taz321 Posted March 11, 2008 Share Posted March 11, 2008 Hi i was wondering if anyone has an answer to my proble, i have been up all night trying ti figure it out. Basically a user would fill in an blank form (contains error messages if they have missed out an field) and then submit it to be saved to the database. But if the user then wanted to update the information, they can do, but if a field is left blank when doing this the error messaging does not work, and im not sure why. This is the form checking code. - The ID of the form is called FormID Any help would be appreciated Thanks <?php require "connect.php"; $formID = $_GET['formID']; $issuetitle = $_GET['issuetitle']; $datesubmitted = $_GET['datesubmitted']; $timesubmitted = $_GET['timesubmitted']; $systemaffected = $_GET['systemaffected']; $prioritylevel = $_GET['prioritylevel']; $issuedetails = $_GET['issuedetails']; $supportcomments = $_GET['supportcomments']; $clientFname = $_GET['clientFname']; $clientSurname = $_GET['clientSurname']; $teamname = $_GET['teamname']; $clientID = $_GET['clientID']; $status = $_GET['status']; $dateactioned = $_GET['dateactioned']; $timeactioned = $_GET['timeactioned']; $analystFname = $_GET['analystFname']; $analystSname = $_GET['analystSname']; if($prioritylevel == "Please Select") { $message1 = "Please select the issue topic"; header("Location: analystformedit.php?message1=$message1"); exit(); } else if($status == "Please Select") { $message2 = "Please enter the system affected"; header("Location: analystformedit.php?message2=$message2"); exit(); } else if($supportcomments == "") { $message3 = "Please enter details of the problem"; header("Location: analystformedit.php?message3=$message3"); exit(); } $query = "update form set issuetitle ='".$issuetitle."', datesubmitted ='".$datesubmitted."', timesubmitted ='".$timesubmitted."', systemaffected ='". $systemaffected."', prioritylevel ='".$prioritylevel."', issuedetails ='".$issuedetails."', supportcomments ='".$supportcomments."', clientFname ='".$clientFname."', clientSurname ='".$clientSurname."', teamname ='".$teamname."', clientID ='".$clientID."', status ='".$status."', dateactioned = '".$dateactioned."', timeactioned = '". $timeactioned."', analystFname = '".$analystFname."', analystSname = '".$analystSname."' where formID =".$formID; $result = mysql_query($query, $connection) or die ("Unable to perform query<br>$query"); header("Location: enquiryscreen.php?var=formID"); exit(); } ?> Quote Link to comment Share on other sites More sharing options...
discomatt Posted March 11, 2008 Share Posted March 11, 2008 $query = "update form set issuetitle ='".$issuetitle."', datesubmitted ='".$datesubmitted."', timesubmitted ='".$timesubmitted."', systemaffected ='". Might be an issue. Quote Link to comment Share on other sites More sharing options...
taz321 Posted March 11, 2008 Author Share Posted March 11, 2008 I dont see any problem with that particular code as it updates the form which works perfectly. But the error messaging doesn't work if a field is left blank. Quote Link to comment Share on other sites More sharing options...
redarrow Posted March 11, 2008 Share Posted March 11, 2008 <?php require "connect.php"; $formID = $_GET['formID']; $issuetitle = $_GET['issuetitle']; $datesubmitted = $_GET['datesubmitted']; $timesubmitted = $_GET['timesubmitted']; $systemaffected = $_GET['systemaffected']; $prioritylevel = $_GET['prioritylevel']; $issuedetails = $_GET['issuedetails']; $supportcomments = $_GET['supportcomments']; $clientFname = $_GET['clientFname']; $clientSurname = $_GET['clientSurname']; $teamname = $_GET['teamname']; $clientID = $_GET['clientID']; $status = $_GET['status']; $dateactioned = $_GET['dateactioned']; $timeactioned = $_GET['timeactioned']; $analystFname = $_GET['analystFname']; $analystSname = $_GET['analystSname']; if($prioritylevel == "Please Select") { $message1 = "Please select the issue topic"; header("Location: analystformedit.php?message1=$message1"); exit(); } else if($status == "Please Select") { $message2 = "Please enter the system affected"; header("Location: analystformedit.php?message2=$message2"); exit(); } else if($supportcomments == "") { $message3 = "Please enter details of the problem"; header("Location: analystformedit.php?message3=$message3"); exit(); } $query = "update form set issuetitle ='$issuetitle', datesubmitted ='$datesubmitted', timesubmitted ='$timesubmitted', systemaffected=' $systemaffected', prioritylevel ='$prioritylevel', issuedetails ='$issuedetails ', supportcomments ='$supportcomments', clientFname ='.$clientFname', clientSurname =' $clientSurname', teamname ='$teamname', clientID ='$clientID ', status ='$status', dateactioned = '$dateactioned', timeactioned = '$timeactioned' , analystFname = '$analystFname', analystSname = '$analystSname' where formID ='$formID'"; $result = mysql_query($query, $connection) or die ("Unable to perform query<br>$query"); header("Location: enquiryscreen.php?var=formID"); exit(); ?> Quote Link to comment Share on other sites More sharing options...
taz321 Posted March 11, 2008 Author Share Posted March 11, 2008 Im afraid that hasnt worked. Let me see if i can give an more detailed approach - 1) A user fills in a form - This is saved in the form table with the ID being FormID - The name of the php page that displays this is called enquiryscreen.php 2) A user then goes to the enquiryscreen.php and opens up the form which the user has filled in with all the fields already filled in using sessions -This screen is called analystformedit.php 3) The analystformedit.php screen only exists if when the user wants to see the form filled in by the user in part1. 4) I feel the reason why the error message isnt working is because of this code e.g - if($prioritylevel == "Please Select") { $message1 = "Please select the issue topic"; header("Location: analystformedit.php?message1=$message1"); exit(); } I hope this helps Thanks Quote Link to comment Share on other sites More sharing options...
taz321 Posted March 11, 2008 Author Share Posted March 11, 2008 Sorry and to add, in particular this line - header("Location: analystformedit.php?message3=$message3"); Thanks Quote Link to comment Share on other sites More sharing options...
redarrow Posted March 11, 2008 Share Posted March 11, 2008 try that if's only........... <?php require "connect.php"; $formID = $_GET['formID']; $issuetitle = $_GET['issuetitle']; $datesubmitted = $_GET['datesubmitted']; $timesubmitted = $_GET['timesubmitted']; $systemaffected = $_GET['systemaffected']; $prioritylevel = $_GET['prioritylevel']; $issuedetails = $_GET['issuedetails']; $supportcomments = $_GET['supportcomments']; $clientFname = $_GET['clientFname']; $clientSurname = $_GET['clientSurname']; $teamname = $_GET['teamname']; $clientID = $_GET['clientID']; $status = $_GET['status']; $dateactioned = $_GET['dateactioned']; $timeactioned = $_GET['timeactioned']; $analystFname = $_GET['analystFname']; $analystSname = $_GET['analystSname']; if($prioritylevel == "Please Select") { $message1 = "Please select the issue topic"; header("Location: analystformedit.php?message1=$message1"); exit(); } if($status == "Please Select"){ $message2 = "Please enter the system affected"; header("Location: analystformedit.php?message2=$message2"); exit(); } if($supportcomments == "") { $message3 = "Please enter details of the problem"; header("Location: analystformedit.php?message3=$message3"); exit(); } $query = "update form set issuetitle ='$issuetitle', datesubmitted ='$datesubmitted', timesubmitted ='$timesubmitted', systemaffected=' $systemaffected', prioritylevel ='$prioritylevel', issuedetails ='$issuedetails ', supportcomments ='$supportcomments', clientFname ='.$clientFname', clientSurname =' $clientSurname', teamname ='$teamname', clientID ='$clientID ', status ='$status', dateactioned = '$dateactioned', timeactioned = '$timeactioned' , analystFname = '$analystFname', analystSname = '$analystSname' where formID ='$formID'"; $result = mysql_query($query, $connection) or die ("Unable to perform query<br>$query"); header("Location: enquiryscreen.php?var=formID"); exit(); ?> Quote Link to comment Share on other sites More sharing options...
taz321 Posted March 11, 2008 Author Share Posted March 11, 2008 Thanks for your help, i think its working now, but will validate it later as have some more burning questions to ask Thanks Quote Link to comment Share on other sites More sharing options...
deadonarrival Posted March 11, 2008 Share Posted March 11, 2008 PLEASE! use some more validation on user input. You're leaving yourself wide open to sql injection attacks. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.