Jump to content
#FlattenTheCurve ×

Archived

This topic is now archived and is closed to further replies.

Matt Ridge

Code posts correctly, but when updating it doesn't. Can someone help solve this?

Recommended Posts

"no... it's not the same, but since I didn't hear back from you I decided to post the updated version."

 

Wow, I sense a bit of bitter impatience there. Considering I didn't even get the code I requested until nearly 7 hours after the fact around 8pm my time and when I'm trying to spend time with my family...

 

Anyways, since I'm getting the gloomy feeling that our help is more expected rather than appreciated, good luck with your script, I hope you fix the issue.

 

Actually I'm not the impatient one, I am trying to get this working for a company I work for, they are the ones hounding me. I am feeling the pressure on my end to do something I've really never done before. So sorry you feel that way, but I like my job, and I really don't want to loose it over something as "simple" as people here is making it out to be. When to me it's not.

 

Honestly I learned how to code XHTML with PHP and SQL in a little over 2.5 months, what you see here is a culmination of everything I've learned from two books, no classes, and a lot of pressure on me to do so because this economy has made it where it is the employer is always right, and if you can't do it they will hire someone else who can, and my skillset has a flood of people out there that are unemployed, so yes I am in a way impatient because I don't want to loose my job... can you blame me?

 

I am a graphic designer and a computer tech by trade, I never made a website or cracked open a coding book till two months ago, and now I am stuck on this, asking for help, and people here are telling me that x part is wrong, and I'm not sanitizing anything, etc... I've said in the past that I am new at this, this is the first site I registered to, to get help, now I am being pressured at work to do something I have a fleeting grasp of doing, and people here are telling me that I should know what I am doing, and that instead of telling me what is wrong by showing me, they are saying you aren't doing X... when I have no clue what they are saying... and I keep on telling people that as well... but people here don't seem to understand that when I say I don't understand and I keep asking over and over again the same thing, it means I am not understanding what you are saying.

 

Matt, we're not here to be your tutors.  We are here to help, but trying to teach any member PHP from nothing is beyond the scope of what we do.

 

Part of the problem is that you don't read.  There's a reason why people keep repeating themselves to you (your words).  There's a reason why this thread is now on page 4, and the sanitizing thread went 6 pages.  There are only so many ways for us to explain things, and often you have the gall to imply that we're wrong (see: sanitizing thread), or that you did things right (see: your HTML header/footer issue, where your HTML is a bonafide mess).

 

I don't know if you know this, but we're all volunteers.  Even the people with titles and badges.  None of us see one red cent from being here.  We try to help the best we can because we were all newbies once and we want to pay the community back.  That said, we're doing this while also dealing with work, family, health issues, etc.  What this means is that while we may be sympathetic to your plight, you're not entitled to specialized treatment beyond what other members get.  Getting frustrated and pissy at the people offering you free professional help is only going to decrease the chances of anyone answering one of your questions in the future.

 

So, here's what you do:

 

Leave your preconceptions at the door.  You're not at the point where you can even consider how things ought to work, so what's the point of being frustrated with how it does work? 

 

Leave your ego at the door, too.  20+ years IT, several years as a cook... who gives a crap?  Programming is significantly different than both.  Leave that all behind and embrace the differences. 

 

Finally, take the time to read and decipher what we're saying.  We're not going to stop and explain every piece of basic jargon we say.  That would be asinine, especially given how rudimentary and universal it is (even in Objective-C and Java, which I thought you were leaving us for...).  Reading comprehension and the ability to follow instructions are probably the two most critical skills a programmer can have.

 

I am working on that in the background, and honestly it is easier... that being said if I had a choice I'd be putting this into a program, but since I am not the one that signs my paycheck, I do what I am told.

 

As for the rest, I agree... I did leave a lot at the door, the problem is when people tell me to do things and I don't understand why or how to do them, I normally ask for examples by the code I am working on to show me what they are talking about.  Some people do, those who don't I get annoyed at me because I don't understand what they do...

 

As you said, one time you were green to, perhaps it is time to realize that people are green still and don't get the simple nuances you take for granted. I asked very simply in the script I am asking for help for originally which is better for what I need to do when UPDATE is used, get or post, people told me to make a choice of what I need to do. I asked for help because I don't know what I need to do.  Then when I get the script working I ask help to show how to get the ID to show up in the post, then people go on about sanitation.  Now out of left field I am trying to apease the sanitation police before actually getting help about the actual topic.  Several pages later and people are still saying I'm not sanitizing correctly, so instead of pointing me in the right direction I am told that they told me how to do it a few pages ago. 

 

I go back and I still ask which one should I use, so instead of being told the answer I am looking for, which was one or the other I make it so that the script can use both, but still the ID is not posting, so I ask for help to tell me where the ID is getting stuck, and how to solve the problem. So far instead of getting an answer I am being told I am being impatient and also that my script is still not being sanitized correctly...

 

You know what, you are right, you do this for free, and I applaud you for it, but you know what I was hoping for help, because honestly the fact is that I asked for one thing and I've gone through the grinder attempting to appease people here to get the answer I need. Then I'm told that I haven't done what people told me to do, I then ask how do I do it, and I'm told I am being inconsiderate.  You know, I enjoy a debate as much as the next person, but I have done as far as I know everything asked of me, and I am still being stonewalled.

 

Please, I am asking one more time, can someone here solve the issue of why the ID is not posting, I have done all that is asked of me.  The ball for all intended purposes is in the court on the forum... if I don't sanitize I don't care I will deal with it later, I just want this to work... is that too hard to ask for?

 

Share this post


Link to post
Share on other sites

Like litebearer asked, what does your echoed query show?  Is it what you expect?  Are you getting any mysqli errors?

 

We need to know what your query actually looks like vs. what you expect.  Can you run your query in phpmyadmin and get the desired results?

Share this post


Link to post
Share on other sites

Hey Matt:

  You have no idea how lucky you are to have found this community.  We are very nearly unique in the programming world, in terms of the amount of patience people show here.  Getting yourself in a dither over outside pressure isn't going to hep you become a competent coder. 

 

Truthfully, I only read the last page or so of this thread, and I'm not entirely clear what it is that doesn't work.  Debugging commands like echo, print_r, and var_dump are very helpful in figuring out what is happening.  It's just the nature of things that programming tends to have surprises for even the most experienced developer.

 

Just glancing at your last posted code snippet I found this:

 

 

if ($row['fab1']="--None--")

 

This is a common mistake that people make.  That assignment will always be true.  What's doubly problematic there is that whatever value you had in $row['fab1'] is actually getting replaced wiht the string "--None--".

 

I have no idea whether it has anything to do with your current conundrum, but you should fix it nevertheless.

 

if ($row['fab1'] == "--None--")

 

Actually does the comparison.

 

In summary:

 

-More use of simple debugging statements in your code should help you lift the fog and feel like you're not floundering and spinning your wheels so much

-Try to apply DRY.  I know it's probably difficult right now but surely you have to see that you are repeating code.  For example:

 

 

        $part = mysqli_real_escape_string($dbc, trim($_POST['part']));
$rev = mysqli_real_escape_string($dbc, trim($_POST['rev']));
$partdesc = mysqli_real_escape_string($dbc, trim($_POST['partdesc']));
$ncmrqty = mysqli_real_escape_string($dbc, trim($_POST['ncmrqty']));

 

There's a point at which you have to see that a small function would be better, and make your code more consistent, and easier to debug.

 

function cleanPostVar(&$dbc, $key) {
   if (array_key_exists($key, $_POST)) {
     return mysqli_real_escape_string($dbc, trim($_POST[$key]));
  } else {
    return '';
  }
}

 

Now you'd replace all those repetitive calls with:

 

$part = cleanPostVar($dbc, 'part');

 

The nice thing about this is that as you learn more about sanitization and filtering you can add to the function or create variations of it, without having to go through and rewrite 50 lines of code.

 

 

 

Share this post


Link to post
Share on other sites

Like litebearer asked, what does your echoed query show?  Is it what you expect?  Are you getting any mysqli errors?

 

We need to know what your query actually looks like vs. what you expect.  Can you run your query in phpmyadmin and get the desired results?

 

 

I've said multiple times what the error is:

 

Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, null given in /home/pawz/public_html/kaboomlabs.com/testbed/edit.php on line 23

 

Then everyone gets on the fact I'm not sanitized.  Sorry if I seem short but I don't care right now about sanitation right now, I want functionality. I am probably short now because I don't need another case of round robin with something I'm not worried about right now.

 

The part that the error is in is here as far as I can tell by the error given:

 


<?php

      $id=0;
      if(isset($_GET['id']))
         $id= mysqli_real_escape_string($dbc, trim($_GET['id']));
    
      if (isset($_POST['submit'])) {
            $id= mysqli_real_escape_string($dbc, trim($_POST["id"]));	

 

But again, I don't know because I've pretty much lost all hope of getting this script ever working.

Share this post


Link to post
Share on other sites

I solved it. Don't ask how, I don't know.  I've spent all night re-writing the code. I still have some issues that need resolving, but it will work for what is required.

 

Here is the code in it's completion.

 


<?php
require_once('connectvars.php');
echo '<div id="postwrap">'
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <title>PDI NCMR - Edit</title>
      <link rel="stylesheet" type="text/css" href="CSS/postie.css" />
</head>
<body>
   <div id="logo">
<img src="../images/PDI_Logo_2.1.gif" alt="PDI Logo" />
</div>

<?php
// Connect to the database
    $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

      $id= mysqli_real_escape_string($dbc, trim(0));
      if(isset($_GET['id']))
         $id= mysqli_real_escape_string($dbc, trim($_GET['id']));
    
      if (isset($_POST['submit'])) {
            $id= mysqli_real_escape_string($dbc, trim($_POST["id"]));

// Enter data into the database
$ab = mysqli_real_escape_string($dbc, trim($_POST['ab']));
$date = mysqli_real_escape_string($dbc, trim(date('Y-m-d',strtotime ($_POST['date']))));
$part = mysqli_real_escape_string($dbc, trim($_POST['part']));
$rev = mysqli_real_escape_string($dbc, trim($_POST['rev']));
$partdesc = mysqli_real_escape_string($dbc, trim($_POST['partdesc']));
$ncmrqty = mysqli_real_escape_string($dbc, trim($_POST['ncmrqty']));
$comp = mysqli_real_escape_string($dbc, trim($_POST['comp']));
$ncmrid = mysqli_real_escape_string($dbc, trim($_POST['ncmrid']));
$rma = mysqli_real_escape_string($dbc, trim($_POST['rma']));
$jno = mysqli_real_escape_string($dbc, trim($_POST['jno']));
$fdt = mysqli_real_escape_string($dbc, trim($_POST['fdt']));
$cof = mysqli_real_escape_string($dbc, trim($_POST['cof']));
$fab1= mysqli_real_escape_string($dbc, trim($_POST['fab1']));
$fab2= mysqli_real_escape_string($dbc, trim($_POST['fab2']));
$fab3= mysqli_real_escape_string($dbc, trim($_POST['fab3']));
$non= mysqli_real_escape_string($dbc, trim($_POST['non']));
$dis= mysqli_real_escape_string($dbc, trim($_POST['dis']));
$comm= mysqli_real_escape_string($dbc, trim($_POST['comm']));
$caad= mysqli_real_escape_string($dbc, trim($_POST['caad']));
$po= mysqli_real_escape_string($dbc, trim($_POST['po']));
$pod = mysqli_real_escape_string($dbc, trim(date('Y-m-d',strtotime($_POST['pod']))));
$dri = mysqli_real_escape_string($dbc, trim(date('Y-m-d',strtotime($_POST['dri']))));

$query = "UPDATE ncmr SET ab = '$ab', date = '$date', part = '$part', rev = '$rev' , partdesc = '$partdesc' , ncmrqty = '$ncmrqty' , comp = '$comp' , ncmrid = '$ncmrid' , rma = '$rma' , jno = '$jno' , fdt = '$fdt' , cof = '$cof' , fab1 = '$fab1' , fab2 = '$fab2' , fab3 = '$fab3' , non = '$non' , dis = '$dis' , comm = '$comm' , caad = '$caad' , po = '$po' , pod = '$pod' , dri = '$dri'  WHERE id = '$id'";

// echo your raw query and look for obvious errors
     echo "Query is : " . $query . "<br />";
  
// and at least use a basic mechanism to trap possibles errors
       mysqli_query($dbc, $query)  or die('Query Error : ' . mysqli_error($dbc));
   

// Confirm success with the user
	echo '<p>If you wish to edit more NCMRs, please <a href="list.php">go to the admin page!</a></p>';

	// echo your raw query and look for obvious errors
     echo "Query is : " . $query . "<br />";
// Clear the form data
$id = "";
$ab = "";
$date = "";
$part = "";
$rev = "";
$partdesc = "";
$ncmrqty = "";
$comp = "";
$ncmrid = "";
$rma = "";
$jno = "";
$fdt = "";
$cof = "";
$fab1= "";
$fab2= "";
$fab3= "";
$non= "";
$dis= "";
$comm= "";
$caad= "";
$po= "";
$pod = "";
$dri = "";
		mysqli_close($dbc);
		}

  else {	

// Connect to the database
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
// Grab the profile data from the database
if (!isset($_GET['id'])) {
    $query = "SELECT * FROM ncmr WHERE id = '$id'";
  }
  else {
    $query = "SELECT * FROM ncmr WHERE id = '$id'";
  }

  $data = mysqli_query($dbc, $query);

  if (mysqli_num_rows($data) == 1) { 
// The user row was found so display the user data
    $row = mysqli_fetch_array($data);
echo "<form action='".$_SERVER['PHP_SELF']."' method='post'>";
echo '<fieldset>';

	echo '<div id="box1">';
		if (empty($row['ab'])) $row['ab'] = "Empty";
		if (empty($row['date'])) $row['date'] = "Empty";
		if (empty($row['part'])) $row['part'] = "Empty";
		if (empty($row['rev'])) $row['rev'] = "Empty";
		if (empty($row['partdesc'])) $row['partdesc'] = "Empty";
		if (empty($row['ncmrqty'])) $row['ncmrqty'] = "Empty";
		echo '<div id="ab"><span class="b">Added By:  </span><input type="text" name="ab" value="' . $row['ab'] . '" /></div>';
		echo '<div id="date"><span class="b">Date Filed:  </span><input type="text" name="date" value="' . $row['date'] . '" /></div>';
		echo '<div id="part"><span class="b">Part Number:  </span><input type="text" name="part" value="' . $row['part'] . '" /></div>';
		echo '<div id="rev"><span class="b">Part Revision:  </span><input type="text" name="rev" value="' . $row['rev'] . '" /></div>';
		echo '<div id="partdesc"><span class="b">Part Description:  </span><textarea rows="4" cols="22">' . $row['partdesc'] . '</textarea></div>';
		echo '<div id="ncmrqty"><span class="b">NCMR Qty:  </span><input type="text" name="ncmrqty" value="' . $row['ncmrqty'] . '" /></div>';
	echo '</div>';

//Company, Customer NCMR, Internal RMA, and Job Number
	echo '<div id="box2">';
		if (empty($row['comp'])) $row['comp'] = "Empty";
		if (empty($row['ncmrid'])) $row['ncmrid'] = "Empty";
		if (empty($row['rma'])) $row['rma'] = "Empty";
		if (empty($row['jno'])) $row['jno'] = "Empty";
			echo '<div id="comp"><span class="b">Company:  </span><input type="text" name="comp" value="' . $row['comp'] . '" /></div>';
				echo '<div id="ncmrid"><span class="b">Customer NCMR ID:  </span><input type="text" name="ncmrid" value="' . $row['ncmrid'] . '" /></div>';
				echo '<div id="rma"><span class="b">Internal RMA #:  </span><input type="text" name="rma" value="' . $row['rma'] . '" /></div>';
				echo '<div id="jno"><span class="b">Job #:  </span><input type="text" name="jno" value="' . $row['jno'] . '" /></div>';
	echo '</div>';

//Type of Failure and Class of Failure
	echo '<div id="box3">';
		echo '<h2>Failure</h2>';
			echo '<div id="cof"><span class="b">Class of Failure:  </span><input type="text" name="cof"  size="15" value="' . $row['cof'] . '" /></div>';
			echo '<div id="fdt"><span class="b">Failure Due To:  </span><input type="text" name="fdt"  size="15" value="' . $row['fdt'] . '" /></div>';

		echo '</div>';

//Fabricators
	echo '<div id="box4">';
		echo '<h2>Fabricators</h2>';
if ($row['fab1']="--None--")
{
    echo'<div id="fab1">';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); 
    $mysqli->select_db('user');
    $result = $mysqli->query("SELECT * FROM user"); 
    echo "<SELECT name='fab1'>\n";
    while($row = $result->fetch_assoc())
    {
        echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
    }
    echo "</select>\n";
    echo '</div>';
}
else
{
    echo'<div id="fab1">';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); 
    $mysqli->select_db('user');
    $result = $mysqli->query("SELECT * FROM user"); 
    echo "<SELECT name='fab1'>\n";
    while($row = $result->fetch_assoc())
    {
        echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
    }
    echo "</select>\n";
    echo '</div>';
}


if ($row['fab2']="--None--")
{
    echo'<div id="fab2">';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); 
    $mysqli->select_db('user');
    $result = $mysqli->query("SELECT * FROM user"); 
    echo "<SELECT name='fab2'>\n";
    while($row = $result->fetch_assoc())
    {
        echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
    }
    echo "</select>\n";
    echo '</div>';
}
else
{
    echo '<div id="fab2"><span class="b"></span><input type="text" name="fab1"  size="20" value="' . $row['fab1'] . '" /></div>';
    echo '</div>';
}
if ($row['fab3']="--None--")
{
    echo'<div id="fab3">';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); 
    $mysqli->select_db('user');
    $result = $mysqli->query("SELECT * FROM user"); 
    echo "<SELECT name='fab3'>\n";
    while($row = $result->fetch_assoc())
    {
        echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
    }
    echo "</select>\n";
    echo '</div>';
}
else
{
    echo '<div id="fab3"><span class="b"></span><input type="text" name="fab1"  size="20" value="' . $row['fab1'] . '" /></div>';
    echo '</div>';
}		echo '</div>';

//Nonconformity, Disposition, Comments and Comments & Additional Details
	echo '<div id="box5">';
		if (empty($row['non'])) $row['non'] = "Empty";
		if (empty($row['dis'])) $row['dis'] = "Empty";
		if (empty($row['comm'])) $row['comm'] = "Empty";
		if (empty($row['caad'])) $row['caad'] = "Empty";

		echo '<div id="non"><span class="b">Nonconformity:  </span><textarea rows="4" cols="105">' . $row['non'] . '</textarea></div>';
		echo '<div id="dis"><span class="b">Disposition:  </span><textarea rows="4" cols="105">' . $row['dis'] . '</textarea></div>';
		echo '<div id="comm"><span class="b">Comments:  </span><textarea rows="4" cols="105">' . $row['comm'] . '</textarea></div>';
		echo '<div id="caad"><span class="b">Comments and/or Additional Details:  </span><textarea rows="4" cols="105">' . $row['caad'] . '</textarea></div>';

			echo '<div id="podr">';
					if (empty($row['po'])) $row['po'] ="Empty";
					if (empty($row['pod'])) $row['pod'] ="Empty";
					if (empty($row['dir'])) $row['dri'] ="Empty";

				echo '<div id="po"><span class="b">PO:  </span><input type="text" name="po"  size="7" value="' . $row['po'] . '" /></div>';
				echo '<div id="pod"><span class="b">PO Date:  </span><input type="text" name="pod"  size="7" value="' . $row['pod'] . '" /></div>';
				echo '<div id="dri"><span class="b">Date Received:  </span><input type="text" name="dri"  size="7" value="' . $row['dri'] . '" /></div>';
			echo '</div>';
		echo '<div id="button2"><input type="submit" value="Submit Edits" name="submit" /></div>';
//Save ID so it can be used with POST request.
echo "<input type='hidden' value='$id' name='id'/>"; 

	echo '</div>';
echo '</fieldset>';
echo '</form>';
	}
}

echo '</div>';

?>
</body>
</html>

Share this post


Link to post
Share on other sites

 

Hey Matt:

  You have no idea how lucky you are to have found this community.  We are very nearly unique in the programming world, in terms of the amount of patience people show here.  Getting yourself in a dither over outside pressure isn't going to hep you become a competent coder. 

 

Truthfully, I only read the last page or so of this thread, and I'm not entirely clear what it is that doesn't work.  Debugging commands like echo, print_r, and var_dump are very helpful in figuring out what is happening.  It's just the nature of things that programming tends to have surprises for even the most experienced developer.

 

Just glancing at your last posted code snippet I found this:

 

 

if ($row['fab1']="--None--")

 

This is a common mistake that people make.  That assignment will always be true.  What's doubly problematic there is that whatever value you had in $row['fab1'] is actually getting replaced wiht the string "--None--".

 

I have no idea whether it has anything to do with your current conundrum, but you should fix it nevertheless.

 

if ($row['fab1'] == "--None--")

 

Actually does the comparison.

 

Ok, I've adjusted the code the way you suggested, and it still is showing --None-- Even though the first name was selected, and submitted correctly. The first test was the first name Andy Kahl... The change shows in the database, but the name doesn't show in the pulldown menu even though it's in the database, and as far as I can tell the script itself is requesting said information.

 

In summary:

 

-More use of simple debugging statements in your code should help you lift the fog and feel like you're not floundering and spinning your wheels so much

-Try to apply DRY.  I know it's probably difficult right now but surely you have to see that you are repeating code.  For example:

 

 

        $part = mysqli_real_escape_string($dbc, trim($_POST['part']));
$rev = mysqli_real_escape_string($dbc, trim($_POST['rev']));
$partdesc = mysqli_real_escape_string($dbc, trim($_POST['partdesc']));
$ncmrqty = mysqli_real_escape_string($dbc, trim($_POST['ncmrqty']));

 

There's a point at which you have to see that a small function would be better, and make your code more consistent, and easier to debug.

 

function cleanPostVar(&$dbc, $key) {
   if (array_key_exists($key, $_POST)) {
     return mysqli_real_escape_string($dbc, trim($_POST[$key]));
  } else {
    return '';
  }
}

 

Now you'd replace all those repetitive calls with:

 

$part = cleanPostVar($dbc, 'part');

 

The nice thing about this is that as you learn more about sanitization and filtering you can add to the function or create variations of it, without having to go through and rewrite 50 lines of code.

 

Ok, I have a question about what you just said, in your code

function cleanPostVar(&$dbc, $key) {
   if (array_key_exists($key, $_POST)) {
     return mysqli_real_escape_string($dbc, trim($_POST[$key]));
  } else {
    return '';
  }
}

Is the & suppose to be there before the $dbc?

 

Also what is $key?

Share this post


Link to post
Share on other sites

Ok, I have a question about what you just said, in your code

function cleanPostVar(&$dbc, $key) {
   if (array_key_exists($key, $_POST)) {
     return mysqli_real_escape_string($dbc, trim($_POST[$key]));
  } else {
    return '';
  }
}

Is the & suppose to be there before the $dbc?

 

Also what is $key?

 

I can answer that for him. Yes, the ampersand is supposed to be there. When you pass a parameter into a function, if you preface the parameter with the ampersand it is passing the actual reference of the variable. So, instead of being a copy of the original value - it IS the original value. It can be a difficult concept to grasp, but it's sort of like declaring the variable as global. You can see the manual on passign by reference here: http://php.net/manual/en/language.references.pass.php.

 

$key is simply the POST field name. "key" is synonymous with the index of an array. Int he example given the function would be called using somethign such as

$part = cleanPostVar($dbc, 'part');

 

'part' is the key. So, the function would return the value for $_POST['part'] (if it existed)

Share this post


Link to post
Share on other sites

For your first question, this is where you need to debug.  Put in a var_dump($row); right before the check and see what $row has and whether or not the 'fab1' key even exists.

 

Yes, the & is in php pass by reference.  Unfortunately this is a technical detail having to do with functions and the use of resource types like database handles.  You might know about pass by reference and pass by value?  Basically, for a function, the default is to pass a variable by value.  What this means is that the variable is actually copied when it is passed to the function, and changes to that parameter inside the function are not retained once the function ends.  Most of the time this is the behavior you want, because you want functions to take parameters and return a result.  With PHP it's actually more complicated in the way that variables are stored, named, and the way this stuff works internally but the basic idea is the same.

 

-- if you're passing a "resource" variable (a database connection, file handle, socket connection, or a complex variable like an array that contains any resources)  then you need to pass that variable by reference, so that the original variable is used, rather than a copy.  If a copy is used you will find that the connection is destroyed in the copy process and will not work.  So this is a rare case where you need to use the & with the parameter to indicate that the original variable should be passed as is (pass by reference).

 

 

Share this post


Link to post
Share on other sites

Ok, I am now running into an issue that I don't see a reason for. In the code, the part description when edited is not pushing the data to the table...

 

These are the pieces of code that deal with it:

 

$partdesc = mysqli_real_escape_string($dbc, trim($_POST['partdesc']));

 

$query = "UPDATE ncmr SET ab = '$ab', date = '$date', part = '$part', rev = '$rev' , partdesc = '$partdesc' , ncmrqty = '$ncmrqty' , comp = '$comp' , ncmrid = '$ncmrid' , rma = '$rma' , jno = '$jno' , fdt = '$fdt' , cof = '$cof' , fab1 = '$fab1' , fab2 = '$fab2' , fab3 = '$fab3' , non = '$non' , dis = '$dis' , comm = '$comm' , caad = '$caad' , po = '$po' , pod = '$pod' , dri = '$dri'  WHERE id = '$id'";

 

		if (empty($row['partdesc'])) $row['partdesc'] = "Empty";

		echo '<div id="partdesc"><span class="b">Part Description:  </span><textarea rows="4" cols="22">' . $row['partdesc'] . '</textarea></div>';

 

 

Now in the database the field of the table where the data enters it into is: partdesc.  So I can't figure out why this is not working. As far as I know everything else is posting correctly.

 

The page is as always:

 

http://kaboomlabs.com/testbed/edit.php?id=1

 


<?php
require_once('connectvars.php');
echo '<div id="postwrap">'
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <title>PDI NCMR - Edit</title>
      <link rel="stylesheet" type="text/css" href="CSS/postie.css" />
</head>
<body>
   <div id="logo">
<img src="../images/PDI_Logo_2.1.gif" alt="PDI Logo" />
</div>

<?php

function cleanPostVar(&$dbc, $key) {
   if (array_key_exists($key, $_POST)) {
     return mysqli_real_escape_string($dbc, trim($_POST[$key]));
  } else {
    return '';
  }
}

// Connect to the database
    $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

      $id= mysqli_real_escape_string($dbc, trim(0));
      if(isset($_GET['id']))
         $id= mysqli_real_escape_string($dbc, trim($_GET['id']));
    
      if (isset($_POST['submit'])) {
            $id= mysqli_real_escape_string($dbc, trim($_POST["id"]));

// Enter data into the database
$ab = cleanPostVar($dbc,'ab');
$date = mysqli_real_escape_string($dbc, trim(date('Y-m-d',strtotime ($_POST['date']))));
$part = cleanPostVar($dbc,'part');
$rev = cleanPostVar($dbc,'rev');
$partdesc = cleanPostVar($dbc,'partdesc');
$ncmrqty = cleanPostVar($dbc,'ncmrqty');
$comp = cleanPostVar($dbc,'comp');
$ncmrid = cleanPostVar($dbc,'ncmrid');
$rma = cleanPostVar($dbc,'rma');
$jno = cleanPostVar($dbc,'jno');
$fdt = cleanPostVar($dbc,'fdt');
$cof = cleanPostVar($dbc,'cof');
$fab1= cleanPostVar($dbc,'fab1');
$fab2= cleanPostVar($dbc,'fab2');
$fab3= cleanPostVar($dbc,'fab3');
$non= cleanPostVar($dbc,'non');
$dis= cleanPostVar($dbc,'dis');
$comm= cleanPostVar($dbc,'comm');
$caad= cleanPostVar($dbc,'caad');
$po= cleanPostVar($dbc,'po');
$pod = mysqli_real_escape_string($dbc, trim(date('Y-m-d',strtotime($_POST['pod']))));
$dri = mysqli_real_escape_string($dbc, trim(date('Y-m-d',strtotime($_POST['dri']))));

$query = "UPDATE ncmr SET ab = '$ab', date = '$date', part = '$part', rev = '$rev' , partdesc = '$partdesc' , ncmrqty = '$ncmrqty' , comp = '$comp' , ncmrid = '$ncmrid' , rma = '$rma' , jno = '$jno' , fdt = '$fdt' , cof = '$cof' , fab1 = '$fab1' , fab2 = '$fab2' , fab3 = '$fab3' , non = '$non' , dis = '$dis' , comm = '$comm' , caad = '$caad' , po = '$po' , pod = '$pod' , dri = '$dri'  WHERE id = '$id'";

// echo your raw query and look for obvious errors
     echo "Query is : " . $query . "<br />";
  
// and at least use a basic mechanism to trap possibles errors
       mysqli_query($dbc, $query)  or die('Query Error : ' . mysqli_error($dbc));
   

// Confirm success with the user
	echo '<p>If you wish to edit more NCMRs, please <a href="list.php">go to the admin page!</a></p>';

// Clear the form data
$id = "";
$ab = "";
$date = "";
$part = "";
$rev = "";
$partdesc = "";
$ncmrqty = "";
$comp = "";
$ncmrid = "";
$rma = "";
$jno = "";
$fdt = "";
$cof = "";
$fab1= "";
$fab2= "";
$fab3= "";
$non= "";
$dis= "";
$comm= "";
$caad= "";
$po= "";
$pod = "";
$dri = "";
		mysqli_close($dbc);
		}

  else {	

// Grab the profile data from the database
if (!isset($_GET['id'])) {
    $query = "SELECT * FROM ncmr WHERE id = '$id'";
  }
  else {
    $query = "SELECT * FROM ncmr WHERE id = '$id'";
  }

$data = mysqli_query($dbc, $query);

  if (mysqli_num_rows($data) == 1) { 
// The user row was found so display the user data
    $row = mysqli_fetch_array($data);
echo "<form action='".$_SERVER['PHP_SELF']."' method='post'>";
echo '<fieldset>';

	echo '<div id="box1">';
		if (empty($row['ab'])) $row['ab'] = "Empty";
		if (empty($row['date'])) $row['date'] = "Empty";
		if (empty($row['part'])) $row['part'] = "Empty";
		if (empty($row['rev'])) $row['rev'] = "Empty";
		if (empty($row['partdesc'])) $row['partdesc'] = "Empty";
		if (empty($row['ncmrqty'])) $row['ncmrqty'] = "Empty";
		echo '<div id="ab"><span class="b">Added By:  </span><input type="text" name="ab" value="' . $row['ab'] . '" /></div>';
		echo '<div id="date"><span class="b">Date Filed:  </span><input type="text" name="date" value="' . $row['date'] . '" /></div>';
		echo '<div id="part"><span class="b">Part Number:  </span><input type="text" name="part" value="' . $row['part'] . '" /></div>';
		echo '<div id="rev"><span class="b">Part Revision:  </span><input type="text" name="rev" value="' . $row['rev'] . '" /></div>';
		echo '<div id="partdesc"><span class="b">Part Description:  </span><textarea rows="4" cols="22">' . $row['partdesc'] . '</textarea></div>';
		echo '<div id="ncmrqty"><span class="b">NCMR Qty:  </span><input type="text" name="ncmrqty" value="' . $row['ncmrqty'] . '" /></div>';
	echo '</div>';

//Company, Customer NCMR, Internal RMA, and Job Number
	echo '<div id="box2">';
		if (empty($row['comp'])) $row['comp'] = "Empty";
		if (empty($row['ncmrid'])) $row['ncmrid'] = "Empty";
		if (empty($row['rma'])) $row['rma'] = "Empty";
		if (empty($row['jno'])) $row['jno'] = "Empty";
			echo '<div id="comp"><span class="b">Company:  </span><input type="text" name="comp" value="' . $row['comp'] . '" /></div>';
				echo '<div id="ncmrid"><span class="b">Customer NCMR ID:  </span><input type="text" name="ncmrid" value="' . $row['ncmrid'] . '" /></div>';
				echo '<div id="rma"><span class="b">Internal RMA #:  </span><input type="text" name="rma" value="' . $row['rma'] . '" /></div>';
				echo '<div id="jno"><span class="b">Job #:  </span><input type="text" name="jno" value="' . $row['jno'] . '" /></div>';
	echo '</div>';

//Type of Failure and Class of Failure
	echo '<div id="box3">';
		echo '<h2>Failure</h2>';
			echo '<div id="cof"><span class="b">Class of Failure:  </span><input type="text" name="cof"  size="15" value="' . $row['cof'] . '" /></div>';
			echo '<div id="fdt"><span class="b">Failure Due To:  </span><input type="text" name="fdt"  size="15" value="' . $row['fdt'] . '" /></div>';

		echo '</div>';

//Fabricators
	echo '<div id="box4">';
		echo '<h2>Fabricators</h2>';
if ($row['fab1']=="--None--")
{
    echo'<div id="fab1">';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); 
    $mysqli->select_db('user');
    $result = $mysqli->query("SELECT * FROM user"); 
    echo "<SELECT name='fab1'>\n";
    while($row = $result->fetch_assoc())
    {
        echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
    }
    echo "</select>\n";
    echo '</div>';
}
else
{
    echo'<div id="fab1">';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); 
    $mysqli->select_db('user');
    $result = $mysqli->query("SELECT * FROM user"); 
    echo "<SELECT name='fab1'>\n";
    while($row = $result->fetch_assoc())
    {
        echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
    }
    echo "</select>\n";
    echo '</div>';
}


if ($row['fab2']="--None--")
{
    echo'<div id="fab2">';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); 
    $mysqli->select_db('user');
    $result = $mysqli->query("SELECT * FROM user"); 
    echo "<SELECT name='fab2'>\n";
    while($row = $result->fetch_assoc())
    {
        echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
    }
    echo "</select>\n";
    echo '</div>';
}
else
{
    echo '<div id="fab2"><span class="b"></span><input type="text" name="fab1"  size="20" value="' . $row['fab1'] . '" /></div>';
    echo '</div>';
}
if ($row['fab3']="--None--")
{
    echo'<div id="fab3">';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); 
    $mysqli->select_db('user');
    $result = $mysqli->query("SELECT * FROM user"); 
    echo "<SELECT name='fab3'>\n";
    while($row = $result->fetch_assoc())
    {
        echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
    }
    echo "</select>\n";
    echo '</div>';
}
else
{
    echo '<div id="fab3"><span class="b"></span><input type="text" name="fab1"  size="20" value="' . $row['fab1'] . '" /></div>';
    echo '</div>';
}		echo '</div>';

//Nonconformity, Disposition, Comments and Comments & Additional Details
	echo '<div id="box5">';
		if (empty($row['non'])) $row['non'] = "Empty";
		if (empty($row['dis'])) $row['dis'] = "Empty";
		if (empty($row['comm'])) $row['comm'] = "Empty";
		if (empty($row['caad'])) $row['caad'] = "Empty";

		echo '<div id="non"><span class="b">Nonconformity:  </span><textarea rows="4" cols="105">' . $row['non'] . '</textarea></div>';
		echo '<div id="dis"><span class="b">Disposition:  </span><textarea rows="4" cols="105">' . $row['dis'] . '</textarea></div>';
		echo '<div id="comm"><span class="b">Comments:  </span><textarea rows="4" cols="105">' . $row['comm'] . '</textarea></div>';
		echo '<div id="caad"><span class="b">Comments and/or Additional Details:  </span><textarea rows="4" cols="105">' . $row['caad'] . '</textarea></div>';

			echo '<div id="podr">';
					if (empty($row['po'])) $row['po'] ="Empty";
					if (empty($row['pod'])) $row['pod'] ="Empty";
					if (empty($row['dir'])) $row['dri'] ="Empty";

				echo '<div id="po"><span class="b">PO:  </span><input type="text" name="po"  size="7" value="' . $row['po'] . '" /></div>';
				echo '<div id="pod"><span class="b">PO Date:  </span><input type="text" name="pod"  size="7" value="' . $row['pod'] . '" /></div>';
				echo '<div id="dri"><span class="b">Date Received:  </span><input type="text" name="dri"  size="7" value="' . $row['dri'] . '" /></div>';
			echo '</div>';
		echo '<div id="button2"><input type="submit" value="Submit Edits" name="submit" /></div>';
//Save ID so it can be used with POST request.
echo "<input type='hidden' value='$id' name='id'/>"; 

	echo '</div>';
echo '</fieldset>';
echo '</form>';
	}
}

echo '</div>';

?>
</body>
</html>

Share this post


Link to post
Share on other sites

Ok, I have a question about what you just said, in your code

function cleanPostVar(&$dbc, $key) {
   if (array_key_exists($key, $_POST)) {
     return mysqli_real_escape_string($dbc, trim($_POST[$key]));
  } else {
    return '';
  }
}

Is the & suppose to be there before the $dbc?

 

Also what is $key?

 

I can answer that for him. Yes, the ampersand is supposed to be there. When you pass a parameter into a function, if you preface the parameter with the ampersand it is passing the actual reference of the variable. So, instead of being a copy of the original value - it IS the original value. It can be a difficult concept to grasp, but it's sort of like declaring the variable as global. You can see the manual on passign by reference here: http://php.net/manual/en/language.references.pass.php.

 

$key is simply the POST field name. "key" is synonymous with the index of an array. Int he example given the function would be called using somethign such as

$part = cleanPostVar($dbc, 'part');

 

'part' is the key. So, the function would return the value for $_POST['part'] (if it existed)

 

How do you make this work for dates? like this: 

 

$date = mysqli_real_escape_string($dbc, trim(date('Y-m-d',strtotime ($_POST['date']))));

Share this post


Link to post
Share on other sites

Since PHP is creating the date via date, you wouldn't have to escape it.  You do need to make sure $_POST['date'] is legit/safe before passing it to strtotime.

Share this post


Link to post
Share on other sites

Since PHP is creating the date via date, you wouldn't have to escape it.  You do need to make sure $_POST['date'] is legit/safe before passing it to strtotime.

 

I noticed that is has a script to show failure, which is what I am guessing you are pointing at, but would I put the variant of that before the POST commands? Or inside the script before submit is entered?

Share this post


Link to post
Share on other sites

Since PHP is creating the date via date, you wouldn't have to escape it.  You do need to make sure $_POST['date'] is legit/safe before passing it to strtotime.

 

I noticed that is has a script to show failure

 

I'm not quite sure what you mean by that.  Do you mean a simple conditional like:

 

if (/*something*/) {
   // do something with $_POST['date']
}

 

or something else?

 

Can you post the current, relevant part of that code?

Share this post


Link to post
Share on other sites

This is what I have now:

 

$date = mysqli_real_escape_string($dbc, trim(date('Y-m-d',strtotime ($_POST['date']))));

 

This is what I see on the site you sent me...

 

<?php
$str = 'Not Good';

// previous to PHP 5.1.0 you would compare with -1, instead of false
if (($timestamp = strtotime($str)) === false) {
    echo "The string ($str) is bogus";
} else {
    echo "$str == " . date('l dS \o\f F Y h:i:s A', $timestamp);
}
?>

Share this post


Link to post
Share on other sites

Okay, so do:

 

if (($timestamp = strtotime(trim($_POST['date'])) === false) {
   // error
} else {
   // good

   $date = date('Y-m-d', $timestamp);
}

 

How you handle the error condition is up to you. 

Share this post


Link to post
Share on other sites

 

Just glancing at your last posted code snippet I found this:

 

 

if ($row['fab1']="--None--")

 

This is a common mistake that people make.  That assignment will always be true.  What's doubly problematic there is that whatever value you had in $row['fab1'] is actually getting replaced wiht the string "--None--".

 

I have no idea whether it has anything to do with your current conundrum, but you should fix it nevertheless.

 

if ($row['fab1'] == "--None--")

 

Actually does the comparison.

 

Ok, I fixed this, the problem I am running into with this code is that the name is selected, and entered into the database, but when viewed again the name shows up as --None-- even though the form shows it has been edited.

 

http://kaboomlabs.com/testbed/edit.php?id=1

 

The code is as thus:

 


if ($row['fab1']=="--None--")
{
    echo'<div id="fab1">';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); 
    $mysqli->select_db('user');
    $result = $mysqli->query("SELECT * FROM user"); 
    echo "<SELECT name='fab1'>\n";
    while($row = $result->fetch_assoc())
    {
        echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
    }
    echo "</select>\n";
    echo '</div>';
}
else
{
    echo'<div id="fab1">';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); 
    $mysqli->select_db('user');
    $result = $mysqli->query("SELECT * FROM user"); 
    echo "<SELECT name='fab1'>\n";
    while($row = $result->fetch_assoc())
    {
        echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
    }

 

Here is where it gets interesting. There are two tables being used in this code, ncmr and user. User is what holds the user names in field $user for the pull-down field. Ncmr holds the $fab1 filed where the data is being stored.

 

What I want to do is that if the $fab1 in the ncmr database has a name in it, the pull down menu will show the name unless --None-- was selected, and allow it to be changed if need be via a pull down menu which pulls names from the user table, then have the change if any be inserted into the ncmr database.  Does  this make any sense to anyone? I hope so because I really don't know how to say it any other way. 

 

Somehow I have a feeling if I have to we are going to be doing a "Who's on First" scenario.

Share this post


Link to post
Share on other sites

Okay, so do:

 

if (($timestamp = strtotime(trim($_POST['date'])) === false) {
   // error
} else {
   // good

   $date = date('Y-m-d', $timestamp);
}

 

How you handle the error condition is up to you.

 

I'm more asking where to put this code... prior the submit button or during the post?

Share this post


Link to post
Share on other sites

Okay, so do:

 

if (($timestamp = strtotime(trim($_POST['date'])) === false) {
   // error
} else {
   // good

   $date = date('Y-m-d', $timestamp);
}

 

How you handle the error condition is up to you.

 

I'm more asking where to put this code... prior the submit button or during the post?

 

It should be somewhere in your post handling code.

 

It's probably too late to change now, but if you want to save some headaches in the future, you should separate as much PHP from your HTML as possible.  Putting the vast majority of your PHP first will let you separate logic from presentation, and make everything a lot easier.  Well-formed PHP scripts tend to look like:

 

<?php
   if ($_SERVER['REQUEST_METHOD'] == 'POST') { // check to see if we're accessing the page via POST
      // all form handling code

      // this allows you to store results in variables and redirect the user (if necessary) without getting those
      // pesky 'Headers already sent' errors

      // this is also where error handling code goes
   }
?>

<!-- 
HTML goes here.  If written correctly, the only PHP you need here are statements echoing results, conditionals, and/or loops.  
Simple code with minimal logic to display errors or results.  If you find yourself doing any processing, accessing the db, etc., 
you're doing it wrong.
-->

 

You should always strive to separate your concerns as much as possible.  HTML has a different 'job' than PHP.  HTML is only concerned with presentation.  PHP is concerned with back end logic.  The only PHP that should be in HTML is what is necessary to complete the presentation.

 

Similarly, HTML and CSS should be separated, as HTML deals with layout and CSS with formatting.  And JavaScript should be written unobtrusively (meaning no inline JS in your HTML) as JavaScript manipulates the document, but is not part of it.

 

If you can think of code in terms of layered components, you'll have a much easier time.  HTML is really just a skin on top of your app.

Share this post


Link to post
Share on other sites

Okay, so do:

 

if (($timestamp = strtotime(trim($_POST['date'])) === false) {
   // error
} else {
   // good

   $date = date('Y-m-d', $timestamp);
}

 

How you handle the error condition is up to you.

 

I'm more asking where to put this code... prior the submit button or during the post?

 

It should be somewhere in your post handling code.

 

It's probably too late to change now, but if you want to save some headaches in the future, you should separate as much PHP from your HTML as possible.  Putting the vast majority of your PHP first will let you separate logic from presentation, and make everything a lot easier.  Well-formed PHP scripts tend to look like:

 

<?php
   if ($_SERVER['REQUEST_METHOD'] == 'POST') { // check to see if we're accessing the page via POST
      // all form handling code

      // this allows you to store results in variables and redirect the user (if necessary) without getting those
      // pesky 'Headers already sent' errors

      // this is also where error handling code goes
   }
?>

<!-- 
HTML goes here.  If written correctly, the only PHP you need here are statements echoing results, conditionals, and/or loops.  
Simple code with minimal logic to display errors or results.  If you find yourself doing any processing, accessing the db, etc., 
you're doing it wrong.
-->

 

You should always strive to separate your concerns as much as possible.  HTML has a different 'job' than PHP.  HTML is only concerned with presentation.  PHP is concerned with back end logic.  The only PHP that should be in HTML is what is necessary to complete the presentation.

 

Similarly, HTML and CSS should be separated, as HTML deals with layout and CSS with formatting.  And JavaScript should be written unobtrusively (meaning no inline JS in your HTML) as JavaScript manipulates the document, but is not part of it.

 

If you can think of code in terms of layered components, you'll have a much easier time.  HTML is really just a skin on top of your app.

 

You know this pisses me off to some extent, there seems to be a fight all the time about PHP vs XHTML & PHP  split pages... Some people say that put the entire page in PHP, the other camp says as you do.  You know I can do it both ways, but I don't know which one is right any more.

 

I prefer to do XHTML and PHP separately but I've forced myself to do PHP only because "it is what people say to do" This is one of the reasons I wish there was a standard.

Share this post


Link to post
Share on other sites

You don't necessarily have to have separate pages, as in, separate files.  For pages that post to themselves, having everything in one file tends to be simpler as you can display errors right on the form without having to play hidden input/session shuffle.  What's important is maintaining internal discipline and keeping clear boundaries between different kinds of code.

 

EDIT: How code is structured, after everything has been include-ed or whatnot, is what's important.  The physical structure (files, folders) should be whatever makes the most sense to your particular workflow and comfort.

Share this post


Link to post
Share on other sites

You don't necessarily have to have separate pages, as in, separate files.  For pages that post to themselves, having everything in one file tends to be simpler as you can display errors right on the form without having to play hidden input/session shuffle.  What's important is maintaining internal discipline and keeping clear boundaries between different kinds of code.

 

EDIT: How code is structured, after everything has been include-ed or whatnot, is what's important.  The physical structure (files, folders) should be whatever makes the most sense to your particular workflow and comfort.

 

What I mean by separating PHP and XHTML in separate sections I mean one page two distinct areas. I use to do that, and then was told to not because it is better to wrap PHP around everything than to go in and out of PHP and XHTML...

 

Share this post


Link to post
Share on other sites

You don't necessarily have to have separate pages, as in, separate files.  For pages that post to themselves, having everything in one file tends to be simpler as you can display errors right on the form without having to play hidden input/session shuffle.  What's important is maintaining internal discipline and keeping clear boundaries between different kinds of code.

 

EDIT: How code is structured, after everything has been include-ed or whatnot, is what's important.  The physical structure (files, folders) should be whatever makes the most sense to your particular workflow and comfort.

 

What I mean by separating PHP and XHTML in separate sections I mean one page two distinct areas. I use to do that, and then was told to not because it is better to wrap PHP around everything than to go in and out of PHP and XHTML...

 

 

Ah.  That's an odd suggestion, especially considering how larger PHP apps do things.  Mostly HTML templates/views are the way to go.  Like I said before, they should have just have the bare minimum amount of PHP to display the results of some other process.  ~99% of them should be pure markup.

Share this post


Link to post
Share on other sites

You don't necessarily have to have separate pages, as in, separate files.  For pages that post to themselves, having everything in one file tends to be simpler as you can display errors right on the form without having to play hidden input/session shuffle.  What's important is maintaining internal discipline and keeping clear boundaries between different kinds of code.

 

EDIT: How code is structured, after everything has been include-ed or whatnot, is what's important.  The physical structure (files, folders) should be whatever makes the most sense to your particular workflow and comfort.

 

What I mean by separating PHP and XHTML in separate sections I mean one page two distinct areas. I use to do that, and then was told to not because it is better to wrap PHP around everything than to go in and out of PHP and XHTML...

 

 

Ah.  That's an odd suggestion, especially considering how larger PHP apps do things.  Mostly HTML templates/views are the way to go.  Like I said before, they should have just have the bare minimum amount of PHP to display the results of some other process.  ~99% of them should be pure markup.

 

Now you see why I probably get confused about how to do things a lot, being told and taught to do it one way, instead of another sort of bites one in the ass quite a bit.

Share this post


Link to post
Share on other sites

You don't necessarily have to have separate pages, as in, separate files.  For pages that post to themselves, having everything in one file tends to be simpler as you can display errors right on the form without having to play hidden input/session shuffle.  What's important is maintaining internal discipline and keeping clear boundaries between different kinds of code.

 

EDIT: How code is structured, after everything has been include-ed or whatnot, is what's important.  The physical structure (files, folders) should be whatever makes the most sense to your particular workflow and comfort.

 

What I mean by separating PHP and XHTML in separate sections I mean one page two distinct areas. I use to do that, and then was told to not because it is better to wrap PHP around everything than to go in and out of PHP and XHTML...

 

 

Ah.  That's an odd suggestion, especially considering how larger PHP apps do things.  Mostly HTML templates/views are the way to go.  Like I said before, they should have just have the bare minimum amount of PHP to display the results of some other process.  ~99% of them should be pure markup.

 

Now you see why I probably get confused about how to do things a lot, being told and taught to do it one way, instead of another sort of bites one in the ass quite a bit.

 

I understand completely.  All of our members have different experience levels.  While the badged members have years of professional experience, the non-badged have a variety of different backgrounds.  Not to imply that the non-badged members give bad advice as a rule (many give great advice), just that it's good to think things through and verify when you can.  If something smells funny to you, bring it up with your reasons why.  Just remember to be as clear/explicit as possible, so everyone isn't assuming at each other.

Share this post


Link to post
Share on other sites

 

Just glancing at your last posted code snippet I found this:

 

 

if ($row['fab1']="--None--")

 

This is a common mistake that people make.  That assignment will always be true.  What's doubly problematic there is that whatever value you had in $row['fab1'] is actually getting replaced wiht the string "--None--".

 

I have no idea whether it has anything to do with your current conundrum, but you should fix it nevertheless.

 

if ($row['fab1'] == "--None--")

 

Actually does the comparison.

 

Ok, I fixed this, the problem I am running into with this code is that the name is selected, and entered into the database, but when viewed again the name shows up as --None-- even though the form shows it has been edited.

 

http://kaboomlabs.com/testbed/edit.php?id=1

 

The code is as thus:

 


if ($row['fab1']=="--None--")
{
    echo'<div id="fab1">';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); 
    $mysqli->select_db('user');
    $result = $mysqli->query("SELECT * FROM user"); 
    echo "<SELECT name='fab1'>\n";
    while($row = $result->fetch_assoc())
    {
        echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
    }
    echo "</select>\n";
    echo '</div>';
}
else
{
    echo'<div id="fab1">';
    $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); 
    $mysqli->select_db('user');
    $result = $mysqli->query("SELECT * FROM user"); 
    echo "<SELECT name='fab1'>\n";
    while($row = $result->fetch_assoc())
    {
        echo "<option value='{$row['user']}'>{$row['user']}</option>\n";
    }

Here is where it gets interesting. There are two tables being used in this code, ncmr and user. User is what holds the user names in field $user for the pull-down field. Ncmr holds the $fab1 filed where the data is being stored.

 

What I want to do is that if the $fab1 in the ncmr database has a name in it, the pull down menu will show the name unless --None-- was selected, and allow it to be changed if need be via a pull down menu which pulls names from the user table, then have the change if any be inserted into the ncmr database.  Does  this make any sense to anyone? I hope so because I really don't know how to say it any other way. 

 

Somehow I have a feeling if I have to we are going to be doing a "Who's on First" scenario.

 

Share this post


Link to post
Share on other sites

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.