Jump to content

Archived

This topic is now archived and is closed to further replies.

jbille

session variable

Recommended Posts

Hello I have an html form (findproduct.html)which asks for a product number in order to edit the details of that product.  What I am trying to provide is a way to edit anything about that product, including the product number.  When the user enters it and clicks submit a php file (findproduct.php) finds the product through MySQL and outputs the info about the product in another form.  The user can then edit the form appropriately.  When submit is clicked another file (editproduct.php) performs a query to MySQL and updates the information.  However I cannot perform the query correctly because it is using product number from the second form, not the first.  If anyone can help it would be greatly appreciated.  My code is listed below.


-----------------------------findproduct.html----------------------
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
      xml:lang="en" lang="en">
<head><title>Administration Page</title>
<link rel=stylesheet href="main.css" type="text/css"></head>
<body bgcolor="#204D70">
<table  bgcolor="white" frame="box" border="0" width="700" cellpadding="0" cellspacing="0" align="center" valign="center" height=600>
<tr>
<td>
<table bgcolor="#C76114" border="0" cellpadding="5" cellspacing="0" align="center" valign="center">
<form name="findproduct" action="findproduct.php" method="POST" id="findproduct">
<tr><td align="center" class="adminform">Product Number:</td><td></td><td><input type="text" name="number1" id="number1" size="27" /></td></tr>
<tr><td></td><td></td><td align="right"><input type="submit" value="submit"></td></tr>
</form>
</table>
</td>
</tr>
</body>
</html>




----------------------findproduct.php-----------------------------
<?php
session_start();

$host = localhost;
$user = websters;
$pass = west4;
$dbname = WebSter;

$prodnumber = $_POST['number1'];
$_SESSION['prodnumber'] = $prodnumber;


$link = mysql_connect($host, $user, $pass);
if (!$link) {
  die('Not connected : ');
}
mysql_select_db($dbname, $link) or die("Unable to select database");
$query ="SELECT * FROM electrical WHERE (number = " . $prodnumber . ")";
$result = mysql_query($query);
if (!result) {
echo "Product Number could not be found.  Please go back and try again";
}

while($row = mysql_fetch_array($result, MYSQL_NUM))
{
    $name = $row[0];
    $number = $row[1];
    $price = $row[2];
    $order = $row[3];
    $description = $row[4];
    $picture = $row[5];
    }

    echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\"
    \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">
<html xmlns=\"http://www.w3.org/1999/xhtml\"
      xml:lang=\"en\" lang=\"en\">
      <body><head><title>Edit product</title>
<link rel=stylesheet href=\"main.css\" type=\"text/css\"></head>
<body bgcolor=\"#204D70\">
<table  bgcolor=\"white\" frame=\"box\" border=\"0\" width=\"700\" cellpadding=\"0\" cellspacing=\"0\" align=\"center\"  valign=\"center\" height=600>
<tr><td align=\"center\" class=\"admin\">Edit a product</td></tr>

<tr>
<td>
<table bgcolor=\"#C76114\" border=\"0\" cellpadding=\"5\" cellspacing=\"0\" align=\"center\" valign=\"center\">
<form name=\"editproduct\" action=\"editproduct.php\" method=\"POST\" encytype=\"multipart/form-data\">
<tr><td class=\"adminform\">Product Name:</td><td></td><td><input type=\"text\" value=" . $name . " name=\"name\" id=\"name\" size=\"27\" /></td></tr>
<tr><td class=\"adminform\">Product Number:</td><td align=\"right\" class=\"adminform\">#</td><td><input value=" . $prodnumber . " type=\"text\" name=\"number\" id=\"number\" size=\"27\" /></td></tr>
<tr><td class=\"adminform\">Product Price:</td><td align=\"right\" class=\"adminform\">$</td><td valign=\"top\"><input type=\"text\" value=" . $price . " name=\"price\" id=\"price\" size=\"27\" /></td></tr>
<tr><td class=\"adminform\">Where do you want this item to be in the list?:</td><td></td><td><input type=\"text\" value=" . $order . " name=\"order\" id=\"order\" size=\"27\" /></td></tr>
    <tr><td class=\"adminform\">What category do you want the product to go in?:</td><td></td>
    <td><select id=\"category\" name=\"category\" size=\"1\" value=\"electrical\">
<option value=\"0\">Choose a category</option>
<option value=\"electrical\">Electrical</option>
<option value=\"hydraulic\">Hydraulic</option>
<option value=\"air\">Air</option>
<option value=\"springs\">Springs</option>
<option value=\"shoes\">Brake Shoes</option>
<option value=\"suspension\">Suspension</option>
</select></td>
<tr><td valign=\"top\" class=\"adminform\">Product Description:</td><td></td><td><textarea name=\"description\" cols=20 rows=6>" . $description . "</textarea></td></tr>
<tr>
<td class=\"adminform\"><input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"300000\" />Upload this picture: </td>
<td></td>
<td><input name=\"picture\" value=\"something\" type=\"file\" />
    </td>
    </tr>
    <tr height=\"10\"></tr>
  <tr><td></td><td></td><td align=\"left\"><input type=\"submit\" value=\"submit\"></td></tr>
    </form>
  </table>
    </td>
    </tr>
</table>
</body>
</html>";


mysql_close($link);

?>


------------------------editproduct.php--------------------------
<?php

session_start();

$host = localhost;
$user = websters;
$pass = west4;
$dbname = WebSter;

$name = $_POST['name'];
$number = $_POST['number'];
$price = $_POST['price'];
$order = $_POST['order'];
$category = $_POST['category'];
$description = $_POST['description'];
$picture = $_POST['picture'];

if((empty($name)) || (empty($number)) || (empty($price))
|| (empty($order)) || (empty($category)) || (empty($description)) || (empty($picture)))
{
echo "Please go back and fill in the following information: <br><br>";
if(empty($name)) echo ("Product Name <br>");
if(empty($number)) echo ("Product Number<br>");
if(empty($price)) echo ("Product Price<br>");
if(empty($order)) echo ("Order of item in the list<br>");
if(empty($category)) echo ("Category must be picked<br>");
if(empty($description)) echo ("Product Description<br>");
if(empty($picture)) echo ("Please upload a photo<br>");
exit(1);
}

$data = addslashes(fread(fopen($picture, "r"), filesize($picture)));

$link = mysql_connect($host, $user, $pass);
if (!$link) {
  die('Not connected : ');
}
mysql_select_db($dbname, $link) or die("Unable to select database");

$prodnumber = $_SESSION['prodnumber'];

$query ="UPDATE " . $category . " SET number='$number' WHERE number='$prodnumber'";
mysql_query($query) or die('Error, query failed, Call Jimmy (330)268-9271');

mysql_close($link);

echo "<html><body><p>Thank you. <a href=\"findproduct.html\">Click here</a> to edit another product
or <a href=\"admin.html\">here</a> to return to administration home page <br>";

echo $_SESSION['prodnumber'];

session_destroy();

?>

Share this post


Link to post
Share on other sites
I'm not sure about this, but I believe if you want to change the primary key field of a row, you have to delete the old row and then insert a new record and specify the new primary key explicitly.  Your $prodnumber  looks like the primary key.

Share this post


Link to post
Share on other sites
Ok, in...

// findproduct.php

[code]<?php
  session_start();

  $host = localhost;
  $user = websters;
  $pass = west4;
  $dbname = WebSter;
 
  $prodnumber = $_POST['number1'];
  $_SESSION['prodnumber'] = $prodnumber;
 

  $link = mysql_connect($host, $user, $pass);
  if (!$link) {
      die('Not connected : ');
  }
  mysql_select_db($dbname, $link) or die("Unable to select database");
  $query ="SELECT * FROM electrical WHERE (number = " . $prodnumber . ")";
  $result = mysql_query($query);
  if (!result) {
      echo "Product Number could not be found.  Please go back and try again";
  }[/code]

You have the code, but your logic seemd out of order! Your session seems like it is only started to set the [b]prodnumber[/b], but you set it even if you don't have a [b]POST[/b] request or a valid [b]number1[/b]. So your doing things that do nothing if the request is not valid. Better logic would only start the session and assign prodnumber a value only when it is found to be valid. Secondly you need to exit(), if the number1 value is not found in the database, and last you need to validate your form data!

Now if it was me, I could change the above (2) ways, (1) don't use a session at all, or (2) reorder your logic and still use the session. Seeing your using a session I will make my example using the session method, but I would really not use a session at all!


----------------------findproduct.php-----------------------------

[code]<?php

$host      = 'localhost';
$user      = 'websters';
$pass      = 'west4';
$dbname    = 'WebSter';
$prodnumber = 0;


if ( isset ( $_POST['number1'] ) )
{
$prodnumber = intval ( $_POST['number1'] );
}

if ( $prodnumber > 0 )
{
$link = mysql_connect ( $host, $user, $pass ) die ( 'Not connected : ' . mysql_error () );

mysql_select_db  ($dbname, $link ) or die ( 'Unable to select database: ' .mysql_error () );

$result = mysql_query ( "SELECT * FROM electrical WHERE number = " . $prodnumber );

if ( mysql_num_rows ( $result ) == 1 )
{
session_start ();

$_SESSION['prodnumber'] = $prodnumber;

session_write_close ();

$row = mysql_fetch_array ( $result, MYSQL_NUM );

    $name        = $row[0];
    $number      = $row[1];
    $price      = $row[2];
    $order      = $row[3];
    $description = $row[4];
    $picture    = $row[5];

    echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\"
    \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">
<html xmlns=\"http://www.w3.org/1999/xhtml\"
      xml:lang=\"en\" lang=\"en\">
      <body><head><title>Edit product</title>
<link rel=stylesheet href=\"main.css\" type=\"text/css\"></head>
<body bgcolor=\"#204D70\">
<table  bgcolor=\"white\" frame=\"box\" border=\"0\" width=\"700\" cellpadding=\"0\" cellspacing=\"0\" align=\"center\"  valign=\"center\" height=600>
<tr><td align=\"center\" class=\"admin\">Edit a product</td></tr>

<tr>
<td>
<table bgcolor=\"#C76114\" border=\"0\" cellpadding=\"5\" cellspacing=\"0\" align=\"center\" valign=\"center\">
<form name=\"editproduct\" action=\"editproduct.php\" method=\"POST\" encytype=\"multipart/form-data\">
<tr><td class=\"adminform\">Product Name:</td><td></td><td><input type=\"text\" value=" . $name . " name=\"name\" id=\"name\" size=\"27\" /></td></tr>
<tr><td class=\"adminform\">Product Number:</td><td align=\"right\" class=\"adminform\">#</td><td><input value=" . $prodnumber . " type=\"text\" name=\"number\" id=\"number\" size=\"27\" /></td></tr>
<tr><td class=\"adminform\">Product Price:</td><td align=\"right\" class=\"adminform\">$</td><td valign=\"top\"><input type=\"text\" value=" . $price . " name=\"price\" id=\"price\" size=\"27\" /></td></tr>
<tr><td class=\"adminform\">Where do you want this item to be in the list?:</td><td></td><td><input type=\"text\" value=" . $order . " name=\"order\" id=\"order\" size=\"27\" /></td></tr>
    <tr><td class=\"adminform\">What category do you want the product to go in?:</td><td></td>
    <td><select id=\"category\" name=\"category\" size=\"1\" value=\"electrical\">
<option value=\"0\">Choose a category</option>
<option value=\"electrical\">Electrical</option>
<option value=\"hydraulic\">Hydraulic</option>
<option value=\"air\">Air</option>
<option value=\"springs\">Springs</option>
<option value=\"shoes\">Brake Shoes</option>
<option value=\"suspension\">Suspension</option>
</select></td>
<tr><td valign=\"top\" class=\"adminform\">Product Description:</td><td></td><td><textarea name=\"description\" cols=20 rows=6>" . $description . "</textarea></td></tr>
<tr>
<td class=\"adminform\"><input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"300000\" />Upload this picture: </td>
<td></td>
<td><input name=\"picture\" value=\"something\" type=\"file\" />
    </td>
    </tr>
    <tr height=\"10\"></tr>
  <tr><td></td><td></td><td align=\"left\"><input type=\"submit\" value=\"submit\"></td></tr>
    </form>
  </table>
    </td>
    </tr>
</table>
</body>
</html>";
}
}

echo 'Product Number ' . ( $prodnumber > 0 ? 'could not be found' : 'was not entered' ) . '.  Please <a href='findproduct.html'>go back</a> and try again';

exit ();

?>[/code]


Then in....

------------------------editproduct.php--------------------------
[code]<?php

session_start();

if ( ! isset ( $_SESSION['prodnumber'] ) )
{
echo 'This page was not called by the form designed to hande this request.  Please <a href='findproduct.html'>go back</a> and try again';

exit ();
}

$host  = 'localhost';
$user  = 'websters';
$pass  = 'west4';
$dbname = 'WebSter';


$name = $_POST['name'];
$number = $_POST['number'];
$price = $_POST['price'];
$order = $_POST['order'];
$category = $_POST['category'];
$description = $_POST['description'];
$picture = $_POST['picture'];

if((empty($name)) || (empty($number)) || (empty($price))
|| (empty($order)) || (empty($category)) || (empty($description)) || (empty($picture)))
{
echo "Please go back and fill in the following information: <br><br>";
if(empty($name)) echo ("Product Name <br>");
if(empty($number)) echo ("Product Number<br>");
if(empty($price)) echo ("Product Price<br>");
if(empty($order)) echo ("Order of item in the list<br>");
if(empty($category)) echo ("Category must be picked<br>");
if(empty($description)) echo ("Product Description<br>");
if(empty($picture)) echo ("Please upload a photo<br>");
exit(1);
}

$data = addslashes(fread(fopen($picture, "r"), filesize($picture)));

$link = mysql_connect($host, $user, $pass);
if (!$link) {
  die('Not connected : ');
}
mysql_select_db($dbname, $link) or die("Unable to select database");

$prodnumber = $_SESSION['prodnumber'];

$query ="UPDATE " . $category . " SET number='$number' WHERE number='$prodnumber'";
mysql_query($query) or die('Error, query failed, Call Jimmy (330)268-9271');

mysql_close($link);

echo "<html><body><p>Thank you. <a href=\"findproduct.html\">Click here</a> to edit another product
or <a href=\"admin.html\">here</a> to return to administration home page <br>";

$_SESSION = array ();
session_destroy ();
?>[/code]


me!

Share this post


Link to post
Share on other sites
Thank you both for your replies.  I used both suggestions to solve the problem.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.