Okay guys, I'm newbie here but 1. I want to UPDATE my sql after I input number on the text box. it echos correctly but doesn't change the DB. 2. I want to remove the first submit button and make it onchange event.
I'm really confused here. Thanks guys! This work is almost done. been doing it for a long time already. I'm still learning php, please bear wit me. thanks
<?php
$conn = new mysqli('localhost', 'root', 'jared17', 'hbadb')
or die ('Cannot connect to db');
$result = $conn->query("select * from english");
echo "<html>";
echo "<body>";
echo "<form name='form' method = POST>";
echo "<select name = 'Students'>";
while ($row = $result->fetch_assoc()) {
$LRN = $row['LRN'];
$Last = $row['Last_Name'];
$First = $row['First_Name'];
echo '<option value="'.$LRN.'">'.$Last.', '.$First.'</option>';
}
echo "</select>";
echo "<input type='submit' name='submit' value='Show'>";
if (isset($_POST['Students'])) {
$lrn = $_POST['Students'];
$stmt = $conn->prepare("SELECT Last_Name, First_Name, Level, Q1, Q2, Q3, Q4, FINAL FROM english WHERE LRN = ?");
$stmt->bind_param('i', $lrn);
$stmt->execute();
$stmt->bind_result($last, $first, $level, $q1, $q2, $q3, $q4, $final);
$stmt->fetch();
echo "<table><tr><th>LRN</th><th>Name</th><th>Level</th><th>Q1</th><th>Q2</th><th>Q3</th><th>Q4</th><th>Final</th></tr>";
echo "<tr><td>$lrn</td><td>$last, $first</td><td>$level</td><td>$q1</td><td>$q2</td><td>$q3</td><td>$q4</td><td>$final</td></tr></table>";
}
///////////EDIT DATA
echo "Edit Data: ";
echo "<select name = 'Edit'>";
echo '<option value=Q1>Q1</option>';
echo '<option value=Q2>Q2</option>';
echo '<option value=Q3>Q3</option>';
echo '<option value=Q4>Q4</option>';
echo '<option value=FINAL>FINAL</option>';
echo '<input type="number" name="editdata">';
echo "</select>";
echo "<input type='submit' name='submit2' value='Edit Now'>";
if (isset($_POST['Edit'])) {
$upd = $_POST['Edit'];
$txt = $_POST['editdata'];
$now = "UPDATE english SET $upd=$txt WHERE LRN=$lrn";
$result2 = $conn->query($now);
echo $now;
}
echo "</form>";
echo "</body>";
echo "</html>";
?>
You need to wrap your input in quotes or else SQL thinks you're trying to reference columns instead of strings.
$now = "UPDATE english SET $upd=\"$txt\" WHERE LRN=\"$lrn\"";
or if you prefer single quotes to avoid escaping w backslash then this should work the same:
$now = "UPDATE english SET $upd='$txt' WHERE LRN='$lrn'";
Also, this is not best practice, as mentioned by chris85 you are subject to injection attacks, if you want best practice then you want to use this: http://php.net/manual/en/mysqli-stmt.bind-param.php