Update sql record by checkbox in php

I have a problem to update sql record by checkbox in php.My problem is when I press the update button,all can show me update previous info record,but only in the checkbox unable to show me the previous record. Below is my coding:

Checkbox coding:

<div class="form-group col-lg-6">
    <label class="control-label col-lg-4">Pricing<span style="color:red;">&nbsp;</span></label>
    <div class="col-lg-8">
        <input type="checkbox" name="rm_option" id="rm_option" value="1"><strong> RM </strong></input>&nbsp;&nbsp;&nbsp;
        <input type="checkbox" name="point_option" id="point_option" value="1"><strong> Full Point </strong></input>&nbsp;&nbsp;&nbsp;
        <input type="checkbox" name="partial_option" id="partial_option" value="1"><strong> Partial Point + RM </strong></input>
    </div>
</div>

​x
 
<div class="form-group col-lg-6">    <label class="control-label col-lg-4">Pricing<span style="color:red;">&nbsp;</span></label>    <div class="col-lg-8">        <input type="checkbox" name="rm_option" id="rm_option" value="1"><strong> RM </strong></input>&nbsp;&nbsp;&nbsp;        <input type="checkbox" name="point_option" id="point_option" value="1"><strong> Full Point </strong></input>&nbsp;&nbsp;&nbsp;        <input type="checkbox" name="partial_option" id="partial_option" value="1"><strong> Partial Point + RM </strong></input>    </div></div>​

update function coding:

if ($action == 'save') {
    //echo "test";
    $id_merchant_list=get_tbl_val('merchant_list','id','id_user',$user_id);

    $column_key_insert[] = 'active';
   $column_val_insert[] = convert_db_value(1);
    $key_relationship_1[] = 'created';
    $val_relationship_1[] = convert_db_value($cur_dt);
    $key_relationship_1[] = 'createdby';
    $val_relationship_1[] = convert_db_value($user_name);
    $key_relationship_1[] = 'modified';
    $val_relationship_1[] = convert_db_value($cur_dt);
    $key_relationship_1[] = 'modifiedby';
    $val_relationship_1[] = convert_db_value($user_name);
    $key_relationship_1[] = 'p_or_ld';
    $val_relationship_1[] = convert_db_value('1');
    $key_relationship_1[] = 'id_merchant_list';
    $val_relationship_1[] = convert_db_value($id_merchant_list);
    $key_relationship_1[] = 'id_promotion_categories';
    $val_relationship_1[] = convert_db_value($_POST['id_promotion_categories']);
    $key_relationship_1[] = 'promotion_title';
    $val_relationship_1[] = convert_db_value($_POST['promotion_title']);
    $key_relationship_1[] = 'rm_option';
    $val_relationship_1[] = convert_db_value($_POST['rm_option']);
    $key_relationship_1[] = 'point_option';
    $val_relationship_1[] = convert_db_value($_POST['point_option']);
    $key_relationship_1[] = 'partial_option';
    $val_relationship_1[] = convert_db_value($_POST['partial_option']);
    $key_relationship_1[] = 'point_rm_rm';
    $val_relationship_1[] = convert_db_value($_POST['point_rm_rm']);
    $key_relationship_1[] = 'rm';
    $val_relationship_1[] = convert_db_value($_POST['rm']);
    $key_relationship_1[] = 'point';
    $val_relationship_1[] = convert_db_value($_POST['point']);
    $key_relationship_1[] = 'point_rm_point';
    $val_relationship_1[] = convert_db_value($_POST['point_rm_point']);
    $key_relationship_1[] = 'quantity_limit_option';
    $val_relationship_1[] = convert_db_value($_POST['quantity_limit_option']);
    $key_relationship_1[] = 'quantity_limit';
    $val_relationship_1[] = convert_db_value($_POST['quantity_limit']);
    $key_relationship_1[] = 'promotion_price_before';
    $val_relationship_1[] = convert_db_value($_POST['promotion_price_before']);
    $key_relationship_1[] = 'promotion_price_after';
    $val_relationship_1[] = convert_db_value($_POST['promotion_price_after']);
    $key_relationship_1[] = 'promotion_description';
    $val_relationship_1[] = convert_db_value($_POST['promotion_description']);
    $key_relationship_1[] = 'reservation';
    $val_relationship_1[] = convert_db_value($_POST['reservation']);
    $key_relationship_1[] = 'feature';
    $val_relationship_1[] = convert_db_value($_POST['feature']);
    $key_relationship_1[] = 'redemption_from_date';
    $val_relationship_1[] = convert_db_value($_POST['redemption_from_date']);
    $key_relationship_1[] = 'redemption_to_date';
    $val_relationship_1[] = convert_db_value($_POST['redemption_to_date']);
    $key_relationship_1[] = 'promotion_content';
    $val_relationship_1[] = convert_db_value($_POST['promotion_content']);
    $key_relationship_1[] = 'promotion_terms';
    $val_relationship_1[] = convert_db_value($_POST['promotion_terms']);
    $key_relationship_1[] = 'promotion_instruction';
    $val_relationship_1[] = convert_db_value($_POST['promotion_instruction']);
    $key_relationship_1[] = 'promotion_policy';
    $val_relationship_1[] = convert_db_value($_POST['promotion_policy']);
    $key_relationship_1[] = 'discount_percentage';
    $val_relationship_1[] = convert_db_value($_POST['discount_percentage']);
    $key_relationship_1[] = 'merchant_option';
    $val_relationship_1[] = convert_db_value($_POST['merchant_option']);
    $key_relationship_1[] = 'merchant_price';
    $val_relationship_1[] = convert_db_value($_POST['merchant_price']);
    $row_insert = db_conn_insert('promotion_list', $key_relationship_1, $val_relationship_1);
    $sql_insert = $row_insert['sql'];
    $error_insert = $row_insert['error'];
    $record_id = $row_insert['record_id'];

    unset($key_relationship_1);
    unset($val_relationship_1);
    if ($row_insert) {
        echo 'Saved successfully';
        // echo $sql_insert; 
    }
} 
else if ($action == 'update') {
    $id = isset($_POST['filter_id']) ? $_POST['filter_id'] : "";
    $id_promotion_categories = isset($_POST['id_promotion_categories']) ? $_POST['id_promotion_categories'] : "";
    $promotion_title = isset($_POST['promotion_title']) ? $_POST['promotion_title'] : "";
    $promotion_description = isset($_POST['promotion_description']) ? $_POST['promotion_description'] : "";
    $reservation = isset($_POST['reservation']) ? $_POST['reservation'] : "";
    $feature = isset($_POST['feature']) ? $_POST['feature'] : "";
    $discount_percentage = isset($_POST['discount_percentage']) ? $_POST['discount_percentage'] : "";
    $promotion_price_before = isset($_POST['promotion_price_before']) ? $_POST['promotion_price_before'] : "";
    $promotion_price_before = isset($_POST['promotion_price_before']) ? $_POST['promotion_price_before'] : "";

    $rm = isset($_POST['rm']) ? $_POST['rm'] : "";
    $point = isset($_POST['point']) ? $_POST['point'] : "";
    $partial_point = isset($_POST['point_rm_point']) ? $_POST['point_rm_point'] : "";
    $partial_rm = isset($_POST['point_rm_rm']) ? $_POST['point_rm_rm'] : "";

    $rm_option = isset($_POST['rm_option ']) ? $_POST['rm_option '] : "";
    $point_option = isset($_POST['point_option ']) ? $_POST['point_option '] : "";
    $partial_option = isset($_POST['partial_option ']) ? $_POST['partial_option '] : "";

    $query = "UPDATE ".$table.
    " SET id_promotion_categories = '".$id_promotion_categories.
    "', promotion_title = '".$promotion_title.
    "', promotion_description = '".$promotion_description.
    "', reservation = '".$reservation.
    "',rm = '".$rm.
    "',point = '".$point.
    "',point_rm_point = '".$partial_point.
    "',point_rm_rm = '".$partial_rm.
    "',rm_option = '".$rm_option.
    "',point_option = '".$point_option.
    "',partial_option = '".$partial_option.
    "', feature = '".$feature.
    "' where id='".$id.
    "'";

    $arr_treatment = db_conn_update($query);

    if ($arr_treatment) {

        $result_arr['msg'] = 'Update Successful';
    } else {
        $result_arr['msg'] = 'Error in processing data. Please try again later.';
    }
    $result_arr = special_char_display_arr($result_arr);
    $json = json_encode($result_arr);
    print($json);

} else if ($action == 'edit') {
    $id = isset($_POST['id']) ? $_POST['id'] : "";
    $sql = 'SELECT *  FROM promotion_list WHERE id = '.$id;
    $result_arr['sql'] = $sql;
    $result_arr = get_tbl_row($sql);
    //$result_arr['treatment_category_name'] = get_tbl_val('treatment_category_list', 'id', 'name', $result_arr['category']);
    $result_arr = special_char_display_arr($result_arr);
    $json = json_encode($result_arr);
    print($json);

 
if ($action == 'save') {    //echo "test";    $id_merchant_list=get_tbl_val('merchant_list','id','id_user',$user_id);​    $column_key_insert[] = 'active';   $column_val_insert[] = convert_db_value(1);    $key_relationship_1[] = 'created';    $val_relationship_1[] = convert_db_value($cur_dt);    $key_relationship_1[] = 'createdby';    $val_relationship_1[] = convert_db_value($user_name);    $key_relationship_1[] = 'modified';    $val_relationship_1[] = convert_db_value($cur_dt);    $key_relationship_1[] = 'modifiedby';    $val_relationship_1[] = convert_db_value($user_name);    $key_relationship_1[] = 'p_or_ld';    $val_relationship_1[] = convert_db_value('1');    $key_relationship_1[] = 'id_merchant_list';    $val_relationship_1[] = convert_db_value($id_merchant_list);    $key_relationship_1[] = 'id_promotion_categories';    $val_relationship_1[] = convert_db_value($_POST['id_promotion_categories']);    $key_relationship_1[] = 'promotion_title';    $val_relationship_1[] = convert_db_value($_POST['promotion_title']);    $key_relationship_1[] = 'rm_option';    $val_relationship_1[] = convert_db_value($_POST['rm_option']);    $key_relationship_1[] = 'point_option';    $val_relationship_1[] = convert_db_value($_POST['point_option']);    $key_relationship_1[] = 'partial_option';    $val_relationship_1[] = convert_db_value($_POST['partial_option']);    $key_relationship_1[] = 'point_rm_rm';    $val_relationship_1[] = convert_db_value($_POST['point_rm_rm']);    $key_relationship_1[] = 'rm';    $val_relationship_1[] = convert_db_value($_POST['rm']);    $key_relationship_1[] = 'point';    $val_relationship_1[] = convert_db_value($_POST['point']);    $key_relationship_1[] = 'point_rm_point';    $val_relationship_1[] = convert_db_value($_POST['point_rm_point']);    $key_relationship_1[] = 'quantity_limit_option';    $val_relationship_1[] = convert_db_value($_POST['quantity_limit_option']);    $key_relationship_1[] = 'quantity_limit';    $val_relationship_1[] = convert_db_value($_POST['quantity_limit']);    $key_relationship_1[] = 'promotion_price_before';    $val_relationship_1[] = convert_db_value($_POST['promotion_price_before']);    $key_relationship_1[] = 'promotion_price_after';    $val_relationship_1[] = convert_db_value($_POST['promotion_price_after']);    $key_relationship_1[] = 'promotion_description';    $val_relationship_1[] = convert_db_value($_POST['promotion_description']);    $key_relationship_1[] = 'reservation';    $val_relationship_1[] = convert_db_value($_POST['reservation']);    $key_relationship_1[] = 'feature';    $val_relationship_1[] = convert_db_value($_POST['feature']);    $key_relationship_1[] = 'redemption_from_date';    $val_relationship_1[] = convert_db_value($_POST['redemption_from_date']);    $key_relationship_1[] = 'redemption_to_date';    $val_relationship_1[] = convert_db_value($_POST['redemption_to_date']);    $key_relationship_1[] = 'promotion_content';    $val_relationship_1[] = convert_db_value($_POST['promotion_content']);    $key_relationship_1[] = 'promotion_terms';    $val_relationship_1[] = convert_db_value($_POST['promotion_terms']);    $key_relationship_1[] = 'promotion_instruction';    $val_relationship_1[] = convert_db_value($_POST['promotion_instruction']);    $key_relationship_1[] = 'promotion_policy';    $val_relationship_1[] = convert_db_value($_POST['promotion_policy']);    $key_relationship_1[] = 'discount_percentage';    $val_relationship_1[] = convert_db_value($_POST['discount_percentage']);    $key_relationship_1[] = 'merchant_option';    $val_relationship_1[] = convert_db_value($_POST['merchant_option']);    $key_relationship_1[] = 'merchant_price';    $val_relationship_1[] = convert_db_value($_POST['merchant_price']);    $row_insert = db_conn_insert('promotion_list', $key_relationship_1, $val_relationship_1);    $sql_insert = $row_insert['sql'];    $error_insert = $row_insert['error'];    $record_id = $row_insert['record_id'];​    unset($key_relationship_1);    unset($val_relationship_1);    if ($row_insert) {        echo 'Saved successfully';        // echo $sql_insert;     }} else if ($action == 'update') {    $id = isset($_POST['filter_id']) ? $_POST['filter_id'] : "";    $id_promotion_categories = isset($_POST['id_promotion_categories']) ? $_POST['id_promotion_categories'] : "";    $promotion_title = isset($_POST['promotion_title']) ? $_POST['promotion_title'] : "";    $promotion_description = isset($_POST['promotion_description']) ? $_POST['promotion_description'] : "";    $reservation = isset($_POST['reservation']) ? $_POST['reservation'] : "";    $feature = isset($_POST['feature']) ? $_POST['feature'] : "";    $discount_percentage = isset($_POST['discount_percentage']) ? $_POST['discount_percentage'] : "";    $promotion_price_before = isset($_POST['promotion_price_before']) ? $_POST['promotion_price_before'] : "";    $promotion_price_before = isset($_POST['promotion_price_before']) ? $_POST['promotion_price_before'] : "";​    $rm = isset($_POST['rm']) ? $_POST['rm'] : "";    $point = isset($_POST['point']) ? $_POST['point'] : "";    $partial_point = isset($_POST['point_rm_point']) ? $_POST['point_rm_point'] : "";    $partial_rm = isset($_POST['point_rm_rm']) ? $_POST['point_rm_rm'] : "";​    $rm_option = isset($_POST['rm_option ']) ? $_POST['rm_option '] : "";    $point_option = isset($_POST['point_option ']) ? $_POST['point_option '] : "";    $partial_option = isset($_POST['partial_option ']) ? $_POST['partial_option '] : "";​    $query = "UPDATE ".$table.    " SET id_promotion_categories = '".$id_promotion_categories.    "', promotion_title = '".$promotion_title.    "', promotion_description = '".$promotion_description.    "', reservation = '".$reservation.    "',rm = '".$rm.    "',point = '".$point.    "',point_rm_point = '".$partial_point.    "',point_rm_rm = '".$partial_rm.    "',rm_option = '".$rm_option.    "',point_option = '".$point_option.    "',partial_option = '".$partial_option.    "', feature = '".$feature.    "' where id='".$id.    "'";​    $arr_treatment = db_conn_update($query);​    if ($arr_treatment) {​        $result_arr['msg'] = 'Update Successful';    } else {        $result_arr['msg'] = 'Error in processing data. Please try again later.';    }    $result_arr = special_char_display_arr($result_arr);    $json = json_encode($result_arr);    print($json);​} else if ($action == 'edit') {    $id = isset($_POST['id']) ? $_POST['id'] : "";    $sql = 'SELECT *  FROM promotion_list WHERE id = '.$id;    $result_arr['sql'] = $sql;    $result_arr = get_tbl_row($sql);    //$result_arr['treatment_category_name'] = get_tbl_val('treatment_category_list', 'id', 'name', $result_arr['category']);    $result_arr = special_char_display_arr($result_arr);    $json = json_encode($result_arr);    print($json);​

Below is my output, the red box and the arrow means it unable to show me the previous record to update when I press the update button:

Hope someone can guide me how to solve it. Thanks.

Answer

Checkbox works differently than text field. If you want to show that a checkbox is already selected, then you’ll need to set an attribute “checked” in tag. E.g. Your input checkbox will look something like

<input type="checkbox" name="rm_option" id="rm_option" value="1" <?= $_POST['rm_option'] == 1:'checked':''?>><strong> RM </strong></input>&nbsp;&nbsp;&nbsp;

 
<input type="checkbox" name="rm_option" id="rm_option" value="1" <?= $_POST['rm_option'] == 1:'checked':''?>><strong> RM </strong></input>&nbsp;&nbsp;&nbsp;​

P.S:

Since you haven’t mentioned how you are displaying other data, so I am assuming that you are displaying it via the $_POST field, but if you are using some other variable, then you can use that one instead of $_POST
I am assuming that short tags are enabled on server as well, if not, you can replace with . You can read more about short tags in https://www.php.net/manual/en/language.basic-syntax.phpmode.php
Please read about term “Sql Injection”. There are quite a few places where your code is vulnerable to SQL Injection.

Advertisement

Answer