Undefined index:prod_id...

[hance2105]

hello guys, i have 2 tables - tblproduct and tblretprod. prod_id is common in both. i am retrieving records from the tables to display with edit and delete options beside each record displayed.

i created an update.php and updprod.php (for edit).

 

update.php

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>Update/Delete Product</title> <?php include_once("db_connect.php"); $result=mysql_query("SELECT a.prod_name, a.prod_brand, b.prod_price FROM tblproduct a, tblretprod b where a.prod_id = b.prod_id"); ?> </head> <body> <?php echo "<table width='80%' border=0>"; echo "<tr bgcolor='#CCCCCC'>";echo "<td>Product</td>";echo "<td>Brand</td>";echo "<td>Price</td>";echo "<td>Action</td>";echo "</tr>"; while($res=mysql_fetch_array($result)){ echo "<tr>";echo "<td>".$res['prod_name']."</td>";echo "<td>".$res['prod_brand']."</td>";echo "<td>".$res['prod_price']."</td>"; echo "<td><a href=\"edit.php?prod_id=$res[prod_id]\">Edit</a> | <a href=\"delete.php?prod_id=$res[prod_id]\">Delete</a></td>";} echo "</table>";?> </body></html>  </body></html>

 

error message being displayed for code above is - notice: Notice: Undefined index: prod_id in C:\wamp\www\buysmart_site\update.php on line 36

 

upd_prod.php

 

include_once("db_connect.php"); if(isset($_POST['update'])){$prod_id = $_POST['prod_id']; $prod_name=$_POST['prod_name'];$prod_brand=$_POST['prod_brand'];$prod_price=$_POST['prod_price'];  // checking empty fieldif(empty($prod_price)){//if name field is emptyif(empty($prod_price)){echo "<font color='red'>Price field is empty.</font><br/>";} } else{ //updating the table$result=mysql_query("UPDATE tblretprod SET proc_price='$prod_price' WHERE prod_id=$prod_id"); //redirectig to the display page. In our case, it is index.php//header("Location: index.php");}}?><?php//for displaying data of this particular data //getting id from url$prod_id = $_GET['prod_id']; //selecting data associated with this particular id$result=mysql_query("SELECT a.prod_name, a.prod_brand, b.prod_price FROM tblproduct a, tblretprod b where a.prod_id = b.prod_id"); while($res=mysql_fetch_array($result)){$prod_name = $res['prod_name'];$prod_brand = $res['prod_brand'];$prod_price = $res['prod_price'];}?><html><title>Edit Product</title><body><a href="#">Home</a><br/><br/><form name="edit" method="post" action="edit.php"><table border="0">   <tr>     <td>Product Name</td>    <td>        <input disabled="disabled" type="text" name="prod_name" value=<?php echo $prod_name;?>>     </td>  </tr>  <tr>     <td>Brand</td>    <td>        <input disabled="disabled" type="text" name="prod_brand" value=<?php echo $prod_brand;?>>     </td>  </tr><tr>     <td>Product Price</td>    <td>        <input type="text" name="prod_price" value=<?php echo $prod_price;?>>     </td>  </tr><tr>    <td><input type="hidden" name="prod_id" value=<?php echo $_GET['prod_id'];?>>    </td>    <td><input type="submit" name="update" value="Update"></td>  </tr></table></form> </body></html>

 

same error message as above

 

can anyone please help me in defining the prod_id?

[hance2105]

i added b.prod_id to line

 

$result=mysql_query("SELECT a.prod_name, a.prod_brand, b.prod_price FROM tblproduct a, tblretprod b where a.prod_id = b.prod_id");

 

it solved out part of my problem

 

in the second part of the code, when you click on edit beside each product being displayed, a page is displayed where product name, product brand and price is displayed. mine is not displaying at all.

 

any help to sort this out please?

[DavidAM]

update.php

 

 

$result=mysql_query("SELECT a.prod_name, a.prod_brand, b.prod_price FROM tblproduct a, tblretprod b where a.prod_id = b.prod_id");
# ...
echo "<td><a href=\"edit.php?prod_id=$res[prod_id]\">Edit</a> | <a href=\"delete.php?prod_id=$res[prod_id]\">Delete</a></td>";

 

You did not SELECT prod_id so it is NOT in the resultset.

 

upd_prod.php

If the error message is exactly the same -- LINE 36 -- and the error occurs when you POST the form to update the data, then the problem is: $prod_id = $_GET['prod_id']; Since the FORM action attribute does not provide the ID in the url.

 

It should also be occuring here (when posted)

<td><input type="hidden" name="prod_id" value=<?php echo $_GET['prod_id'];?>> </td>

 

 

There are some other potential problems with this code:

1) You need to sanitize user input before using it in a query -- even if it is an admin page and not likely to be the target of hackers. Use mysql_real_escape_string on text fields; and cast integers (intval) and floats (floatval).

 

2) I would recommend using htmlspecialchars to display the text fields (name and brand) to prevent HTML issues.

 

3) the mysql extension is deprecated and will eventually go away. It is recommended that you use mysqli for new development.

 

4) You said the second file is called upd_prod.php -- but the code calls it edit.php

[hance2105]

ok i will clarify things here.

 

1. i added "b.prod_id" to the line and it solved the first issue.

 

2. on clicking on edit on the page where the list of products is displayed, the text fields are not being populated with the details of the product where i clicked the edit.

 

i forgot to change the file name. it is updprod.php indeed.

[hance2105]

i just tested the codes and the price is being updated accordingly but the product name, brand and price being defaulted is the last one inserted. it is not displaying the name, brand and price of the product beside which i clicked the edit.

 

can i know why the last product details are being displayed?

 

what do i need to change in my codes?

[hance2105]

i managed to solve the issue but now all products are being displayed instead of the one beside which i clicked the edit link. find below the new codes

 

include_once("db_connect.php"); if(isset($_POST['update'])){$prod_id = $_POST['prod_id']; $prod_name=$_POST['prod_name'];$prod_brand=$_POST['prod_brand'];$prod_price=$_POST['prod_price'];  // checking empty fieldif(empty($prod_price)){//if name field is emptyif(empty($prod_price)){echo "<font color='red'>Price field is empty.</font><br/>";} } else{ //updating the table//$result=mysql_query("UPDATE tblretprod SET prod_price='$prod_price' WHERE prod_id=$prod_id");$result=mysql_query("UPDATE tblretprod SET prod_price='".$prod_price."' WHERE prod_id='".$prod_id."';"); //redirectig to the display page. In our case, it is index.phpheader("Location: update.php");}}?><?php $prod_id = $_GET['prod_id']; $result=mysql_query("SELECT a.prod_name, a.prod_brand, b.prod_price FROM tblproduct a, tblretprod b where a.prod_id = b.prod_id") or die(mysql_error()); ?><html><title>Edit Product</title><body><a href="#">Home</a><br/><br/><form name="edit" method="post" action="updprod.php"><table border="0"><?phpwhile($res=mysql_fetch_array($result)){$prod_name = $res['prod_name'];$prod_brand = $res['prod_brand'];$prod_price = $res['prod_price']; ?>   <tr>     <td>Product Name</td>    <td>        <input type="text" disabled="disabled" name="prod_name[]" value="<?php echo $prod_name;?>"> </td>  </tr>  <tr>     <td>Brand</td>    <td>        <input type="text" disabled="disabled" name="prod_brand[]" value="<?php echo $prod_brand;?>">     </td>  </tr><tr>     <td>Product Price</td>    <td>        <input type="text" name="prod_price[]" value="<?php echo $prod_price;?>">        <input type="hidden" name="prod_id[]" value="<?php echo $_GET['prod_id'];?>">             </td>  </tr>   <?php } ?>    <tr>    <td><input type="submit" name="update" value="Update"></td>  </tr></table></form> </body></html>

[hance2105]

i managed to solve it. thanks...