Hello I'm trying to update a column in my mysql table and I can't get it working.
When I'm trying to click confirm, it doesn't change anything.
orders.php
<?php while ($row = mysqli_fetch_array($results)) { ?>
<tr>
<td><?php echo $row['fullname']; ?></td>
<td><?php echo $row['address']; ?></td>
<td><?php echo $row['mobile']; ?></td>
<td><?php echo $row['order_item']; ?></td>
<td><?php echo $row['quantity']; ?></td>
<td><?php echo $row['total_amount']; ?></td>
<td><?php echo $row['payment']; ?></td>
<td><?php echo $row['status']; ?></td>
<td>
<a href="vieworders.php?pending=<?php echo $row['id']; ?>" class="edit_btn" onclick="return confirm('Update status?');">Pending</a>
</td>
<td>
<a href="vieworders.php?confirm=<?php echo $row['id']; ?>" class="del_btn" onclick="return confirm('Update status?');">Confirm</a>
</td>
</tr>
<?php } ?>
admin.php
if (isset($_POST['pending'])) {
$pending = "Pending";
$id = $_POST['id'];
mysqli_query($db, "UPDATE order_information SET status='$pending' WHERE id=$id");
array_push($success, "Update SUCCESS");
}
if (isset($_POST['confirm'])) {
$confirm = "Confirm";
$id = $_POST['id'];
mysqli_query($db, "UPDATE order_information SET status='$confirm' WHERE id=$id");
array_push($success, "Update SUCCESS");
}
You are expecting a http Post on your script whilst you are making a Get request by clicking on the link.
Try this instead
if (isset($_REQUEST['pending'])) {
$pending = "Pending";
$id = mysqli_real_escape_string($db,$_REQUEST['id']);
mysqli_query($db, "UPDATE order_information SET status='$pending' WHERE id=$id");
array_push($success, "Update SUCCESS");
}
if (isset($_REQUEST['confirm'])) {
$confirm = "Confirm";
$id = mysqli_real_escape_string($db,$_REQUEST['id']);
mysqli_query($db, "UPDATE order_information SET status='$confirm' WHERE id=$id");
array_push($success, "Update SUCCESS");
}
Notice I escaped you inputs... It's a good habit that can save you from peti-hackers trying out SQL injections
I hope this helps you. Don't mind my rusty typing. Still not use the the mobile app
Your href goes to vieworders.php, which is a $_GET, how did you link up admin.php. in vieworders.php, your id will be in the $_GET.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.