Results 1 to 4 of 4

Thread: Looking to populate form with DB data and update DB with said form.

  1. #1
    Join Date
    Apr 2018
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Question Looking to populate form with DB data and update DB with said form.

    Hello all,
    And thank you in advance for your assistance. I was reading an old post and found a wonderful example that I am trying to work from so that I can understand how the PHP script works to pull data from the DB and then fill out the form. Here is the post: http://www.dynamicdrive.com/forums/s...ith-MySQL-data

    I was hoping to speak to forum_amnesiac about his code. I have copied his example and am getting an error: Couldn't execute query. Unknown column 'ID' in 'where clause'

    Looking over the code I am unable to figure out why the WHERE clause is referring to an 'ID'? It's been years since I've worked with PHP, but I appreciate any help anyone could provide. I also understand that the script in question is susceptible to SQL injection. I am just hoping to use this example to wrap my head around how to get the form and DB working together to update the data.

  2. #2
    Join Date
    Jan 2015
    Posts
    78
    Thanks
    0
    Thanked 19 Times in 19 Posts

    Default

    The error is telling you that there is no column named ID in your table.

    When editing existing data, you are referring to an existing row in your table. You should do this by referencing an auto-increment primary index column, typically named id (column names are case-insensitive, so ID being used in the code should match any capitalization variation.) If your table doesn't have an auto-increment primary index, you need to add one. This will make any queries faster and allow you to store related data by referencing the id. If you have an auto-increment primary index by another name, the query needs to be modified to use that name.

    You should not copy old code, but write you own, using current programming standards. The mysql extension has been removed from the latest php version, so that particular code won't even run on the latest php version, and the code is filled with unnecessary bits (programming pun intended), and it is insecure.

    Some recommendations, which will actually simplify the code/query and help make it secure at the same time -

    1) Use the php PDO extension.

    2) Use real prepared queries (PDO has emulated prepared queries that should be turned off) when supplying data to the sql query statement. Prepared queries, using PDO, only add one statement to the code and simplify the sql query syntax.

    3) Use exceptions to handle database statement (connection, query, prepare, and execute) errors and let php catch the exceptions, where it will use its error_reporting, display_errors, and log errors settings to control what happens with the actual error information. Doing this only requires one setting to be made and will eliminate all the error handling logic in the code.

    4) Don't needlessly copy variables to other variables. Only use a new variable for something if you change the value/meaning from what is in the original variable. If you are operating on a set of data, use php array functions to operate on all the original data at the same time, rather than to write out a line of code for each value.
    Last edited by DyDr; 04-30-2018 at 05:35 PM.

  3. #3
    Join Date
    Apr 2018
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Default

    Thank you for the information DyDr.
    I have noticed that the mysql extension has been replaced with mysqli. I have been trying to wrap my head around why that has yet to be updated in so many forums. I guess my Googlefu is rusty. I have been unable to locate any tutorials that use the correct mysqli extension. I have read about the PDO and prepared statements. Could you refer me to any resources I could go to that would introduce me to these topics? Thank you again for all your assistance.

  4. #4
    Join Date
    Jan 2015
    Posts
    78
    Thanks
    0
    Thanked 19 Times in 19 Posts

    Default

    Forget about the mysqli extension. It is overly complicated and inconsistent, to the point that whoever designed it apparently has never used php to execute queries in a real application.

    See the following comprehensive PDO tutorial - https://phpdelusions.net/pdo

Similar Threads

  1. Replies: 9
    Last Post: 08-26-2015, 06:16 PM
  2. having php form data populate SQL database
    By kairick in forum MySQL and other databases
    Replies: 0
    Last Post: 06-29-2010, 11:11 AM
  3. How to populate php/html form with MySQL data
    By peterv in forum MySQL and other databases
    Replies: 1
    Last Post: 06-13-2009, 09:18 PM
  4. Populate form form MySQL data
    By Rob (SA) in forum MySQL and other databases
    Replies: 13
    Last Post: 04-18-2009, 10:48 AM
  5. Want form data to populate to text box
    By itskirk in forum HTML
    Replies: 0
    Last Post: 01-07-2008, 05:00 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •