DarkPrince2005 Posted March 11, 2008 Share Posted March 11, 2008 I have 2 pages, the one fetches all the data from the database for editing and the second is suppose to save but it doesn't 1st page <?phpmysql_connect("localhost","root",""); mysql_select_db("db"); $sql=mysql_query("select * from clientinfo where clientid like '$_POST[clientid]' and surname like '$_POST[surname]' and firstname like '$_POST[firstname]'"); while ($row = mysql_fetch_array($sql)) { echo "<html> <head> <title></title> <style> .scrollable { width: 100%; height: 500px; overflow: auto; background-repeat:no-repeat; } td{background-repeat: no-repeat; } </style> </head> <body topmargin='0' bottommargin='0' rightmargin='0' leftmargin='0' bgcolor='#FFFFFF'> <center><table cellspacing='0' cellpadding='0' border='0' height='100%'> <tr> <td width='1024' height='75' background='top.jpg' colspan='2'> </td> </tr> <tr> <td width='1024' height='20' background='top1.jpg' colspan='2' align='right' valign='center'><font size='3'>Currently logged in as <b>$_SESSION[usernam]</b> | <a href='logout.php'><font color='#343635'><b>Logout<b></font></a> </td> </tr> <tr> <td width='1024' height='13' background='top2.jpg' colspan='2'> </td> </tr> <tr> <td width='168' background='nav.jpg'> </td> <td width='856' background='main.jpg' align='center' valign='top'><br><div class='scrollable'> <form method='post' action='edit3.php'> <table> <tr> <td> </td> <td><b>Client ID:</b></td> <td> </td> <td colspan='6'><input type='hidden' size='10' name='client_id'>$row[clientid]</td> </tr> <tr> <td colspan='9'> </td> </tr> <tr> <td colspan='9' bgcolor='#BEC4C2'><font color='#FFFFFF'><b> Personal Details</b></font></td> </tr> <tr> <td> </td> <td><b>Title:</b></td> <td> </td> <td><input type='text' name='title' value='$row[title]' size='10'></td> <td> </td> <td> </td> <td><b>Telephone Number(H):</b></td> <td> </td> <td><input type='text' name='telhome' value='$row[homephone]' size='10'></td> </tr> <tr> <td> </td> <td><b>Surname:</b></td> <td> </td> <td><input type='text' name='surname' size='25' value='$row[surname]'></td> <td> </td> <td> </td> <td><b>Telephone Number(W):</b></td> <td> </td> <td><input type='text' name='telw' size='10' value='$row[workphone]'></td> </tr> <tr> <td> </td> <td><b>Firstname:</b></td> <td> </td> <td><input type='text' name='firstname' size='25' value='$row[firstname]'></td> <td> </td> <td> </td> <td><b>Cellphone:</b></td> <td> </td> <td><input type='text' name='cell' size='10' value='$row[cell]'></td> </tr> <tr> <td> </td> <td><b>Initials:</b></td> <td> </td> <td><input type='text' name='initials' size='10' value='$row[initials]'></td> <td> </td> <td> </td> <td><b>Fax:</b></td> <td> </td> <td><input type='text' name='fax' size='10' value='$row[fax]'></td> </tr> <tr> <td> </td> <td><b>Maiden Name:</b></td> <td> </td> <td><input type='text' name='maiden_name' size='25' value='$row[maidenname]'></td> <td> </td> <td> </td> <td><b>Email:</b></td> <td> </td> <td><input type='text' name='email' size='25' value='$row[email]'></td> </tr> <tr> <td> </td> <td><b>Preffered Name:</b></td> <td> </td> <td><input type='text' name='prefname' size='25' value='$row[prefname]'></td> <td> </td> <td> </td> <td valign='top'><b>Work Address:</b></td> <td> </td> <td rowspan='2'><textarea cols='25' rows='3' name='work_address'>$row[workaddress]</textarea></td> </tr> <tr> <td> </td> <td><b>ID Number:</b></td> <td> </td> <td><input type='text' name='id_number' size='25' value='$row[idno]'></td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td><b>Gender:</b></td> <td> </td> <td><input type='text' name='gender' size='25' value='$row[gender]'></td> <td> </td> <td> </td> <td valign='top'><b>Residential Address:</b></td> <td> </td> <td rowspan='2'><textarea cols='25' rows='3' name='residential_address'>$row[resaddress]</textarea></td> </tr> <tr> <td> </td> <td><b>Language:</b></td> <td> </td> <td><input type='text' name='language' size='25' value='$row[language]'></td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td><b>Date Of Birth:</b></td> <td> </td> <td><input type='text' name='date_of_birth' size='25' value='$row[dateofbirth]'></td> <td> </td> <td> </td> <td valign='top'><b>Postal Address:</b></td> <td> </td> <td rowspan='2'><textarea cols='25' rows='3' name='postal_address'>$row[postaladdress]</textarea></td> </tr> <tr> <td> </td> <td><b>Marital Status:</b></td> <td> </td> <td><input type='text' name='marital_status' size='25' value='$row[maritalstatus]'></td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td> </td> <td><b>Race:</b></td> <td> </td> <td><input type='text' name='race' size='25' value='$row[race]'></td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td colspan='9'> </td> </tr> <tr> <td colspan='9' bgcolor='#BEC4C2'><font color='#FFFFFF'><b> Program Details</b></font></td> </tr> <tr> <td> </td> <td><b>Program:</b></td> <td> </td> <td><input type='text' name='programme' size='25' value='$row[trainingprogramme]'></td> <td> </td> <td> </td> <td><b>Credits:</b></td> <td> </td> <td><input type='text' name='credits' size='10' value='$row[credits]'></td> </tr> <tr> <td> </td> <td><b>Unit Standard:</b></td> <td> </td> <td><input type='text' name='unit_standard' size='25' value='$row[unitstandard]'></td> <td> </td> <td> </td> <td><b>Date Attended:</b></td> <td> </td> <td><input type='text' name='date_attended' size='10' value='$row[dateattended]'></td> </tr> <tr> <td> </td> <td><b>Training Standard:</b></td> <td> </td> <td><input type='text' name='training_standard' size='25' value='$row[trainingtitle]'></td> <td> </td> <td> </td> <td><b>Portfolio:</b></td> <td> </td> <td><input type='text' name='portfolio' size='10' value='$row[portfolio]'></td> </tr> <tr> <td> </td> <td><b>NQF Level:</b></td> <td> </td> <td><input type='text' name='nqf_level' size='10' value='$row[nqflevel]'></td> <td> </td> <td> </td> <td><b>Notes:</b></td> <td> </td> <td rowspan='2'><textarea cols='25' rows='3' name='notes'>$row[notes]</textarea></td> </tr> <tr> <td colspan='9'> </td> </tr> <tr> <td colspan='9' align='center'><input type='image' src='update.gif' value='Submit' alt='Submit'></td> </tr> <tr> <td colspan='9'> </td> </tr> </table></form></div> </td> </tr> </table>";}; ?> 2nd page <?php ini_set('display_errors','On'); error_reporting(E_ALL); mysql_connect("localhost","root",""); mysql_select_db("db"); mysql_query("Update clientinfo set title=\"$_POST[title]\",surname=\"$_POST[surname]\",firstname=\"$_POST[firstname]\",initials=\"$_POST[initials]\",maidenname=\"$_POST[maiden_name]\",prefname=\"$_POST[prefname]\",idno=\"$_POST[id_number]\",gender=\"$_POST[gender]\",language=\"$_POST[language]\",dateofbirth=\"$_POST[date_of_birth]\",maritalstatus=\"$_POST[marital_status]\",race=\"$_POST[race]\",homephone=\"$_POST[telhome]\",workphone=\"$_POST[telw]\",cell=\"$_POST[cell]\",fax=\"$_POST[fax]\",email=\"$_POST[email]\",workaddress=\"$_POST[work_address]\",resaddress=\"$_POST[residential_address]\",postaladdress=\"$_POST[postal_address]\",trainingprogramme=\"$_POST[programme]\",unitstandard=\"$_POST[unit_standard]\",trainingtitle=\"$_POST[training_standard]\",nqflevel=\"$_POST[nqf_level]\",credits=\"$_POST[credits]\",dateattended=\"$_POST[date_attended]\",portfolio=\"$_POST[portfolio]\",notes=\"$_POST[notes]\" where clientid like \"$_POST[client_id]\""); echo "<script language=JavaScript>window.location='edit.php'</script>"; ?> wy won't it save? Quote Link to comment Share on other sites More sharing options...
soycharliente Posted March 11, 2008 Share Posted March 11, 2008 I see some syntax errors. The correct format is: UPDATE `table` SET `field`='value' You don't have any single quotes around your $_POST variables. Also, you need a quote inside the brackets when grabbing each specific $_POST value. Now since you have to use a single quote to pass in a string that is written to the database and you also need a quote inside the bracket, that could be messed up. that's why I used { below. Using {} will just evaluate whatever is inside and you pretty much dont' need to worry about ending quotes by accident. mysql_query("UPDATE `clientinfo` SET `title`='{$_POST['title']}', `surname`='{$_POST['surname']}', `firstname`='{$_POST['firstname']}', `initials`='{$_POST['initials']}', `maidenname`='{$_POST['maiden_name']}', `prefname`='{$_POST['prefname']}', `idno`='{$_POST['id_number']}', `gender`='{$_POST['gender']}', `language`='{$_POST['language']}', `dateofbirth`='{$_POST['date_of_birth']}', `maritalstatus`='{$_POST['marital_status']}', `race`='{$_POST['race']}', `homephone`='{$_POST['telhome']}', `workphone`='{$_POST['telw']}', `cell`='{$_POST['cell']}', `fax`='{$_POST['fax']}', `email`='{$_POST['email']}', `workaddress`='{$_POST['work_address']}', `resaddress`='{$_POST['residential_address']}', `postaladdress`='{$_POST['postal_address']}', `trainingprogramme`='{$_POST['programme']}', `unitstandard`='{$_POST['unit_standard']}', `trainingtitle`='{$_POST['training_standard']}', `nqflevel`='{$_POST['nqf_level']}', `credits`='{$_POST['credits']}', `dateattended`='{$_POST['date_attended']}', `portfolio`='{$_POST['portfolio']}', `notes`='{$_POST['notes']}' WHERE `clientid` LIKE '%{$_POST['client_id']}%'"); Does that work? Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted March 11, 2008 Author Share Posted March 11, 2008 Nope Quote Link to comment Share on other sites More sharing options...
soycharliente Posted March 11, 2008 Share Posted March 11, 2008 I had some syntax erros myself. I fixed it. You may have gotten it before I fixed it. If it still doesn't work... try echoing the query to see exactly what it's passing in. Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted March 11, 2008 Author Share Posted March 11, 2008 still not working Quote Link to comment Share on other sites More sharing options...
CMC Posted March 11, 2008 Share Posted March 11, 2008 add or die(mysql_error()); at the end of your query. it will tell you what's wrong. mysql_query("UPDATE `clientinfo` SET `title`='{$_POST['title']}', `surname`='{$_POST['surname']}', `firstname`='{$_POST['firstname']}', `initials`='{$_POST['initials']}', `maidenname`='{$_POST['maiden_name']}', `prefname`='{$_POST['prefname']}', `idno`='{$_POST['id_number']}', `gender`='{$_POST['gender']}', `language`='{$_POST['language']}', `dateofbirth`='{$_POST['date_of_birth']}', `maritalstatus`='{$_POST['marital_status']}', `race`='{$_POST['race']}', `homephone`='{$_POST['telhome']}', `workphone`='{$_POST['telw']}', `cell`='{$_POST['cell']}', `fax`='{$_POST['fax']}', `email`='{$_POST['email']}', `workaddress`='{$_POST['work_address']}', `resaddress`='{$_POST['residential_address']}', `postaladdress`='{$_POST['postal_address']}', `trainingprogramme`='{$_POST['programme']}', `unitstandard`='{$_POST['unit_standard']}', `trainingtitle`='{$_POST['training_standard']}', `nqflevel`='{$_POST['nqf_level']}', `credits`='{$_POST['credits']}', `dateattended`='{$_POST['date_attended']}', `portfolio`='{$_POST['portfolio']}', `notes`='{$_POST['notes']}' WHERE `clientid` LIKE '%{$_POST['client_id']}%'") or die(mysql_error()); Quote Link to comment Share on other sites More sharing options...
soycharliente Posted March 11, 2008 Share Posted March 11, 2008 So try echoing the query. Maybe you'll see something. Try echoing the $_POST array as well. Also, just coming back with yes or no doesn't help much. showing what you typed in, or the new code, etc might help other people passing by. Quote Link to comment Share on other sites More sharing options...
soycharliente Posted March 11, 2008 Share Posted March 11, 2008 add or die(mysql_error()); at the end of your query. it will tell you what's wrong. mysql_query("Update clientinfo set title=\"$_POST[title]\",surname=\"$_POST[surname]\",firstname=\"$_POST[firstname]\",initials=\"$_POST[initials]\",maidenname=\"$_POST[maiden_name]\",prefname=\"$_POST[prefname]\",idno=\"$_POST[id_number]\",gender=\"$_POST[gender]\",language=\"$_POST[language]\",dateofbirth=\"$_POST[date_of_birth]\",maritalstatus=\"$_POST[marital_status]\",race=\"$_POST[race]\",homephone=\"$_POST[telhome]\",workphone=\"$_POST[telw]\",cell=\"$_POST[cell]\",fax=\"$_POST[fax]\",email=\"$_POST[email]\",workaddress=\"$_POST[work_address]\",resaddress=\"$_POST[residential_address]\",postaladdress=\"$_POST[postal_address]\",trainingprogramme=\"$_POST[programme]\",unitstandard=\"$_POST[unit_standard]\",trainingtitle=\"$_POST[training_standard]\",nqflevel=\"$_POST[nqf_level]\",credits=\"$_POST[credits]\",dateattended=\"$_POST[date_attended]\",portfolio=\"$_POST[portfolio]\",notes=\"$_POST[notes]\" where clientid like \"$_POST[client_id]\""); I think that code has syntax errors. So adding it to that code might not be as good as adding it to the code I posted. Just my $0.02 on that. Quote Link to comment Share on other sites More sharing options...
CMC Posted March 11, 2008 Share Posted March 11, 2008 yahh I realized that and went back and edited it Quote Link to comment Share on other sites More sharing options...
soycharliente Posted March 11, 2008 Share Posted March 11, 2008 What happened to the message that let's you know that someone posted a reply during the time that it toook you to write yours. That was clutch. this is like the 5th time today that I've said soemthing that was already said while I typed and it looked like I was just posting the same thing. Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted March 11, 2008 Author Share Posted March 11, 2008 Ok this is what i've got and it is still not working <?php ini_set('display_errors','On'); error_reporting(E_ALL); mysql_connect("localhost","root",""); mysql_select_db("db"); $sql=mysql_query("UPDATE `clientinfo` SET `title`='{$_POST['title']}', `surname`='{$_POST['surname']}', `firstname`='{$_POST['firstname']}', `initials`='{$_POST['initials']}', `maidenname`='{$_POST['maiden_name']}', `prefname`='{$_POST['prefname']}', `idno`='{$_POST['id_number']}', `gender`='{$_POST['gender']}', `language`='{$_POST['language']}', `dateofbirth`='{$_POST['date_of_birth']}', `maritalstatus`='{$_POST['marital_status']}', `race`='{$_POST['race']}', `homephone`='{$_POST['telhome']}', `workphone`='{$_POST['telw']}', `cell`='{$_POST['cell']}', `fax`='{$_POST['fax']}', `email`='{$_POST['email']}', `workaddress`='{$_POST['work_address']}', `resaddress`='{$_POST['residential_address']}', `postaladdress`='{$_POST['postal_address']}', `trainingprogramme`='{$_POST['programme']}', `unitstandard`='{$_POST['unit_standard']}', `trainingtitle`='{$_POST['training_standard']}', `nqflevel`='{$_POST['nqf_level']}', `credits`='{$_POST['credits']}', `dateattended`='{$_POST['date_attended']}', `portfolio`='{$_POST['portfolio']}', `notes`='{$_POST['notes']}' WHERE `clientid` LIKE '{$_POST['client_id']}'"); if(!$sql) { echo mysql_error();} else {echo "<script language=JavaScript>window.location='edit.php'</script>";}; ?> Quote Link to comment Share on other sites More sharing options...
soycharliente Posted March 11, 2008 Share Posted March 11, 2008 What is happening when you try and submit? Error? No error? Just blank page? Did you add the OR DIE statement suggested below? Side note: Do you need %s around the string when using LIKE? Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted March 11, 2008 Author Share Posted March 11, 2008 don't need the %'s, and it just forwards to the specified page without executing the query Quote Link to comment Share on other sites More sharing options...
trq Posted March 11, 2008 Share Posted March 11, 2008 Firstly, that code is crying out to be exploited. All those posted variables need to be varified and run through mysql_real_escape_string at the very least. Next, what makes you believe its not working? If $sql is true your query was successfull and the page redirects. Ever think to check mysql_affected_rows to see if any records where updated? Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted March 11, 2008 Author Share Posted March 11, 2008 I've checked the mysql dattabase itself Quote Link to comment Share on other sites More sharing options...
trq Posted March 11, 2008 Share Posted March 11, 2008 Did you read this? Ever think to check mysql_affected_rows to see if any records where updated? Your query seems to succeed, doesn't mean it updated anything. Maybe it never found a match. Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted March 11, 2008 Author Share Posted March 11, 2008 Here is what i tried, but it's still not working <?php ini_set('display_errors','On'); error_reporting(E_ALL); $link=mysql_connect("localhost","root",""); mysql_select_db("db"); if(get_magic_quotes_gpc()) { $clientid=stripslashes($_POST['client_id']); $title=stripslashes($_POST['title']); $surname=stripslashes($_POST['surname']); } else { $clientid=$_POST['client_id']; $title=$_POST['title']; $surname=$_POST['surname']; } // Make a safe query $query = sprintf("UPDATE `clientinfo` SET `title`='{$_POST['title']}', `surname`='{$_POST['surname']}' WHERE `clientid` LIKE '{$_POST['client_id']}'", mysql_real_escape_string($clientid, $link), mysql_real_escape_string($title, $link), mysql_real_escape_string($surname, $link), $_POST['client_id']); mysql_query($query, $link); if (mysql_affected_rows($link) > 0) { echo "Product inserted\n"; } else { echo "Fill the form properly\n"; }?> Quote Link to comment Share on other sites More sharing options...
trq Posted March 11, 2008 Share Posted March 11, 2008 The results are? Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted March 11, 2008 Author Share Posted March 11, 2008 zero rows are affected Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted March 12, 2008 Author Share Posted March 12, 2008 I just can't understand, my original code worked with a previous webpage i've done Quote Link to comment Share on other sites More sharing options...
DarkPrince2005 Posted March 12, 2008 Author Share Posted March 12, 2008 Got it working, I forgot to give the hidden textbox on the firstpage the client_id value, sorry guys my bad Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.