Hello, I want to update my table named as consignment fields. I have two files, first is update_form.php <form method="post" action="update.php"> Enter Your Consignment No. <input type="text" name="con_no" /> <br /> Enter Booking Date: <input type="text" name="book_date" /> <br> Enter Destination: <input type="text" name="desti" /> <br> Enter Consignment Type: <input type="text" name="con_type" /> <br> <br><br> <input type="submit" name="submit" value="UPDATE"/> <input type="reset" name="reset" value="RESET" /> </form> and second one is update.php <?php $link = mysql_connect("localhost", "root",""); mysql_select_db('skyline', $link); if(isset($_POST['submit'])) { $query =mysql_query("UPDATE consignment SET booking-date = '$_POST[book_date]', destination = '$_POST[desti]', consignment_type = '$_POST[con_type]' WHERE consignment_no = '$_POST[con_no]'"); if($query) { echo "Record Successfully Updated"; } else { echo "Error in updation."; } $query2= "SELECT * FROM consignment"; $result = mysql_query($query2); echo "<table border='2'> <tr> <th>Consignment-Id </th> <th>Consignment-Number</th> <th>Booking-Date</th> <th>Destination</th> <th>Consignment_Type</th> <th>Status </th> <th> </th> <th> </th> </tr>"; while($row = mysql_fetch_assoc($result)) { echo "<tr>"; echo "<td>" . $row['consignment_id'] . "</td>"; echo "<td>" . $row['consignment_no'] . "</td>"; echo "<td>" . $row['booking-date'] . "</td>"; echo "<td>" . $row['destination'] . "</td>"; echo "<td>" . $row['consignment_type'] . "</td>"; echo "<td>" . $row['status'] . "</td>"; echo "</tr>"; } echo "<tr>"; echo "<td><a href='admin_add.php'>Add More Consignments</a> </td>"; echo "<td><a href='update_form.php'>Update Consignments</a> </td>"; echo "<td><a href='delete_con.php'>Delete Consignments</a> </td>"; echo "</tr>"; echo "</table>"; } ?> The above code is not show any error, but it will not updating the fields. Please help me to find out the error. Thanks in advance.
You must use curly braces here: $query = mysql_query("UPDATE consignment SET booking-date = '{$_POST[book_date]}', destination = '{$_POST[desti]}', consignment_type = '{$_POST[con_type]}' WHERE consignment_no = '{$_POST[con_no]}'"); PHP: Curly braces - {} - are needed for array elements and object references inside double quotes. However, I really hope you don't insert raw data into the database. You should use mysql_real_escape_string, or prepared statements etc to prevent sql injections.
You should encode special characters $desti = htmlspecialchars($_POST[desti]); if still error you use $desti = addslashes(htmlspecialchars($_POST[desti])); when echo you use : echo stripslashes(htmlspecialchars_decode($desti)); Good luck
You should never store escaped HTML in your database. The database should store the raw data (properly escaped before inserting), not an HTML representation. Escaping special characters with addslashes is a bad idea. Why don't you use functions created just for this purpose? Addslashes is not suitable for escaping.