0

I have a really stupid question. Before I start I know I am using the deprecated version of mysql, I haven't come around to learn MySqli or PDO yet, but I will soon.

I have been working on a whole administrative system, and I have gotten to the point where I'm creating the functions for administrators to edit other accounts. I've made the whole system on one page and my code is becoming a little messy (this could be why I'm getting an error).

Well I'll begin with my problem now: I have an Update Query but it doesn't seem to be working. My form is as follows:

    <form action="" method="post">
    <table class="table table-profile">
        <thead>
            <tr>
                <th colspan="2">
                    <h4><?php echo $username; ?> <small><?php echo $fullname; ?></small></h4>
                </th>
            </tr>
        </thead>
        <tbody>
            <tr>
                <td colspan="2"><input type="hidden" name="id" value="<?php echo $id; ?>" /></td>
            </tr>
            <tr>
                <td class="field">Username</td>
                <td><input type="text" class="form-control input-xs" name="username" placeholder="" value="<?php echo $username; ?>" /></td>
            </tr>
            <tr>
                <td class="field">Password</td>
                <td><a href="#">Password Resets must be done through James/Hamish/Cryptic</a></td>
            </tr>
            <tr>
                <td class="field">Full name</td>
                <td><input type="text" class="form-control input-xs" name="fullname" placeholder="" value="<?php echo $fullname; ?>" /></td>
            </tr>
            <tr>
                <td class="field">Email</td>
                <td><input type="text" class="form-control input-xs" name="email" placeholder="" value="<?php echo $email; ?>" /></td>
            </tr>
            <tr>
                <td class="divider" colspan="2"></td>
            </tr>
            <tr>
                <td class="field">Membership</td>
                <td>
                    <select class="form-control input-inline input-xs" name="membership">
                        <option value="Administrator"<?php if($membership == 'Administrator') { echo ' selected'; } ?>>Administrator</option>
                        <option value="Moderator"<?php if($membership == 'Moderator') { echo ' selected'; } ?>>Moderator</option>
                        <option value="Supporter"<?php if($membership == 'Supporter') { echo ' selected'; } ?>>Supporter</option>
                        <option value="PM|T"<?php if($membership == 'PM|T') { echo ' selected'; } ?>>Platinum Modding Team</option>
                        <option value="Paid"<?php if($membership == 'Paid') { echo ' selected'; } ?>>Paid User</option>
                        <option value="Free"<?php if($membership == 'Free') { echo ' selected'; } ?>>Free User</option>
                        <option value="None"<?php if($membership == 'None') { echo ' selected'; } ?>>None</option>
                    </select>
                </td>
            </tr>
            <tr>
                <td class="field">Plan Desription</td>
                <td><input type="text" class="form-control input-xs" name="membership_type" placeholder="Membership Type" value="<?php echo $membership_type; ?>" /></td>
            </tr>
            <tr>
                <td class="field">MaxTime</td>
                <td>
                    <select class="form-control input-inline input-xs" name="membership_maxtime">
                        <option value="600"<?php if($membership_maxtime == '600') { echo ' selected'; } ?>>600 Seconds</option>
                        <option value="1800"<?php if($membership_maxtime == '1800') { echo ' selected'; } ?>>1800 Seconds</option>
                        <option value="3600"<?php if($membership_maxtime == '3600') { echo ' selected'; } ?>>3600 Seconds</option>
                        <option value="7200"<?php if($membership_maxtime == '7200') { echo ' selected'; } ?>>7200 Seconds</option>
                        <option value="4147200"<?php if($membership_maxtime == '4147200') { echo ' selected'; } ?>>4147200 Seconds</option>
                    </select>
                </td>
            </tr>
            <tr>
                <td class="field">Concurrents</td>
                <td>
                    <select class="form-control input-inline input-xs" name="membership_concurrents">
                        <option value="1"<?php if($membership_concurrents == '1') { echo ' selected'; } ?>>1 Concurrent</option>
                        <option value="2"<?php if($membership_concurrents == '2') { echo ' selected'; } ?>>2 Concurrents</option>
                        <option value="3"<?php if($membership_concurrents == '3') { echo ' selected'; } ?>>3 Concurrents</option>
                        <option value="4"<?php if($membership_concurrents == '4') { echo ' selected'; } ?>>4 Concurrents</option>
                        <option value="4147200"<?php if($membership_concurrents == '4147200') { echo ' selected'; } ?>>4147200 Concurrents</option>
                    </select>
                </td>
            </tr>
            <tr>
                <td class="field">Expiration</td>
                <td><input type="text" class="form-control input-xs" name="membership_expiration" placeholder="Membership Expiration: (format: yyyy-mm-dd)" value="<?php echo $membership_expiration; ?>" /></td>
            </tr>
            <tr>
                <td class="divider" colspan="2"></td>
            </tr>
            <tr>
                <td class="field">IP Address</td>
                <td><a href="http://whatismyipaddress.com/ip/<?php echo $location_ip; ?>" target="new"><?php echo $location_ip; ?></td>
            </tr>
            <tr>
                <td class="divider" colspan="2"></td>
            </tr>
            <tr>
                <td class="field">Warning</td>
                <td>
                    <select class="form-control input-inline input-xs" name="warning">
                        <option value="0"<?php if($warning == '0') { echo ' selected'; } ?>>Level 0 - No warning</option>
                        <option value="1"<?php if($warning == '1') { echo ' selected'; } ?>>Level 1 - First Offence</option>
                        <option value="2"<?php if($warning == '2') { echo ' selected'; } ?>>Level 2 - Strong Warning</option>
                        <option value="3"<?php if($warning == '3') { echo ' selected'; } ?>>Level 3 - Last Chance</option>
                    </select>
                </td>
            </tr>
            <tr>
                <td class="field">Warning Note</td>
                <td><textarea class="form-control" rows="4" name="warning_note" placeholder="The warning note will be displayed after a level 1 warning."><?php echo $warning_note; ?></textarea></td>
            </tr>
            <tr>
                <td class="divider" colspan="2"></td>
            </tr>
            <tr<?php if ($banned == 'true') { echo ' class="danger"'; } ?>>
                <td class="field"><i class="fa fa-ban"></i> Banned</td>
                <td>
                    <label class="radio-inline">
                        <input type="radio" name="banned" value="false"<?php if ($banned == 'false') { echo ' checked'; } ?> />
                        False
                    </label>
                    <label class="radio-inline">
                        <input type="radio" name="banned" value="true"<?php if ($banned == 'true') { echo ' checked'; } ?> />
                        True
                    </label>
                </td>
            </tr>
            <tr<?php if ($banned == 'true') { echo ' class="danger"'; } ?>>
                <td class="field">Banned Reason</td>
                <td><textarea class="form-control" rows="4" name="banned_note" placeholder="Reason for account ban. (If the account is banned)"><?php echo $banned_note; ?></textarea></td>
            </tr>
            <tr>
                <td class="divider" colspan="2"></td>
            </tr>
            <tr>
                <td class="field">Acc Created</td>
                <td><?php echo $created; ?></td>
            </tr>
        </tbody>
        <tfoot>
            <tr>
                <td colspan="2">
                    <button type="submit" name="uploadAccount" class="btn btn-success"><i class="fa fa-upload"></i> Upload new changes</button>
                    <button type="reset" class="btn btn-warning"><i class="fa fa-refresh"></i> Reset Fields</button>
                </td>
            </tr>
        </tfoot>
    </table>
</form>

and my code to update the database is as follows:

    if (isset($_REQUEST['uploadAccount'])) {
    $id = $POST['id'];
    $username = $_POST['username'];
    $fullname = $_POST['fullname'];
    $email = $_POST['email'];

    $membership = $_POST['membership'];
    $membership_type = $_POST['membership_type'];
    $membership_maxtime = $_POST['membership_maxtime'];
    $membership_concurrents = $_POST['membership_concurrents'];
    $membership_expiration = $_POST['membership_expiration'];

    $warning = $_POST['warning'];
    $warning_note = $_POST['warning_note'];

    $banned = $_POST['banned'];
    $banned_note = $_POST['banned_note'];

    $account_update = mysql_query("UPDATE members SET username='$username', fullname='$fullname', email='$email', membership='$membership', membership_type='$membership_type', membership_maxtime='$membership_maxtime', membership_concurrents='$membership_concurrents', membership_expiration='$membership_expiration', warning='$warning', warning_note='$warning_note', banned='$banned', banned_note='$banned_note' WHERE id='$id'", $con);

    header('location: dashboard.php?admin&accounts&success=Account, '.$username.' successfully updated');
} else { }

I would much appreciate if you let me know what I am doing wrong. Thank you in advance to those who do.

Improve this question
6
  • I get no errors, but it doesn't update in the database. Commented Aug 31, 2015 at 6:07
  • 1
    STOP Using deprecated mysql_* API. use mysqli_ or PDO with prepared statements. Commented Aug 31, 2015 at 6:07
  • Also check for errors after executing your query. See php.net/manual/de/function.mysql-query.php how you can do it Commented Aug 31, 2015 at 6:08
  • @Jens I have checked and I don't see any errors which is why I'm asking someone with further experience, and I already know that Mysql is deprecated, I have tried Mysqli and PDO and I can't seem to understand how it works. Commented Aug 31, 2015 at 6:11
  • @Cryptic maybe $id do not containt the values you expected?! Commented Aug 31, 2015 at 6:14

2 Answers 2

Reset to default
1

Dont use deprecated mysql_* use PDO.

Here you have an example.

$pdo    = new PDO ($server, $user, $password);
$query  = 'UPDATE members SET username= :username, fullname= :fullname';
$stmt   = $pdo -> prepare($query);
$stmt->bindParam(":username", $username, PDO::PARAM_STR);
$stmt->bindParam(":fullname", $fullname, PDO::PARAM_STR);
$stmt->execute();

With PDO you can bind your params to the query.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

I have tried using PDO before but I couldn't get the hang of it
Put echo mysql_error() after your query and put the output in here.
"Jens" caught the problem. Thank you very much for your help. I will try PDO again and see if I have better results this time.
0

Problem was that the $id wasn't being recognized. I changed my WHERE clause within the query to $username and it fixed the problem.

Thank you to everyone who helped.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.