Posts by Will Gresham

Above post edited, I missed the ; on the end on the mysql_fetch_row line which may be causing the problem

Your second page should look similar to this: I have highlighted the changes on bold text, also changed the form output details.

<?php
$record = $_POST['record'];
echo "Reference: $record<br><BR>";

$host = "localhost";
$user = "xxx";
$pass = "xxx";
$db = "phonebook";

//Connecting to MYSQL
MySQL_connect("$host","$user","$pass");

//Select the database we want to use
mysql_select_db($db) or die("Could not find database");

[B]// Check to see if the link from the previous page was clicked
if(isset($_REQUEST['id'])) {
  // Check that the id value in the URL is a number
  if(is_numeric($_REQUEST['id'])) {
    mysql_query("SELECT * FROM people WHERE id = `$id`") or die(mysql_error);
    if(mysql_num_rows > 0) {
      $row=mysql_fetch_row($result);
    } else {
      echo 'No Record';
    }
  }
}[/B]

// ***** This part will process when you Click on "Submit" button *****
// Check, if you clicked "Submit" button
if($_POST['Submit']){

// Get parameters from form.
$id=$_POST['id'];
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$phone_num=$_POST['phone_num'];
$ext=$_POST['ext'];
$title=$_POST['title'];
$dept=$_POST['dept'];

// Do update statement.
mysql_query("update phonebook set First Name='$fname', Last Name='$lname', Phone Number='$phone_num', Extension='$ext', Title='$title', Department='$dept' where id='$id'");

// Re-direct this page to select.php.
header("location:phoneupdate.php");
exit;
}
// ************* End update part *************

// *** Select data to show on text fields in form. ***

// Get id parameter (GET method) from select.php
$id=$_POST['id'];

// Get records in all columns from table where column id equal in $id and put it in $result.
$result=mysql_query("select * from people where id='$id'");

// Split records in $result by table rows and put them in $row.
$row=mysql_fetch_assoc($result);

// Close database connection.
mysql_close();
?>

<!-- END OF PHP CODES AND START …

If you make a single page (for example index.php) and include the language file depending on which language is wanted, this is a perfectly acceptable use of the define() function. as it will standardize the scripts.

If the register globals are set to off then you are going to have to use $_POST.

If register globals is on, turn it off, this is possibly the worst function ever, it encourages slack programming and security problems.

On the phoneupdate1.php page, update it to something similar to the following:

//Connecting to MYSQL
MySQL_connect("$host","$user","$pass");

//Select the database we want to use
mysql_select_db($db) or die("Could not find database");

// Check to see if the link from the previous page was clicked
if(isset($_REQUEST['id'])) {
  // Check that the id value in the URL is a number
  if(is_numeric($_REQUEST['id'])) {
    mysql_query("SELECT * FROM people WHERE id = `$id`") or die(mysql_error);
    if(mysql_num_rows > 0) {
      // add the SQL data to an array using mysql_fetch_assoc or mysql_fetch_assoc
    } else {
      echo 'No Record';
    }
  }
}

// ***** This part will process when you Click on "Submit" button *****
// continue with the script

The problem there is that you have gone to a new page, all data in $row will have been lost. You either need to send the data between the pages in the URL query string or re-query the database on phoneupdate1.php, for example:
if(is_numeric($_REQUEST)) {
SELECT * FROM people WHERE id = `$id`
}

A couple of problems with your current code:

mysql_fetch_row returns a row in a numerical array, you would need to use $row[0], $row[1] for displaying the data, to use what you are, you will need to use mysql_fetch_assoc to call the cells by the column names.

There is a slight problem here:

if (mysql_num_rows($result) > 0) {

while($row=mysql_fetch_row($result)){

echo "ID : .$row['id'] <br/>";
echo "First Name : $row['fname'] <br/>";
echo "Last Name : $row['lname'] <br/>";
echo "Phone Number : $row['phone_num'] <br/>";
echo "Extension : $row['ext'] <br/>";
echo "Title : $row['title'] <br/>";
echo "Department : $row['dept'] <br/>";
echo "Fax Number : $row['fax'] <hr>";

// Add a link with a parameter(id) and it's value.
echo '<a href="phoneupdate1.php?id='.$row['id'].'">Update</a>';
}
[B]else { 
    // no 
    // print status message 
    echo "No rows found!";
	} [/B]
}

You have put it as this:
If {
While {
End While }
Else {}
End If }

It should be:

if (mysql_num_rows($result) > 0) {
  while($row=mysql_fetch_row($result)){
    echo "ID : .$row['id'] <br/>";
    echo "First Name : $row['fname'] <br/>";
    echo "Last Name : $row['lname'] <br/>";
    echo "Phone Number : $row['phone_num'] <br/>";
    echo "Extension : $row['ext'] <br/>";
    echo "Title : $row['title'] <br/>";
    echo "Department : $row['dept'] <br/>";
    echo "Fax Number : $row['fax'] <hr>";
    // Add a link with a parameter(id) and it's value.
    echo '<a href="phoneupdate1.php?id='.$row['id'].'">Update</a>';
  }
} else { 
  // no 
  // print status message 
  echo "No rows found!";
}

I'm afraid I cant see any other problems with the actual code, …

Do other PHP pages work?

add error_reporting(E_ALL); to the top of the page to override any php.ini config which may be blocking errors from displaying.

comment the $set and $row_set lines and add this: echo($setSQL); and post the result here.

add this before the while():

if(mysql_num_rows($result)<1) {
echo 'No Results';
} else {
// while statement here
}

This will determine if the query is returning a result

The only way to do this would be to have the header() at the top, before any output on the page.

What exactly are you trying to do?

Take a look at http://www.w3schools.com/default.asp

Look at the links on the left, there is one for 'Learn Javascript' and another for 'Learn PHP'

If there is a specific function you want to know about that isn't covered there, put it into google and you will find many answers to it.

If you mean the popup window that appears in your browser asking for a username and password, this relies on the htaccess and htpasswd files, was it this you are looking for or another type of login box?

You can pass data between pages either using sessions or cookies,

In the database you would need to have another column along with the username and password for the user level or status.

The simplest way to have user level restrictions would be to have tiers, for example, photographers are level 1, users are level 2, these would need to be sequential. And in the code check the users level field in the DB to see if they have permission to access the page. Level 1 would be able to get to anything for 1 and higher, level 2 for 2 and higher etc..

Have a look on Google, there are alot of articles on this subject. As well as sessions and cookies.

I can't say I have heard of that function before, may be worth looking into for future projects :)

There are alot of artices on this subject from a quick google search for' javascript popup reload parent' (remember, Google is a friend)

What you need to do is on the popup have a function to close the window and reload the parent (
window.opener.location.reload(true); ) at the same time. Be aware that the reload will also clear any POST data and reset any forms.

Using just PHP and JavaScript, you would be limited on what you can do, your pages would be unformatted, lines of text. HTML is essentially a prerequisite to PHP and Javascript. PHP is a server-side language and will send plain text to the user and JavaScript, although a client-side scripting language, will not help much in formatting the page without HTML and CSS.

You should at least learn the basics of HTML before moving onto the other bits.

Take a look at http://www.w3schools.com/default.asp

In response to the point about add/strip slashes, here is an example:

You have HTML tags and attributes you want to add to the db, such as <a href='somelink' title='sometitle'> Using the query to get the data would pick up the ' in the string and return an error as some of the content of the data would be interpreted as PHP, not good.

when you add the data to the database either use the addslashes function to change ' to \' so that PHP ignores them when reading from the db or do the same manually.

When you echo the data back, change the echo($data) to echo(stripslashes($data)).

magic_quotes is not the best function out there as it can cause slashes to be added in places they are not needed. read http://en.wikipedia.org/wiki/Magic_quotes for details on that subject.

The linebreaks can't be seen as most software packages hide them by default (they look like a backwards P and a T) PHP however will pick them up and use them in a similar way to a newline command.

If you type this into a text editor with a line break and then copy/paste it into the database, this will also be moved into the SQL field and PHP will echo a new line as well as the code.

Another thing, when getting HTML from the db, you will want to think about how you are doing this, currently with the echo statement you have you may encounter problems with quotes (') if you use them later. I would suggest looking into storing HTML in a database as well as the stripslashes/addslashes functions.

You should change

if($_POST['submit'])

to

if(isset($_POST['usern']))

OR


if(isset($_POST['pass']))

Also, I would remove the $db = from the select db function as it is not needed here.

If you are using the same name for the array in both instances, try unsetting it first:

$arrayName='';

Once you have executed a second query you then need to reload the data from the query into the array.

on the page that sets the cookies/sessions, add this to the top:

<meta http-equiv="refresh" content="5"/>

This will reload the page and clear POST data. Looking again, the header function probably will not work in this instance.

header('Location: URL');

Make sure that you put this at the top of the file before any HTML tags.

try doing this:

// Then i would have the line here, to be run again - second instance
$result = mysql_query($sqlQuery,$connect);
if(mysql_num_rows($result)>0) {
//Process second instance
} else {
echo 'No Data';
}

This will tell you if the query is actually fetching a row, if it is, make sure that you put the result into an array before trying to use it:

$data = mysql_fetch_array($result);

Using the back button to go to a page form data was submitted to will cause this, to solve it, once the login script has been run either use a header redirect or a meta redirect to clear the POST data.

So long as the PHP code comes before anything else in the file, the HTML/CSS should not effect it. If there is any HTML before the PHP then the headers are sent and cannot be modified with the header function.

Can you post the entire source here in [ /CODE] tags?[CODE ] [ /CODE] tags?

Have a look at the source code through your browser to see if there are any errors hidden beneath tables/elements.

If there are not add something similar to the following to see if the SQL query is causing an issue:

if($login_check>0) {
  header('Location:./portfolio.php');
} else {
  echo 'Login Failed';
}

There doesnt seem to be a problem with the code, but for the header function, try to use a relative link and not http://localhost:

header('Location:./portfolio.php');

On the page that it is not working is the PHP code on there or is it in a seperate file. Also, does the script return an error such as 'Headers already sent by...'?

It is the mysql_free_result function you would use, example below:

$connect = mysql_connect("server", "username", "password");
if (!$connect) {
  die('Could not connect: ' . mysql_error());
}
mysql_select_db("dbName",$connect);

$sqlQuery = "SELECT * from table";
$result = mysql_query($sqlQuery,$connect);
// Do something with the result

// Free result
mysql_free_result($result);

What error (if any) does the script return?

Are you adding the PHP code to the top of the HTML/CSS file or using an include function? Can you post the code here?

The header function must be used before any output is printed, i.e before the opening HTML tag, make sure there is no HTML code or echo/print functions before the header one.