zero_ZX Posted May 31, 2010 Share Posted May 31, 2010 Hi! I'm working out a tiny script to change status of employees in different rooms, so far it all goes good, however I have a problem. A user goes to an edit.php?id=xxxxx where they can change their stauts, however if the id is invalid, or they don't put an id at all The script still continues.. And my html form shows :/ So i have 2 questions.. How would i make the script die if nothing can be found when executing the query, and can i put my forms into the php tags instead of html? Also, what would be the best way to perform the edit? Should i link to form to another page like perform.php or should i make something like edit.php?id=blabla&status=0&comment=Back in an hour I'm not so sure of this.. Also i would like to strip off all kinds of tags and special characters in the update field, so users don't put anything silly there.. This is my current code <?PHP include("config.php"); $id = $_GET['id']; // Create query $query = mysql_query("SELECT * FROM medarbejder WHERE id = '".$id."' LIMIT 1") or die(mysql_error()); while($row = mysql_fetch_array($query)) IF ($row['status']==1) { Echo "Du redigere nu status for " . $row['medarbejder'] . " "; Echo "<br> <br>"; echo "<TABLE border=1 bgcolor=#00FF00>"; echo "<tr>"; echo "<th width=700>Du er til stede</th>"; echo "</tr>"; echo "</table>"; } Else { Echo "Du redigere nu status for " . $row['medarbejder'] . " "; Echo "<br> <br>"; echo "<TABLE border=1 bgcolor=#FF0000>"; echo "<tr>"; echo "<th width=700>Du er ikke til stede</th>"; echo "</tr>"; echo "</table>"; } Echo "<br>"; Echo "Her kan du ændre din stauts:"; mysql_close($con); ?> <html> <body> <form action="opdater.php" method="post"> Status: <input type="radio" name="status" value="1" checked> Til stede <input type="radio" name="status" value="2"> Ikke til stede <br> Kommentar (maks 100 bogstaver): <input type="text" name="kommentar" style='width:300px;' MAXLENGTH=100 /> <input type="submit" /> </form> </body> </html> Quote Link to comment Share on other sites More sharing options...
trq Posted May 31, 2010 Share Posted May 31, 2010 Take a look at mysql_num_rows, this will tell you if your query actually found a result. Quote Link to comment Share on other sites More sharing options...
zero_ZX Posted May 31, 2010 Author Share Posted May 31, 2010 Thanks for your prompt reply. I'm however not looking to tell how many or if i found, I just want to kill the script if it doesn't find anything. Quote Link to comment Share on other sites More sharing options...
riwan Posted May 31, 2010 Share Posted May 31, 2010 well, before you query you could check first the id, if its empty then put die() or exit(). then after query (before the loop while) you could check the query result using mysql_num_rows() if it found anything or not and then again put die() or exit() Quote Link to comment Share on other sites More sharing options...
trq Posted May 31, 2010 Share Posted May 31, 2010 So do so.... if (!mysql_num_rows($query)) { die(); } Quote Link to comment Share on other sites More sharing options...
zero_ZX Posted May 31, 2010 Author Share Posted May 31, 2010 Oh yeh.. Now i follow ya, lol ^^ Thanks a lot Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.