jaybeeb Posted April 11, 2008 Share Posted April 11, 2008 I have a database displayed on a php page, beside each row is an edit symbol, when I click this edit symbol I want it to bring up a form with the details from the row I clicked on in the text boxes, which can be edited apart from the primary key (User_ID) From here I want to update details into whatever text boxes and save. So far I can get the form but it doesnt update and there are no values already in the boxes, and there is a warning above the form. Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\wamp\www\selectedit.php on line 24 Any help would be great as I am a beginner in PHP! <?php require_once 'library/db.php'; //require_once 'error.php'; if (!($conn = mysql_connect('localhost', 'root', ''))) { showError(); } if (!(mysql_select_db('itsupport', $conn))) { showError(); } $a = $_GET['User_ID']; if (!($result = mysql_query("select * from contacts where User_ID = '$a'", $conn))) { $conn = mysql_connect('localhost', 'root', '') OR DIE (mysql_error()); } $row = mysql_fetch_array($result); //<--------LINE 24 mysql_close($conn); ?> <html> <head> <title> </title> </head> <body> <p> Editing Details: <?php echo $row['User_Name']; ?> <p> <form action="saveedit.php" method="post"> <table border="0"> <tr> <td> User ID </td> <td> <?php echo $row['User_ID']; ?> <input type="hidden" name="User_ID" value = "<?php echo $row['User_ID']; ?>"> </td> </tr> <tr> <td> User Name </td> <td> <input type="text" name="User_Name" value = "<?php echo $row['User_Name']; ?>"> </td> </tr> <tr> <td> Problem </td> <td> <input type="integer" name="Problem" value = "<?php echo $row['Problem']; ?>"> </td> </tr> <tr> <td> User Email </td> <td> <input type="text" name="User_email" value = "<?php echo $row['User_email']; ?>"> </td> </tr> <tr> <td> Office Number </td> <td> <input type="integer" name="Office_Number" value = "<?php echo $row['Office_Number']; ?>"> </td> </tr> <tr> <td> Phone Number </td> <td> <input type="integer" name="Phone_Number" value = "<?php echo $row['Phone_Number']; ?>"> </td> </tr> <tr> </table> <input type="submit" value="Save"> </form> </body> </html> Quote Link to comment Share on other sites More sharing options...
conker87 Posted April 11, 2008 Share Posted April 11, 2008 Looks like $result isn't being set. Quote Link to comment Share on other sites More sharing options...
MiCR0 Posted April 11, 2008 Share Posted April 11, 2008 <?php require_once 'library/db.php'; //require_once 'error.php'; if (!($conn = mysql_connect('localhost', 'root', ''))) { showError(); } if (!(mysql_select_db('itsupport', $conn))) { showError(); } $a = $_GET['User_ID'];// unsafe $result = mysql_query("SELECT * FROM contacts WHERE User_ID='" . $a . "'"); $numrows = mysql_num_rows($result); if ($numrows == 1) { // yes it has data $row = mysql_fetch_assoc($result); }else{ $echo "error No data"; } mysql_close($conn); ?> Quote Link to comment Share on other sites More sharing options...
jaybeeb Posted April 11, 2008 Author Share Posted April 11, 2008 MiCRO - replaced that code with mine but it gives the same warning, just with assoc instead of array! , what makes that other line unsafe? Thanks, EDIT:Used all your code. Quote Link to comment Share on other sites More sharing options...
MiCR0 Posted April 11, 2008 Share Posted April 11, 2008 edited it Quote Link to comment Share on other sites More sharing options...
jaybeeb Posted April 11, 2008 Author Share Posted April 11, 2008 Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in C:\wamp\www\selectedit.php on line 27 Line 27 $echo "error No data"; EDIT: Tried it without the $ sign but got this warning Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\wamp\www\selectedit.php on line 21 error No data Line 21 $numrows = mysql_num_rows($result); Thanks, Quote Link to comment Share on other sites More sharing options...
MiCR0 Posted April 11, 2008 Share Posted April 11, 2008 <?php require_once 'library/db.php'; //require_once 'error.php'; if (!($conn = mysql_connect('localhost', 'root', ''))) { showError(); } if (!(mysql_select_db('itsupport', $conn))) { showError(); } $a = RemoveXSS(cleanValue($_GET['User_ID']));// safe $result = mysql_query("SELECT * FROM contacts WHERE User_ID='" . $a . "'"); $numrows = mysql_num_rows($result); if ($numrows == 1) { // yes it has data $row = mysql_fetch_assoc($result); }else{ showError(); } mysql_close($conn); function RemoveXSS($val) { $val = preg_replace('/([\x00-\x08][\x0b-\x0c][\x0e-\x20])/', '', $val); $search = 'abcdefghijklmnopqrstuvwxyz'; $search .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; $search .= '1234567890!@#$%^&*()'; $search .= '~`";:?+/={}[]-_|\'\\'; for ($i = 0; $i < strlen($search); $i++) { $val = preg_replace('/(&#[xX]0{0,8}'.dechex(ord($search[$i])).';?)/i', $search[$i], $val); $val = preg_replace('/(�{0,8}'.ord($search[$i]).';?)/', $search[$i], $val); } $ra1 = Array('javascript', 'vbscript', 'expression', 'applet', 'meta', 'xml', 'blink', 'link', 'style', 'script', 'embed', 'object', 'iframe', 'frame', 'frameset', 'ilayer', 'layer', 'bgsound', 'title', 'base'); $ra2 = Array('onabort', 'onactivate', 'onafterprint', 'onafterupdate', 'onbeforeactivate', 'onbeforecopy', 'onbeforecut', 'onbeforedeactivate', 'onbeforeeditfocus', 'onbeforepaste', 'onbeforeprint', 'onbeforeunload', 'onbeforeupdate', 'onblur', 'onbounce', 'oncellchange', 'onchange', 'onclick', 'oncontextmenu', 'oncontrolselect', 'oncopy', 'oncut', 'ondataavailable', 'ondatasetchanged', 'ondatasetcomplete', 'ondblclick', 'ondeactivate', 'ondrag', 'ondragend', 'ondragenter', 'ondragleave', 'ondragover', 'ondragstart', 'ondrop', 'onerror', 'onerrorupdate', 'onfilterchange', 'onfinish', 'onfocus', 'onfocusin', 'onfocusout', 'onhelp', 'onkeydown', 'onkeypress', 'onkeyup', 'onlayoutcomplete', 'onload', 'onlosecapture', 'onmousedown', 'onmouseenter', 'onmouseleave', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onmove', 'onmoveend', 'onmovestart', 'onpaste', 'onpropertychange', 'onreadystatechange', 'onreset', 'onresize', 'onresizeend', 'onresizestart', 'onrowenter', 'onrowexit', 'onrowsdelete', 'onrowsinserted', 'onscroll', 'onselect', 'onselectionchange', 'onselectstart', 'onstart', 'onstop', 'onsubmit', 'onunload'); $ra = array_merge($ra1, $ra2); $found = true; while ($found == true) { $val_before = $val; for ($i = 0; $i < sizeof($ra); $i++) { $pattern = '/'; for ($j = 0; $j < strlen($ra[$i]); $j++) { if ($j > 0) { $pattern .= '('; $pattern .= '(&#[xX]0{0,8}([9ab])'; $pattern .= '|'; $pattern .= '|(�{0,8}([9|10|13])'; $pattern .= ')*'; } $pattern .= $ra[$i][$j]; } $pattern .= '/i'; $replacement = substr($ra[$i], 0, 2).'<x>'.substr($ra[$i], 2); $val = preg_replace($pattern, $replacement, $val); if ($val_before == $val) { $found = false; } } } return $val; } function cleanValue($_value) { $_value = stripslashes(strip_tags($_value)); $_value = str_replace(array('delete', 'DELETE', 'rm -', ' ', '!', '|', '?', '&', '=', '-', '`', "'", '"', '\\\\', '\\', '//', '/', ',', ';', ':', '*', '>', '<' ), '', $_value); return trim($_value); } ?> Quote Link to comment Share on other sites More sharing options...
jaybeeb Posted April 11, 2008 Author Share Posted April 11, 2008 Wow, dont know what you just posted there, way over my head. but it still doesnt display the text from the rows in the form, or update and I get about 20 warnings of Warning: preg_replace() [function.preg-replace]: Compilation failed: missing ) at offset 379 in C:\wamp\www\selectedit.php on line 72 and 1 of this Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\wamp\www\selectedit.php on line 21 Quote Link to comment Share on other sites More sharing options...
MiCR0 Posted April 11, 2008 Share Posted April 11, 2008 lol ok this is very odd post your php version and small database export and mysql version Quote Link to comment Share on other sites More sharing options...
jaybeeb Posted April 11, 2008 Author Share Posted April 11, 2008 lol ok this is very odd post your php version and small database export and mysql version I use MYSQL GUI 1.2.12 how do I find out my PHP version and small database export? Thanks Quote Link to comment Share on other sites More sharing options...
MiCR0 Posted April 11, 2008 Share Posted April 11, 2008 You really should be using a development system so you have full control of everything. <?php // get php info echo phpinfo(); ?> phpmyadmin is a nice GUI for access to the database where you can export/edit data very easy. I recommend the all in one package apachefriends http://www.apachefriends.org/en/xampp.html for development of php Quote Link to comment Share on other sites More sharing options...
jaybeeb Posted April 11, 2008 Author Share Posted April 11, 2008 You really should be using a development system so you have full control of everything. <?php // get php info echo phpinfo(); ?> phpmyadmin is a nice GUI for access to the database where you can export/edit data very easy. I recommend the all in one package apachefriends http://www.apachefriends.org/en/xampp.html for development of php PHP Version 5.2.5 I have only just started using PHP in college so not doing anything major yet, I use wamp server, should I get xampp instead of this? Quote Link to comment Share on other sites More sharing options...
MiCR0 Posted April 11, 2008 Share Posted April 11, 2008 I personal like xampp better however using wamp is fine. I am going to take a guess here and say you not set up your database right. You need to get into phpmyadmin (wamp should have this ) and set it up that way from there you can export your database as well as easy edit anything you like Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.