problem updating database from php form

General Database (Oracle, SQL Server, etc)
#1

Hi -
I’m a total noob. I had a developer create a series of php pages that pulls and updates data in my database. One of my pages is an admin page, where as a logged-in admin, I can change certain values in certain columns in my database. My database is a series of salespeople, with standard login credentials, address, password, etc. One of the fields is a server-issued Sales ID Number (“sp_issued_sales_id”), unique to each salesperson.

In both the Salesperson log-in page, and in my Admin login page, the Sales ID Number is not a field that can be updated or changed by the user. This was the line in the corresponding field on the original PHP webform:

I am attempting to change my Admin PHP page so that as an Admin, I can change the value for sp_issued_sales_id and have that changed value in my Admin form update the database. I have changed the above line to this:

This has resulted in:

[ol][li]the webform field is no longer read only and I can change the value[/li]
[li]however, this changed value does not update to the database[/li][/ol]

Clearly, I am missing some other entry item elsewhere in the various PHP pages the developer has created for me, or else the database is set up to refuse change requests on that particular column? Any ideas on what I need to change to allow me as Admin to update this value?
Thank you!

#2

Usually “ID” is used to denote a Primary Key in a database table - changing the values could break all kinds of things as it’s likely there are other other fields/tables that are referencing it.

My .02

Anyway… we’d need to see the code that processes the form. I’m guessing since the original text input you posted has “readonly=“true”” that it’s just displaying the field for reference.

Any chance you can contact the original developer?

#3

Original developer is in India and unreachable. I can post more code if it would help.

As for the database structure, I don’t believe it is a Primary Key (although, how do I tell?). I am currently able to manually make a change to the row value of “sp_issued_sales_id” from inside the MyPHPAdmin dashboard, directly into the database. I’d prefer to be able to make these changes from the simpler webpage Admin account.

#4

I just confirmed that in fact, this Admin webform is not updating ANY value changes in any of the fields, let alone the Sales ID Number. Here is the complete page code:

[php]<?php

session_start();

if(!isset($_SESSION[‘admin_login’]) ||$_SESSION[‘admin_login’]=="")//session store admin name

{

header("Location: adminlogin.php");//login in AdminLogin.php

}

require_once("…/gen/includes/dbconnect.php");

$prid=$_GET[‘prid’];

$sql_user = “select * from salesperson where sp_id=’”.$prid."’";
$res_user = mysql_query($sql_user) or die(mysql_error().“11”);
$rec_user = mysql_fetch_assoc($res_user);

$sql = “select * from salesperson where sp_id=’”.$rec_user[‘sp_id’]."’";
$res = mysql_query($sql) or die(mysql_error().“11”);
$rec = mysql_fetch_assoc($res);

if($_POST[‘Change’]==“Change”)

{

$sql_edt = "update salesperson set

        sp_name='".clean($_POST['sp_name'])."',

		sp_address='".clean($_POST['sp_address'])."',

		sp_email='".clean($_POST['sp_email'])."',

		sp_phone_number='".clean($_POST['sp_phone_number'])."',

		sp_ssn='".clean($_POST['sp_ssn'])."',

		sp_payment_details='".clean($_POST['sp_payment_details'])."',

		sp_diff_email='".clean($_POST['sp_diff_email'])."',

		sp_bank_nm='".clean($_POST['sp_bank_nm'])."',

		sp_bank_add='".clean($_POST['sp_bank_add'])."',

		acct_nm_holder='".clean($_POST['acct_nm_holder'])."',

		routing_number='".clean($_POST['routing_number'])."',

		account_number='".clean($_POST['account_number'])."'

		sp_issued_sales_id='".clean($_POST['sp_issued_sales_id'])."'

		where sp_id='".$prid."'";

		

		mysql_query($sql_edt);

		

		//print($sql_edt);

		header("Location: viewsalesperson.php");

		exit();

}

if($_POST[‘Back’]==“Back”)

{

header(“Location: viewsalesperson.php”);

}

?>

RPS 
<td bgcolor="#FFFFFF"  width="93%" valign="top">

<table width="100%" border="0" cellpadding="0" cellspacing="0">

    <tr> 

        <td valign="top">&nbsp; </td>

    </tr>

	<tr>

	  <td height="497" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0">

          <tr>

              <td height="26" class="heading_black" align="center"> Sales 

                Person Entry Form</td>

          </tr>

          <tr>

            <td height="383" align="center" valign="top"><table width="70%" border="0" cellspacing="0" cellpadding="0" bgcolor="#E9E9E9">

                  <tr> 

                    <td width="13%">&nbsp;</td>

                    <td width="32%">&nbsp;</td>

                    <td width="43%">&nbsp;</td>

                    <td width="12%">&nbsp;</td>

                  </tr>

                  <tr> 

                    <td class="title">&nbsp;</td>

                    <td class="title" height="27">&nbsp;</td>

                    <td class="msg"><?php echo $msg;?></td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td  class="txt">&nbsp;</td>

                    <td class="title" height="27">Person ID :</td>

                    <td class="title"><?php echo $rec_user['sp_id'];?></td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td class="txt">&nbsp;</td>

                    <td class="title" height="40px">Name :</td>

                    <td><input type="text" name="sp_name" id="sp_name" class="textbox" value="<?php if(isset($_POST['sp_name'])){echo $_POST['sp_name'];}else{ echo $rec['sp_name'];}?>">

                      *</td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td class="txt">&nbsp;</td>

                    <td class="title" height="40px">User ID :</td>

                    <td><input type="text" name="user_id" id="user_id" class="textbox" value="<?php if(isset($_POST['user_id'])){echo $_POST['user_id'];}else{ echo $rec['user_id'];}?>" readonly="true">

                      *</td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td class="txt">&nbsp;</td>

                    <td class="title" height="40px">Address :</td>

                    <td><textarea name="sp_address" id="sp_address" class="textbox"><?php if(isset($_POST['sp_address'])){echo $_POST['sp_address'];}else{ echo $rec['sp_address'];}?></textarea>

                      * </td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td class="txt">&nbsp;</td>

                    <td class="title" height="40px">Email :</td>

                    <td> <input name="sp_email" id="sp_email" type="text" class="textbox" value="<?php if(isset($_POST['sp_email'])){echo $_POST['sp_email'];}else{ echo $rec['sp_email'];}?>">

                      *</td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td class="txt">&nbsp;</td>

                    <td class="title" height="40px">Phone Number :</td>

                    <td><input type="text" name="sp_phone_number" id="sp_phone_number" class="textbox" value="<?php if(isset($_POST['sp_phone_number'])){echo $_POST['sp_phone_number'];}else{ echo $rec['sp_phone_number'];}?>">

                      *</td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td  class="txt">&nbsp;</td>

                    <td  class="title" height="40px">SSN :</td>

                    <td><input type="text" name="sp_ssn" id="sp_ssn" class="textbox" value="<?php if(isset($_POST['sp_ssn'])){echo $_POST['sp_ssn'];}else{ echo $rec['sp_ssn'];}?>"> 

                    </td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td  class="txt">&nbsp;</td>

                    <td class="title" height="40px">Payment Details :</td>

                    <td>&nbsp;</td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td  class="txt">&nbsp;</td>

                    <td height="40px" colspan="2" class="whitetxt" bgcolor="#006699">Mailed 

                      Check(address same as above): 

                      <input type="radio" name="sp_payment_details" value="MS" <?php if(isset($_POST['sp_payment_details'])){echo 'checked';}else if($rec['sp_payment_details']=="MS"){echo 'checked';}?> checked></td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td  class="txt">&nbsp;</td>

                    <td height="40px" colspan="2" class="whitetxt" bgcolor="#006699">Mailed 

                      Check(Different address-input): 

                      <input type="radio"name="sp_payment_details" value="MD" <?php if(isset($_POST['sp_payment_details'])){echo 'checked';}else if($rec['sp_payment_details']=="MD"){echo 'checked';}?>> 

                      <input type="text" name="sp_diff_email" id="sp_diff_email" class="textbox" value="<?php if(isset($_POST['sp_diff_email'])){echo $_POST['sp_diff_email'];}else{ echo $rec['sp_diff_email'];}?>"></td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td  class="txt">&nbsp;</td>

                    <td height="40px" colspan="2" class="whitetxt" bgcolor="#006699">Paypal 

                      Transfer using email address above: 

                      <input type="radio" name="sp_payment_details" value="PT" <?php if(isset($_POST['sp_payment_details'])){echo 'checked';}else if($rec['sp_payment_details']=="PT"){echo 'checked';}?>></td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td  class="txt">&nbsp;</td>

                    <td height="40px" colspan="2" bgcolor="#006699" class="whitetxt">Online 

                      transfer using bank account details : 

                      <input type="radio" name="sp_payment_details" value="BD" <?php if(isset($_POST['sp_payment_details'])){echo 'checked';}else if($rec['sp_payment_details']=="BD"){echo 'checked';}?>>

                      (if yes fill the following)</td>

                  </tr>

                  <tr> 

                    <td  class="txt">&nbsp;</td>

                    <td  height="40px" bgcolor="#006699" ></td>

                    <td bgcolor="#006699" class="whitetxt"> <table width="100%" bgcolor="#666666">

                        <tr> 

                          <td class="whitetxt">Bank Name :</td>

                        </tr>

                        <tr> 

                          <td><input type="text" name="sp_bank_nm" id="sp_bank_nm" class="textbox" value="<?php if(isset($_POST['sp_bank_nm'])){echo $_POST['sp_bank_nm'];}else{ echo $rec['sp_bank_nm'];}?>"> 

                          </td>

                        </tr>

                        <tr> 

                          <td class="whitetxt">Bank Address :</td>

                        </tr>

                        <tr> 

                          <td><input type="text" name="sp_bank_add" id="sp_bank_add" class="textbox" value="<?php if(isset($_POST['sp_bank_add'])){echo $_POST['sp_bank_add'];}else{ echo $rec['sp_bank_add'];}?>"></td>

                        </tr>

                        <tr> 

                          <td class="whitetxt">Account Name Holder :</td>

                        </tr>

                        <tr> 

                          <td><input type="text" name="acct_nm_holder" id="acct_nm_holder" class="textbox" value="<?php if(isset($_POST['acct_nm_holder'])){echo $_POST['acct_nm_holder'];}else{ echo $rec['acct_nm_holder'];}?>"></td>

                        </tr>

                        <tr> 

                          <td class="whitetxt">Routing Number :</td>

                        </tr>

                        <tr> 

                          <td><input type="text" name="routing_number" id="routing_number" class="textbox" value="<?php if(isset($_POST['routing_number'])){echo $_POST['routing_number'];}else{ echo $rec['routing_number'];}?>"></td>

                        </tr>

                        <tr> 

                          <td class="whitetxt">Account Number :</td>

                        </tr>

                        <tr> 

                          <td><input type="text" name="account_number" id="account_number" class="textbox" value="<?php if(isset($_POST['account_number'])){echo $_POST['account_number'];}else{ echo $rec['account_number'];}?>"></td>

                        </tr>

                      </table></td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td  class="txt">&nbsp;</td>

                    <td  height="40px" bgcolor="#006699" class="whitetxt"></td>

                    <td bgcolor="#006699" class="whitetxt"> </td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td  class="txt">&nbsp;</td>

                    <td height="40px" colspan="2" class="heading_black">PLEASE 

                      WRITE DOWN AND REMEMBER YOUR SALES ID NUMBER.</span> 
					This will be how we track which downloads will be 
					credited to you and pay you.&nbsp; <br><br>PLEASE WRITE YOUR 

                      SALES ID NUMBER ON ANY CARDS YOU HAND OUT TO POTENTIAL 

                      USERS.&nbsp; Remember to encourage the customer to 
					input your Sales ID Number.</td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td  class="txt">&nbsp;</td>

                    <td  class="title" height="40px">Issued ID :</td>

                    <td><input type="text" name="sp_issued_sales_id" id="sp_issued_sales_id" class="textbox" value="<?php if(isset($_POST['sp_issued_sales_id'])){echo $_POST['sp_issued_sales_id'];}else{ echo $rec['sp_issued_sales_id'];}?>"></td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td class="txt">&nbsp;</td>

                    <td class="txt" height="27">&nbsp; </td>

                    <td>&nbsp;</td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td class="title">&nbsp;</td>

                    <td class="txt" height="27"><input type="submit" name="Back" value="Back" class="button"></td>

                    <td><input type="submit" name="Change" value="Change" class="button"></td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 

                    <td class="title">&nbsp;</td>

                    <td class="title" height="27">&nbsp;</td>

                    <td>&nbsp;</td>

                    <td>&nbsp;</td>

                  </tr>

                  <tr> 
                    <td class="title">&nbsp;</td>
                    <td class="title" height="27">&nbsp;</td>
                    <td class="msg"><?php echo $msg;?></td>
                    <td>&nbsp;</td>
                  </tr>
                </table></td>
          </tr>
        </table></td>
	</tr>
  </table></td>
[/php]
#5

What error are you getting? Perhaps you should ECHO the query and make sure it is spelled out exactly as it should be. Just change this line: mysql_query($sql_edt);

To something like this: die($sql_edt);

Your page will stop and you will see the query. I bet there is one field or other in error.

Ooooops! Just re-read your code… You left out the last comma where you added in your ID update.
set field1=‘xzx’, field2=‘aaa’ field3=‘id’ where… (last comma missing!)

That might fix it…

#6

Hey Ernie-
I’m not getting any error messages at all. It’s just not posting the new values I enter in the webform to the database. When I click “Change” (submit), I am brought back out to the general admin management page with a list of all the associated details for each salesperson - and the field I had just tried to put new data into isn’t changed. So there’s some disconnect happening between this admin change form, and the database.

I went back and added two commas in the set field area, one for each of “account_number” and “sp_issued_sales_id” - that’s correct, right?

I have not changed the “mysql_query” to “die” yet since I’m not sure how to do this and check the query.

Short of providing all the php pages, is there anything I can add here to help make it easier to figure out?

#7

It’s simpler than it sounds… change this line:
mysql_query($sql_edt);

To these lines:
die("

" . $sql_edt . “

”);
mysql_query($sql_edt);

That simple. Then, run the page, once it gets to the point of updating the data, it will print out the query with a couple of line spaces before and after in case any other info is printed. So, at the bottom of what is displayed will be the actual query you are sending to the database. It should show what is wrong with the update query. If you can not figure out the error, post that query so we can look at it and help you. The line will start with “update salesperson set” … Also, once this is figured out, delete the “die” line or comment it out…
Hope that helps.

Sponsor our Newsletter | Privacy Policy | Terms of Service