jamesxg1 Posted April 9, 2009 Share Posted April 9, 2009 <?php $sql = sprintf("SELECT * FROM `contacts` WHERE `id` = '$checkid'") or die(mysql_error()); $grab = mysql_query($sql); while ($done = mysql_fetch_assoc($grab)) { $firstname = $done['firstname']; $lastname = $done['lastname']; $address = $done['address']; $postcode = $done['postcode']; $email = $done['email']; $pnumber = $done['pnumber']; } die("Sorry, This is not your contact to edit!."); } } ?> <form method="POST" action="<?php $PHP_SELF ?>"> <p><b>First Name:</b><br><input type="text" name="firstname" size="20" maxlength="255" value="<?php print htmlspecialchars($firstname); ?>" /></p> <p><b>Last Name:</b><br><input type="text" name="lastname" size="20" maxlength="255" value="<?php print $lastname ?>" /></p> <p><b>Address:</b><br><textarea rows="5" cols="40" name="address" id="$address" value="<?php print $address ?>" ></textarea></p> <p><b>Postcode:</b><br><input type="text" name="postcode" size="20" maxlength="255" value="<?php print $postcode ?>" /></p> <p><b>Email:</b><br><input type="text" name="email" size="20" maxlength="255" value="<?php print $email ?>" /></p> <p><b>Phone Number:</b><br><input type="text" name="pnumber" size="20" maxlength="255" value="<?php print $pnumber ?>" /></p> <p><img src="Security/SecureSubmit.php" /></p> <p><b>Security Code:</b><br><input name="txtNumber" type="text" id="txtNumber" value="" /></p> <p><br><input type="hidden" name="holder" size="20" maxlength="255" value="<?php print $_SESSION['userid']; ?>"/></p> <p align="center"> <input type="submit" name="Edit" value="Submit" /> <input type="reset" name="reset" value="Reset Form" /> </p> </form> <br /> <b>Notice</b>: Undefined variable: firstname in <b>C:\xampp\htdocs\family\ContactsView.php</b> on line <b>142</b><br /> <br /> <b>Notice</b>: Undefined variable: lastname in <b>C:\xampp\htdocs\family\ContactsView.php</b> on line <b>143</b><br /> <br /> <b>Notice</b>: Undefined variable: postcode in <b>C:\xampp\htdocs\family\ContactsView.php</b> on line <b>147</b><br /> <br /> <b>Notice</b>: Undefined variable: email in <b>C:\xampp\htdocs\family\ContactsView.php</b> on line <b>148</b><br /> <br /> <b>Notice</b>: Undefined variable: pnumber in <b>C:\xampp\htdocs\family\ContactsView.php</b> on line <b>149</b><br /> these are the errors im getting when i view the page (they are inside the text field). Quote Link to comment Share on other sites More sharing options...
Maq Posted April 9, 2009 Share Posted April 9, 2009 Where does $checkid come from? Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted April 9, 2009 Author Share Posted April 9, 2009 Where does $checkid come from? Sorry my bad didnt post the whole code. . . <?php if ($_GET['contact'] == "edit") { $checkid = mysql_real_escape_string(is_numeric($_GET['id'])); $userid = is_numeric($_SESSION['userid']); $sql = sprintf("SELECT * FROM `contacts` WHERE `id` = '$checkid'") or die(mysql_error()); $grab = mysql_query($sql); while ($check = mysql_fetch_assoc($grab)) { $checkidholder = mysql_real_escape_string(is_numeric($check['holder'])); } if ($checkidholder == '$userid') { $sql = sprintf("SELECT * FROM `contacts` WHERE `id` = '$checkid'") or die(mysql_error()); $grab = mysql_query($sql); while ($done = mysql_fetch_assoc($grab)) { $firstname = $done['firstname']; $lastname = $done['lastname']; $address = $done['address']; $postcode = $done['postcode']; $email = $done['email']; $pnumber = $done['pnumber']; } die("Sorry, This is not your contact to edit!."); } } ?> <form method="POST" action="<?php $PHP_SELF ?>"> <p><b>First Name:</b><br><input type="text" name="firstname" size="20" maxlength="255" value="<?php print htmlspecialchars($firstname); ?>" /></p> <p><b>Last Name:</b><br><input type="text" name="lastname" size="20" maxlength="255" value="<?php print $lastname ?>" /></p> <p><b>Address:</b><br><textarea rows="5" cols="40" name="address" id="$address" value="<?php print $address ?>" ></textarea></p> <p><b>Postcode:</b><br><input type="text" name="postcode" size="20" maxlength="255" value="<?php print $postcode ?>" /></p> <p><b>Email:</b><br><input type="text" name="email" size="20" maxlength="255" value="<?php print $email ?>" /></p> <p><b>Phone Number:</b><br><input type="text" name="pnumber" size="20" maxlength="255" value="<?php print $pnumber ?>" /></p> <p><img src="Security/SecureSubmit.php" /></p> <p><b>Security Code:</b><br><input name="txtNumber" type="text" id="txtNumber" value="" /></p> <p><br><input type="hidden" name="holder" size="20" maxlength="255" value="<?php print $_SESSION['userid']; ?>"/></p> <p align="center"> <input type="submit" name="Edit" value="Submit" /> <input type="reset" name="reset" value="Reset Form" /> </p> </form> Quote Link to comment Share on other sites More sharing options...
Maq Posted April 9, 2009 Share Posted April 9, 2009 Take out the single quotes from this line, I don't think it's getting past this if statement: if ($checkidholder == $userid) { Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted April 9, 2009 Author Share Posted April 9, 2009 Take out the single quotes from this line, I don't think it's getting past this if statement: if ($checkidholder == $userid) { ok quotes removed, all i get now is the error displayed :S Quote Link to comment Share on other sites More sharing options...
Maq Posted April 9, 2009 Share Posted April 9, 2009 You know when you assign something to another variable that has "is_numeric()" invoked on it, it will return a boolean. $userid = is_numeric($_SESSION['userid']); ^ That line proably assigns TRUE to $userid. So you may want to check the variable if they're numeric then assign the actually value to the variable. As far as your error I get this line isn't true: if ($checkidholder == '$userid') { because the variables that are used in your input fields don't have values, so this if block never executes. Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted April 9, 2009 Author Share Posted April 9, 2009 You know when you assign something to another variable that has "is_numeric()" invoked on it, it will return a boolean. $userid = is_numeric($_SESSION['userid']); ^ That line proably assigns TRUE to $userid. So you may want to check the variable if they're numeric then assign the actually value to the variable. As far as your error I get this line isn't true: if ($checkidholder == '$userid') { because the variables that are used in your input fields don't have values, so this if block never executes. what do you mean ? Quote Link to comment Share on other sites More sharing options...
revraz Posted April 9, 2009 Share Posted April 9, 2009 echo $userid and see. Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted April 9, 2009 Author Share Posted April 9, 2009 echo $userid and see. ok i get . . . . 5287 wich is the correct userid so i dont understand what is going wrong :S Quote Link to comment Share on other sites More sharing options...
Maq Posted April 9, 2009 Share Posted April 9, 2009 Like I said, I believe this if statement is failing because none of the variables are being assigned anything and that's why it's throwing all those errors. Check to make sure this if succeeds by echoing something right below it. if ($checkidholder == $userid) { echo "*** WORKS ***"; //rest of code . . . } Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted April 9, 2009 Author Share Posted April 9, 2009 Like I said, I believe this if statement is failing because none of the variables are being assigned anything and that's why it's throwing all those errors. Check to make sure this if succeeds by echoing something right below it. if ($checkidholder == $userid) { echo "*** WORKS ***"; //rest of code . . . } your right the if statment isnt working :S, i got no print out :S Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted April 9, 2009 Author Share Posted April 9, 2009 Like I said, I believe this if statement is failing because none of the variables are being assigned anything and that's why it's throwing all those errors. Check to make sure this if succeeds by echoing something right below it. if ($checkidholder == $userid) { echo "*** WORKS ***"; //rest of code . . . } your right the if statment isnt working :S, i got no print out :S what IF statment would i use that will work ? Quote Link to comment Share on other sites More sharing options...
Maq Posted April 9, 2009 Share Posted April 9, 2009 I don't know your design well enough to give you an answer. Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted April 9, 2009 Author Share Posted April 9, 2009 I don't know your design well enough to give you an answer. damn =/ what do you need to know i will give you awnser's ? Quote Link to comment Share on other sites More sharing options...
Maq Posted April 9, 2009 Share Posted April 9, 2009 Go through your code and figure out the logic of why the IF statement is even there. It is then you'll find out the appropriate IF statement. Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted April 9, 2009 Author Share Posted April 9, 2009 Go through your code and figure out the logic of why the IF statement is even there. It is then you'll find out the appropriate IF statement. i dont quite follow :S here's the whole page. . . . . <?php session_start(); ini_set('display_errors', 1); error_reporting(E_ALL); include 'Database/Connection.php'; include 'Database/Utility.php'; isloggedin(); accessneeded("C"); if (isset($_POST['Add'])) { $id = 1; $checkid="SELECT * FROM contacts WHERE id='$id'"; $checkidresult = mysql_query($checkid); while(mysql_num_rows($checkidresult) > 0) { $id = $id + 1; $checkid="SELECT * FROM menu WHERE id='$id'"; $checkidresult = mysql_query($checkid); } $holder = mysql_real_escape_string($_POST['holder']); $firstname = mysql_real_escape_string($_POST['firstname']); $firstname = ereg_replace(" ", "", $firstname); $lastname = mysql_real_escape_string($_POST['lastname']); $lastname = ereg_replace(" ", "", $lastname); $address = mysql_real_escape_string($_POST['address']); $postcode = mysql_real_escape_string($_POST['postcode']); $email = mysql_real_escape_string($_POST['email']); $email = ereg_replace(" ", "", $email); $pnumber = mysql_real_escape_string(is_numeric($_POST['pnumber'])); $pnumber = ereg_replace(" ", "", $pnumber); $number = mysql_real_escape_string($_POST['txtNumber']); if($holder && $firstname && $lastname && $address && $postcode && $email && $pnumber) { $_name = "/^[-!#$%&\'*+\\.\/0-9=?A-Z^`{|}~]+"; $_host = "([-0-9A-Z]+\.)+"; $_tlds = "([0-9A-Z]){2,4}$/i"; if( !preg_match($_name."@".$_host.$_tlds,$email) ){ echo "<div align=\"center\">The email you entered is of invalid format.</div>"; include("ContactsControl.php?contact=Add"); die(); } if (md5($number) == $_SESSION['image_random_value']) { $sql = "INSERT INTO `contacts` (`holder`, `firstname`, `lastname`, `address`, `postcode`, `email`, `pnumber`) VALUES('$holder', '$firstname', '$lastname', '$address', '$postcode', '$email', '$pnumber')"; mysql_query($sql) or die(mysql_error()); header('Location: ContactsView.php?contact=view'); } } } if ($_GET['contact'] == "view") { print "|| <a href='ContactsView.php?contact=add'><img src='Security/PhotoProcess.php?picname=btnadd' border='0'>Add New Contact</a> || <br> || <a href='ContactsView.php?contact=delete'><img src='Security/PhotoProcess.php?picname=btndel' border='0'>Delete A Contact</a> || <br> || <a href='ContactsView.php?contact=editpro'><img src='Security/PhotoProcess.php?picname=btnedit' border='0'>Edit A Contact</a> ||<hr>"; $userid = $_SESSION['userid']; $count = 0; $query = mysql_query(sprintf("SELECT * FROM contacts WHERE holder = '$userid'")) or die(mysql_error()); while ($row = mysql_fetch_object($query)) { if ($count!=0){echo "<hr>";} print "First Name: <font color='red'>$row->firstname<br></font>Last Name: <font color='red'>$row->lastname<br></font>Address: <font color='red'>$row->address<br></font>Postcode: <font color='red'>$row->postcode<br></font>Email: <font color='red'>$row->email<br></font>Phone Number: <font color=red>$row->pnumber<br></font>"; $count++; } } if ($_GET['contact'] == "add") { ?> <form method="POST" action="<?php $PHP_SELF ?>"> <p><b>First Name:</b><br><input type="text" name="firstname" size="20" maxlength="255" /></p> <p><b>Last Name:</b><br><input type="text" name="lastname" size="20" maxlength="255" /></p> <p><b>Address:</b><br><textarea rows="5" cols="40" name="address" id="$address"></textarea></p> <p><b>Postcode:</b><br><input type="text" name="postcode" size="20" maxlength="255" /></p> <p><b>Email:</b><br><input type="text" name="email" size="20" maxlength="255" /></p> <p><b>Phone Number:</b><br><input type="text" name="pnumber" size="20" maxlength="255" /></p> <p><img src="Security/SecureSubmit.php" /></p> <p><b>Security Code:</b><br><input name="txtNumber" type="text" id="txtNumber" value="" /></p> <p><br><input type="hidden" name="holder" size="20" maxlength="255" value="<?php print $_SESSION['userid']; ?>"/></p> <p align="center"> <input type="submit" name="Add" value="Submit" /> <input type="reset" name="reset" value="Reset Form" /> </p> </form> <?php } if ($_GET['contact'] == "editpro") { $userid = is_numeric($_SESSION['userid']); $count = 0; $query = mysql_query(sprintf("SELECT * FROM contacts WHERE holder = '$userid'")) or die(mysql_error()); while ($row = mysql_fetch_object($query)) { if ($count!=0){echo "<hr>";} print "First Name: <font color='red'>$row->firstname<br></font>Last Name: <font color='red'>$row->lastname<br></font>Address: <font color='red'>$row->address<br></font>Postcode: <font color='red'>$row->postcode<br></font>Email: <font color='red'>$row->email<br></font>Phone Number: <font color=red>$row->pnumber<br></font><a href='ContactsView.php?contact=edit&contactid=$row->id'><img src='Security/PhotoProcess.php?picname=btnedit' border='0'>Edit This Contact</a>"; $count++; } } if ($_GET['contact'] == "edit") { $checkid = mysql_real_escape_string(is_numeric($_GET['id'])); $userid = $_SESSION['userid']; $sql = sprintf("SELECT * FROM `contacts` WHERE `id` = '$checkid'") or die(mysql_error()); $grab = mysql_query($sql); while ($check = mysql_fetch_assoc($grab)) { $checkidholder = mysql_real_escape_string(is_numeric($check['holder'])); } if ($userid == $checkidholder) { $sql = sprintf("SELECT * FROM `contacts` WHERE `id` = '$checkid'") or die(mysql_error()); $grab = mysql_query($sql); while ($done = mysql_fetch_assoc($grab)) { $firstname = $done['firstname']; $lastname = $done['lastname']; $address = $done['address']; $postcode = $done['postcode']; $email = $done['email']; $pnumber = $done['pnumber']; } die("Sorry, This is not your contact to edit!."); } } ?> <form method="POST" action="<?php $PHP_SELF ?>"> <p><b>First Name:</b><br><input type="text" name="firstname" size="20" maxlength="255" value="<?php print htmlspecialchars($firstname); ?>" /></p> <p><b>Last Name:</b><br><input type="text" name="lastname" size="20" maxlength="255" value="<?php print $lastname ?>" /></p> <p><b>Address:</b><br><textarea rows="5" cols="40" name="address" id="$address" value="<?php print $address ?>" ></textarea></p> <p><b>Postcode:</b><br><input type="text" name="postcode" size="20" maxlength="255" value="<?php print $postcode ?>" /></p> <p><b>Email:</b><br><input type="text" name="email" size="20" maxlength="255" value="<?php print $email ?>" /></p> <p><b>Phone Number:</b><br><input type="text" name="pnumber" size="20" maxlength="255" value="<?php print $pnumber ?>" /></p> <p><img src="Security/SecureSubmit.php" /></p> <p><b>Security Code:</b><br><input name="txtNumber" type="text" id="txtNumber" value="" /></p> <p><br><input type="hidden" name="holder" size="20" maxlength="255" value="<?php print $_SESSION['userid']; ?>"/></p> <p align="center"> <input type="submit" name="Edit" value="Submit" /> <input type="reset" name="reset" value="Reset Form" /> </p> </form> Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted April 9, 2009 Author Share Posted April 9, 2009 that is my whole page, would it be possible to find a fix with this ammount of info ? Quote Link to comment Share on other sites More sharing options...
revraz Posted April 9, 2009 Share Posted April 9, 2009 What is the URL you are using to access this page? Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted April 9, 2009 Author Share Posted April 9, 2009 What is the URL you are using to access this page? i am using localhost but i have a virtual domain assigned to it called, cj.co.uk Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted April 9, 2009 Author Share Posted April 9, 2009 What is the URL you are using to access this page? i am using localhost but i have a virtual domain assigned to it called, cj.co.uk is this any help ? Quote Link to comment Share on other sites More sharing options...
jamesxg1 Posted April 9, 2009 Author Share Posted April 9, 2009 can someone please help me Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.