StevenYoung

Now I feel stupid, I realized I wasnt even to the posting / updating yet, I am actually trying to get information that is posted from another page. using the said url with the productupdate.php?Item_Number=xxxxx (Actual Number exist). Like I said I unfortunately learned the bad way of doing all this and am trying now to relearn the right way.. So I should be working with this section of the if statement: // query the DB $sql1 = "SELECT * FROM products WHERE Item_Number='$Item_Number'"; $result = mysql_query($sql1) or die($sql1.'failed because '.mysql_error()); $myrow = mysql_fetch_array($result); Now The Error is Notice: Undefined index: Item_Number in C:\wamp\www\MasterRetail\productupdate.php on line 12 reposing the whole script as I have it now; Now the whole page is longer as it contains the form, but I don't believe we need that posted here right now <?php error_reporting(E_ALL); ini_set("display_errors", 1); $db = mysql_connect("localhost", "username", ""); mysql_select_db("dbname",$db); // Get Variables Here. $Item_Number = 0; // Hope this gets replaced right $Item_Number = $_GET['Item_Number']; $Item_Number = $_POST['Item_Number']; (This is really Line 12) if (is_int($Item_Number)) { if (isset($submit)) { $sql = "UPDATE products SET Item_Number='$Item_Number',Page_Number='$Page_Number',ShortDescription='$ShortDescription',LongDescription='$LongDescription',Units='$Units',WholesalePrice='$WholesalePrice',RetailPrice='$RetailPrice',Heading='$Heading',TOCListing='$TOCListing',CrossSell1='$CrossSell1',CrossSell2='$CrossSell2',SubCatalog1='$SubCatalog1',SubCatalog2='$SubCatalog2',SubCatalog3='$SubCatalog3',InStock='$InStock',DateVerified='$DateVerified',KeyWords='$KeyWords',SubCat1PN='$SubCat1PN',SubCat2PN='$SubCat2PN',SubCat3PN='$SubCat3PN',PublicView='$PublicView',PhoneOrderOnly='$PhoneOrderOnly',Active='$Active' WHERE Item_Number='$Item_Number'"; $result = mysql_query($sql) or die($sql.'failed because '.mysql_error()); echo "Client Updated."; } else { // query the DB $sql1 = "SELECT * FROM products WHERE Item_Number='$Item_Number'"; $result = mysql_query($sql1) or die($sql1.'failed because '.mysql_error()); $myrow = mysql_fetch_array($result); ?>

Still yields same error message, So what have I done wrong??? <?php error_reporting(E_ALL); ini_set("display_errors", 1); $db = mysql_connect("localhost", "username", ""); mysql_select_db("dbname",$db); // Get Variables Here. $Item_Number = 0; // Hope this gets replaced right $Item_Number = $_POST['Item_Number']; if (is_int($Item_Number)) { if (isset($submit)) { $sql = "UPDATE products SET Item_Number='$Item_Number',Page_Number='$Page_Number',ShortDescription='$ShortDescription',LongDescription='$LongDescription',Units='$Units',WholesalePrice='$WholesalePrice',RetailPrice='$RetailPrice',Heading='$Heading',TOCListing='$TOCListing',CrossSell1='$CrossSell1',CrossSell2='$CrossSell2',SubCatalog1='$SubCatalog1',SubCatalog2='$SubCatalog2',SubCatalog3='$SubCatalog3',InStock='$InStock',DateVerified='$DateVerified',KeyWords='$KeyWords',SubCat1PN='$SubCat1PN',SubCat2PN='$SubCat2PN',SubCat3PN='$SubCat3PN',PublicView='$PublicView',PhoneOrderOnly='$PhoneOrderOnly',Active='$Active' WHERE Item_Number='$Item_Number'"; $result = mysql_query($sql) or die($sql.'failed because '.mysql_error()); echo "Client Updated."; } else { // query the DB $sql1 = "SELECT * FROM products WHERE Item_Number='$Item_Number'"; $result = mysql_query($sql1) or die($sql1.'failed because '.mysql_error()); $myrow = mysql_fetch_array($result); ?>

Ok Well that changed the error message now "Notice: Undefined index: Item_Number in C:\wamp\www\MasterRetail\productupdate.php on line 10" Not sure how you mean to Sanitize the $_POST['Item_Number'] before using it. This is a variable that is created by another web page and passed to this one. Sorry if I am acting like a newbie when not but I am still learning the global off programming. <?php error_reporting(E_ALL); ini_set("display_errors", 1); $db = mysql_connect("localhost", "Username", ""); mysql_select_db("dbname",$db); // Get Variables Here. $Item_Number = $_POST['Item_Number']; if ($Item_Number) { if ($submit) { $sql = "UPDATE products SET Item_Number='$Item_Number',Page_Number='$Page_Number',ShortDescription='$ShortDescription',LongDescription='$LongDescription',Units='$Units',WholesalePrice='$WholesalePrice',RetailPrice='$RetailPrice',Heading='$Heading',TOCListing='$TOCListing',CrossSell1='$CrossSell1',CrossSell2='$CrossSell2',SubCatalog1='$SubCatalog1',SubCatalog2='$SubCatalog2',SubCatalog3='$SubCatalog3',InStock='$InStock',DateVerified='$DateVerified',KeyWords='$KeyWords',SubCat1PN='$SubCat1PN',SubCat2PN='$SubCat2PN',SubCat3PN='$SubCat3PN',PublicView='$PublicView',PhoneOrderOnly='$PhoneOrderOnly',Active='$Active' WHERE Item_Number='$Item_Number'"; $result = mysql_query($sql) or die($sql.'failed because '.mysql_error()); echo "Client Updated."; } else { // query the DB $sql1 = "SELECT * FROM products WHERE Item_Number='$Item_Number'"; $result = mysql_query($sql1) or die($sql1.'failed because '.mysql_error()); $myrow = mysql_fetch_array($result); ?>

Ok, I have been coding for a long time, but recently discovered I was doing things very sloppy and not very secure because register globals was on and I didn't know better. I am now in a globals off and having issues with a few scripts. In this case I am using post data and trying to retrieve data from a mysql db. The error is "Notice: Undefined variable: Item_Number in C:\wamp\www\MasterRetail\productupdate.php on line 8" I have searched and all the help I have found has not been of help, so I think I am probably over looking something fairly trivial. <?php $db = mysql_connect("localhost", "username here", ""); mysql_select_db("tablename",$db); // Get Variables Here. $_POST['Item_Number'] = '$Item_Number'; if ($Item_Number) { if ($submit) { $sql = "UPDATE products SET Item_Number='$Item_Number',Page_Number='$Page_Number',ShortDescription='$ShortDescription',LongDescription='$LongDescription',Units='$Units',WholesalePrice='$WholesalePrice',RetailPrice='$RetailPrice',Heading='$Heading',TOCListing='$TOCListing',CrossSell1='$CrossSell1',CrossSell2='$CrossSell2',SubCatalog1='$SubCatalog1',SubCatalog2='$SubCatalog2',SubCatalog3='$SubCatalog3',InStock='$InStock',DateVerified='$DateVerified',KeyWords='$KeyWords',SubCat1PN='$SubCat1PN',SubCat2PN='$SubCat2PN',SubCat3PN='$SubCat3PN',PublicView='$PublicView',PhoneOrderOnly='$PhoneOrderOnly',Active='$Active' WHERE Item_Number='$Item_Number'"; $result = mysql_query($sql) or die($sql.'failed because '.mysql_error()); echo "Client Updated."; } else { // query the DB $sql1 = "SELECT * FROM products WHERE Item_Number='$Item_Number'"; $result = mysql_query($sql1) or die($sql1.'failed because '.mysql_error()); $myrow = mysql_fetch_array($result); ?> And here is what the URL looks like "http://sandbox/masterretail/productupdate.php?Item_Number=34240" Please help so I can continue learning, I so far have fixed about 85% of the flaws I had in the application..