1

What am I doing wrong here. I can't figure out how to make the Update block work. When I hit "Update" button, it goes back to edit.php but with

errors. Errors are: Notice: Undefined variable: POST in C:\xampp\htdocs\libSys\edit.php on line 45

Notice: Undefined variable: POST in C:\xampp\htdocs\libSys\edit.php on line 46

Notice: Undefined variable: id in C:\xampp\htdocs\libSys\edit.php on line 48

Successfully Updated

Lines 45, 46, 48 has

        echo $author = $POST['author']; //line 45
        echo $isbn = $POST['isbn']; //line 46

        $sql = "UPDATE booklist SET Author='$author', Title='title', ISBN = '$isbn' WHERE ID = '$id' ";  //line 48

The complete code of edit.php are below:

<?php
include('databaseConnection.php');
?>

<html>
<head>
    <link rel="stylesheet" type="text/css" href="./css/librarySystem.css">
    <title> Edit Book Information </title>
</head>

<div>

<?php
if(isset($_REQUEST['edit']))   //FIRST IF
{

    $id = $_REQUEST['edit'];
    $sql_select = "SELECT * FROM booklist WHERE ID=$id";
    $result=mysql_query($sql_select);

    // collect all the data using mysql_fetch_array and assign to our $variables

    while($row = mysql_fetch_array($result))
    {
        $id = $row['ID'];
        $title = $row['Title'];
        $author= $row['Author'];
        $yearLevel = $row['YearLevel'];
        $isbn = $row['ISBN'];
    }

    //displays form for user to edit book information
    echo "<form method='POST' action='edit.php'>";
        echo "Enter New or Correct Title: <input type='text'  name='title'  value='$title' >  <br />";
        echo "Enter New or Correct Author: <input type='text'   name='author'  value='$author'> <br />";
        echo "Enter New or Correct ISBN: <input type='text'  name='isbn'  value='$isbn' >  <br / >";
        echo "<input type='submit' name='save' value='Update' > <br />";
    echo "</form>";
}    //END 1st IF

else if( isset($_POST['save'] ) )    
{

        echo $title = $_POST['title'];
        echo $author = $POST['author'];
        echo $isbn = $POST['isbn'];

        $sql = "UPDATE booklist SET Author='$author', Title='title', ISBN = '$isbn' WHERE ID = '$id' ";
        $result = mysql_query($sql);
            if($result == true)
            {
                echo "Successfully Updated" ;
            }
                //header('Location: ./booklist.php'); 
}

?>

How can I correct the update block. It seems to be going to the if(isset($_POST['save']) when I hit "Update" but won't really update the row. Please help. I'm stuck. I don't understand why the "Undefined variable" error pops when I have the variables assigned with $_POST['author']...

I'd appreciate any help or explanation. Thanks.

Improve this question
1
  • 1
    Your code is wide open to SQL injection. You're also using deprecated mysql_*. Use mysqli_* or PDO instead Commented Nov 2, 2015 at 12:40

5 Answers 5

Reset to default
2

Use super global variables as $_POST[]

 echo $author = $_POST['author'];
 echo $isbn = $_POST['isbn'];

Before updated into database use mysql_real_escape_string

$author=mysql_real_escape_string($author),
$isbn=mysql_real_escape_string($isbn));

 $sql = "UPDATE `booklist` SET Author='".$author."', Title='title', ISBN = '".$isbn."' WHERE ID = $id";

Note

mysql is deprecated instead use mysqli OR PDO

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Thanks. However, I can't find the error on the form. The only problem now is line 48. I don't know why it can't recognize the value of id. How do I fix it? Thanks.
create a hidden field in your form echo "<input type='hidden' name='id' value='$id' > <br />"; and get your id as ` $id = $_POST['id'];`
thank you for your help. I just started learning PHP a few days ago and still getting myself familiar of the syntax. All the answers from stackoverflow community is definitely helping me learn faster. Thanks again.
0

Change this line

echo $author = $POST['author'];
 echo $isbn = $POST['isbn'];

to

echo $author = $_POST['author'];
echo $isbn = $_POST['isbn'];
Improve this answer

Comments

0

you have a syntax error, you use $POST instead of $_POST.

 echo $author = $_POST['author']; //line 45
 echo $isbn = $_POST['isbn']; //line 46

 $sql = "UPDATE booklist SET Author='$author', Title='title', ISBN = '$isbn' WHERE ID = '$id' ";  //line 48
Improve this answer

Comments

0

There are a couple of errors in the code. Firstly, $_POST is a superglobal in php. Superglobals start with a dollar sign and an underscore. You forgot the underscore that's why it's undefined. rewrite as:

echo $author = $_POST['author'];
echo $isbn = $_POST['isbn'];

Secondly, you're using the $id variable inside the quotes. Rewrite line 48 as:

$sql = "UPDATE booklist SET Author='{$author}', Title='title', ISBN = '{$isbn}' WHERE ID = '{$id}' "; //line 48

To use variables inside quotes without concatenation, you can use the '{' bracket. Keep in mind though, you can't do the same with constant values. Hope this helps :)

Improve this answer

Comments

0

The syntax for php POST global variable is $_POST not $POST that you are using.

And I guess you are getting $id from a form using $_GET or $_POST method only. So check out those syntaxes as well.

Improve this answer

3 Comments

my bad. A typo error there. However, I can't find the error on the form. The only problem now is line 48. I don't know why it can't recognize the value of id. How do I fix it? Thanks.
one more type mistake @jordan . You didn't close double quotes before $id in a sql statement. Try rewriting the statement with proper syntax.
the query could be like $sql = "UPDATE booklist SET Author='".$author."', Title='title', ISBN = '".$isbn."' WHERE ID = ".$id;

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.