UPDATE PHP MODIFIES ALL TABLE ITEMS

Question

UPDATE PHP MODIFIES ALL TABLE ITEMS

Asked 3 years, 4 months ago

Viewed 31 times

-2

I have already broken my head and can’t identify the error. In UPDATE when I give Ubmit, not only the item ID updates but also ALL ITEMS in the table. If I edit the id item 1, which has a name and everything different from the others, when sending the edit, it modifies all the items in the table and leaves all the columns with the table information

    var apagar = {
        sim:function(id){
            if(confirm('Tem certeza que deseja apagar ?')){
                $.ajax({
                    type:'GET',
                    url:'pagina/<?php echo $url; ?>/apagar/'+id,
                    data:{'id':id},
                    success:function(html){
                        alert('Apagado com sucesso!');
                        location.reload();
                    }
                });
            }
        }
    }

<?php
    if(isset($_GET['tipo']) && $_GET['tipo'] == 'apagar'){
        $id = (int) $_GET['id'];
        $delete = $pdo->query("DELETE FROM valores WHERE id='$id'");
        echo 1;
    }else if(isset($_GET['tipo']) && $_GET['tipo'] == 'criar'){
        if($_POST){
            $mobi = $_POST['mobi'];
            $categoria = $_POST['categoria'];
            $preco = $_POST['preco'];
            $estado = $_POST['estado'];
            if(empty($mobi) || empty($categoria) || empty($preco) ){
                echo Site::Alerta('Preencha todos campos!',false);
            }
            else{
                $inserir = $pdo->prepare("INSERT INTO valores(mobi, categoria, preco, estado) VALUES(:mobi, :categoria, :preco, :estado)");
                $inserir->bindParam(':mobi',$mobi);
                $inserir->bindParam(':numberos',$numberos);
                $inserir->bindParam(':categoria',$categoria);
                $inserir->bindParam(':preco',$preco);
                $inserir->bindParam(':estado',$estado);
                $inserir->execute();
                echo Site::Alerta('Adicionado com sucesso!','pagina/'.$url);
           }
        }
    ?>
    <form method="POST" enctype="multipart/form-data" autocomplete="off">
        Mobi:<br>
        <input type="text" class="text" name="mobi"><br>
        Categoria:<br>
        <select name="categoria" class="select">
        <?php
            $select_cat = $pdo->query("SELECT * FROM valores_cat");
            while ($ver_cat = $select_cat->fetch(PDO::FETCH_ASSOC)) {
        ?>
            <option value="<?php echo $ver_cat['id'] ?>"><?php echo $ver_cat['categoria'] ?></option>
        <?php
            }
        ?>   
        </select>
        Preço:<br>
        <input type="number" min="1" class="text" name="preco"><br>
        Estado:<br>
        <select name="estado" class="select">
            <option value="subiu">Subiu</option>
            <option value="manteve">Manteve</option>
            <option value="caiu">Caiu</option>
        </select><br>
        <input type="submit" class="button" value="Adicionar">
    </form>
    <?php
    }else if(isset($_GET['tipo']) && $_GET['tipo'] == 'editar'){
        $id = $_GET['id'];
        $item = $pdo->query("SELECT * FROM valores WHERE id='$id'")->fetch(PDO::FETCH_ASSOC);
        if($_POST){
            $mobi = $_POST['mobi'];
            $mobi = $_POST['mobi'];
            $categoria = $_POST['categoria'];
            $preco = $_POST['preco'];
            $estado = $_POST['estado'];
            if(empty($mobi) || empty($categoria) || empty($preco)){
                echo Site::Alerta('Preencha todos campos!',false);
            }
            else{
                $inserir = $pdo->prepare("UPDATE valores SET mobi=:mobi, categoria=:categoria, preco=:preco, estado=:estado, valorista='".$aa_data['usuario']."'" );
                $inserir->bindParam(':mobi', $mobi);
                $inserir->bindParam(':categoria',$categoria);
                $inserir->bindParam(':preco',$preco);
                $inserir->bindParam(':estado',$estado);
                $inserir->execute();
                echo Site::Alerta('Editado com sucesso!','pagina/'.$url);
           }
        }
    ?>
    <form method="POST" enctype="multipart/form-data" autocomplete="off">
        Mobi:<br>
        <input type="text" class="text" name="mobi" value="<?php echo $item['mobi'] ?>"><br>
        Categoria:<br>
        <select name="categoria" class="select">
        <?php
            $select_cat = $pdo->query("SELECT * FROM valores_cat");
            while ($ver_cat = $select_cat ->fetch(PDO::FETCH_ASSOC)) {
        ?>
            <option value="<?php echo $ver_cat['id'] ?>" <?php if($item['categoria'] == $ver_cat['id']){ echo 'selected'; } ?>><?php echo $ver_cat['categoria'] ?></option>
        <?php
            }
        ?>   
        </select>
        Preço:<br>
        <input type="number" min="1" class="text" name="preco" value="<?php echo $item['preco'] ?>"><br>
        Estado:<br>
        <select name="estado" class="select">
            <option value="subiu" <?php if($item['estado'] == 'subiu'){ echo 'selected'; } ?>>Subiu</option>
            <option value="manteve" <?php if($item['estado'] == 'manteve'){ echo 'selected'; } ?>>Manteve</option>
            <option value="caiu" <?php if($item['estado'] == 'caiu'){ echo 'selected'; } ?>>Caiu</option>
        </select><br>
        <input type="submit" class="button" value="Adicionar">
    </form>
    <?php
    }else{
    ?>
    <a href="pagina/<?php echo $url;?>/criar"><input type="button" class="button" value="Adicionar Mobi"></a>
    <table width="100%" style="margin: 10px 0 0 0; float:left">
        <tr style="height: 40px;">
            <th><img src="assets/img/x.png"></th>
            <th><img src="assets/img/editar.png"></th>
            <th>Mobi</th>
            <th>Categoria</th>
            <th>Preço</th>
            <th>Estado</th>
        </tr>
        <?php
        $i = 1;
        $sql = $pdo->query("SELECT * FROM valores ORDER BY id DESC");
        while($ver = $sql->fetch(PDO::FETCH_ASSOC)){
            $categoria = $pdo->query("SELECT * FROM valores_cat WHERE id='".$ver['categoria']."'")->fetch(PDO::FETCH_ASSOC);
            $css = $i%2==0 ? '' : 'background: #EEE;';
        ?>
        <tr style="height: 40px; <?php echo $css;?>">
            <th><a style="cursor: pointer" onclick="apagar.sim('<?php echo $ver['id']; ?>')"><img src="assets/img/x.png"></a></th>
            <th><a href="pagina/<?php echo $url; ?>/editar/<?php echo $ver['id'] ?>"><img src="assets/img/editar.png"></a></th>
            <th><?php echo $ver['mobi']; ?></th>
            <th><?php echo $categoria['categoria']; ?></th>
            <th><?php echo $ver['preco']; ?></th>
            <th><?php if($ver['estado'] == 'subiu'){ echo 'Subiu'; }else if($ver['estado'] == 'caiu'){ echo 'Caiu'; }else{ echo 'Manteve'; }?></th>
        </tr>
        <?php $i++;} ?>
    </table>
  <?php
    }
  ?>

Do not use greetings or greetings, see what kind of behavior is expected from users? and [Mre] to prepare a good question!

– gleisin-dev

2021/07/15 at 20:07

1 answer

Browser other questions tagged php

You are not signed in. Login or sign up in order to post.

by Jean Barbosa • **369** points · Answer 1 · 2021-07-15T19:50:14+00:00

Need to include the condition WHERE in the UPDATE, as defined in SELECT (similar to WHERE id='$id'). See documentation for more details: Update

This condition will allow the script to know that it has to update a specific record (or a specific set). It can be an update to an id, or an update to a whole category, for example.

UPDATE table_reference
    SET assignment_list
    [WHERE where_condition]
    [ORDER BY ...]
    [LIMIT row_count]

An UPDATE without WHERE is very critical, stay tuned. It can generate irreversible data loss.