Home/ Questions/Q 8521753
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-11T06:54:57+00:00

When I type something in a text box and save it in mysqli it

  • 0

When I type something in a text box and save it in mysqli it works perfectly but when I refresh that same page the text that i wrote stuff, it disappears for no reason. I also I have another text box in that page and it works perfectly fine. How can I fix that? The bio text box is the one I’m having issues.

    $getpro = mysql_fetch_assoc(mysql_query("SELECT * FROM `profile` WHERE username = '".$user_data['username']."'  "));$pro = $getpro;
$bios = $pro["bios"];
$realtionship = $pro["realtionship"];
$impmessage = $pro["impmessage"];
if ($_POST['bio']){
$bio = $_POST['bio'] ;
$query;
}
if ($_POST['impmessage']){
$impmessage = $_POST['impmessage'] ;
$query;
}
$query = mysql_query("UPDATE `profile` SET  bios ='$bio',  impmessage = '$impmessage' WHERE username = '".$user_data['username']."'");<form name="bio"action="" method="post">
<p>Important Message</p> <textarea   cols="50" style="resize:none" name="bio"  rows="7" ><? echo $bios; ?></textarea><br />
<input type="submit" value="change">
</form><hr /><form name="impmessage"action="" method="post">
<p>Important Message</p> <textarea   cols="50" style="resize:none" name="impmessage"  rows="7" ><? echo $impmessage; ?></textarea><br />
<input type="submit" value="change">
</form>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I have rearranged & removed some of the code and tried tidying it a bit:

    <?php
    if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) // if form is submitted using POST method
    {
        if ( isset( $_POST['bio'] ) ){
            $bio = mysql_real_escape_string( $_POST['bio'] ); // escape special characters is user input
            $query = mysql_query("UPDATE `profile` SET  bios ='$bio' WHERE username = '".$user_data['username']."'"); //update bios
        }

        if (isset( $_POST['impmessage'] ) ){
            $impmessage = mysql_real_escape_string( $_POST['impmessage'] ); // escape special characters is user input
            $query = mysql_query("UPDATE `profile` SET impmessage = '$impmessage' WHERE username = '".$user_data['username']."'"); //update impmessage
        }
    }

    $pro = mysql_fetch_assoc(mysql_query("SELECT * FROM `profile` WHERE username = '".$user_data['username']."'  "));
?>

<form name="bio" action="" method="post">
    <p>Bios</p>
    <textarea cols="50" style="resize:none" name="bio" id="bio" rows="7" ><?php echo $pro["bios"]; ?></textarea>
    <br />
    <input type="submit" value="change">
</form>
<hr />
<form name="impmessage" action="" method="post">
    <p>Important Message</p>
    <textarea cols="50" style="resize:none" name="impmessage" id="impmessage" rows="7" ><?php echo $pro["impmessage"]; ?></textarea>
    <br />
    <input type="submit" value="change">
</form>

    Some notes for you:

    • First of all avoid mysql_* functions. Instead use mysqli or PDO
    • I would always prefer writing the code for processing of user inputs in the very beginning of the page, ie. before outputting anything. Because, if the user inputs makes any changes on the output, it would easily display the updates since we are doing the processing before outputting anything. So, when we query the db, it would fetch the updated data. Also, if we wanted to redirect to another page or have to send some other headers to the browser, we could do it, as the headers should always be sent before outputting anything.
    • Another thing is, always escape user inputs. Otherwise, prone to sql injections. Best thing would be to use prepared statements which is available in mysqli & PDO.
    • When you name id of elements in your HTML, make sure that it is unique. Because no same ids could occur twice. But class names can occur for any number of times.
    • Also make sure that your PHP code doesn’t get mixed up with the HTML. Properly enclose the PHP code with the <?php & ?> tags. I would always prefer avoiding shorthands.
    • Since you are using two forms, both the input won’t reach the server side. Only a single one. If you wanted to both inputs to be reached at the same time, then use a single form.
    • I have also avoided unwanted assignment operations from the fetched data, to other variables.
    • Also, you should always properly indent your code for better readability.

    I hope this would help. Wish you good luck. 🙂

    • 0