How Can I Put a Static URL with a ?ID Attached in a Echo'ed HTML Table? - Page 2

Question

Fest3er 39 Posting Whiz in Training

13 Years Ago

Does it help to put the WHERE value in quotes: ... WHERE id='value' versus ... WHERE id = value?

Fest3er 39 Posting Whiz in Training

13 Years Ago

Looks like POST[id] should be GET[id] (as on line 4).

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

I assume OP is using GET the first time only to fetch the data, then uses POST to update.

Fest3er 39 Posting Whiz in Training

13 Years Ago

Try changing line 48 to

$mdata = "
UPDATE Client
   SET `firstname`='$_POST[firstname]',
       `lastname`='$_POST[lastname]',
       `email`='$_POST[email]',
       `invoice`='$_POST[invoice]',
       `wink`='$_POST[wink]',
       `wint`='$_POST[wint]',
       `vtype`='$_POST[vtype]',
       `usera`='$_POST[usera]',
       `yeara`='$_POST[yeara]',
       `sdate`='$_POST[sdate]',
       `edate`='$_POST[edate]',
       `viprek`='$_POST[viprek]'
    WHERE id = '$_GET[id]'";

splitting it into separate lines (so that mysql will be a little more explicit as to where the error is) and adding the quotes around the WHERE value.

The WHERE value must use _POST because the FORM method is POST.

Change line 49 to echo "<pre style='color:red'>$mdata</pre>\n"; so you can see the *exact* SQL statement your program generated.

I believe that 'header' statement is invalid there because you've already emitted HTML.

Fest3er 39 Posting Whiz in Training

13 Years Ago

Looks OK. As I suspected, you are calling your other page using GET; using $_GET (near the top) is correct. Your form uses method POST, so using $_POST (near the bottom) is (was) correct.

As was already stated a time or two, you should put all PHP array references that are within strings inside {}. That is, "text $_POST verbage" doesn't always work. It is much more reliable to use "text {$_POST} verbage". If you look at your web server's log file, you'll probably find it complaining a lot.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

ARKaMAN 0 Light Poster · Answer 1 · 2012-01-30T20:03:20+00:00

<?php
include_once 'resources/init.php';
if (isset ($_GET[id])) {
    $q = "SELECT * FROM Client WHERE id = {$_GET[id]}";
    $result = mysql_query($q);
    $client = mysql_fetch_array($result);
    }
?>
    <a href="index.php">Back To List</a>
  
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
First Name: <input type="text" name="firstname" value="<?php echo $client['firstname']; ?>" />
Last Name: <input type="text" name="lastname" value="<?php echo $client['lastname']; ?>" />
<br>
<br>
Email: <input type="text" name="email" value="<?php echo $client['email']; ?>" />
<br>
<br>
Invoice #:<input type="text" name="invoice" maxlength="5" size="5" value="<?php echo $client['invoice']; ?>" />
<br>
<br>
<br>
<br>
Windows Key:<input type="text" name="wink" maxlength="24" size="24" value="<?php echo $client['wink']; ?>" />
Windows Type:<input type="text" name="wint" maxlength="24" size="24" value="<?php echo $client['wint']; ?>" />
<br>
<br>
<br>
<br>
VIPRE Type:<input type="text" name="vtype" maxlength="3" size="3" value="<?php echo $client['vtype']; ?>" />
User Count:<input type="text" name="usera" maxlength="3" size="3" value="<?php echo $client['usera']; ?>" />
Year Count:<input type="text" name="yeara" maxlength="3" size="3" value="<?php echo $client['yeara']; ?>" />
<br>
<br>
Start Date:<input type="text" name="sdate" maxlength="10" size="10" value="<?php echo $client['sdate']; ?>" />
Expire Date:<input type="text" name="edate" maxlength="10" size="10" value="<?php echo $client['edate']; ?>" />
<br>
<br>
VIPRE Key: <input type="text" name="viprek" maxlength="24" size="24" value="<?php echo $client['viprek']; ?>" />
<br>
<br>
<br>
<input type="submit" name="submit" Value="Modify" />
</form>
    
    <?php
if (isset($_POST["submit"])) {
        $u = "UPDATE Client SET `firstname`='$_POST[firstname]', `lastname`='$_POST[lastname]', `email`='$_POST[email]', `invoice`='$_POST[invoice]', `wink`='$_POST[wink]', `wint`='$_POST[wint]', `vtype`='$_POST[vtype]', `usera`='$_POST[usera]', `yeara`='$_POST[yeara]', `sdate`='$_POST[sdate]', `edate`='$_POST[edate]', `viprek`='$_POST[viprek]' WHERE id = $_POST[id]";
        
        mysql_query($u) or die (mysql_error());
        
            header("Location: index.php");
    }
    ?>

pritaeas 2,211 ¯\_(ツ)_/¯ Moderator Featured Poster · Answer 2 · 2012-01-30T20:43:15+00:00

Echo the $u on line 49, perhaps one of your values messed it up. The query looks fine to me (apart from using the $_POST directly). If one of your values contains a single quote, the query will fail.

ARKaMAN 0 Light Poster · Answer 3 · 2012-01-30T23:59:12+00:00

UPDATE Client SET `firstname`='2', `lastname`='1', `email`='1', `invoice`='1', `wink`='1', `wint`='1', `vtype`='1', `usera`='1', `yeara`='1', `sdate`='1', `edate`='1', `viprek`='1' WHERE id = You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

this is what it spits out everything looks fine.

pritaeas 2,211 ¯\_(ツ)_/¯ Moderator Featured Poster · Answer 4 · 2012-01-31T01:34:45+00:00

pritaeas 2,211 ¯\_(ツ)_/¯

13 Years Ago

Looks like POST[id] should be GET[id] (as on line 4).

Edited 13 Years Ago by pritaeas because: n/a

ARKaMAN 0 Light Poster · Answer 5 · 2012-01-31T02:07:07+00:00

Still having issue. After suggested changes.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

<?php
include_once 'resources/init.php';
if (isset ($_GET[id])) {
    $q = "SELECT * FROM Client WHERE id = {$_GET[id]}";
    $result = mysql_query($q);
    $client = mysql_fetch_array($result);
    }
?>
    <a href="index.php">Back To List</a>
  
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
First Name: <input type="text" name="firstname" value="<?php echo $client['firstname']; ?>" />
Last Name: <input type="text" name="lastname" value="<?php echo $client['lastname']; ?>" />
<br>
<br>
Email: <input type="text" name="email" value="<?php echo $client['email']; ?>" />
<br>
<br>
Invoice #:<input type="text" name="invoice" maxlength="5" size="5" value="<?php echo $client['invoice']; ?>" />
<br>
<br>
<br>
<br>
Windows Key:<input type="text" name="wink" maxlength="24" size="24" value="<?php echo $client['wink']; ?>" />
Windows Type:<input type="text" name="wint" maxlength="24" size="24" value="<?php echo $client['wint']; ?>" />
<br>
<br>
<br>
<br>
VIPRE Type:<input type="text" name="vtype" maxlength="3" size="3" value="<?php echo $client['vtype']; ?>" />
User Count:<input type="text" name="usera" maxlength="3" size="3" value="<?php echo $client['usera']; ?>" />
Year Count:<input type="text" name="yeara" maxlength="3" size="3" value="<?php echo $client['yeara']; ?>" />
<br>
<br>
Start Date:<input type="text" name="sdate" maxlength="10" size="10" value="<?php echo $client['sdate']; ?>" />
Expire Date:<input type="text" name="edate" maxlength="10" size="10" value="<?php echo $client['edate']; ?>" />
<br>
<br>
VIPRE Key: <input type="text" name="viprek" maxlength="24" size="24" value="<?php echo $client['viprek']; ?>" />
<br>
<br>
<br>
<input type="submit" name="submit" Value="Modify" />
</form>
    
    <?php
if (isset($_POST["submit"])) {
        $mdata = "UPDATE Client SET `firstname`='$_POST[firstname]', `lastname`='$_POST[lastname]', `email`='$_POST[email]', `invoice`='$_POST[invoice]', `wink`='$_POST[wink]', `wint`='$_POST[wint]', `vtype`='$_POST[vtype]', `usera`='$_POST[usera]', `yeara`='$_POST[yeara]', `sdate`='$_POST[sdate]', `edate`='$_POST[edate]', `viprek`='$_POST[viprek]' WHERE id = $_GET[id]";
        
        mysql_query($mdata) or die (mysql_error());
        
            header("Location: index.php");
    }
    ?>

pritaeas 2,211 ¯\_(ツ)_/¯ Moderator Featured Poster · Answer 6 · 2012-01-31T04:06:37+00:00

pritaeas 2,211 ¯\_(ツ)_/¯

13 Years Ago

The id may not have been set.

diafol · Answer 7 · 2012-01-31T04:54:22+00:00

You need to brace out your POST and GET variables like so:

`sdate`='{$_POST[sdate]}',
...
 WHERE id = '{$_GET[id]'}";

But as has been mentioned to you numerous times, you SHOULDN'T use raw input in an SQL statement.

ARKaMAN 0 Light Poster · Answer 8 · 2012-01-31T05:30:52+00:00

Well this is my index page. Did I mess something up here?

<html>
    <head>
    <title>Vipre Database</title>
    <script src="sorttable.js"></script>
</head>
<body>
<a href="addclient.php">Add Client</a>
<?php

include_once 'resources/init.php';

$query="SELECT * FROM Client";
$result=mysql_query($query);

mysql_close();
?>

<?php
//Table starting tag and header cells
echo "<table class='sortable' border='1' cellspacing='5' cellpadding='5'><tr><th>First Name</th><th>Last Name</th><th>Email</th><th>Invoice #</th><th>Windows Key</th><th>Windows Type</th><th>VIPRE Type</th><th>User Count</th><th>Year Count</th><th>Start Date</th><th>Expire Date</th><th>Vipre Key</th><th>Edit Client</th><th>Delete Client</th></tr>";
    while($row = mysql_fetch_array($result)){
        //Display the results in differnt Cells
        echo "<tr><td>" . $row['firstname'] . "</th>
            <td>" . $row['lastname'] . "</td>
            <td>" . $row['email'] . "</td>
            <td>" . $row['invoice'] . "</td>
            <td>" . $row['wink'] . "</td>
            <td>" . $row['wint'] . "</td>
            <td>" . $row['vtype'] . "</td>
            <td>" . $row['usera'] . "</td>
            <td>" . $row['yeara'] . "</td>
            <td>" . $row['sdate'] . "</td>
            <td>" . $row['edate'] . "</td>
            <td>" . $row['viprek'] . "</td>
                                           
            <td><a href=\"modify.php?id=" . $row['id'] . "\">Edit</a>" . "</td>
            <td><a href=\"deleteclient.php?id=" . $row['id'] . "\">Delete</a>" . "</td></tr>";
    
}
echo "</table>";
?>

</body>
</html>