• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 203
  • Last Modified:

edit Item from another page

having an issue getting the data from another php..

using a drop down menu in index.php

and it going to a edit_page.php

it does not show the content to be editted

I am assuming i do not need that pid anymore..



<?php 
session_start();
//include_once "auth.php";
?>
<?php 
$pid = mysqli_real_escape_string($myConnection, $_POST['pid'] ); 
//*****========================================================*****
include_once "../Scripts/connect_to_mysql.php";
$sqlCommand = "SELECT * FROM items WHERE itemNumber='$pid'"; 
var_dump($sqlCommand);

$query = mysqli_query($myConnection, $sqlCommand) or die (mysqli_error($myConnection)); 
while ($row = mysqli_fetch_array($query)) { 
    $item = $row["item"];
	$category = $row["category"];
	$Qty_onHand = $row["Qty_onHand"];
	$price = $row["price"];
	$description = $row["description"];
	$description = str_replace("<br />", "", $description);
} 
mysqli_free_result($query); 
?>

Open in new window

0
chefkeifer
Asked:
chefkeifer
  • 10
  • 9
1 Solution
 
hieloCommented:
I believe your select is coded as:
select name="item"

so this:
$pid = mysqli_real_escape_string($myConnection, $_POST['pid'] );

should be:
$pid = mysqli_real_escape_string($myConnection, $_POST['item'] );

OR rename your select to:
select name="pid"
0
 
chefkeiferAuthor Commented:
i am thinking i should something like this..yes?
$pid = mysqli_real_escape_string($myConnection, $_POST['item'] );
0
 
chefkeiferAuthor Commented:
...you beat me to it...see i am learning something...
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
hieloCommented:
:)
0
 
chefkeiferAuthor Commented:
I used this
$pid = mysqli_real_escape_string($myConnection, $_POST['item'] );
//*****========================================================*****
include_once "../Scripts/connect_to_mysql.php";
$sqlCommand = "SELECT * FROM items WHERE item='$pid'";
var_dump($sqlCommand);

and i get this again:
string(33) "SELECT * FROM items WHERE item=''"

its not reading what is in the drop down from the index.php
0
 
hieloCommented:
>> <SELECT NAME=item>
                                <OPTION VALUE=0>Choose
                                <?=$options?>
                                </SELECT>

CLOSE your Choose option.
 <OPTION VALUE=0>Choose

should be:
 <option value=0>Choose</option>

Also, the link to your edit form does not show anything for me. Just for NOW, change this:
$sqlCommand = "SELECT * FROM items WHERE vendorID={$_SESSION['SESS_VENDORID']}";

to:
$sqlCommand = "SELECT * FROM items WHERE vendorID={$_SESSION['SESS_VENDORID']} OR vendorID='amanda' " ;

so I can verify the output of your other script.
0
 
chefkeiferAuthor Commented:
this is the error:
Unknown column 'amanda' in 'where clause'

but before we changed that i noticed that there was a drop down menu up at the top of the site along with one where is supposed to be..both showed the same data but when i closed the <option> the one in the actual form no longer showed the data like it was doing...

0
 
chefkeiferAuthor Commented:
this is the form
<form id="form1" name="form1" method="post" action="edit_item.php" onsubmit="return validate_form1 ( );">
                            <input type="submit" name="button2" id="button2" value="Edit Existing Item" />
                            <SELECT NAME=item>
                                <option value=0>Choose</option>
                                </SELECT>
                            <<  ITEM # to be edited
                            </form>
 should this line come out
<form id="form1" name="form1" method="post" action="edit_item.php" onsubmit="return validate_form1 ( );">
since the onsubmit really doesnt serve a purpose..

i also noticed that the id=button2
is that what that pid should refer to
$pid = mysqli_real_escape_string($myConnection, $_POST['item'] );

on the edit_item.php page

0
 
hieloCommented:
sorry, I missed those apostrophes around the {} again. Should be:
$sqlCommand = "SELECT * FROM items WHERE vendorID='{$_SESSION['SESS_VENDORID']}' OR vendorID='amanda' " ;
0
 
chefkeiferAuthor Commented:
that fixed the error..but same scenario as i wrote in ID: 26213956

0
 
hieloCommented:
Just like I suspected. You will not know what the selected item is. On the other page you have:

   $vendorID = $row["vendorID"];
   $items    = htmlentities($row["items"],ENT_QUOTES);
   $options.="\n<option value='$vendorID'>$items</option>";

this is useless:
   $vendorID = $row["vendorID"];

Why? Because you already know it! it is the same as $_SESSION['SESS_VENDORID']

What you need, but don't know it the item id. So change the while to:

   $itemID = $row["id"];
   $items    = htmlentities($row["items"],ENT_QUOTES);
   $options.="\n<option value='$itemID'>$items</option>";
0
 
hieloCommented:
>>that fixed the error..but same scenario as i wrote in ID: 26213956
That's because your page is currently generating:

 <select name='item'>
<option value='amanda'>Picture</option>
<option value='amanda'>Clock</option>
<option value='amanda'>Phone</option></select>

(Look at the browser's source code to verify the output of your scripts. This is an essential debugging technique)


so this:
$sqlCommand = "SELECT * FROM items WHERE item='$pid'";

will end up being:
$sqlCommand = "SELECT * FROM items WHERE item='amanda' ";

but what you actually need is:
$sqlCommand = "SELECT * FROM items WHERE id=# ";
 
where # is the corresponding item id - meaing $pid.
$sqlCommand = "SELECT * FROM items WHERE id=$pid";


0
 
chefkeiferAuthor Commented:
i played with the code a bit to see what would change in when i checked the browser source code..
when i change the "id" to "itemNumber" i get this in the source code.(remember this is only showing up in the one little drop down menu at the top of the page and not in the actual form)
http://www.keifersdesign.com/administrator/index.php

<select name='item'>
<option value='pic654'>Picture</option>
<option value='cl1234'>Clock</option>
<option value='cust1234'>Phone</option></select>

and this is the whole code i am using





<?php 
session_start();


include_once "../Scripts/connect_to_mysql.php";

$sqlCommand = "SELECT * FROM items WHERE vendorID='{$_SESSION['SESS_VENDORID']}'" ;
$query = mysqli_query($myConnection, $sqlCommand) or die (mysqli_error($myConnection)); 

if(0==mysqli_num_rows($query))
{
        echo "<p>No Items found</p>";
}
else
{       $options="";
        while ($row=mysqli_fetch_array($query)) 
        {
          $itemNumber = $row["itemNumber"];
   		  $item    = htmlentities($row["item"],ENT_QUOTES);
          $options.="\n<option value='$itemNumber'>$item</option>";
        }
        echo "<select name='item'>{$options}</select>";
}
?>

Open in new window

0
 
hieloCommented:
>>"id" to "itemNumber" i get this in the source code.
That looks about right. I'm guessing that itemNumber IS unique correct? every item should have a unique identifier of some sort. I thought it would be id, that's why I suggested, but itemNumber sounds right.

>>(remember this is only showing up in the one little drop down menu at the top of the page and not in the actual form)
Now that is a problem. You need that <select> within the actual form. Currently I am seeing a No Items Found on the upper left corner of the page and in the middle of the page (the actual form) I see an empty list.  Not sure if you changed back your sql statement, but again, you need that select list in the middle of the page - in the actual form.

So where you have this:
<SELECT NAME=item>
                                <OPTION VALUE=0>Choose
                                <?=$options?>
                                </SELECT>

you should really have:
<?php
if($options)
{
 echo "<select name='item'><option value='0'>Choose</option>{$options}</select>";

}
?>

Open in new window

0
 
chefkeiferAuthor Commented:
with that being said...yes each item does have a unique "itemNumber"

i have changed the php to reflect this
<?php
session_start();


include_once "../Scripts/connect_to_mysql.php";

$sqlCommand = "SELECT * FROM items WHERE vendorID='{$_SESSION['SESS_VENDORID']}'" ;
$query = mysqli_query($myConnection, $sqlCommand) or die (mysqli_error($myConnection));

if(0==mysqli_num_rows($query))
{
        echo "<p>No Items found</p>";
}
else
{       $options="";
        while ($row=mysqli_fetch_array($query))
        {
          $itemNumber = $row["itemNumber"];
                 $item    = htmlentities($row["item"],ENT_QUOTES);
          $options.="\n<option value='$itemNumber'>$item</option>";
        }
       
}
?>

and in the form
<form id="form1" name="form1" method="post" action="edit_item.php" onsubmit="return validate_form1 ( );">
                            <input type="submit" name="item" id="item" value="Edit Existing Item" />
                            <?php
                                                if($options)
                                                {
                                                 echo "<select name='item'><option value='0'>Choose</option>{$options}</select>";
                                                
                                                }
                                                ?>
                            <<  ITEM # to be edited
                            </form>

so in the edit_item.php
it reads this?
$pid = mysqli_real_escape_string($myConnection, $_POST['item'] );
//*****========================================================*****
include_once "../Scripts/connect_to_mysql.php";
$sqlCommand = "SELECT * FROM items WHERE item='$pid'";
 
and i get this error:
string(33) "SELECT * FROM items WHERE item=''"

so its still not reading what is in that drop down menu in the index.php...

should the pid now reflect the itemNumber? or keep it "item" since that is what is in the drop down menu

its funny i understand it but i cant get my head around it..

0
 
hieloCommented:
A. You said earlier:
when i change the "id" to "itemNumber"

So this:
$sqlCommand = "SELECT * FROM items WHERE item='$pid'";

should actually be using itemNumber NOT item:
$sqlCommand = "SELECT * FROM items WHERE itemNumber='$pid'";

B. >>$pid = mysqli_real_escape_string($myConnection, $_POST['item'] );
You cannot use ANY of the mysqli functions unless you connect successfully to your db first. So put
$pid = mysqli_real_escape_string($myConnection, $_POST['item'] );

AFTER
include_once "../Scripts/connect_to_mysql.php";
0
 
chefkeiferAuthor Commented:
didnt realize it worked in succession..if that is the right word...

you are awesome...

i really do appreciate your time...

 
0
 
hieloCommented:
>>didnt realize it worked in succession..
Not succession. It needs a LIVE connection to the db. If you attempt to connect to the db and the connection fails (let's say due to bad username/password) then mysqli_real_escape_string() will not work properly because the connection failed. Always remember that.
0
 
chefkeiferAuthor Commented:
will do...thanks again
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 10
  • 9
Tackle projects and never again get stuck behind a technical roadblock.
Join Now