I have tried practically everything but I cannot get this simple update query to work.
Array shows:
Array ( [pSelect] => 102 [budget] => 44 [submit] => submit )
So I can conclude that it does get the ID and receives the value from the input field budget.
<form action="test.php" method="post" action="test.php">
<select name = 'pSelect' id = 'pSelect'>
<?php
$result = mysql_query
("SELECT ID, Project, Projectnummer, Klant, Budget
FROM tblproject
WHERE Status = '1'
ORDER BY Klant ASC
");
while($row1 = mysql_fetch_array($result))
{
$pID = $row1['ID'];
echo "<option value=\"" . $row1['ID'] . "\"";
if (isset($_POST['pSelect']) && $row1['ID'] == $_POST['pSelect'])
{
echo " selected='selected'";
}
echo ">" . $row1['Klant'] ." ". $row1['Project'] ." ". $row1['Projectnummer'] . "</option>";
echo "<br />";
}
?>
</select>
<input type="text" name="budget" />
<?php
if (isset($_POST['submit']))
{
$ID = $_POST['pSelect'];
$budget = $_POST['budget'];
mysql_query
(" UPDATE tblproject SET Budget = '$budget',WHERE ID = '$ID'");
}
print_r($_POST);
?>
<input type="submit" name="submit" value="submit" />
</form>
As noted by Steven, you have an errant comma at the end of Budget = '$budget',
And please, please, please... if you're not going to use Prepared Statements/Parameterised Queries could you at least use the mysql_real_escape_string() function on all the parameters to your queries? e.g.:
$query = sprintf("
UPDATE tblproject SET
Budget = '%s'
WHERE ID = '%s'",
mysql_real_escape_string($budget),
mysql_real_escape_string($ID));
);
mysql_query($query);
The alternative is somebody causing SQL Injection problems in your application at some point.
try this
mysql_query("UPDATE tblproject SET Budget = '".$budget."' WHERE ID = '".$ID."' ");
try this
UPDATE tblproject SET Budget = '".$budget."' WHERE ID = '".$ID."'
Try this UPDATE query:
mysql_query ("UPDATE tblproject SET Budget = '".$budget."' WHERE ID = '".$ID."'");