Jump to content

$_Session or continue passing variables with GET or POST?


ellchr3

Recommended Posts

I'm looking to have my query results displayed with an option to "Edit".  Once the user clicks "Edit" it will take them to a page with text boxes for each field and allow them to edit(update) the data.  

 

Is it better to create a session, query the database for each page, use the GET or POST option, or a combination of any?  

 

Or are my thoughts just ridiculous and there's a better way to do what I'm wanting to do?

 

Thanks

Link to comment
Share on other sites

if your question concerns retrieving the actual data that is being edited, it is best to query the database in case someone else has made changes to the same record. you will get the newest values and/or find that the recored is locked by someone else making changes to it at the same time you are trying to.

Link to comment
Share on other sites

<html>
<?php include "overallheader.php" ?>
<div id ='container'>


<div id ='content'>


<div id='navBar'>
<?php include "navbar.php"?>
</div>
<div id='userinfo'>
<?php
session_start();
if (isset($_SESSION["username"]))
{


$con = mysql_connect("localhost","root","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }


mysql_select_db("login", $con);


mysql_close($con);
}
else
die("You must be logged in <a href='index.php'>Back</a>");


?>


<?php $con = mysql_connect("localhost","root","");
if (!$con)
 {
 die('Could not connect: ' . mysql_error());
 }
mysql_select_db("login", $con); 
 ?>


</div>
<div id ="eventform">


  <?php
   $result5 = mysql_query('SELECT userid FROM users WHERE username="'.$_SESSION['username'].'"');
while ($row = mysql_fetch_assoc($result5))
{
$user = $row['userid'];
}


  $result = mysql_query("SELECT * FROM users");




while($row = mysql_fetch_assoc($result))
  {


  
 $result2 =  mysql_query('SELECT forename FROM users WHERE username="'.$_SESSION['username'].'"');
 $result3 =  mysql_query('SELECT surname FROM users WHERE username="'.$_SESSION['username'].'"');
 $result4 =  mysql_query('SELECT email FROM users WHERE username="'.$_SESSION['username'].'"');


 while($row = mysql_fetch_assoc($result2))
  {


  $forename = $row["forename"];
 }


 while($row = mysql_fetch_assoc($result3))
  {


  $surname = $row["surname"];
 }


 while($row = mysql_fetch_assoc($result4))
  {


  $email = $row["email"];
 }




  
  }


  


if (isset($_POST["forename"], $_POST["surname"], $_POST["email"]))
{


$forename = $_POST["forename"];
$eventname = $_POST["surname"];
$email = $_POST["email"];




}


$sql = mysql_query ("UPDATE `users` SET `forename` = '$forename',`surname` = '$surname',`email` = '$email' WHERE `users`.`userid` = '$user' LIMIT 1");


 ?> 
 <form name='myForm' action ='edit.php' onsubmit='return validateForm()' method='POST'>
 <table>
<tr><td ><input type='text' name='forename'  value='<?php echo "$forename";  ?>'  /> </td> </tr>
<tr><td ><input type='text' name='surname'  value='<?php echo "$surname";  ?>'  /> </td> </tr>
<tr><td ><input type='text' name='email'  value='<?php echo "$email";  ?>'  /> </td> </tr>
<td> <INPUT TYPE="submit" VALUE="Edit"></td>
</form>
</table>
</div>


</div>
</div>


</html>

That sort of idea?

Link to comment
Share on other sites

Sort of this idea:

 

 
<?php
session_start();
// ******** EDIT CONNECTION INFORMATION BELOW  ************
 
$hostname = "localhost";
$database = "login";
$username = "root";
$password = "";
 
 
// *********** END EDIT CONNECTION INFORMATION ************
$db = new mysqli($hostname,$username,$password,$database);
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$sql = $db->prepare("UPDATE `users` SET `forename` = ?,`surname` = ?,`email` = ? WHERE `users`.`userid` = ? LIMIT 1");
$forename = $_POST['forename'];
$surname = $_POST['surname'];
$email = $_POST['email'];
$id = $_POST['id'];
$sql->bind_param('sssi',$forename,$surname,$email,$id);
if(!$sql->execute()) {
trigger_error('UPDATE STATEMENT ERROR: ' . $sql->error,E_USER_WARNING);
}
}
 
if (isset($_SESSION["username"])) {
$user_query = $db->prepare('SELECT userid, forename, surname, email FROM users WHERE username = ? LIMIT 1');
$username = $_SESSION['username'];
$user_query->bind_param('s',$username);
$user_query->bind_result($userid,$forename,$surname,$email);
if(!$user_query->execute()) {
trigger_error('SELECT STATEMENT ERROR: ' . $sql->error,E_USER_WARNING);
}
$user_query->fetch();
} 
else {
die("You must be logged in <a href='index.php'>Back</a>");
}
 
<html>
<?php include "overallheader.php" ?>
<div id ='container'>
<div id ='content'>
<div id='navBar'>
<?php include "navbar.php"?>
</div>
<div id='userinfo'>
</div>
<div id ="eventform">
 
<form name='myForm' action ='edit.php' onsubmit='return validateForm()' method='POST'>
<input type='hidden' name='id' value='<?php echo $userid; ?>' />
<table>
<tr><td ><input type='text' name='forename'  value='<?php echo "$forename";  ?>'  />  </td> </tr>
<tr><td ><input type='text' name='surname'  value='<?php echo "$surname";  ?>'  /> </td> </tr>
<tr><td ><input type='text' name='email'  value='<?php echo "$email";  ?>'  /> </td> </tr>
<td> <INPUT TYPE="submit" VALUE="Edit"></td>
</table>
</form>
</div>
</div>
</div>
</html>
 
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.