Jump to content

Cannot get the edit function to work

webdevdea

By webdevdea
in PHP Coding Help

 Share

Recommended Posts

webdevdea Member

webdevdea

Posted
Posted

 here is a link so you can see what it looks like http://www.ctcsports.org/upload/Fall2013/CIST2352/900104329/Assignment21/assignmentNine.php

sql file

######################################
# builddplayer.sql
# builds and populates all databases for dplayer examples
# uses mysql - should adapt easily to other rdbms

######################################

######################################
# conventions
######################################
# primary key = table name . ID
# primary key always first fields
# all primary keys autonumbered
# all field names camel-cased
# only link tables use underscore
# foreign keys indicated although mySQL does not always enforce
# every table used as foriegn reference has a name field
######################################

######################################
#housekeeping
######################################


DROP TABLE IF EXISTS baddPlayer;
DROP TABLE IF EXISTS dRathlete;
DROP TABLE IF EXISTS dRcontract;
DROP TABLE IF EXISTS dRspecialty;
DROP TABLE IF EXISTS dRathlete_dRspecialty;
DROP TABLE IF EXISTS dplayerFirst;

######################################
#create baddPlayer table
######################################

CREATE TABLE baddPlayer (
  dRathleteID int(11) NOT NULL PRIMARY KEY AUTO_INCREMENT,
  name varchar(30),
  dRspecialty varchar(40),
  assignment varchar(40),
  description varchar(40),
  location varchar(20),
  age int
); 

INSERT INTO baddPlayer VALUES (
  null,'Rahab','Electronics, Counterintelligence',
  'Raging Dandelion','Plant Crabgrass','Sudan', 27
);

INSERT INTO baddPlayer VALUES(
  null, 'Gold Elbow','Sabatoge, Doily design',
  'Dancing Elephant','Infiltrate suspicious zoo','London', 47
);

INSERT INTO baddPlayer VALUES(
  null,'Falcon','Counterintelligence',
  'Dancing Elephant','Infiltrate suspicious circus','London', 33
);

INSERT INTO baddPlayer VALUES(
  null,'Cardinal','Sabatoge',
  'New York Yankees','Make bad guys feel really guilty','Lower Volta', 29
);

INSERT INTO baddPlayer VALUES(
  null,'Blackford','Explosives, Flower arranging',
  'New York Yankees','Make bad guys feel really guilty','Lower Votla', 52
);

DESCRIBE baddPlayer;
SELECT * FROM baddPlayer;

######################################
# build dRathlete table
######################################

CREATE TABLE dRathlete (
  dRathleteID int(11) NOT NULL AUTO_INCREMENT,
  name varchar(50) default NULL,
  dRcontractID int(11) default NULL,
  birthday date,
  PRIMARY KEY  (dRathleteID),
  FOREIGN KEY (dRcontractID) REFERENCES dRcontract (dRcontractID)
);    

INSERT INTO dRathlete VALUES(
  null, 'Bond', 1, '1988-08-30'
);

INSERT INTO dRathlete VALUES(
  null, 'Falcon', 1, '1989-05-23'
);

INSERT INTO dRathlete VALUES(
  null, 'Cardinal', 2, '1990-01-27'
);

INSERT INTO dRathlete VALUES(
  null, 'Blackford', 2, '1987-10-16'
);

INSERT INTO dRathlete VALUES(
  null, 'Rahab', 3, '1986-9-14'
);

######################################
# build dRathleteAge view
######################################
DROP VIEW IF EXISTS dRathleteAgeView;
CREATE VIEW dRathleteAgeView AS
SELECT 
  name,
  birthday,
  dRcontractID,
  CONCAT(
    YEAR(FROM_DAYS(DATEDIFF(NOW(), birthday))), ' years, ',
    MONTH(FROM_DAYS(DATEDIFF(NOW(), birthday))), ' months') as age
FROM dRathlete;

######################################
# build dRcontract table
######################################

CREATE TABLE dRcontract (
  dRcontractID int(11) NOT NULL AUTO_INCREMENT,
  name varchar(50) default NULL,
  description varchar(50) default NULL,
  location varchar(50) default NULL,
  PRIMARY KEY  (`dRcontractID`)
);

INSERT INTO dRcontract VALUES(
  null, 'Dancing Elephant', 
  'Infiltrate suspicious zoo', 'London'
);

INSERT INTO dRcontract VALUES(
  null, 'New York Yankees', 
  'Make bad guys feel really guilty','Lower Volta'
);

INSERT INTO dRcontract VALUES(
 null, 'Furious Dandelion', 
 'Plant crabgrass in enemy lawns','East Java'
);

DESCRIBE dRcontract;
SELECT * FROM dRcontract;

######################################
# build dRathlete dRcontract view
######################################

DROP VIEW IF EXISTS dRathleteOpView;
CREATE VIEW dRathleteOpView AS
SELECT
  dRathlete.name AS 'dRathlete',
  CONCAT(
    YEAR(FROM_DAYS(DATEDIFF(NOW(), birthday))), ' years, ',
    MONTH(FROM_DAYS(DATEDIFF(NOW(), birthday))), ' months')    as age,
  dRcontract.name AS 'dRcontract',
  dRcontract.description AS 'task',
  dRcontract.location AS 'location'
FROM
  dRathlete, dRcontract
WHERE
  dRathlete.dRcontractID = dRcontract.dRcontractID;

######################################
# build dRspecialty table
######################################

CREATE TABLE dRspecialty (
  dRspecialtyID int(11) NOT NULL AUTO_INCREMENT,
  name varchar(50) default NULL,
  PRIMARY KEY  (dRspecialtyID)
);   

INSERT INTO dRspecialty VALUES(
  null, 'Electronics'
);

INSERT INTO dRspecialty VALUES(
  null, 'Counterintelligence'
);

INSERT INTO dRspecialty VALUES(
  null, 'Sabatoge'
);

INSERT INTO dRspecialty VALUES(
  null, 'Doily Design'
);

INSERT INTO dRspecialty VALUES(
  null, 'Explosives'
);

INSERT INTO dRspecialty VALUES(
  null, 'Flower Arranging'
);

DESCRIBE dRspecialty;
SELECT * FROM dRspecialty;

######################################
# build dRathlete_dRspecialty table
######################################

CREATE TABLE dRathlete_dRspecialty (
  dRathlete_dRspecialtyID int(11) NOT NULL AUTO_INCREMENT,
  dRathleteID int(11) default NULL,
  dRspecialtyID int(11) default NULL,
  PRIMARY KEY (dRathlete_dRspecialtyID),
  FOREIGN KEY (dRathleteID) REFERENCES dRathlete (dRathleteID),
  FOREIGN KEY (dRspecialtyID) REFERENCES dRspecialty (dRspecialtyID)
);

INSERT INTO dRathlete_dRspecialty VALUES(
  null,1,2
);

INSERT INTO dRathlete_dRspecialty VALUES(
  null,1,3
);

INSERT INTO dRathlete_dRspecialty VALUES(
  null,2,1
);

INSERT INTO dRathlete_dRspecialty VALUES(
  null,2,6
);

INSERT INTO dRathlete_dRspecialty VALUES(
  null,3,2
);

INSERT INTO dRathlete_dRspecialty VALUES(
  null,4,4
);

INSERT INTO dRathlete_dRspecialty VALUES(
  null,4,5
);

DESCRIBE dRathlete_dRspecialty;

######################################
# build dRathletedRspecialty view
######################################
DROP VIEW IF EXISTS dRathletedRspecialtyView;

CREATE VIEW dRathletedRspecialtyView as
SELECT 
  dRathlete.name as 'dRathlete',
  dRspecialty.name as 'dRspecialty'
FROM 
  dRathlete, dRspecialty, dRathlete_dRspecialty
WHERE dRathlete.dRathleteID = dRathlete_dRspecialty.dRathleteID
  AND dRspecialty.dRspecialtyID = dRathlete_dRspecialty.dRspecialtyID;


######################################
# build dplayerFirst table
######################################

CREATE TABLE dplayerFirst (
  dplayerFirstID INT NOT NULL AUTO_INCREMENT,
  codeName VARCHAR(30),
  dRspecialtyA VARCHAR(30),
  dRspecialtyB VARCHAR(30),
  dRspecialtyC VARCHAR(30),
  assignment VARCHAR(40),
  description VARCHAR(40),
  location VARCHAR(20),
  PRIMARY KEY (dplayerFirstID)
);

DESCRIBE dplayerFirst;

######################################
# build storedQuery table
######################################
DROP TABLE if exists storedQuery;
CREATE TABLE storedQuery (
  storedQueryID int(11) NOT NULL AUTO_INCREMENT,
  description varchar(30),
  text TEXT,
  PRIMARY KEY (storedQueryID)
);

INSERT INTO storedQuery VALUES (
  null,
  'dRathlete info',
  'SELECT * FROM dRathlete'
);

INSERT INTO storedQuery VALUES (
  null,
  'dRathlete names',
  'SELECT name FROM dRathlete'
);

INSERT INTO storedQuery VALUES (
  null,
  'dRathletes and dRcontracts',
  'SELECT dRathlete.name AS \'dRathlete\', dRcontract.name AS \'dRcontract\' FROM dRathlete, dRcontract WHERE dRathlete.dRcontractID = dRcontract.dRcontractID'
);

INSERT INTO storedQuery VALUES (
  null,
  'dRcontract info',
  'SELECT * FROM dRcontract'
);

INSERT INTO storedQuery VALUES (
  null,
  'dRathletes on dRcontract 2',
  'SELECT dRathlete.name AS \'dRathlete\', dRcontract.name AS \'dRcontract\' FROM dRathlete, dRcontract WHERE dRathlete.dRcontractID = dRcontract.dRcontractID AND dRathlete.dRcontractID = 2'
);

INSERT INTO storedQuery VALUES (
  null,
  'dRathletes and specialties',
  'SELECT dRathlete.name AS \'dRathlete\', dRspecialty.name AS \'dRspecialty\' FROM dRathlete, dRspecialty, dRathlete_dRspecialty WHERE dRathlete.dRathleteID = dRathlete_dRspecialty.dRathleteID AND dRspecialty.dRspecialtyID = dRathlete_dRspecialty.dRspecialtyID'
);

the php main file

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html lang="EN" dir="ltr" xmlns="http://www.w3.org/1999/xhtml">
		<head>
				<title>Web Dev Dea's Player Control Panel</title>
   				<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
   					<link rel="stylesheet" type="text/css" href="Styles.css" />
				
   		</head>

<?php

function connectToDb(){
  //connects to the DB
  global $serverName, $userName, $dbPass, $dbName;
  $dbConn = mysql_connect($serverName, $userName, $dbPass);
  if (!$dbConn){
    print "<h3>problem connecting to database...</h3>\n";
    print "<h3>" . mysql_error() . "</h3> \n";
  } // end if
  
  $select = mysql_select_db("$dbName");
  if (!$select){
    print "<h3>problem selecting database...</h3>\n";
    print "<h3>" . mysql_error() . "</h3> \n";
  } // end if
  return $dbConn;
} // end connectToDb

function qToList($query){
  //given a query, makes a quick list of data
  global $dbConn;
  $output = "<p> \n";
  $result = mysql_query($query, $dbConn);

  while ($row = mysql_fetch_assoc($result)){
    foreach ($row as $col=>$val){
      $output .= "$col: $val<br />\n";
    } // end foreach
    $output .= "</p> \n" ;
  } // end while
  return $output;
} // end qToList

function qToTable($query){
  //given a query, automatically creates an HTML table output
  global $dbConn;
  $output = "";
  $result = mysql_query($query, $dbConn);

  $output .= "<table border = '1'>\n";
  //get column headings

  //get field names
  $output .= "<tr>\n";
  while ($field = mysql_fetch_field($result)){
    $output .= "  <th>$field->name</th>\n";
  } // end while
  $output .= "</tr>\n\n";

  //get row data as an associative array
  while ($row = mysql_fetch_assoc($result)){
    $output .= "<tr>\n";
    //look at each field
    foreach ($row as $col=>$val){
      $output .= "  <td>$val</td>\n";
    } // end foreach
    $output .= "</tr>\n\n";
  }// end while

  $output .= "</table>\n";
  return $output;
} // end qToTable

function tToEdit($tableName){
  //given a table name, generates HTML table including
  //add, delete and edit buttons
  
  $tableName = filter_input(INPUT_POST, "tableName");
  $tableName = mysql_real_escape_string($tableName);
  
  global $dbConn;
  $output = "";
  $query = "SELECT * FROM $tableName";

  $result = mysql_query($query, $dbConn);

  $output .= "<table border = '1'>\n";
  //get column headings

  //get field names
  $output .= "<tr>\n";
  while ($field = mysql_fetch_field($result)){
    $output .= "  <th>$field->name</th>\n";
  } // end while

  //get name of index field (presuming it's first field)
  $keyField = mysql_fetch_field($result, 0);
  $keyName = $keyField->name;
  
  //add empty columns for add, edit, and delete
  $output .= "<th></th><th></th>\n";
  $output .= "</tr>\n\n";

  //get row data as an associative array
  while ($row = mysql_fetch_assoc($result)){
    $output .= "<tr>\n";
    //look at each field
    foreach ($row as $col=>$val){
      $output .= "  <td>$val</td>\n";
    } // end foreach
    //build little forms for add, delete and edit


    //delete = DELETE FROM <table> WHERE <key> = <keyval>
    $keyVal = $row["$keyName"];
    $output .= <<< HERE

  <td>
    <form action = "deleteRecord.php"
          method = "post">
    <fieldset class = "tiny">
    <input type = "hidden"
           name = "tableName"
           value = "$tableName" />
    <input type= "hidden"
           name = "keyName"
           value = "$keyName" />
    <input type = "hidden"
           name = "keyVal"
           value = "$keyVal" />
    <input type = "submit"
           value = "delete" />
    </fieldset>
    </form>
  </td>

HERE;
    //update: won't update yet, but set up edit form
    $output .= <<< HERE
  <td>
    <form action = "editRecord.php"
          method = "post">
    <fieldset class = "tiny">
    <input type = "hidden"
           name = "tableName"
           value = "$tableName" />
    <input type= "hidden"
           name = "keyName"
           value = "$keyName" />
    <input type = "hidden"
           name = "keyVal"
           value = "$keyVal" />
    <input type = "submit"
           value = "edit" />
  </fieldset>
  </form>
  </td>

HERE;

    $output .= "</tr>\n\n";
    
  }// end while

    //add = INSERT INTO <table> {values}
    //set up insert form send table name
    $keyVal = $row["$keyName"];
    $output .= <<< HERE
<tr>
  <td colspan = "6">
    <form action = "addRecord.php"
          method = "post">
    <fieldset class = "tiny">
    <input type = "hidden"
           name = "tableName"
           value = "$tableName" />
    <button type = "submit">
       add a record
    </button>
    </fieldset>
    </form>
  </td>
</tr>
</table>

HERE;


  return $output;
} // end tToEdit

function rToEdit ($query){
  //given a one-record query, creates a form to edit that record
  //works on any table, but allows direct editing of keys
  //use smartRToEdit instead if you can
  
  global $dbConn;
  $output = "";
  $result = mysql_query($query, $dbConn);
  $row = mysql_fetch_assoc($result);

  //get table name from field object
  $fieldObj = mysql_fetch_field($result, 0);
  $tableName = $fieldObj->table;

  $output .= <<< HERE
<form action = "updateRecord.php"
      method = "post">
      
<fieldset>
      
  <input type = "hidden"
         name = "tableName"
         value = "$tableName" />

HERE;

  foreach ($row as $col=>$val){
    $output .= <<<HERE
  <label>$col</label>
  <input type = "text"
         name = "$col"
         value = "$val" />

HERE;
  } // end foreach
  $output .= <<< HERE
  <button type = "submit">
    update this record
  </button>
</fieldset>
</form>

HERE;
  return $output;
} // end rToEdit

function smartRToEdit ($query){
  //given a one-record query, creates a form to edit that record
  //Doesn't let user edit first (primary key) field
  //generates dropdown list for foreign keys
  //MUCH safer than ordinary rToEdit function

  // --restrictions on table design--
  //foreign keys MUST be named tableID where 'table' is table name
  //  (because mySQL doesn't recognize foreign key indicators)
  // I also expect a 'name' field in any table used as a foreign key
  //   (for same reason)
  
  global $dbConn;
  $output = "";
  $result = mysql_query($query, $dbConn);
  $row = mysql_fetch_assoc($result);

  //get table name from field object
  $fieldObj = mysql_fetch_field($result, 0);
  $tableName = $fieldObj->table;

  $output .= <<< HERE
<form action = "updateRecord.php"
      method = "post">
<fieldset>
  <input type = "hidden"
         name = "tableName"
         value = "$tableName" />
<dl>
HERE;
  $fieldNum = 0;
  foreach ($row as $col=>$val){
    if ($fieldNum == 0){
      //it's primary key.  don't make textbox,
      //but store value in hidden field instead
      //user shouldn't be able to edit primary keys
      $output .= <<<HERE
  
    <dt>$col</dt>
    <dd>$val
    <input type = "hidden"
           name = "$col"
             value = "$val" /></dd>
             
             
HERE;
    } else if (preg_match("/(.*)ID$/", $col, $match)) {
      //it's a foreign key reference
      // get table name (match[1])
      //create a listbox based on table name and its name field
      $valList = fieldToList($match[1],$col, $fieldNum, "name");
      
      $output .= <<<HERE
    <dt>$col</dt>
    <dd>$valList</dd>
  
HERE;

    } else {
      $output .= <<<HERE
    <dt>$col</dt>
    <dd>
    <input type = "text"
           name = "$col"
           value = "$val" /></dd>

HERE;
    } // end if
    $fieldNum++;
  } // end foreach
  $output .= <<< HERE
  </dl>
      <button type = "submit">
         update this record
      </button>
</fieldset>
</form>

HERE;
  return $output;
} // end smartRToEdit

function updateRec($tableName, $fields, $vals){
  //expects name of a record, fields array values array
  //updates database with new values
  
  global $dbConn;
  
  $output = "";
  $keyName = $fields[0];
  $keyVal = $vals[0];
  $query = "";
  
  $query .= "UPDATE $tableName SET \n";
  for ($i = 1; $i < count($fields); $i++){
    $query .= $fields[$i];
    $query .= " = '";
    $query .= $vals[$i];
    $query .= "',\n";
  } // end for loop

  //remove last comma from output
  $query = substr($query, 0, strlen($query) - 2);
  
  $query .= "\nWHERE $keyName = '$keyVal'";

  $result = mysql_query($query, $dbConn);
  if ($result){
    $query = "SELECT * FROM $tableName WHERE $keyName = '$keyVal'";
    $output .= "<h1>update successful</h1>\n";
    $output .= "<h2>new value of record:</h2>";
    $output .= qToTable($query);
  } else {
    $output .= "<h3>there was a problem...</h3><pre>$query</pre>\n";
  } // end if
  return $output;
} // end updateRec

function delRec ($table, $keyName, $keyVal){
  //deletes $keyVal record from $table
  global $dbConn;
  $output = "";
  $query = "DELETE from $table WHERE $keyName = '$keyVal'";
  //print "query is $query<br>\n";
  $result = mysql_query($query, $dbConn);
  if ($result){
    $output = "<h3>Record sucessfully deleted</h3>\n";
  } else {
    $output = "<h3>Error deleting record</h3>\n";
  } //end if
  return $output;
} // end delRec

function tToAdd($tableName){
  //given table name, generates HTML form to add an entry to the
  //table.  Works like smartRToEdit in recognizing foreign keys
  
  global $dbConn;
  $output = "";
  
  //process a query just to get field names
  $query = "SELECT * FROM $tableName";
  $result = mysql_query($query, $dbConn) or die(mysql_error());

  $output .= <<<HERE
  <form action = "processAdd.php"
        method = "post">
    <fieldset>
    <dl>
      <dt>Field</dt>
      <dd>Value</dd>
    
HERE;

  $fieldNum = 0;
  while ($theField = mysql_fetch_field($result)){
    $fieldName = $theField->name;
    if ($fieldNum == 0){
      //it's the primary key field.  It'll be autoNumber
      $output .= <<<HERE
 
        <dt>$fieldName</dt>
        <dd>AUTONUMBER
          <input type = "hidden"
                 name = "$fieldName"
                 value = "null">
        </dd>

HERE;
    } else if (preg_match("/(.*)ID$/", $fieldName, $match)) {
      //it's a foreign key reference.  Use fieldToList to get
      //a select object for this field

      $valList = fieldToList($match[1],$fieldName, 0, "name");
      $output .= <<<HERE
        <dt>$fieldName</dt>
        <dd>$valList</dd>

HERE;
    } else {
    //it's an ordinary field.  Print a text box
    $output .= <<<HERE
        <dt>$fieldName</dt>
        <dd><input type = "text"
                   name = "$fieldName"
                   value = "">
        </dd>

HERE;
    } // end if
    $fieldNum++;
  } // end while
  $output .= <<<HERE
    </dl>
    
        <input type = "hidden"
               name = "tableName"
               value = "$tableName">
        <button type = "submit">
           add record
        </button>
    </fieldset>
  </form>

HERE;

  return $output;
      
} // end tToAdd

function procAdd($tableName, $fields, $vals){
  //generates INSERT query, applies to database
  global $dbConn;
  
  $output = "";
  $query = "INSERT into $tableName VALUES (";
  foreach ($vals as $theValue){
    $query .= "'$theValue', ";
  } // end foreach

  //trim off trailing space and comma
  $query = substr($query, 0, strlen($query) - 2);
  
  $query .= ")";
  $output = "query is $query<br>\n";
  
  $result = mysql_query($query, $dbConn);
  if ($result){
    $output .= "<h3>Record added</h3>\n";
  } else {
    $output .= "<h3>There was an error</h3>\n";
  } // end if
  return $output;
} // end procAdd


function fieldToList($tableName, $keyName, $keyVal, $fieldName){
  //given table and field, generates an HTML select structure
  //named $keyName.  values will be key field of table, but
  //text will come from the $fieldName value.
  //keyVal indicates which element is currently selected
  
  global $dbConn;
  $output = "";
  $query = "SELECT $keyName, $fieldName FROM $tableName";
  $result = mysql_query($query, $dbConn);
  $output .= "<select name = \"$keyName\">\n";
  $recNum = 1;
  while ($row = mysql_fetch_assoc($result)){
    $theIndex = $row["$keyName"];
    $theValue = $row["$fieldName"];
    $output .= <<<HERE
  <option value = "$theIndex"
HERE;

    //make it currently selected item
    if ($theIndex == $keyVal){
      $output .= " selected = \"selected\"";
    } // end if
    $output .= ">$theValue</option>\n";
    $recNum++;
  } // end while
  $output .= "</select>\n";
  return $output;
} // end fieldToList

function mainButton(){
  // creates a button to return to the main program
  
  global $mainProgram;
  
  $output = <<< HERE
<form action = "$mainProgram"
      method = "get">
  <fieldset class = "tiny">
    <button type = "submit">
       return to main screen
    </button>
  </fieldset>
</form>

HERE;
  return $output;
} // end mainButton
  
?>
Link to comment
Share on other sites
mac_gyver Prolific Member

mac_gyver

Posted
Posted

the only way you would be getting the phpinfo() output is if you have a phpinfo() statement in the code on your editTable.php page. if the problem is you don't want the phpinfo() output, remove the phpinfo() statement from your code. you must be aware of what your code in your files contains and what it does.

 

did you bother to scroll down to the end of the output and see the mysql_error information that is being displayed there? you have a query that either has a syntax error in it or contains an empty numerical value.

 

if the extent of your attempt is to run your code, see some output on a page that isn't the result you want, post a link to a page in a help forum, without providing any information, posting a bunch of code that isn't even the code for the page where the problem is at, just what help were you expecting a help forum to be able to give you?

Link to comment
Share on other sites
webdevdea Member

webdevdea

Posted
  • Author
Posted

Im sorry, I didn't know how to exactly explain the problem other than the way I did.. the code I put up is the code I am using for that particular project.. 

I will check it out, I thought that the info stuff may need to be on there. that was someone else's part to attend to .. anyway thank you .. I am going to look at it and see what I can do before I post again. 

Below is the editRecord.php code.. 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html lang="EN" dir="ltr" xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Edit Record</title>

<?php include "dbLib.php"; ?>
</head>
<body>
<h1>Edit Record</h1>
<?php 

$dbConn = connectToDb();

// expects $tableName, $keyName, $keyVal
$tableName = filter_input(INPUT_POST, "tableName");
$keyName = filter_input(INPUT_POST, "keyName");
$keyVal = filter_input(INPUT_POST, "keyVal");

$tableName = mysql_real_escape_string($tableName);
$keyName = mysql_real_escape_string($keyName);
$keyVal = mysql_real_escape_string($keyVal);

$query = "SELECT * FROM $tableName WHERE $keyName = $keyVal";

//print rToEdit($query);
print smartRToEdit($query);
print mainButton();

?>
</body>
</html>
Link to comment
Share on other sites
webdevdea Member

webdevdea

Posted
  • Author
Posted

Ok so I fixed that and now its telling me the same thing it was saying at the bottom of all the php.info..( when I created the file I used the wrong template)

i get this error message

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html lang="EN" dir="ltr" xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>View Query</title>
<?php include "dbLib.php"; ?>

</head>
<body>

<h1>Query Results</h1>

<?php 

$dbConn = connectToDb();

//get $queryID from previous form
$queryID = filter_input(INPUT_POST, "queryID");
$queryID = mysql_real_escape_string($queryID);

//use the queryID to get the requested query from the database
$sql = "SELECT * FROM storedQuery WHERE storedQuery.storedQueryID = $queryID";
$result = mysql_query($sql) or die (mysql_error());
$row = mysql_fetch_assoc($result);

$theQuery = $row["text"];
//print "Query: $theQuery";

print qToTable($theQuery);

print mainButton();

?>
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.