0

In the php code below, if you type something into the top input box and click the button the mysql database is updated. I would like to do the same thing with the form below that has multiple boxes (the actual form will have more than two).

<?php
?>
<html>
<head>
<script language='javascript'>
function showList(){
var i=0;
var rankNum;
rankNum = 1;
var vfundsym;
while (i<=5)
{
alert(rankNum + " " + document.getElementById("o" + (i+1)).value);
i++;
rankNum++;
}
}
</script>
</head>
<body>

<form action="getuser3.php" method="post">
<input type="text" id='fundAge' name="fundAge" size="7" maxlength="7" />
<input  style="visibility: visible" id="addFundtoDB" type="submit" value="Update Database" />
</form>

<p>The form above updates one record in the database. How can I loop through the form below and update each record?</p>

<form name="orderedlist" action="getuser3.php" method="post">
<form>
<table>
<tr><td><textarea class="orderedlist" name="p1" id="o1"></textarea></td></tr>
<tr><td><textarea class="orderedlist" name="p2" id="o2"></textarea></td></tr>
</table>
<input type="button" value="run SHOWLIST function" onclick="showList()">
</form>
</body>
</html>

The getuser3.php code is below.

<?php
$con = mysql_connect("localhost","username","password");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
mysql_select_db("devtechw_ajax_demo", $con);

mysql_query("UPDATE user SET Age=('$_POST[fundAge]')
WHERE ID='2'");

mysql_close($con);
?>
Improve this question
2
  • Your script as it is, is vulnerable to tampering via SQL injection attacks. You must, at a minimum, call mysql_real_escape_string() on $_POST['fundAge']. $fundage = mysql_real_escape_string($_POST['fundAge']); Then use $fundAge in the UPDATE statement. Commented Mar 14, 2012 at 16:50
  • I've removed your username/password from the code above, but you should probably change them on your server anyway. Commented Mar 14, 2012 at 16:51

2 Answers 2

Reset to default
2

Neglecting the gaping wide-open SQL injection hole you've got, you can update multiple fields in a single record like this:

UPDATE sometable
SET field1=value1, field2=value2, field3=etc...
WHERE ...
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I will add the SQL injection in the real version after I get the test version working. Sorry, I screwed up and forgot to mention the the number of "rows" varies dynamically, so I don't think I can use: codeSET field1=value1, field2=value2, field3=etc...code I need to iterate through the rows until I reach the end @Milap
UPDATE is a set based operation, you can and should use it to update a set (multiple) records.
0

You can change the SQL query as

$sql="UPDATE user SET Age='".$_POST[fundAge]."' WHERE ID='2'";
mysql_query($sql);

I guess this will do the trick

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.