0

I have displayed the data in a form edit.php and again paas the truk_id in url on update page to update.php the data of the fields but it's not working. Can anyone check this

PHP Code 

   <?php
 $truck_id=$_GET['truck_id'];
 print_r($truck_id);
 include("assets/database_con.php");
    if (isset($_POST['submit'])) 
  { 
   $truck_id=$_POST['truck_id'];   
            $truck_number= mysql_real_escape_string(htmlspecialchars($_POST['truck_number']));
            $truck_model= mysql_real_escape_string(htmlspecialchars($_POST['truck_model']));
            $truck_make= mysql_real_escape_string(htmlspecialchars($_POST['truck_make']));
            $truck_type= mysql_real_escape_string(htmlspecialchars($_POST['truck_type']));
            $truck_tierweight= mysql_real_escape_string(htmlspecialchars($_POST['truck_tierweight']));
            $truck_gvm= mysql_real_escape_string(htmlspecialchars($_POST['truck_gvm']));
            $truck_regodate= mysql_real_escape_string(htmlspecialchars($_POST['truck_regodate']));
            $truck_inspectaiondate= mysql_real_escape_string(htmlspecialchars($_POST['truck_inspectaiondate']));
            $sql1 ="UPDATE add_truck SET truck_number='$truck_number', truck_model='$truck_model', truck_make='$truck_make', truck_type='$truck_type', truck_tierweight='$truck_tierweight', truck_gvm='$truck_gvm', truck_regodate='$truck_regodate', truck_inspectaiondate='$truck_inspectaiondate' where truck_id='$truck_id'";
            echo $sql1;
            $results=$conn->query($sql);
        if($results)
        {
            print 'Success! record updated'; 
        }else{
            print 'no! record updated';
        }                   
    }
?>
Improve this question
3
  • whats problem man? Commented Apr 26, 2016 at 5:22
  • try echo $sql and execute that sql in phpmyadmin query window and see if the query is correct. Commented Apr 26, 2016 at 5:23
  • WARNING: Using manual escaping is extremely error prone and a single mistake can lead to a crippling SQL injection bug. Whenever possible use prepared statements. These are quite straightforward to do in mysqli and PDO where any user-supplied data is specified with a ? or :name indicator that’s later populated using bind_param or execute depending on which one you’re using. Commented Apr 26, 2016 at 5:24

4 Answers 4

Reset to default
1

You are assigning values to fields in single quotes.

The main string is enclosed within single quotes.

Variables inside single quotes are not parsed (value is not calculated).

This is called variable interpolation.

Use double quotes for whole string and single quotes for values.

Corrected SQL:

$sql = "UPDATE add_truck 
        SET truck_number='$truck_number', truck_model='$truck_model', 
        truck_make='$truck_make', truck_type='$truck_type', 
        truck_tierweight='$truck_tierweight', 
        truck_gvm='$truck_gvm', truck_regodate='$truck_regodate',
         truck_inspectaiondate='$truck_inspectaiondate' where truck_id='$truck_id'";
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

print the sql query using: echo $sql;die(); and post query here.
0

you are using GET for the truck id and POST for all other variables - is this intentional?

$truck_id=$_GET['truck_id'];

should it be 

$truck_id=$_POST['truck_id'];

or should all the other variables be from the GET array?

Improve this answer

3 Comments

Using this : <?php $truck_id=$_GET['truck_id']; include("assets/database_con.php"); if (isset($_POST['submit'])) { $truck_id=$_POST['truck_id'];
thanks brother for being together ,, I just caught the issues and now fixed.
no worries - happy to help. good luck with it.click the upvote if my answer helped you at all. Thanks gav
0 
$truck_id=$_GET['truck_id'];

Here is your problem part you can't get values from get method when you submit. So you need to add some hidden field into your form like this

<input type="hidden" name="truck_id" value="<?php echo $_GET['truck_id']; ?>">

Change your code like this

if (isset($_POST['submit'])) 
  { 
   $truck_id=$_POST['truck_id']; 
  }

I changed your code please look at this

//Your code starts now
 <?php
include("header.php");
include("assets/database_con.php");
$truck_id= $_GET['truck_id'];
//print ($truck_id);
?>
<?php
//submit part in top that is better
 if (isset($_POST['submit']))
{
$truck_id=$_POST['truck_id'];
$truck_number= mysql_real_escape_string(htmlspecialchars($_POST['truck_number']));
$truck_model= mysql_real_escape_string(htmlspecialchars($_POST['truck_model']));
$truck_make= mysql_real_escape_string(htmlspecialchars($_POST['truck_make']));
$truck_type= mysql_real_escape_string(htmlspecialchars($_POST['truck_type']));
$truck_tierweight= mysql_real_escape_string(htmlspecialchars($_POST['truck_tierweight']));
$truck_gvm= mysql_real_escape_string(htmlspecialchars($_POST['truck_gvm']));
$truck_regodate= mysql_real_escape_string(htmlspecialchars($_POST['truck_regodate']));
$truck_inspectaiondate= mysql_real_escape_string(htmlspecialchars($_POST['truck_inspectaiondate']));
$sql1 ="UPDATE add_truck SET truck_number='$truck_number', truck_model='$truck_model', truck_make='$truck_make', truck_type='$truck_type', truck_tierweight='$truck_tierweight', truck_gvm='$truck_gvm', truck_regodate='$truck_regodate', truck_inspectaiondate='$truck_inspectaiondate' where truck_id='$truck_id'";
echo $sql1;
die();
$results=$conn->query($sql);
if($results)
{
    print 'Success! record updated';
}else{
    print 'no! record updated';
}
}
?>

And changed some thing in here(added action="") 

 <form role="form" method="post"  action="">

And changed some thing in here also(added name="submit")

<div class="form-group">

<input type="hidden" name="truck_id" value="<?php echo $_GET['truck_id']; ?>">
<input type="submit" value="submit" name="submit" class="btn_full" id="submit-booking">
</div>

No need for another div for hidden because it is 'hidden'

Improve this answer

13 Comments

ok i have checked after echo "$truck_id" vales comes in this page. Let me use your code. thanks..I have checked using this code nth happen ..
if it helps please let me know
Should i try this <?php $truck_id=$_GET['truck_id']; print_r($truck_id); include("assets/database_con.php"); if (isset($_POST['submit'])) { $truck_id=$_POST['truck_id'];
if you want $_POST['truck_id'] you want some input in your form tag so please add <input type="hidden" name="truck_id" value="<?php echo $_GET['truck_id']; ?>"> inside your form tag
otherwise everything perfect
|
0 
Used a new code as solution :
    <?php
 if (isset($_POST['submit']))
{
$truck_id=$_POST['truck_id'];

...
}

and one hidden value with the submit name of attribute :
<input type="hidden" name="truck_id" value="<?php echo $_GET['truck_id']; ?>">
                                   <input type="submit" value="submit" name="submit" class="btn_full" id="submit-booking">
Improve this answer

1 Comment

I have tried this .. but no error and nothing happeing in updation.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.