giraffemedia Posted March 11, 2008 Share Posted March 11, 2008 What is the best way to structure a page that will pull data from a mysql record via an id number and then update that record if the user changes any information. Would it be better to have all the form fields populated from a mysql query , then set the action of that form to a processing script, or to have the form send the info to itself and have the process script built into the same page? If the latter is the case, where would the process script need to be placed on the page? After the form, before it? Regards James Quote Link to comment Share on other sites More sharing options...
skidz Posted March 11, 2008 Share Posted March 11, 2008 hi giraffemedia... i like to use the following structure for update forms: <?php $id = $_GET['id'] + 0; switch($_GET[action]){ $query = "SELECT * FROM `wherever` WHERE `id`='$id'"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_assoc($result); echo "<form action=\"?action=process\" method=\"post\">"; echo "<input type=\"text\" name=\"whatever\" value=\"".$row['whatever']."\" />"; break; case 'process': $whatever = mysql_real_escape_string($_POST['whatever']); $query = "bla bla bla"; break; } ?> Quote Link to comment Share on other sites More sharing options...
redarrow Posted March 11, 2008 Share Posted March 11, 2008 Not tested but the correct way mate........ <?php session_start(); //id is in a session i hope...... // database connection.... $db=mysql_connect("localhost","username","password"); mysql_select_db("database_name",$db); //make sure session exist from login.. if(($_SESSION['username']) || ($_SESSION['password'])){ // select the database table via users id from login session. $sql="SELECT * FROM database_table WHERE id='".$_SESSION['id']."'"; $result=mysql_query($sql)or die(mysql_error()); // loop throw the table getting that users info only.... while($x=mysql_fetch_assoc($result)){ // php self means post to the current page but when using echo need //to set the $_SERVER['PHP_SELF'] to a varable.... // set php_self varable $self=$_SERVER['PHP_SELF']; // popualate a form echo"<form method='POST' action='$self?update=updated'> your mates name is <p></p> <input type='text' name='mates_name' value='".$x['mates_name']."'> <p></p> <input type='submit' name='submit' value='Update'> </form>"; // if the form is submitted and is set to submit. if(isset($_POST['submit'])){ // if $_GET == update from url then go ahead. if($_GET['update']=='update'){ // where posting the form varable mates_name also // protecting the database using a mysql function called mysql_real_escape_string(). $mates_name=mysql_real_escape_stsring($_POST['mates_name']); //update the database set the databse table name where the id of session id $sql1="UPDATE database_table set mates_name='$mates_name' WHERE id='".$_SESSION['id']."'"; $result2=mysql_query($sql1)or die(mysql_error()); // if the databse was affected then echo the message.... if(mysql_affected_rows($result2)){ // echo message echo" Database updated thank you!"; } } } } }else{ // if the user has no session goto register page.php header('location: register.php'); } ?> regards redarrow enjoy php the safe way! Quote Link to comment Share on other sites More sharing options...
redarrow Posted March 11, 2008 Share Posted March 11, 2008 sorry rewritten forgot the upated lol <?php session_start(); //id is in a session i hope...... // database connection.... $db=mysql_connect("localhost","username","password"); mysql_select_db("database_name",$db); //make sure session exist from login.. if(($_SESSION['username']) || ($_SESSION['password'])){ // select the database table via users id from login session. $sql="SELECT * FROM database_table WHERE id='".$_SESSION['id']."'"; $result=mysql_query($sql)or die(mysql_error()); // loop throw the table getting that users info only.... while($x=mysql_fetch_assoc($result)){ // php self means post to the current page but when using echo need //to set the $_SERVER['PHP_SELF'] to a varable.... // set php_self varable $self=$_SERVER['PHP_SELF']; // popualate a form echo"<form method='POST' action='$self?update=updated'> your mates name is <p></p> <input type='text' name='mates_name' value='".$x['mates_name']."'> <p></p> <input type='submit' name='submit' value='Update'> </form>"; // if the form is submitted and is set to submit. if(isset($_POST['submit'])){ // if $_GET == updated from url then go ahead. if($_GET['update']=='updated'){ // where posting the form varable mates_name also // protecting the database using a mysql function called mysql_real_escape_string(). $mates_name=mysql_real_escape_stsring($_POST['mates_name']); //update the database set the databse table name where the id of session id $sql1="UPDATE database_table set mates_name='$mates_name' WHERE id='".$_SESSION['id']."'"; $result2=mysql_query($sql1)or die(mysql_error()); // if the databse was affected then echo the message.... if(mysql_affected_rows($result2)){ // echo message echo" Database updated thank you!"; } } } } }else{ // if the user has no session goto register page.php header('location: register.php'); } ?> regards redarrow always program the safe way........ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.