Database Not Updated

fabianojp06 · December 3, 2013, 6:59pm

I have this code, however it does not update the database…please need help…

index.php

<html>
<form method="POST" action="listforn.php" name="funcionarios">

Numero: <input type="text" name="palavra"/>

<input type="text" name="mensagem">

<input type="submit" value="Buscar"/>

</form>

</html>

=====================================================
listforn.php

<HTML>
<HEAD>
<TITLE>Documento PHP</TITLE>
</HEAD>
<BODY>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Funcionarios</title>
<link rel="stylesheet" type="text/css" href="estilos/main.css" />
<script type="text/javascript">
function delRecord(codpessoa) {
var teste = confirm("Tem certeza que quer excluir o registro?");
if (teste==false) {
window.location = "listforn.php";
}
else window.location = "delforn.php?cod="+codpessoa;
}
</script>
</head>
<body>
<table id="data">
<caption>Listagem de Funcionários</caption>
<tr>
<th>ID</th>
<th>Coligada</th>
<th>Matrícula</th>
<th>Chapa</th>
<th>Seção</th>
<th>Nome</th>
<th>PIS</th>
<th>Excluir</th>
<th>Alterar</th>

</tr>
<?php
# Conexão ao servidor MySQL
# e seleção do banco Web21
include("includes/conn.php");
$palavra = $POST'palavra';
$sql="select from pfunc where id = ".$palavra."";
$query = mysqlquery($sql);
while ($linha = mysqlfetcharray($query)) {
echo "<tr>";
echo "<td>$linhaid</td>";
echo "<td>$linhacodcoligada</td>";
echo "<td>$linhacodpessoa</td>";
echo "<td>$linhachapa</td>";
echo "<td>$linhacodsecao</td>";
echo "<td>$linhanome</td>";
echo "<td>$linhapisparafgts</td>";
echo "<td style='text-align:center'>";
echo "<a href='javascript:delRecord(".$linha'id'.");'>X</a>";
echo "</td>";
echo "<td style='text-align:center'>";
echo "<a href='altforn.php?cod=".$linha'id'."'>";
echo "<img src='imagens/edit.png' border='0' width='16' height='16' /></a>";
echo "</td>";
echo "</tr>\
";
}
?>
</table>
</body>
</html>
</table>
</BODY>
</HTML>

========================================================

altforn.php

<HTML>
<HEAD>
<TITLE>Documento PHP</TITLE>
</HEAD>
<BODY>
<?php
include("includes/conn.php");
$sql="select from pfunc where id = '$GETcod'";
$query = mysqlquery($sql);
$linha = mysqlfetcharray($query);
?>
<h1>Cadastro de Fornecedores</h1>
<form id="form1" name="form1" method="post" action="doaltforn.php">
<fieldset>
<legend>Cadastro</legend>
<label>ID:</label>
<input type="text" name="id" readonly="readonly" value="<?php echo $linha'id';?>" /><br />
<input type="text" name="codpessoa" readonly="readonly" value="<?php echo $linha'codpessoa';?>" /><br />
<label for="nome">Nome:</label>
<input type="text" name="nome" id="nome" value="<?php echo $linha'nome';?>" /><br />
<label for="nome">Coligada:</label>
<input type="text" name="codcoligada" id="codcoligada" value="<?php echo $linha'codcoligada';?>" /><br />
<label for="nome">Chapa:</label>
<input type="text" name="chapa" id="chapa" value="<?php echo $linha'chapa';?>" /><br />
<label for="nome">Seção:</label>
<input type="text" name="codsecao" id="codsecao" value="<?php echo $linha'codsecao';?>" /><br />
<label for="nome">Pis:</label>
<input type="text" name="pisparafgts" id="pisparafgts" value="<?php echo $linha'pisparafgts';?>" /><br />
<label></label>
<input name="enviar" type="submit" value="Alterar" />
</fieldset>
</form>
</BODY>
</HTML>

==========================================================
doaltforn.php

<?php
include("includes/conn.php");
$ideditar = (int)$GET'cod';
$nome = $POST'nome';
$codcoligada = $POST'codcoligada';
$chapa = $POST'chapa';
$codsecao = $POST'codsecao';
$pisparafgts = $POST'pisparafgts';

$sql = "UPDATE pfunc SET nome = '$nome', codcoligada = '$codcoligada', chapa = '$chapa', codsecao = '$codsecao', pisparafgts = '$pisparafgts'

WHERE id = $ideditar ";
$query = mysqlquery($sql) or die(mysqlerror());
header("Location:index.php");

fishCode · December 4, 2013, 5:37am

I could be wrong here, but I believe you need underscores in your mysql commands: mysqlquery should be mysql_query and mysqlfetcharray should be mysql_fetch_array etc…

SpacePhoenix · December 4, 2013, 7:01am

Please be aware that the mysql_* extension is now deprecated as of the current version of PHP and will very likely be removed from the next 5.x version and will likely not be in PHP 6.x (when it eventually is released). You should migrate over to either the mysqli_* extension or to PDO. PDO is a better choice as it doesn’t tie you down so much to a particular database server software.

Once you have migrated you should use Prepared Statements to prevent SQL Injection attacks. Have a read of this article from the PHP manual, it shows how to use prepared statements with PDO and also explains the principle.

DarthGuido · December 4, 2013, 9:38am

You’re not only missing the underscores, but the square brackets as well : $GET’cod’ should be $GET[‘cod’] etc.
Where did you get that code from? You’ll have to go through it and re-insert all missing characters.