Search code examples
phpmysqldhtmlx

Need another database value updated when dhtmlxgrid column select option changes

I am using dhtmlxgrid to display MySQL database information to users with the ability to edit line cell data. One column productionstage displays as a combobox column with the ability to change the value to Staged Done. This updates the DB table perfectly. However, I need to check the value of the productionstage column to test for the Staged Done value. If productionstage is set to that value, I need another column stagestatus in the same table to also update it's value to Production. It's preferred that the stagestatus column in the DB table NOT be a end-user viewable column and instead triggered on the back end.

All help is appreciated. Thank you!

My CODE:

//update row
$sql =  "UPDATE invoices SET editby='".$editBy."', editpage='".$editPage."', serverip='".$serverIp."', ip='".$Ip."',floornotes='".$_GET["floornotes"]."',productionstage='".$_GET["productionstage"]."' where id=".$_GET["gr_id"]."'";
$res = mysqli_query($sql);


if (($_GET['productionstage']) == 'Staged Done' ) {
    //update stagestatus from 'Scheduled' to Production if moved to 'Staged Done' in Glass Prep.
$sql1 = "UPDATE invoices SET stagestatus = 'Production') WHERE id=".$_GET["gr_id"]."'";
$res1 = mysqli_query($sql1);

}

NOTE:: I understand that the existing method used by the previous programmer exposes the script to SQL Injection Attacks - I will also be updating this script to use prepared statements... Thank you!

Solution

  • So I must have just had a bug in the code somewhere. Upon some testing and editing, the following code solved the issue (and yes dhtmlxgrid can handle more than one UPDATE statement per grid).

    Solution:

        //update row
$sql =  "UPDATE invoices SET editby='".$editBy."', editpage='".$editPage."', serverip='".$serverIp."', ip='".$Ip."',floornotes='".$_GET["floornotes"]."',productionstage='".$_GET["productionstage"]."' where id=".$_GET["gr_id"]."";
$res = mysqli_query($sql);



if (($_GET['productionstage']) == 'Staged Done' ) {


    $sql1 = "UPDATE invoices SET stagestatus = 'Production' WHERE id=".$_GET["gr_id"]."";
    $res1 = mysqli_query($sql1);

} else {

    print("<action type='error'>SQL query error</action>");

}

    Please Note: My Next step is updating the code further using prepared statements to make the script more secure.

    Thank you!