<?php
include_once 'resources/init.php';
if (isset ($_GET[id])) {
    $q = "SELECT * FROM Client WHERE id = {$_GET[id]}";
    $result = mysql_query($q);
    $client = mysql_fetch_array($result);
    }
?>
    <a href="index.php">Back To List</a>
  
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
First Name: <input type="text" name="firstname" value="<?php echo $client['firstname']; ?>" />
Last Name: <input type="text" name="lastname" value="<?php echo $client['lastname']; ?>" />
<br>
<br>
Email: <input type="text" name="email" value="<?php echo $client['email']; ?>" />
<br>
<br>
Invoice #:<input type="text" name="invoice" maxlength="5" size="5" value="<?php echo $client['invoice']; ?>" />
<br>
<br>
<br>
<br>
Windows Key:<input type="text" name="wink" maxlength="24" size="24" value="<?php echo $client['wink']; ?>" />
Windows Type:<input type="text" name="wint" maxlength="24" size="24" value="<?php echo $client['wint']; ?>" />
<br>
<br>
<br>
<br>
VIPRE Type:<input type="text" name="vtype" maxlength="3" size="3" value="<?php echo $client['vtype']; ?>" />
User Count:<input type="text" name="usera" maxlength="3" size="3" value="<?php echo $client['usera']; ?>" />
Year Count:<input type="text" name="yeara" maxlength="3" size="3" value="<?php echo $client['yeara']; ?>" />
<br>
<br>
Start Date:<input type="text" name="sdate" maxlength="10" size="10" value="<?php echo $client['sdate']; ?>" />
Expire Date:<input type="text" name="edate" maxlength="10" size="10" value="<?php echo $client['edate']; ?>" />
<br>
<br>
VIPRE Key: <input type="text" name="viprek" maxlength="24" size="24" value="<?php echo $client['viprek']; ?>" />
<br>
<br>
<br>
<input type="submit" name="submit" Value="Modify" />
</form>
    
    <?php
if (isset($_POST["submit"])) {
        $u = "UPDATE Client SET `firstname`='$_POST[firstname]', `lastname`='$_POST[lastname]', `email`='$_POST[email]', `invoice`='$_POST[invoice]', `wink`='$_POST[wink]', `wint`='$_POST[wint]', `vtype`='$_POST[vtype]', `usera`='$_POST[usera]', `yeara`='$_POST[yeara]', `sdate`='$_POST[sdate]', `edate`='$_POST[edate]', `viprek`='$_POST[viprek]' WHERE id = $_POST[id]";
        
        mysql_query($u) or die (mysql_error());
        
            header("Location: index.php");
    }
    ?>

Echo the $u on line 49, perhaps one of your values messed it up. The query looks fine to me (apart from using the $_POST directly). If one of your values contains a single quote, the query will fail.

UPDATE Client SET `firstname`='2', `lastname`='1', `email`='1', `invoice`='1', `wink`='1', `wint`='1', `vtype`='1', `usera`='1', `yeara`='1', `sdate`='1', `edate`='1', `viprek`='1' WHERE id = You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

this is what it spits out everything looks fine.

Does it help to put the WHERE value in quotes: ... WHERE id='value' versus ... WHERE id = value?

Looks like POST[id] should be GET[id] (as on line 4).

Looks like POST[id] should be GET[id] (as on line 4).

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

I assume OP is using GET the first time only to fetch the data, then uses POST to update.

Still having issue. After suggested changes.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

<?php
include_once 'resources/init.php';
if (isset ($_GET[id])) {
    $q = "SELECT * FROM Client WHERE id = {$_GET[id]}";
    $result = mysql_query($q);
    $client = mysql_fetch_array($result);
    }
?>
    <a href="index.php">Back To List</a>
  
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
First Name: <input type="text" name="firstname" value="<?php echo $client['firstname']; ?>" />
Last Name: <input type="text" name="lastname" value="<?php echo $client['lastname']; ?>" />
<br>
<br>
Email: <input type="text" name="email" value="<?php echo $client['email']; ?>" />
<br>
<br>
Invoice #:<input type="text" name="invoice" maxlength="5" size="5" value="<?php echo $client['invoice']; ?>" />
<br>
<br>
<br>
<br>
Windows Key:<input type="text" name="wink" maxlength="24" size="24" value="<?php echo $client['wink']; ?>" />
Windows Type:<input type="text" name="wint" maxlength="24" size="24" value="<?php echo $client['wint']; ?>" />
<br>
<br>
<br>
<br>
VIPRE Type:<input type="text" name="vtype" maxlength="3" size="3" value="<?php echo $client['vtype']; ?>" />
User Count:<input type="text" name="usera" maxlength="3" size="3" value="<?php echo $client['usera']; ?>" />
Year Count:<input type="text" name="yeara" maxlength="3" size="3" value="<?php echo $client['yeara']; ?>" />
<br>
<br>
Start Date:<input type="text" name="sdate" maxlength="10" size="10" value="<?php echo $client['sdate']; ?>" />
Expire Date:<input type="text" name="edate" maxlength="10" size="10" value="<?php echo $client['edate']; ?>" />
<br>
<br>
VIPRE Key: <input type="text" name="viprek" maxlength="24" size="24" value="<?php echo $client['viprek']; ?>" />
<br>
<br>
<br>
<input type="submit" name="submit" Value="Modify" />
</form>
    
    <?php
if (isset($_POST["submit"])) {
        $mdata = "UPDATE Client SET `firstname`='$_POST[firstname]', `lastname`='$_POST[lastname]', `email`='$_POST[email]', `invoice`='$_POST[invoice]', `wink`='$_POST[wink]', `wint`='$_POST[wint]', `vtype`='$_POST[vtype]', `usera`='$_POST[usera]', `yeara`='$_POST[yeara]', `sdate`='$_POST[sdate]', `edate`='$_POST[edate]', `viprek`='$_POST[viprek]' WHERE id = $_GET[id]";
        
        mysql_query($mdata) or die (mysql_error());
        
            header("Location: index.php");
    }
    ?>

Try changing line 48 to

$mdata = "
UPDATE Client
   SET `firstname`='$_POST[firstname]',
       `lastname`='$_POST[lastname]',
       `email`='$_POST[email]',
       `invoice`='$_POST[invoice]',
       `wink`='$_POST[wink]',
       `wint`='$_POST[wint]',
       `vtype`='$_POST[vtype]',
       `usera`='$_POST[usera]',
       `yeara`='$_POST[yeara]',
       `sdate`='$_POST[sdate]',
       `edate`='$_POST[edate]',
       `viprek`='$_POST[viprek]'
    WHERE id = '$_GET[id]'";

splitting it into separate lines (so that mysql will be a little more explicit as to where the error is) and adding the quotes around the WHERE value.

The WHERE value must use _POST because the FORM method is POST.

Change line 49 to echo "<pre style='color:red'>$mdata</pre>\n"; so you can see the *exact* SQL statement your program generated.

I believe that 'header' statement is invalid there because you've already emitted HTML.

Member Avatar for diafol

You need to brace out your POST and GET variables like so:

`sdate`='{$_POST[sdate]}',
...
 WHERE id = '{$_GET[id]'}";

But as has been mentioned to you numerous times, you SHOULDN'T use raw input in an SQL statement.

Well this is my index page. Did I mess something up here?

<html>
    <head>
    <title>Vipre Database</title>
    <script src="sorttable.js"></script>
</head>
<body>
<a href="addclient.php">Add Client</a>
<?php

include_once 'resources/init.php';

$query="SELECT * FROM Client";
$result=mysql_query($query);

mysql_close();
?>

<?php
//Table starting tag and header cells
echo "<table class='sortable' border='1' cellspacing='5' cellpadding='5'><tr><th>First Name</th><th>Last Name</th><th>Email</th><th>Invoice #</th><th>Windows Key</th><th>Windows Type</th><th>VIPRE Type</th><th>User Count</th><th>Year Count</th><th>Start Date</th><th>Expire Date</th><th>Vipre Key</th><th>Edit Client</th><th>Delete Client</th></tr>";
    while($row = mysql_fetch_array($result)){
        //Display the results in differnt Cells
        echo "<tr><td>" . $row['firstname'] . "</th>
            <td>" . $row['lastname'] . "</td>
            <td>" . $row['email'] . "</td>
            <td>" . $row['invoice'] . "</td>
            <td>" . $row['wink'] . "</td>
            <td>" . $row['wint'] . "</td>
            <td>" . $row['vtype'] . "</td>
            <td>" . $row['usera'] . "</td>
            <td>" . $row['yeara'] . "</td>
            <td>" . $row['sdate'] . "</td>
            <td>" . $row['edate'] . "</td>
            <td>" . $row['viprek'] . "</td>
                                           
            <td><a href=\"modify.php?id=" . $row['id'] . "\">Edit</a>" . "</td>
            <td><a href=\"deleteclient.php?id=" . $row['id'] . "\">Delete</a>" . "</td></tr>";
    
}
echo "</table>";
?>

</body>
</html>

Looks OK. As I suspected, you are calling your other page using GET; using $_GET (near the top) is correct. Your form uses method POST, so using $_POST (near the bottom) is (was) correct.

As was already stated a time or two, you should put all PHP array references that are within strings inside {}. That is, "text $_POST verbage" doesn't always work. It is much more reliable to use "text {$_POST} verbage". If you look at your web server's log file, you'll probably find it complaining a lot.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.