Perform UPDATE to a column

Question

Perform UPDATE to a column

Navigation

#1 by (2 votes)
#2 by (0 votes)

1

My FORM

<form action="submits/submit_ocupacion.php" method="POST">
  <input class="form-control" type="text" id="user_user">
  <input class="form-control" type="text" id="user_ocupacion">
  <button type="submit" name="ocupacion_submit" class="btn btn-success btn-block">
  Dar Ocupación
  </button>
</form>

my app

<?php
include "cn.php";

$user_user_user = $_POST["user_user"];
$ocupacion = $_POST["user_ocupacion"];


$insertar = ("UPDATE users SET ocupacion = ('$ocupacion') WHERE username = ('$user_user_user')");
$resultado = mysqli_query($conexion, $insertar);

if (!$resultado) {
    echo 'Error we';
} else {
echo 'Esta bn loco';
}

?>

My Conect

<?php
$conexion = mysqli_connect("localhost","root","mipass", "midb");
if (!$conexion) {
    echo 'ERROR';
}
else {
    echo 'Conectado';
}
?>

Well the error starts, when I execute the submit using the button It appears that the connection is ready, and I also see that the result is achieved, but nothing happens, no value is modified.

mysql html php

asked by HiglerCraft 27.03.2018 в 09:57

source

2 answers

0

You must add a name to your input, to receive the data by a POST is done through that attribute, the id uses it to put javascripts.

Give Occupation

answered by 28.03.2018 в 07:33

fwrite does not write to file Is it possible to Ignore Variables in the URL when evaluating them?

score 2 · Accepted Answer

You still have to add the name to the inputs because you are not getting the values you write, it should look like this:

Well PHP to be able to read the values that you want to manipulate, it will search to read the values that are in the attribute name and you did not put them

<form action="submits/submit_ocupacion.php" method="POST">
  <input class="form-control" type="text" name="user_user">
  <input class="form-control" type="text" name="user_ocupacion">
  <button type="submit" name="ocupacion_submit" class="btn btn-success btn-block">
  Dar Ocupación
  </button>
</form>

On the other hand, your code is insecure, you should use prepared sentences, see this example:

I've put a variable called $ connection, but you should use the name of the variable you declared to store your connection

The ss that you put in quotation marks helps to identify which values you are going to enter are of type text string

$user_user_user = $_POST["user_user"];
$ocupacion = $_POST["user_ocupacion"];
$insertar = $conexion->prepare("UPDATE users SET ocupacion = ? WHERE username = ?");
$insertar->bindParam("ss", $ocupacion, $user_user_user);
$insertar->execute();

Here you will find the types of data that you can use when doing bindParam ()

i the variable is of integer type

d the variable is double type

s the variable is of type string

b the variable is a blob and is sent in packets