I tried to implement CRUD in m website but I am able to make Create, Read and Delete. However, something went wrong during developing the Update function. Can anyone help me? I will provide the code below. The code is used to update the users information if the logged in person is an Admin. Thank you.
<?php
// Include config file
require_once "config.php";
// Define variables and initialize with empty values
$firstname = $lastname = $email = $address = $status = $level = "";
$firstname_err = $lastname_err = $email_err = $address_err = $level_err = $status_err = "";
// Processing form data when form is submitted
if(isset($_POST["id"])){
// Get hidden input value
$id = $_POST["id"];
// Validate name-first
$input_firstname = trim($_POST["firstname"]);
if(empty($input_firstname)){
$firstname_err = "Please enter a first name.";
} elseif(!filter_var($input_firstname, FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>"/^[a-zA-Zs]+$/")))){
$firstname_err = "Please enter a valid first name.";
} else{
$firstname = $input_firstname;
}
//Validate lastname
$input_lastname = trim($_POST["lastname"]);
if(empty($input_lastname)){
$lastname_err = "Please enter a last name.";
} elseif(!filter_var($input_lastname, FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>"/^[a-zA-Zs]+$/")))){
$lastname_err = "Please enter a valid last name.";
} else{
$lastname = $input_firstname;
}
//Validate email address
$input_email = trim($_POST["email"]);
if(empty($input_email)){
$email_err = "Please enter an email address.";
} else{
$email = $input_email;
}
// Validate address
$input_address = trim($_POST["address"]);
if(empty($input_address)){
$address_err = "Please enter an address.";
} else{
$address = $input_address;
}
// Validate access level
$input_level = trim($_POST["level"]);
if(empty($input_level)){
$level_err = "Please enter an level.";
} elseif($input_level == 'Admin'){
$level = $input_level;
}elseif($input_level == 'Customer'){
$level = $input_level;
}else{
$level_err = 'Please choose from Admin or Customer';
}
// Validate status
$input_status = trim($_POST["status"]);
if(empty($input_status)){
$status_err = "Please enter a status";
}elseif($input_status == '1'){
$status = $input_status;
}elseif($input_status == '0'){
$status = $input_status;
}else{
$status_err = "Please enter a valid status";
}
// Check input errors before inserting in database
if(empty($firstname_err) && empty($lastname_err) && empty($email_err) && empty($address_err) && empty($level_err) && empty($status_err)){
// Prepare an update statement
$sql = "UPDATE users SET firstname=?, lastname=? address=?, email=?, access_level=?, status=? WHERE id=?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "sssssii", $param_firstname, $param_lastname, $param_email, $param_address, $param_level, $param_status, $param_id);
// Set parameters
$param_firstname = $firstname;
$param_lastname = $lastname;
$param_address = $address;
$param_email = $email;
$param_level = $level;
$param_status = $status;
$param_id = $id;
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Records updated successfully. Redirect to landing page
header("location: index.php");
exit();
} else{
echo "Something went wrong. Please try again later.";
}
// Close statement
mysqli_stmt_close($stmt);
}else{
echo mysqli_stmt_error($stmt);
}
}
// Close connection
mysqli_close($link);
} else{
// Check existence of id parameter before processing further
if(isset($_GET["id"]) && !empty(trim($_GET["id"]))){
// Get URL parameter
$id = trim($_GET["id"]);
// Prepare a select statement
$sql = "SELECT * FROM users WHERE id = ?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "i", $param_id);
// Set parameters
$param_id = $id;
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
$result = mysqli_stmt_get_result($stmt);
if(mysqli_num_rows($result) == 1){
/* Fetch result row as an associative array. Since the result set contains only one row, we don't need to use while loop */
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
// Retrieve individual field value
$firstname = $row["firstname"];
$lastname = $row["lastname"];
$email = $row["email"];
$address = $row["address"];
$level = $row["access_level"];
$status = $row["status"];
} else{
// URL doesn't contain valid id. Redirect to error page
header("location: error.php");
exit();
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
}
// Close statement
mysqli_stmt_close($stmt);
// Close connection
mysqli_close($link);
} else{
// URL doesn't contain id parameter. Redirect to error page
header("location: error.php");
exit();
}
}
?>
<?php
// core configuration
include_once "../../config/core.php";
// check if logged in as admin
include_once "../login_checker.php";
// set page title
$page_title = "Update Record";
// include page header HTML
include '../layout_head.php';
echo "<div class='col-md-12'>";
// get parameter values, and to prevent undefined index notice
$action = isset($_GET['action']) ? $_GET['action'] : "";
// tell the user he's already logged in
if ($action == 'already_logged_in') {
echo "<div class='alert alert-info'>";
echo "<strong>You</strong> are already logged in.";
echo "</div>";
} else if ($action == 'logged_in_as_admin') {
echo "<div class='alert alert-info'>";
echo "<strong>You</strong> are logged in as admin.";
echo "</div>";
}
echo "</div>";
//content when logged in
?>
<div class="wrapper" style="width: 500px; margin: 0 auto;">
<div class="container-fluid">
<div class="row">
<div class="col-md-12">
<div class="page-header">
<h2>Update Record</h2>
</div>
<p>Please edit the input values and submit to update the record.</p>
<form action="<?php echo htmlspecialchars(basename($_SERVER['REQUEST_URI'])); ?>" method="post">
<div class="form-group <?php echo (!empty($firstname_err)) ? 'has-error' : ''; ?>">
<label>First Name</label>
<input type="text" name="firstname" class="form-control" value="<?php echo $firstname; ?>">
<span class="help-block"><?php echo $firstname_err;?></span>
</div>
<div class="form-group <?php echo (!empty($lastname_err)) ? 'has-error' : ''; ?>">
<label>Last Name</label>
<input type="text" name="lastname" class="form-control" value="<?php echo $lastname; ?>">
<span class="help-block"><?php echo $lastname_err;?></span>
</div>
<div class="form-group <?php echo (!empty($address_err)) ? 'has-error' : ''; ?>">
<label>Email</label>
<input type="email" name="email" class="form-control" value="<?php echo $email; ?>" />
<span class="help-block"><?php echo $email_err;?></span>
</div>
<div class="form-group <?php echo (!empty($address_err)) ? 'has-error' : ''; ?>">
<label>Address</label>
<textarea name="address" class="form-control"><?php echo $address; ?></textarea>
<span class="help-block"><?php echo $address_err;?></span>
</div>
<div class="form-group <?php echo (!empty($level_err)) ? 'has-error' : ''; ?>">
<label>Access Level</label>
<input type="text" name="level" class="form-control" value="<?php echo $level; ?>">
<span class="help-block"><?php echo $level_err;?></span>
</div>
<div class="form-group <?php echo (!empty($status_err)) ? 'has-error' : ''; ?>">
<label>Status</label>
<input type="text" name="status" class="form-control" value="<?php echo $status; ?>">
<span class="help-block"><?php echo $status_err;?></span>
</div>
<input type="hidden" name="id" value="<?php echo $id; ?>"/>
<input type="submit" class="btn btn-primary" value="Submit">
<a href="index.php" class="btn btn-default">Cancel</a>
</form>
</div>
</div>
</div>
</div>
</body>
</html>
Advertisement
Answer
<?php
// Include config file
require_once "config.php";
// Define variables and initialize with empty values
$firstname = $lastname = $email = $address = $status = $level = "";
$firstname_err = $lastname_err = $email_err = $address_err = $level_err = $status_err = "";
// Processing form data when form is submitted
if(isset($_POST["id"])){
// Get hidden input value
$id = $_POST["id"];
// Validate name-first
$input_firstname = trim($_POST["firstname"]);
if(empty($input_firstname)){
$firstname_err = "Please enter a first name.";
} elseif(!filter_var($input_firstname, FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>"/^[a-zA-Zs]+$/")))){
$firstname_err = "Please enter a valid first name.";
} else{
$firstname = $input_firstname;
}
//Validate lastname
$input_lastname = trim($_POST["lastname"]);
if(empty($input_lastname)){
$lastname_err = "Please enter a last name.";
} elseif(!filter_var($input_lastname, FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>"/^[a-zA-Zs]+$/")))){
$lastname_err = "Please enter a valid last name.";
} else{
$lastname = $input_firstname;
}
//Validate email address
$input_email = trim($_POST["email"]);
if(empty($input_email)){
$email_err = "Please enter an email address.";
} else{
$email = $input_email;
}
// Validate address
$input_address = trim($_POST["address"]);
if(empty($input_address)){
$address_err = "Please enter an address.";
} else{
$address = $input_address;
}
// Validate access level
$input_level = trim($_POST["level"]);
if(empty($input_level)){
$level_err = "Please enter an level.";
} elseif($input_level == 'Admin'){
$level = $input_level;
}elseif($input_level == 'Customer'){
$level = $input_level;
}else{
$level_err = 'Please choose from Admin or Customer';
}
// Validate status
$input_status = trim($_POST["status"]);
if(empty($input_status)){
$status_err = "Please enter a status";
}elseif($input_status == '1'){
$status = $input_status;
}elseif($input_status == '0'){
$status = $input_status;
}else{
$status_err = "Please enter a valid status";
}
echo "<script>alert('";
echo "Checking all inputs vales---";
echo $id; echo "=id--<br>";
echo $input_firstname; echo "=fname---<br>";
echo $input_lastname; echo "=lname---<br>";
echo $input_email; echo "=email---<br>";
echo $input_address; echo "=add---<br>";
echo $input_level; echo "=level<br>";
echo $input_status; echo "=stat<br>";
echo "')</script> ";
// Check input errors before inserting in database
if(empty($firstname_err) && empty($lastname_err) && empty($email_err) && empty($address_err) && empty($level_err) && empty($status_err)){
// Prepare an update statement
echo "<script>alert('";
echo "Im inside `Check Inputs before inserting in database` If Block... All Good so far"; echo "<br>";
echo "')</script> ";
$sql = "UPDATE users SET firstname=?, lastname=? address=?, email=?, access_level=?, status=? WHERE id=?";
if($stmt = mysqli_prepare($link, $sql)){
echo "<script>alert('";
echo "Im inside `mysqli_prepare` If Block... All Good so far"; echo "<br>";
echo "')</script> ";
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "sssssii", $param_firstname, $param_lastname, $param_address, $param_email, $param_level, $param_status, $param_id);
// Set parameters
$param_firstname = $firstname;
$param_lastname = $lastname;
$param_address = $address;
$param_email = $email;
$param_level = $level;
$param_status = $status;
$param_id = $id;
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Records updated successfully. Redirect to landing page
echo "<script>alert('";
echo "Im inside `mysqli_stmt_execute` If Block... All Good so far"; echo "<br>";
echo "')</script> ";
header("location: index.php");
exit();
} else{
echo "<script>alert('";
echo "Im inside `mysqli_stmt_execute` If Block... Not Good"; echo "<br>";
echo "')</script> ";
echo "Something went wrong. Please try again later.";
}
// Close statement
mysqli_stmt_close($stmt);
}else{
echo "<script>alert('";
echo "Im directly into else block from `empty input check If` Block... Not Good"; echo "<br>";
echo "')</script> ";
echo mysqli_stmt_error($stmt);
}
}
// Close connection
mysqli_close($link);
} else{
// Check existence of id parameter before processing further
if(isset($_GET["id"]) && !empty(trim($_GET["id"]))){
// Get URL parameter
$id = trim($_GET["id"]);
// Prepare a select statement
$sql = "SELECT * FROM users WHERE id = ?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "i", $param_id);
// Set parameters
$param_id = $id;
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
$result = mysqli_stmt_get_result($stmt);
if(mysqli_num_rows($result) == 1){
/* Fetch result row as an associative array. Since the result set contains only one row, we don't need to use while loop */
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
// Retrieve individual field value
$firstname = $row["firstname"];
$lastname = $row["lastname"];
$email = $row["email"];
$address = $row["address"];
$level = $row["access_level"];
$status = $row["status"];
} else{
// URL doesn't contain valid id. Redirect to error page
header("location: error.php");
exit();
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
}
// Close statement
mysqli_stmt_close($stmt);
// Close connection
mysqli_close($link);
} else{
// URL doesn't contain id parameter. Redirect to error page
header("location: error.php");
exit();
}
}
?>
<?php
// core configuration
include_once "../../config/core.php";
// check if logged in as admin
include_once "../login_checker.php";
// set page title
$page_title = "Update Record";
// include page header HTML
include '../layout_head.php';
echo "<div class='col-md-12'>";
// get parameter values, and to prevent undefined index notice
$action = isset($_GET['action']) ? $_GET['action'] : "";
// tell the user he's already logged in
if ($action == 'already_logged_in') {
echo "<div class='alert alert-info'>";
echo "<strong>You</strong> are already logged in.";
echo "</div>";
} else if ($action == 'logged_in_as_admin') {
echo "<div class='alert alert-info'>";
echo "<strong>You</strong> are logged in as admin.";
echo "</div>";
}
echo "</div>";
//content when logged in
?>
<div class="wrapper" style="width: 500px; margin: 0 auto;">
<div class="container-fluid">
<div class="row">
<div class="col-md-12">
<div class="page-header">
<h2>Update Record</h2>
</div>
<p>Please edit the input values and submit to update the record.</p>
<form action="<?php echo htmlspecialchars(basename($_SERVER['REQUEST_URI'])); ?>" method="post">
<div class="form-group <?php echo (!empty($firstname_err)) ? 'has-error' : ''; ?>">
<label>First Name</label>
<input type="text" name="firstname" class="form-control" value="<?php echo $firstname; ?>">
<span class="help-block"><?php echo $firstname_err;?></span>
</div>
<div class="form-group <?php echo (!empty($lastname_err)) ? 'has-error' : ''; ?>">
<label>Last Name</label>
<input type="text" name="lastname" class="form-control" value="<?php echo $lastname; ?>">
<span class="help-block"><?php echo $lastname_err;?></span>
</div>
<div class="form-group <?php echo (!empty($address_err)) ? 'has-error' : ''; ?>">
<label>Email</label>
<input type="email" name="email" class="form-control" value="<?php echo $email; ?>" />
<span class="help-block"><?php echo $email_err;?></span>
</div>
<div class="form-group <?php echo (!empty($address_err)) ? 'has-error' : ''; ?>">
<label>Address</label>
<textarea name="address" class="form-control"><?php echo $address; ?></textarea>
<span class="help-block"><?php echo $address_err;?></span>
</div>
<div class="form-group <?php echo (!empty($level_err)) ? 'has-error' : ''; ?>">
<label>Access Level</label>
<input type="text" name="level" class="form-control" value="<?php echo $level; ?>">
<span class="help-block"><?php echo $level_err;?></span>
</div>
<div class="form-group <?php echo (!empty($status_err)) ? 'has-error' : ''; ?>">
<label>Status</label>
<input type="text" name="status" class="form-control" value="<?php echo $status; ?>">
<span class="help-block"><?php echo $status_err;?></span>
</div>
<input type="hidden" name="id" value="<?php echo $id; ?>"/>
<input type="submit" class="btn btn-primary" value="Submit">
<a href="index.php" class="btn btn-default">Cancel</a>
</form>
</div>
</div>
</div>
</div>
</body>
</html>
I updated the code please run that code. I cannot guess more what else could be be wrong but i have added some echo to your code. please run it and find where is the error. Double check your bind_parameter type.they must be exactly same as your database table types. i only help you as giving u an example not the whole solution.
Now you can see the alert showing where are you so you can track down the problem
Hope it will help and solve your problem.