[PHP-DB] Undefined variables in update query

Tue, 26 Mar 2013 08:19:35 -0700 

Hi,

I'm pretty new to PHP and to this discussion list.

I have a web form to update some fields in a data table.  I'm getting 
"undefined variable" notices in my error logs when I submit the form and the 
table row doesn't get updated.

Here's the code for the form page:

<?php

include '../db.inc.php';

$ID = mysqli_real_escape_string($link, $_GET['ID']);
$result = mysqli_query($link, "select *
from intr_stats_eschol
where authorid='$ID'");
if (!$result)
{
        $error = 'Error fetching eScholarship author details: ' . 
mysqli_error($link);
        include 'error.html.php';
        exit();
}

$num=mysqli_num_rows($result);

                echo "<h1>Editing Record</h1> <form method=\"post\"
action=\"eschol-edit-process.php\"> <table>";

for ($i=0; $i<$num; $i++) {
                $row = mysqli_fetch_assoc ($result);

                echo
"<tr><td>Last Name:</td><td><input type=\"text\" name=\"$row[lname]\" 
value=\"$row[lname]\"></td></tr>
<tr><td>First Name:</td><td><input type=\"text\" name=\"$row[fname]\" 
value=\"$row[fname]\"></td></tr>
<tr><td>Middle Name:</td><td><input type=\"text\" name=\"$row[mname]\" 
value=\"$row[mname]\"></td></tr>
<tr><td>Suffix:</td><td><input type=\"text\" name=\"$row[suffix]\" 
value=\"$row[suffix]\"></td></tr>
<tr><td>Email:</td><td><input type=\"text\" name=\"$row[email]\" 
value=\"$row[email]\"></td></tr>
<tr><td>Institution:</td><td><input type=\"text\" name=\"$row[institution]\" 
value=\"$row[institution]\"></td></tr>
<tr><td>Department:</td><td><input type=\"text\" name=\"$row[department]\" 
value=\"$row[department]\"></td></tr>
<tr><td>Comments:</td><td><input type=\"text\" name=\"$row[comments]\" 
value=\"$row[comments]\"></td></tr>
<tr><td>Send Email?</td><td>$row[sent_email]</td></tr>
<tr><td><input type=\"hidden\" name=\"authorid\" 
value=\"$row[authorid]\"><input type=\"submit\" value=\"Update 
Author\"></td><td> </td></tr>";

                                                }
echo "</table> </form>";

?>

The data are inserted correctly into the form input fields, but when I click 
the "Update Author" button, an "undefined variable" notice gets logged for each 
of the variables and the table row doesn't get updated.  The only variable that 
seems to be OK is the authorid field; it outputs the correct ID from the 
var_dump() I have inserted.

Here's the code that processes the form:

<?php

include '../db.inc.php';

if (isset($_POST['authorid']))
{
$authorid = mysqli_real_escape_string($link, $_POST['authorid']);
var_dump($authorid);
}
if (isset($_POST['lname']))
{
$lname = mysqli_real_escape_string($link, $_POST['lname']);
}
if (isset($_POST['fname']))
{
$fname = mysqli_real_escape_string($link, $_POST['fname']);
}
if (isset($_POST['mname']))
{
$mname = mysqli_real_escape_string($link, $_POST['mname']);
}
if (isset($_POST['email']))
{
$email = mysqli_real_escape_string($link, $_POST['email']);
}
if (isset($_POST['institution']))
{
$institution = mysqli_real_escape_string($link, $_POST['institution']);
}
if (isset($_POST['department']))
{
$department = mysqli_real_escape_string($link, $_POST['department']);
}
if (isset($_POST['comments']))
{
$comments = mysqli_real_escape_string($link, $_POST['comments']);
}
if (isset($_POST['sent_email']))
{
$sent_email = mysqli_real_escape_string($link, $_POST['sent_email']);
}
if (isset($_POST['suffix']))
{
$suffix = mysqli_real_escape_string($link, $_POST['suffix']);
}

$sql = "update intr_stats_eschol
set
lname='$lname',fname='$fname',mname='$mname',email='$email',institution='$institution',department='$department',comments='$comments',sent_email='$sent_email',suffix='$suffix'
where authorid='$authorid'";

if (!$sql)
{
        $error = 'Error fetching eScholarship author details: ' . 
mysqli_error($link);
        include 'error.html.php';
        exit();
}
?>

Can anyone tell where I'm going wrong?  I thought it might be some obvious 
thing like the use of single quotes instead of double quotes in the update 
query, or vice-versa, but I've tried several different ways.  I've looked at 
numerous stackoverflow.com postings but nothing seems to remedy the issue I'm 
having.  I'm also wondering if the problem is related to my using echo() to 
output the form fields in the first template.

FWIW, here's the design of my table:

+-------------+------------------+------+-----+---------+----------------+
| Field           | Type                   | Null  | Key | Default      | Extra 
         |
+-------------+------------------+------+-----+---------+----------------+
| email          | varchar(255)   | YES  |         | NULL       |               
    |
| institution | varchar(200)  | YES  |         | NULL       |                   
|
| lname        | varchar(100)  | YES  |         | NULL        |                 
  |
| fname       | varchar(80)    | YES  |         | NULL        |                 
   |
| mname       | varchar(20)  | YES  |         | NULL       |                    
 |
| department  | varchar(200) | YES  |     | NULL      |                     |
| comments    | varchar(255) | YES  |     | NULL       |                     |
| authorid    | int(5)             | NO   | PRI  | NULL        | auto_increment 
|
| sent_email  | varchar(20)  | YES  |      | NULL        |                      
|
| suffix         | varchar(50)    | YES  |        | NULL         |              
       |
+-------------+--------------+------+-----+---------+----------------+

Thanks for any help you can give me!

--
Robert J. Vander Hart
University of Massachusetts Medical School
508-856-3290 | robert.vanderh...@umassmed.edu

Reply via email to