So, I have a page with a bunch of workorders on it. Each workorder is a row in a single table, and gets put on the page with a while() statement.
I’m trying to update each row with a simple form that I put inside the while(), and an UPDATE/WHERE statement to actually add the information to the table.

Instead of adding it to the specific row, it adds it to Every row. The only thing I can think of is that my WHERE condition is wrong, but I can’t seem to figure it out. Maybe it just needs fresh eyes, or maybe I’m heading in Completely the wrong direction.

Also, any specific instructions on security, a better way to do it, etc. would be very helpful. I’m learning PHP on the fly and could use a helping hand. 🙂

<?php

        $query = "SELECT * FROM client_information"; 

        $result = mysql_query($query) or die(mysql_error());


        while($row = mysql_fetch_array($result)){ 

        $which_ad = $row['ID'];?>

            <b>Name:</b> <? echo $row['billing_name']; ?> <br>
            <b>Job Type:</b> <? echo $row['job_type']; ?> <br>
            <b>Size:</b> <? echo $row['size']; ?> <br>
            <b>Text:</b> <? echo $row['text']; ?> <br>
            <b>Notes:</b> <? echo $notes; ?> <br>

            <br><br>

        <form action="small_update.php" method="POST">
        <strong>Email Message:</strong><br>
        <textarea rows="8" cols="60" name="email_message"></textarea>        
        <input type="submit" name="submit" value="Submit"></form>


<?
$email_message = htmlspecialchars ("{$_POST['email_message']}", ENT_QUOTES);


if (mysql_errno() != 0) {
die(mysql_error());
}

mysql_query(
"UPDATE client_information
SET email_message='$email_message'

WHERE ID='$which_ad'"
);


if (mysql_errno() != 0) {
die(mysql_error());
}

    }

?>