Hello there, can anyone can help me with my problem, i want to update a record, but im getting an error.

this is my code

<?php

// connect to the database
 include('connect-db.php');
 
 // check if the form has been submitted. If it has, process the form and save it to the database
 if (isset($_POST['submit']))
 { 
 // confirm that the 'id' value is a valid integer before getting the form data
 	if (is_string($_POST['txtempno']))
 	{
		 // get form data, making sure it is valid
 		$employeeno = $_POST['txtempno'];
 		$month = mysql_real_escape_string(htmlspecialchars($_POST['txtmonth']));
 		$employeename = mysql_real_escape_string(htmlspecialchars($_POST['txtename']));
 
  		$salary = mysql_real_escape_string(htmlspecialchars($_POST['txtsal']));
		$allotteename = mysql_real_escape_string(htmlspecialchars($_POST['txtaname']));
  		$relation = mysql_real_escape_string(htmlspecialchars($_POST['txtrelation']));
  
 		$sss = mysql_real_escape_string(htmlspecialchars($_POST['txtsss']));
 		$philhealth = mysql_real_escape_string(htmlspecialchars($_POST['txtph']));
 		$pagibig = mysql_real_escape_string(htmlspecialchars($_POST['txtpagibig']));
 		$tax = mysql_real_escape_string(htmlspecialchars($_POST['txttax']));
 		$total = mysql_real_escape_string(htmlspecialchars($_POST['txttotal']));
 
 		$sss2 = mysql_real_escape_string(htmlspecialchars($_POST['txtsss2']));
 		$philhealth2 = mysql_real_escape_string(htmlspecialchars($_POST['txtph2']));
 		$pagibig2 = mysql_real_escape_string(htmlspecialchars($_POST['txtpagibig2']));
 		$tax2 = mysql_real_escape_string(htmlspecialchars($_POST['txttax2']));
		$total2 = mysql_real_escape_string(htmlspecialchars($_POST['txttotal2']));
 
 		$totaldeduction = mysql_real_escape_string(htmlspecialchars($_POST['txttded']));
 		$totalsalry = mysql_real_escape_string(htmlspecialchars($_POST['txttsal']));
 		$allotment = mysql_real_escape_string(htmlspecialchars($_POST['txtallotment']));

 
 // check that firstname/lastname fields are both filled in
	 if ($month == '' || $employeename == '' || $salary == '' || $allotteename == '' || $relation == '' || $sss == '' || $philhealth == '' || $pagibig == '' || $pagibig == '' || $tax == '' || $total=='' ||$sss2 == '' || $philhealth2 == '' || $pagibig2 == '' || $tax2 == '' || $total2==''|| $totaldeduction == '' || $totalsalry == '' || $allotment=='')
 	{
 		// generate error message
		 $error = 'ERROR: Please fill in all required fields!';
 
 		//error, display form
 		 renderForm($employeeno, $month, $employeename, $salary, $allotteename, $relation, $sss, $philhealth, $pagibig, $tax, $total, $sss,$philhealth2, $pagibig2, $tax2, $total2, $totaldeduction, $totalsalry, $allotment, $error);
 	}
 		else
		 {
		// save the data to the database
 		mysql_query("UPDATE emprofile SET Month='$month', Employeename='$employeename' , Salary='$salary', Allottee='$allotteename' , Relation='$relation', sss='$sss' , ph='$philhealth', pagibig='$pagibig' ,tax='$tax', total='$total', sss2='$sss2' , ph2='$philhealth2', pagibig2='$pahibig2' , tax2='$tax2', ='$employee name' , total2='$total2', totaldeduction='$totaldeduction', totalsalary='$totalsalry', allotment='$allotment', WHERE Employeename='$employee name'") or die(mysql_error()); 
 
 		// once saved, redirect back to the view page
 		header("Location: admincorner.php"); 
 		}
 }
 		else
 		{
 		// if the 'id' isn't valid, display an error
 		echo 'Error!';
 		}
		
}
 		else
 		// if the form hasn't been submitted, get the data from the db and display the form
 		{
 
 			// get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
 			if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0)
			{
 			// query db
 			$id = $_GET['id'];
 			$result = mysql_query("SELECT * FROM emprofile WHERE Employeeno=$employeeno") or die(mysql_error()); 
 			$row = mysql_fetch_array($result);
 
 			// check that the 'id' matches up with a row in the databse
 			if($row)
 			{
 
	 		// get data from db
	 		$month = $row['Month'];
	 		$employeename = $row['Employeename'];
 
	 		$salary = $row['Salary'];
	 		$allotteename= $row['Allottee'];
 
	 		$relation = $row['Relation'];
	 		$sss = $row['sss'];
 
	 		$ph = $row['philhealth'];
	 		$pagibig = $row['pagibig'];
 
	 		$tax = $row['tax'];
	 		$total = $row['total'];
 
			$sss2 = $row['sss2'];
 
			$ph2 = $row['philhealth2'];
 			$pagibig2 = $row['pagibig2'];
 		
	 		$tax2 = $row['tax2'];
	 		$total2 = $row['total2'];
 
	 		$totaldeduction = $row['totaldeduction'];
			$totalsalry = $row['totalsalary'];
	 		$allotment = $row['allotment'];
 
 			// show form
 			renderForm($employeeno, $month, $employeename, $salary, $allotteename, $relation, $sss, $philhealth, $pagibig, $tax, $total, $sss2, $philhealth2, $pagibig2, $tax2, $total2, $totaldeduction, $totalsalry, $allotment, $error);
 			}
 			else
 			// if no match, display result
 			{
 			echo "No results!";
 			}
 	}
 			else
 			// if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
 			{
 			echo 'Error!';
 			}
 }		
?>

Thanks :)

Member Avatar for diafol

Backtick your fieldnames. Reservved words like month

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.