DYNAMIC WEB DEVELOPMENT
ADD, UPDATE RECORDS IN THE DATABASE
Dr. Basel Almourad
GOALS
 Learn how to use PHP to insert & update records in the
  database.
                          OUTLINE
                          1. Insert database record
                          2. Update database record
                          3. Q & A
INSERT DATA BASED ON A STICKY
FORM VALUES
INSERT DATA BASED ON A STICKY
FORM VALUES
                                             register.php
<form action="register.php" method="post">
  <p>First Name: <input type="text" name="first_name" size="15" maxlength="20"
  value=” <?php if (isset($_POST['first_name'])) echo $_POST['first_name']; ?>"></p>
  <p>Last Name: <input type="text" name="last_name" size="15" maxlength="40”
  value=” <?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>"></p>
  <p>Email Address: <input type="email" name="email" size="20" maxlength="60"
  value=” <?php if (isset($_POST['email'])) echo $_POST['email']; ?>" > </p>
  <p>Password: <input type="password" name="pass1" size="10" maxlength="20"
        value=” <?php if (isset($_POST['pass1'])) echo $_POST['pass1']; ?>" ></p>
  <p>Confirm Password: <input type="password" name="pass2" size="10" maxlength="20"
        value="<?php if (isset($_POST['pass2'])) echo $_POST['pass2']; ?>" ></p>
  <p><input type="submit" name="submit" value="Register"></p>
</form>
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $errors = []; // Initialize an error array.
    // Check for all input errors. Use if statements
if (empty($errors)) { // If everything's OK.
    require('includes/mysqli_connect.php'); // Connect to the db.
    $q = "INSERT INTO users (first_name, last_name, email, pass, registration_date)
             VALUES ('$fn', '$ln', '$e', SHA2('$p', 512), NOW() )";
    $r = @mysqli_query($dbc, $q); // Run the query.
               if ($r) { // If it run OK.
                                                                                       Script9.3
                           echo '<h1>Thank you!</h1>
                                                                                      Register.php
               } else { // If it did not run OK.
                           echo '<h1>Could not register</h1>
               } // End of if ($r) IF.
    } else { // Report the errors.
               echo '<h1>Error!</h1>
} // End of if (empty($errors)) IF.
} // End of the main Submit conditional.
RECORD UPDATE
                                         password.php
<form action="password.php" method="post">
  <p>Email Address: <input type="email" name="email" size="20" maxlength="60" value="<?
  php if (isset($_POST['email'])) echo $_POST['email']; ?>" > </p>
  <p>Current Password: <input type="password" name="pass" size="10" maxlength="20"
  value="<?php if (isset($_POST['pass'])) echo $_POST['pass']; ?>" ></p>
  <p>New Password: <input type="password" name="pass1" size="10" maxlength="20"
  value="<?php if (isset($_POST['pass1'])) echo $_POST['pass1']; ?>" ></p>
  <p>Confirm New Password: <input type="password" name="pass2" size="10"
  maxlength="20" value="<?php if (isset($_POST['pass2'])) echo $_POST['pass2']; ?>" ></p>
  <p><input type="submit" name="submit" value="Change Password"></p>
</form>
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $errors = []; // Initialize an error array.
    if (empty($errors)) { // If everything's OK
                 $q = "SELECT user_id FROM users WHERE (email='$e' AND pass=SHA2('$p', 512) )";
                 $r = @mysqli_query($dbc, $q); $num = @mysqli_num_rows($r);
                 if ($num == 1) { // Match was made.
                              $row = mysqli_fetch_array($r, MYSQLI_NUM);                // Get the user_id
                              $q = "UPDATE users SET pass=SHA2('$np', 512) WHERE user_id=$row[0]";
                              $r = @mysqli_query($dbc, $q);
                                                                                                              Script9.7
                              if (mysqli_affected_rows($dbc) == 1) {       // If it ran OK.
                                                                                                             Register.php
                                            echo '<h1>Thank you!</h1>
                              } else { // If it did not run OK.
                                            echo '<h1>System Error</h1>
                              }
                 } else { // Invalid email address/password combination.
                     <p class="error">The email address and password do not match those on file.</p>';
                 }
    } else { // Report the errors.
                 echo '<h1>Error!</h1>
    } // End of if (empty($errors)) IF.
} // End of the main Submit conditional.
ANY QUESTIONS?
                 9
          REFERENCES AND MORE READING
• Book
 • Chapter 4: Introduction to MySQL
 • Chapter 9: Using PHP with MySQL
• W3School
 • https://www.w3schools.com/php/php_mysql_intro.asp
                                                       10