|
Answer» helllo sir
I am creating a lyrics website.This is my categories form code please check update query not working. when i press submit button data is deleting not updating. what is problem in code.
Will really appreciate your help... Many thanks n regards.
_______________________________________ ____________________________
if(isset($_POST["thisID"])==true){
$targetID=$_POST['id'];
$DATE=date("Y/n/d");
$id=$_POST['id'];
$category=$_POST['category'];
$subcategory=$_POST['subcategory'];
$date=$_POST['date'];
mysql_connect("localhost","root","");
mysql_select_db("lyrics");
$query= "UPDATE categories SET id='$id', category='$category', subcategory='$subcategory', date='$date' WHERE id='$targetID'"or die(mysql_error());
mysql_query($query);
header("refresh:0;url= 'categories.php'");
exit();
}
?>
mysql_connect("localhost","root","");
mysql_select_db("lyrics");
if(isset($_GET['pid'])){
$targetID=$_GET['pid'];
$date=date("Y/n/d");
$query=mysql_query("SELECT * FROM categories WHERE id='$targetID' LIMIT 1");
$pCount=mysql_num_rows($query);
if($pCount>0){
while($row= mysql_fetch_array($query)){
$id=$row["id"];
$category=$row["category"];
$subcategory=$row["subcategory"];
$date=$row["date"];
}
}else{
echo "Sorry ";
}
}
?>
| Edit Lyrics | | Category-ID | | | Category |
Hindi Movies
Devosional Movies
Pop Songs
Reginal Songs
Album Songs | | Subcategory |
Movies Songs
Devosional Songs
Pop Songs
Reginal Songs
Album Songs
| |
|
See here for info on updating VALUES: http://www.w3schools.com/php/php_mysql_update.asp
Also, this code is very unsecure and is LIABLE to SQL injection:
Code: [Select]$targetID=$_POST['id'];
$date=date("Y/n/d");
$id=$_POST['id'];
$category=$_POST['category'];
$subcategory=$_POST['subcategory'];
$date=$_POST['date'];
To solve this, do a strip_tags on all these variables.strip_tags? more like mysql_real_escape_string()...
or possibly some combination of both.Yeah, I should have said strip_tags to prevent XSS and ESCAPE them to prevent SQLI.
|
