PHP editing value doesn't fully shows the original value


#1

Hi everyone,
The following is a PHP code to edit a line in a MySQL table.
Lots of things do not work in this code. To start with is the following warning message I get when start running it:
“Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given in C:\xampp\htdocs\magar\xxx.php on line 16”.
Second is: I do not manage to delete the table when start running. Why is that ?! Evrey time I run it an additional line emerges!
Third: Clicking “Edit”, the existing value of: “Name” shows up at the input editing box. Trouble is: instead of showing: “aaa aaa aaa”
only “aaa” shows up. The rest of the string, apart from the the segment which ends at first space, is not shown ! Why?!
I wish someone could help me with that complication!
Thanks in advance!
[php]

<?php $errors = ""; $name=''; $db = mysqli_connect('localhost', 'root', 'root4qpines', 'magar'); IF(!$db) DIE('' .MYSQLI_CONNECT_ERROR()); mysqli_query($db, "DROP TABLE IF EXISTS 'xxx';"); mysqli_query($db, "CREATE TABLE xxx(name VARCHAR(128))"); mysqli_query($db, "INSERT INTO xxx(name) VALUES('aaa aaa aaa')"); if (isset($_GET['edit_task'])) { $name = $_GET['edit_task']; $edid=mysqli_query($db, "SELECT * FROM xxx WHERE name = $name"); $row=mysqli_fetch_array($edid); $errors = $name; echo $errors; } $stations = mysqli_query($db, "SELECT * FROM xxx"); ?> .add_btn { /*height: 39px;*/ background: #FFF8DC; color: #6B8E23; border: 2px solid #6B8E23; border-radius: 5px; /*padding: 5px 20px;*/ } .btn_td { /*border-left: 1px solid #cbcbcb; */ border-bottom: 1px solid #FFFFFF; }
			<th class="name_th" maxlength="50">Name</th>
			<th class="add_th"></th>
			<th class="edit_th"></th>
		</tr>
		<tr>
			<form method="POST" action="xxx.php">
				<td><input type="text" name="name" class="name_input" value=<?php echo htmlspecialchars($name);?>></td>
				<td class="btn_td"><button type="submit" class="add_btn" name="submit">Edit</button></td>
			</form>
		</tr>
		
	</thead>
	<tbody>
		<?php
			while ($row = mysqli_fetch_array($stations))
			{
				echo "<tr>";
				echo "<td class='name_td'>".$row['name']."</td>";
				
				echo "<td class='edit'>
						<a href='xxx.php?edit_task=".$row['name']."'>
							<img src='edit.gif' alt='Smiley face' height='20px' width='20px'>
						</a>
						<span class='tooltiptext'>Edit</span>
					</td>
					</tr>";
			}
		?>								
	</tbody>
</table>
[/php]

#2

You are missing quotes around the value in the html markup, so the first space character in the value is a stop character.


#3

You should not have to do this,
[php]
mysqli_query($db, “DROP TABLE IF EXISTS ‘xxx’;”);
mysqli_query($db, “CREATE TABLE xxx(name VARCHAR(128))”);
mysqli_query($db, “INSERT INTO xxx(name) VALUES(‘aaa aaa aaa’)”);[/php]

Tables should be created once, not every time.
Use prepared statements.

[php]$edid=mysqli_query($db, “SELECT * FROM xxx WHERE name = $name”);[/php]
Has an error in it.