savagenoob Posted December 20, 2008 Share Posted December 20, 2008 OK, I am a noob so go easy. The page displays as I want it to, it displays that the client was updated and redirects back to clientshow.php, but the database is not updated. Anyone? Only Apache error that shows is: [sat Dec 20 10:47:22 2008] [error] [client 127.0.0.1] PHP Notice: Undefined variable: PHP_SELF in C:\....edit.php on line 82, referer: http://localhost/PHP-Login/clientshow.php But it still displays table data in the fields so I think it still is POST'ing. <? mysql_connect("localhost","root","xxxxxxxx"); //select which database you want to edit mysql_select_db("xxxxxx"); if(isset($_POST['submit'])) { // Set global variables to easier names // and prevent sql injection and apostrophe to break the db. $PolicyNumber = mysql_escape_string($_POST['PolicyNumber']); $First_Name = mysql_escape_string($_POST['First_Name']); $Last_Name = mysql_escape_string($_POST['Last_Name']); $result = mysql_query("UPDATE clients SET PolicyNumber='$PolicyNumber', First_Name='$First_Name', Last_Name='$Last_Name' WHERE ID='$ID'"); echo "<b>Thank you! Client updated Successfully!<br>You'll be redirected to Client Page after (4) Seconds"; echo "<meta http-equiv=Refresh content=4;url=clientshow.php>"; } elseif(isset($_GET['ID'])) { $result = mysql_query("SELECT * FROM clients WHERE ID='$_GET[iD]' "); while($myrow = mysql_fetch_assoc($result)) { $PolicyNumber = $myrow["PolicyNumber"]; $First_Name = $myrow["First_Name"]; $Last_Name= $myrow["Last_Name"]; ?> <br> <h3>::Edit Client</h3> <form method="post" action="<?php echo $PHP_SELF ?>"> <input type="hidden" name="ID" value="<? echo $myrow['ID']?>"> Policy Number: <input name="PolicyNumber" size="40" maxlength="255" value="<? echo $PolicyNumber; ?>"/> <br> First Name: <input name="First_Name" size="40" maxlength="255" value="<? echo $First_Name; ?>" /> <br> Last Name: <input name="Last_Name" size="40" maxlength="255" value="<? echo $Last_Name; ?>" /> <br> <input type="submit" name="submit" value="Update Client"> </form> <? }//end of while loop }//end else ?> Quote Link to comment https://forums.phpfreaks.com/topic/137839-solved-form-to-update-database/ Share on other sites More sharing options...
bdmovies Posted December 20, 2008 Share Posted December 20, 2008 It looks like $PHP_SELF should be $_SERVER['PHP_SELF'] and looking at the SQL, you may run into an error because I don't see where you define $id to tell MySQL which row to update. Quote Link to comment https://forums.phpfreaks.com/topic/137839-solved-form-to-update-database/#findComment-720396 Share on other sites More sharing options...
savagenoob Posted December 20, 2008 Author Share Posted December 20, 2008 OK, I see what you are saying.... Hm... I am confusing myself. Can you post an example to fix? My brain is not working. I think I was trying to take the $ID from the previous page that has a link that pushes the $ID to this page. Quote Link to comment https://forums.phpfreaks.com/topic/137839-solved-form-to-update-database/#findComment-720403 Share on other sites More sharing options...
savagenoob Posted December 20, 2008 Author Share Posted December 20, 2008 OK, I fixed and is working. Just had to get the ID from the _POST and assign it to $ID. Easy Peezy... Thanks for making me brainstorm. Quote Link to comment https://forums.phpfreaks.com/topic/137839-solved-form-to-update-database/#findComment-720412 Share on other sites More sharing options...
bdmovies Posted December 20, 2008 Share Posted December 20, 2008 <?php mysql_connect("localhost","root","xxxxxxxx"); //select which database you want to edit mysql_select_db("xxxxxx"); # USER SUBMITTED THE FORM, UPDATING DATA if(isset($_POST['submit'])) { // Set global variables to easier names // and prevent sql injection and apostrophe to break the db. $PolicyNumber = mysql_escape_string($_POST['PolicyNumber']); $First_Name = mysql_escape_string($_POST['First_Name']); $Last_Name = mysql_escape_string($_POST['Last_Name']); $ID = $_POST['ID']; # <-- YOU NEED TO ASSIGN $ID TO THE POSTED VALUE, OR REPLACE $ID IN YOUR UPDATE TO REFLECT $_POST['ID'] $result = mysql_query("UPDATE clients SET PolicyNumber='$PolicyNumber', First_Name='$First_Name', Last_Name='$Last_Name' WHERE ID='$ID'"); echo "<b>Thank you! Client updated Successfully!<br>You'll be redirected to Client Page after (4) Seconds"; echo "<meta http-equiv=Refresh content=4;url=clientshow.php>"; } # USER IS NOT UPDATING FORM, JUST SHOW DETAILS elseif(isset($_GET['ID'])) { #CHECK THE ID, IF YOUR ID'S CONTAIN LETTERS THEN JUST USE mysql_escape_string if(!is_numeric($_GET['ID'])) { # USER DID NOT SUBMIT A CLEAN ID } $result = mysql_query("SELECT * FROM clients WHERE ID='$_GET[iD]' "); while($myrow = mysql_fetch_assoc($result)) { $PolicyNumber = $myrow["PolicyNumber"]; $First_Name = $myrow["First_Name"]; $Last_Name= $myrow["Last_Name"]; ?> <br> <h3>::Edit Client</h3> <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <input type="hidden" name="ID" value="<?php echo $myrow['ID']?>"> Policy Number: <input name="PolicyNumber" size="40" maxlength="255" value="<?php echo $PolicyNumber; ?>"/> <br> First Name: <input name="First_Name" size="40" maxlength="255" value="<?php echo $First_Name; ?>" /> <br> Last Name: <input name="Last_Name" size="40" maxlength="255" value="<?php echo $Last_Name; ?>" /> <br> <input type="submit" name="submit" value="Update Client"> </form> <?php }//end of while loop }//end else ?> Ok, I put in several comments in there explaining stuff, look for the comments that begin with an # It looks like you forgot to assign $ID. $ID = $_POST['ID'] Should take care of that. Also take a look at the elseif, you need to make sure the $_GET['ID'] is a # or valid, or else I could do yourpage.php?id=DROP TABLE clients Quote Link to comment https://forums.phpfreaks.com/topic/137839-solved-form-to-update-database/#findComment-720418 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.