Premek, Thanks for the reply. I actually found that silly mistake after I sent out my message. You're absolutely right that I need to hardcode the field name into the input name attribute. Even a newbie like me should have realized that one; even though I'm new to PHP I've used other scripting languages for quite a while. I appreciate the replies I've received already; thanks! Sorry for not catching my simple errors before sending out that message. Best to all, Robert -- Robert J. Vander Hart University of Massachusetts Medical School 508-856-3290 | Robert.VanderHart@xxxxxxxxxxxx -----Original Message----- From: Přemysl [mailto:premysl.fiala@xxxxxx] Sent: Tuesday, March 26, 2013 11:46 AM To: php-db@xxxxxxxxxxxxx Subject: Re: Undefined variables in update query Hi, it appears to me that you have some strange input[name] attribute. instead of ....<input type=\"text\" name=\"$row[department]\" value=\"$row[department]\">... try ....<input type=\"text\" name="department" value=\"$row[department]\">... In php you are not initializing variables. That means $department is only set if $_POST['department'] exists. You can try this: add: $sql = ''; instead of if (isset($_POST['department'])) { $department = mysqli_real_escape_string($link, $_POST['department']); } try if (isset($_POST['department'])) { $sql .= $sql ? ", department='$_POST[department]'" : " department='$_POST[department]"; } ...... database: $sql = "update intr_stats_eschol set $sql where authorid='$authorid'"; If you want to update all the rows in you table you can use (for example): ... name="department[$row[authorId]" and in php: ....$department=$_POST['department'][$authorId]... Premek. On Tue, 26 Mar 2013 16:19:24 +0100, VanderHart, Robert <Robert.VanderHart@xxxxxxxxxxxx> wrote: > Hi, > > I'm pretty new to PHP and to this discussion list. > > I have a web form to update some fields in a data table. I'm getting > "undefined variable" notices in my error logs when I submit the form > and the table row doesn't get updated. > > Here's the code for the form page: > > <?php > > include '../db.inc.php'; > > $ID = mysqli_real_escape_string($link, $_GET['ID']); $result = > mysqli_query($link, "select * from intr_stats_eschol where > authorid='$ID'"); if (!$result) { > $error = 'Error fetching eScholarship author details: ' . > mysqli_error($link); > include 'error.html.php'; > exit(); > } > > $num=mysqli_num_rows($result); > > echo "<h1>Editing Record</h1> <form method=\"post\" > action=\"eschol-edit-process.php\"> <table>"; > > for ($i=0; $i<$num; $i++) { > $row = mysqli_fetch_assoc ($result); > > echo > "<tr><td>Last Name:</td><td><input type=\"text\" name=\"$row[lname]\" > value=\"$row[lname]\"></td></tr> > <tr><td>First Name:</td><td><input type=\"text\" name=\"$row[fname]\" > value=\"$row[fname]\"></td></tr> > <tr><td>Middle Name:</td><td><input type=\"text\" name=\"$row[mname]\" > value=\"$row[mname]\"></td></tr> > <tr><td>Suffix:</td><td><input type=\"text\" name=\"$row[suffix]\" > value=\"$row[suffix]\"></td></tr> > <tr><td>Email:</td><td><input type=\"text\" name=\"$row[email]\" > value=\"$row[email]\"></td></tr> > <tr><td>Institution:</td><td><input type=\"text\" > name=\"$row[institution]\" value=\"$row[institution]\"></td></tr> > <tr><td>Department:</td><td><input type=\"text\" > name=\"$row[department]\" value=\"$row[department]\"></td></tr> > <tr><td>Comments:</td><td><input type=\"text\" name=\"$row[comments]\" > value=\"$row[comments]\"></td></tr> > <tr><td>Send Email?</td><td>$row[sent_email]</td></tr> > <tr><td><input type=\"hidden\" name=\"authorid\" > value=\"$row[authorid]\"><input type=\"submit\" value=\"Update > Author\"></td><td> </td></tr>"; > > } echo "</table> > </form>"; > > ?> > > The data are inserted correctly into the form input fields, but when I > click the "Update Author" button, an "undefined variable" notice gets > logged for each of the variables and the table row doesn't get updated. > The only variable that seems to be OK is the authorid field; it > outputs the correct ID from the var_dump() I have inserted. > > Here's the code that processes the form: > > <?php > > include '../db.inc.php'; > > if (isset($_POST['authorid'])) > { > $authorid = mysqli_real_escape_string($link, $_POST['authorid']); > var_dump($authorid); } if (isset($_POST['lname'])) { $lname = > mysqli_real_escape_string($link, $_POST['lname']); } if > (isset($_POST['fname'])) { $fname = mysqli_real_escape_string($link, > $_POST['fname']); } if (isset($_POST['mname'])) { $mname = > mysqli_real_escape_string($link, $_POST['mname']); } if > (isset($_POST['email'])) { $email = mysqli_real_escape_string($link, > $_POST['email']); } if (isset($_POST['institution'])) { $institution = > mysqli_real_escape_string($link, $_POST['institution']); } if > (isset($_POST['department'])) { $department = > mysqli_real_escape_string($link, $_POST['department']); } if > (isset($_POST['comments'])) { $comments = > mysqli_real_escape_string($link, $_POST['comments']); } if > (isset($_POST['sent_email'])) { $sent_email = > mysqli_real_escape_string($link, $_POST['sent_email']); } if > (isset($_POST['suffix'])) { $suffix = mysqli_real_escape_string($link, > $_POST['suffix']); } > > $sql = "update intr_stats_eschol > set > lname='$lname',fname='$fname',mname='$mname',email='$email',institution='$institution',department='$department',comments='$comments',sent_email='$sent_email',suffix='$suffix' > where authorid='$authorid'"; > > if (!$sql) > { > $error = 'Error fetching eScholarship author details: ' . > mysqli_error($link); > include 'error.html.php'; > exit(); > } > ?> > > Can anyone tell where I'm going wrong? I thought it might be some > obvious thing like the use of single quotes instead of double quotes in > the update query, or vice-versa, but I've tried several different ways. > I've looked at numerous stackoverflow.com postings but nothing seems > to remedy the issue I'm having. I'm also wondering if the problem is > related to my using echo() to output the form fields in the first > template. > > FWIW, here's the design of my table: > > +-------------+------------------+------+-----+---------+----------------+ > | Field | Type | Null | Key | Default > | Extra | > +-------------+------------------+------+-----+---------+----------------+ > | email | varchar(255) | YES | | NULL > | | > | institution | varchar(200) | YES | | NULL > | | > | lname | varchar(100) | YES | | NULL > | | > | fname | varchar(80) | YES | | NULL > | | > | mname | varchar(20) | YES | | NULL > | | > | department | varchar(200) | YES | | NULL > | | > | comments | varchar(255) | YES | | NULL > | | > | authorid | int(5) | NO | PRI | NULL | > auto_increment | > | sent_email | varchar(20) | YES | | NULL > | | > | suffix | varchar(50) | YES | | NULL > | | > +-------------+--------------+------+-----+---------+----------------+ > > Thanks for any help you can give me! > > -- > Robert J. Vander Hart > University of Massachusetts Medical School > 508-856-3290 | Robert.VanderHart@xxxxxxxxxxxx -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php