Jump to content
Please Use CODE Tags

Update database based on criteria in PHP

Hikaru12
By Hikaru12
in Programming
 Share
Posted

I'm trying to create a simple contact manager script. My HTML form looks like the following:

<form action="editcontact.php" method="post">First Name: <input type="text" name="fname"><br /><br/>Last Name: <input type="text" name="lname"><br /><br/>Home Phone Number: <input type="text" name="homenum"><br /><br/>Cell Number: <input type="text" name="cellnum"><br /><br/>Address: <textarea name="address" rows="3" cols="25"></textarea><br /><br/>Email: <input type="text" name="email"><br /><br />Birthday: <input type="text" name="birthday"><br /><br />Group: <input type="text" name="contactgroup"><br /><br />ID to Edit: <input type="text" name="id"><br /><br /><input name="update" type="submit" id="update" value="Edit Contact"></form>

What I'm trying to do is update the necessary fields in the database based on what the user has typed in. If the field is empty, I want the database field to be left untouched. I'll probably add some Jquery to only display the input fields based on what the user is interested in editing about the contact (provides a simple way for validation). I'd like to avoid the use of a ton of if statements if possible.

 

Apologize for the bombardment of code questions recently!

Link to comment
https://linustechtips.com/topic/379521-update-database-based-on-criteria-in-php/
Share on other sites
Link to post
Share on other sites
Posted

I'm trying to create a simple contact manager script. My HTML form looks like the following:

<form action="editcontact.php" method="post">First Name: <input type="text" name="fname"><br /><br/>Last Name: <input type="text" name="lname"><br /><br/>Home Phone Number: <input type="text" name="homenum"><br /><br/>Cell Number: <input type="text" name="cellnum"><br /><br/>Address: <textarea name="address" rows="3" cols="25"></textarea><br /><br/>Email: <input type="text" name="email"><br /><br />Birthday: <input type="text" name="birthday"><br /><br />Group: <input type="text" name="contactgroup"><br /><br />ID to Edit: <input type="text" name="id"><br /><br /><input name="update" type="submit" id="update" value="Edit Contact"></form>

What I'm trying to do is update the necessary fields in the database based on what the user has typed in. If the field is empty, I want the database field to be left untouched. I'll probably add some Jquery to only display the input fields based on what the user is interested in editing about the contact (provides a simple way for validation). I'd like to avoid the use of a ton of if statements if possible.

 

Apologize for the bombardment of code questions recently!

 I hate to tell you but the best way to get what you want is to use javascript I know it's a pain but when you're working with databases you need a lot of Jquery.

There are 10 types of people in the world: those who understand binary numbers and those who don’t

bulgara, oh nono

Multipass

Link to post
Share on other sites
Posted

There is no way to do this without testing every value. MySQL will happily set a field to an empty string or null, or throw an error if this is disallowed in the schema. You'll need to specify default logic for empty inputs.

 

A better way to do it would be to populate the fields in the form with the values that are already in the database. That way, they will just be resubmitted and not change anything. This would avoid nonsense with jquery fields and whatnot.

 

 I hate to tell you but the best way to get what you want is to use javascript I know it's a pain but when you're working with databases you need a lot of Jquery.

 

Um, no. You don't need any Javascript whatsoever to interact with a database.

Link to post
Share on other sites
Posted

There is no way to do this without testing every value. MySQL will happily set a field to an empty string or null, or throw an error if this is disallowed in the schema. You'll need to specify default logic for empty inputs.

 

A better way to do it would be to populate the fields in the form with the values that are already in the database. That way, they will just be resubmitted and not change anything. This would avoid nonsense with jquery fields and whatnot.

 

 

Um, no. You don't need any Javascript whatsoever to interact with a database.

 

It was a typo if you look over to the right I stated it was j query he needed it's been a long day. 

There are 10 types of people in the world: those who understand binary numbers and those who don’t

bulgara, oh nono

Multipass

Link to post
Share on other sites
Posted

What? jQuery is a Javascript library. You don't need Javascript to interact with a database in a PHP application.

Well now you know why I dropped out of Uni 

There are 10 types of people in the world: those who understand binary numbers and those who don’t

bulgara, oh nono

Multipass

Link to post
Share on other sites
Posted

Well now you know why I dropped out of Uni 

you should create a javascript code that redirect to a processing page with variables in the url

 

myurl.com/process.php?name=hello&pass=world

 

now in the php script you use GET to get these variables

 

(i cant stress this enough)make sure that in that part you are escaping all the variables and limiting its size to protect yourself agaisnt mysql injections!

 

now you can connect to the database and do an INSERT query to these variables

Link to post
Share on other sites
Posted

you should create a javascript code that redirect to a processing page with variables in the url

 

myurl.com/process.php?name=hello&pass=world

 

now in the php script you use GET to get these variables

 

(i cant stress this enough)make sure that in that part you are escaping all the variables and limiting its size to protect yourself agaisnt mysql injections!

 

now you can connect to the database and do an INSERT query to these variables

 

What is it with the Javascript in this thread? None is required and there is no need to redirect the page. The action attribute in the form will handle the submission whether it is to the same page or a different script.

Link to post
Share on other sites
Posted

you should create a javascript code that redirect to a processing page with variables in the url

 

myurl.com/process.php?name=hello&pass=world

 

now in the php script you use GET to get these variables

 

(i cant stress this enough)make sure that in that part you are escaping all the variables and limiting its size to protect yourself agaisnt mysql injections!

 

now you can connect to the database and do an INSERT query to these variables

You should never use GET for something that alters a database.

1474412270.2748842

Link to post
Share on other sites
Posted

You should never use GET for something that alters a database.

haha,why so.

 

you can put whatever you want into a field in a form,why would putting there mallicious injection code worse then if its gotten thru a get

 

 

What is it with the Javascript in this thread? None is required and there is no need to redirect the page. The action attribute in the form will handle the submission whether it is to the same page or a different script.

you are right,a simple form work aswell, i just really dislike the "form already submitted" error..

Link to post
Share on other sites
Posted

Have a page that loads all the records and then creates a link using the id will looking like edit.php?ID=1 on the edit page grap that ID with $ID = $_GET['ID']; then use it to load from the database and echo into the value of the inputs.

 

you can change what you want and the rest would stay the same.

                     ¸„»°'´¸„»°'´ Vorticalbox `'°«„¸`'°«„¸
`'°«„¸¸„»°'´¸„»°'´`'°«„¸Scientia Potentia est  ¸„»°'´`'°«„¸`'°«„¸¸„»°'´

Link to post
Share on other sites
Posted

haha,why so.

 

you can put whatever you want into a field in a form,why would putting there mallicious injection code worse then if its gotten thru a get

 

It's hightly vulnerable to cross-site request forgery and web crawlers. It also violates the semantics, a "GET" is meant to retrieve data, not modify system state. Conversely, that is exactly what "POST" is expected to do.

Link to post
Share on other sites
Posted
  • Author

Have a page that loads all the records and then creates a link using the id will looking like edit.php?ID=1 on the edit page grap that ID with $ID = $_GET['ID']; then use it to load from the database and echo into the value of the inputs.

 

you can change what you want and the rest would stay the same.

 

I did just that with the following. Only issue I have is with the textarea field as it doesn't seem to populate it. Could be a conflict with the way things are spelled in the database as the column header for address is spelled exactly the same way as the field name and other variables. 

if(isset($_POST['save'])){		$first_save=$_POST['fname'];	$last_save= $_POST['lname'];						$home_save=$_POST['homenum'];	$cell_save=$_POST['cellnum'];	$address_save=$_POST['address'];	$email_save=$_POST['email'];	$birthday_save=$_POST['birthday'];	$contact_save=$_POST['contactgroup'];	mysql_query("UPDATE mycontacts SET firstname='$first_save', lastname='$last_save',		 homenum='$home_save', cellnum='$cell_save', address='$address_save', email='$email_save', birthday='$birthday_save', contactgroup='$contact_save' WHERE id = '$id'")				or die(mysql_error()); 	echo "Saved!";		header("Location: addcontact.php");	
while($row = mysql_fetch_array($result)){	$id = $row['id'];		echo "<tr align='center'>	<td>".$row['firstname']."</td> 	<td>".$row['lastname']."</td>	<td>".$row['homenum']."</td> 	<td>".$row['cellnum']."</td>	<td>".$row['address']."</td>	<td>".$row['email']."</td>	<td>".$row['birthday']."</td>	<td>".$row['contactgroup']."</td>";	echo "<td> <a href ='editcontact.php?id=$id'>Edit</a>";	echo "<td> <a href ='deletecontact.php?id=$id'><center>Delete</center></a>";	echo "</tr>" ;  }

HTML Form taking the values currently in the database and prepopulating the field for editing.

<form method="post" align="center">First Name: <input type="text" name="fname" value="<?php echo $first?>"/><br /><br/>Last Name: <input type="text" name="lname" value="<?php echo $last ?>"/><br /><br/>Home Phone Number: <input type="text" name="homenum" value="<?php echo $home ?>"/><br /><br/>Cell Number: <input type="text" name="cellnum" value="<?php echo $cell ?>"/><br/><br/>Address: <textarea name="address" rows="3" cols="25" value="<?php echo $address ?>"/></textarea><br /><br/>Email: <input type="text" name="email" value="<?php echo $email ?>"/><br /><br />Birthday: <input type="text" name="birthday" value="<?php echo $birthday ?>"/><br /><br />Group: <input type="text" name="contactgroup" value="<?php echo $contact ?>"/><br /><br /><td><input type="submit" name="save" value="Save edits" /></td></form>
Link to post
Share on other sites
Posted

 

I did just that with the following. Only issue I have is with the textarea field as it doesn't seem to populate it. Could be a conflict with the way things are spelled in the database as the column header for address is spelled exactly the same way as the field name and other variables.

 

The reason the textarea isn't getting population is because you put the content inside the tag, it has no value attribute.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programming

×