Hi, I have a small problem. I made a form to update serveral id's at the same time. Im looking to update the same field.


echo "<form action='page.php?action=order' method='POST'>";
$sql = "SELECT * FROM `page` ORDER BY `order` DESC";
$result = mysql_query($sql) or die(mysql_error());
while ($row = mysql_fetch_object($result))
{
echo "<input type='text' name='order' value='$row->order'>";
}
echo "<input type='submit' value='save'></form>";


in page.php?action=order:

$sql = "UPDATE `page` SET order = '".$_POST['order']."'";
mysql_query($sql) or die(mysql_error());

Im clueless, any suggestions?

Thanks in advance
Niklas

what's the error?

right now there are 4 rows in that table, so the "order" field should be updated 4 times. Once for each row. If I use the above code, all rows get the same value, and I cant put in...

WHERE `id` = '"$_GET['id']"'

...since im not looking to update a single row. Im looking to update all rows.

That would be the error i guess...

Any suggestions?

Thanks for taking the time to answer! :)

/Niklas

Without answering the problem, I'll say that you better wrap everything you put in the database with addslashes() lest you want a database injection exploit.

Can you show me what that would look like? Im sorry but I dont understand since this is all new to me.

Thanks

addslashes is crap use mysql_escape_string() http://dev.mysql.com/doc/refman/5.0/en/mysql-real-escape-string.html

anyway:
$sql = "UPDATE 'page' SET order = '" . $_POST['order'] . "' ";
that looks right to me, unless you provide an error message, no one can help.

It is working, but now the way i want. I want it to work just like when you set the vB forum order. But thats not possible with my strings of code since all text fields have the same "name", and that gives all rows in the db the same value. for example:

<input type="text" name="order" value="1">
<input type="text" name="order" value="2">
<input type="text" name="order" value="3">
<input type="text" name="order" value="4">

once you hit the submit button the value "4" will be put in all rows in the database. instead of that, i want "1" to be put in the first row, "2" to be put in the second row and so on.....the question is how...

Thanks!

You're creating multiple text fields in that loop and they all have the same name value.

Yes I'm aware of that. Now I'm looking for a solution.....

I tried the following:

echo "<form action='page.php?action=order' method='POST'>";
$sql = "SELECT * FROM `page` ORDER BY `id` DESC";
$result = mysql_query($sql) or die(mysql_error());
while ($row = mysql_fetch_object($result))
{
echo "<input type='text' name='order[$row->id]' value='$row->order'>";
}
echo "<input type='submit' value='save'></form>";


In page.php?action=order:

$sql = "SELECT * FROM `page` ORDER BY `id` DESC";
$result = mysql_query($sql) or die(mysql_error());
while ($row = mysql_fetch_object($result))
{
$insert = $_POST["order[$row->id]"];

$sql = "UPDATE `page` SET `order` = '$insert' ORDER BY `id` DESC";
mysql_query($sql) or die(mysql_error());
}


Sadly, it didnt work. Didnt think it would but it was worth a try atleast. For some reason, the mysql query can only store one value, and tha value is stored in every row.

Works, thanks for all the help!