cottonbuds2005

Hi mrMarcus and oni-kun, I will take your suggestions into consideration asap. yes mrMarcus, I correctly insert one record to the DB but I receive this twice. <script language="JavaScript" type="text/javascript">alert("Record created into database")</script> Ill let you guys know later. Thanks a lot!

Hi all, Im a newbie at PHP / MySQL stuff so please bear with me. This is a simple "insert data" code and I have a popup alert box indicating successful data insertion into my MySQL table. My problem is that the popup alert appears twice. How do I correct this problem? Many many thanks. <?php require_once('../Connections/ITInventory.php'); ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { $insertSQL = sprintf("INSERT INTO weloan (hostname, location, floor, type, assetno, serialno, model, ram, hdd, warranty, remarks, securitytag) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['hostname'], "text"), GetSQLValueString($_POST['location'], "text"), GetSQLValueString($_POST['floor'], "text"), GetSQLValueString($_POST['type'], "text"), GetSQLValueString($_POST['assetno'], "text"), GetSQLValueString($_POST['serialno'], "text"), GetSQLValueString($_POST['model'], "text"), GetSQLValueString($_POST['ram'], "text"), GetSQLValueString($_POST['hdd'], "text"), GetSQLValueString($_POST['warranty'], "text"), GetSQLValueString($_POST['remarks'], "text"), GetSQLValueString($_POST['securitytag'], "text")); mysql_select_db($database_ITInventory, $ITInventory); $Result1 = mysql_query($insertSQL, $ITInventory); if($Result1!=1){ echo '<script language="JavaScript" type="text/javascript">alert("'.mysql_error().'")</script>'; }else if($Result1==1){ echo '<script language="JavaScript" type="text/javascript">alert("Record created into database")</script>'; } } ?>

dear xtopolis and ngreenwood6, you both did it. the results come out as they should. thanks a million for your help I love this forum and all the helpful people in it thanks

No problem at all, really appreciate you helping me a newbie like me I tried your idea but the results are pretty much the same, i still have to input the exact word to get results i have series of machine serial numbers starting with lvw, i wish i could type "lvw to get multiple results but i still need to type the whole word to get it........... im sorry and thanks again, still hoping to get help out there

Hi ngreenwood6, Thanks for the reply. I did what you suggested but I got this: Warning: sprintf() [function.sprintf]: Too few arguments in C:\wamp\www\ITInventoryApplication\ITInventory\files\Search.php on line 77 Query was empty im stumped. thank you again

Hi, Im totally new to PHP and I need help with this code. It displays results only when the search is exact, like when I search serial number LV9237 in doesnt show LV9237 (2),,, etc. When I search LV923 no results come out. How do I edit the code to amend this? Thank you mysql_select_db($database_ITInventory, $ITInventory); $query_SearchSerial = sprintf("SELECT * FROM assetsdb WHERE SerialNo = %s", GetSQLValueString($colname_SearchSerial, "text")); $SearchSerial = mysql_query($query_SearchSerial, $ITInventory) or die(mysql_error()); $row_SearchSerial = mysql_fetch_assoc($SearchSerial); $totalRows_SearchSerial = mysql_num_rows($SearchSerial);

this are the codes in reference to PHP_SELF, both edited according to smerny's suggestion. mikesta707, i had the parse error when I did your code idea. >>Next Page is still not clickable. Hope there are any more suggestions print " <a href=\"".$_SERVER['PHP_SELF']."?s=".$prevs."&q=".$var."\"><< Prev 10</a>&nbsp "; echo " <a href=\"".$_SERVER['PHP_SELF']."?s=".$news."&q=".$var."\">Next 10 >></a>";

Hi, The error disappeared after your suggestion but the link to the next pages is still not clickable. Nothing happens when you click >>Next. Thanks for helping me...

Yes thats the line thats giving me the problem. Same line 105 just edited to include $_SERVER thanks

Hi smerny, Forgive me because Im very new and still a dummy in programming. What do you mean by 'please put your code within code tags..'? thanks

Hi, Im a newbie on PHP / MySQL programming and Im running a script to search one field on my DB table. The results will show after I key in my search word but there's an error below that says: Undefined variable: PHP_SELF in C:\wamp\www\ITInventoryApplication\ITInventory\files\SearchSerial.php on line 105. Also the link to the next page is not clickable. When I change to $_SERVER['PHP_SELF'] I get: Parse error: parse error, expecting `T_STRING' or `T_VARIABLE' or `T_NUM_STRING'. Pls help me... thanks. ___________________________________________________________ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <?php // Get the search variable from URL $var = @$_GET['q'] ; $trimmed = trim($var); //trim whitespace from the stored variable // rows to return $limit=10; // check for an empty string and display a message. if ($trimmed == "") { echo "<p>Please enter a search...</p>"; exit; } // check for a search parameter if (!isset($var)) { echo "<p>We dont seem to have a search parameter!</p>"; exit; } //connect to your database ** EDIT REQUIRED HERE ** mysql_connect("localhost","root",""); //(host, username, password) //specify database ** EDIT REQUIRED HERE ** mysql_select_db("itinventory") or die("Unable to select database"); //select which database we're using // Build SQL Query $query = "select * from assetsdb where SerialNo like \"%$trimmed%\" order by SerialNo"; // EDIT HERE and specify your table and field names for the SQL query $numresults=mysql_query($query); $numrows=mysql_num_rows($numresults); // If we have no results, offer a google search as an alternative if ($numrows == 0) { echo "<h4>Results</h4>"; echo "<p>Sorry, your search: "" . $trimmed . "" returned zero results</p>"; // google echo "<p><a href=\"http://www.google.com/search?q=" . $trimmed . "\" target=\"_blank\" title=\"Look up " . $trimmed . " on Google\">Click here</a> to try the search on google</p>"; } // next determine if s has been passed to script, if not use 0 if (empty($s)) { $s=0; } // get results $query .= " limit $s,$limit"; $result = mysql_query($query) or die("Couldn't execute query"); // display what the person searched for echo "<p>You searched for: "" . $var . ""</p>"; // begin to show results set echo "Results"; $count = 1 + $s ; // now you can display the results returned while ($row= mysql_fetch_array($result)) { $title = $row["SerialNo"]; echo "$count.) $title" ; $count++ ; } $currPage = (($s/$limit) + 1); //break before paging echo "<br />"; // next we need to do the links to other results if ($s>=1) { // bypass PREV link if s is 0 $prevs=($s-$limit); print " <a href=\"$PHP_SELF?s=$prevs&q=$var\"><< Prev 10</a>&nbsp "; } // calculate number of pages needing links $pages=intval($numrows/$limit); // $pages now contains int of pages needed unless there is a remainder from division if ($numrows%$limit) { // has remainder so add one page $pages++; } // check to see if last page if (!((($s+$limit)/$limit)==$pages) && $pages!=1) { // not last page so give NEXT link $news=$s+$limit; echo " <a href=\"$_SERVER['PHP_SELF']?s=$news&q=$var\">Next 10 >></a>"; } $a = $s + ($limit) ; if ($a > $numrows) { $a = $numrows ; } $b = $s + 1 ; echo "<p>Showing results $b to $a of $numrows</p>"; ?> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> </body> </html>

Please bear with me because Im a newbie at SQL / PHP stuff. My database is an inventory of all our PC equipment. What I want to do is make a search for a serial number with wildcard strings at the end. example: when I enter the serial number LVW9 I want the results for all PCs having sn starting with that string. Like LVW9237, LVW9228 etc etc The code below allows just the exact sn for the PC. How to do this? Please help me. ___________________________________________ mysql_select_db($database_ITInventory, $ITInventory); $query_SearchSerial = sprintf("SELECT * FROM assetsdb WHERE SerialNo = %s", GetSQLValueString($colname_SearchSerial, "text")); $SearchSerial = mysql_query($query_SearchSerial, $ITInventory) or die(mysql_error()); $row_SearchSerial = mysql_fetch_assoc($SearchSerial); $totalRows_SearchSerial = mysql_num_rows($SearchSerial);

Please bear with me because Im a newbie at SQL / PHP stuff. My database is an inventory of all our PC equipment. What I want to do is make a search for a serial number with wildcard strings at the end. example: when I enter the serial number LVW9 I want the results for all PCs having sn starting with that string. Like LVW9237, LVW9228 etc etc The code below allows just the exact sn for the PC. How to do this? Please help me. ___________________________________________ mysql_select_db($database_ITInventory, $ITInventory); $query_SearchSerial = sprintf("SELECT * FROM assetsdb WHERE SerialNo = %s", GetSQLValueString($colname_SearchSerial, "text")); $SearchSerial = mysql_query($query_SearchSerial, $ITInventory) or die(mysql_error()); $row_SearchSerial = mysql_fetch_assoc($SearchSerial); $totalRows_SearchSerial = mysql_num_rows($SearchSerial);

Hi, Im a newbie at PHP / MySql programming so pls excuse the messy coding. My code below allows me to search from db and displays results. From this result, Im going to insert a new row in my table instead of just updating. But I get Duplicate entry '..' for key 1 error. Pls help me thanks _______________ <?php require_once('../Connections/capinvdb_99k_itinventory.php'); ?> <?php //initialize the session session_start(); // ** Logout the current user. ** $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session varialbles session_unregister('MM_Username'); session_unregister('MM_UserGroup'); $logoutGoTo = "../index.php"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } } ?> <?php //initialize the session // ** Logout the current user. ** $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session varialbles session_unregister('MM_Username'); session_unregister('MM_UserGroup'); $logoutGoTo = "../index.php"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Search and Create</title> <?php error_reporting(0); if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_insert"])) & ($_POST["MM_insert"] == "SearchandCreate")) { $insertSQL = sprintf("INSERT INTO assetsdb (EquipmentClassification, SBU, Username, Department, Division, Location, Floor, Brand, Model, HostName, EquipmentSpecifications, SerialNo, AssetNo, InvNo, InvDate, WorkOrder, WorksOrderDate, Supplier, Cost, DeliveryDate, DeliveryStatus, WarrantyExpiryDate, WarrantyCoverage, Movement, NewBUAssetNo, UpdatedBy, UpdatedDate, ReviewedBy, ReviewedDate, Remarks) VALUES ('.$EquipmentClassification.', '.$SBU.', '.$Username.', '.$Department.', '.$Division.', '.$Location.', '.$Floor.', '.$Brand.', '.$Model.', '.$HostName.', '.$EquipmentSpecifications.', '.$SerialNo.', '.$AssetNo.', '.$InvNo.', '.$InvDate.', '.$WorkOrder.', '.$WorksOrderDate.', '.$Supplier.', '.$Cost.', '.$DeliveryDate.', '.$DeliveryStatus.', '.$WarrantyExpiryDate.', '.$WarrantyCoverage.', '.$Movement.', '.$NewBUAssetNo.', '.$UpdatedBy.', '.$UpdatedDate.', '.$ReviewedBy.', '.$ReviewedDate.', '.$Remarks.')", GetSQLValueString($_POST['EquipmentClassification'], "text"), GetSQLValueString($_POST['SBU'], "text"), GetSQLValueString($_POST['Username'], "text"), GetSQLValueString($_POST['Dept'], "text"), GetSQLValueString($_POST['Div'], "text"), GetSQLValueString($_POST['Location'], "text"), GetSQLValueString($_POST['Floor'], "text"), GetSQLValueString($_POST['Brand'], "text"), GetSQLValueString($_POST['Model'], "text"), GetSQLValueString($_POST['HostName'], "text"), GetSQLValueString($_POST['EquipmentSpec'], "text"), GetSQLValueString($_POST['AssetNo'], "text"), GetSQLValueString($_POST['InvNo'], "text"), GetSQLValueString($_POST['InvDate'], "text"), GetSQLValueString($_POST['WO'], "text"), GetSQLValueString($_POST['WODate'], "text"), GetSQLValueString($_POST['Supplier'], "text"), GetSQLValueString($_POST['Cost'], "text"), GetSQLValueString($_POST['DeliveryDate'], "text"), GetSQLValueString($_POST['DeliveryStatus'], "text"), GetSQLValueString($_POST['WarrantyExpiryDate'], "text"), GetSQLValueString($_POST['WarrantyCoverage'], "text"), GetSQLValueString($_POST['Mov'], "text"), GetSQLValueString($_POST['BuNum'], "text"), GetSQLValueString($_POST['UpdatedBy'], "text"), GetSQLValueString($_POST['UpdatedDate'], "text"), GetSQLValueString($_POST['ReviewedBy'], "text"), GetSQLValueString($_POST['ReviewedDate'], "text"), GetSQLValueString($_POST['Remarks'], "text"), GetSQLValueString($_POST['SerialNo'], "text")); mysql_select_db($database_capinvdb_99k_itinventory, $capinvdb_99k_itinventory); $Result1 = mysql_query($insertSQL, $capinvdb_99k_itinventory); if($Result1!=1){ echo '<script language="JavaScript" type="text/javascript">alert("'.mysql_error().'")</script>'; }else if($Result1==1){ echo '<script language="JavaScript" type="text/javascript">alert("Serial No:'.$_POST['SerialNo'].' updated.")</script>'; header('refresh: 00; url=SearchandCreate.php'); } } $colname_SearchBySerial = "-1"; if (isset($_POST['SerialNo'])) { $colname_SearchBySerial = $_POST['SerialNo']; } mysql_select_db($database_capinvdb_99k_itinventory, $capinvdb_99k_itinventory); $query_SearchBySerial = sprintf("SELECT * FROM assetsdb WHERE SerialNo = %s", GetSQLValueString($colname_SearchBySerial, "text")); $SearchBySerial = mysql_query($query_SearchBySerial, $capinvdb_99k_itinventory) or die(mysql_error()); $row_SearchBySerial = mysql_fetch_assoc($SearchBySerial); $totalRows_SearchBySerial = mysql_num_rows($SearchBySerial); $colname_SearchByAssetNo = "-1"; if (isset($_POST['AssetNo'])) { $colname_SearchByAssetNo = $_POST['AssetNo']; } mysql_select_db($database_capinvdb_99k_itinventory, $capinvdb_99k_itinventory); $query_SearchByAssetNo = sprintf("SELECT * FROM assetsdb WHERE AssetNo = %s", GetSQLValueString($colname_SearchByAssetNo, "text")); $SearchByAssetNo = mysql_query($query_SearchByAssetNo, $capinvdb_99k_itinventory) or die(mysql_error()); $row_SearchByAssetNo = mysql_fetch_assoc($SearchByAssetNo); $totalRows_SearchByAssetNo = mysql_num_rows($SearchByAssetNo); ?> <link rel="stylesheet" type="text/css" href="stylesheet/style.css"> </head> <body> <h3>Search and Create New Record</h3> <table> <tr> <td><form action="" method="post" name="SearchSerial"> <input name="SerialNo" type="text" /><input name="SearchBySerialNo" type="submit" value="Search By Serial No" class="btn"/> </form></td> <td><form action="" method="post" name="SearchAsset"> <input name="AssetNo" type="text" /><input name="SearchByAssetNo" type="submit" value="Search By Asset No" class="btn"/> <input type="button" name="backtomain2" value="Back to main" onclick="window.location.href='../main.php'" class="btn"/> </form></td> <td><form action="<?php echo $logoutAction ?>" method="post" name="logout"><input name="logout" type="submit" value="Logout" class="mainbtn"/></form> </td> </tr> </table> <form id="SearchandCreate" name="SearchandCreate" method="POST" action="<?php echo $editFormAction; ?>"> <table border="1"> <tr> <th> </th> <th>Equipment Classification</th> <th>SBU</th> <th>Username</th> <th>Department</th> <th>Division</th> <th>Location</th> <th>Floor</th> <th>Brand</th> <th>Model</th> <th>Host Name</th> <th>Equipment Specifications</th> <th>Serial No</th> <th>Asset No/Inventory No</th> <th>Invoice No</th> <th>Invoice Date</th> <th>Work Order/Purchase Order</th> <th>Works Order/Purchase Date</th> <th>Supplier</th> <th>Cost (S$)</th> <th>Delivery Date</th> <th>Delivery Status</th> <th>Warranty Expiry Date</th> <th>Warranty Coverage</th> <th>IT Movement </th> <th>New BU Asset Number (for BU Transfer)</th> <th>Updated By</th> <th>Updated Date</th> <th>Reviewed By</th> <th>Reviewed Date</th> <th>Remarks</th> <th> </th> </tr> <?php if ($totalRows_SearchBySerial > 0) { // Show if recordset not empty ?> <?php do { ?> <tr> <td><input type="submit" name="Insert" id="Insert" value="Insert" class="btn"/></td> <td><input name="EquipmentClassification" type="text" id="Equipment Classification" value="<?php echo $row_SearchBySerial['EquipmentClassification']; ?>" /></td> <td><input name="SBU" type="text" id="SBU" value="<?php echo $row_SearchBySerial['SBU']; ?>" /></td> <td><input name="Username" type="text" id="Username" value="<?php echo $row_SearchBySerial['Username']; ?>" /></td> <td><input name="Dept" type="text" id="Dept" value="<?php echo $row_SearchBySerial['Department']; ?>" /></td> <td><input name="Div" type="text" id="Div" value="<?php echo $row_SearchBySerial['Division']; ?>" /></td> <td><input name="Location" type="text" id="Location" value="<?php echo $row_SearchBySerial['Location']; ?>" /></td> <td><input name="Floor" type="text" id="Floor" value="<?php echo $row_SearchBySerial['Floor']; ?>" /></td> <td><input name="Brand" type="text" id="Brand" value="<?php echo $row_SearchBySerial['Brand']; ?>" /></td> <td><input name="Model" type="text" id="Model" value="<?php echo $row_SearchBySerial['Model']; ?>" /></td> <td><input name="HostName" type="text" id="HostName" value="<?php echo $row_SearchBySerial['HostName']; ?>" /></td> <td><textarea name="EquipmentSpec" id="EquipmentSpec" cols="45" rows="3"><?php echo $row_SearchBySerial['EquipmentSpecifications']; ?></textarea></td> <td><input name="SerialNo" type="text" id="SerialNo" value="<?php echo $row_SearchBySerial['SerialNo']; ?>" readonly="readonly" /></td> <td><input name="AssetNo" type="text" id="AssetNo" value="<?php echo $row_SearchBySerial['AssetNo']; ?>" readonly="readonly" /></td> <td><input name="InvNo" type="text" id="InvNo" value="<?php echo $row_SearchBySerial['InvNo']; ?>" /></td> <td><input name="InvDate" type="text" id="InvDate" value="<?php echo $row_SearchBySerial['InvDate']; ?>" /></td> <td><input name="WO" type="text" id="WO" value="<?php echo $row_SearchBySerial['WorkOrder']; ?>" /></td> <td><input name="WODate" type="text" id="WODate" value="<?php echo $row_SearchBySerial['WorksOrderDate']; ?>" /></td> <td><input name="Supplier" type="text" id="Supplier" value="<?php echo $row_SearchBySerial['Supplier']; ?>" /></td> <td><input name="Cost" type="text" id="Cost" value="<?php echo $row_SearchBySerial['Cost']; ?>" /></td> <td><input name="DeliveryDate" type="text" id="DeliveryDate" value="<?php echo $row_SearchBySerial['DeliveryDate']; ?>" /></td> <td><input name="DeliveryStatus" type="text" id="DeliveryStatus" value="<?php echo $row_SearchBySerial['DeliveryStatus']; ?>" /></td> <td><input name="WarrantyExpiryDate" type="text" id="WarrantyExpiryDate" value="<?php echo $row_SearchBySerial['WarrantyExpiryDate']; ?>" /></td> <td><input name="WarrantyCoverage" type="text" id="WarrantyCoverage" value="<?php echo $row_SearchBySerial['WarrantyCoverage']; ?>" /></td> <td><input name="Mov" type="text" id="Mov" value="<?php echo $row_SearchBySerial['Movement']; ?>" /></td> <td><input name="BuNum" type="text" id="BuNum" value="<?php echo $row_SearchBySerial['NewBUAssetNo']; ?>" /></td> <td><input name="UpdatedBy" type="text" id="UpdatedBy" value="<?php echo $row_SearchBySerial['UpdatedBy']; ?>" /></td> <td><input name="UpdatedDate" type="text" id="UpdatedDate" value="<?php echo $row_SearchBySerial['UpdatedDate']; ?>" /></td> <td><input name="ReviewedBy" type="text" id="ReviewedBy" value="<?php echo $row_SearchBySerial['ReviewedBy']; ?>" /></td> <td><input name="ReviewedDate" type="text" id="ReviewedDate" value="<?php echo $row_SearchBySerial['ReviewedDate']; ?>" /></td> <td><input name="Remarks" type="text" id="Remarks" value="<?php echo $row_SearchBySerial['Remarks']; ?>" /></td> <td><input type="submit" name="Insert" id="Insert" value="Insert" class="btn"/></td> </tr> <?php } while ($row_SearchBySerial = mysql_fetch_assoc($SearchBySerial)); ?> <?php } // Show if recordset not empty ?> <?php if ($totalRows_SearchByAssetNo > 0) { // Show if recordset not empty ?> <?php do { ?> <tr> <td><input type="submit" name="Insert" id="Insert" value="Insert" class="btn"/></td> <td><input name="EquipmentClassification" type="text" id="Equipment Classification" value="<?php echo $row_SearchByAssetNo['EquipmentClassification']; ?>" /></td> <td><input name="SBU" type="text" id="SBU" value="<?php echo $row_SearchByAssetNo['SBU']; ?>" /></td> <td><input name="Username" type="text" id="Username" value="<?php echo $row_SearchByAssetNo['Username']; ?>" /></td> <td><input name="Dept" type="text" id="Dept" value="<?php echo $row_SearchByAssetNo['Department']; ?>" /></td> <td><input name="Div" type="text" id="Div" value="<?php echo $row_SearchByAssetNo['Division']; ?>" /></td> <td><input name="Location" type="text" id="Location" value="<?php echo $row_SearchByAssetNo['Location']; ?>" /></td> <td><input name="Floor" type="text" id="Floor" value="<?php echo $row_SearchByAssetNo['Floor']; ?>" /></td> <td><input name="Brand" type="text" id="Brand" value="<?php echo $row_SearchByAssetNo['Brand']; ?>" /></td> <td><input name="Model" type="text" id="Model" value="<?php echo $row_SearchByAssetNo['Model']; ?>" /></td> <td><input name="HostName" type="text" id="HostName" value="<?php echo $row_SearchByAssetNo['HostName']; ?>" /></td> <td><textarea name="EquipmentSpec" id="EquipmentSpec" cols="45" rows="3"><?php echo $row_SearchByAssetNo['EquipmentSpecifications']; ?></textarea></td> <td><input name="SerialNo" type="text" id="SerialNo" value="<?php echo $row_SearchByAssetNo['SerialNo']; ?>" readonly="readonly"/></td> <td><input name="AssetNo" type="text" id="AssetNo" value="<?php echo $row_SearchByAssetNo['AssetNo']; ?>" readonly="readonly" /></td> <td><input name="InvNo" type="text" id="InvNo" value="<?php echo $row_SearchByAssetNo['InvNo']; ?>" /></td> <td><input name="InvDate" type="text" id="InvDate" value="<?php echo $row_SearchByAssetNo['InvDate']; ?>" /></td> <td><input name="WO" type="text" id="WO" value="<?php echo $row_SearchByAssetNo['WorkOrder']; ?>" /></td> <td><input name="WODate" type="text" id="WODate" value="<?php echo $row_SearchByAssetNo['WorksOrderDate']; ?>" /></td> <td><input name="Supplier" type="text" id="Supplier" value="<?php echo $row_SearchByAssetNo['Supplier']; ?>" /></td> <td><input name="Cost" type="text" id="Cost" value="<?php echo $row_SearchByAssetNo['Cost']; ?>" /></td> <td><input name="DeliveryDate" type="text" id="DeliveryDate" value="<?php echo $row_SearchByAssetNo['DeliveryDate']; ?>" /></td> <td><input name="DeliveryStatus" type="text" id="DeliveryStatus" value="<?php echo $row_SearchByAssetNo['DeliveryStatus']; ?>" /></td> <td><input name="WarrantyExpiryDate" type="text" id="WarrantyExpiryDate" value="<?php echo $row_SearchByAssetNo['WarrantyExpiryDate']; ?>" /></td> <td><input name="WarrantyCoverage" type="text" id="WarrantyCoverage" value="<?php echo $row_SearchByAssetNo['WarrantyCoverage']; ?>" /></td> <td><input name="Mov" type="text" id="Mov" value="<?php echo $row_SearchByAssetNo['Movement']; ?>" /></td> <td><input name="BuNum" type="text" id="BuNum" value="<?php echo $row_SearchByAssetNo['NewBUAssetNo']; ?>" /></td> <td><input name="UpdatedBy" type="text" id="UpdatedBy" value="<?php echo $row_SearchByAssetNo['UpdatedBy']; ?>" /></td> <td><input name="UpdatedDate" type="text" id="UpdatedDate" value="<?php echo $row_SearchByAssetNo['UpdatedDate']; ?>" /></td> <td><input name="ReviewedBy" type="text" id="ReviewedBy" value="<?php echo $row_SearchByAssetNo['ReviewedBy']; ?>" /></td> <td><input name="ReviewedDate" type="text" id="ReviewedDate" value="<?php echo $row_SearchByAssetNo['ReviewedDate']; ?>" /></td> <td><input name="Remarks" type="text" id="Remarks" value="<?php echo $row_SearchByAssetNo['Remarks']; ?>" /></td> <td><input type="submit" name="Update" id="Update" value="Update" class="btn"/></td> </tr> <?php } while ($row_SearchByAssetNo = mysql_fetch_assoc($SearchByAssetNo)); ?> <?php } // Show if recordset not empty ?> </table> <input type="hidden" name="MM_insert" value="SearchandCreate" /> </form> </body> </html> <?php mysql_free_result($SearchBySerial); mysql_free_result($SearchByAssetNo); ?> <?php require_once('../Connections/capinvdb_99k_itinventory.php'); ?> <?php //initialize the session session_start(); // ** Logout the current user. ** $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session varialbles session_unregister('MM_Username'); session_unregister('MM_UserGroup'); $logoutGoTo = "../index.php"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } } ?> <?php //initialize the session // ** Logout the current user. ** $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session varialbles session_unregister('MM_Username'); session_unregister('MM_UserGroup'); $logoutGoTo = "../index.php"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Search and Create</title> <?php error_reporting(0); if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_insert"])) & ($_POST["MM_insert"] == "SearchandCreate")) { $insertSQL = sprintf("INSERT INTO assetsdb (EquipmentClassification, SBU, Username, Department, Division, Location, Floor, Brand, Model, HostName, EquipmentSpecifications, SerialNo, AssetNo, InvNo, InvDate, WorkOrder, WorksOrderDate, Supplier, Cost, DeliveryDate, DeliveryStatus, WarrantyExpiryDate, WarrantyCoverage, Movement, NewBUAssetNo, UpdatedBy, UpdatedDate, ReviewedBy, ReviewedDate, Remarks) VALUES ('.$EquipmentClassification.', '.$SBU.', '.$Username.', '.$Department.', '.$Division.', '.$Location.', '.$Floor.', '.$Brand.', '.$Model.', '.$HostName.', '.$EquipmentSpecifications.', '.$SerialNo.', '.$AssetNo.', '.$InvNo.', '.$InvDate.', '.$WorkOrder.', '.$WorksOrderDate.', '.$Supplier.', '.$Cost.', '.$DeliveryDate.', '.$DeliveryStatus.', '.$WarrantyExpiryDate.', '.$WarrantyCoverage.', '.$Movement.', '.$NewBUAssetNo.', '.$UpdatedBy.', '.$UpdatedDate.', '.$ReviewedBy.', '.$ReviewedDate.', '.$Remarks.')", GetSQLValueString($_POST['EquipmentClassification'], "text"), GetSQLValueString($_POST['SBU'], "text"), GetSQLValueString($_POST['Username'], "text"), GetSQLValueString($_POST['Dept'], "text"), GetSQLValueString($_POST['Div'], "text"), GetSQLValueString($_POST['Location'], "text"), GetSQLValueString($_POST['Floor'], "text"), GetSQLValueString($_POST['Brand'], "text"), GetSQLValueString($_POST['Model'], "text"), GetSQLValueString($_POST['HostName'], "text"), GetSQLValueString($_POST['EquipmentSpec'], "text"), GetSQLValueString($_POST['AssetNo'], "text"), GetSQLValueString($_POST['InvNo'], "text"), GetSQLValueString($_POST['InvDate'], "text"), GetSQLValueString($_POST['WO'], "text"), GetSQLValueString($_POST['WODate'], "text"), GetSQLValueString($_POST['Supplier'], "text"), GetSQLValueString($_POST['Cost'], "text"), GetSQLValueString($_POST['DeliveryDate'], "text"), GetSQLValueString($_POST['DeliveryStatus'], "text"), GetSQLValueString($_POST['WarrantyExpiryDate'], "text"), GetSQLValueString($_POST['WarrantyCoverage'], "text"), GetSQLValueString($_POST['Mov'], "text"), GetSQLValueString($_POST['BuNum'], "text"), GetSQLValueString($_POST['UpdatedBy'], "text"), GetSQLValueString($_POST['UpdatedDate'], "text"), GetSQLValueString($_POST['ReviewedBy'], "text"), GetSQLValueString($_POST['ReviewedDate'], "text"), GetSQLValueString($_POST['Remarks'], "text"), GetSQLValueString($_POST['SerialNo'], "text")); mysql_select_db($database_capinvdb_99k_itinventory, $capinvdb_99k_itinventory); $Result1 = mysql_query($insertSQL, $capinvdb_99k_itinventory); if($Result1!=1){ echo '<script language="JavaScript" type="text/javascript">alert("'.mysql_error().'")</script>'; }else if($Result1==1){ echo '<script language="JavaScript" type="text/javascript">alert("Serial No:'.$_POST['SerialNo'].' updated.")</script>'; header('refresh: 00; url=SearchandCreate.php'); } } $colname_SearchBySerial = "-1"; if (isset($_POST['SerialNo'])) { $colname_SearchBySerial = $_POST['SerialNo']; } mysql_select_db($database_capinvdb_99k_itinventory, $capinvdb_99k_itinventory); $query_SearchBySerial = sprintf("SELECT * FROM assetsdb WHERE SerialNo = %s", GetSQLValueString($colname_SearchBySerial, "text")); $SearchBySerial = mysql_query($query_SearchBySerial, $capinvdb_99k_itinventory) or die(mysql_error()); $row_SearchBySerial = mysql_fetch_assoc($SearchBySerial); $totalRows_SearchBySerial = mysql_num_rows($SearchBySerial); $colname_SearchByAssetNo = "-1"; if (isset($_POST['AssetNo'])) { $colname_SearchByAssetNo = $_POST['AssetNo']; } mysql_select_db($database_capinvdb_99k_itinventory, $capinvdb_99k_itinventory); $query_SearchByAssetNo = sprintf("SELECT * FROM assetsdb WHERE AssetNo = %s", GetSQLValueString($colname_SearchByAssetNo, "text")); $SearchByAssetNo = mysql_query($query_SearchByAssetNo, $capinvdb_99k_itinventory) or die(mysql_error()); $row_SearchByAssetNo = mysql_fetch_assoc($SearchByAssetNo); $totalRows_SearchByAssetNo = mysql_num_rows($SearchByAssetNo); ?> <link rel="stylesheet" type="text/css" href="stylesheet/style.css"> </head> <body> <h3>Search and Create New Record</h3> <table> <tr> <td><form action="" method="post" name="SearchSerial"> <input name="SerialNo" type="text" /><input name="SearchBySerialNo" type="submit" value="Search By Serial No" class="btn"/> </form></td> <td><form action="" method="post" name="SearchAsset"> <input name="AssetNo" type="text" /><input name="SearchByAssetNo" type="submit" value="Search By Asset No" class="btn"/> <input type="button" name="backtomain2" value="Back to main" onclick="window.location.href='../main.php'" class="btn"/> </form></td> <td><form action="<?php echo $logoutAction ?>" method="post" name="logout"><input name="logout" type="submit" value="Logout" class="mainbtn"/></form> </td> </tr> </table> <form id="SearchandCreate" name="SearchandCreate" method="POST" action="<?php echo $editFormAction; ?>"> <table border="1"> <tr> <th> </th> <th>Equipment Classification</th> <th>SBU</th> <th>Username</th> <th>Department</th> <th>Division</th> <th>Location</th> <th>Floor</th> <th>Brand</th> <th>Model</th> <th>Host Name</th> <th>Equipment Specifications</th> <th>Serial No</th> <th>Asset No/Inventory No</th> <th>Invoice No</th> <th>Invoice Date</th> <th>Work Order/Purchase Order</th> <th>Works Order/Purchase Date</th> <th>Supplier</th> <th>Cost (S$)</th> <th>Delivery Date</th> <th>Delivery Status</th> <th>Warranty Expiry Date</th> <th>Warranty Coverage</th> <th>IT Movement </th> <th>New BU Asset Number (for BU Transfer)</th> <th>Updated By</th> <th>Updated Date</th> <th>Reviewed By</th> <th>Reviewed Date</th> <th>Remarks</th> <th> </th> </tr> <?php if ($totalRows_SearchBySerial > 0) { // Show if recordset not empty ?> <?php do { ?> <tr> <td><input type="submit" name="Insert" id="Insert" value="Insert" class="btn"/></td> <td><input name="EquipmentClassification" type="text" id="Equipment Classification" value="<?php echo $row_SearchBySerial['EquipmentClassification']; ?>" /></td> <td><input name="SBU" type="text" id="SBU" value="<?php echo $row_SearchBySerial['SBU']; ?>" /></td> <td><input name="Username" type="text" id="Username" value="<?php echo $row_SearchBySerial['Username']; ?>" /></td> <td><input name="Dept" type="text" id="Dept" value="<?php echo $row_SearchBySerial['Department']; ?>" /></td> <td><input name="Div" type="text" id="Div" value="<?php echo $row_SearchBySerial['Division']; ?>" /></td> <td><input name="Location" type="text" id="Location" value="<?php echo $row_SearchBySerial['Location']; ?>" /></td> <td><input name="Floor" type="text" id="Floor" value="<?php echo $row_SearchBySerial['Floor']; ?>" /></td> <td><input name="Brand" type="text" id="Brand" value="<?php echo $row_SearchBySerial['Brand']; ?>" /></td> <td><input name="Model" type="text" id="Model" value="<?php echo $row_SearchBySerial['Model']; ?>" /></td> <td><input name="HostName" type="text" id="HostName" value="<?php echo $row_SearchBySerial['HostName']; ?>" /></td> <td><textarea name="EquipmentSpec" id="EquipmentSpec" cols="45" rows="3"><?php echo $row_SearchBySerial['EquipmentSpecifications']; ?></textarea></td> <td><input name="SerialNo" type="text" id="SerialNo" value="<?php echo $row_SearchBySerial['SerialNo']; ?>" readonly="readonly" /></td> <td><input name="AssetNo" type="text" id="AssetNo" value="<?php echo $row_SearchBySerial['AssetNo']; ?>" readonly="readonly" /></td> <td><input name="InvNo" type="text" id="InvNo" value="<?php echo $row_SearchBySerial['InvNo']; ?>" /></td> <td><input name="InvDate" type="text" id="InvDate" value="<?php echo $row_SearchBySerial['InvDate']; ?>" /></td> <td><input name="WO" type="text" id="WO" value="<?php echo $row_SearchBySerial['WorkOrder']; ?>" /></td> <td><input name="WODate" type="text" id="WODate" value="<?php echo $row_SearchBySerial['WorksOrderDate']; ?>" /></td> <td><input name="Supplier" type="text" id="Supplier" value="<?php echo $row_SearchBySerial['Supplier']; ?>" /></td> <td><input name="Cost" type="text" id="Cost" value="<?php echo $row_SearchBySerial['Cost']; ?>" /></td> <td><input name="DeliveryDate" type="text" id="DeliveryDate" value="<?php echo $row_SearchBySerial['DeliveryDate']; ?>" /></td> <td><input name="DeliveryStatus" type="text" id="DeliveryStatus" value="<?php echo $row_SearchBySerial['DeliveryStatus']; ?>" /></td> <td><input name="WarrantyExpiryDate" type="text" id="WarrantyExpiryDate" value="<?php echo $row_SearchBySerial['WarrantyExpiryDate']; ?>" /></td> <td><input name="WarrantyCoverage" type="text" id="WarrantyCoverage" value="<?php echo $row_SearchBySerial['WarrantyCoverage']; ?>" /></td> <td><input name="Mov" type="text" id="Mov" value="<?php echo $row_SearchBySerial['Movement']; ?>" /></td> <td><input name="BuNum" type="text" id="BuNum" value="<?php echo $row_SearchBySerial['NewBUAssetNo']; ?>" /></td> <td><input name="UpdatedBy" type="text" id="UpdatedBy" value="<?php echo $row_SearchBySerial['UpdatedBy']; ?>" /></td> <td><input name="UpdatedDate" type="text" id="UpdatedDate" value="<?php echo $row_SearchBySerial['UpdatedDate']; ?>" /></td> <td><input name="ReviewedBy" type="text" id="ReviewedBy" value="<?php echo $row_SearchBySerial['ReviewedBy']; ?>" /></td> <td><input name="ReviewedDate" type="text" id="ReviewedDate" value="<?php echo $row_SearchBySerial['ReviewedDate']; ?>" /></td> <td><input name="Remarks" type="text" id="Remarks" value="<?php echo $row_SearchBySerial['Remarks']; ?>" /></td> <td><input type="submit" name="Insert" id="Insert" value="Insert" class="btn"/></td> </tr> <?php } while ($row_SearchBySerial = mysql_fetch_assoc($SearchBySerial)); ?> <?php } // Show if recordset not empty ?> <?php if ($totalRows_SearchByAssetNo > 0) { // Show if recordset not empty ?> <?php do { ?> <tr> <td><input type="submit" name="Insert" id="Insert" value="Insert" class="btn"/></td> <td><input name="EquipmentClassification" type="text" id="Equipment Classification" value="<?php echo $row_SearchByAssetNo['EquipmentClassification']; ?>" /></td> <td><input name="SBU" type="text" id="SBU" value="<?php echo $row_SearchByAssetNo['SBU']; ?>" /></td> <td><input name="Username" type="text" id="Username" value="<?php echo $row_SearchByAssetNo['Username']; ?>" /></td> <td><input name="Dept" type="text" id="Dept" value="<?php echo $row_SearchByAssetNo['Department']; ?>" /></td> <td><input name="Div" type="text" id="Div" value="<?php echo $row_SearchByAssetNo['Division']; ?>" /></td> <td><input name="Location" type="text" id="Location" value="<?php echo $row_SearchByAssetNo['Location']; ?>" /></td> <td><input name="Floor" type="text" id="Floor" value="<?php echo $row_SearchByAssetNo['Floor']; ?>" /></td> <td><input name="Brand" type="text" id="Brand" value="<?php echo $row_SearchByAssetNo['Brand']; ?>" /></td> <td><input name="Model" type="text" id="Model" value="<?php echo $row_SearchByAssetNo['Model']; ?>" /></td> <td><input name="HostName" type="text" id="HostName" value="<?php echo $row_SearchByAssetNo['HostName']; ?>" /></td> <td><textarea name="EquipmentSpec" id="EquipmentSpec" cols="45" rows="3"><?php echo $row_SearchByAssetNo['EquipmentSpecifications']; ?></textarea></td> <td><input name="SerialNo" type="text" id="SerialNo" value="<?php echo $row_SearchByAssetNo['SerialNo']; ?>" readonly="readonly"/></td> <td><input name="AssetNo" type="text" id="AssetNo" value="<?php echo $row_SearchByAssetNo['AssetNo']; ?>" readonly="readonly" /></td> <td><input name="InvNo" type="text" id="InvNo" value="<?php echo $row_SearchByAssetNo['InvNo']; ?>" /></td> <td><input name="InvDate" type="text" id="InvDate" value="<?php echo $row_SearchByAssetNo['InvDate']; ?>" /></td> <td><input name="WO" type="text" id="WO" value="<?php echo $row_SearchByAssetNo['WorkOrder']; ?>" /></td> <td><input name="WODate" type="text" id="WODate" value="<?php echo $row_SearchByAssetNo['WorksOrderDate']; ?>" /></td> <td><input name="Supplier" type="text" id="Supplier" value="<?php echo $row_SearchByAssetNo['Supplier']; ?>" /></td> <td><input name="Cost" type="text" id="Cost" value="<?php echo $row_SearchByAssetNo['Cost']; ?>" /></td> <td><input name="DeliveryDate" type="text" id="DeliveryDate" value="<?php echo $row_SearchByAssetNo['DeliveryDate']; ?>" /></td> <td><input name="DeliveryStatus" type="text" id="DeliveryStatus" value="<?php echo $row_SearchByAssetNo['DeliveryStatus']; ?>" /></td> <td><input name="WarrantyExpiryDate" type="text" id="WarrantyExpiryDate" value="<?php echo $row_SearchByAssetNo['WarrantyExpiryDate']; ?>" /></td> <td><input name="WarrantyCoverage" type="text" id="WarrantyCoverage" value="<?php echo $row_SearchByAssetNo['WarrantyCoverage']; ?>" /></td> <td><input name="Mov" type="text" id="Mov" value="<?php echo $row_SearchByAssetNo['Movement']; ?>" /></td> <td><input name="BuNum" type="text" id="BuNum" value="<?php echo $row_SearchByAssetNo['NewBUAssetNo']; ?>" /></td> <td><input name="UpdatedBy" type="text" id="UpdatedBy" value="<?php echo $row_SearchByAssetNo['UpdatedBy']; ?>" /></td> <td><input name="UpdatedDate" type="text" id="UpdatedDate" value="<?php echo $row_SearchByAssetNo['UpdatedDate']; ?>" /></td> <td><input name="ReviewedBy" type="text" id="ReviewedBy" value="<?php echo $row_SearchByAssetNo['ReviewedBy']; ?>" /></td> <td><input name="ReviewedDate" type="text" id="ReviewedDate" value="<?php echo $row_SearchByAssetNo['ReviewedDate']; ?>" /></td> <td><input name="Remarks" type="text" id="Remarks" value="<?php echo $row_SearchByAssetNo['Remarks']; ?>" /></td> <td><input type="submit" name="Update" id="Update" value="Update" class="btn"/></td> </tr> <?php } while ($row_SearchByAssetNo = mysql_fetch_assoc($SearchByAssetNo)); ?> <?php } // Show if recordset not empty ?> </table> <input type="hidden" name="MM_insert" value="SearchandCreate" /> </form> </body> </html> <?php mysql_free_result($SearchBySerial); mysql_free_result($SearchByAssetNo); ?>

Hi to all PHP experts, This is my second post and the guys here have been very helpful. I'm a newbie in PHP programming and I need help with a dynamic page Im creating. Instead of updating the MySQL table, the requirement is to insert an additional line of data into the table with the search results intact. Thanks in advance to those who are going to respond. _______________________________________________________________________________________ <?php require_once('../Connections/ITInventory.php'); ?> <?php //initialize the session session_start(); // ** Logout the current user. ** $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session varialbles session_unregister('MM_Username'); session_unregister('MM_UserGroup'); $logoutGoTo = "../index.php"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } } ?> <?php //initialize the session // ** Logout the current user. ** $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session varialbles session_unregister('MM_Username'); session_unregister('MM_UserGroup'); $logoutGoTo = "../index.php"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Search and Create</title> <?php error_reporting(0); if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "SearchandUpdate")) { $updateSQL = sprintf("UPDATE assetsdb SET EquipmentClassification=%s, SBU=%s, Username=%s, Department=%s, Division=%s, Location=%s, Floor=%s, Brand=%s, Model=%s, HostName=%s, EquipmentSpecifications=%s, AssetNo=%s, InvNo=%s, InvDate=%s, WorkOrder=%s, WorksOrderDate=%s, Supplier=%s, Cost=%s, DeliveryDate=%s, DeliveryStatus=%s, WarrantyExpiryDate=%s, WarrantyCoverage=%s, Movement=%s, NewBUAssetNo=%s, UpdatedBy=%s, UpdatedDate=%s, ReviewedBy=%s, ReviewedDate=%s, Remarks=%s WHERE SerialNo=%s", GetSQLValueString($_POST['EquipmentClassification'], "text"), GetSQLValueString($_POST['SBU'], "text"), GetSQLValueString($_POST['Username'], "text"), GetSQLValueString($_POST['Dept'], "text"), GetSQLValueString($_POST['Div'], "text"), GetSQLValueString($_POST['Location'], "text"), GetSQLValueString($_POST['Floor'], "text"), GetSQLValueString($_POST['Brand'], "text"), GetSQLValueString($_POST['Model'], "text"), GetSQLValueString($_POST['HostName'], "text"), GetSQLValueString($_POST['EquipmentSpec'], "text"), GetSQLValueString($_POST['AssetNo'], "text"), GetSQLValueString($_POST['InvNo'], "text"), GetSQLValueString($_POST['InvDate'], "text"), GetSQLValueString($_POST['WO'], "text"), GetSQLValueString($_POST['WODate'], "text"), GetSQLValueString($_POST['Supplier'], "text"), GetSQLValueString($_POST['Cost'], "text"), GetSQLValueString($_POST['DeliveryDate'], "text"), GetSQLValueString($_POST['DeliveryStatus'], "text"), GetSQLValueString($_POST['WarrantyExpiryDate'], "text"), GetSQLValueString($_POST['WarrantyCoverage'], "text"), GetSQLValueString($_POST['Mov'], "text"), GetSQLValueString($_POST['BuNum'], "text"), GetSQLValueString($_POST['UpdatedBy'], "text"), GetSQLValueString($_POST['UpdatedDate'], "text"), GetSQLValueString($_POST['ReviewedBy'], "text"), GetSQLValueString($_POST['ReviewedDate'], "text"), GetSQLValueString($_POST['Remarks'], "text"), GetSQLValueString($_POST['SerialNo'], "text")); mysql_select_db($database_ITInventory, $ITInventory); $Result1 = mysql_query($updateSQL, $ITInventory); if($Result1!=1){ echo '<script language="JavaScript" type="text/javascript">alert("'.mysql_error().'")</script>'; }else if($Result1==1){ echo '<script language="JavaScript" type="text/javascript">alert("Serial No:'.$_POST['SerialNo'].' updated.")</script>'; header('refresh: 00; url=SearchandUpdate.php'); } } $colname_SearchBySerial = "-1"; if (isset($_POST['SerialNo'])) { $colname_SearchBySerial = $_POST['SerialNo']; } mysql_select_db($database_ITInventory, $ITInventory); $query_SearchBySerial = sprintf("SELECT * FROM assetsdb WHERE SerialNo = %s", GetSQLValueString($colname_SearchBySerial, "text")); $SearchBySerial = mysql_query($query_SearchBySerial, $ITInventory) or die(mysql_error()); $row_SearchBySerial = mysql_fetch_assoc($SearchBySerial); $totalRows_SearchBySerial = mysql_num_rows($SearchBySerial); $colname_SearchByAssetNo = "-1"; if (isset($_POST['AssetNo'])) { $colname_SearchByAssetNo = $_POST['AssetNo']; } mysql_select_db($database_ITInventory, $ITInventory); $query_SearchByAssetNo = sprintf("SELECT * FROM assetsdb WHERE AssetNo = %s", GetSQLValueString($colname_SearchByAssetNo, "text")); $SearchByAssetNo = mysql_query($query_SearchByAssetNo, $ITInventory) or die(mysql_error()); $row_SearchByAssetNo = mysql_fetch_assoc($SearchByAssetNo); $totalRows_SearchByAssetNo = mysql_num_rows($SearchByAssetNo); ?> <link rel="stylesheet" type="text/css" href="stylesheet/style.css"> </head> <body> <h3>Search and Create New Record</h3> <table> <tr> <td><form action="" method="post" name="SearchSerial"> <input name="SerialNo" type="text" /><input name="SearchBySerialNo" type="submit" value="Search By Serial No" class="btn"/> </form></td> <td><form action="" method="post" name="SearchAsset"> <input name="AssetNo" type="text" /><input name="SearchByAssetNo" type="submit" value="Search By Asset No" class="btn"/> <input type="button" name="backtomain2" value="Back to main" onclick="window.location.href='../main.php'" class="btn"/> </form></td> <td><form action="<?php echo $logoutAction ?>" method="post" name="logout"><input name="logout" type="submit" value="Logout" class="mainbtn"/></form> </td> </tr> </table> <form id="SearchandUpdate" name="SearchandUpdate" method="POST" action="<?php echo $editFormAction; ?>"> <table border="1"> <tr> <th> </th> <th>Equipment Classification</th> <th>SBU</th> <th>Username</th> <th>Department</th> <th>Division</th> <th>Location</th> <th>Floor</th> <th>Brand</th> <th>Model</th> <th>Host Name</th> <th>Equipment Specifications</th> <th>Serial No</th> <th>Asset No/Inventory No</th> <th>Invoice No</th> <th>Invoice Date</th> <th>Work Order/Purchase Order</th> <th>Works Order/Purchase Date</th> <th>Supplier</th> <th>Cost (S$)</th> <th>Delivery Date</th> <th>Delivery Status</th> <th>Warranty Expiry Date</th> <th>Warranty Coverage</th> <th>IT Movement </th> <th>New BU Asset Number (for BU Transfer)</th> <th>Updated By</th> <th>Updated Date</th> <th>Reviewed By</th> <th>Reviewed Date</th> <th>Remarks</th> <th> </th> </tr> <?php if ($totalRows_SearchBySerial > 0) { // Show if recordset not empty ?> <?php do { ?> <tr> <td><input type="submit" name="Update" id="Update" value="Update" class="btn"/></td> <td><input name="EquipmentClassification" type="text" id="Equipment Classification" value="<?php echo $row_SearchBySerial['EquipmentClassification']; ?>" /></td> <td><input name="SBU" type="text" id="SBU" value="<?php echo $row_SearchBySerial['SBU']; ?>" /></td> <td><input name="Username" type="text" id="Username" value="<?php echo $row_SearchBySerial['Username']; ?>" /></td> <td><input name="Dept" type="text" id="Dept" value="<?php echo $row_SearchBySerial['Department']; ?>" /></td> <td><input name="Div" type="text" id="Div" value="<?php echo $row_SearchBySerial['Division']; ?>" /></td> <td><input name="Location" type="text" id="Location" value="<?php echo $row_SearchBySerial['Location']; ?>" /></td> <td><input name="Floor" type="text" id="Floor" value="<?php echo $row_SearchBySerial['Floor']; ?>" /></td> <td><input name="Brand" type="text" id="Brand" value="<?php echo $row_SearchBySerial['Brand']; ?>" /></td> <td><input name="Model" type="text" id="Model" value="<?php echo $row_SearchBySerial['Model']; ?>" /></td> <td><input name="HostName" type="text" id="HostName" value="<?php echo $row_SearchBySerial['HostName']; ?>" /></td> <td><textarea name="EquipmentSpec" id="EquipmentSpec" cols="45" rows="3"><?php echo $row_SearchBySerial['EquipmentSpecifications']; ?></textarea></td> <td><input name="SerialNo" type="text" id="SerialNo" value="<?php echo $row_SearchBySerial['SerialNo']; ?>" readonly="readonly" /></td> <td><input name="AssetNo" type="text" id="AssetNo" value="<?php echo $row_SearchBySerial['AssetNo']; ?>" readonly="readonly" /></td> <td><input name="InvNo" type="text" id="InvNo" value="<?php echo $row_SearchBySerial['InvNo']; ?>" /></td> <td><input name="InvDate" type="text" id="InvDate" value="<?php echo $row_SearchBySerial['InvDate']; ?>" /></td> <td><input name="WO" type="text" id="WO" value="<?php echo $row_SearchBySerial['WorkOrder']; ?>" /></td> <td><input name="WODate" type="text" id="WODate" value="<?php echo $row_SearchBySerial['WorksOrderDate']; ?>" /></td> <td><input name="Supplier" type="text" id="Supplier" value="<?php echo $row_SearchBySerial['Supplier']; ?>" /></td> <td><input name="Cost" type="text" id="Cost" value="<?php echo $row_SearchBySerial['Cost']; ?>" /></td> <td><input name="DeliveryDate" type="text" id="DeliveryDate" value="<?php echo $row_SearchBySerial['DeliveryDate']; ?>" /></td> <td><input name="DeliveryStatus" type="text" id="DeliveryStatus" value="<?php echo $row_SearchBySerial['DeliveryStatus']; ?>" /></td> <td><input name="WarrantyExpiryDate" type="text" id="WarrantyExpiryDate" value="<?php echo $row_SearchBySerial['WarrantyExpiryDate']; ?>" /></td> <td><input name="WarrantyCoverage" type="text" id="WarrantyCoverage" value="<?php echo $row_SearchBySerial['WarrantyCoverage']; ?>" /></td> <td><input name="Mov" type="text" id="Mov" value="<?php echo $row_SearchBySerial['Movement']; ?>" /></td> <td><input name="BuNum" type="text" id="BuNum" value="<?php echo $row_SearchBySerial['NewBUAssetNo']; ?>" /></td> <td><input name="UpdatedBy" type="text" id="UpdatedBy" value="<?php echo $row_SearchBySerial['UpdatedBy']; ?>" /></td> <td><input name="UpdatedDate" type="text" id="UpdatedDate" value="<?php echo $row_SearchBySerial['UpdatedDate']; ?>" /></td> <td><input name="ReviewedBy" type="text" id="ReviewedBy" value="<?php echo $row_SearchBySerial['ReviewedBy']; ?>" /></td> <td><input name="ReviewedDate" type="text" id="ReviewedDate" value="<?php echo $row_SearchBySerial['ReviewedDate']; ?>" /></td> <td><input name="Remarks" type="text" id="Remarks" value="<?php echo $row_SearchBySerial['Remarks']; ?>" /></td> <td><input type="submit" name="Update" id="Update" value="Update" class="btn"/></td> </tr> <?php } while ($row_SearchBySerial = mysql_fetch_assoc($SearchBySerial)); ?> <?php } // Show if recordset not empty ?> <?php if ($totalRows_SearchByAssetNo > 0) { // Show if recordset not empty ?> <?php do { ?> <tr> <td><input type="submit" name="Update" id="Update" value="Update" class="btn"/></td> <td><input name="EquipmentClassification" type="text" id="Equipment Classification" value="<?php echo $row_SearchByAssetNo['EquipmentClassification']; ?>" /></td> <td><input name="SBU" type="text" id="SBU" value="<?php echo $row_SearchByAssetNo['SBU']; ?>" /></td> <td><input name="Username" type="text" id="Username" value="<?php echo $row_SearchByAssetNo['Username']; ?>" /></td> <td><input name="Dept" type="text" id="Dept" value="<?php echo $row_SearchByAssetNo['Department']; ?>" /></td> <td><input name="Div" type="text" id="Div" value="<?php echo $row_SearchByAssetNo['Division']; ?>" /></td> <td><input name="Location" type="text" id="Location" value="<?php echo $row_SearchByAssetNo['Location']; ?>" /></td> <td><input name="Floor" type="text" id="Floor" value="<?php echo $row_SearchByAssetNo['Floor']; ?>" /></td> <td><input name="Brand" type="text" id="Brand" value="<?php echo $row_SearchByAssetNo['Brand']; ?>" /></td> <td><input name="Model" type="text" id="Model" value="<?php echo $row_SearchByAssetNo['Model']; ?>" /></td> <td><input name="HostName" type="text" id="HostName" value="<?php echo $row_SearchByAssetNo['HostName']; ?>" /></td> <td><textarea name="EquipmentSpec" id="EquipmentSpec" cols="45" rows="3"><?php echo $row_SearchByAssetNo['EquipmentSpecifications']; ?></textarea></td> <td><input name="SerialNo" type="text" id="SerialNo" value="<?php echo $row_SearchByAssetNo['SerialNo']; ?>" readonly="readonly"/></td> <td><input name="AssetNo" type="text" id="AssetNo" value="<?php echo $row_SearchByAssetNo['AssetNo']; ?>" readonly="readonly" /></td> <td><input name="InvNo" type="text" id="InvNo" value="<?php echo $row_SearchByAssetNo['InvNo']; ?>" /></td> <td><input name="InvDate" type="text" id="InvDate" value="<?php echo $row_SearchByAssetNo['InvDate']; ?>" /></td> <td><input name="WO" type="text" id="WO" value="<?php echo $row_SearchByAssetNo['WorkOrder']; ?>" /></td> <td><input name="WODate" type="text" id="WODate" value="<?php echo $row_SearchByAssetNo['WorksOrderDate']; ?>" /></td> <td><input name="Supplier" type="text" id="Supplier" value="<?php echo $row_SearchByAssetNo['Supplier']; ?>" /></td> <td><input name="Cost" type="text" id="Cost" value="<?php echo $row_SearchByAssetNo['Cost']; ?>" /></td> <td><input name="DeliveryDate" type="text" id="DeliveryDate" value="<?php echo $row_SearchByAssetNo['DeliveryDate']; ?>" /></td> <td><input name="DeliveryStatus" type="text" id="DeliveryStatus" value="<?php echo $row_SearchByAssetNo['DeliveryStatus']; ?>" /></td> <td><input name="WarrantyExpiryDate" type="text" id="WarrantyExpiryDate" value="<?php echo $row_SearchByAssetNo['WarrantyExpiryDate']; ?>" /></td> <td><input name="WarrantyCoverage" type="text" id="WarrantyCoverage" value="<?php echo $row_SearchByAssetNo['WarrantyCoverage']; ?>" /></td> <td><input name="Mov" type="text" id="Mov" value="<?php echo $row_SearchByAssetNo['Movement']; ?>" /></td> <td><input name="BuNum" type="text" id="BuNum" value="<?php echo $row_SearchByAssetNo['NewBUAssetNo']; ?>" /></td> <td><input name="UpdatedBy" type="text" id="UpdatedBy" value="<?php echo $row_SearchByAssetNo['UpdatedBy']; ?>" /></td> <td><input name="UpdatedDate" type="text" id="UpdatedDate" value="<?php echo $row_SearchByAssetNo['UpdatedDate']; ?>" /></td> <td><input name="ReviewedBy" type="text" id="ReviewedBy" value="<?php echo $row_SearchByAssetNo['ReviewedBy']; ?>" /></td> <td><input name="ReviewedDate" type="text" id="ReviewedDate" value="<?php echo $row_SearchByAssetNo['ReviewedDate']; ?>" /></td> <td><input name="Remarks" type="text" id="Remarks" value="<?php echo $row_SearchByAssetNo['Remarks']; ?>" /></td> <td><input type="submit" name="Update" id="Update" value="Update" class="btn"/></td> </tr> <?php } while ($row_SearchByAssetNo = mysql_fetch_assoc($SearchByAssetNo)); ?> <?php } // Show if recordset not empty ?> </table> <input type="hidden" name="MM_update" value="SearchandUpdate" /> </form> </body> </html> <?php mysql_free_result($SearchBySerial); mysql_free_result($SearchByAssetNo); ?>

Thank you so much MadTechie. It worked...

Im very new to php and mysql databases. This logout script doesnt work, doesnt re-direct to the index.php page. Any help will be greatly appreciated. Thank you very much _____________________________________________________________________________________ <?php //initialize the session if (!isset($_SESSION)) { session_start(); } // ** Logout the current user. ** $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session varialbles $_SESSION['MM_Username'] = NULL; $_SESSION['MM_UserGroup'] = NULL; $_SESSION['PrevUrl'] = NULL; unset($_SESSION['MM_Username']); unset($_SESSION['MM_UserGroup']); unset($_SESSION['PrevUrl']); $logoutGoTo = "index.php"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } } ?> <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = "Administrator"; $MM_donotCheckaccess = "false"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && false) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "failed.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) $MM_referrer .= "?" . $QUERY_STRING; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>IT Inventory Database</title> <link rel="stylesheet" type="text/css" href="files/stylesheet/style.css"> </head> <body><h3>IT Inventory Database</h3> <table> <tr> <td><form id="create" name="create" method="post" action="files/create.php"> <input name="create" type="submit" class="mainbtn" id="create" value="Create New Record" /> </form> </td> <td><form id="view" name="view" method="post" action="files/ITDB.php"> <input name="view" type="submit" class="mainbtn" id="view" value="View IT Database" /> </form></td> </tr> <tr> <td><form id="deleterecord" name="deleterecord" method="post" action="files/DeleteITDB.php"> <input name="delete" type="submit" class="mainbtn" id="search2" value="Delete Record" /> </form></td> <td><form id="results" name="results" method="post" action="files/ITFAResults.php"> <input name="results" type="submit" class="mainbtn" id="search" value="IT and FA Reconciliation Result" /> </form></td> </tr> <tr> <td><form id="update" name="update" method="post" action="files/UpdateITDB.php"> <input name="update" type="submit" class="mainbtn" id="update" value="Update Record" /> </form></td> <td><form id="results" name="results" method="post" action="files/ITEPOResults.php"> <input name="results" type="submit" class="mainbtn" id="search" value="IT and EPO Reconciliation Result" /> </form></td> </tr> <tr> <td><form id="search" name="search" method="post" action="files/Search.php"> <input name="search" type="submit" class="mainbtn" id="search" value="Search Record" /> </form></td> <td><form id="ITEPOresults" name="ITEPOresults" method="post" action="#"> <input name="results" type="submit" class="mainbtn" id="search" value="-" /> </form></td> </tr> <tr> <td><form id="SearchandUpdate" name="SearchandUpdate" method="post" action="files/SearchandUpdate.php"> <input name="SearchandUpdate" type="submit" class="mainbtn" id="SearchandUpdate" value="Search and Update Record" /> </form></td> <td><form id="ITEPOresults" name="ITEPOresults" method="post" action="#"> <input name="results" type="submit" class="mainbtn" id="search" value="-" /> </form></td> </tr> <tr> <td colspan="2"><form name="form1" id="form1" method="post" action=""> <div align="center"> <form action="<?php echo $logoutAction ?>" method="post"><input type="submit" name="Submit" value="Logout" /> </form></td> </tr> </table> </body> </html>