I have a 3 parameters which should append new/update old entries to a custom mysql table. However, I cannot figure out WHY when I press the submit button ... nothing happens (nor do I get any errors). I am at a loss for what to do. I have asked this question before and have modified my code a bit based on other tutorials thinking that was my issue... no luck :(
I understand that there are concerns for mysql injections
- presently I'd just like to see it work and if you have suggestions for mitigating injections I am all ears. I am still a novice at mySQL... but learning slowly and understand (minimally) how string variables can be used to create altered queries.
Here is my code;
echo "<p><h5>Change address:</h5>";
//get user id when the login/visit page
$userid = get_current_user_id();
$loop = new WP_Query( $args );
//form start
echo '<form method = "post" action = "'. $_SERVER['PHP_SELF'] .'">';
//dropdown menu for collecting SKU of product
echo '<br><select name="sku">';
echo '<option>-- Select product--</option>';
while ( $loop->have_posts() ) : $loop->the_post();
global $product;
echo '<option value=' . $product->get_sku() . '>' . $product->get_sku() . ' </option>';
endwhile;
echo '</select>';
//hidden input for userid
echo '<input type="hidden" id="userid" name="userid" value="' . $userid . '">';
//textbox for address
echo '<br><input type="text" value="Insert new address here" id="address" name="address" size="40" />';
//submit button
echo '<br><input type="submit" name="submit">';
echo '</form>';
//write to database
if(isset($_POST['submit'])) {
$user = $_POST['userid'];
$sku = $_POST['sku'];
$address = $_POST['address'];
$con2 = mysqli_connect("IP","user","password","wpdb");
$updateaddress = "REPLACE INTO wp_newaddress(user, sku, address) VALUES($user, $sku, $address)";
$retval = mysqli_query($con2,$updateaddress);
if($retval)
{
echo 'Data Updated';
}else{
echo 'Data Not Updated';
}
mysqli_close($con2);
}
Thanks :)