Just need assistance some php CRUD functionality

Question

Im currently coding a website in php, unfortunately ive hit a road block were i cant seem to get my amend.php and update.php pages to work and update on my created display page below is the code.

Display page displays a table with descriptive columns when the hyperlink 'amend' is select it runs the amend.php.

Amend

<?php
include 'connection.php';



$id = $_GET ['theid'];

$query = "SELECT * FROM place WHERE placeid = '$id'";

$results = mysqli_query($connection,$query);

$row = mysqli_fetch_assoc($results);
?>
<?php include 'header.php'; ?>

    <body>
        <h2>Amend</h2>

            <form method="post" action="updateplace.php">

                <fieldset class="fieldset-width1">

                    <input type="hidden" name="hiddenID" value= "<?php echo $row['placeid']; ?>" />
                    <br />
                    <br />
                    <label class="align" for="txtplacename">Place Name: </label>
                    <input type="text" name="txtplacename" value = "<?php echo $row['placename']; ?>" />
                    <br />
                    <br />
                    <label class="align"for="txtplacedesc">Place description: </label>
                    <input type="text" name="txtplacedesc" value = "<?php echo $row['placedesc']; ?>" />
                    <br />
                    <br />
                    <label class="align"for="txtplacecat">Place category: </label>
                    <input type="text" name="txtplacecat" value = "<?php echo $row['placecat']; ?>" />
                    <br />
                    <br />
                    <label class="align" for="txtplaceimg">Place image: </label>
                    <input type="text" name="txtplaceimg" value = "<?php echo $row['placeimg']; ?>" />
                    <br />
                    <br />
                    <input type="submit" value="Submit" name='submit' />
                    </fieldset>
            </form>
        </p>
<?php include 'footer.php'; ?>
    </body>

</html>

This php page works as it displays all the data from phpmyadmin using the selected id.

update

<?php
include 'connection.php';

if(isset($_POST['submit'])){

 $placeid = $_POST['hiddenID'];
 $placename = $_POST['txtplacename'];
 $placedesc = $_POST['txtplacedesc'];
 $placecat = $_POST['txtplacecat'];
 $placeimg = $_POST['txtplaceimg'];
}

$query = "UPDATE place 
SET placename = '$placename';
SET placedesc = '$placedesc';
SET placecat = '$placecat';
SET placeimg = '$placeimg';
WHERE
placeid = '$placeid'";

mysqli_query($connection,$query);

header("location:admin.php");

when i select the submit button the header redirects me however none of the columns i change will have been updated. Any help would be appreciated thanks

Answer 1

Look at your UPDATE query,

$query = "UPDATE place 
SET placename = '$placename';  <==
SET placedesc = '$placedesc';  <==
...

You're terminating your UPDATE operation in every line using ;, which is breaking your query. Furthermore, your UPDATE query itself is wrong, it should be like this:

$query = "UPDATE place SET placename = '$placename', placedesc = '$placedesc', placecat = '$placecat', placeimg = '$placeimg' WHERE placeid = '$placeid'";

---

Sidenote: Learn about prepared statement because right now your query is susceptible to SQL injection attacks. Also here's a good read on how you can prevent SQL injection in PHP.

Answer 2

You should not just assume the query was successful. Replace your mysqli_query line with this to figure out what is going on:

if (!mysqli_query($connection, $query)) {
    echo("Error description: " . mysqli_error($connection));
    die();
}

Assuming you have some sort of error, it will prevent the redirect and display. If you still get a redirect, there was nothing wrong with the query itself, rather your $placeid value does not exist in the database.