Preventing duplicate entries when updating editing a post

Beginners - Learning PHP
#1

I created a link for the user to be able to edit one of their posts, so they change the post details and decide to make the post active or draft.
I’m at the point where when the user clicks edit the form populates the fields of the post they want to edit, and that part works. Where I’m stuck though is when they submit the form, after their edits, instead of just updating the form it created a completely new entry.
i’m just looking for some tips on if and how I can utilize the same php file responsible for inserting new posts, or if I should create a separate file that would be responsible for updating a row.

this is what I have for creating a new post.

this is what processes the form

<?php 
         require_once('../config.php');
         if(session_status() !== PHP_SESSION_ACTIVE) session_start();

         

         if(ISSET($_POST['insert'])){
            try{
                $title       = htmlspecialchars($_POST["title"]);
                $summary     = htmlspecialchars($_POST["summary"]);
                $content     = htmlspecialchars($_POST["content"]);
                $member_id   = htmlspecialchars($_SESSION["id"]); 
                $published   = htmlspecialchars(isset($_POST['published']) and ($_POST['published'] == 1)) ? 1 : 0; 
                $sanitizedId = filter_var($member_id, FILTER_VALIDATE_INT);
                
                
                $stmt = $pdo->prepare("INSERT INTO posts( title, summary, content, member_id, published) VALUES (:title, :summary, :content, :member_id, :published)");
                
                $stmt->bindParam(':title', $title);
                $stmt->bindParam(':summary', $summary);
                $stmt->bindParam(':content', $content);
                $stmt->bindParam(':member_id', $sanitizedId);
                $stmt->bindParam(':published', $published);
                $stmt->execute();

                echo "New records created successfully";
                } catch(PDOException $e) {
                echo "Error: " . $e->getMessage();
                }
     
                $stmt = null;

                header("Location: http://localhost/database_system/dashboard.php");
 
                exit;
     
            // echo "<script>alert('Successfully inserted data!')</script>";
            // echo "<script>window.location='dashboard.php'</script>";
            
            
        }

this is where I am with the form the user would use to edit their post

<?php

declare(strict_types = 1);                                         
include 'config.php';                    
include 'includes/functions.php'; 
include 'includes/header.php';           


$id          = filter_input(INPUT_GET, 'id', FILTER_VALIDATE_INT);

$post = [
  
  'published'   => false,
  
];   

$post = [
    'id'          => $id,
    'title'       => '',
    'summary'     => '',
    'content'     => '',
    'member_id'   => 0,
    'category_id' => 0,
    'image_id'    => null,
    'published'   => false,
    'image_file'  => '',
    'image_alt'   => '',
];      

$stmt = $pdo->prepare("SELECT * FROM posts WHERE id=?");
$stmt->execute([$id]); 
$post = $stmt->fetch();


        
    var_dump($post);
?>

<br>
<div class='container'>

                 
<h1>Edit post</h1>
<form action="loggin_system/form_process.php" method="post">
<div class="mb-3">
  <label for="title" class="form-label">Title</label>
  <input class="form-control" type="text" placeholder="Title" name="title" id="title" value="<?php echo $post['title'] ?>" aria-label="default input example">

</div>
<div class="mb-3">
  <label for="exampleFormControlTextarea1" class="form-label">Summary</label>
  <textarea class="form-control" id="summary" name="summary" rows="3"><?php echo $post['summary'] ?></textarea>
</div>
<div class="mb-3">
  <label for="exampleFormControlTextarea1" class="form-label">Content</label>
  <textarea class="form-control" id="exampleFormControlTextarea1" name="content" rows="3"><?php echo $post['content'] ?></textarea>
</div>

<input type="checkbox" name="published" value="1" class="form-check-input" id="published"
                <?php echo ($post['published'] == 1) ? 'checked' : ''; ?>>
            <label for="published" class="form-check-label">Published</label>
<div class="col-auto">

    <button type="submit" name="insert" value="submit" class="btn btn-primary mb-3">Submit</button>
  </div>
   
</form>

<?php include 'includes/footer.php'; ?>
</div>
#2

Updating always should be different from Inserting. When you insert data you are creating an unique id which is called a primary key and is usually labeled id.

Insert Query

 $sql = "INSERT INTO canyousolve (points, question, answer, canvas_images, category) VALUES (:points, :question, :answer, :canvas_images, :category)";

Update Query

sql = "UPDATE canyousolve SET category = :category, question = :question, answer = :answer, canvas_images = :canvas_images, points = :points WHERE id = :id";

Notice in the update that it’s being updated by the id?

Here’s the structure to canyousolve database table -

-- auto-generated definition
create table canyousolve
(
    id            int auto_increment
        primary key,
    category      varchar(255)   null,
    question      varchar(255)   not null,
    answer        varchar(255)   not null,
    canvas_images varchar(255)   not null,
    points        int default 10 not null
)
    charset = utf8mb4;

create fulltext index question
    on canyousolve (question);

You also need to read in the data in order to edit the data in the form.

1 Like
Sponsor our Newsletter | Privacy Policy | Terms of Service