Re: Undefined variables in update query

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

it appears to me that you have some strange input[name] attribute.
instead of
....<input type=\"text\" name=\"$row[department]\" value=\"$row[department]\">...
try
....<input type=\"text\" name="department" value=\"$row[department]\">...

In php you are not initializing variables. That means $department is only set if $_POST['department'] exists.
You can try this:
add: $sql = '';

instead of
  if (isset($_POST['department']))
{
$department = mysqli_real_escape_string($link, $_POST['department']);
 }
try

  if (isset($_POST['department']))
{
$sql .= $sql ? ", department='$_POST[department]'" : " department='$_POST[department]";
 }
......
database:
 $sql = "update intr_stats_eschol set $sql  where authorid='$authorid'";

If you want to update all the rows in you table you can use (for example):
... name="department[$row[authorId]" and in php: ....$department=$_POST['department'][$authorId]...

Premek.

On Tue, 26 Mar 2013 16:19:24 +0100, VanderHart, Robert <Robert.VanderHart@xxxxxxxxxxxx> wrote:

Hi,

I'm pretty new to PHP and to this discussion list.

I have a web form to update some fields in a data table. I'm getting "undefined variable" notices in my error logs when I submit the form and the table row doesn't get updated.

Here's the code for the form page:

<?php

include '../db.inc.php';

$ID = mysqli_real_escape_string($link, $_GET['ID']);
$result = mysqli_query($link, "select *
from intr_stats_eschol
where authorid='$ID'");
if (!$result)
{
$error = 'Error fetching eScholarship author details: ' . mysqli_error($link);
        include 'error.html.php';
        exit();
}

$num=mysqli_num_rows($result);

                echo "<h1>Editing Record</h1> <form method=\"post\"
action=\"eschol-edit-process.php\"> <table>";

for ($i=0; $i<$num; $i++) {
                $row = mysqli_fetch_assoc ($result);

                echo
"<tr><td>Last Name:</td><td><input type=\"text\" name=\"$row[lname]\" value=\"$row[lname]\"></td></tr> <tr><td>First Name:</td><td><input type=\"text\" name=\"$row[fname]\" value=\"$row[fname]\"></td></tr> <tr><td>Middle Name:</td><td><input type=\"text\" name=\"$row[mname]\" value=\"$row[mname]\"></td></tr> <tr><td>Suffix:</td><td><input type=\"text\" name=\"$row[suffix]\" value=\"$row[suffix]\"></td></tr> <tr><td>Email:</td><td><input type=\"text\" name=\"$row[email]\" value=\"$row[email]\"></td></tr> <tr><td>Institution:</td><td><input type=\"text\" name=\"$row[institution]\" value=\"$row[institution]\"></td></tr> <tr><td>Department:</td><td><input type=\"text\" name=\"$row[department]\" value=\"$row[department]\"></td></tr> <tr><td>Comments:</td><td><input type=\"text\" name=\"$row[comments]\" value=\"$row[comments]\"></td></tr>
<tr><td>Send Email?</td><td>$row[sent_email]</td></tr>
<tr><td><input type=\"hidden\" name=\"authorid\" value=\"$row[authorid]\"><input type=\"submit\" value=\"Update Author\"></td><td> </td></tr>";

                                                }
echo "</table> </form>";

?>

The data are inserted correctly into the form input fields, but when I click the "Update Author" button, an "undefined variable" notice gets logged for each of the variables and the table row doesn't get updated. The only variable that seems to be OK is the authorid field; it outputs the correct ID from the var_dump() I have inserted.

Here's the code that processes the form:

<?php

include '../db.inc.php';

if (isset($_POST['authorid']))
{
$authorid = mysqli_real_escape_string($link, $_POST['authorid']);
var_dump($authorid);
}
if (isset($_POST['lname']))
{
$lname = mysqli_real_escape_string($link, $_POST['lname']);
}
if (isset($_POST['fname']))
{
$fname = mysqli_real_escape_string($link, $_POST['fname']);
}
if (isset($_POST['mname']))
{
$mname = mysqli_real_escape_string($link, $_POST['mname']);
}
if (isset($_POST['email']))
{
$email = mysqli_real_escape_string($link, $_POST['email']);
}
if (isset($_POST['institution']))
{
$institution = mysqli_real_escape_string($link, $_POST['institution']);
}
if (isset($_POST['department']))
{
$department = mysqli_real_escape_string($link, $_POST['department']);
}
if (isset($_POST['comments']))
{
$comments = mysqli_real_escape_string($link, $_POST['comments']);
}
if (isset($_POST['sent_email']))
{
$sent_email = mysqli_real_escape_string($link, $_POST['sent_email']);
}
if (isset($_POST['suffix']))
{
$suffix = mysqli_real_escape_string($link, $_POST['suffix']);
}

$sql = "update intr_stats_eschol
set
lname='$lname',fname='$fname',mname='$mname',email='$email',institution='$institution',department='$department',comments='$comments',sent_email='$sent_email',suffix='$suffix'
where authorid='$authorid'";

if (!$sql)
{
$error = 'Error fetching eScholarship author details: ' . mysqli_error($link);
        include 'error.html.php';
        exit();
}
?>

Can anyone tell where I'm going wrong? I thought it might be some obvious thing like the use of single quotes instead of double quotes in the update query, or vice-versa, but I've tried several different ways. I've looked at numerous stackoverflow.com postings but nothing seems to remedy the issue I'm having. I'm also wondering if the problem is related to my using echo() to output the form fields in the first template.

FWIW, here's the design of my table:

+-------------+------------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+-------------+------------------+------+-----+---------+----------------+
| email | varchar(255) | YES | | NULL | | | institution | varchar(200) | YES | | NULL | | | lname | varchar(100) | YES | | NULL | | | fname | varchar(80) | YES | | NULL | | | mname | varchar(20) | YES | | NULL | | | department | varchar(200) | YES | | NULL | | | comments | varchar(255) | YES | | NULL | | | authorid | int(5) | NO | PRI | NULL | auto_increment | | sent_email | varchar(20) | YES | | NULL | | | suffix | varchar(50) | YES | | NULL | |
+-------------+--------------+------+-----+---------+----------------+

Thanks for any help you can give me!

--
Robert J. Vander Hart
University of Massachusetts Medical School
508-856-3290 | Robert.VanderHart@xxxxxxxxxxxx


--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php





[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux