savagenoob Posted December 20, 2008 Share Posted December 20, 2008 OK, I am a noob so go easy. The page displays as I want it to, it displays that the client was updated and redirects back to clientshow.php, but the database is not updated. Anyone? Only Apache error that shows is: [sat Dec 20 10:47:22 2008] [error] [client 127.0.0.1] PHP Notice: Undefined variable: PHP_SELF in C:\....edit.php on line 82, referer: http://localhost/PHP-Login/clientshow.php But it still displays table data in the fields so I think it still is POST'ing. <? mysql_connect("localhost","root","xxxxxxxx"); //select which database you want to edit mysql_select_db("xxxxxx"); if(isset($_POST['submit'])) { // Set global variables to easier names // and prevent sql injection and apostrophe to break the db. $PolicyNumber = mysql_escape_string($_POST['PolicyNumber']); $First_Name = mysql_escape_string($_POST['First_Name']); $Last_Name = mysql_escape_string($_POST['Last_Name']); $result = mysql_query("UPDATE clients SET PolicyNumber='$PolicyNumber', First_Name='$First_Name', Last_Name='$Last_Name' WHERE ID='$ID'"); echo "<b>Thank you! Client updated Successfully!<br>You'll be redirected to Client Page after (4) Seconds"; echo "<meta http-equiv=Refresh content=4;url=clientshow.php>"; } elseif(isset($_GET['ID'])) { $result = mysql_query("SELECT * FROM clients WHERE ID='$_GET[iD]' "); while($myrow = mysql_fetch_assoc($result)) { $PolicyNumber = $myrow["PolicyNumber"]; $First_Name = $myrow["First_Name"]; $Last_Name= $myrow["Last_Name"]; ?> <br> <h3>::Edit Client</h3> <form method="post" action="<?php echo $PHP_SELF ?>"> <input type="hidden" name="ID" value="<? echo $myrow['ID']?>"> Policy Number: <input name="PolicyNumber" size="40" maxlength="255" value="<? echo $PolicyNumber; ?>"/> <br> First Name: <input name="First_Name" size="40" maxlength="255" value="<? echo $First_Name; ?>" /> <br> Last Name: <input name="Last_Name" size="40" maxlength="255" value="<? echo $Last_Name; ?>" /> <br> <input type="submit" name="submit" value="Update Client"> </form> <? }//end of while loop }//end else ?> Link to comment https://forums.phpfreaks.com/topic/137839-solved-form-to-update-database/ Share on other sites More sharing options...
bdmovies Posted December 20, 2008 Share Posted December 20, 2008 It looks like $PHP_SELF should be $_SERVER['PHP_SELF'] and looking at the SQL, you may run into an error because I don't see where you define $id to tell MySQL which row to update. Link to comment https://forums.phpfreaks.com/topic/137839-solved-form-to-update-database/#findComment-720396 Share on other sites More sharing options...
savagenoob Posted December 20, 2008 Author Share Posted December 20, 2008 OK, I see what you are saying.... Hm... I am confusing myself. Can you post an example to fix? My brain is not working. I think I was trying to take the $ID from the previous page that has a link that pushes the $ID to this page. Link to comment https://forums.phpfreaks.com/topic/137839-solved-form-to-update-database/#findComment-720403 Share on other sites More sharing options...
savagenoob Posted December 20, 2008 Author Share Posted December 20, 2008 OK, I fixed and is working. Just had to get the ID from the _POST and assign it to $ID. Easy Peezy... Thanks for making me brainstorm. Link to comment https://forums.phpfreaks.com/topic/137839-solved-form-to-update-database/#findComment-720412 Share on other sites More sharing options...
bdmovies Posted December 20, 2008 Share Posted December 20, 2008 <?php mysql_connect("localhost","root","xxxxxxxx"); //select which database you want to edit mysql_select_db("xxxxxx"); # USER SUBMITTED THE FORM, UPDATING DATA if(isset($_POST['submit'])) { // Set global variables to easier names // and prevent sql injection and apostrophe to break the db. $PolicyNumber = mysql_escape_string($_POST['PolicyNumber']); $First_Name = mysql_escape_string($_POST['First_Name']); $Last_Name = mysql_escape_string($_POST['Last_Name']); $ID = $_POST['ID']; # <-- YOU NEED TO ASSIGN $ID TO THE POSTED VALUE, OR REPLACE $ID IN YOUR UPDATE TO REFLECT $_POST['ID'] $result = mysql_query("UPDATE clients SET PolicyNumber='$PolicyNumber', First_Name='$First_Name', Last_Name='$Last_Name' WHERE ID='$ID'"); echo "<b>Thank you! Client updated Successfully!<br>You'll be redirected to Client Page after (4) Seconds"; echo "<meta http-equiv=Refresh content=4;url=clientshow.php>"; } # USER IS NOT UPDATING FORM, JUST SHOW DETAILS elseif(isset($_GET['ID'])) { #CHECK THE ID, IF YOUR ID'S CONTAIN LETTERS THEN JUST USE mysql_escape_string if(!is_numeric($_GET['ID'])) { # USER DID NOT SUBMIT A CLEAN ID } $result = mysql_query("SELECT * FROM clients WHERE ID='$_GET[iD]' "); while($myrow = mysql_fetch_assoc($result)) { $PolicyNumber = $myrow["PolicyNumber"]; $First_Name = $myrow["First_Name"]; $Last_Name= $myrow["Last_Name"]; ?> <br> <h3>::Edit Client</h3> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <input type="hidden" name="ID" value="<?php echo $myrow['ID']?>"> Policy Number: <input name="PolicyNumber" size="40" maxlength="255" value="<?php echo $PolicyNumber; ?>"/> <br> First Name: <input name="First_Name" size="40" maxlength="255" value="<?php echo $First_Name; ?>" /> <br> Last Name: <input name="Last_Name" size="40" maxlength="255" value="<?php echo $Last_Name; ?>" /> <br> <input type="submit" name="submit" value="Update Client"> </form> <?php }//end of while loop }//end else ?> Ok, I put in several comments in there explaining stuff, look for the comments that begin with an # It looks like you forgot to assign $ID. $ID = $_POST['ID'] Should take care of that. Also take a look at the elseif, you need to make sure the $_GET['ID'] is a # or valid, or else I could do yourpage.php?id=DROP TABLE clients Link to comment https://forums.phpfreaks.com/topic/137839-solved-form-to-update-database/#findComment-720418 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.