i have an issue with my code. I have data in a database, and i need help with my php. i coded a page that helps me edit my database by clicking on the specific data and editing it via the website, but anytime i edit a specfic line, it affects all the data of other fields in the database.
<?php
include_once 'db.php';
if(count($_POST)>0) {
mysqli_query($conn,"UPDATE tracking set orderstatus='" . $_POST['orderstatus'] . "'");
$message = "Record Modified Successfully";
}
$result = mysqli_query($conn,"SELECT * FROM tracking WHERE trackingnum='" . $_GET['trackingnum'] . "'");
$row= mysqli_fetch_array($result);
?>
<html>
<style>
@import url(https://fonts.googleapis.com/css?family=Montserrat:400,700);
body { background:rgb(30,30,40); }
form { max-width:420px; margin:50px auto; }
.feedback-input {
color:black;
font-family: Helvetica, Arial, sans-serif;
font-weight:500;
font-size: 18px;
border-radius: 5px;
line-height: 22px;
background-color: transparent;
border:2px solid #CC6666;
transition: all 0.3s;
padding: 9px;
margin-bottom: 15px;
width:100%;
box-sizing: border-box;
outline:0;
}
.feedback-input:focus { border:2px solid #CC4949; }
textarea {
height: 150px;
line-height: 150%;
resize:vertical;
}
[type="submit"] {
font-family: 'Montserrat', Arial, Helvetica, sans-serif;
width: 100%;
background:#CC6666;
border-radius:5px;
border:0;
cursor:pointer;
color:black;
font-size:24px;
padding-top:10px;
padding-bottom:10px;
transition: all 0.3s;
margin-top:-4px;
font-weight:700;
}
[type="submit"]:hover { background:#CC4949; }
</style>
<head>
<title>Update Tracking Data</title>
</head>
<body>
<form name="frmUser" method="post" action="">
<div><?php if(isset($message)) { echo $message; } ?>
</div>
<div style="padding-bottom:5px;">
</div>
Tracking Number: <br>
<input type="text" name="trackingnum" class="feedback-input" value="<?php echo $row['trackingnum']; ?>">
<br>
Current Status: <?php echo $row['orderstatus']; ?><br>
Order Status: <br>
<select name="orderstatus" class="feedback-input"
<option value = ""></option>
<option value = ""><?php echo $row['orderstatus']; ?></option>
<option value = "Pending">Pending</option>
<option value = "Confirmed">Confirmed</option>
<option value = "In-Progress">In-Progress</option>
<option value = "In-Transit">In-Transit</option>
<option value = "On Route">On Route</option>
<option value = "Delivered">Delivered</option>
</select>
<br>
<input type="submit" name="submit" value="Submit" class="buttom">
</form>
</body>
</html>
<section class="about_top">
<div class="container">
<div class="row">
<div class="col-md-4 col-sm-4 col-xs-12">
<div class="about_single_item">
<div class="item_icon">
</div>
<div class="about_single_item_content">
<h4><a href="form.php">Add New Tracking</h4></a>
</div>
</div>
</div>
<div class="col-md-4 col-sm-4 col-xs-12">
<div class="about_single_item">
<div class="item_icon">
</div>
<div class="about_single_item_content">
<h4><a href="edit.php">Edit Existing Tracking</h4></a>
</div>
</div>
</div>
<div class="col-md-4 col-sm-4 col-xs-12">
<div class="about_single_item">
<div class="item_icon">
</div>
<div class="about_single_item_content">
<h4><a href="index.php">Test Tracking</h4></a>
</div>
</div>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Fast Delivery</title>
<!-- bootstrap css -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7" crossorigin="anonymous">
<!-- font Awesome Css -->
<!--slick css-->
<link href="css/slick.css" rel="stylesheet">
<!-- owl-carousel css -->
<link href="css/owl.carousel.css" rel="stylesheet">
<!-- YTPlayer css For Background Video -->
<link href="css/jquery.mb.YTPlayer.min.css" rel="stylesheet">
<!-- style css -->
<!-- Responsive Css -->
<link href="css/responsive.css" rel="stylesheet">
<!-- browser campatibel css files-->
<!--[if lt IE 9]>
<script src="//oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
<script src="//oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body class="js">
</section>
</body>
</html>
Above is my update page code. https://i.stack.imgur.com/gQSX6.png If i update via my site both rows change. even tho i just want 1 row to change https://i.stack.imgur.com/AiIcD.png
You want awhere
clause in theupdate
statement, presumably ontrackingnum
:
update tracking
set orderstatus = :orderstatus
where trackingnum = :trackingnum
Important note: use prepared statements! Do not concatenate POST values in the query string: this is inefficient, and highly unsafe as it opens up your code to SQL injection attacks. Recommend reading: How can I prevent SQL injection in PHP?.
You need to target a specific record using a WHERE clause. Your code is also very prone to SQL injection. You should never use user input concatenated directly into your SQL statements. You should always use prepared statements.
Using mysqli it would look like something like this.
I will assume you have an id field that is an integer, adapt it to your data model. That field would have to be passed along with your form, an input (type="hidden") could be appropriate for that. But once again, adapt this to your needs.
$stmt = $conn->prepare("UPDATE tracking set orderstatus=? WHERE id=?");
// The "si" here is a type representation where first parameter is a string second is an integer
$stmt->bind_param("si", $status, $id);
$status = $_POST['orderstatus'];
$id = $_POST['id'];
$stmt->execute();
The same goes for select statements (or any statement really).
$stmt = $conn->prepare("SELECT * FROM tracking WHERE trackingnum=?");
$stmt->bind_param("s", $trackingnum);
$trackingnum = $_GET['trackingnum'];
$stmt->execute();
$result = $stmt->get_result();
$row = $result->fetch_assoc();
More info can be found here https://www.php.net/manual/en/mysqli.prepare.php
Proper validation of the user inputs would also be recommended, but at least with a prepared statement, you prevent SQL injection. Keep in mind that user inputs can almost always be tempered.
Note: I did not test any of this.
Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.
Find the answer in similar questions on our website.
Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.
PHP (from the English Hypertext Preprocessor - hypertext preprocessor) is a scripting programming language for developing web applications. Supported by most hosting providers, it is one of the most popular tools for creating dynamic websites.
The PHP scripting language has gained wide popularity due to its processing speed, simplicity, cross-platform, functionality and distribution of source codes under its own license.
https://www.php.net/
JQuery is arguably the most popular JavaScript library with so many features for modern development. JQuery is a fast and concise JavaScript library created by John Resig in 2006. It is a cross-platform JavaScript library designed to simplify client-side HTML scripting. Over 19 million websites are currently using jQuery! Companies like WordPress, Facebook, Google, IBM and many more rely on jQuery to provide a kind of web browsing experience.
https://jquery.com/
DBMS is a database management system. It is designed to change, search, add and delete information in the database. There are many DBMSs designed for similar purposes with different features. One of the most popular is MySQL.
It is a software tool designed to work with relational SQL databases. It is easy to learn even for site owners who are not professional programmers or administrators. MySQL DBMS also allows you to export and import data, which is convenient when moving large amounts of information.
https://www.mysql.com/
CSS (Cascading Style Sheets) is a formal language for describing the appearance of a document written using a markup language.
It is mainly used as a means of describing, decorating the appearance of web pages written using HTML and XHTML markup languages, but can also be applied to any XML documents, such as SVG or XUL.
https://www.w3.org/TR/CSS/#css
Bootstrap is not exclusively a CSS framework, but its most popular features are CSS-centric. These include a powerful grid, icons, buttons, map components, navigation bars, and more.
https://getbootstrap.com/
HTML (English "hyper text markup language" - hypertext markup language) is a special markup language that is used to create sites on the Internet.
Browsers understand html perfectly and can interpret it in an understandable way. In general, any page on the site is html-code, which the browser translates into a user-friendly form. By the way, the code of any page is available to everyone.
https://www.w3.org/html/
Welcome to the Q&A site for web developers. Here you can ask a question about the problem you are facing and get answers from other experts. We have created a user-friendly interface so that you can quickly and free of charge ask a question about a web programming problem. We also invite other experts to join our community and help other members who ask questions. In addition, you can use our search for questions with a solution.
Ask about the real problem you are facing. Describe in detail what you are doing and what you want to achieve.
Our goal is to create a strong community in which everyone will support each other. If you find a question and know the answer to it, help others with your knowledge.