-2

So i'm trying to ammend data from a database in which a user will click ammend and it takes them to a form displaying the current data in which the user can then edit the data, however the data does not hold in the form.

The first page is 

   <?php
  include 'connection.php';
  $id=$_GET['id'];
  $query = "SELECT * FROM products WHERE ProductID = '$id'";
  $result = mysqli_query($connection, $query);

  $row=mysqli_fetch_assoc($result);
  ?>

  <form method="post" action="UpdateProduct.php">
  <fieldset>
    <legend>
        Enter Product Details
    </legend>
    <input type="hidden" name="ProductID" value="<?php echo $row['ProductID'];?>" /> 
    <label for="ProductName">Product Name: </label><br />
    <input type="text" name="ProductName" value"<?php echo $row['ProductName'];?>"/><br /><br />
    <label for="ProductPrice">Price: </label><br />
    <input type="text" name="ProductPrice" value"<?php echo $row['ProductPrice'];?>"/><br /><br />
    <label for="ProductImageName">Image Filename: </label><br />
    <input type="text" name="ProductImageName" value"<?php echo $row['ProductImageName'];?>"/><br /><br />

    <input type="submit" value="Submit"/>
    <input type="reset" value="Clear"/>

</fieldset>

The second page is this 

     <?php

    include 'connection.php';

    $id=$_POST['ProductID'];
    $ProductName=$_POST['ProductName'];
    $ProductPrice=$_POST['ProductPrice'];
    $ProductImageName=$_POST['ProductImageName'];


    $query = "UPDATE products 
    SET 
    ProductName ='$ProductName', ProductPrice='$ProductPrice' , 
    ProductImageName='$ProductImageName' WHERE ProductID='$id'";

    mysqli_query($connection,$query);

    header("location: watwk8.php");


     ?>

The image attached shows the empty form that should hold the value from the database i.e. mugs

Funk Forty Niner
  • 74,372
  • 15
  • 66
  • 132
Dom Deeroy
  • 1
  • If you dump out the `SELECT` query, is it returning any data? – Cory Fail Dec 08 '18 at 03:00
  • Enable error reporting http://php.net/manual/en/function.error-reporting.php and see if there are errors on the query using `mysqli_error($connection)` - and update your question to contain what those were, if any. – Funk Forty Niner Dec 08 '18 at 03:04
  • Btw, you're open to a serious SQL injection here. Best you learn how to work with prepared statements. They may very well be there to save your database one day. – Funk Forty Niner Dec 08 '18 at 03:06
  • 1
    Consult the duplicate questions. They contain everything that you need to debug your code, which is what you need to do, not us. I also asked a while to do so, but I failed to see an update done to the question. If you tried to debug and you didn't know how to fix it and/or how to interpret the error messages, then by all means update your question and ping me back, and I'll take another look at it. Till then, you need to do your part here; this isn't a one-way street, remember that. – Funk Forty Niner Dec 08 '18 at 03:16

2 Answers2

0

Use concatenation

$query = "SELECT * FROM products WHERE ProductID = '".$id."'";

Also print the echo $query;

it should give the following result SELECT * FROM products WHERE ProductID = '1'

NEET JASSI
  • 93
  • 1
  • 2
  • 12
  • what difference would this make? and why was this upvoted? Both `'$var'` and `'".$var."'` do the same thing here. This answer does not solve this question at all, it's "poetayto, poetahto". – Funk Forty Niner Dec 08 '18 at 03:13
  • try to put some array in place of $id, some thing like this $data['id'], you will get an answer – NEET JASSI Dec 08 '18 at 03:15
0

Don't do this. Use PDO prepared statements. 

$prepare=$connection->prepare("SELECT * FROM products WHERE ProductID=?");
$prepare->execute([$id]);
$fetch=$prepare->fetchall(PDO::FETCH_ASSOC);
Maciek Semik
  • 1,778
  • 21
  • 37