albatross77

The value for ID is stored in the MySQL table. It's the primary key. And I thought I can declare a variable without adding a value to it? Or is that not the same as setting it? I'm still amateur, so apologies in advance for my ignorance. This script started out as a class project; I've been trying to make it actually useful on a live site. Thank you rockstars for your help so far though!

I'm not getting any notices or errors, but it's not returning the values from the database. I tried declaring the variables at the top like cags said, but had the same result or with errors. <?php echo "<h2>Edit Special Offer</h2><hr>"; if (isset($_COOKIE["username"])) { echo "Welcome " . $_COOKIE["username"] . "!<br />"; include "login.php"; } else echo "You need to log in to access this page.<br />"; if(isset($previous)) { $query = "SELECT id, specialtitle, specialinfo FROM special WHERE id < $id ORDER BY id DESC"; $result = mysql_query($query); check_mysql(); $row = mysql_fetch_row($result); check_mysql(); if ($row[0] > 0) { $id = $row[0]; $specialtitle = $row[1]; $specialinfo = $row[2]; } } elseif (isset($next)) { $query = "SELECT id, specialtitle, specialinfo FROM special WHERE id > $id ORDER BY id ASC"; $result = mysql_query($query); check_mysql(); $row = mysql_fetch_row($result); check_mysql(); if ($row[0] > 0) { $id = $row[0]; $specialtitle = $row[1]; $specialinfo = $row[2]; } } elseif (isset($add)) { $query = "INSERT INTO special (specialtitle, specialinfo) VALUES ('$specialtitle', '$specialinfo')"; $result = mysql_query($query); check_mysql(); $id = mysql_insert_id(); $message = "Special Offer Added"; } elseif (isset($update)) { $query = "UPDATE special SET specialtitle='$specialtitle', specialinfo='$specialinfo' WHERE id = $id"; $result = mysql_query($query); check_mysql(); $id = mysql_insert_id(); $message = "Monthly Special Updated"; } elseif (isset($delete)) { $query = "DELETE FROM special WHERE id = $id"; $result = mysql_query($query); check_mysql(); $specialtitle = ""; $specialinfo = ""; $message = "Special Offer Deleted"; } $specialtitle = trim($specialtitle); $specialinfo = trim($specialinfo); ?> <form method="post" action="editspecial.php"> <p><b>Special Offer</b> <br><input type="text" name="specialtitle" <?php echo "VALUE=\"$specialtitle\"" ?>> </p> <p><b>Special Info/Description</b> <br><textarea name="specialinfo" rows="8" cols="70" > <?php echo $specialinfo ?> </textarea> </p> <br> <input type="submit" name="previous" value="<"> <input type="submit" name="next" value=">"> <br><br> <input type="submit" name="add" value="Add"> <input type="submit" name="update" value="Update"> <input type="submit" name="delete" value="Delete"> <input type="hidden" name="id" <?php echo "VALUE=\"$id\"" ?>> </form> <?php if (isset($message)) { echo "<br>$message"; } ?>

Okay, so this is the top of the edit page I've been trying to fix but it's still not working quite right. I get some errors, the data shows up in the form, but when I click 'update,' I get a successful return message, but it doesn't update in the database. These are the errors: Notice: Undefined index: previous in /home/content/p/f/i/pfisher2009/html/editspecial.php on line 15 Notice: Undefined index: next in /home/content/p/f/i/pfisher2009/html/editspecial.php on line 16 Notice: Undefined index: add in /home/content/p/f/i/pfisher2009/html/editspecial.php on line 17 Notice: Undefined index: delete in /home/content/p/f/i/pfisher2009/html/editspecial.php on line 19 Notice: Undefined variable: specialtitle in /home/content/p/f/i/pfisher2009/html/editspecial.php on line 71 Notice: Undefined variable: specialinfo in /home/content/p/f/i/pfisher2009/html/editspecial.php on line 72 Notice: Undefined variable: specialtitle in /home/content/p/f/i/pfisher2009/html/editspecial.php on line 89 Notice: Undefined variable: specialinfo in /home/content/p/f/i/pfisher2009/html/editspecial.php on line 90 This is the code: <?php echo "<h2>Edit Special Offer</h2><hr>"; if (isset($_COOKIE["username"])) { echo "Welcome " . $_COOKIE["username"] . "!<br />"; include "login.php"; } else echo "You need to log in to access this page.<br />"; error_reporting(E_ALL); $previous = $_POST['previous']; $next = $_POST['next']; $add = $_POST['add']; $update = $_POST['update']; $delete = $_POST['delete']; if(isset($previous)) { $query = "SELECT id, specialtitle, specialinfo FROM special WHERE id < $id ORDER BY id DESC"; $result = mysql_query($query); check_mysql(); $row = mysql_fetch_row($result); check_mysql(); if ($row[0] > 0) { $id = $row[0]; $specialtitle = $row[1]; $specialinfo = $row[2]; } } elseif (isset($next)) { $query = "SELECT id, specialtitle, specialinfo FROM special WHERE id > $id ORDER BY id ASC"; $result = mysql_query($query); check_mysql(); $row = mysql_fetch_row($result); check_mysql(); if ($row[0] > 0) { $id = $row[0]; $specialtitle = $row[1]; $specialinfo = $row[2]; } } elseif (isset($add)) { $query = "INSERT INTO special (specialtitle, specialinfo) VALUES ('$specialtitle', '$specialinfo')"; $result = mysql_query($query); check_mysql(); $id = mysql_insert_id(); $message = "Special Offer Added"; } elseif (isset($update)) { $query = "UPDATE special SET specialtitle='$specialtitle', specialinfo='$specialinfo' WHERE id = $id"; $result = mysql_query($query); check_mysql(); $id = mysql_insert_id(); $message = "Monthly Special Updated"; } elseif (isset($delete)) { $query = "DELETE FROM special WHERE id = $id"; $result = mysql_query($query); check_mysql(); $specialtitle = ""; $specialinfo = ""; $message = "Special Offer Deleted"; } $specialtitle = trim($specialtitle); $specialinfo = trim($specialinfo); ?> <form method="post" action="editspecial.php"> <p><b>Special Offer</b> <br><input type="text" name="specialtitle" <?php echo "VALUE=\"$specialtitle\"" ?>> </p> <p><b>Special Info/Description</b> <br><textarea name="specialinfo" rows="8" cols="70" > <?php echo $specialinfo ?> </textarea> </p> <br> <input type="submit" name="previous" value="<"> <input type="submit" name="next" value=">"> <br><br> <input type="submit" name="add" value="Add"> <input type="submit" name="update" value="Update"> <input type="submit" name="delete" value="Delete"> <input type="hidden" name="id" <?php echo "VALUE=\"$id\"" ?>> </form> <?php if (isset($message)) { echo "<br>$message"; } ?>

Awesome. The login page is working now. Should the edit page be corrected the same way?

sorry, should have specified. I don't get any errors. The edit form shows up blank, even if I try to click next/previous. The login form returns access denied every time, even if I know the username & password are correct.

This is my first post in any forum ever, so be gentle. My project aim is to create a simple CMS so the client can login and edit some of the content that's displayed from the mysql table. Right now, the mysql table data displays, but I cannot get my edit form nor the login to work. Here is my code: login: <form method="post" action="adminconnect.php"> <br><br> <b>User Name:</b> <br><input type="text" name="username" size="16"> <br><br> <b>Password:</b> <br><input type="password" name="password" size="16"> <br><br> <input type="submit" value="Login"> </form> login authentication: <?php if($username == "xxxxx" && $password == "xxxxxx") { setcookie("username", $username, time()+1200); echo "<h2>Administrator Access Approved</h2><hr>"; echo "You can now update the monthly special."; } else { setcookie("username", "", time()-3600); echo "<h2>Access Denied</h2><hr>"; echo "The User Name and Password you entered are incorrect."; } ?> edit: <?php include "login.php"; echo "<h2>Edit Special Offer</h2><hr>"; if(isset($previous)) { $query = "SELECT id, specialtitle, specialinfo FROM special WHERE id < $id ORDER BY id DESC"; $result = mysql_query($query); check_mysql(); $row = mysql_fetch_row($result); check_mysql(); if ($row[0] > 0) { $id = $row[0]; $specialtitle = $row[1]; $specialinfo = $row[2]; } } elseif (isset($next)) { $query = "SELECT id, specialtitle, specialinfo FROM special WHERE id > $id ORDER BY id ASC"; $result = mysql_query($query); check_mysql(); $row = mysql_fetch_row($result); check_mysql(); if ($row[0] > 0) { $id = $row[0]; $specialtitle = $row[1]; $specialinfo = $row[2]; } } elseif (isset($add)) { $query = "INSERT INTO special (specialtitle, specialinfo) VALUES ('$specialtitle', '$specialinfo')"; $result = mysql_query($query); check_mysql(); $id = mysql_insert_id(); $message = "Special Offer Added"; } elseif (isset($update)) { $query = "UPDATE special SET specialtitle='$specialtitle', specialinfo='$specialinfo' WHERE id = $id"; $result = mysql_query($query); check_mysql(); $id = mysql_insert_id(); $message = "Monthly Special Updated"; } elseif (isset($delete)) { $query = "DELETE FROM special WHERE id = $id"; $result = mysql_query($query); check_mysql(); $specialtitle = ""; $specialinfo = ""; $message = "Special Offer Deleted"; } $specialtitle = trim($specialtitle); $specialinfo = trim($specialinfo); ?> <form method="post" action="editspecial.php"> <p><b>Special Offer</b> <br><input type="text" name="specialtitle" <?php echo "VALUE=\"$specialtitle\"" ?>> </p> <p><b>Special Info/Description</b> <br><textarea name="specialinfo" rows="8" cols="70" > <?php echo $specialinfo ?> </textarea> </p> <br> <input type="submit" name="previous" value="<"> <input type="submit" name="next" value=">"> <br><br> <input type="submit" name="add" value="Add"> <input type="submit" name="update" value="Update"> <input type="submit" name="delete" value="Delete"> <input type="hidden" name="id" <?php echo "VALUE=\"$id\"" ?>> </form> <?php if (isset($message)) { echo "<br>$message"; } ?>