display then update sql database

[matthew_ellis24]

Hello, I have an html drop down list that I have populated from a sql database, a selection is made and the information on the selection retrieved from the database and output in text forms on another page. I want to be able to edit or add data and then update the database. Code for the second page is below. I have echo'd the post variable and it does make it through. From what I understand the post variable is being removed when I submit the second form and so it all fails. How can i sustain the variable from the first page? Code and error attached below - many thanks!

Matt

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /export/users/mbe/pages/carabus/update.php on line 8

 

<?php
include("config.php");
$species=@$_POST['sp'];
$query1="SELECT * FROM speciescomplete where species_id=$species";
$result1 = mysql_query ($query1);
echo $query1;
echo "<br>";
While ($row1 = mysql_fetch_array($result1)) {
echo $row1[species];
$dbauthor=$row1[author];
$dbdistribution = $row1[distribution];
$dbsize = $row1[size];
$dbhabitat = $row1[habitat];
}
echo "<p>";

echo '<form method="post" action="">';
echo 'author: <br><input type="text" name="author" value="';
echo $dbauthor;
echo '"><p>';

echo 'distribution: <br><input type="text" name="distribution" value="';
$dbdistribution;
echo '"><p>';

echo 'size: <br><input type="text" name="size" value="';
echo $dbsize;
echo '"><p>';

echo 'habitat: <br><textarea rows="5" cols="30" name="habitat">';
echo $dbhabitat;
echo '</textarea></form><p>';


echo '<INPUT TYPE="submit" VALUE="update"></form>';
$author=@$_POST['author'];
$distribution=@$_POST['distribution'];
$size=@$_POST['size'];
$habitat=@$_POST['habitat'];
$query2="UPDATE speciescomplete SET author='$author',distribution='$distribution', size='$size', habitat='$habitat' WHERE species_id=$species";
$result2 = mysql_query ($query2);
?>

[michaellunsford]

well, you can see why mysql doesn't like your query by echoing mysql_error();

 

you should also protect your query with mysql_real_escape_string() and put everything in the appropriate quotes.

 

<?php
$species=mysql_real_escape_string($_POST['sp']);
$query1="SELECT * FROM `speciescomplete` WHERE `species_id`='".$species."'";
$result1 = mysql_query ($query1);
if(mysql_error()) echo mysql_error()."<br /><br />\r\n\r\n".$query1;
?>

 

moving $_POST variables isn't really possible, as far as I know. You'll probably have to create <input type="hidden"> field and populate them with the data you want to move over.

[thefortrees]

Remove @ from before all of your $_POST variables. @ denotes silent mode - it tells functions to not return any message on failure.

 

Try this for $query1

$query1 = "SELECT * FROM speciescomplete WHERE species_id = '$species'";

 

The error you are getting is telling you that the result from your query is not a valid result, meaning your query is incorrect.

 

You do not have a script set in the form action to run.

 

You need this below echo "<p>";

 

echo '<form method="post" action="form_handler.php">';

form_handler.php is the filename of the script you need to process this form.

 

Next, take the bottom portion of your code and put it into a separate file.

I will call it form_handler.php.

 

$author = $_POST['author'];
$distribution = $_POST['distribution'];
$size = $_POST['size'];
$habitat = $_POST['habitat'];
$query2= "UPDATE speciescomplete SET author='$author',distribution='$distribution', size='$size', habitat='$habitat' WHERE species_id=$species";
$result2 = mysql_query ($query2);

 

[matthew_ellis24]

many thanks - I had hoped I'd be able to do it without needing a third page, but this will work just as well. Cheers