Textbox doesn't immediately show updated database info

Question

So, quite proud I have to say, I managed to get up a textbox which updates a field in the database with what's entered and show this value. However, whenever I press submit, only the values I had before the edit are there and to get the new text, I need to refresh it again. I don't know why that is, so I thought I'd ask here.

Like I said, it does update the table in the database, it just doesn't immediately then show the new value... Also, when I click onto the page from another, the textfield doesn't automatically load the text and show it in the field... I have to reload it for that. Here's the code:

<?php

  session_start();

  include_once("include.inc.php");

  incHeader();



  // make sure staff only are here

  newbouncer(2);

   // include forum code
  include_once("forum-code.php");


mysql_query("UPDATE online SET location = 'My Preferences' WHERE userid = '" . $userID . "'") or die(mysql_error());
$NOTE = mysql_query("SELECT note FROM notepad") or die(mysql_error());
   $NOTE = mysql_fetch_object($NOTE);
mysql_query("UPDATE notepad SET note = '$_POST[note]' WHERE id = '1'") or die(mysql_error());


echo "</span></p> 


    </span>

<center><img src=\"/layout/images/notepad.png\"></center><p>

      ";
?>
<center><form action="/notes.php" method="post">
<textarea name="note" id="note" style="width:380px;height:481px; padding:50px ;background:url('http://i686.photobucket.com/albums/vv221/LilyLoganBing/scrollnotes.png'); border:1px #000000">
<?php
echo "$NOTE->note";
?>

</textarea><br>
<input type="submit" value="Submit"></center>

<?php
  incFooter();

  ?>

Your code is vulnerable to [SQL Injection](http://stackoverflow.com/questions/601300/what-is-sql-injection) — Flukey, Feb 07 '12 at 17:26
I believe the include part is in charge of taking care of SQL injection. And as long as the center tag works I don't see why I shouldn't use it, does what I want it to do... — Elizabeth, Feb 07 '12 at 19:01

score 1 · Answer 1 · answered Feb 07 '12 at 17:22

1

You are doing your select before you update that 'note' row

answered Feb 07 '12 at 17:22

Alvaro Arregui

519
1
5
9

score 0 · Answer 2 · answered Feb 07 '12 at 17:22

0

PHP language is parsed only once on the server machine, not the user machine. If you need it to show updated value, you'll have to implement javascript too.

answered Feb 07 '12 at 17:22

hjpotter92

71,576
32
131
164

Makes sense knew I must be missing something... The value also vanishes both from the database and the textbox when I reload the page... None of the other pages on the website using this feature seem to use javascript though... how would I go about doing that? – Elizabeth Feb 07 '12 at 17:27

score 0 · Accepted Answer · answered Feb 07 '12 at 17:39

0

All of your database queries are being executed every time your script runs. You need some control logic to handle when to perform the queries.

The most simple way is to add a hidden input field with the attributes set like so:

<input type="hidden" name="submitted" value="submitted" />

Check to see if the form was submitted:

if(isset($_POST['submitted'])) {
  //do database updating here
}

answered Feb 07 '12 at 17:39

shaunsantacruz

8,384
3
17
19

I'll try that, where do I add the – Elizabeth Feb 07 '12 at 17:51
Hidden fields can go anywhere inside a form element. I prefer to put them before the submit button. – shaunsantacruz Feb 07 '12 at 18:09
Glad I can help. If you don't mind, please mark my answer as the correct one? Thanks – shaunsantacruz Feb 07 '12 at 19:05

Textbox doesn't immediately show updated database info

3 Answers3