Solved

Creating multiple forms in dreamweaver to go to MySQL.

Posted on 2008-06-18
6
294 Views
Last Modified: 2013-12-12
How I do create a form, in Dreamweaver MX, on one page, then continues to another page for part 2 of the form, and part 3 etc..  but the data all shows up as one entry on the MySQL table? I can create one form that works great but when I try to create another page and associate it with the previous form, I cannot do it.  I've tried to filter the record set with session, form, and cookie variables but I'm not sure if that is even related to what I am trying to do
0
Comment
Question by:cfwd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 16

Accepted Solution

by:
rbudj earned 250 total points
ID: 21817028
You are on the right track.  You can certainly use Sessions.  Here is a link that will help you understand Sessions a bit more: http://www.smallbizonline.co.uk/php_session_variables.php

Basically on every page that contains the form data, place the <?php session_start(); ?> on the first line of each page.  Then create session variables and fill them with the form contents.  So if you have on the first form page:

<input type="text" name="name">
<input type="text" name="address">

... create a session variable to hold the data they enter:

<?php
 session_register ("name");      
session_register ("address");      
$HTTP_SESSION_VARS ["name"] = $name;      
$HTTP_SESSION_VARS ["address"] = $address;
?>

... then, on the next form page, do the same thing with the second form's elements.  When you are ready to input this into your database, all of the users data from each form will be in variables.  Just place the variable data into the database.
0
 
LVL 9

Assisted Solution

by:Rurne
Rurne earned 250 total points
ID: 21817029
Check into user sessions.  You can add the values from the first form into the session, display them on the second form, etc... When you reach the end of the last form, you can then grab everything out of $_POST from that form, plus everything from $_SESSION, and issue one insert/update.


Assuming we're working with PHP, you could do something like the below:

<?php

/* this form receives content from form #1 */

session_start();

$_SESSION['foo'] = $_POST['foo'];

session_write_close();   // commit the session to the server

/* output form #2 here */
?>


<?php

/* this form receives content from form #2 */

session_start();

echo $_SESSION['foo']; // returns the same value as $_POST['foo'] in previous form

$_SESSION = array_merge($_SESSION, $_POST); // merges in any new values from the form into the session

session_write_close();

?>
0
 

Author Comment

by:cfwd
ID: 21833072
I have not been able to get it to work.  I am just trying to start by making the username that they log in with be the constant on every page so that it is seen on every page.  By that username I would like them to be able to stay in the same session going from form to form but I can't figure it out.  Below is the code for my login page then the next page it goes to.  I would like it to also show the username on the next page but I don't know how; it will only show the first username listed in the column instead of the one they logged in with which makes me think that the sessions are not working.
The Login page:
<?php require_once('Connections/harveys_connection.php'); ?>
<?php
mysql_select_db($database_harveys_connection, $harveys_connection);
$query_rs_medical_professionals = "SELECT * FROM harvey_registration";
$rs_medical_professionals = mysql_query($query_rs_medical_professionals, $harveys_connection) or die(mysql_error());
$row_rs_medical_professionals = mysql_fetch_assoc($rs_medical_professionals);
$totalRows_rs_medical_professionals = mysql_num_rows($rs_medical_professionals);
?>
<?php
// *** Validate request to login to this site.
session_start();
 
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
  $GLOBALS['PrevUrl'] = $accesscheck;
  session_register('PrevUrl');
}
 
if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "home_med.php";
  $MM_redirectLoginFailed = "loginmed_fail.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_harveys_connection, $harveys_connection);
  
  $LoginRS__query=sprintf("SELECT username, password FROM harvey_registration WHERE username='%s' AND password='%s'",
    get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); 
   
  $LoginRS = mysql_query($LoginRS__query, $harveys_connection) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $GLOBALS['MM_Username'] = $loginUsername;
    $GLOBALS['MM_UserGroup'] = $loginStrGroup;	      
 
    //register the session variables
    session_register("MM_Username");
    session_register("MM_UserGroup");
 
    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
 
The next page:
<?php require_once('Connections/harveys_connection.php'); ?>
<?php
//initialize the session
session_start();
 
// ** Logout the current user. **
$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
  $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);
}
 
if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
  //to fully log out a visitor we need to clear the session varialbles
  session_unregister('MM_Username');
  session_unregister('MM_UserGroup');
	
  $logoutGoTo = "loginmed.php";
  if ($logoutGoTo) {
    header("Location: $logoutGoTo");
    exit;
  }
}
?>
<?php
session_start();
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";
 
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 
  // For security, start by assuming the visitor is NOT authorized. 
  $isValid = False; 
 
  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  if (!empty($UserName)) { 
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
    // Parse the strings into arrays. 
    $arrUsers = Explode(",", $strUsers); 
    $arrGroups = Explode(",", $strGroups); 
    if (in_array($UserName, $arrUsers)) { 
      $isValid = true; 
    } 
    // Or, you may restrict access to only certain users based on their username. 
    if (in_array($UserGroup, $arrGroups)) { 
      $isValid = true; 
    } 
    if (($strUsers == "") && true) { 
      $isValid = true; 
    } 
  } 
  return $isValid; 
}
 
$MM_restrictGoTo = "unauthorized.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) 
  $MM_referrer .= "?" . $QUERY_STRING;
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo); 
  exit;
}
?>
<?php
mysql_select_db($database_harveys_connection, $harveys_connection);
$query_rs_pmdo = "SELECT * FROM harvey_patients";
$rs_pmdo = mysql_query($query_rs_pmdo, $harveys_connection) or die(mysql_error());
$row_rs_pmdo = mysql_fetch_assoc($rs_pmdo);
$totalRows_rs_pmdo = mysql_num_rows($rs_pmdo);
 
mysql_select_db($database_harveys_connection, $harveys_connection);
$query_rs_medical_professionals = "SELECT * FROM harvey_registration";
$rs_medical_professionals = mysql_query($query_rs_medical_professionals, $harveys_connection) or die(mysql_error());
$row_rs_medical_professionals = mysql_fetch_assoc($rs_medical_professionals);
$totalRows_rs_medical_professionals = mysql_num_rows($rs_medical_professionals);
 
// FELIXONE - 2002   SB by Felice Di Stefano - www.felixone.it
session_start();
if (isset($HTTP_POST_VARS['username'])) {$username = $HTTP_POST_VARS['username'];
session_register("username");
}
 
$MM_paramName = ""; 
 
// *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters
// create the list of parameters which should not be maintained
$MM_removeList = "&index=";
if ($MM_paramName != "") $MM_removeList .= "&".strtolower($MM_paramName)."=";
$MM_keepURL="";
$MM_keepForm="";
$MM_keepBoth="";
$MM_keepNone="";
// add the URL parameters to the MM_keepURL string
reset ($HTTP_GET_VARS);
while (list ($key, $val) = each ($HTTP_GET_VARS)) {
	$nextItem = "&".strtolower($key)."=";
	if (!stristr($MM_removeList, $nextItem)) {
		$MM_keepURL .= "&".$key."=".urlencode($val);
	}
}
// add the Form parameters to the MM_keepURL string
if(isset($HTTP_POST_VARS)){
	reset ($HTTP_POST_VARS);
	while (list ($key, $val) = each ($HTTP_POST_VARS)) {
		$nextItem = "&".strtolower($key)."=";
		if (!stristr($MM_removeList, $nextItem)) {
			$MM_keepForm .= "&".$key."=".urlencode($val);
		}
	}
}
// create the Form + URL string and remove the intial '&' from each of the strings
$MM_keepBoth = $MM_keepURL."&".$MM_keepForm;
if (strlen($MM_keepBoth) > 0) $MM_keepBoth = substr($MM_keepBoth, 1);
if (strlen($MM_keepURL) > 0)  $MM_keepURL = substr($MM_keepURL, 1);
if (strlen($MM_keepForm) > 0) $MM_keepForm = substr($MM_keepForm, 1);
?>

Open in new window

0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 9

Expert Comment

by:Rurne
ID: 21833641
Be careful.  The documentation specifically states not to use session_register() (line 17) and the $_SESSION (line 45) superglobal in unison.  Also, you are assigning $accesscheck, $loginUsername, and $loginStrGroup to the $GLOBALS array, but not the $_SESSION array.  These will be lost.

It also looks like you're using register_globals; I'd recommend against this.  Where are you getting the value for $accesscheck?

Here's how I'd revise the code with the given information.  I'm still a bit leary as to where some of these uninitialized variables are coming from, but that's a separate issue.

I'm also seeing a bunch of seemingly unecessary "?><?php" segments all over your code.  Are these all new pages, or simply chunks of logic within the same file?  How many files are we supposed to be working with?
<?php 
 
require_once 'Connections/harveys_connection.php';
 
mysql_select_db($database_harveys_connection, $harveys_connection);
$query_rs_medical_professionals = 'SELECT * FROM harvey_registration';
$rs_medical_professionals = mysql_query($query_rs_medical_professionals, $harveys_connection) or die(mysql_error());
$row_rs_medical_professionals = mysql_fetch_assoc($rs_medical_professionals);
$totalRows_rs_medical_professionals = mysql_num_rows($rs_medical_professionals);
 
// *** Validate request to login to this site.
session_start();
 
$loginFormAction = $_SERVER['PHP_SELF'];
if (!empty($accesscheck)) {
  $_SESSION['PrevUrl'] = $accesscheck;
}
 
if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = '';
  $MM_redirectLoginSuccess = 'home_med.php';
  $MM_redirectLoginFailed = 'loginmed_fail.php';
  $MM_redirecttoReferrer = false;
  
  $LoginRS__query=sprintf('SELECT username, password FROM harvey_registration WHERE username="%s" AND password="%s"',
    mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($loginUsername) : $loginUsername), 
    mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($password) : $password)); 
   
  $LoginRS = mysql_query($LoginRS__query, $harveys_connection) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;        
 
 
    if (!empty($_SESSION['PrevUrl'])) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];  
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
 
The next page:
<?php require_once 'Connections/harveys_connection.php';
//initialize the session
session_start();
 
// ** Logout the current user. **
$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
if (!empty($_SERVER['QUERY_STRING'])) {
  $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);
}
 
if ($_GET['doLogout']=="true") {
  //to fully log out a visitor we need to clear the session varialbles
  unset($_SESSION['MM_Username']);
  unset($_SESSION['MM_UserGroup']);
        
  $logoutGoTo = 'loginmed.php';
  if ($logoutGoTo) {
    header("Location: $logoutGoTo");
    exit;
  }
}
?>
<?php
 
$MM_authorizedUsers = '';
$MM_donotCheckaccess = 'true";
 
// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 
  // For security, start by assuming the visitor is NOT authorized. 
  $isValid = False; 
 
  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  if (!empty($UserName)) { 
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
    // Parse the strings into arrays. 
    $arrUsers = Explode(",", $strUsers); 
    $arrGroups = Explode(",", $strGroups); 
    if (in_array($UserName, $arrUsers)) { 
      $isValid = true; 
    } 
    // Or, you may restrict access to only certain users based on their username. 
    if (in_array($UserGroup, $arrGroups)) { 
      $isValid = true; 
    } 
    if (($strUsers == "") && true) { 
      $isValid = true; 
    } 
  } 
  return $isValid; 
}
 
$MM_restrictGoTo = "unauthorized.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) 
  $MM_referrer .= "?" . $QUERY_STRING;
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo); 
  exit;
}
?>
<?php
mysql_select_db($database_harveys_connection, $harveys_connection);
$query_rs_pmdo = "SELECT * FROM harvey_patients";
$rs_pmdo = mysql_query($query_rs_pmdo, $harveys_connection) or die(mysql_error());
$row_rs_pmdo = mysql_fetch_assoc($rs_pmdo);
$totalRows_rs_pmdo = mysql_num_rows($rs_pmdo);
 
mysql_select_db($database_harveys_connection, $harveys_connection);
$query_rs_medical_professionals = "SELECT * FROM harvey_registration";
$rs_medical_professionals = mysql_query($query_rs_medical_professionals, $harveys_connection) or die(mysql_error());
$row_rs_medical_professionals = mysql_fetch_assoc($rs_medical_professionals);
$totalRows_rs_medical_professionals = mysql_num_rows($rs_medical_professionals);
 
// FELIXONE - 2002   SB by Felice Di Stefano - www.felixone.it
session_start();
if (isset($HTTP_POST_VARS['username'])) {$username = $HTTP_POST_VARS['username'];
session_register("username");
}
 
$MM_paramName = ""; 
 
// *** Go To Record and Move To Record: create strings for maintaining URL and Form parameters
// create the list of parameters which should not be maintained
$MM_removeList = "&index=";
if ($MM_paramName != "") $MM_removeList .= "&".strtolower($MM_paramName)."=";
$MM_keepURL="";
$MM_keepForm="";
$MM_keepBoth="";
$MM_keepNone="";
// add the URL parameters to the MM_keepURL string
reset ($HTTP_GET_VARS);
while (list ($key, $val) = each ($HTTP_GET_VARS)) {
        $nextItem = "&".strtolower($key)."=";
        if (!stristr($MM_removeList, $nextItem)) {
                $MM_keepURL .= "&".$key."=".urlencode($val);
        }
}
// add the Form parameters to the MM_keepURL string
if(isset($HTTP_POST_VARS)){
        reset ($HTTP_POST_VARS);
        while (list ($key, $val) = each ($HTTP_POST_VARS)) {
                $nextItem = "&".strtolower($key)."=";
                if (!stristr($MM_removeList, $nextItem)) {
                        $MM_keepForm .= "&".$key."=".urlencode($val);
                }
        }
}
// create the Form + URL string and remove the intial '&' from each of the strings
$MM_keepBoth = $MM_keepURL."&".$MM_keepForm;
if (strlen($MM_keepBoth) > 0) $MM_keepBoth = substr($MM_keepBoth, 1);
if (strlen($MM_keepURL) > 0)  $MM_keepURL = substr($MM_keepURL, 1);
if (strlen($MM_keepForm) > 0) $MM_keepForm = substr($MM_keepForm, 1);
?>

Open in new window

0
 

Author Comment

by:cfwd
ID: 21868584
Dreamweaver wrote all that stuff with the $accesscheck.  I don't know anything about code.  I tried your code but it must have some typos because it did not work.  I have extensions that do different functions which is why you see so many "?><?php" .   These extensions write the code for me but they create a new php section each time.  Would you be willing to look at what you gave me again and see there are any typos? Thanks
0
 

Author Comment

by:cfwd
ID: 21869219
Nevermind I got it working...thanks
0

Featured Post

Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
This article discusses how to implement server side field validation and display customized error messages to the client.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to dynamically set the form action using jQuery.

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question