Spamless Posted July 1, 2008 Share Posted July 1, 2008 I need to be rescued. Fortunately I don't think it will take much effort to solve -- well one of my problems. I'm having a lot of trouble trying to create a form to allow a single end user to update information in my MySQL database. I successfully created a form to enter data into MySQL. I've also been successful in creating a LogIn form that opens the door for a single user to update the information in the MySQL database. It calls on the php script below. But when I get to the form that actually updates the database I run into strange problems. It presents the end user with the data for that single user only, and does it correctly. That's fine. However, the data that the end user enters into the form fields is not being used by my PHP code to update the MySQL database. I've added comments where the script is working properly (sort of) and where it is not and what it is doing. I've tried to make it work many ways with no luck. In this script I've included 3 fields "First Name", "Last Name", and "Date of Birth" and used each to demonstrate the different PHP approached I've used. I hope it's not too confusing. And I hope your team can solve my problem. I would really appreciate it. Thanks in advance. <?php mysql_connect("XXX", "XXX", "XXX") or die(mysql_error()); mysql_select_db("XXX") or die(mysql_error()); session_start(); $errorMessage = ''; if (isset($_POST['p_phone']) && isset($_POST['p_pin'])) { $userId = $_POST['p_phone']; $password = $_POST['p_pin']; // check if the user id and password combination exist in database $sql = "SELECT * FROM p_DEMO_TABLE WHERE p_phone = '$userId' AND p_pin = '$password'"; $result = mysql_query($sql) or die('Query failed. ' . mysql_error()); if (mysql_num_rows($result) == 1) { // the user id and password match, // set the session $_SESSION['db_is_logged_in'] = true; // After login it proceeds to the UPDATE FORM below. So far there are no problems. //XXXXXXXXX-START UPDATE FORM -XXXXXXXX echo "<FORM ACTION='Call_4_HELP-c.php' METHOD='POST'> "; // FIRST EXAMPLE WITH COMMENTS echo "<FONT face='Arial' size='3'>Enter the information you want to update.</font><p> "; echo "<FONT face='Arial' size='2'>First Name:</font><br> "; echo "<input type='text' size='36' maxlength='34' name='ud_p_first_name' VALUE= " ; $query = "SELECT p_first_name FROM p_DEMO_TABLE WHERE p_phone = '$userId' AND p_pin = '$password'"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_array($result) or die(mysql_error()); echo $row["p_first_name"]; echo " ></font>"; echo "<FONT face='Arial' size='1' color=blue><br>On SUBMIT: This PHP Code always enters \"ud_p_first_name\" into the database. Not the information the end user enters in the \"First Name\" field!</font> "; echo " <P> <P> "; // This returns the existing database information into the "First Name" field. That much works. // But on SUBMIT -- This PHP Code always enters "ud_p_first_name" into the database. // NOT THE INFORMATION THAT THE END USER ENTERS INTO THE FIRST NAME FIELD! // SO THE INFORMATION THAT THE END USER IS ENTERING IN THE FORM'S TEXT BOX IS NOT BEING USED. $_p_first_name = 'ud_p_first_name'; // This almost works. At least it enters data into the database. mysql_query ("UPDATE p_DEMO_TABLE SET p_first_name = '$_p_first_name' WHERE p_phone = '$userId' AND p_pin = '$password' "); // SECOND EXAMPLE WITH COMMENTS echo "<FONT face='Arial' size='2'>Last Name:</font></br> "; echo "<input type='text' size='36' maxlength='34' name='ud_p_last_name' VALUE= " ; $query = "SELECT p_last_name FROM p_DEMO_TABLE WHERE p_phone = '$userId' AND p_pin = '$password'"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_array($result) or die(mysql_error()); echo $row["p_last_name"]; echo " ></font>"; echo "<FONT face='Arial' size='1' color=blue><br>On SUBMIT: This PHP Code <U>does not change the existing database at all</U>, regardless of the information that is entered into the \"Last Name\" field.</font> "; echo " <P> <P> "; // This returns the existing database information into the "Last Name" field. That much works. // But on SUBMIT -- This PHP Code does not change the existing database at all, regardless of the information that is entered into the "Last Name" field. mysql_query ("UPDATE p_DEMO_TABLE SET p_last_name = ". $_POST['ud_p_last_name' ] . " WHERE p_phone = '$userId' AND p_pin = '$password' "); // THIRD EXAMPLE WITH COMMENTS echo "<FONT face='Arial' size='2'>Year of Birth:</font></br> "; echo "<input type='text' size='36' maxlength='34' name='ud_p_year_of_birth' VALUE= " ; $query = "SELECT p_year_of_birth FROM p_DEMO_TABLE WHERE p_phone = '$userId' AND p_pin = '$password'"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_array($result) or die(mysql_error()); echo $row["p_year_of_birth"]; echo " ></font>"; echo "<FONT face='Arial' size='1' color=blue><br>On SUBMIT: This PHP Code <U>ERASES THE CONTENTS</U> of the database by entering \"BLANK - NOTHING\" into the database.</font> "; echo " <P> <P> "; // This returns the existing database information into the "Year of Birth" field. That much works. // But on SUBMIT -- This PHP Code ERASES THE CONTENTS of the database by entering "BLANK - NOTHING" into the database. $_p_year_of_birth = $_POST['ud_p_year_of_birth']; mysql_query ("UPDATE p_DEMO_TABLE SET p_year_of_birth = '$_p_year_of_birth' WHERE p_phone = '$userId' AND p_pin = '$password' "); echo "<input type=submit name=Submit value='Update This Info Now' align=middle> "; echo "<P> </form> "; //XXXXXXXXX-END UPDATE FORM -XXXXXXXX echo "<FONT face='Arial' size='2' color=RED><B>CONCLUSION: THE INFORMATION THAT THE END USER ENTERS IN THE FORM'S TEXT BOXES/FIELDS IS NOT BEING USED TO UPDATE MySQL.</B></font> "; // There must be a simple solution for this, but I have not found it yet. // Does anyone have any ideas or can provide a solid fix to the problem? // Thanks in advance. } exit; } ?> (edited by kenrbnsn to add tags) Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 1, 2008 Share Posted July 1, 2008 this probably isn't the problem but you should always do this anyways Wrong: echo "<input type=submit name=Submit value='Update This Info Now' align=middle> "; Right: echo "<input type='submit' name='Submit' value='Update This Info Now' align=middle> "; Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 1, 2008 Share Posted July 1, 2008 echo $row["p_first_name"]; echo " ></font>"; echo "<FONT face='Arial' size='1' color=blue> On SUBMIT: This PHP Code always enters \"ud_p_first_name\" into the database. Not the information the end user enters in the \"First Name\" field!</font> "; echo " <P> <P> "; above code is wrong: $row["p_first_name"]; should be: $row[0]; the while loops that fetches the results from the query throws the values into an array it doesn't act like the $_POST variable so the "['p_first_name']" makes it go uhh.... it should always be $row[0] for the first "column" $row[1] for the second and ect.. Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 1, 2008 Share Posted July 1, 2008 this input holds* NO value echo "<input type='text' size='36' maxlength='34' name='ud_p_first_name' VALUE= " ; Quote Link to comment Share on other sites More sharing options...
revraz Posted July 1, 2008 Share Posted July 1, 2008 mysql_fetch_array defaults to MYSQL_BOTH if not specified, so both $row[0] and $row["p_first_name"] would be valid (assuming the field name is p_first_name). Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 1, 2008 Share Posted July 1, 2008 really? by field name i'm assuming its the name of the column? Quote Link to comment Share on other sites More sharing options...
revraz Posted July 1, 2008 Share Posted July 1, 2008 Yes, in the DB. It's an ASSOC value. Quote Link to comment Share on other sites More sharing options...
Spamless Posted July 1, 2008 Author Share Posted July 1, 2008 Thanks for your quick reply everyone. If I do as ag3nt42 suggested: echo "<input type='submit' name='Submit' value='Update This Info Now' align=middle> "; I can't name all the fields 'Submit' and if I use value='Update This Info Now' I won't be able to show the existing value in the database. Correct? That's why I used in the "value= echo "$row['p_first_name']"; I took the advice of ag3nt42 and put in $row[0] But I still do not see any change in the database. I think ag3nt is right when saying "this input holds* NO value" echo "<input type='text' size='36' maxlength='34' name='ud_p_first_name' VALUE= " ; That is most likely the problem. So how do you get it to contain the value that the end user types into the text field? And yes, 'p_first_name' and 'p_last_name' and 'p_date_of_birth' are the fields in the database. at one time I used them in place of 'ud_p_first_name' but that did not solve the problem of vanishing form field values. What do you guys think? It's far from resolved. Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 1, 2008 Share Posted July 1, 2008 i looked through the code and fixed what I found.. look at the differences and make sure its doing what I think you want it to <?php session_start(); //*CONNECT*// mysql_connect("XXX", "XXX", "XXX") or die(mysql_error()); mysql_select_db("XXX") or die(mysql_error()); $errorMessage = ''; if (isset($_POST['p_phone']) && isset($_POST['p_pin'])) { $userId = $_POST['p_phone']; $password = $_POST['p_pin']; // check if the user id and password combination exist in database $sql = "SELECT * FROM [p_DEMO_TABLE] WHERE p_phone='$userId' AND p_pin='$password'"; $result= mysql_query($sql)or die('Query failed. ' . mysql_error()); if (mysql_num_rows($result) == 1) { // the user id and password match, // set the session $_SESSION['db_is_logged_in'] = true; //XXXXXXXXX-START UPDATE FORM -XXXXXXXX echo ("<FORM ACTION='Call_4_HELP-c.php' METHOD='POST'>"); // FIRST EXAMPLE WITH COMMENTS echo ("<FONT face='Arial' size='3'>Enter the information you want to update.</font><p> "); echo ("<FONT face='Arial' size='2'>First Name:</font>"; echo ("<input type='text' size='36' maxlength='34' name='ud_p_first_name' VALUE='' />"); $query="SELECT [p_first_name] FROM [p_DEMO_TABLE] WHERE p_phone='$userId' AND p_pin='$password'"; $result=mysql_query($query)or die(mysql_error()); $row=mysql_fetch_array($result)or die(mysql_error()); echo ($row[0]); echo ("<FONT face='Arial' size='1' color=blue>"); echo ("<P> <P> "); // This returns the existing database information into the "First Name" field. That much works. // But on SUBMIT -- This PHP Code always enters "ud_p_first_name" into the database. // NOT THE INFORMATION THAT THE END USER ENTERS INTO THE FIRST NAME FIELD! // SO THE INFORMATION THAT THE END USER IS ENTERING IN THE FORM'S TEXT BOX IS NOT BEING USED. if(!($_POST['ud_p_first_name'])){$_p_first_name='';}else{$_p_first_name=$_POST['ud_p_first_name'];} if(mysql_query("UPDATE [p_DEMO_TABLE] SET p_first_name='".$_p_first_name."' WHERE p_phone='".$userId."' AND p_pin='".$password."'")); { echo(''); //SUCCESS } else { echo('FAILED!'.mysql_error()); //FAILED } echo (" ></font>"); // SECOND EXAMPLE WITH COMMENTS echo ("<FONT face='Arial' size='2'>Last Name:</font></br>"); echo ("<input type='text' size='36' maxlength='34' name='ud_p_last_name' VALUE='' "); $query="SELECT [p_last_name] FROM [p_DEMO_TABLE] WHERE p_phone='".$userId."' AND p_pin='".$password."'"; $result=mysql_query($query)or die(mysql_error()); $row = mysql_fetch_array($result)or die(mysql_error()); echo ($row[0]); echo (" ></font>"); echo ("<FONT face='Arial' size='1' color=blue>On SUBMIT: This PHP Code <U>does not change the existing database at all</U>, regardless of the information that is entered into the \"Last Name\" field.</font>"); echo (" <P> <P>"); // This returns the existing database information into the "Last Name" field. That much works. // But on SUBMIT -- This PHP Code does not change the existing database at all, regardless of the information that is entered into the "Last Name" field. if(!(isset($_POST['ud_p_last_name']))){$ud_p_last_name='';}else{$ud_p_last_name=$_POST['ud_p_last_name'];} if(mysql_query("UPDATE [p_DEMO_TABLE SET] p_last_name='".$ud_p_last_name."' WHERE p_phone='".$userId."' AND p_pin='".$password."' ")) { echo(''); //SUCCESS } else { echo('FAILED!'.mysql_error()); //FAILED } // THIRD EXAMPLE WITH COMMENTS echo ("<FONT face='Arial' size='2'>Year of Birth:</font></br> "); echo ("<input type='text' size='36' maxlength='34' name='ud_p_year_of_birth' VALUE='' "); $query="SELECT [p_year_of_birth] FROM [p_DEMO_TABLE] WHERE p_phone='".$userId."' AND p_pin='".$password."'"; $result=mysql_query($query)or die(mysql_error()); $row=mysql_fetch_array($result)or die(mysql_error()); echo ($row[0]); echo (" ></font>"); echo ("<FONT face='Arial' size='1' color=blue>On SUBMIT: This PHP Code <U>ERASES THE CONTENTS</U> of the database by entering \"BLANK - NOTHING\" into the database.</font>"); echo ("<P> <P>"); // This returns the existing database information into the "Year of Birth" field. That much works. // But on SUBMIT -- This PHP Code ERASES THE CONTENTS of the database by entering "BLANK - NOTHING" into the database. if(!(isset($_POST['ud_p_year_of_birth']))){$_p_year_of_birth='';}else{$_p_year_of_birth=$_POST['ud_p_year_of_birth']; if(mysql_query("UPDATE [p_DEMO_TABLE SET] p_year_of_birth='".$."' WHERE p_phone='".$userId."' AND p_pin='".$password".'")); { echo(''); //SUCCESS } else { echo('FAILED!'.mysql_error()); //FAILED } echo ("<input type='submit' name='Submit value='Update This Info Now' align=middle>"); echo ("<P> </form>"); //XXXXXXXXX-END UPDATE FORM -XXXXXXXX echo ("<FONT face='Arial' size='2' color='RED'><B>CONCLUSION: THE INFORMATION THAT THE END USER ENTERS IN THE FORM'S TEXT BOXES/FIELDS IS NOT BEING USED TO UPDATE MySQL.</B></font>"); // There must be a simple solution for this, but I have not found it yet. // Does anyone have any ideas or can provide a solid fix to the problem? // Thanks in advance. } else { exit; } ?> Quote Link to comment Share on other sites More sharing options...
Spamless Posted July 2, 2008 Author Share Posted July 2, 2008 ag3nt42, Thanks for the attention you are giving this problem. Your script started working after I deleted the if statement: //if(mysql_query("UPDATE [p_DEMO_TABLE] SET p_first_name='".$_p_first_name."' WHERE //patient_phone='".$userId."' AND p_pin='".$password."'")); // { // echo(""); //SUCCESS // } //else // { // echo('FAILED!'.mysql_error()); //FAILED // } And replaced it with: mysql_query("UPDATE [p_DEMO_TABLE] SET p_first_name='".$_p_first_name."' WHERE patient_phone='".$userId."' AND p_pin='".$password."'"); However, the input field appears empty when it should feature the existing database data, and is followed by this error message: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '[p_first_name] FROM [p_DEMO_TABLE] WHERE patient_phone='5555556505' AND p_pin=' at line 1 What do you suggest? Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 2, 2008 Share Posted July 2, 2008 do you want the "Input field" to hold the value of whats already in the database? you might have to pull out the brackets.. that may just be something used in mssql... I never had to use brackets before when I used a MYsql database.. but at my current job they force me to use a MSsql database and in order to talk to their other programs tables I have to use brackets... so for you it may not be needed and in fact could be making it error. so try pulling those out try doing this with the SQL statement: this way you know whether or not it went through to the database correctly. $SQL="UPDATE p_DEMO_TABLE SET p_first_name='".$_p_first_name."' WHERE patient_phone='".$userId."' AND p_pin='".$password."'"; if(mysql_query($SQL)); { echo(""); //SUCCESS } else { echo('FAILED!'.mysql_error()); //FAILED } Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 2, 2008 Share Posted July 2, 2008 in order to get the INPUT field to hold the value thats "ALREADY" in the database just plug in the php variable in the value='' spot ex: <input type='text' name='TheName' value='".$VALUE."' /> Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 3, 2008 Share Posted July 3, 2008 so i decided to start testing this on my server the code I post earlier had a cpl syntax errors ..(dumb mistakes) I believe I have fixed them all so here is the new code with fixes <?php session_start(); //*CONNECT*// mysql_connect("xxx", "xxx", "xxxx") or die(mysql_error()); mysql_select_db("xxx") or die(mysql_error()); $errorMessage = ''; if (isset($_POST['p_phone']) && isset($_POST['p_pin'])) { $userId = $_POST['p_phone']; $password = $_POST['p_pin']; // check if the user id and password combination exist in database $sql = "SELECT * FROM [p_DEMO_TABLE] WHERE p_phone='$userId' AND p_pin='$password'"; $result= mysql_query($sql)or die('Query failed. ' . mysql_error()); if (mysql_num_rows($result) == 1) { // the user id and password match, // set the session $_SESSION['db_is_logged_in'] = true; //XXXXXXXXX-START UPDATE FORM -XXXXXXXX echo ("<FORM ACTION='Call_4_HELP-c.php' METHOD='POST'>"); // FIRST EXAMPLE WITH COMMENTS echo ("<FONT face='Arial' size='3'>Enter the information you want to update.</font><p> "); echo ("<FONT face='Arial' size='2'>First Name:</font>"); echo ("<input type='text' size='36' maxlength='34' name='ud_p_first_name' VALUE='' />"); $query="SELECT [p_first_name] FROM [p_DEMO_TABLE] WHERE p_phone='$userId' AND p_pin='$password'"; $result=mysql_query($query)or die(mysql_error()); $row=mysql_fetch_array($result)or die(mysql_error()); echo ($row[0]); echo ("<FONT face='Arial' size='1' color=blue>"); echo ("<P> <P> "); // This returns the existing database information into the "First Name" field. That much works. // But on SUBMIT -- This PHP Code always enters "ud_p_first_name" into the database. // NOT THE INFORMATION THAT THE END USER ENTERS INTO THE FIRST NAME FIELD! // SO THE INFORMATION THAT THE END USER IS ENTERING IN THE FORM'S TEXT BOX IS NOT BEING USED. if(!($_POST['ud_p_first_name'])){$_p_first_name='';}else{$_p_first_name=$_POST['ud_p_first_name'];} $FirstSQL="UPDATE p_demo_table SET p_first_name='".$_p_first_name."' WHERE p_phone='".$userId."' AND p_pin='".$password."'"; if(mysql_query($FirstSQL)) { echo(''); //SUCCESS } else { echo('FAILED!'.mysql_error()); //FAILED } echo (" ></font>"); // SECOND EXAMPLE WITH COMMENTS echo ("<FONT face='Arial' size='2'>Last Name:</font></br>"); echo ("<input type='text' size='36' maxlength='34' name='ud_p_last_name' VALUE='' "); $query="SELECT [p_last_name] FROM [p_DEMO_TABLE] WHERE p_phone='".$userId."' AND p_pin='".$password."'"; $result=mysql_query($query)or die(mysql_error()); $row = mysql_fetch_array($result)or die(mysql_error()); echo ($row[0]); echo (" ></font>"); echo ("<FONT face='Arial' size='1' color=blue>On SUBMIT: This PHP Code <U>does not change the existing database at all</U>, regardless of the information that is entered into the \"Last Name\" field.</font>"); echo (" <P> <P>"); // This returns the existing database information into the "Last Name" field. That much works. // But on SUBMIT -- This PHP Code does not change the existing database at all, regardless of the information that is entered into the "Last Name" field. if(!(isset($_POST['ud_p_last_name']))){$ud_p_last_name='';}else{$ud_p_last_name=$_POST['ud_p_last_name'];} if(mysql_query("UPDATE [p_DEMO_TABLE SET] p_last_name='".$ud_p_last_name."' WHERE p_phone='".$userId."' AND p_pin='".$password."' ")) { echo(''); //SUCCESS } else { echo('FAILED!'.mysql_error()); //FAILED } // THIRD EXAMPLE WITH COMMENTS echo ("<FONT face='Arial' size='2'>Year of Birth:</font></br> "); echo ("<input type='text' size='36' maxlength='34' name='ud_p_year_of_birth' VALUE='' "); $query="SELECT [p_year_of_birth] FROM [p_DEMO_TABLE] WHERE p_phone='".$userId."' AND p_pin='".$password."'"; $result=mysql_query($query)or die(mysql_error()); $row=mysql_fetch_array($result)or die(mysql_error()); echo ($row[0]); echo (" ></font>"); echo ("<FONT face='Arial' size='1' color=blue>On SUBMIT: This PHP Code <U>ERASES THE CONTENTS</U> of the database by entering \"BLANK - NOTHING\" into the database.</font>"); echo ("<P> <P>"); // This returns the existing database information into the "Year of Birth" field. That much works. // But on SUBMIT -- This PHP Code ERASES THE CONTENTS of the database by entering "BLANK - NOTHING" into the database. if(!(isset($_POST['ud_p_year_of_birth']))){$p_year_of_birth='';}else{$p_year_of_birth=$_POST['ud_p_year_of_birth'];} $birthSQL="UPDATE p_demo_table SET p_year_of_birth='".$p_year_of_birth."' WHERE p_phone='".$userId."' AND p_pin='".$password."'"; if(mysql_query($birthSQL)) { echo(''); //SUCCESS } else { echo('FAILED!'.mysql_error()); //FAILED } echo ("<input type='submit' name='Submit value='Update This Info Now' align=middle>"); echo ("<P> </form>"); //XXXXXXXXX-END UPDATE FORM -XXXXXXXX echo ("<FONT face='Arial' size='2' color='RED'><B>CONCLUSION: THE INFORMATION THAT THE END USER ENTERS IN THE FORM'S TEXT BOXES/FIELDS IS NOT BEING USED TO UPDATE mysql.</B></font>"); // There must be a simple solution for this, but I have not found it yet. // Does anyone have any ideas or can provide a solid fix to the problem? // Thanks in advance. } } ?> Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 3, 2008 Share Posted July 3, 2008 phew... ok this script is tested (WITH A DATABASE) working almost flawlessly.. only problem i see now is that since we are posting to the same page we are retrieving data and storing it in our inputs... the text inputs are not refreshed with the information in the database.. in order to fix this problem we need to setup the pages so that we post the information to a seperate page and simply redirect the users back to this page... now the text inputs will hold the most current information in the database aka. the information we just changed name,lastname,year of birth... THE SCRIPT: Call_4_HELP-c.php: <?php session_start(); //*CONNECT*// mysql_connect("xxx", "xxx", "xxx") or die(mysql_error()); mysql_select_db("xxx") or die(mysql_error()); $errorMessage = ''; if (isset($_POST['p_phone']) && isset($_POST['p_pin'])) { $userId = $_POST['p_phone']; $password = $_POST['p_pin']; // check if the user id and password combination exist in database $sql = "SELECT * FROM [p_DEMO_TABLE] WHERE p_phone='$userId' AND p_pin='$password'"; $result= mysql_query($sql)or die('Query failed. ' . mysql_error()); if (mysql_num_rows($result) == 1) { // the user id and password match, // set the session $_SESSION['db_is_logged_in'] = true; //XXXXXXXXX-START UPDATE FORM -XXXXXXXX echo ("<FORM ACTION='Call_4_HELP-c.php' METHOD='POST'>"); // FIRST EXAMPLE WITH COMMENTS // RETRIEVE DATABASE FIRST NAME $query="SELECT [p_first_name] FROM [p_DEMO_TABLE] WHERE p_phone='$userId' AND p_pin='$password'"; $result=mysql_query($query)or die(mysql_error()); $row=mysql_fetch_array($result)or die(mysql_error()); //DISPLAY FIRST NAME INPUT echo ("<FONT face='Arial' size='3'>Enter the information you want to update.</font><p> "); echo ("<FONT face='Arial' size='2'>First Name:</font><br />"); echo ("<input type='text' size='36' maxlength='34' name='ud_p_first_name' VALUE='".$row[0]."' /><br /><br />"); //UPDATE FIRST NAME if(!(isset($_POST['ud_p_first_name']))){$_p_first_name='';}else{$_p_first_name=$_POST['ud_p_first_name'];} $FirstSQL="UPDATE p_demo_table SET p_first_name='".$_p_first_name."' WHERE p_phone='".$userId."' AND p_pin='".$password."'"; if(isset($_POST['ud_p_first_name'])) { if(mysql_query($FirstSQL)) { echo('<br /><br /><font color="green">SUCCESS</font><br /><br />'); //SUCCESS } else { echo('FAILED!'.mysql_error()); //FAILED } } // SECOND EXAMPLE WITH COMMENTS //RETRIEVE DATABASE LAST NAME $query="SELECT p_last_name FROM p_demo_table WHERE p_phone='".$userId."' AND p_pin='".$password."'"; $result=mysql_query($query)or die(mysql_error()); $row = mysql_fetch_array($result)or die(mysql_error()); //DISPLAY LAST NAME INPUT echo ("<FONT face='Arial' size='2'>Last Name:</font></br>"); echo ("<input type='text' size='36' maxlength='34' name='ud_p_last_name' VALUE='".$row[0]."' /><br /><br />"); //UPDATE LAST NAME if(!(isset($_POST['ud_p_last_name']))){$ud_p_last_name='';}else{$ud_p_last_name=$_POST['ud_p_last_name'];} $LastSQL="UPDATE p_demo_table SET p_last_name='".$ud_p_last_name."' WHERE p_phone='".$userId."' AND p_pin='".$password."'"; if(isset($_POST['ud_p_last_name'])) { if(mysql_query($LastSQL)) { echo('<br /><br /><font color="green">SUCCESS</font><br /><br />'); //SUCCESS } else { echo('FAILED!'.mysql_error()); //FAILED } } // THIRD EXAMPLE WITH COMMENTS //RETRIEVE DATABASE YEAR OF BIRTH $query="SELECT [p_year_of_birth] FROM [p_DEMO_TABLE] WHERE p_phone='".$userId."' AND p_pin='".$password."'"; $result=mysql_query($query)or die(mysql_error()); $row=mysql_fetch_array($result)or die(mysql_error()); //DISPLAY BIRTH INPUT echo ("<FONT face='Arial' size='2'>Year of Birth:</font></br> "); echo ("<input type='text' size='36' maxlength='34' name='ud_p_year_of_birth' VALUE='".$row[0]."' /><br /><br />"); //UPDATE BIRTH YEAR if(!(isset($_POST['ud_p_year_of_birth']))){$p_year_of_birth='';}else{$p_year_of_birth=$_POST['ud_p_year_of_birth'];} $birthSQL="UPDATE p_demo_table SET p_year_of_birth='".$p_year_of_birth."' WHERE p_phone='".$userId."' AND p_pin='".$password."'"; if(isset($_POST['ud_p_year_of_birth'])) { if(mysql_query($birthSQL)) { echo('<br /><br /><font color="green">SUCCESS</font><br /><br />'); //SUCCESS } else { echo('FAILED!'.mysql_error()); //FAILED } } //WE MUST CARRY OVER p_phone and p_pin or our queries won't run.. //Because they are inside the IF statement checking for them. echo(" <input type='hidden' name='p_phone' value='".$userId."' /> <input type='hidden' name='p_pin' value='".$password."' /> "); //END FORM echo ("<input type='submit' value='Submit' title='Update This Info Now' align=middle>"); echo ("<P> </form>"); //XXXXXXXXX-END UPDATE FORM -XXXXXXXX echo ("<FONT face='Arial' size='2' color='RED'><B>CONCLUSION: THE INFORMATION THAT THE END USER ENTERS IN THE FORM'S TEXT BOXES/FIELDS IS NOT BEING USED TO UPDATE mysql.</B></font>"); } } ?> Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 7, 2008 Share Posted July 7, 2008 ok... here is the whole shabang... firstfile (form.php) <html> <body> <form action='inputs.php' method='post'> <input type='text' name='p_phone' value='' /> <br /> <input type='text' name='p_pin' value='' /> <br /> <input type='submit' value='LetsGo' /> </form> Second file (inputs.php) <?php session_start(); //*CONNECT*// mysql_connect('xxx', "xxx", "xxx") or die(mysql_error()); mysql_select_db("xxx") or die(mysql_error()); if(!(isset($_SESSION['userid']))){$_POST['p_phone']=$_POST['p_phone'];}else{$_POST['p_phone']=$_SESSION['userid'];} if(!(isset($_SESSION['pass']))){$_POST['p_pin']=$_POST['p_pin'];}else{$_POST['p_pin']=$_SESSION['pass'];} if (isset($_POST['p_phone']) && isset($_POST['p_pin'])) { $userId = $_POST['p_phone']; $password = $_POST['p_pin']; //* HARVEST DATABASE INFO *// //Login INFO $SQL="SELECT * FROM p_demo_table WHERE p_phone='".$userId."' AND p_pin='".$password."'"; $Loginresult=mysql_query($SQL)or die(mysql_error()); //FirstName $Firstquery="SELECT p_first_name FROM p_demo_table WHERE p_phone='".$userId."' AND p_pin='".$password."'"; $Firstresult=mysql_query($Firstquery)or die(mysql_error()); $Firstrow=mysql_fetch_array($Firstresult)or die(mysql_error()); //LastName $Lastquery="SELECT p_last_name FROM p_demo_table WHERE p_phone='".$userId."' AND p_pin='".$password."'"; $Lastresult=mysql_query($Lastquery)or die(mysql_error()); $Lastrow = mysql_fetch_array($Lastresult)or die(mysql_error()); //YearBirth $Yearquery="SELECT [p_year_of_birth] FROM [p_DEMO_TABLE] WHERE p_phone='".$userId."' AND p_pin='".$password."'"; $Yearresult=mysql_query($Yearquery)or die(mysql_error()); $Yearrow=mysql_fetch_array($Yearresult)or die(mysql_error()); if (mysql_num_rows($Loginresult) == 1) { $_SESSION['db_is_logged_in'] = true; //* DISPLAY FORM *// echo(" <form action='Call_4_HELP-c.php' method='post'> <table> <tr> <td> First Name:<br /> <input type='text' name='ud_p_first_name' value='".$Firstrow[0]."' /> </td> </tr> <tr> <td> Last Name:<br /> <input type='text' name='ud_p_last_name' value='".$Lastrow[0]."' /> </td> </tr> <tr> <td> Year Of Birth:<br /> <input type='text' name='ud_p_year_of_birth' value='".$Yearrow[0]."' /> </td> </tr> <tr> <td><input type='submit' value='Submit' /></td> </tr> </table> "); //WE MUST CARRY OVER p_phone and p_pin or our queries won't run.. //Because they are inside the IF statement checking for them. echo(" <input type='hidden' name='p_phone' value='".$userId."' /> <input type='hidden' name='p_pin' value='".$password."' /> </form> "); } else { echo('error!'); } } else { echo('error!'); } ?> and the third file (Call_4_HELP-c.php) <?php session_start(); //SUCCESS VS FAIL// $Success=0; $Fail=0; //*CONNECT*// mysql_connect("xxx", "xxx", "xxx") or die(mysql_error()); mysql_select_db("xxx") or die(mysql_error()); $errorMessage = ''; if (isset($_POST['p_phone']) && isset($_POST['p_pin'])) { $userId = $_POST['p_phone']; $password = $_POST['p_pin']; // check if the user id and password combination exist in database $sql = "SELECT * FROM p_DEMO_TABLE WHERE p_phone='".$userId."' AND p_pin='".$password."'"; $result= mysql_query($sql)or die('Query failed. ' . mysql_error()); if (mysql_num_rows($result) == 1) { // the user id and password match, // set the session $_SESSION['db_is_logged_in'] = true; //UPDATE FIRST NAME if(!(isset($_POST['ud_p_first_name']))){$_p_first_name='';}else{$_p_first_name=$_POST['ud_p_first_name'];} $FirstSQL="UPDATE p_demo_table SET p_first_name='".$_p_first_name."' WHERE p_phone='".$userId."' AND p_pin='".$password."'"; if(isset($_POST['ud_p_first_name'])) { if(mysql_query($FirstSQL)) { echo('<br /><br /><font color="green">SUCCESS</font><br /><br />'); //SUCCESS $Success++; } else { echo('FAILED!'.mysql_error()); //FAILED $Fail++; } } //UPDATE LAST NAME if(!(isset($_POST['ud_p_last_name']))){$ud_p_last_name='';}else{$ud_p_last_name=$_POST['ud_p_last_name'];} $LastSQL="UPDATE p_demo_table SET p_last_name='".$ud_p_last_name."' WHERE p_phone='".$userId."' AND p_pin='".$password."'"; if(isset($_POST['ud_p_last_name'])) { if(mysql_query($LastSQL)) { echo('<br /><br /><font color="green">SUCCESS</font><br /><br />'); //SUCCESS $Success++; } else { echo('FAILED!'.mysql_error()); //FAILED $Fail++; } } //UPDATE BIRTH YEAR if(!(isset($_POST['ud_p_year_of_birth']))){$p_year_of_birth='';}else{$p_year_of_birth=$_POST['ud_p_year_of_birth'];} $birthSQL="UPDATE p_demo_table SET p_year_of_birth='".$p_year_of_birth."' WHERE p_phone='".$userId."' AND p_pin='".$password."'"; if(isset($_POST['ud_p_year_of_birth'])) { if(mysql_query($birthSQL)) { echo('<br /><br /><font color="green">SUCCESS</font><br /><br />'); //SUCCESS $Success++; } else { echo('FAILED!'.mysql_error()); //FAILED $Fail++; } } } } if($Success>=0 && $Fail<=0) { echo("<meta http-equiv='refresh' content='3;url=inputs.php'>"); $_SESSION['userid']=$userId; $_SESSION['pass']=$password; } elseif($Fail>=0 && $Success<=0) { echo("FAILED".mysql_error()); } ?> Quote Link to comment Share on other sites More sharing options...
Spamless Posted July 7, 2008 Author Share Posted July 7, 2008 ag3nt42, Looks like you've really taken on this challange. Thanks. I installed the 3 scripts. Then... Got the following from "inputs.php" Unknown column 'p_year_of_birth' in 'field list Also, both "inputs.php" and "Call_4_HELP-c.php" got hung up on " " I removed them, and that solved the hang up problem. What should we do now? Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 7, 2008 Share Posted July 7, 2008 sry just replace the p_year_of_birth may be incorrect.. just replace it with the correct column name in your database Quote Link to comment Share on other sites More sharing options...
ag3nt42 Posted July 7, 2008 Share Posted July 7, 2008 ag3nt42, Also, both "inputs.php" and "Call_4_HELP-c.php" got hung up on " " I removed them, and that solved the hang up problem. What should we do now? the   happened when the code was posted to the board.. that wasn't sposed to be there.. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.