Jump to content

Recommended Posts

Hey All. I have a FORM that updates records in my database. It has three fields. User, Scene and Time. I want it so users can only edit scenes that are empty. So that when someone enters a Scene, that entry is then locked out. And only the user who added it can update it.

 

So basically. The Scene is initially empty. Then someone adds a Scene, there User is attached to the entry. Then Only that user can edit the scene again.

 

Heres the 3 rows:

 

<p>
<input name="Time" type="text" id="Time" value="<?php echo $row_MusicBody['Time']; ?>" />
</p>
<p>
<textarea name="Scene" id="Scene" cols="23" rows="3"><?php echo $row_MusicBody['Scene Description']; ?></textarea>
<p>
<input name="User" type="hidden" id="User" value="<?php echo $_SESSION['MM_Username']; ?>" readonly="readonly" />
</p>

Link to comment
https://forums.phpfreaks.com/topic/172066-only-update-form-if-field-is-empty/
Share on other sites

Your form processing code is the part that is responsible for inserting or updating information in your database. It must validate and enforce any conditions that you specify, such as only allowing empty scenes to be updated by any user and to enforce the requirement that only the user that put the contents in a scene can update it.

 

The code for your form must also enforce the requirements that you have stated by only allowing a specific matching user to select records where he was the one that first put the contents in the scene column and allowing all users to select records that are still have empty scene columns.

 

So, what is your code that displays the available records and allows record to be picked and/or allows a completely new record to be inserted (assuming you are permitting the later)? That would be the place to start defining and designing code. You would then only output the form if a record was picked where the logic permitted the current user to either put a value into an empty scene or he is the user that first put the scene in that record.

Hey, sorry about that. This is the code that updates the form. There are 7 fields there but you can ignore the other 4 of them.

 

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form5")) {
  $updateSQL = sprintf("UPDATE Music SET Title=%s, Artist=%s, Movie=%s, `Time`=%s, `Scene Description`=%s, `User`=%s WHERE ID=%s",
                       GetSQLValueString($_POST['Title'], "text"),
                       GetSQLValueString($_POST['Artist2'], "text"),
                       GetSQLValueString($_POST['Movie'], "text"),
                       GetSQLValueString($_POST['Time'], "text"),
                       GetSQLValueString($_POST['Scene'], "text"),
                       GetSQLValueString($_POST['User'], "text"),
                       GetSQLValueString($_POST['ID'], "int"));

  mysql_select_db($database_test, $test);
  $Result1 = mysql_query($updateSQL, $test) or die(mysql_error());
}

 

If you just want to stop updates from other members then you could move the user field from the update to the where

Also

ID=%s

should be

ID=%d

 

ie change

$updateSQL = sprintf("UPDATE Music SET Title=%s, Artist=%s, Movie=%s, `Time`=%s, `Scene Description`=%s, `User`=%s WHERE ID=%s",

to

$updateSQL = sprintf("UPDATE Music SET Title=%s, Artist=%s, Movie=%s, `Time`=%s, `Scene Description`=%s WHERE `User`=%s AND ID=%d",

 

However.. I it looks like $_POST['User'] is pulled from a posted session "$_SESSION['MM_Username']", if that's the case you should use the session instead of posting it

so

 GetSQLValueString($_POST['User'], "text"),

 GetSQLValueString($_SESSION['MM_Username'], "text"),

and remove

<input name="User" type="hidden" id="User" value="<?php echo $_SESSION['MM_Username']; ?>" readonly="readonly" />

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.