My code doesnt update the Student ID in our database help me fix it please. This is the code <?php
session_start();
// error_reporting(0);

$conn = mysqli_connect("localhost", "root", "", "card");

if (!$conn) {
die("Connection Failed: " . mysqli_connect_error());
}

include 'header.php';
$employee_name = $_SESSION['admin_name'];

if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['updateInformation'])) {
$student_id = $_POST['studentID'];

$query = "SELECT * FROM student_records WHERE studentID = '$student_id'";
$result = mysqli_query($conn, $query);
$row = mysqli_fetch_assoc($result);

$lname = ucwords(strtolower($_POST['lName']));
$fname = ucwords(strtolower($_POST['fName']));
$mname = ucwords(strtolower($_POST['mName']));
$studId = strtoupper($_POST['studentID']);
$lrn = strtoupper($_POST['lrn']);
$grade = $_POST['grade'];
$sec = strtoupper($_POST['sec']);
$aYear1 = $_POST['aYear1'];
$aYear2 = $_POST['aYear2'];
$acadYear = $aYear1 . '_' . $aYear2;

$update_query = "UPDATE student_records SET lastName = '$lname', firstName = '$fname', middleName = '$mname', studentID = '$studId', LRN = '$lrn', gradeLevel = '$grade', section = '$sec', academicYear = '$acadYear' WHERE studentID = '$student_id'";
$update_result = mysqli_query($conn, $update_query);

$date_and_time = new DateTime();
$date_and_time -> setTimezone(new DateTimeZone('Asia/Manila'));
$date_and_time = $date_and_time -> format('Y-m-d H:i:s');

$activity = $employee_name . " Edited " . $student_id . "\'s Information";
$activity_history = "INSERT INTO activity_history VALUES ('$date_and_time', '$activity', '3')";
$activity_history_result = mysqli_query($conn, $activity_history);

if ($update_result && $activity_history_result) {
header('Location: searchStudent.php');
exit();
}
else {
echo "Error updating student information: " . mysqli_error($conn);
}
}

if (isset($_POST['student_id']) && $_SESSION['employee_name']) {
$student_id = $_POST['student_id'];

$query = "SELECT * FROM student_records WHERE studentID = '$student_id'";
$result = mysqli_query($conn, $query);

$row = mysqli_fetch_assoc($result);

$lname = $row['lastName'];
$fname = $row['firstName'];
$mname = $row['middleName'];
$studId = $row['studentID'];
$lrn = $row['LRN'];
$grade = $row['gradeLevel'];
$sec = $row['section'];
$acadYear = $row['academicYear'];
}
else {
header('Location: searchStudent.php');
exit();
}
?>

Edit Student Information

">

Edit Student Information
<?php echo $employee_name;?>
Student ID:
" maxLength="9">

Last Name:
" required>

First Name:
" required>

Middle Name:
">

LRN:
">

Grade Level:
" maxlength="2" required>

Section:
" required>

Academic Year:
" maxLength="4">-
" maxLength="4">

Question

21-04-2024
Computers and Technology

Answered

My code doesnt update the Student ID in our database help me fix it please. This is the code <?php
session_start();
// error_reporting(0);

$conn = mysqli_connect("localhost", "root", "", "card");

if (!$conn) {
die("Connection Failed: " . mysqli_connect_error());
}

include 'header.php';
$employee_name = $_SESSION['admin_name'];

if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['updateInformation'])) {
$student_id = $_POST['studentID'];

$query = "SELECT * FROM student_records WHERE studentID = '$student_id'";
$result = mysqli_query($conn, $query);
$row = mysqli_fetch_assoc($result);

$lname = ucwords(strtolower($_POST['lName']));
$fname = ucwords(strtolower($_POST['fName']));
$mname = ucwords(strtolower($_POST['mName']));
$studId = strtoupper($_POST['studentID']);
$lrn = strtoupper($_POST['lrn']);
$grade = $_POST['grade'];
$sec = strtoupper($_POST['sec']);
$aYear1 = $_POST['aYear1'];
$aYear2 = $_POST['aYear2'];
$acadYear = $aYear1 . '_' . $aYear2;

$update_query = "UPDATE student_records SET lastName = '$lname', firstName = '$fname', middleName = '$mname', studentID = '$studId', LRN = '$lrn', gradeLevel = '$grade', section = '$sec', academicYear = '$acadYear' WHERE studentID = '$student_id'";
$update_result = mysqli_query($conn, $update_query);

$date_and_time = new DateTime();
$date_and_time -> setTimezone(new DateTimeZone('Asia/Manila'));
$date_and_time = $date_and_time -> format('Y-m-d H:i:s');

$activity = $employee_name . " Edited " . $student_id . "\'s Information";
$activity_history = "INSERT INTO activity_history VALUES ('$date_and_time', '$activity', '3')";
$activity_history_result = mysqli_query($conn, $activity_history);

if ($update_result && $activity_history_result) {
header('Location: searchStudent.php');
exit();
}
else {
echo "Error updating student information: " . mysqli_error($conn);
}
}

if (isset($_POST['student_id']) && $_SESSION['employee_name']) {
$student_id = $_POST['student_id'];

$query = "SELECT * FROM student_records WHERE studentID = '$student_id'";
$result = mysqli_query($conn, $query);

$row = mysqli_fetch_assoc($result);

$lname = $row['lastName'];
$fname = $row['firstName'];
$mname = $row['middleName'];
$studId = $row['studentID'];
$lrn = $row['LRN'];
$grade = $row['gradeLevel'];
$sec = $row['section'];
$acadYear = $row['academicYear'];
}
else {
header('Location: searchStudent.php');
exit();
}
?>

Edit Student Information

">

Edit Student Information
<?php echo $employee_name;?>
Student ID:
" maxLength="9">

Last Name:
" required>

First Name:
" required>

Middle Name:
">

LRN:
">

Grade Level:
" maxlength="2" required>

Section:
" required>

Academic Year:
" maxLength="4">-
" maxLength="4">

Answer :

Other Questions

At a concert $720.00 was collected for hotdogs hamburgers and soft drinks.all three coct $1.00 each. Twice as many hotdogs were sold as hamburgers. Three times

How are the relative lengths of the frog's small intestine and large intestine related to their functions?

A fence completely surrounds a pool,that is 30 feet by 10 feet.what is the approximate length,in feet,of the fence

HELP WITH MATH Complete the equation of the graphed linear function. Write the slope in decimal form. y = x + The graph of the function goes through poi

is 5.14 equal to 21/4

Italy and Germany were able to unify, in a big part because of A. dis-loyalty. B. nationalism. C. support from western Europe. D. control of natural resourc

the scale of a model train is 1 inch to 13.5 feet. one of the cars of the model train is 5 inches long. what is the length in feet of the actual train car

x^2+y^2-6x+16y-152=0

A scale fora map states that 2 inches equals 25 miles. If the distance from Dallas to Houston on the map is 19.2 inches, what is the actual distance, in miles,

chibabykalu16 chibabykalu16 · Answer 1 · 2024-04-21T03:02:27-04:00

Code Debugging:

It looks like your PHP code for updating student information in the database is mostly set up correctly, but there are a few points that might be causing issues with updating the Student ID. Let's identify possible flaws;

1. Form Data and POST Request Verification

First, make sure that the form sending the POST request is correctly formatted and includes a field named `updateInformation` that matches the condition in your PHP script. This is important because your script checks if this field is set before proceeding with the update.

Important: SQL Injection Vulnerability

Before addressing the main issue, it's important to note that your code is highly vulnerable to SQL injection because it directly inserts POST data into the SQL query. To fix this, you should use prepared statements. This not only secures your code but also might indirectly solve issues by ensuring data is correctly formatted for SQL operations.

3. Student ID Update Logic

The main issue seems to be related to how the Student ID is handled. You are using the same variable `$student_id` to fetch the current student record and also as the new Student ID. If you're trying to change the Student ID itself, there's a logical flaw here because the WHERE clause will use the new Student ID (if changed) to look for a record that hasn't been updated yet.

Also make sure you have a hidden input field in your form that holds the original Student ID, which you don't intend to change during the update process. This will be used in the WHERE clause to identify the correct record to update.

In short, by addressing these issues, it may work as intended.