Hey everyone,

Sorry for posting another issue with the same project as of recently. I'm having trouble figuring out why when I take away text in an input field when the form is set to "Edit" a category, and click submit (to see if an error shows up), it redirects to the "Add A Category" setting as well as changes the end part of the url from "?edit=5" to "?edit5". Why is the equals sign being taken away?

This is a demo verson. I'll add more security when the project goes live. Here's my code and thank you for any help!

<?php
  require '../core/init.php';
  include 'includes/head.php';
  include 'includes/navigation.php';

  $sql = "SELECT * FROM categories WHERE parent = 0";
  $result = $db->query($sql);
  $errors = array();
  $category = '';
  $post_parent = '';

  // Edit Category
  if (isset($_GET['edit']) && !empty($_GET['edit'])) {
    $edit_id = (int)$_GET['edit'];
    $edit_id = sanitize($edit_id);
    $edit_sql = "SELECT * FROM categories WHERE id = '$edit_id'";
    $edit_result = $db->query($edit_sql);
    $edit_category = mysqli_fetch_assoc($edit_result);
  }

  // Delete Category
  if (isset($_GET['delete']) && !empty($_GET['delete'])) {
    $errors = array();
    $delete_id = (int)$_GET['delete'];
    $delete_id = sanitize($delete_id);
    $dsql = "DELETE FROM categories WHERE id = '$delete_id' OR parent = '$delete_id'";
    $db->query($dsql);
    header('Location: categories.php');
  }

  // process form
  if (isset($_POST) && !empty($_POST)) {
    $post_parent = sanitize($_POST['parent']);
    $category = sanitize($_POST['category']);
    $sqlform = "SELECT * FROM categories WHERE category = '$category' AND parent = '$post_parent'";
    if (isset($_GET['edit'])) {
      $id = $edit_category['id'];
      $sqlform = "SELECT * FROM categories WHERE category = '$category' AND parent = '$post_parent' AND id != '$id'";
    }
    $fresult = $db->query($sqlform);
    $count = mysqli_num_rows($fresult);
    // check if category is blank
    if ($category == '') {
      $errors[] = "The category input cannot be left blank.";
    }

    // if exists in database
    if ($count > 0) {
      $errors[] .= $category. ' already exists.. Please choose a new categpry.';
    }

    // Display errors or Update database
    if (!empty($errors)) {
      // display errors
      $display = display_errors($errors);
      ?>
      <script>
        jQuery('document').ready(function(){
          jQuery('#errors').html('<?=$display; ?>');
        });
      </script>
      <?php
    }else {
      // update database
      $updatesql = "INSERT INTO categories (category, parent) VALUES ('$category','$post_parent')";
      $db->query($updatesql);
      header('Location: categories.php');
    }
  }

  $category_value = '';
  $parent_value = 0;
  if (isset($_GET['edit']) && !empty(isset($_POST))) {
    $category_value = $edit_category['category'];
    $parent_value = $edit_category['parent'];
  }else {
    if (isset($_POST)) {
      $category_value = $category;
      $parent_value = $post_parent;
    }
  }

?>

<h2 class="text-center">Categories</h2><hr>
<div class="row">

  <!-- form -->
  <div class="col-md-6">
    <form class="form" action="categories.php<?=((isset($_GET['edit']))?'?edit'.$edit_id:''); ?>" method="post">
      <legend><?=((isset($_GET['edit']))?'Edit':'Add A'); ?> Category</legend>
      <div id="errors"></div>
      <div class="form-group">
        <label for="parent">Parent</label>
          <select class="form-control" name="parent" id="parent">
            <option value="0"<?=(($parent_value == 0)?' selected="selected"':''); ?>>Parent</option>
              <?php while ($parent = mysqli_fetch_assoc($result)) : ?>
            <option value="<?=$parent['id']?>"<?=(($parent_value == $parent['id'])?' selected="selected"':''); ?>><?=$parent['category'];?></option>
              <?php endwhile; ?>
            </select>
      </div>
      <div class="form-group">
        <label for="category">Category <?php var_dump($category_value); ?></label>
        <input type="text" class="form-control" id="category" name="category" value="<?=$category_value;?>">

      </div>
      <div class="form-group">
        <input type="submit" value="<?=((isset($_GET['edit']))?'Edit':'Add A'); ?> Category" class="btn btn-success">
      </div>
    </form>
  </div>

  <!-- category Table -->
  <div class="col-md-6">
    <table class="table table-bordered">
      <thead>
        <th>Category</th><th>Parent</th><th></th>
      </thead>
      <tbody>
        <?php
          $sql = "SELECT * FROM categories WHERE parent = 0";
          $result = $db->query($sql);
        while($parent = mysqli_fetch_assoc($result)):
          $parent_id = (int)$parent['id'];
          $sql2 = "SELECT * FROM categories WHERE parent = '$parent_id'";
          $cresult = $db->query($sql2);
        ?>
        <tr class="bg-primary">
          <td><?=$parent['category'];?></td>
          <td>Parent</td>
          <td>
            <a href="categories.php?edit=<?=$parent['id'];?>" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span></a>
            <a href="categories.php?delete=<?=$parent['id'];?>" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-remove-sign"></span></a>
          </td>
        </tr>
        <?php while ($child = mysqli_fetch_assoc($cresult)) : ?>
          <tr class="bg-info">
            <td><?=$child['category'];?></td>
            <td><?=$parent['category']; ?></td>
            <td>
              <a href="categories.php?edit=<?=$child['id'];?>" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span></a>
              <a href="categories.php?delete=<?=$child['id'];?>" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-remove-sign"></span></a>
            </td>
          </tr>
        <?php endwhile;  ?>
      <?php endwhile; ?>
      </tbody>
    </table>
  </div>
</div>

<?php include 'includes/footer.php'; ?>

Recommended Answers

All 2 Replies

Look at your form action.

<?=((isset($_GET['edit']))?'?edit'.$edit_id:''); ?>

There's no equal sign there.

<?=((isset($_GET['edit']))?'?edit='.$edit_id:''); ?>

pixelsoul,

Wow.... I can't believe I missed that.. I feel like such a dumb coder right now.. Thank you for pointing that out and not making me look like an idiot! It's fixed now and it works perfectly! Thank you again!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.