andy_b_1502

go ahead and just update the three or how ever many fields entered

Yeah, determines if a variable has been set, and returns true if it is set? So isset function should work, right?

Hello, On submit of my form the blank fields are updating the previous details OR if i have ALL details stored, then just change 1 field, it changes everyone of the text boxes to blank deleting the stored data? This is really annoying, how do i solve this? i have tried isset() but it doen't do anything at all with isset() set? <?PHP session_start(); include ('php only scripts/db.php'); $id = $_GET['id']; $website = $_GET['website']; $phone = $_GET['phone']; $phone2 = $_GET['phone2']; $premiumuser_decription = $_GET['premiumuser_decription']; $website = isset($_POST['$website']); $phone = isset($_POST['$phone']); $phone2 = isset($_POST['$phone2']); $premiumuser_decription = isset($_POST['$premiumuser_decription']); $query = "UPDATE companies SET website = '". mysql_real_escape_string($website) ."', phone = '". mysql_real_escape_string($phone) ."', phone2 = '". mysql_real_escape_string($phone2) ."', premiumuser_description = '". mysql_real_escape_string($premiumuser_decription) ."' WHERE id = ". mysql_real_escape_string($id); $result = mysql_query($query ) or die("SELECT Error: ".mysql_error()); header("Location: view01.php?id=" . $id); exit(0); ?> Am i on the right track or way off the mark?

As to not confuse, i have started a new post.

<?PHP session_start(); include ('php only scripts/db.php'); $id = $_GET['id']; $website = $_GET['website']; $phone = $_GET['phone']; $phone2 = $_GET['phone2']; $premiumuser_decription = $_GET['premiumuser_decription']; $website = isset($_POST['$website']); $phone = isset($_POST['$phone']); $phone2 = isset($_POST['$phone2']); $premiumuser_decription = isset($_POST['$premiumuser_decription']); $query = "UPDATE companies SET website = '". mysql_real_escape_string($website) ."', phone = '". mysql_real_escape_string($phone) ."', phone2 = '". mysql_real_escape_string($phone2) ."', premiumuser_description = '". mysql_real_escape_string($premiumuser_decription) ."' WHERE id = ". mysql_real_escape_string($id); $result = mysql_query($query ) or die("SELECT Error: ".mysql_error()); header("Location: view01.php?id=" . $id); exit(0); ?> i was thinking something like this? any ideas?

should i use isset() somehow?

On submitting the form (with SOME of the fields left blank) the details that were previously there are replaced by the blank fields (if left blank in the form) How can i eradicate this problem from happening? Thanks

Fantastic!! happy chappy! thanks a lot!

mrMarcus that worked, thank you. And yes there is still an issue with the header re-direct to view01.php. Is there any way around this, as the session at the top of the page is set so that if a unauthorized user tired to get to that page, it drops out to index.php with out a valid log in...

View01.php: <?PHP session_start(); if(!isset($_SESSION['id']) || !isset($_SESSION['valid_user']) || $_SESSION['valid_user'] != "yes") { $_SESSION = array(); session_destroy(); header("Location: index.php"); exit(); } include ('php only scripts/db.php'); $id = $_GET['id']; $query ="SELECT * FROM companies WHERE id = '$id'"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_array($result); ?> <!DOCTYPE html> <head> <title>Removalspace.com</title> <style type="text/css"> <!-- body { background-image: url(styles/downloaded%20styles/todo/todo/images/bg.png); } --> </style> <link href="styles/downloaded styles/todo/todo/css/style.css" rel="stylesheet" type="text/css" /> <link rel="stylesheet" type="text/css" href="styles/downloaded styles/todo/todo/css/style9.css" /> <link rel="stylesheet" type="text/css" href="styles/downloaded styles/todo/todo/css/demo.css" /> <link href='http://fonts.googleapis.com/css?family=Terminal+Dosis' rel='stylesheet' type='text/css' /> <style type="text/css"> <!-- .Stile1 {color: #333333} --> </style> <script type="text/javascript"> var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-31656176-1']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </head> <body> <!--start container --> <div id="container"> <header> <nav> <div id="logo"><a href="index.php"><img src="images/header2.png" alt="Logo here" width="219" height="161" /></a> </div> <div id="search-top"><img src="styles/downloaded styles/todo/todo/images/quote-right.png" alt="images" /><span class="cursive">Enter your postcode here</span><img src="styles/downloaded styles/todo/todo/images/quote-left.png" alt="images" /> <form method="post" action="search.php"> <input type="text" name="strSearch" onFocus="if(this.value=='Search Area')this.value='';" onBlur="if(this.value=='')this.value='Search Area';" value="Search Area" id="search-field"/> <input type="submit" value="" id="search-btn"/> </form> </div> <div id="nav_social"><a href="http://www.facebook.com/pages/Removalspace/181434181939226"><img src="styles/downloaded styles/todo/todo/images/facebook_32.png" alt="Become a fan" width="32" height="32" /></a><a href="#"><img src="styles/downloaded styles/todo/todo/images/twitter_32.png" alt="Follows on Twitter" /></a><a href="id=183427956&trk=tab_pro"><img src="styles/downloaded styles/todo/todo/images/linkedin_32.png" alt="Linked in" /></a><a href="contact.php"><img src="styles/downloaded styles/todo/todo/images/email_32.png" alt="Contact" width="32" height="32" /></a><!-- Place this tag where you want the +1 button to render --> <g:plusone size="small" annotation="inline"></g:plusone> <!-- Place this render call where appropriate --> <script type="text/javascript"> (function() { var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true; po.src = 'https://apis.google.com/js/plusone.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s); })(); </script> </div> </nav> </header> <p><span class="cursive"><a href="removals.php">Search Removals</a></span></p> <p><span class="cursive"><a href="storage.php">Search Storage</a></span></p> <p><span class="cursive"><a href="register00.php">Add Listing</a></span></p> <p><span class="cursive"><a href="about.php">About</a></span></p> <p><span class="cursive"><a href="contact.php">Contact</a></span></p> <div class="content"> <!--star main --> <main></main> <!--end main --> <!--start middle --> <middle> <div class="section_slogan"><table> <tr> <td valign="top"><img src="images/thumbs/<?PHP echo $row['upload']; ?>" alt="logo"/></td> <td valign="top"> <?PHP echo $row['street1'] . "<br>" . $row['street2'] . "<br>" . $row['city'] . "," . $row['postcode'] . "<br>phone: " . $row['phone'] . "<br>email: " . $row['email'] . "<br>website: " . $row['website'] ; ?> </td> </tr> <tr> <td><?PHP echo nl2br($row['premiumuser_description']); ?></td> </tr></table> <?PHP /* create an email validation function */ function validateEmailAddress($email) { return filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/@.+\./', $email); } /** * CALLBACK - determine if the provided postcode is valid. * * @param string $postcode * @return bool TRUE if valid, FALSE otherwise * @author George Edwards */ function is_valid_uk_postcode($postcode) { $pattern = "/^([A-PR-UWYZ0-9][A-HK-Y0-9][AEHMNPRTVXY0-9]?[ABEHMNPRVWXY0-9]? {1,2}[0-9][ABD-HJLN-UW-Z]{2}|GIR 0AA)$/"; if (preg_match($pattern, $postcode)) { return TRUE; } $this->validation->set_message('is_valid_uk_postcode', 'That is not a valid %s.'); return FALSE; } /* FUNCTION TO CREATE SALT */ function createSalt() { $string = md5(uniqid(rand(), true)); return substr($string, 0, 3); } /* check if form was submitted */ if (isset($_POST['Submit'])){ $error_message = ""; /* This is the directory where images will be saved */ $target = "/home/users/web/b109/ipg.removalspacecom/images/COMPANIES/"; $target = $target . basename( $_FILES['upload']['name']); /* include validation script */ include ('php only scripts/validation.php'); $uploadDir = 'images/COMPANIES'; /* main picture folder */ $max_height = 450; /* largest height you allowed; 0 means any */ $max_width = 450; /* largest width you allowed; 0 means any */ $max_file = 2000000; /* set the max file size in bytes */ $image_overwrite = 1; /* 0 means overwite; 1 means new name */ /* add or delete allowed image types */ $allowed_type01 = array( "image/gif", "image/pjpeg", "image/jpeg", "image/png", "image/x-png", "image/jpg"); $do_thumb = 1; /* 1 make thumbnails; 0 means do NOT make */ $thumbDir = "/images/thumbs"; /* thumbnail folder */ $thumb_prefix = ""; /* prefix for thumbnails */ $thumb_width = 90; /* max thumb width */ $thumb_height = 70; // max thumb height //Writes the photo to the server if(move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { /* HERE IS WHERE WE WILL DO THE ACTUAL RESIZING */ /* THESE SIX PARAMETERS MAY BE CHANGED TO SUIT YOUR NEEDS */ $upload = $_FILES['upload']['name']; $o_path ="images/COMPANIES/"; $s_path = "images/thumbs/"; $file = $upload; $save = $file; $t_w = 200; $t_h = 150; /* DO NOT CHANGE THIS NEXT LINE */ Resize_Image($save,$file,$t_w,$t_h,$s_path,$o_path); }else{ //Gives and error if its not $error_message .= "Sorry, there was a problem uploading your file."; } /* PREPARE DATA FOR INSERTION INTO TABLE */ //Writes the information to the database if(strlen(trim($error_message)) <1){ $salt = createsalt(); $username = trim($_POST['username']); $password = trim($_POST['password']); $hash = hash('sha256', $salt, $password); $approved = 0; $company_name = mysql_real_escape_string(trim($_POST['company_name'])); $website = mysql_real_escape_string(trim($_POST['website'])); $contact_name = mysql_real_escape_string(trim($_POST['contact_name'])); $location = mysql_real_escape_string(trim($_POST['location'])); $postcode = mysql_real_escape_string(trim($_POST['postcode'])); $street1 = mysql_real_escape_string(trim($_POST['street1'])); $street2 = mysql_real_escape_string(trim($_POST['street2'])); $city = mysql_real_escape_string(trim($_POST['city'])); $phone = mysql_real_escape_string(trim($_POST['phone'])); $phone2 = mysql_real_escape_string(trim($_POST['phone2'])); $email = mysql_real_escape_string(trim($_POST['email'])); $premiumuser_description = mysql_real_escape_string(trim($_POST['premiumuser_description'])); $salt = mysql_real_escape_string($salt); $upload = mysql_real_escape_string($upload); $query ="INSERT INTO `companies` (company_name, what_services, website, contact_name, location, postcode, street1, street2, city, phone,phone2, email, premiumuser_description, username, password, salt, approved, upload) VALUES ('$company_name', '$what_services', '$website', '$contact_name', '$location', '$postcode', '$street1', '$street2', '$city', '$phone', '$phone2', '$email', '$premiumuser_description', '$username', '$hash', '$salt', '$approved', '$upload')"; $result = mysql_query($query) or die(mysql_error()); if ($result) { echo('Thank you for registering with removalspace.com, an email has been sent to you for confirmation');} /* at this point we can send an email to the admin as well as the user. DO NOT send the user's password to ANYONE!!!! */ } }//if (isset($_POST['submit'])) ?> <?php $to = $_POST['email']; $subject = "Welcome to removalspace.com"; $body = "Welcome $_POST[company_name],\n\nYou are now registered with removalspace.com, Your company details have been added to our website for users to search. Please give 24 hours for new listings to be added to our site as all new listings await approval, thank you for using removalspace.com"; $headers = "From: [email protected]\r\n" . "X-Mailer: php"; if (mail($to, $subject, $body, $from)) { } ?> <?php if (!empty($error_message)){ echo $error_message; } ?> <form action="view02.php?id=<?php echo $row['id']; ?>" method="get" enctype="multipart/form-data" class="cursive"> <table width="316" border="0"> <tr> <td colspan="2"><h1>Edit Your details </h1><p>fill out the form with your details...</p></td> </tr> <tr> <td> </td> <td><p> </p><p>Click update to edit...</p><p> </p></td> </tr> <tr> <td> </td> <td><p> </p><p></p><p><p> </p></td> </tr> <tr> <td>Website:</td> <td><p> </p><p><input name="website" type="text" id="website" value="optional" /></p> <p> </p></td> </tr> <tr> <td>Primary Number:</td> <td><p> </p><p><input name="phone" type="text" id="phone" value="incl. area code" /></p> <p> </p></td> </tr> <tr> <td>Secondary Number:</td> <td><p> </p> <p><input name="phone2" type="text" id="phone2" value="optional" /></p> <p> </p></td> </tr> <tr> <td>Company Description:</td> <td><p><em>Write a description of what your company does, the services it offers and any additional information here.</em> </p> <p><textarea rows="10" cols="100" name="premiumuser_description" id="premiumuser_description"></textarea></p> <p> </p></td> </tr> <tr> <td> </td> </tr> <tr> <td colspan="2"><input type="submit" name="submit" value="submit" /></td> </tr> </table> </form> </div> </middle> </div> <!--end middle --> <!--start footer --> <footer> <div id="footer"></div> </footer> <!--end footer --> </div> <!--end container --> <!-- Free template distributed by http://freehtml5templates.com --> </body> <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.4/jquery.min.js"></script> </html>

You were querying the fact that i'd done that though? making me assume that it was incorrect, so i experimented! They have since been changed back, to no luck... It still is dropping out and directing me to index.php and not view01.php after the form is submitted to update/edit user details?

Kristoff1875 www.removalspace.com/login00.php admin1 admin1 just so you can see whats happening, thanks

Why did you say this? i assumed you wanted me to delete them??

well view01.php and view02.php come after login00,php so you would need a log in?

Right then, the new form's action is: <form action="view02.php?<?php echo $row['id']; ?>" method="get" enctype="multipart/form-data" class="cursive"> the new code for view02.php is: <?PHP session_start(); include ('php only scripts/db.php'); $id = $_GET['id']; $website = $_GET['website']; $phone = $_GET['phone']; $phone2 = $_GET['phone2']; $premiumuser_decription = $_GET['premiumuser_decription']; $query = "UPDATE companies SET website = 'website', phone = 'phone', phone2 = 'phone2', premiumuser_description = 'premiumuser_decription' WHERE id = 'id'"; $result = mysql_query($query ) or die("SELECT Error: ".mysql_error()); header("Location: view01.php?id=" . $row['id']); exit(0); ?> On submit, it sends me to index.php NOT view01.php?=id $id is in my db table, when users register it gives them an id?

Should i change this bit within view02.php: /* header("Location: view01.php?id=" . $row['id']); */ echo $query; as i'm getting this when i click submit with the new form, thanks by the way for the help and guidance.

Okay, i changed that line of code but i'm getting this: UPDATE companies SET website = 'website', phone = 'phone', phone2 = 'phone2', premiumuser_description = 'premiumuser_decription' WHERE id = 'id' just a quick note, i changed the $'s because they were in variable form, should i have done or not?

as previously posted i get: "UPDATE companies SET website = '$website', phone = '', phone2 = '', premiumuser_description = '' WHERE id = '51'" is it something to do with SET? Should i have them separate or something??

i did post the new code for clarification? but heres the form: <form action="view02.php" method="get" enctype="multipart/form-data" class="cursive"> <table width="316" border="0"> <tr> <td colspan=2><h1>Edit Your details </h1> <p>fill out the form with your details...</p></td> </tr> <tr> <td> </td> <td><p> </p> <p>Click update to edit...</p> <p> </p></td> </tr> <tr> <td> </td> <td><p> </p> <p> </p> <p> <p> </p></td> </tr> <tr> <td>Website:</td> <td><p> </p> <p> <input name="website" type="text" id="website" value="optional" /> </p> <p><a href="view02.php?id=<?PHP echo $row['id']; ?>&website=$website">Update</a></p> <p> </p></td> </tr> <tr> <td>Primary Number:</td> <td><p> </p> <p> <input name="phone" type="text" id="phone" value="incl. area code" /> </p> <p><a href="view02.php?id=<?PHP echo $row['id']; ?>&number1="incl. area code">Update</a></p> <p> </p></td> </tr> <tr> <td>Secondary Number:</td> <td><p> </p> <p> <input name="phone2" type="text" id="phone2" value="optional" /> </p> <p><a href="view02.php?id=<?PHP echo $row['id']; ?>&number2=1">Update</a></p> <p> </p></td> </tr> <tr> <td>Company Description:</td> <td><p><em>Write a description of what your company does, the services it offers and any additional information here.</em> </p> <p> <textarea rows="10" cols="100" name="premiumuser_description" id="premiumuser_description"></textarea> </p> <p><a href="view02.php?id=<?PHP echo $row['id']; ?>&description=1">Update</a> </p></td> </tr> <tr> <td> </td> </tr> <tr></tr> </table> </form>

<?PHP session_start(); include ('php only scripts/db.php'); $id = $_GET['id']; $website = $_GET['website']; $phone = $_GET['number1']; $phone2 = $_GET['number2']; $premiumuser_decription = $_GET['description']; $query = "UPDATE companies SET website = '$website', phone = '$phone', phone2 = '$phone2', premiumuser_description = '$premiumuser_decription' WHERE id = '$id'"; $result = mysql_query($query ) or die("SELECT Error: ".mysql_error()); /* header("Location: view01.php?id=" . $row['id']); */ echo $query; exit(0);; exit(); ?>

Thanks, i commented out the section: /* header("Location: view01.php?id=" . $row['id']); */ echo $query; exit(0);; exit(); ?> this is what i'm getting now: UPDATE companies SET website = '$website', phone = '', phone2 = '', premiumuser_description = '' WHERE id = '51'

sorry. i meant the previous page, when the update occurs, it should go back to view01.php?=id

okay so it reads like this: header("Location: view01.php?id=" . $row['id']); exit(0);; exit(); it's currently NOT giving me the error message, but is logging out, and not going back to the same page... nor it updating the details of that user

and omit exit(); also?

I'm not sure what's causing this, thats why i was asking to see if you or anybody else knew? I already have done what you said, contacted my host; they said it was a scripting issue and told me to debug it from my side (not that helpful lol) Being as you said about the (int) do you reckon i should change anything add/take away from that area or area's?