Describe in more detail what kind of form it is and what it should save? What data is in rowsql, array or object?
Decide what you want to save, ID or TITLE? Or both meanings?
Here is an example of a primitive form that outputs the TITLE of a specific unique ID:

<form action="/save.php" method="POST">
    <input type="hidden" name="id" value="<? $object['id'] ?>" />
    <input type="text" name="title" value="<? $object['title'] ?>" />
    <input type="submit" value="Save">
</form>

What can be judged from this example:
$object is a string from the database, an array with data of a specific ID, it has its own TITLE.
The ID field is hidden. It should be understood that any cunning student can get into the code through the browser and change this value, thereby assigning its TITLE value to any entry with the specified ID, so at the verification stage it is necessary to check who owns the object with the specified ID, but it is more correct to do this when accessing object ( see sequence )
It should also be understood that malicious code can be embedded in the fields, therefore:
When you click on the "Save" button, the data goes to the save.php script where they are checked, filtered from XSS, are then written to the database in the following way: the TITLE is changed for the specified ID.
Suppose the user went to the address: yoursite.ru/link/740 It is going to get information about the link
object with ID = 740. It is necessary to check if this ID belongs to him, if yes, then display the form, if not, then redirect somewhere. Naturally, little is written here about possible checks ... I hope I helped at least somehow. I don’t know how to explain ( I’ll add about the owner : For example, there is a USERS table structure: LINKS table structure: And a USER_LINKS table structure:
(this is where the user belongs to a specific link id
user_id (int, key) | link_id (int, key)