need help in my edit form validation

pixeltrace · September 18, 2007

hi,

i have an edit page that has a validation scripts to check if the session value is != or = to the post value

currently, its not working and is always telling me that the item is already existing whenever i dont do any changes on the value

below is my code for this page

<?
session_start();

if (session_is_registered("username")){
$username = $_SESSION['username'];
$cid = $_GET['cid'];

include 'db_connect.php';
$query = mysql_query("SELECT parent, category_name, parent_cn, category_name_cn, cid FROM engsoon_categories WHERE cid= '$cid'") or die(mysql_error()); 
$row = mysql_fetch_array( $query );

$category_name = $row["category_name"];
$parent = $row["parent"];
$category_name_cn = $row["category_name_cn"];
$parent_cn = $row["parent_cn"];
$cid = $row["cid"];

?>

<table width="100" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td width="6" align="left"><img src="../images/spacer.gif" width="6" height="10" /></td>
            <td width="100%"><table width="216" border="0" cellspacing="0" cellpadding="0">
              <tr>
                <td colspan="3" valign="top" bgcolor="#3261BB"><img src="images/spacer.gif" width="1" height="1" /></td>
              </tr>
              <tr>
                <td align="left" bgcolor="#3261BB" width="1"><img src="images/spacer.gif" width="1" height="1" /></td>
                <td width="214" valign="top">
			<form name="fileup" method="post" enctype="multipart/form-data" action="<? echo $PHP_SELF; ?>">
			<table width="515" border="0" cellspacing="2" cellpadding="3">
                    <tr>
                      <td colspan="4" valign="top"><img src="images/spacer.gif" width="10" height="1" /></td>
                    </tr>
                    <tr>
                      <td colspan="4" bgcolor="#999999" class="text2">EDIT PRODUCT CATEGORY</td>
                    </tr>
                    <tr>
                      <td colspan="4" valign="top"><img src="images/spacer.gif" width="10" height="10" /></td>
                    </tr>
                    <tr>
                      <td width="148" align="right" valign="top" class="text6"><? if ($parent == '0'){ echo "parent category :"; }else{ echo "category name  :"; } ?> </td>
                      <td> </td>
                      <td width="332" colspan="2" class="text7"><input name="category_name" type="text" size="40" value="<? echo "$category_name"; ?>" class="textfield"></td>
                    </tr>
				<? if ($parent ==0) {echo "";}else { ?>
                   <tr>
                      <td align="right" valign="top" class="text6">parent category  : </td>
                      <td width="1"> </td>
                      <td colspan="2"><select name="parent" class="textfield">
                        <option value="">-- select parent category --</option>
					<? 	

                        $_SESSION['fu'] = $parent;

					$uSql = "SELECT category_name, cid FROM engsoon_categories WHERE parent =0";
					$uResult = mysql_query($uSql, $connection);
					if(!$uResult){
					echo 'no data found';
					}else{
					while($uRow = mysql_fetch_array($uResult)){
						?>
                        <option value="<?= $uRow[1]?>" <?php if(($uRow[1] == $_SESSION['fu']))print 'selected';?>>
                          <?= $uRow[0]?>
                        </option>
                        <?
			}   
			}
			?>
                      </select></td>
                    </tr>
                    <tr>
                      <td align="right" valign="top" class="text6"> </td>
                      <td width="1"> </td>
                      <td colspan="2" class="text7">* select a parent category only for sub category items </td>
                    </tr>
                    <tr>
                      <td align="right" valign="top" class="text6"> </td>
                      <td width="1"> </td>
                      <td colspan="2" class="text7"> </td>
                    </tr>
				<? } ?>
                    <tr>
                      <td align="right" valign="top" class="text6"><? if ($parent_cn == '0'){ echo "chinese parent category :"; }else{ echo "chinses category name  :"; } ?></td>
                      <td width="1"> </td>
                      <td colspan="2" class="text7"><input name="category_name_cn" type="text" size="40" value="<? echo "$category_name_cn"; ?>"  class="textfield"></td>
                    </tr>

				<? if ($parent_cn ==0) {echo "";}else { ?>
                    <tr>
                      <td align="right" valign="top" class="text6">chinese parent category  :</td>
                      <td width="1"> </td>
                      <td colspan="2" class="text7"><select name="parent_cn" class="textfield">
                        <option value="">-- select parent category --</option>
                        <? 	

                        $_SESSION['fus'] = $parent_cn;

					$uSql2 = "SELECT category_name_cn, cid FROM engsoon_categories WHERE parent_cn =0";
					$uResult = mysql_query($uSql2, $connection);
					if(!$uResult){
					echo 'no data found';
					}else{
					while($uRow = mysql_fetch_array($uResult)){
						?>
                        <option value="<?= $uRow[1]?>" <?php if(($uRow[1] == $_SESSION['fus']))print 'selected';?>>
                        <?= $uRow[0]?>
                        </option>
                        <?
			}   
			}
			?>
                      </select></td>
                    </tr>
                    <tr>
                      <td align="right" valign="top" class="text6"> </td>
                      <td width="1"> </td>
                      <td colspan="2" class="text7">* select a parent category only for sub category items </td>
                    </tr>
				<? } ?>
                      <tr>
                        <td> </td>
                        <td> </td>
                        <td colspan="2"><input type="submit" value="submit" name="submit">
					<input type="hidden" name="username" value="<? echo "$username"; ?>">
					<input type=hidden value=http://www. name=redirect>
					<input type="hidden" value="<? echo "$cid"; ?>" name="cid" /></td>
                      </tr>
                      <tr>
                        <td> </td>
                        <td> </td>
                        <td colspan="2"> </td>
                      </tr>
                </table>
			</form>
			</td>
                <td align="right" bgcolor="#3261BB" width="1"><img src="images/spacer.gif" width="1" height="1" /></td>
              </tr>
              <tr>
                <td colspan="3" valign="top" bgcolor="#3261BB"><img src="images/spacer.gif" width="1" height="1" /></td>
              </tr>
            </table></td>
            <td width="6" align="right"><img src="../images/spacer.gif" width="6" height="10" /></td>
          </tr>
        </table>
<? 
//see if we have submited and that the files array has been set
if(($_POST["submit"]=="submit")){

$category_name = $_POST['category_name'];
$parent = $_POST['parent'];
$category_name_cn = $_POST['category_name_cn'];
$parent_cn = $_POST['parent_cn'];
$cid = $_POST['cid'];


if (($_SESSION['category_name'] != '$category_name')&&($_SESSION['parent'] != '$parent')){

//parent category verification english
$sql_parent_check = mysql_query("SELECT category_name FROM engsoon_categories WHERE parent = '0' AND category_name='$category_name'");
  $parent_check = mysql_num_rows($sql_parent_check);
	if($parent_check > 0){
		echo '<script language=javascript> alert("parent category already exist!");top.location = "categorymngr.php?id=3&cid='.$cid.'";</script>';
		unset($parent);
		exit();
	} 	 

//subcategory verification english
$sql_subcat_check = mysql_query("SELECT category_name FROM engsoon_categories WHERE parent = '$parent' AND category_name='$category_name'");
  $subcat_check = mysql_num_rows($sql_subcat_check);
	if($subcat_check > 0){
		echo '<script language=javascript> alert("subcategory item for this parent category already exist!");top.location = "categorymngr.php?id=3&cid='.$cid.'";</script>';
		unset($category_name);
		exit();
	} 	 
}


if (($_SESSION['category_name_cn'] != '$category_name_cn')&&($_SESSION['parent_cn'] != '$parent_cn')){

//parent category verification chinese
$sql_parent_check = mysql_query("SELECT category_name_cn FROM engsoon_categories WHERE parent_cn = '0' AND category_name_cn='$category_name_cn'");
  $parent_check = mysql_num_rows($sql_parent_check);
	if($parent_check > 0){
		echo '<script language=javascript> alert("chinese parent category already exist!");top.location = "categorymngr.php?id=3&cid='.$cid.'";</script>';
		unset($parent_cn);
		exit();
	} 	 

//subcategory verification chinese
$sql_subcat_check = mysql_query("SELECT category_name_cn FROM engsoon_categories WHERE parent_cn = '$parent_cn' AND category_name_cn='$category_name_cn'");
  $subcat_check = mysql_num_rows($sql_subcat_check);
	if($subcat_check > 0){
		echo '<script language=javascript> alert("chinese subcategory item for this parent category already exist!");top.location = "categorymngr.php?id=3&cid='.$cid.'";</script>';
		unset($category_name_cn);
		exit();
	} 	 
}

$category_name = stripslashes($category_name);
$parent = stripslashes($parent);
$category_name_cn = stripslashes($category_name_cn);
$parent_cn = stripslashes($parent_cn);


$sql="UPDATE engsoon_categories SET category_name ='$category_name', parent='$parent', category_name_cn='$category_name_cn', parent_cn='$parent_cn' WHERE cid='$cid'";
	mysql_query($sql) or die("error:".mysql_error());

   echo '<script language=javascript> alert("category item has been updated!");top.location = "categorymngr.php?id=2";</script>';
}
}else{
echo "<font face=\"Arial\">You are not authorized to access this page ... Please <a href='../index.php'>Login</a></font>";
}
?>

hope you could help me fix this

thanks!

hackerkts · September 18, 2007

I too long never use mysql_fetch_array, but take a look at this,

$row = mysql_fetch_array( $query );

$category_name = $row["category_name"];
$parent = $row["parent"];
$category_name_cn = $row["category_name_cn"];
$parent_cn = $row["parent_cn"];
$cid = $row["cid"];

I don't think it's like this to declare your database columns, try replacing it to mysql_fetch_assoc.

chocopi · September 18, 2007

You should not use ' around your variables in you if's

EG

Change

if (($_SESSION['category_name'] != '$category_name')&&($_SESSION['parent'] != '$parent')){

To

if (($_SESSION['category_name'] != $category_name)&&($_SESSION['parent'] != $parent)){

And do the same to the others,

EDIT: If you keep the variables within the ' then it will be taken as a literal string meaning it will check is matches $parent instead of the value of $parent.

~ Chocopi

pixeltrace · September 19, 2007

hi,

thanks for the reply.

i made another solution, its working for

$sql_parent_check only but not for $sql_subcat_check

below is my current code

<?
session_start();

if (session_is_registered("username")){
$username = $_SESSION['username'];
$cid = $_GET['cid'];

include 'db_connect.php';
$query = mysql_query("SELECT parent, category_name, cid FROM engsoon_categories WHERE cid= '$cid'") or die(mysql_error()); 
$row = mysql_fetch_array( $query );

$category_name = $row["category_name"];
$parent = $row["parent"];
$category_name_cn = $row["category_name_cn"];
//$parent_cn = $row["parent_cn"];
//$cid = $row["cid"];

?>

<table width="100" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td width="6" align="left"><img src="../images/spacer.gif" width="6" height="10" /></td>
            <td width="100%"><table width="216" border="0" cellspacing="0" cellpadding="0">
              <tr>
                <td colspan="3" valign="top" bgcolor="#3261BB"><img src="images/spacer.gif" width="1" height="1" /></td>
              </tr>
              <tr>
                <td align="left" bgcolor="#3261BB" width="1"><img src="images/spacer.gif" width="1" height="1" /></td>
                <td width="214" valign="top">
			<form name="fileup" method="post" enctype="multipart/form-data" action="<? echo $PHP_SELF; ?>">
			<table width="515" border="0" cellspacing="2" cellpadding="3">
                    <tr>
                      <td colspan="4" valign="top"><img src="images/spacer.gif" width="10" height="1" /></td>
                    </tr>
                    <tr>
                      <td colspan="4" bgcolor="#999999" class="text2">EDIT PRODUCT CATEGORY</td>
                    </tr>
                    <tr>
                      <td colspan="4" valign="top"><img src="images/spacer.gif" width="10" height="10" /></td>
                    </tr>
                    <tr>
                      <td width="148" align="right" valign="top" class="text6"><? if ($parent == '0'){ echo "parent category :"; }else{ echo "category name  :"; } ?> </td>
                      <td> </td>
                      <td width="332" colspan="2" class="text7"><input name="category_name" type="text" size="40" value="<? echo "$category_name"; ?>" class="textfield"></td>
                    </tr>
				<? if ($parent ==0) {echo "";}else { ?>
                   <tr>
                      <td align="right" valign="top" class="text6">parent category  : </td>
                      <td width="1"> </td>
                      <td colspan="2"><select name="parent" class="textfield">
                        <option value="">-- select parent category --</option>
					<? 	

                        $_SESSION['fu'] = $parent;

					$uSql = "SELECT category_name, cid FROM engsoon_categories WHERE parent =0";
					$uResult = mysql_query($uSql, $connection);
					if(!$uResult){
					echo 'no data found';
					}else{
					while($uRow = mysql_fetch_array($uResult)){
						?>
                        <option value="<?= $uRow[1]?>" <?php if(($uRow[1] == $_SESSION['fu']))print 'selected';?>>
                          <?= $uRow[0]?>
                        </option>
                        <?
			}   
			}
			?>
                      </select></td>
                    </tr>
                    <tr>
                      <td align="right" valign="top" class="text6"> </td>
                      <td width="1"> </td>
                      <td colspan="2" class="text7">* select a parent category only for sub category items </td>
                    </tr>
				<? } ?>
                      <tr>
                        <td> </td>
                        <td> </td>
                        <td colspan="2"><input type="submit" value="submit" name="submit">
					<input type="hidden" name="username" value="<? echo "$username"; ?>">
					<input type=hidden value=http://www. name=redirect>
					<input type="hidden" value="<? echo "$cid"; ?>" name="cid" />
					<input type="hidden" value="<? echo "$category_name"; ?>" name="cname" />
					<input type="hidden" value="<? echo "$parent"; ?>" name="p" />

					</td>
                      </tr>
                      <tr>
                        <td> </td>
                        <td> </td>
                        <td colspan="2"> </td>
                      </tr>
                </table>
			</form>
			</td>
                <td align="right" bgcolor="#3261BB" width="1"><img src="images/spacer.gif" width="1" height="1" /></td>
              </tr>
              <tr>
                <td colspan="3" valign="top" bgcolor="#3261BB"><img src="images/spacer.gif" width="1" height="1" /></td>
              </tr>
            </table></td>
            <td width="6" align="right"><img src="../images/spacer.gif" width="6" height="10" /></td>
          </tr>
        </table>
<? 
//see if we have submited and that the files array has been set
if(($_POST["submit"]=="submit")){

$category_name = $_POST['category_name'];
$parent = $_POST['parent'];
$cname = $_POST['cname'];
$p = $_POST['p'];
//$category_name_cn = $_POST['category_name_cn'];
//$parent_cn = $_POST['parent_cn'];
$cid = $_POST['cid'];


if (($cname != $category_name)&&($p != $parent)){

//parent category verification english
$sql_parent_check = mysql_query("SELECT category_name FROM engsoon_categories WHERE parent = 0 AND category_name='$category_name'");
  $parent_check = mysql_num_rows($sql_parent_check);
	if($parent_check > 0){
		echo '<script language=javascript> alert("parent category already exist!");top.location = "categorymngr.php?id=3&cid='.$cid.'";</script>';
		unset($parent);
		exit();
	} 	 

//subcategory verification english
$sql_subcat_check = mysql_query("SELECT category_name FROM engsoon_categories WHERE parent = '$parent' AND category_name='$category_name'");
  $subcat_check = mysql_num_rows($sql_subcat_check);
	if($subcat_check > 0){
		echo '<script language=javascript> alert("subcategory item for this parent category already exist!");top.location = "categorymngr.php?id=3&cid='.$cid.'";</script>';
		unset($parent);
		exit();
	} 	 
}

/*
if (($_SESSION['category_name_cn'] != '$category_name_cn')&&($_SESSION['parent_cn'] != '$parent_cn')){

//parent category verification chinese
$sql_parent_check = mysql_query("SELECT category_name_cn FROM engsoon_categories WHERE parent_cn = '0' AND category_name_cn='$category_name_cn'");
  $parent_check = mysql_num_rows($sql_parent_check);
	if($parent_check > 0){
		echo '<script language=javascript> alert("chinese parent category already exist!");top.location = "categorymngr.php?id=3&cid='.$cid.'";</script>';
		unset($parent_cn);
		exit();
	} 	 

//subcategory verification chinese
$sql_subcat_check = mysql_query("SELECT category_name_cn FROM engsoon_categories WHERE parent_cn = '$parent_cn' AND category_name_cn='$category_name_cn'");
  $subcat_check = mysql_num_rows($sql_subcat_check);
	if($subcat_check > 0){
		echo '<script language=javascript> alert("chinese subcategory item for this parent category already exist!");top.location = "categorymngr.php?id=3&cid='.$cid.'";</script>';
		unset($category_name_cn);
		exit();
	} 	 
}
*/
$category_name = stripslashes($category_name);
$parent = stripslashes($parent);
//$category_name_cn = stripslashes($category_name_cn);
//$parent_cn = stripslashes($parent_cn);


$sql="UPDATE engsoon_categories SET category_name ='$category_name', parent='$parent' WHERE cid='$cid'";
	mysql_query($sql) or die("error:".mysql_error());

   echo '<script language=javascript> alert("category item has been updated!");top.location = "categorymngr.php?id=2";</script>';
}
}else{
echo "<font face=\"Arial\">You are not authorized to access this page ... Please <a href='../index.php'>Login</a></font>";
}
?>

could you help me fix this? because what i wanted to happen is

if there is any change done from the text fields category_name and parent

the checking will compare the post value vs the original value

and will run the sql query to check if the category_name where parent = and category = to the post values are already existing.

is there something wrong with my condition?

hope you could help me fix this.

Thanks!

Sign In

need help in my edit form validation

Recommended Posts

pixeltrace

Link to comment

Share on other sites

hackerkts

Link to comment

Share on other sites

chocopi

Link to comment

Share on other sites

pixeltrace

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information