3

I've got an admin area where the admins can set the level of repair and it shows on a progress bar in the users area. I have it all working apart from updating the mySQL database to the value submitted.

My database has a table called 'users' and fields 'UserID', 'Username', 'Password', 'progress', 'admin'.

Here is the code I'm using to try and make the magic happen:

<?php
$query="SELECT * FROM users";
$result=mysql_query($query);
$num=mysql_numrows($result);

?>
<form id="chooseuseredit" method="post" action="<?php echo $PHP_SELF;?>">
<select name="ChooseUser">
<?php
$i=0;
while ($i < $num) {

$f1=mysql_result($result,$i,"UserID");
$f2=mysql_result($result,$i,"Username");
$f3=mysql_result($result,$i,"progress");
$f4=mysql_result($result,$i,"admin");
?>

<option value="<?php echo $f1; ?>"><?php echo $f2; ?></option>

<?php
$i++;
}
?>
</select>
<input type="submit" name="chooseSubmit" id="chooseSubmit" value="Choose User" />
</form>
<?php
if(isset($_POST['chooseSubmit']) )
{
  $varID = $_POST['ChooseUser'];
  $errorMessage = "Jesus Christ Benton, Choose a User!!";

?>
<br>
<p><strong>Editing UserID: <?php echo "$varID"; ?></strong></p>
<p>Progress:<br>
<form name="edituserform" method="post" action="<?php echo $PHP_SELF;?>">
<select name="editinguser">
<option value="0">Phone Not Recieved</option>
<option value="20">Phone Recieved</option>
<option value="40">Parts Recieved</option>
<option value="60">Repair Started</option>
<option value="80">Repair Finished</option>
<option value="100">Posted Back</option>
</select>
<input type="hidden" name="edituserid" id="edituserid" value="<?php echo "$varID"; ?>" />
<input type="submit" name="edituser" id="edituser" value="Edit" />
</form>
    <?php
    if(isset($_POST['edituser'])){

    $add = $_POST['edituser'];
    $varIDe = $_POST['edituserid'];
    $errorMessage = "Jesus Christ Benton, Choose a User!!";
    $query1 = mysql_query("UPDATE users SET progress = $add WHERE UserID = $varIDe");
    mysql_query($query1) or die("Cannot update");

echo $add;
echo $varIDe;

    }
    ?>

<?php
}
?>

I'm not sure if the variables are working or not, or if it's the way I've used the submit button before? Its got me a little stumped.

Improve this question
4
  • 1
    Please make sure you read this regarding SQL injection Commented Dec 7, 2011 at 12:40
  • @Oliver $_POST['edituser'] is the submit button, I think it should be $_POST['editinguser'], just saying – nine7ySix 10 mins ago Commented Dec 7, 2011 at 13:44
  • @Oliver :O Why did you change accepted answer? Commented Dec 7, 2011 at 14:36
  • sorry, i hadn't realised i had done! Commented Dec 7, 2011 at 19:58

4 Answers 4

Reset to default
2

You're query should be

$query1 = mysql_query("UPDATE users SET progress = '$add' WHERE UserID = $varIDe");

Don't forget the quotes

and it would be best to change your

mysql_query($query1) or die("Cannot update");

to mysql_query($query1) or die("MySQL ERROR: ".mysql_error());

to get it to display errors

edit

Found a few errors

mysql_numrows should be mysql_num_rows

and major error

$query1 = mysql_query("UPDATE users SET progress = $add WHERE UserID = $varIDe");

is running a query, change it to

$query1 = "UPDATE users SET progress = '".$add."' WHERE UserID = '".$varIDe."'";
Improve this answer
Sign up to request clarification or add additional context in comments.

12 Comments

im still not getting errors and cant get it to work
hmm, still cant get it to update the database. I've tried everything everyone has suggested and it doesn't seem to want to play ball!
@Oliver Whysall Change mysql_query($query1) or die("Cannot update"); to mysql_query($query1) or die(mysql_error()); and see post the error
changed all of that and heres the code again, still doesn't want to do anything!
i dont get an error, it just goes back to the first part asking to choose a user, try logging in at youriphonerepair.x10.mx/postinprogress with username as demo and password as 7575
|
0

I think your getting the wrong variable

if(isset($_POST['edituser'])){
  $add = $_POST['edituser']; // this is a button

should be :

if(isset($_POST['editinguser'])){
  $add = $_POST['editinguser']; // this is a select list

But please read the following about SQL Injection

Improve this answer

2 Comments

Thank you, I hadn't noticed that!
This is still incorrect -> if(isset($_POST['edituser'])){ this is a button ?!?!
0

When something's going wrong, with respect to query, you better debugging, adding one: or die ( mysql_error ( ) ) ; and then the error message is displayed.

Improve this answer

Comments

0 
$query1 = mysql_query("UPDATE `users` SET `progress` = '".$add."' WHERE UserID = '".$varIDe."'");
if(mysql_query($query1))
{
//DO SOME ACTION
}
else
{
die(mysql_error());
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.