Change MySQL column information with UPDATE

2

In summary through PHP below I can send the specific information already registered in the column in the BD, but in addition to just "emitting" the data there, I would like a function that would change such information without changing the page . I have an idea how to do this using the following code:

if ($action == 'okay') {
$conexao = mysql_query("update settingsMDP set name='$name', version='$version', startacp='$startacp' WHERE id='1'") or die ("Eita.. Deu errado!");
}

If they are to be seen, if the form action is "okay" then it executes the UPDATE, but ... That does not happen I do not know why.

This is PHP.

<?php
// definições de host, database, usuário e senha
$server = "";
$usuario = "";
$banco   = "";
$senha = "";
// conecta ao banco de dados
$conexao = mysql_connect($server, $usuario, $senha);
$conexao = mysql_select_db("$banco",$conexao);
if(!$conexao) {
    echo mysql_error();
    exit;
}

$conexao = mysql_query("select * from settingsMDP");

//********************************************mudei aqui*****************************
$exibe = mysql_fetch_assoc($conexao);

 if (empty($_REQUEST['action'])) $action = ''; else $action = $_REQUEST['action'];
 if ($action == 'okay') {
 $conexao = mysql_query("update settingsMDP set name='$name', version='$version', startacp='$startacp' WHERE id='1'") or die(mysql_error());
}
?>

<form method="post" action="<?php $_PHP_SELF ?>">
    <table width="400" border="0" cellspacing="1" cellpadding="2">
        <tr>
            <td width="100">Nome do MDP: </td>
            <td><input name="name" type="text" id="name" value="<?php echo $exibe["name"]; ?>"></td>
        </tr>
        <tr>
            <td width="100">Versão: </td>
            <td><input name="name" type="text" id="name" value="<?php echo $exibe["version"]; ?>"></td>
        </tr>
        <tr>
            <td width="100">Abertura do painel:</td>
            <td><input name="start_acp" type="text" id="startacp" value="<?php echo $exibe["startacp"]; ?>"></td>
        </tr>
        <tr>
            <td width="100"> </td>
            <td> </td>
        </tr>
        <tr>
            <td width="100"> </td>
            <td><input name="update" type="submit" id="update" value="Salvar"></td>
        </tr>
    </table>
</form>
    
asked by anonymous 26.12.2014 / 18:36

1 answer

2

I'm going to mess with what I think is what you want. I'm going to take some other problems, but not all.

<?php
// definições de host, database, usuário e senha
$server = "";
$usuario = "";
$banco   = "";
$senha = "";
// conecta ao banco de dados
$conexao = mysqli_connect($server, $usuario, $senha);
mysqli_select_db($conexao, $banco);
if(!$conexao) {
    echo mysqli_error();
    exit;
}

if ($_POST["update"] == "Salvar") {
    $name = mysqli_real_escape_string($conexao, $_POST["name"]);
    $version = mysqli_real_escape_string($conexao, $_POST["version"]);
    $startacp = mysqli_real_escape_string($conexao, $_POST["startacp"]);
    $resultado = mysqli_query($conexao, "update settingsMDP set name='$name', version='$version', startacp='$startacp' WHERE id='1'") or die (mysqli_error());
    echo "Gravou";
} else {
    $resultado = mysqli_query($conexao, "select * from settingsMDP");
    $exibe = mysqli_fetch_array($resultado, MYSQLI_ASSOC);
?>

<form method="post">
    <table width="400" border="0" cellspacing="1" cellpadding="2">
        <tr>
            <td width="100">Nome do MDP: </td>
            <td><input name="name" type="text" id="name" value="<?php echo $exibe["name"]; ?>"></td>
        </tr>
        <tr>
            <td width="100">Versão: </td>
            <td><input name="version" type="text" id="version" value="<?php echo $exibe["version"]; ?>"></td>
        </tr>
        <tr>
            <td width="100">Abertura do painel:</td>
            <td><input name="startacp" type="text" id="startacp" value="<?php echo $exibe["startacp"]; ?>"></td>
        </tr>
        <tr>
            <td width="100"> </td>
            <td> </td>
        </tr>
        <tr>
            <td width="100"> </td>
            <td><input name="update" type="submit" id="update" value="Salvar"></td>
        </tr>
    </table>
</form>
<?php
}
?>

I can not test, but it's something like that.

Since you are using the same page to get the data and upgrade you need to decide which one to do. This can be done if the submit button is present or not.

I made the so-called sanitization of the content that came to prevent SQL Injection.

I switched to MySLQi which is a more modern function and is recommended.

I fixed an inattentive error in the name of the HTML fields.

There was also confusion with the $conexao variable that caused the connection reference to be lost. You can not reuse the variable this way.

I left the form flame with no parameter that will call its own URL.

And I got some more details. I would still change a lot of things in this code but I'd better not mess with what you're getting at or else you're going to get lost. A quality code for use in production would have to be much better than this. Although I've seen a lot site running around with something even worse: P

    
26.12.2014 / 19:10