Jump to content

[SOLVED] Displaying information in a update form

dark22horse

By dark22horse
in PHP Coding Help

 Share

Recommended Posts

  • Replies 51
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

dark22horse Member

dark22horse

Posted
  • Author
Posted

Here you go mate.  Still quoting the error at the bottom of the page

 

<?
require_once("mysql_config.php");

$target_path = $target_path . basename( $_FILES['photo']['name']); 
$_FILES['photo']['tmp_name'];

$target_path = "uploads/";

$target_path = $target_path . basename( $_FILES['photo']['name']); 

if(move_uploaded_file($_FILES['photo']['tmp_name'], $target_path)) {

$id=$_GET['id'];
$price = $_POST['price'];
$description = $_POST['description'];
$photo = $_FILES['photo']['name'];
$photo1 = $_FILES['photo1']['name'];
$photo2 = $_FILES['photo2']['name'];
$photo3 = $_FILES['photo3']['name'];
$car_of_the_week = $_POST['car_of_the_week'];
$status1 = $_POST['status1'];

    echo "The file ".  basename( $_FILES['photo']['name']). " has been uploaded";

$sql_string = "UPDATE car SET price='$price', description='$description', photo='$photo', photo1='$photo1', photo2='$photo2', photo3='$photo3', car_of_the_week='$car_of_the_week', status1 =$'status1'"."WHERE id='$id'"; 

echo "<br/>SQL STRING WE WANT TO RUN: ".$sql_string;

echo "db connection: ".$dbconn;
echo "table connection: ".$table;
$ok = mysql_query($sql_string);
echo "OK: ".$ok;
if($ok){
	echo "<h2>all is good, upload another</h2>";
} else {
	echo "<h2>check the string".$sql_string."</h2>";
}
} else{
echo "There was an error uploading the file, please try again!";
}
?>

suttercain Advanced Member

suttercain

Posted
Posted

Okay replace:

$sql_string = "UPDATE car SET price='$price', description='$description', photo='$photo', photo1='$photo1', photo2='$photo2', photo3='$photo3', car_of_the_week='$car_of_the_week', status1 =$'status1'"."WHERE id='$id'";

You have $'status1' instead of '$status1' and also no MySQL Query!

 

 

With:

$sql_string = "UPDATE car SET price='$price', description='$description', photo='$photo', photo1='$photo1', photo2='$photo2', photo3='$photo3', car_of_the_week='$car_of_the_week', status1 ='$status1'"."WHERE id='$id'";

mysql_query($sql_string) OR die(mysql_error());//This will report any errors!

 

I also highly suggest using the mysql_real_escape_string() function BEFORE entering the information into you database to prevent MySQL hacks.

 

This is how you would use is:

$price = mysql_real_escape_string($price);

 

Do that for EVERY variable you are entering into your database. $photo, $car_of_the_week, etc.

dark22horse Member

dark22horse

Posted
  • Author
Posted

I have it working sort of now.  I have it saying that it has uploaded, but it doesnt appear in the database.  Ive got a feeling it because of the Where bit in the sql.  As it prints out what it is going to put into the database, but nothing appears on that field.

 

Also with your $price = mysql_real_escape_string($price); is that meant to be put in the string, or when im saying what the variable is. 

 

I know that the $_Post['id'] is bring back the result, as I have the print_r($_POST); and that is showing that it is posting the number i select.

 

<?
require_once("mysql_config.php");
echo "<pre>";
echo "THIS IS THE POST ARRAY";
print_r($_POST);

$target_path = $target_path . basename( $_FILES['photo']['name']); 
$_FILES['photo']['tmp_name'];

$target_path = "uploads/";

$target_path = $target_path . basename( $_FILES['photo']['name']); 


if(move_uploaded_file($_FILES['photo']['tmp_name'], $target_path)) {

$id=$_Post['id'];
$price = $_POST['price'];
$description = $_POST['description'];
$photo = $_FILES['photo']['name'];
$photo1 = $_FILES['photo1']['name'];
$photo2 = $_FILES['photo2']['name'];
$photo3 = $_FILES['photo3']['name'];
$car_of_the_week = $_POST['car_of_the_week'];
$status1 = $_POST['status1'];

echo "$id";

$sql_string = "UPDATE car SET price='$price', description='$description', photo='$photo', photo1='$photo1', photo2='$photo2', photo3='$photo3', car_of_the_week='$car_of_the_week', status1 ='$status1'"."WHERE id='$id'";

mysql_query($sql_string) OR die(mysql_error());

echo "<br/>SQL STRING WE WANT TO RUN: ".$sql_string;

echo "db connection: ".$dbconn;
echo "table connection: ".$table;

$ok = mysql_query($sql_string);
echo "OK: ".$ok;
if($ok){
	echo "<h2>all is good, upload another</h2>";
} else {
	echo "<h2>check the string".$sql_string."</h2>";
}
} else{
echo "There was an error uploading the file, please try again!";
}
?>

 

I think im slowly getting this php stuff now.  Your help is greatly appreciated. 

suttercain Advanced Member

suttercain

Posted
Posted

Hi Darkhorse,

 

Sorry for the slow replies but I have a lot of stuff going on, but I'll keep checking this post till we get you there.

 

For some reason you had a . right before your where statement which messed up the syntax... I have corrected in. Please don't change it again, the syntax I am using is correct.

 

Okay with your WHERE statement. I have two questions:

1. When you echo "$id"; does it output the id number in your browser?

2. If the above answer is yes, and let's say for example it echos 16, do you have that same id already in the id column of your MySQL table?

 

The reason I ask is if you do this:

WHERE id='16'; and 16 is not in your database, it has no row to update and WILL NOT WORK.

 

As far as the mysql_real_escape_string(), this prepends certain characters that users may try and place into the database that can cause it to delete or hack records.

 

This is how I suggest running it, but there may be better ways so look around for other suggestions too:

 

<?php
require_once("mysql_config.php");
echo "<pre>";
echo "THIS IS THE POST ARRAY";
print_r($_POST);

$target_path = $target_path . basename( $_FILES['photo']['name']); 
$_FILES['photo']['tmp_name'];

$target_path = "uploads/";

$target_path = $target_path . basename( $_FILES['photo']['name']); 


if(move_uploaded_file($_FILES['photo']['tmp_name'], $target_path)) {

$id=$_POST['id'];
$price = $_POST['price'];
$description = $_POST['description'];
$photo = $_FILES['photo']['name'];
$photo1 = $_FILES['photo1']['name'];
$photo2 = $_FILES['photo2']['name'];
$photo3 = $_FILES['photo3']['name'];
$car_of_the_week = $_POST['car_of_the_week'];
$status1 = $_POST['status1'];

//ESCAPE THE STRINGS BEFORE PLACING INTO DATABASE
$id = mysql_real_escape_string($id);
$price = mysql_real_escape_string($price);
$description = mysql_real_escape_string($description);
$status1 = mysql_real_escape_string($status1);


echo "$id";

$sql_string = "UPDATE car SET price='$price', description='$description', photo='$photo', photo1='$photo1', photo2='$photo2', photo3='$photo3', car_of_the_week='$car_of_the_week', status1 ='$status1' WHERE id='$id'";
mysql_query($sql_string) OR die(mysql_error());

echo "<br/>SQL STRING WE WANT TO RUN: ".$sql_string;

echo "db connection: ".$dbconn;
echo "table connection: ".$table;

$ok = mysql_query($sql_string);
echo "OK: ".$ok;
if($ok){
	echo "<h2>all is good, upload another</h2>";
} else {
	echo "<h2>check the string".$sql_string."</h2>";
}
} else{
echo "There was an error uploading the file, please try again!";
}
?>

 

Let me know...

dark22horse Member

dark22horse

Posted
  • Author
Posted

Sorry mate, one more question. 

 

On the form,

 

<?
print_r($_GET);
$id=$_GET['id'];
//connect to mysql
//change user and password to your mySQL name and password
mysql_connect("localhost","root","");

//select which database you want to edit
mysql_select_db("car"); 


$query = "select * from car WHERE id = '$id' ";
$result = mysql_query($query);
$num = mysql_num_rows($result);

$i = 0;
while ($i<$num) {
$price = mysql_result($result, $i, 'price'); //do this for each variable
   	$description= mysql_result($result, $i, 'Description');
   	$photo= mysql_result($result, $i, 'photo');
   	$photo1= mysql_result($result, $i, 'photo1');
$photo2= mysql_result($result, $i, 'photo2');
        $photo3= mysql_result($result, $i, 'photo3');
$car_of_the_week= mysql_result($result, $i, 'car_of_the_week');
$status1= mysql_result($result, $i, 'status1');
$id=$_GET['id'];   	

?>


<html>
<body>

<form enctype="multipart/form-data" action="uploader2.php" method="POST"> 
<table width='100%' border='1'>
  <tr>
    <input type="hidden" name="MAX_FILE_SIZE" value="100000" />
    <td>ID</td>
    <td><input type='text' name='id' value='<?php print "$id";?>'> </td>
    <td>Price</td>
    <td><input type='text' name='price' value='<?php print "$price";?>'> </td>
    <td>Description</td>
    <td><input type='text' name='description' value='<?php print "$description";?>'> </td>
    <td>Photo</td>
    <td><input name="photo" type="file" value='<?php print "$photo";?>'> </td>
    <td>Photo1</td>
    <td><input name="photo1" type="file" /></td>
    <td>Photo2</td>
    <td><input name="photo2" type="file" /></td>
    <td><input name="photo3" type="file" /></td>
    <td>Car of the Week</td>
    <td><input type="text" name="car_of_the_week" length="20" value ='<?php print "$car_of_the_week";?>'></td>
    <td>Status</td>
    <td><input type="text" name="status1" length="20" value = "jjjj"/></td>
    <td><input type="submit" value="Upload Files" /></td>

  </tr>
</table>
</form>

<?
++$i;
}
?>
                
</BODY>
</html>

 

I am trying to display the photo name in the form, however it isnt working.  Can you actually put the name of it in the value.  if so, how :)

MadTechie Regular Member

MadTechie

Posted
Posted

try

 

<?php
print_r($_GET);
$id=$_GET['id'];
//connect to mysql
//change user and password to your mySQL name and password
mysql_connect("localhost","root","");

//select which database you want to edit
mysql_select_db("car"); 


$query = "select * from car WHERE id = '$id' ";
$result = mysql_query($query);
$num = mysql_num_rows($result);

$i = 0;
while ($i<$num) {
$row = fetch_array($result);
$price = $row['price']
   	$description= $row['Description'];
   	$photo= $row['Description']; 
   	$photo1= $row['photo1'];
$photo2= $row['photo2'];
        $photo3= $row['photo3'];
$car_of_the_week= $row['car_of_the_week'];
$status1= $row['status1'];
$id=$_GET['id'];   	

?>


<html>
<body>

<form enctype="multipart/form-data" action="uploader2.php" method="POST"> 
<table width='100%' border='1'>
  <tr>
    <input type="hidden" name="MAX_FILE_SIZE" value="100000" />
    <td>ID</td>
    <td><input type='text' name='id' value='<?php print "$id";?>'> </td>
    <td>Price</td>
    <td><input type='text' name='price' value='<?php print "$price";?>'> </td>
    <td>Description</td>
    <td><input type='text' name='description' value='<?php print "$description";?>'> </td>
    <td>Photo</td>
    <td><input name="photo" type="file" value='<?php print "$photo";?>'> </td>
    <td>Photo1</td>
    <td><input name="photo1" type="file" /></td>
    <td>Photo2</td>
    <td><input name="photo2" type="file" /></td>
    <td><input name="photo3" type="file" /></td>
    <td>Car of the Week</td>
    <td><input type="text" name="car_of_the_week" length="20" value ='<?php print "$car_of_the_week";?>'></td>
    <td>Status</td>
    <td><input type="text" name="status1" length="20" value = "jjjj"/></td>
    <td><input type="submit" value="Upload Files" /></td>

  </tr>
</table>
</form>

<?
++$i;
}
?>
                
</BODY>
</html>

dark22horse Member

dark22horse

Posted
  • Author
Posted

I have done that, but the fetcharray has a problem

 

Fatal error: Call to undefined function fetch_array() in C:\Program Files\xampp\htdocs\site\Update_car2.php on line 19

 

<?
print_r($_GET);
$id=$_GET['id'];
//connect to mysql
//change user and password to your mySQL name and password
mysql_connect("localhost","root","");

//select which database you want to edit
mysql_select_db("car"); 


$query = "select * from car WHERE id = '$id' ";
$result = mysql_query($query);
$num = mysql_num_rows($result);

$i = 0;
while ($i<$num) {

$row = fetch_array($result);


$price= $row['price'];
   	$description= $row['Description'];
   	$photo= $row['photo'];
   	$photo1= $row['photo1'];
$photo2= $row['photo2'];
        $photo3= $row['photo3'];
$car_of_the_week= $row['car_of_the_week'];
$status1= $row['status1'];
$id=$_GET['id'];   	

?>


<html>
<body>

<form enctype="multipart/form-data" action="uploader2.php" method="POST"> 
<table width='100%' border='1'>
  <tr>
    <input type="hidden" name="MAX_FILE_SIZE" value="100000" />
    <td>ID</td>
    <td><input type='text' name='id' value='<?php print "$id";?>'> </td>
    <td>Price</td>
    <td><input type='text' name='price' value='<?php print "$price";?>'> </td>
    <td>Description</td>
    <td><input type='text' name='description' value='<?php print "$description";?>'> </td>
    <td>Photo</td>
    <td><input name="photo" type="file" value='<?php print "$photo";?>'> </td>
    <td>Photo1</td>
    <td><input name="photo1" type="file" /></td>
    <td>Photo2</td>
    <td><input name="photo2" type="file" /></td>
    <td><input name="photo3" type="file" /></td>
    <td>Car of the Week</td>
    <td><input type="text" name="car_of_the_week" length="20" value ='<?php print "$car_of_the_week";?>'></td>
    <td>Status</td>
    <td><input type="text" name="status1" length="20" value = "jjjj"/></td>
    <td><input type="submit" value="Upload Files" /></td>

  </tr>
</table>
</form>

<?
++$i;
}
?>
                
</BODY>
</html>

 

dark22horse Member

dark22horse

Posted
  • Author
Posted

This is my form.  input type="file" Can you print (echo) the file location into this one as that is my problem. 

I have echoed the $photo in my php script above and it says the location, however when I try to print (echo) into the input type file box, it doesnt appear. 

 

Hopefully that explains it a bit better

 

<form enctype="multipart/form-data" action="uploader2.php" method="POST"> 
<table width='100%' border='1'>
  <tr>
    <input type="hidden" name="MAX_FILE_SIZE" value="100000" />
    <td>ID</td>
    <td><input type='text' name='id' value='<?php print "$id";?>'> </td>
    <td>Price</td>
    <td><input type='text' name='price' value='<?php print "$price";?>'> </td>
    <td>Description</td>
    <td><input type='text' name='description' value='<?php echo "$description";?>'> </td>
    <td>Photo</td>
    <td><input name="photo" type="file" value='<?php print "$photo";?>'> </td>
    <td>Photo1</td>
    <td><input name="photo1" type="file" /></td>
    <td>Photo2</td>
    <td><input name="photo2" type="file" /></td>
    <td><input name="photo3" type="file" /></td>
    <td>Car of the Week</td>
    <td><input type="text" name="car_of_the_week" length="20" value ='<?php print "$car_of_the_week";?>'></td>
    <td>Status</td>
    <td><input type="text" name="status1" length="20" value = "jjjj"/></td>
    <td><input type="submit" value="Upload Files" /></td>

  </tr>
</table>
</form>

dark22horse Member

dark22horse

Posted
  • Author
Posted

What I am asking is whether you can put a text field into

 

<td><input name="photo" type="file" value='<?php print "$photo";?>'> </td>

    <td>Photo1</td>

 

as this seems to be the problem!

 

I have just changed that type to text and it works.  However they can not select another file if i change it, so I need it file type

dark22horse Member

dark22horse

Posted
  • Author
Posted

I am storing the file name in the database.  What I am trying to do is, show all the information in a form, so that the user can update it. 

 

So I have the ID, which I hide from them, the price, descripition, photo, photo1, photo2, status1.

 

The form I am displaying them in shows the price and description.  My question is that can I display the photo information in a form box with the type set to file.  If not, how can I display the photo information so that it can be updated?

dark22horse Member

dark22horse

Posted
  • Author
Posted

It didnt work, this is my code.  I am trying to change the $photo in a file. (i think that what i need to do)

 


<?
print_r($_GET);
$id=$_GET['id'];
//connect to mysql
//change user and password to your mySQL name and password
mysql_connect("localhost","root","");

//select which database you want to edit
mysql_select_db("car"); 


$query = "select * from car WHERE id = '$id' ";
$result = mysql_query($query);
$num = mysql_num_rows($result);

$i = 0;
while ($i<$num) {

$row= mysql_fetch_array($result, MYSQL_ASSOC);
$price= $row['price'];
   	$description= $row['description'];
   	$photo= $row['photo'];
   	$photo1= $row['photo1'];
$photo2= $row['photo2'];
        $photo3= $row['photo3'];
$car_of_the_week= $row['car_of_the_week'];
$status1= $row['status1'];
$id=$_GET['id'];   	
        echo "$photo";

$target_path = "uploads/";

$photo = $target_path . basename( $_FILES['photo']['name']);
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.