**i have this file
if(isset($_POST['action']) && $_POST['action']=="add")
{
$CompanyName=$_POST['add_CompanyName'];
$SupplierAddress=$_POST['add_SupplierAddress'];
$SupplierFax1=$_POST['add_SupplierFax1']; $pattern="/^[A-Z]{2}\d{4}\b/";
if(($CompanyName=="")||($SupplierAddress == "")||($SupplierFax1 == "")){
echo '{"status":"1"}';
exit;
}
else if( !preg_match($pattern,$SupplierFax1)){
echo '{"status":"2"}';
exit;
}else{
$test=mysqli_query($con,"INSERT INTO suppliers(CompanyName,SupplierAddress,SupplierFax1,AttachTitle) VALUES('$CompanyName','$SupplierAddress','$SupplierFax1')") or die ("data error!");
echo '{"status":"3"}';
exit;
}
}
elseif(isset($_POST['action'])&& $_POST['action']=="update")
{
$id=$_POST['edit_id'];
$CompanyName=$_POST['edit_CompanyName'];
$SupplierAddress=$_POST['edit_SupplierAddress'];
$SupplierFax1=$_POST['edit_SupplierFax1'];
$test = mysqli_query($con,"UPDATE suppliers SET CompanyName='$CompanyName',SupplierAddress='$SupplierAddress',SupplierFax1='$SupplierFax1', WHERE id='$id'") or die ("data error!");
echo '{"status":"3"}';
exit;
}
elseif(isset($_POST['action']) && $_POST['action']=="delete")
{
$id = $_POST['delete_id'];
$test = mysqli_query($con,"delete from suppliers where id='$id'");
if(mysqli_affected_rows($con) == 1){
echo '{"status":"1"}';
}else{
echo '{"status":"0"}';
}
exit;
}
and i have this form
<form id="form1" method="post" enctype=”multipart/form-data>
<p><label>CompanyName</label><input type="text" id="add_CompanyName" name="add_CompanyName" /></p>
<p><label>SupplierAddress</label><input type="text" id="add_SupplierAddress" name="add_SupplierAddress" /> </p>
<p><label>SupplierFax1</label><input type="text" id="add_SupplierFax1" name="add_SupplierFax1" /></p>
<p><input type="submit" value="Add" /></p>
<input type="hidden" id="action" name="action" value="add" />
</form>
now i want to add new two fields to upload documents and show their path in mysql with the path description
how can i add them to the above code ? am using also ajax
$('#suppliers tr:even:not(#nav):not(#total)').addClass('even');
$('#suppliers tr:odd:not(#nav):not(#total)').addClass('odd')
$("form#form1").submit(function(){
var vId = $("input#edit_id").val();
var vCompanyName = $("input#edit_CompanyName").val();
var vSupplierAddress = $("input#edit_SupplierAddress").val();
var vSupplierFax1 = $("input#edit_SupplierFax1").val();
var myRegExp=/^[A-Z]{2}\d{4}\b/;
});
What you have to do first is alter your table with the new data fields you need. For instance:
ALTER TABLE supplies ADD COLUMN field2 varchar(32) NOT NULL;
To fill this column you will have to add this to your HTML:
<p><label>Field2</label><input type="text" id="add_field2" name="add_field2" /></p>
And catch this in PHP like:
$field2 = $_POST['add_field2'];
and alter your insert query to look something like:
$test=mysqli_query($con,"INSERT INTO suppliers(CompanyName,SupplierAddress,SupplierFax1,AttachTitle, field2) VALUES('$CompanyName','$SupplierAddress','$SupplierFax1', '$field2')") or die ("data error!");
and your update query:
$test = mysqli_query($con,"UPDATE suppliers SET CompanyName='$CompanyName',SupplierAddress='$SupplierAddress',SupplierFax1='$SupplierFax1',field2='$field2' WHERE id='$id'") or die ("data error!");
I also want to point you to the following site: SQL Injection
Read this carefully to prevent your database will be compromised if your application is open to the world