-2

this error appear when i want to do editing on specific rows and the rows was retrieved with live search AJAX.

this is my table look like :

<?php
        $no = 1;
        include_once('../../config.php');


        $keyword = "";
        if (isset($_POST['search'])) {
            $keyword = $_POST['search'];
        }


        if ($query = mysqli_query($koneksi, " SELECT product.*,brand.* FROM brand 
                                         LEFT JOIN product ON brand.id = product.id_brand
                                         WHERE product.nama_product LIKE '%" . $keyword . "%'
                                         OR product.harga_product LIKE '%" . $keyword . "%'
                                         OR product.berat_product LIKE '%" . $keyword . "%'
                                         OR product.warna_product LIKE '%" . $keyword . "%' 
                                         OR brand.brand_name LIKE '%" . $keyword . "%' 
                                         ORDER BY product.id ASC")) {
            $hitung_data = mysqli_num_rows($query);
        } else {
            echo ("Error description: " . mysqli_error($koneksi));
        }

        if ($hitung_data > 0) {
            while ($data = mysqli_fetch_array($query)) {
        ?>
                <tr>
                    <td><?php echo $no++; ?></td>
                    <td><?php echo $data['nama_product']; ?></td>
                    <td><?php echo $data['brand_name']; ?></td>
                    <td><?php echo $data['harga_product']; ?></td>
                    <td><?php echo $data['berat_product']; ?></td>
                    <td><?php echo $data['warna_product']; ?></td>
                    <td>
                      <?php echo 
                        '<a class="btn btn-primary" href="product_edit.php?id='.$data['id'].'"> <i class="fas fa-edit"> </i>Edit</a>
                        <a class="btn btn-danger" href="product_delete.php?id='.$data['id'].'"> <i class="fa fa-trash"> </i> Delete</a>';

                     ?>
                    </td>
                </tr>
            <?php }
        } else { ?>
            <tr>
                <td colspan='6' class="text-center">Tidak ada data ditemukan</td>
            </tr>
        <?php } ?>

so, when i click that edit, it's returning an error like this :


Notice: Undefined variable: nama_product in C:\xampp\htdocs\Project-Joki\tugaspw2022\admin\dashboard\product_edit.php on line 71

here's my product_edit.php

$id = $_GET['id'];


// Fetech user data based on id
$result = mysqli_query($koneksi, "SELECT * FROM product WHERE id=$id");


while ($product_data = mysqli_fetch_array($result)) {
    $nama_product = $product_data['nama_product'];
    $harga_product = $product_data['harga_product'];
    $warna_product = $product_data['warna_product'];
    $berat_product = $product_data['berat_product'];
}

i'll give sample code when i do showing data in this product_edit.php :

                    <div class="mb-3">
                        <label for="exampleInputEmail1" class="form-label">Product Name</label>
                        <input type="text" class="form-control" name="brand_name" value="<?php echo $nama_product ?>">
                    </div>

furthermore, when i do click on delete process, it wont delete anything

Daffa Raka Mahendra
  • 13
  • 7
  • **Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/32391315) – Dharman May 30 '22 at 19:58

0 Answers0