0

Hey everyone,

Sorry for posting another issue with the same project as of recently. I'm having trouble figuring out why when I take away text in an input field when the form is set to "Edit" a category, and click submit (to see if an error shows up), it redirects to the "Add A Category" setting as well as changes the end part of the url from "?edit=5" to "?edit5". Why is the equals sign being taken away?

This is a demo verson. I'll add more security when the project goes live. Here's my code and thank you for any help!

<?php
  require '../core/init.php';
  include 'includes/head.php';
  include 'includes/navigation.php';

  $sql = "SELECT * FROM categories WHERE parent = 0";
  $result = $db->query($sql);
  $errors = array();
  $category = '';
  $post_parent = '';

  // Edit Category
  if (isset($_GET['edit']) && !empty($_GET['edit'])) {
    $edit_id = (int)$_GET['edit'];
    $edit_id = sanitize($edit_id);
    $edit_sql = "SELECT * FROM categories WHERE id = '$edit_id'";
    $edit_result = $db->query($edit_sql);
    $edit_category = mysqli_fetch_assoc($edit_result);
  }

  // Delete Category
  if (isset($_GET['delete']) && !empty($_GET['delete'])) {
    $errors = array();
    $delete_id = (int)$_GET['delete'];
    $delete_id = sanitize($delete_id);
    $dsql = "DELETE FROM categories WHERE id = '$delete_id' OR parent = '$delete_id'";
    $db->query($dsql);
    header('Location: categories.php');
  }

  // process form
  if (isset($_POST) && !empty($_POST)) {
    $post_parent = sanitize($_POST['parent']);
    $category = sanitize($_POST['category']);
    $sqlform = "SELECT * FROM categories WHERE category = '$category' AND parent = '$post_parent'";
    if (isset($_GET['edit'])) {
      $id = $edit_category['id'];
      $sqlform = "SELECT * FROM categories WHERE category = '$category' AND parent = '$post_parent' AND id != '$id'";
    }
    $fresult = $db->query($sqlform);
    $count = mysqli_num_rows($fresult);
    // check if category is blank
    if ($category == '') {
      $errors[] = "The category input cannot be left blank.";
    }

    // if exists in database
    if ($count > 0) {
      $errors[] .= $category. ' already exists.. Please choose a new categpry.';
    }

    // Display errors or Update database
    if (!empty($errors)) {
      // display errors
      $display = display_errors($errors);
      ?>
      <script>
        jQuery('document').ready(function(){
          jQuery('#errors').html('<?=$display; ?>');
        });
      </script>
      <?php
    }else {
      // update database
      $updatesql = "INSERT INTO categories (category, parent) VALUES ('$category','$post_parent')";
      $db->query($updatesql);
      header('Location: categories.php');
    }
  }

  $category_value = '';
  $parent_value = 0;
  if (isset($_GET['edit']) && !empty(isset($_POST))) {
    $category_value = $edit_category['category'];
    $parent_value = $edit_category['parent'];
  }else {
    if (isset($_POST)) {
      $category_value = $category;
      $parent_value = $post_parent;
    }
  }

?>

<h2 class="text-center">Categories</h2><hr>
<div class="row">

  <!-- form -->
  <div class="col-md-6">
    <form class="form" action="categories.php<?=((isset($_GET['edit']))?'?edit'.$edit_id:''); ?>" method="post">
      <legend><?=((isset($_GET['edit']))?'Edit':'Add A'); ?> Category</legend>
      <div id="errors"></div>
      <div class="form-group">
        <label for="parent">Parent</label>
          <select class="form-control" name="parent" id="parent">
            <option value="0"<?=(($parent_value == 0)?' selected="selected"':''); ?>>Parent</option>
              <?php while ($parent = mysqli_fetch_assoc($result)) : ?>
            <option value="<?=$parent['id']?>"<?=(($parent_value == $parent['id'])?' selected="selected"':''); ?>><?=$parent['category'];?></option>
              <?php endwhile; ?>
            </select>
      </div>
      <div class="form-group">
        <label for="category">Category <?php var_dump($category_value); ?></label>
        <input type="text" class="form-control" id="category" name="category" value="<?=$category_value;?>">

      </div>
      <div class="form-group">
        <input type="submit" value="<?=((isset($_GET['edit']))?'Edit':'Add A'); ?> Category" class="btn btn-success">
      </div>
    </form>
  </div>

  <!-- category Table -->
  <div class="col-md-6">
    <table class="table table-bordered">
      <thead>
        <th>Category</th><th>Parent</th><th></th>
      </thead>
      <tbody>
        <?php
          $sql = "SELECT * FROM categories WHERE parent = 0";
          $result = $db->query($sql);
        while($parent = mysqli_fetch_assoc($result)):
          $parent_id = (int)$parent['id'];
          $sql2 = "SELECT * FROM categories WHERE parent = '$parent_id'";
          $cresult = $db->query($sql2);
        ?>
        <tr class="bg-primary">
          <td><?=$parent['category'];?></td>
          <td>Parent</td>
          <td>
            <a href="categories.php?edit=<?=$parent['id'];?>" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span></a>
            <a href="categories.php?delete=<?=$parent['id'];?>" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-remove-sign"></span></a>
          </td>
        </tr>
        <?php while ($child = mysqli_fetch_assoc($cresult)) : ?>
          <tr class="bg-info">
            <td><?=$child['category'];?></td>
            <td><?=$parent['category']; ?></td>
            <td>
              <a href="categories.php?edit=<?=$child['id'];?>" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span></a>
              <a href="categories.php?delete=<?=$child['id'];?>" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-remove-sign"></span></a>
            </td>
          </tr>
        <?php endwhile;  ?>
      <?php endwhile; ?>
      </tbody>
    </table>
  </div>
</div>

<?php include 'includes/footer.php'; ?>

Edited by WebDevGuy32145

2
Contributors
2
Replies
23
Views
1 Week
Discussion Span
Last Post by WebDevGuy32145
2

Look at your form action.

<?=((isset($_GET['edit']))?'?edit'.$edit_id:''); ?>

There's no equal sign there.

<?=((isset($_GET['edit']))?'?edit='.$edit_id:''); ?>

2

pixelsoul,

Wow.... I can't believe I missed that.. I feel like such a dumb coder right now.. Thank you for pointing that out and not making me look like an idiot! It's fixed now and it works perfectly! Thank you again!

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.