[SOLVED] too many url variables?

[simon551]

novice here. Trying to use a url variable to return to a page after updating a record. Basically it goes like this: start at a listing of records

1. click link to go to detail using url variable and edit a record

2. edit the record

3. return to list

 

for some reason I'm breaking down on the third step.

 

here is the code:

  $updateGoTo = "erR_report.php?erurl=" . $row_rsermain['erID'] . "";
  if (isset($_SERVER['QUERY_STRING'])) {
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
    $updateGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $updateGoTo));

 

This is the returning url: localhost/expensereports/erR_report.php?erurl=&erDetID_url=10764

 

The query rsmain took the erDetID_url variable so I'm guessing that is why it's taking that url back on the result page, but I'm not sure why it's not giving me the erurl=# part. That's the part I need. Let me know if I need to post more code.

 

thanks in advance

-s

[btherl]

Is $row_rsermain['erID'] empty?  Try printing it out.  If so, trace it back through your code with print statements until you find what's causing it to be empty.

 

And yes, we need more code   Everything from what you've posted back until the source of that variable which isn't what you expect it to be.

 

I'm also unclear on how you intend to pass the url around.  Where did you store it?

[simon551]

Thanks for the help. Here is the query (this is on the page with the update form action):

//url variable gets us here
$erdetidurl_rsERDets = "-1";
if (isset($_GET['erDetID_url'])) {
  $erdetidurl_rsERDets = (get_magic_quotes_gpc()) ? $_GET['erDetID_url'] : addslashes($_GET['erDetID_url']);
}

//back in to the expense report info section from the detid (url)
mysql_select_db($database_conn_org, $conn_org);
$query_rsermain = sprintf("SELECT expensereports.erID, expensereports.erDate, expensereports.empID, expensereports.notes FROM expensereports Inner Join expensereport_details ON expensereports.erID = expensereport_details.erID WHERE expensereport_details.erDetID = %s", $erdetidurl_rsERDets);
$rsermain = mysql_query($query_rsermain, $conn_org) or die(mysql_error());
$row_rsermain = mysql_fetch_assoc($rsermain);
$totalRows_rsermain = mysql_num_rows($rsermain);

 

This prints out just fine:

        <td>ER ID: <?php echo $row_rsermain['erID']; ?></td>

 

This is on the report page, which was originally delivered via the same url variable:

//expense report from url variable
$erurl = "-1";
if (isset($_GET['erurl'])) {
  $erurl = (get_magic_quotes_gpc()) ? $_GET['erurl'] : addslashes($_GET['erurl']);
}
//Query expense report information
mysql_select_db($database_conn_org, $conn_org);
$query_rsERinfo = "SELECT expensereports.erID, expensereports.erDate, expensereports.empID, expensereports.notes FROM expensereports WHERE expensereports.erID = $erurl";
$rsERinfo = mysql_query($query_rsERinfo, $conn_org) or die(mysql_error());
$row_rsERinfo = mysql_fetch_assoc($rsERinfo);
$totalRows_rsERinfo = mysql_num_rows($rsERinfo);

 

[simon551]

 

 

I'm also unclear on how you intend to pass the url around.  Where did you store it?

 

Not sure but I thought it was going into the form action, with this:

 $updateGoTo = "erR_report.php?erurl=" . $row_rsermain['erID'] . "";

 

but I'm not sure now.

 

This is the form action script:

  <form action="<?php echo $editFormAction; ?>" method="POST" name="erDets" id="erDets">

 

oh. and the function:

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

[btherl]

Ok.. let me clarify a few things.

 

You said that the url you get is this: localhost/expensereports/erR_report.php?erurl=&erDetID_url=10764

 

Do you intend erurl to have the value "&erDetIT_url=10764"?

 

[simon551]

no. I intend it to have a number like 7802. I don't need the erDetID_url variable anymore when I go back to erR_report.

I picked that up on erR_report to go to a detail record at localhost/expensereports/erR_dets_edit. Now I'm trying to go back to erR_report with just the erID.

 

The set up of the database is:

 

expensereport table

key: erID

 

expensereport_details table

key: erDetID

 

erR_report has all the detail records and erR_dets_edit is one record to edit.

[btherl]

Ok.. so is the problem that erurl is empty, when it should contain a value?

 

I asked you to print out the value here:

 

<td>ER ID: <?php echo $row_rsermain['erID']; ?></td>

 

because that is the value that goes into erurl, and it looke like erurl was empty when it shouldn't be.  Did you put that line that prints out ER ID directly above the line that constructs the redirect url?  If $row_rsermain['erID'] is set properly and is used to construct the redirect url, then everything ought to work.  So the only explanation is that it's not set (or there's a typo).

 

I think it's fine to have it in the action.. you can access those variables through either $_GET or $_REQUEST.

[simon551]

not sure how to do that. This is the entire form (erR_dets_edit). I really appreciate your input.

 

<?php require_once('../Connections/conn_org.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "erDets")) {
  $updateSQL = sprintf("UPDATE expensereport_details SET erID=%s, fdate=%s, vendor=%s, payType=%s, empID_accountof=%s WHERE erDetID=%s",
                       GetSQLValueString($_POST['erID'], "int"),
                       GetSQLValueString($_POST['fdate'], "date"),
                       GetSQLValueString($_POST['vendor'], "text"),
                       GetSQLValueString($_POST['payType'], "text"),
                       GetSQLValueString($_POST['empID_accountof'], "int"),
                       GetSQLValueString($_POST['erDetID'], "int"));

  mysql_select_db($database_conn_org, $conn_org);
  $Result1 = mysql_query($updateSQL, $conn_org) or die(mysql_error());
  
  $updateGoTo = "erR_report.php?erurl=" . $row_rsermain['erID'] . "";
  if (isset($_SERVER['QUERY_STRING'])) {
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
    $updateGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $updateGoTo));
}

mysql_select_db($database_conn_org, $conn_org);
$query_rsProjectMenu = "SELECT concat(`tblclients`.`ClientName`, ' | ',  `tblproj`.`ProjName`, ' | ', DATE_FORMAT(tblproj.ProjBegDate, '%m-%d-%Y' ), ' | ', DATE_FORMAT(tblproj.ProjEndDate, '%m-%d-%Y' ),' | ', `tblproj`.`ProjLoc`) AS project, projID FROM `tblproj` Inner Join `tblclients` ON `tblclients`.`ClientID` = `tblproj`.`ClientID` WHERE `tblproj`.`Inactive` <>  '1' GROUP BY `tblclients`.`ClientName` ORDER BY `tblclients`.`ClientName` ASC, `tblproj`.`ProjEndDate` DESC";
$rsProjectMenu = mysql_query($query_rsProjectMenu, $conn_org) or die(mysql_error());
$row_rsProjectMenu = mysql_fetch_assoc($rsProjectMenu);
$totalRows_rsProjectMenu = mysql_num_rows($rsProjectMenu);

mysql_select_db($database_conn_org, $conn_org);
$query_rsItems_regular = "SELECT tblitems.ItemID, tblitems.ItemName FROM tblitems WHERE tblitems.ItemTypeID <>  14 ORDER BY ItemName ASC";
$rsItems_regular = mysql_query($query_rsItems_regular, $conn_org) or die(mysql_error());
$row_rsItems_regular = mysql_fetch_assoc($rsItems_regular);
$totalRows_rsItems_regular = mysql_num_rows($rsItems_regular);

mysql_select_db($database_conn_org, $conn_org);
$query_rsEmployees = "SELECT tblEmployees.EmpID,concat(tblEmployees.EmpFName,' ',tblEmployees.EmpLName ) AS `Employee` FROM tblEmployees  WHERE inactive <>1 AND suppressfromlist <>1 ORDER BY Employee ASC ";
$rsEmployees = mysql_query($query_rsEmployees, $conn_org) or die(mysql_error());
$row_rsEmployees = mysql_fetch_assoc($rsEmployees);
$totalRows_rsEmployees = mysql_num_rows($rsEmployees);

//url variable gets us here
$erdetidurl_rsERDets = "-1";
if (isset($_GET['erDetID_url'])) {
  $erdetidurl_rsERDets = (get_magic_quotes_gpc()) ? $_GET['erDetID_url'] : addslashes($_GET['erDetID_url']);
}

//back in to the expense report info section from the detid (url)
mysql_select_db($database_conn_org, $conn_org);
$query_rsermain = sprintf("SELECT expensereports.erID, expensereports.erDate, expensereports.empID, expensereports.notes FROM expensereports Inner Join expensereport_details ON expensereports.erID = expensereport_details.erID WHERE expensereport_details.erDetID = %s", $erdetidurl_rsERDets);
$rsermain = mysql_query($query_rsermain, $conn_org) or die(mysql_error());
$row_rsermain = mysql_fetch_assoc($rsermain);
$totalRows_rsermain = mysql_num_rows($rsermain);

mysql_select_db($database_conn_org, $conn_org);
$query_rsERDets = sprintf("SELECT expensereport_details.erID, expensereport_details.erDetID, expensereport_details.fdate, expensereport_details.vendor, expensereport_details.payType, expensereport_details.empID_accountof, expensereport_splits.erSplitID, expensereport_splits.ItemID, expensereport_splits.description, expensereport_splits.ProjID, expensereport_splits.Curr, expensereport_splits.amtForeign, expensereport_splits.fxRate, expensereport_splits.amtUS, expensereport_splits.internalNote, expensereport_splits.Reimb, expensereport_splits.Personal, expensereport_splits.Billed, expensereport_splits.GroupID, expensereport_splits.cdate, expensereport_splits.Approved, expensereport_splits.NotApproved FROM expensereport_details Inner Join expensereport_splits ON expensereport_details.erDetID = expensereport_splits.erDetID WHERE expensereport_details.erDetID = %s", $erdetidurl_rsERDets);
$rsERDets = mysql_query($query_rsERDets, $conn_org) or die(mysql_error());
$row_rsERDets = mysql_fetch_assoc($rsERDets);
$totalRows_rsERDets = mysql_num_rows($rsERDets);

function makeStamp($theString) {
  if (ereg("([0-9]{4})-([0-9]{2})-([0-9]{2}) ([0-9]{2})[0-9]{2})[0-9]{2})", $theString, $strReg)) {
    $theStamp = mktime($strReg[4],$strReg[5],$strReg[6],$strReg[2],$strReg[3],$strReg[1]);
  } else if (ereg("([0-9]{4})-([0-9]{2})-([0-9]{2})", $theString, $strReg)) {
    $theStamp = mktime(0,0,0,$strReg[2],$strReg[3],$strReg[1]);
  } else if (ereg("([0-9]{2})[0-9]{2})[0-9]{2})", $theString, $strReg)) {
    $theStamp = mktime($strReg[1],$strReg[2],$strReg[3],0,0,0);
  }
  return $theStamp;
}

function makeDateTime($theString, $theFormat) {
  $theDate=date($theFormat, makeStamp($theString));
  return $theDate;
} 
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><style type="text/css">
@import url(../jscalendar-1.0/calendar-win2k-1.css);
@import url(../layout.css);
@import url(../global.css);
</style>
<script type="text/javascript" src="../jscalendar-1.0/calendar.js"></script>
<script type="text/javascript" src="../jscalendar-1.0/lang/calendar-en.js"></script>
<script type="text/javascript" src="../jscalendar-1.0/calendar-setup.js"></script>
<script type="text/javascript">
</script>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Edit Detail</title>
</head>

<body>
<div id="main">
  <form action="<?php echo $editFormAction; ?>" method="POST" name="erDets" id="erDets">
    <table align="center">
      <tr valign="baseline">
        <td nowrap="nowrap" align="left" colspan="2"><h4>Expense Report </h4></td>
        <td> </td>
        <td><h4><?php echo makeDateTime($row_rsermain['erDate'], 'M j, Y'); ?></h4></td>
        <td nowrap="nowrap"><input name="erDetID" type="hidden" id="erDetID" value="<?php echo $row_rsERDets['erDetID']; ?>" />
        <input name="erSplitID" type="hidden" id="erSplitID" value="<?php echo $row_rsERDets['erSplitID']; ?>" /></td>
        <td> </td>
      </tr>
      <tr valign="baseline">
        <td nowrap="nowrap" align="left">Item:</td>
        <td width="200"><select name="ItemID">
            <option value="null"  <?php if (!(strcmp("null", $row_rsERDets['ItemID']))) {echo "selected=\"selected\"";} ?>>--please select--</option>
<?php
do {  
?><option value="<?php echo $row_rsItems_regular['ItemID']?>"<?php if (!(strcmp($row_rsItems_regular['ItemID'], $row_rsERDets['ItemID']))) {echo "selected=\"selected\"";} ?>><?php echo $row_rsItems_regular['ItemName']?></option>
            <?php
} while ($row_rsItems_regular = mysql_fetch_assoc($rsItems_regular));
  $rows = mysql_num_rows($rsItems_regular);
  if($rows > 0) {
      mysql_data_seek($rsItems_regular, 0);
  $row_rsItems_regular = mysql_fetch_assoc($rsItems_regular);
  }
?>
        </select></td>
        <td> </td>
        <td nowrap="nowrap">Date of Charge:</td>
        <td><input type="text" name="fdate" value="<?php echo $row_rsERDets['fdate']; ?>" size="10" id="data" />
          <button id="trigger">...</button></td>
      </tr>
      <tr valign="baseline">
        <td nowrap="nowrap" align="left">Pay Type:</td>
        <td><select name="payType">
          <option value="Cash" <?php if (!(strcmp("Cash", $row_rsERDets['payType']))) {echo "selected=\"selected\"";} ?>>Cash</option>
          <option value="Amex" <?php if (!(strcmp("Amex", $row_rsERDets['payType']))) {echo "selected=\"selected\"";} ?>>Amex</option>
        </select></td>
        <td> </td>
        <td>Amount:</td>
        <td><input type="text" name="AmountUS" value="<?php echo $row_rsERDets['amtUS']; ?>" size="10" /></td>
      </tr>
      <tr valign="baseline">
        <td nowrap="nowrap" align="left">Vendor:</td>
        <td colspan="2"><input type="text" name="vendor" value="<?php echo $row_rsERDets['vendor']; ?>" size="32" /></td>
        <td> </td>
        <td> </td>
      </tr>
      <tr valign="baseline">
        <td align="left" valign="top" nowrap="nowrap">Description:</td>
        <td colspan="4"><textarea name="description" style="width: 500px;" rows="2"><?php echo $row_rsERDets['description']; ?></textarea></td>
      </tr>
      <tr valign="baseline">
        <td nowrap="nowrap" align="left">Project:</td>
        <td colspan="4"><select name="ProjID" style="width: 500px;">
            <option value="null" <?php if (!(strcmp("null", $row_rsERDets['ProjID']))) {echo "selected=\"selected\"";} ?>>--please select--</option>
<?php
do {  
?><option value="<?php echo $row_rsProjectMenu['projID']?>"<?php if (!(strcmp($row_rsProjectMenu['projID'], $row_rsERDets['ProjID']))) {echo "selected=\"selected\"";} ?>><?php echo $row_rsProjectMenu['project']?></option>
            <?php
} while ($row_rsProjectMenu = mysql_fetch_assoc($rsProjectMenu));
  $rows = mysql_num_rows($rsProjectMenu);
  if($rows > 0) {
      mysql_data_seek($rsProjectMenu, 0);
  $row_rsProjectMenu = mysql_fetch_assoc($rsProjectMenu);
  }
?>
        </select></td>
      </tr>
      <tr valign="baseline">
        <td align="left" valign="top" nowrap="nowrap">Internal Notes:</td>
        <td colspan="4"><textarea name="internalNote" style="width: 500px;" rows="2"><?php echo $row_rsERDets['internalNote']; ?></textarea></td>
      </tr>
      <tr valign="baseline">
        <td nowrap="nowrap" align="left">Reimb:</td>
        <td><input type="checkbox" name="Reimb" value="<?php echo $row_rserDets['Reimb']; ?>" checked="checked" /></td>
        <td align="left" nowrap="nowrap">Personal:</td>
        <td><input type="checkbox" name="Personal" value="<?php echo $row_rserDets['Personal']; ?>" /></td>
        <td> </td>
      </tr>
      <tr valign="baseline">
        <td nowrap="nowrap">on account of:</td>
        <td><select name="empID_accountof">
            <option value="null"  <?php if (!(strcmp("null", $row_rsERDets['empID_accountof']))) {echo "selected=\"selected\"";} ?>>--please select--</option>
<?php
do {  
?><option value="<?php echo $row_rsEmployees['EmpID']?>"<?php if (!(strcmp($row_rsEmployees['EmpID'], $row_rsERDets['empID_accountof']))) {echo "selected=\"selected\"";} ?>><?php echo $row_rsEmployees['Employee']?></option>
            <?php
} while ($row_rsEmployees = mysql_fetch_assoc($rsEmployees));
  $rows = mysql_num_rows($rsEmployees);
  if($rows > 0) {
      mysql_data_seek($rsEmployees, 0);
  $row_rsEmployees = mysql_fetch_assoc($rsEmployees);
  }
?>
        </select></td>
        <td> </td>
        <td> </td>
        <td> </td>
      </tr>
      <tr valign="baseline">
        <td nowrap="nowrap" align="left"> </td>
        <td><input name="button" type="submit" id="something" value="save"
  onclick="if(this.form.fdate.value == '' ||
  	this.form.ItemID.value == '' ||
	this.form.AmountUS.value == ''){alert('Please make sure all required fields (marked with an \'*\') are filled out.'); return false;};"/></td>
        <td> </td>
        <td>ER ID: <?php echo $row_rsermain['erID']; ?></td>
        <td> </td>
      </tr>
    </table>
    <input type="hidden" name="MM_insert" value="erDets" />
    <input type="hidden" name="erID" value="<?php echo $row_rsERDets['erID']; ?>" />
    <input type="hidden" name="MM_update" value="erDets">
  </form>
</div>
<script type="text/javascript">
  Calendar.setup(
    {
      inputField  : "data",         // ID of the input field
      ifFormat    : "%Y-%m-%d",    // the date format
      button      : "trigger"       // ID of the button
    }
  );
</script>

<?php require_once('../includes/NewMenu.inc.php'); ?>
</body>
</html>
<?php
mysql_free_result($rsProjectMenu);

mysql_free_result($rsItems_regular);

mysql_free_result($rsEmployees);

mysql_free_result($rsermain);

mysql_free_result($rsERDets);
?>

[btherl]

Thanks, the whole form is exactly what I needed

 

Notice that the first mention of $row_rsermain['erID'] is actually before $row_rsermain is set.  $row_rsermain is fetched from a query further down in the script.  So you can't get the id from there.  You will need to get it from somewhere else.

 

It looks as if you pass the entire $_SERVER['QUERY_STRING'] along as the edit form action.  Does this contain erurl?  If not, can you make it so it does contain erurl?  That is, the url that goes from the main list to the editing page contains erurl, and therefore the copied query string used as the edit form action also contains erurl.  Then you can use $_GET['erurl'] to grab the number during the update, instead of $row_rsermain['erID'], which can't be used at that point in the script.

 

Does that make sense?  It would actually be easier to use sessions, then you don't have to bother with all this passing around.

[simon551]

Moving the query to the top of the page took care of the problem. Thank you for your help. I really appreciate how you stuck it out and kept trying to figure it out with me. If your ever in Portland let me know and I'll buy you a beer (or 10).

 

-simon