[SOLVED] Returning blank form

[Jakebert]

   echo '<form action="edit_student.php" method = "get">';
   echo '<input type = "hidden" name = "sid" value = "'.$row['id'].'" />';
   echo '<input type = "submit" name = "submit2" value = "Edit" /></form>';
   echo '</td></tr>';

 

It should be taking me to edit_student.php

 

It does not. Instead, it takes me to the same page the form is on, but erases all values in it. Have already tried changing the form action, so I don't think it's edit_student.php that is the problem.

 

I am confused.

 

 

Let me know if you need more info. Here is the entire page code, just in case.

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Untitled Document</title>
  
</head>
<body>

<?php

include_once ("auth.php");
include_once ("authconfig.php");
include_once ("check.php");

if ($check['level'] > 4)
      {
         
print "<font face='Arial' size='5' color='#FF0000'>";
print "<b>Illegal Access</b>";
print "</font><br>";
print "<font face='Verdana' size='2' color='#000000'>";
print "<b>You do not have permission to view this page.</b></font>";
         exit;   // Stop script execution
      }
      
$class_id = $_POST['class_id'];
$new_level=$_POST['new_level'];
$new_day=$_POST['new_day'];
$new_time=$_POST['new_time'];
$new_session=$_POST['new_session'];

if (isset($_POST['submit']))
{


$query= ("UPDATE classes SET level='$new_level', day='$new_day', time='$new_time', session='$new_session' WHERE id=$id");

echo $query;

$sql = mysql_query($query) or die(mysql_error());

}

else

{

$class_id=$_POST['class_id'];
$level=$_POST['level'];
$day=$_POST['day'];
$time=$_POST['time'];
$session=$_POST['session'];

echo '<table>
<form action = "'.$_SERVER['PHP_SELF'].'" method="post">
<input type = "hidden" name = "id" value = "'.$id.'" />
<tr><td>
<b>ID:</b></td>
<td>'; 
echo $class_id;
echo '</td>
<tr><td>
<b>Level</b>:</td>
<td><input type = "text" name = "new_level" value="'.$level.'" />
</td></tr>';

echo '</td>
<tr><td>
<b>Day</b>:</td>
<td><input type = "text" name = "new_day" value="'.$day.'" />
</td></tr>';

echo '</td>
<tr><td>
<b>Time</b>:</td>
<td><input type = "text" name = "new_time" value="'.$time.'" />
</td></tr>';

echo '</td>
<tr><td>
<b>Session</b>:</td>
<td><input type = "text" name = "new_session" value="'.$session.'" />
</td></tr>
<button type=button value=Cancel onClick="javascript:history.go(-1);">Cancel</BUTTON>
<input type="submit" name="submit" value = "Edit Attributes" />';


echo '</table>';

echo '<br /><br /><h3>Students</h3>';
echo '<table border = "1"><tr><td>ID</td><td>First</td><td>Last</td><td>Age</td><td>Level</td></tr>';

$query = ("SELECT * FROM students WHERE classid = '$class_id'");
$sql = mysql_query($query) or die(mysql_error());

while ($row = mysql_fetch_array($sql))

{
   
   
   echo '<tr><td>';
   echo $row['id'];
   echo '</td><td>';
   echo $row['fname'];
   echo '</td><td>';
   echo $row['lname'];
   echo '</td><td>';
   echo $row['age'];
   echo '</td><td>';
   echo $row['level'];
   echo '</td><td>';
   echo '<form action="edit_student.php" method = "get">';
   echo '<input type = "hidden" name = "sid" value = "'.$row['id'].'" />';
   echo '<input type = "submit" name = "submit2" value = "Edit" /></form>';
   echo '</td></tr>';
      
   
}


echo '</table>';


}
?>

</body>
</html>

[Alex]

Your problem is that you're not closing your first form:

 

<form action = "'.$_SERVER['PHP_SELF'].'" method="post">

 

with </form>. So that's the action being used. By the way, it's a bad practice to use $_SERVER['PHP_SELF'] for form actions as it leaves you open for an XSS attack. Rather, if you want a form to be submitted back to the same page just leave action blank (action="").