Hello there, can anyone can help me with my problem, i want to update a record, but im getting an error.
this is my code
<?php
// connect to the database
include('connect-db.php');
// check if the form has been submitted. If it has, process the form and save it to the database
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (is_string($_POST['txtempno']))
{
// get form data, making sure it is valid
$employeeno = $_POST['txtempno'];
$month = mysql_real_escape_string(htmlspecialchars($_POST['txtmonth']));
$employeename = mysql_real_escape_string(htmlspecialchars($_POST['txtename']));
$salary = mysql_real_escape_string(htmlspecialchars($_POST['txtsal']));
$allotteename = mysql_real_escape_string(htmlspecialchars($_POST['txtaname']));
$relation = mysql_real_escape_string(htmlspecialchars($_POST['txtrelation']));
$sss = mysql_real_escape_string(htmlspecialchars($_POST['txtsss']));
$philhealth = mysql_real_escape_string(htmlspecialchars($_POST['txtph']));
$pagibig = mysql_real_escape_string(htmlspecialchars($_POST['txtpagibig']));
$tax = mysql_real_escape_string(htmlspecialchars($_POST['txttax']));
$total = mysql_real_escape_string(htmlspecialchars($_POST['txttotal']));
$sss2 = mysql_real_escape_string(htmlspecialchars($_POST['txtsss2']));
$philhealth2 = mysql_real_escape_string(htmlspecialchars($_POST['txtph2']));
$pagibig2 = mysql_real_escape_string(htmlspecialchars($_POST['txtpagibig2']));
$tax2 = mysql_real_escape_string(htmlspecialchars($_POST['txttax2']));
$total2 = mysql_real_escape_string(htmlspecialchars($_POST['txttotal2']));
$totaldeduction = mysql_real_escape_string(htmlspecialchars($_POST['txttded']));
$totalsalry = mysql_real_escape_string(htmlspecialchars($_POST['txttsal']));
$allotment = mysql_real_escape_string(htmlspecialchars($_POST['txtallotment']));
// check that firstname/lastname fields are both filled in
if ($month == '' || $employeename == '' || $salary == '' || $allotteename == '' || $relation == '' || $sss == '' || $philhealth == '' || $pagibig == '' || $pagibig == '' || $tax == '' || $total=='' ||$sss2 == '' || $philhealth2 == '' || $pagibig2 == '' || $tax2 == '' || $total2==''|| $totaldeduction == '' || $totalsalry == '' || $allotment=='')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';
//error, display form
renderForm($employeeno, $month, $employeename, $salary, $allotteename, $relation, $sss, $philhealth, $pagibig, $tax, $total, $sss,$philhealth2, $pagibig2, $tax2, $total2, $totaldeduction, $totalsalry, $allotment, $error);
}
else
{
// save the data to the database
mysql_query("UPDATE emprofile SET Month='$month', Employeename='$employeename' , Salary='$salary', Allottee='$allotteename' , Relation='$relation', sss='$sss' , ph='$philhealth', pagibig='$pagibig' ,tax='$tax', total='$total', sss2='$sss2' , ph2='$philhealth2', pagibig2='$pahibig2' , tax2='$tax2', ='$employee name' , total2='$total2', totaldeduction='$totaldeduction', totalsalary='$totalsalry', allotment='$allotment', WHERE Employeename='$employee name'") or die(mysql_error());
// once saved, redirect back to the view page
header("Location: admincorner.php");
}
}
else
{
// if the 'id' isn't valid, display an error
echo 'Error!';
}
}
else
// if the form hasn't been submitted, get the data from the db and display the form
{
// get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0)
{
// query db
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM emprofile WHERE Employeeno=$employeeno") or die(mysql_error());
$row = mysql_fetch_array($result);
// check that the 'id' matches up with a row in the databse
if($row)
{
// get data from db
$month = $row['Month'];
$employeename = $row['Employeename'];
$salary = $row['Salary'];
$allotteename= $row['Allottee'];
$relation = $row['Relation'];
$sss = $row['sss'];
$ph = $row['philhealth'];
$pagibig = $row['pagibig'];
$tax = $row['tax'];
$total = $row['total'];
$sss2 = $row['sss2'];
$ph2 = $row['philhealth2'];
$pagibig2 = $row['pagibig2'];
$tax2 = $row['tax2'];
$total2 = $row['total2'];
$totaldeduction = $row['totaldeduction'];
$totalsalry = $row['totalsalary'];
$allotment = $row['allotment'];
// show form
renderForm($employeeno, $month, $employeename, $salary, $allotteename, $relation, $sss, $philhealth, $pagibig, $tax, $total, $sss2, $philhealth2, $pagibig2, $tax2, $total2, $totaldeduction, $totalsalry, $allotment, $error);
}
else
// if no match, display result
{
echo "No results!";
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
{
echo 'Error!';
}
}
?>
Thanks :)