• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 264
  • Last Modified:

edit item

I am trying to do a edit item page.

when the user enters the itemNumber in the "Edit Existing Item" box on the index.php page
http://keifersdesign.com/administrator/index.php

it is supposed to go to the edit_page.php page...which it does but the data does not show up in the boxes for the user to see what they are editing.

AM I MISSING SOMETHING..I AM SURE I AM
//THIS IS THE PHP CODE
<?php 
session_start();
include_once "auth.php";
?>
<?php 
$pid = ereg_replace("[^0-9]", "", $_POST['pid']); 
//*****========================================================*****
include_once "../Scripts/connect_to_mysql.php";
$sqlCommand = "SELECT * FROM items WHERE itemNumber='$pid' LIMIT 1"; 
$query = mysqli_query($myConnection, $sqlCommand) or die (mysqli_error()); 
while ($row = mysqli_fetch_array($query)) { 
    $item = $row["item"];
	$category = $row["category"];
	$Qty_onHand = $row["Qty_onHand"];
	$price = $row["price"];
	$description = $row["description"];
	$description = str_replace("<br />", "", $description);
} 
mysqli_free_result($query); 
?>

//HERE IS THE FORM WITH THE ECHO STATEMENTS
<form id="form" name="form" method="post" action="page_edit_parse.php" onsubmit="return validate_form ( );">
                        <tr>
                          <td width="15%" align="right">Item Name:</td>
                          <td width="85%"><input name="item" type="text" id="item" size="75" maxlength="64" value="<?php echo $item; ?>" /></td>
                          </tr>
                        <tr>
                          <td align="right">Category:</td>
                          <td><input name="category" type="text" id="category" size="75" maxlength="64" value="<?php echo $category; ?>" /></td>
                          </tr>
                        <tr>
                          <td align="right">Quantity on Hand:</td>
                          <td><input name="Qty_onHand" type="text" id="Qty_onHand" size="75" maxlength="64" value="<?php echo $Qty_onHand; ?>" /></td>
                          </tr>
                        <tr>
                          <td align="right">Price:</td>
                          <td><input name="price" type="text" id="price" size="75" maxlength="64" value="<?php echo $price; ?>" /></td>
                          </tr>
                        <tr>
                          <td align="right" valign="top">Item Description:</td>
                          <td><textarea name="description" id="description" cols="50" rows="16"><?php echo $description; ?></textarea></td>
                          </tr>
                        <tr>
                          <td>&nbsp;</td>
                          <td>
                          <input name="pid" type="hidden" value="<?php echo $pid; ?>" />
                          <input type="submit" name="button" id="button" value="Edit Item Now" />
                            </td>
                          </tr>
                        </form>

Open in new window

0
chefkeifer
Asked:
chefkeifer
  • 5
  • 3
  • 2
  • +1
1 Solution
 
ludofulopCommented:
have you var_dumped $pid, or $_POST['pid'] ?
have you tried to var_dump the results of the query ? (var_dump($row) in the while loop)
0
 
StraySodCommented:
the link you provided shows "Access Denied".
Why do you use while loop when limiting the result to only 1 record? Probably the while loop doesn't run at all.
0
 
chefkeiferAuthor Commented:
i used
var_dump($sqlCommand);

and entered in the field the itemNumber as cust1234
and received this:
string(51) "SELECT * FROM items WHERE itemNumber='1234' LIMIT 1"

it did not read the letters "cust"

could this be the issue?
$pid = ereg_replace("[^0-9]", "", $_POST['pid']);

StraySod:
I am not sure why i used the LIMIT 1..it was part of a tutorial i received the code from.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
chefkeiferAuthor Commented:
i have taken the permission off so you can view the link

http://keifersdesign.com/administrator/index.php
0
 
ludofulopCommented:
this row:
$pid = ereg_replace("[^0-9]", "", $_POST['pid']);

removes all the characters from the pid..if you need them, delete that line
0
 
hieloCommented:
>>it is supposed to go to the edit_page.php page
No, your form is submitting to:
action="page_edit_parse.php"

change that to page_edit.php. Most likely you are simply redirecting to page_edit from page_edit_parse.
0
 
hieloCommented:
>>or die (mysqli_error());
add the connection object so that you can see the error is any:

or die (mysqli_error($myConnection));
0
 
chefkeiferAuthor Commented:
i change it to this and it worked

$pid = $_POST['pid'];

0
 
chefkeiferAuthor Commented:
i guess now i need to put in the index.php some code to check for existing item numbers and if there is not one in the database to receive and error..i will open another thread on that one..

0
 
chefkeiferAuthor Commented:
thanks
0
 
hieloCommented:
I already told you before to use mysqli_real_escape_string:
$pid = mysqli_real_escape_string($myConnection, $_POST['pid'] );
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 5
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now