0

I'm very stressed out right now and cant seem to fix the problem with this php/mysqli script. I will pay $10 through paypal to anyone who duplicates my code, (and its fixed) as a reply to this thread. My deadline is very close, and I need it within a day.

I erased the configuration for to the database for a reason, it is correct so disregard that.

everything above the

/*

NEW RECORD

*/

works, the code BELOW the quoted text doesn't work and needs to be fixed

<?php  function renderForm(  $name = '', $description ='',  $qualifications ='', $login ='', $hours ='', $daysoftheweek ='', $pay ='',$duties ='',  $id = '' )
        { ?>               
<html>
                        <head>  
                                <title>
                                        <?php if ($id != '') { echo "Edit Record"; } else { echo "New Record"; } ?>
                                </title>
                                <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
                        </head>
                        <body>
                                <h1><?php if ($id != '') { echo "Edit Record"; } else { echo "New Record"; } ?></h1>
                                <?php if ($error != '') {
                                        echo "<div style='padding:4px; border:1px solid red; color:red'>" . $error
                                                . "</div>";
                                } ?>
                                                                <form action="" method="post">
                                <div>
                                        <?php if ($id != '') { ?>
                                                <input type="hidden" name="id" value="<?php echo $id; ?>" />
                                                <p>ID: <?php echo $id; ?></p>
                                        <?php } ?>
                                        
                                        <strong>Name: *</strong> <input type="text" name="name"
                                                value="<?php echo $name; ?>"/><br/>
                                        <strong>description: *</strong> <input type="text" name="description"
                                                value="<?php echo $description; ?>"/><br/>
                                                 <strong>qualifications: *</strong> <input type="text" name="qualifications"
                                                value="<?php echo $qualifications; ?>"/><br/>
                                                <strong>login: *</strong> <input type="hidden" name="login"
                                                value="<?php echo $login; ?>"/><br/>
                                                 <strong>hours: *</strong> <input type="text" name="hours"
                                                value="<?php echo $hours; ?>"/><br/>
                                                <strong>days required to work: *</strong> <input type="text" name="daysoftheweek"
                                                value="<?php echo $daysoftheweek; ?>"/><br/>
                                                 <strong>pay: *</strong> <input type="text" name="pay"
                                                value="<?php echo $pay; ?>"/><br/>
                                                 <strong>duties: *</strong> <input type="text" name="duties"
                                                value="<?php echo $duties; ?>"/><br/>
                                  <input type="submit" name="submit" value="Submit" />
                                </div>
                                </form>
</body>
                </html><?php }					          /*

           EDIT RECORD

        */
        // if the 'id' variable is set in the URL, we know that we need to edit a record
        if (isset($_GET['id']))
        {
                // if the form's submit button is clicked, we need to process the form
                if (isset($_POST['submit']))
                {
                        // make sure the 'id' in the URL is valid
                        if (is_numeric($_POST['id']))
                        {
                                // get variables from the URL/form
                                $id = $_POST['id'];
                                $name = htmlentities($_POST['name'], ENT_QUOTES);
                                $description = htmlentities($_POST['description'], ENT_QUOTES);
								$qualifications = htmlentities($_POST['qualifications'], ENT_QUOTES);
								$login = htmlentities($_POST['login'], ENT_QUOTES);
								$hours = htmlentities($_POST['hours'], ENT_QUOTES);
								$daysoftheweek = htmlentities($_POST['daysoftheweek'], ENT_QUOTES);
								$pay = htmlentities($_POST['pay'], ENT_QUOTES);
								$duties = htmlentities($_POST['duties'], ENT_QUOTES);
                                
                                // check that firstname and lastname are both not empty
                                if ($name == '' || $description == '' || $qualifications == '' || $login == '' || $hours == '' || $daysoftheweek == '' || $pay == '' || $duties == ''  )
                                {
                                        // if they are empty, show an error message and display the form
                                        $error = 'ERROR: Please fill in all required fields!';
                                        renderForm($name, $description,  $qualifications, $login, $hours , $daysoftheweek, $pay,$duties ,  $id, $error);
                                }
                                else
                                {
                                        // if everything is fine, update the record in the database
                                        if ($stmt = $mysqli->prepare("UPDATE players SET name = ?, description = ?, qualifications= ?, login =?, hours =?, daysoftheweek =?, pay =?, duties =?
                                                 WHERE id=? "))
                                        {
										
                                                $stmt->bind_param("ssssssssi", $name, $description,  $qualifications, $login, $hours , $daysoftheweek, $pay, $duties ,  $id);
                                                $stmt->execute();
                                                $stmt->close();
                                        }
                                        // show an error message if the query has an error
                                        else
                                        {
                                                echo "ERROR: could not prepare SQL statement.";
                                        }
                                        
                                        // redirect the user once the form is updated
                                        header("Location: viewworking.php");
                                }
                        }
                        // if the 'id' variable is not valid, show an error message
                        else
                        {
                                echo "Error!";
                        }
                }
                // if the form hasn't been submitted yet, get the info from the database and show the form
                else
                {
                        // make sure the 'id' value is valid
                        if (is_numeric($_GET['id']) && $_GET['id'] > 0)
                        {
                                // get 'id' from URL
                                $id = $_GET['id'];
                                
                                // get the record from the database
                                if($stmt = $mysqli->prepare("SELECT * FROM players WHERE id=?"))
                                {
                                        $stmt->bind_param("i", $id);
                                        $stmt->execute();
                                        
                                        $stmt->bind_result($id,  $name, $description,  $qualifications, $login, $hours , $daysoftheweek, $pay, $duties );
                                        $stmt->fetch();
                                        
                                        // show the form
                                        renderForm($name, $description,  $qualifications, $login, $hours , $daysoftheweek, $pay, $duties ,  $id);
                                        
                                        $stmt->close();
                                }
                                // show an error if the query has an error
                                else
                                {
                                        echo "Error: could not prepare SQL statement";
                                }
                        }
                        // if the 'id' value is not valid, redirect the user back to the view.php page
                       else
                        {
                               echo "error";
                        }
                }
        }
     
        /*

           NEW RECORD

        */
        // if the 'id' variable is not set in the URL, we must be creating a new record
        else
        {
                // if the form's submit button is clicked, we need to process the form
                if (isset($_POST['submit']))
                {
                        // get the form data
                                 
                                $name = htmlentities($_POST['name'], ENT_QUOTES);
                                $description = htmlentities($_POST['description'], ENT_QUOTES);
								$qualifications = htmlentities($_POST['qualifications'], ENT_QUOTES);
								$login = htmlentities($_POST['login'], ENT_QUOTES);
								$hours = htmlentities($_POST['hours'], ENT_QUOTES);
								$daysoftheweek = htmlentities($_POST['daysoftheweek'], ENT_QUOTES);
								$pay = htmlentities($_POST['pay'], ENT_QUOTES);
								$duties = htmlentities($_POST['duties'], ENT_QUOTES);
                                
                        
                        // check that firstname and lastname are both not empty
                        if ($name == '' || $description == '' || $qualifications == '' || $login == '' || $hours == '' || $daysoftheweek == '' || $pay == '' || $duties == '')
                        {
                                // if they are empty, show an error message and display the form
                                $error = 'ERROR: Please fill in all required fields!';
                                renderForm($name, $description,  $qualifications, $login, $hours , $daysoftheweek, $pay,$duties );
                        }
                        else
                        {
                                // insert the new record into the database
                                if ($stmt = $mysqli->prepare("INSERT players (name, description, qualifications, login, hours, daysoftheweek, pay, duties) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"))
                                {
                                        $stmt->bind_param("ssssssss", $name, $description, $qualifications, $login, $hours, $daysoftheweek, $pay, $duties);
                                        $stmt->execute();
                                        $stmt->close();
                                }
                                // show an error if the query has an error
                                else
                                {
                                  echo "Error!";
                                }
                                
                                // redirec the user
                                header("Location: perfectrecords.php");
                        }
                        
                }
                // if the form hasn't been submitted yet, show the form
                else
                {
                        renderForm($name, $description,  $qualifications, $login, $hours , $daysoftheweek, $pay,$duties );
                }
        }
        
        // close the mysqli connection
        $mysqli->close();?>

Edited by waveydaveywaves: n/a

3
Contributors
3
Replies
4
Views
6 Years
Discussion Span
Last Post by waveydaveywaves
0

I think there is a flaw using isset($_GET['id']) . It is always set, because it is part of the form. I think you need to replace it with something like $_GET['id'] > 0

0

there is no displayed error, its just not redirecting to perfectrecords, or inserting the query into my database.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.