 User Title? What's that? · Answer 26 · 2011-07-17T01:04:19+00:00

I'm not sure if I can answer your question directly. I'd say double check the correct param is being passed - because if you type the wrong param you wont get an error and nothing will update.

Anyways, I went ahead and tried to rewrite the code. This should work and give you errors and success messages:

<?php
/****************************************************
*                     Settings
*****************************************************/
// MySQL Connection Settings
$settings['mysql']['host'] = "localhost";
$settings['mysql']['user'] = "root";
$settings['mysql']['pass'] = "af981t58time";
$settings['mysql']['dbname'] = "dev_andy_sms";
/****************************************************
*                     Connections
*****************************************************/
$con = mysql_connect($settings['mysql']['host'], $settings['mysql']['user'], $settings['mysql']['pass']) or die('Error: Could not connect to mysql, Please check server, username and password.');
@mysql_query("CREATE DATABASE IF NOT EXISTS ".$settings['mysql']['dbname']);
$ok = mysql_select_db($settings['mysql']['dbname'], $con) or die("Could not connect to the specified database on line ".__LINE__.": ".mysql_error());

//Set the param variable from the URL via $_GET
$gparam = mysql_real_escape_string(htmlspecialchars(trim($_GET["param"])));
?>
<form action="<?php echo $PHP_SELF; ?>" method="post" name="form1">
<input type="text" name="param" value="<?php echo $gparam; ?>" disabled="disabled" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
<?php
if(isset($_POST['submit'])){
//Get param from the form
$param = mysql_real_escape_string(htmlspecialchars(trim($_POST["param"])));
if(!empty($param)){

//First, lets check if the param exists...if you type the wrong param, then you wont get an error message and no result.
$c = mysql_query("SELECT * FROM table_name WHERE param_code='$param' LIMIT 1");
$cc = mysql_num_rows($c);

if($cc > 0){
$ud = mysql_query("UPDATE table_name SET code_used='0' WHERE param_code='$param'");
if($ud){
echo "Successfully Updated!";
}else{
echo "There was an error: ".mysql_error();
}
}else{
echo "There Param does not exists in the database!";
/*$code = "0";
// or
$code = "1";
$ins = mysql_query("INSERT INTO table_name (id,param_code,code_used) VALUES (id,'$param','$code')");

if($ins){
echo "Successfully Inserted!";
}else{
echo "There was an error inserting: ".mysql_error();
}
*/
}
}else{
echo "No param was present";
}
}
 
mysql_close($con);
 
?>

faroukmuhammad 10 Junior Poster · Answer 27 · 2011-07-17T01:12:14+00:00

O.k remove the apostrophe enclosing the "0", if the field is not char, varchar, text, etc.

mysql_query(" UPDATE table_name SET code_used= 0 WHERE param_code ='$submit' ", $con) or die (mysql_error());