Solved

Creating multiple forms in dreamweaver to go to MySQL.

Posted on 2008-06-18
6
280 Views
Last Modified: 2013-12-12
How I do create a form, in Dreamweaver MX, on one page, then continues to another page for part 2 of the form, and part 3 etc..  but the data all shows up as one entry on the MySQL table? I can create one form that works great but when I try to create another page and associate it with the previous form, I cannot do it.  I've tried to filter the record set with session, form, and cookie variables but I'm not sure if that is even related to what I am trying to do
0
Comment
Question by:cfwd
  • 3
  • 2
6 Comments
 
LVL 16

Accepted Solution

by:
rbudj earned 250 total points
ID: 21817028
You are on the right track.  You can certainly use Sessions.  Here is a link that will help you understand Sessions a bit more: http://www.smallbizonline.co.uk/php_session_variables.php

Basically on every page that contains the form data, place the <?php session_start(); ?> on the first line of each page.  Then create session variables and fill them with the form contents.  So if you have on the first form page:

<input type="text" name="name">
<input type="text" name="address">

... create a session variable to hold the data they enter:

<?php
 session_register ("name");      
session_register ("address");      
$HTTP_SESSION_VARS ["name"] = $name;      
$HTTP_SESSION_VARS ["address"] = $address;
?>

... then, on the next form page, do the same thing with the second form's elements.  When you are ready to input this into your database, all of the users data from each form will be in variables.  Just place the variable data into the database.
0
 
LVL 9

Assisted Solution

by:Rurne
Rurne earned 250 total points
ID: 21817029
Check into user sessions.  You can add the values from the first form into the session, display them on the second form, etc... When you reach the end of the last form, you can then grab everything out of $_POST from that form, plus everything from $_SESSION, and issue one insert/update.


Assuming we're working with PHP, you could do something like the below:

<?php

/* this form receives content from form #1 */

session_start();

$_SESSION['foo'] = $_POST['foo'];

session_write_close();   // commit the session to the server

/* output form #2 here */
?>


<?php

/* this form receives content from form #2 */

session_start();

echo $_SESSION['foo']; // returns the same value as $_POST['foo'] in previous form

$_SESSION = array_merge($_SESSION, $_POST); // merges in any new values from the form into the session

session_write_close();

?>
0
 

Author Comment

by:cfwd
ID: 21833072
I have not been able to get it to work.  I am just trying to start by making the username that they log in with be the constant on every page so that it is seen on every page.  By that username I would like them to be able to stay in the same session going from form to form but I can't figure it out.  Below is the code for my login page then the next page it goes to.  I would like it to also show the username on the next page but I don't know how; it will only show the first username listed in the column instead of the one they logged in with which makes me think that the sessions are not working.
The Login page:

<?php require_once('Connections/harveys_connection.php'); ?>

<?php

mysql_select_db($database_harveys_connection, $harveys_connection);

$query_rs_medical_professionals = "SELECT * FROM harvey_registration";

$rs_medical_professionals = mysql_query($query_rs_medical_professionals, $harveys_connection) or die(mysql_error());

$row_rs_medical_professionals = mysql_fetch_assoc($rs_medical_professionals);

$totalRows_rs_medical_professionals = mysql_num_rows($rs_medical_professionals);

?>

<?php

// *** Validate request to login to this site.

session_start();
 

$loginFormAction = $_SERVER['PHP_SELF'];

if (isset($accesscheck)) {

  $GLOBALS['PrevUrl'] = $accesscheck;

  session_register('PrevUrl');

}
 

if (isset($_POST['username'])) {

  $loginUsername=$_POST['username'];

  $password=$_POST['password'];

  $MM_fldUserAuthorization = "";

  $MM_redirectLoginSuccess = "home_med.php";

  $MM_redirectLoginFailed = "loginmed_fail.php";

  $MM_redirecttoReferrer = false;

  mysql_select_db($database_harveys_connection, $harveys_connection);

  

  $LoginRS__query=sprintf("SELECT username, password FROM harvey_registration WHERE username='%s' AND password='%s'",

    get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 

   

  $LoginRS = mysql_query($LoginRS__query, $harveys_connection) or die(mysql_error());

  $loginFoundUser = mysql_num_rows($LoginRS);

  if ($loginFoundUser) {

     $loginStrGroup = "";

    

    //declare two session variables and assign them

    $GLOBALS['MM_Username'] = $loginUsername;

    $GLOBALS['MM_UserGroup'] = $loginStrGroup;	      
 

    //register the session variables

    session_register("MM_Username");

    session_register("MM_UserGroup");
 

    if (isset($_SESSION['PrevUrl']) && false) {

      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	

    }

    header("Location: " . $MM_redirectLoginSuccess );

  }

  else {

    header("Location: ". $MM_redirectLoginFailed );

  }

}

?>
 

The next page:

<?php require_once('Connections/harveys_connection.php'); ?>

<?php

//initialize the session

session_start();
 

// ** Logout the current user. **

$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";

if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){

  $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);

}
 

if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){

  //to fully log out a visitor we need to clear the session varialbles

  session_unregister('MM_Username');

  session_unregister('MM_UserGroup');

	

  $logoutGoTo = "loginmed.php";

  if ($logoutGoTo) {

    header("Location: $logoutGoTo");

    exit;

  }

}

?>

<?php

session_start();

$MM_authorizedUsers = "";

$MM_donotCheckaccess = "true";
 

// *** Restrict Access To Page: Grant or deny access to this page

function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 

  // For security, start by assuming the visitor is NOT authorized. 

  $isValid = False; 
 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 

  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 

  if (!empty($UserName)) { 

    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 

    // Parse the strings into arrays. 

    $arrUsers = Explode(",", $strUsers); 

    $arrGroups = Explode(",", $strGroups); 

    if (in_array($UserName, $arrUsers)) { 

      $isValid = true; 

    } 

    // Or, you may restrict access to only certain users based on their username. 

    if (in_array($UserGroup, $arrGroups)) { 

      $isValid = true; 

    } 

    if (($strUsers == "") && true) { 

      $isValid = true; 

    } 

  } 

  return $isValid; 

}
 

$MM_restrictGoTo = "unauthorized.php";

if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   

  $MM_qsChar = "?";

  $MM_referrer = $_SERVER['PHP_SELF'];

  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";

  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) 

  $MM_referrer .= "?" . $QUERY_STRING;

  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);

  header("Location: ". $MM_restrictGoTo); 

  exit;

}

?>

<?php

mysql_select_db($database_harveys_connection, $harveys_connection);

$query_rs_pmdo = "SELECT * FROM harvey_patients";

$rs_pmdo = mysql_query($query_rs_pmdo, $harveys_connection) or die(mysql_error());

$row_rs_pmdo = mysql_fetch_assoc($rs_pmdo);

$totalRows_rs_pmdo = mysql_num_rows($rs_pmdo);
 

mysql_select_db($database_harveys_connection, $harveys_connection);

$query_rs_medical_professionals = "SELECT * FROM harvey_registration";

$rs_medical_professionals = mysql_query($query_rs_medical_professionals, $harveys_connection) or die(mysql_error());

$row_rs_medical_professionals = mysql_fetch_assoc($rs_medical_professionals);

$totalRows_rs_medical_professionals = mysql_num_rows($rs_medical_professionals);
 

// FELIXONE - 2002   SB by Felice Di Stefano - www.felixone.it

session_start();

if (isset($HTTP_POST_VARS['username'])) {$username = $HTTP_POST_VARS['username'];

session_register("username");

}
 

$MM_paramName = ""; 
 

// *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters

// create the list of parameters which should not be maintained

$MM_removeList = "&index=";

if ($MM_paramName != "") $MM_removeList .= "&".strtolower($MM_paramName)."=";

$MM_keepURL="";

$MM_keepForm="";

$MM_keepBoth="";

$MM_keepNone="";

// add the URL parameters to the MM_keepURL string

reset ($HTTP_GET_VARS);

while (list ($key, $val) = each ($HTTP_GET_VARS)) {

	$nextItem = "&".strtolower($key)."=";

	if (!stristr($MM_removeList, $nextItem)) {

		$MM_keepURL .= "&".$key."=".urlencode($val);

	}

}

// add the Form parameters to the MM_keepURL string

if(isset($HTTP_POST_VARS)){

	reset ($HTTP_POST_VARS);

	while (list ($key, $val) = each ($HTTP_POST_VARS)) {

		$nextItem = "&".strtolower($key)."=";

		if (!stristr($MM_removeList, $nextItem)) {

			$MM_keepForm .= "&".$key."=".urlencode($val);

		}

	}

}

// create the Form + URL string and remove the intial '&' from each of the strings

$MM_keepBoth = $MM_keepURL."&".$MM_keepForm;

if (strlen($MM_keepBoth) > 0) $MM_keepBoth = substr($MM_keepBoth, 1);

if (strlen($MM_keepURL) > 0)  $MM_keepURL = substr($MM_keepURL, 1);

if (strlen($MM_keepForm) > 0) $MM_keepForm = substr($MM_keepForm, 1);

?>

Open in new window

0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 9

Expert Comment

by:Rurne
ID: 21833641
Be careful.  The documentation specifically states not to use session_register() (line 17) and the $_SESSION (line 45) superglobal in unison.  Also, you are assigning $accesscheck, $loginUsername, and $loginStrGroup to the $GLOBALS array, but not the $_SESSION array.  These will be lost.

It also looks like you're using register_globals; I'd recommend against this.  Where are you getting the value for $accesscheck?

Here's how I'd revise the code with the given information.  I'm still a bit leary as to where some of these uninitialized variables are coming from, but that's a separate issue.

I'm also seeing a bunch of seemingly unecessary "?><?php" segments all over your code.  Are these all new pages, or simply chunks of logic within the same file?  How many files are we supposed to be working with?
<?php 
 

require_once 'Connections/harveys_connection.php';
 

mysql_select_db($database_harveys_connection, $harveys_connection);

$query_rs_medical_professionals = 'SELECT * FROM harvey_registration';

$rs_medical_professionals = mysql_query($query_rs_medical_professionals, $harveys_connection) or die(mysql_error());

$row_rs_medical_professionals = mysql_fetch_assoc($rs_medical_professionals);

$totalRows_rs_medical_professionals = mysql_num_rows($rs_medical_professionals);
 

// *** Validate request to login to this site.

session_start();

 

$loginFormAction = $_SERVER['PHP_SELF'];

if (!empty($accesscheck)) {

  $_SESSION['PrevUrl'] = $accesscheck;

}

 

if (isset($_POST['username'])) {

  $loginUsername=$_POST['username'];

  $password=$_POST['password'];

  $MM_fldUserAuthorization = '';

  $MM_redirectLoginSuccess = 'home_med.php';

  $MM_redirectLoginFailed = 'loginmed_fail.php';

  $MM_redirecttoReferrer = false;

  

  $LoginRS__query=sprintf('SELECT username, password FROM harvey_registration WHERE username="%s" AND password="%s"',

    mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($loginUsername) : $loginUsername), 

    mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($password) : $password)); 

   

  $LoginRS = mysql_query($LoginRS__query, $harveys_connection) or die(mysql_error());

  $loginFoundUser = mysql_num_rows($LoginRS);

  if ($loginFoundUser) {

     $loginStrGroup = "";

    

    //declare two session variables and assign them

    $_SESSION['MM_Username'] = $loginUsername;

    $_SESSION['MM_UserGroup'] = $loginStrGroup;        

 

 

    if (!empty($_SESSION['PrevUrl'])) {

      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];  

    }

    header("Location: " . $MM_redirectLoginSuccess );

  }

  else {

    header("Location: ". $MM_redirectLoginFailed );

  }

}

?>

 

The next page:

<?php require_once 'Connections/harveys_connection.php';

//initialize the session

session_start();

 

// ** Logout the current user. **

$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";

if (!empty($_SERVER['QUERY_STRING'])) {

  $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);

}

 

if ($_GET['doLogout']=="true") {

  //to fully log out a visitor we need to clear the session varialbles

  unset($_SESSION['MM_Username']);

  unset($_SESSION['MM_UserGroup']);

        

  $logoutGoTo = 'loginmed.php';

  if ($logoutGoTo) {

    header("Location: $logoutGoTo");

    exit;

  }

}

?>

<?php
 

$MM_authorizedUsers = '';

$MM_donotCheckaccess = 'true";

 

// *** Restrict Access To Page: Grant or deny access to this page

function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 

  // For security, start by assuming the visitor is NOT authorized. 

  $isValid = False; 

 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 

  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 

  if (!empty($UserName)) { 

    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 

    // Parse the strings into arrays. 

    $arrUsers = Explode(",", $strUsers); 

    $arrGroups = Explode(",", $strGroups); 

    if (in_array($UserName, $arrUsers)) { 

      $isValid = true; 

    } 

    // Or, you may restrict access to only certain users based on their username. 

    if (in_array($UserGroup, $arrGroups)) { 

      $isValid = true; 

    } 

    if (($strUsers == "") && true) { 

      $isValid = true; 

    } 

  } 

  return $isValid; 

}

 

$MM_restrictGoTo = "unauthorized.php";

if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   

  $MM_qsChar = "?";

  $MM_referrer = $_SERVER['PHP_SELF'];

  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";

  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) 

  $MM_referrer .= "?" . $QUERY_STRING;

  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);

  header("Location: ". $MM_restrictGoTo); 

  exit;

}

?>

<?php

mysql_select_db($database_harveys_connection, $harveys_connection);

$query_rs_pmdo = "SELECT * FROM harvey_patients";

$rs_pmdo = mysql_query($query_rs_pmdo, $harveys_connection) or die(mysql_error());

$row_rs_pmdo = mysql_fetch_assoc($rs_pmdo);

$totalRows_rs_pmdo = mysql_num_rows($rs_pmdo);

 

mysql_select_db($database_harveys_connection, $harveys_connection);

$query_rs_medical_professionals = "SELECT * FROM harvey_registration";

$rs_medical_professionals = mysql_query($query_rs_medical_professionals, $harveys_connection) or die(mysql_error());

$row_rs_medical_professionals = mysql_fetch_assoc($rs_medical_professionals);

$totalRows_rs_medical_professionals = mysql_num_rows($rs_medical_professionals);

 

// FELIXONE - 2002   SB by Felice Di Stefano - www.felixone.it

session_start();

if (isset($HTTP_POST_VARS['username'])) {$username = $HTTP_POST_VARS['username'];

session_register("username");

}

 

$MM_paramName = ""; 

 

// *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters

// create the list of parameters which should not be maintained

$MM_removeList = "&index=";

if ($MM_paramName != "") $MM_removeList .= "&".strtolower($MM_paramName)."=";

$MM_keepURL="";

$MM_keepForm="";

$MM_keepBoth="";

$MM_keepNone="";

// add the URL parameters to the MM_keepURL string

reset ($HTTP_GET_VARS);

while (list ($key, $val) = each ($HTTP_GET_VARS)) {

        $nextItem = "&".strtolower($key)."=";

        if (!stristr($MM_removeList, $nextItem)) {

                $MM_keepURL .= "&".$key."=".urlencode($val);

        }

}

// add the Form parameters to the MM_keepURL string

if(isset($HTTP_POST_VARS)){

        reset ($HTTP_POST_VARS);

        while (list ($key, $val) = each ($HTTP_POST_VARS)) {

                $nextItem = "&".strtolower($key)."=";

                if (!stristr($MM_removeList, $nextItem)) {

                        $MM_keepForm .= "&".$key."=".urlencode($val);

                }

        }

}

// create the Form + URL string and remove the intial '&' from each of the strings

$MM_keepBoth = $MM_keepURL."&".$MM_keepForm;

if (strlen($MM_keepBoth) > 0) $MM_keepBoth = substr($MM_keepBoth, 1);

if (strlen($MM_keepURL) > 0)  $MM_keepURL = substr($MM_keepURL, 1);

if (strlen($MM_keepForm) > 0) $MM_keepForm = substr($MM_keepForm, 1);

?>

Open in new window

0
 

Author Comment

by:cfwd
ID: 21868584
Dreamweaver wrote all that stuff with the $accesscheck.  I don't know anything about code.  I tried your code but it must have some typos because it did not work.  I have extensions that do different functions which is why you see so many "?><?php" .   These extensions write the code for me but they create a new php section each time.  Would you be willing to look at what you gave me again and see there are any typos? Thanks
0
 

Author Comment

by:cfwd
ID: 21869219
Nevermind I got it working...thanks
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

This article is very specific and is only intended to help if you are installing Dreamweaver 8 in a Windows 7 environment with Office 2007 installed.   I'm not sure why Microsoft tends to release OS' that should not be released but they do.  Windows…
This article discusses four methods for overlaying images in a container on a web page
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now