Input tag question

I have attempted to research this, but I don't think I am searching for the correct buzz words.  I have a form that allows the user to input information into fields that are then inserted into MySQL.  I would like to to check the database for any existing records.  If records are present then show that data (it needs to be editable).  Can I do this in one form with if statements or should I have 2 different pages dependent on if the database has an existing record or not.  I hope this question is clear, if it isn't please respond and let me know.  Thank you.  I have attached the code below.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN http: //www.w3.org/TR/html4/loose.dtd">

<html>
	<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
		<title>Property Inspection Form</title>
		<style type="text/css">
			body {
				background-color: #FFFFFF;
				margin-left: 10%;
				margin-right: 10%;
				border: 2px solid gray;
				padding: 20px 20px 20px 20px;
				font-family: Verdana, Helvetica, Arial, sans-serif;
				}
			table {
				margin-left: 20px;
				margin-right: 20px;
				border: thin solid white;
				caption-side: top;
				background-color: #E6E6FA
				}
			td, th {
                                font-weight: normal; 
                                font-size: 8pt; 
                                color: #000000; 
                                font-family: verdana, arial, helvetica, sans-serif;
                                text-decoration: none;
                                align="center"
				border: 2px solid white;
				padding: 5px;
				text-align: left;
				}
			caption {
				padding-top: 8px;
				}
			#prop_insp_form{
				background-color: #A3C2FF;
                                align="center";
				}
		</style>
	</head>
	<body>
<form enctype="multipart/form-data" method="POST" action="<?php echo $_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING']; ?>">
<div id="nav">
<ul id="headerNav">
<li><a href="index.php" title="index">Home</a></li>
<li><a href="pending.php" title="Pending">Pending</a></li>
<li class="headerRight"><a href="/logout" title="Logout">Logout</a></li>
</ul>
</div>
<div id="?header?">
<h4><b>Instructions to Broker/Agent</b></h4>
<ul>
<li>Please inspect and complete within 1 business day, unless otherwise agreed upon </li>
</ul>
</div>

<?php
require_once('connvars.php');

  
 $job_id=$_GET['job_id'];
 $tc_number=$_GET['tc_number'];
 $prop_addr_1=$_GET['prop_addr_1'];
 $prop_city=$_GET['prop_city'];
 $prop_state=$_GET['prop_state'];
 $prop_zip=$_GET['prop_zip'];
 $prop_county=$_GET['prop_county'];

echo 'TC Number:  '. $tc_number .''; 
                echo 'Property Address:  '. $prop_addr_1. '<br />';  
	        echo '  City:  '. $prop_city. '';
                echo '  State:  '. $prop_state. '';
                echo '  Zip:  '. $prop_zip .'<br />';
                echo '  County:  '. $prop_county . '';


$dbc=mysqli_connect(db_host,db_user,db_password,db_name);
                       
     $listing_agent=$_POST['listing_agent'];			
     $listed_realtor=$_POST['listed_realtor'];
     $listing_office=$_POST['listing_office'];
     $sale_sign=$_POST['sale_sign'];
     $sale_sign_comm=$_POST['sale_sign_comm'];
     $vandalism=$_POST['vandalism'];
     $vandalism_comm=$_POST['vandalism_comm'];
     $code_viol=$_POST['code_viol'];
     $code_viol_comm=$_POST['code_viol_comm'];
     $health_safe=$_POST['health_safe'];
     $health_safe_comm=$_POST['health_safe_comm'];
     $prop_secure=$_POST['prop_secure'];
     $prop_secure_comm=$_POST['prop_secure_comm'];
     $land_main=$_POST['land_main'];
     $land_main_comm=$_POST['land_main_comm'];
     $int_clean=$_POST['int_clean'];
     $int_clean_comm=$_POST['int_clean_comm'];
     $electricity=$_POST['electricity'];
     $electricity_comm=$_POST['electricity_comm'];
     $water=$_POST['water'];
     $water_comm=$_POST['water_comm'];
     $winterized=$_POST['winterized'];
     $winterized_comm=$_POST['winterized_comm'];
     $add_comm=$_POST['add_comm'];
     $mls_number=$_POST['mls_number'];
     $mls_location=$_FILES['uploadmls']['name'];
     $curr_price=$_POST['curr_price'];
     $prev_price=$_POST['prev_price'];
     $dt_last_reduc=$_POST['dt_last_reduc'];
   
if(isset($_POST['submit'])){
     //insert new record to prop_insp
     $query_pir_insert="INSERT INTO prop_insp(job_id,listing_agent,listed_realtor,sale_sign,sale_sign_comm,vandalism,vandalism_comm,health_safe,health_safe_comm,prop_secure,prop_secure_comm,land_main,land_main_comm,electricity,electricity_comm,water,water_comm,int_clean,int_clean_comm,winterized,winterized_comm,listing_office,code_viol,code_viol_comm)
VALUES('$job_id','$listing_agent','$listed_realtor','$sale_sign','$sale_sign_comm','$vandalism','$vandalism_comm','$health_safe','$health_safe_comm','$prop_secure','$prop_secure_comm','$land_main','$land_main_comm','$electricity','$electricity_comm','$water','$water_comm','$int_clean','$int_clean_comm','$winterized','$winterized_comm','$listing_office','$code_viol','$code_viol_comm')";
     $result_pir_insert=mysqli_query($dbc,$query_pir_insert) or die('ERROR PIR INSERT');

//update job fields
     $query_job_update="UPDATE job 
                        SET  mls_number='$mls_number',curr_price='$curr_price',prev_price='$prev_price',dt_last_reduc='$dt_last_reduc', mls_location='$mls_location'
                        WHERE job_ID='$job_id'";
     $result_job_update=mysqli_query($dbc,$query_job_update)or die('ERROR JOB UPDATE');
  
mysqli_close($dbc);
}

?>            
<h2><center>PROPERTY INSPECTION FORM</center></h2>
<input value="Submit Data" name="submit" type="submit" /><input value="Produce PDF" name="propinsppdf" type="submit" /></p>
<table>
<tbody>
<tr>
<th>Listing Agent Name</th>
<td></td>
<td><input name="listing_agent" type="text" /></td>
</tr>
<tr>
<th>Listing Agent Office</th>
<td></td>
<td><input name="listing_office" type="text" /></td>
</tr>
<tr>
<th>Is the property currently listed on any listing databases?</th>
<td>
 <?php

         //drop down for listing databases 
         $dd_listing_db="select listing_db_id, listing_db_name from listing_db order by listing_db_name ASC";
         $dd_listing_db_result=mysqli_query($dbc,$dd_listing_db);
          echo "<select name=\"listing_db_id\">\n"; 
          echo "<option value=\"NULL\">Select Listing Database</option>\n";
           while($row = mysqli_fetch_array($dd_listing_db_result)){
           $listing_db_id = $row['listing_db_id'];
           $listing_db_name = $row['listing_db_name'];
           echo "<option value=\"$listing_db_id\">$listing_db_name</option>\n";
          }
          echo"</select>\n";
        ?>
        <td><input name="mls_number" type="text" /></td>
<td><input type="file" id="uploadmls" name="uploadmls" /></td>
</tr>
<tr>
<th>Is the property currently listed on Realtor.com?</th>
<td>Yes<input name="listed_realtor" value="Y" type="radio" /> No<input name="listed_realtor" value="N" type="radio" /></td>
</tr>
<tr>
<th>Current Price: </th>
<td></td>
<td><input name="curr_price" type="currency" /></td>
</tr>
<tr>
<th>Previous Price: </th>
<td></td>
<td><input name="curr_price" type="currency" /></td>
</tr>
<tr>
<th>Date of Last Price Reduction: </th>
<td></td>
<td><input name="dt_last_reduc" type="date" />
<p>&nbsp;</p>
</td>
</tr>
<tr>
<th>Is there a for sale sign visible from the street?</th>
<td>Yes<input name="sale_sign" value="Y" type="radio" /> No<input name="sale_sign" value="N" type="radio" /></td>
<td></td>
<td><textarea name="sale_sign_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Are there any signs of vadalism?</th>
<td>Yes<input name="vandalism" value="Y" type="radio" /> No<input name="vandalism" value="N" type="radio" /></td>
<td></td>
<td><textarea name="vandalism_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Are there any visible signs of code violations?</th>
<td>Yes<input name="code_viol" value="Y" type="radio" /> No<input name="code_viol" value="N" type="radio" /></td>
<td></td>
<td><textarea name="code_viol_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Are there any health and safety issues with the property?</th>
<td>Yes<input name="health_safe" value="Y" type="radio" /> No<input name="health_safe" value="N" type="radio" /></td>
<td></td>
<td><textarea name="health_safe_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Is the property secured?</th>
<td>Yes<input name="prop_secure" value="Y" type="radio" /> No<input name="prop_secure" value="N" type="radio" /></td>
<td></td>
<td><textarea name="prop_secure_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Is the landscaping maintained?</th>
<td>Yes<input name="land_main" value="Y" type="radio" />No<input name="land_main" value="N" type="radio" /></td>
<td></td>
<td><textarea name="land_main_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Is the interior of the property clean?</th>
<td>Yes<input name="int_clean" value="Y" type="radio" /> No<input name="int_clean" value="N" type="radio" /></td>
<td></td>
<td><textarea name="int_clean_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Is the electricity turned on?</th>
<td>Yes<input name="electricity" value="Y" type="radio" /> No<input name="electricity" value="N" type="radio" /></td>
<td></td>
<td><textarea name="electricity_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Is the water turned on?</th>
<td>Yes<input name="water" value="Y" type="radio" /> No<input name="water" value="N" type="radio" /></td>
<td></td>
<td><textarea name="water_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>If between September and April, are there notices that the home has been winterized? (please provide photos of notices)?</th>
<td>Yes<input name="winterized" value="Y" type="radio" /> No<input name="winterized" value="N" type="radio" />N/A<input name="winterized" value="na" type="radio" /></td>
<td></td>
<td><textarea name="winterized_comm" rows="2" cols="40"></textarea></td>
</tr>
</tbody>
</table><br />
<table>
<tbody>
<tr>
<th>Please provide any additional comments, such as, condition of neighboring homes, current real estate market conditions in the area.</th>
</tr>
<tr>
<td><textarea name="add_comm" rows="10" cols="111"></textarea></td>
</tr>
</tbody>
</table><br />

<table>
 <tbody>
  <tr>
   <th>IMAGE HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center>SUBJECT FRONT</center></th>
       </tr>
        <td><input type="file" id="upload_front" name="upload_front" /></td>
     </table>
    </td>
   </tr>
   <tr>
<th>IMAGE 2 HERE</th>
   <td>
    <table>
     <tbody>
      <tr>
       <th><center>
        <?php
         require_once('connvars.php');
         //drop down for image 2 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id2 = $row['location_id'];
           $location_name2 = $row['location_name'];
           echo "<option value=\"$location_id2\">$location_name2</option>\n";
          }
          echo"</select>\n";
        ?>
     </center></th>
      </tr>
       <td><input type="file" id="upload_2" name="upload_2" /></td>
      </tr>
    </table>
   </td>
 </tr>

<th>IMAGE 3 HERE</th>
   <td>
    <table>
     <tbody>
      <tr>
       <th><center>
<?php
         require_once('connvars.php');
         //drop down for image 3 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id3 = $row['location_id'];
           $location_name3 = $row['location_name'];
           echo "<option value=\"$location_id3\">$location_name3</option>\n";
          }
          echo"</select>\n";
        ?>
</center></th>
      </tr>
       <td><input type="file" id="upload_3" name="upload_3" /></td>
      </tr>
   </table>
</td>
</tr>

   <th>IMAGE 4 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 4 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id4 = $row['location_id'];
           $location_name4 = $row['location_name'];
           echo "<option value=\"$location_id4\">$location_name4</option>\n";
          }
          echo"</select>\n";
        ?>
</center></th>
       </tr>
        <td><input type="file" id="upload_4" name="upload_4" /></td>
      </tr>
     </table>
    </td>
   </tr>
    
<th>IMAGE 5 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 5 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id5 = $row['location_id'];
           $location_name5 = $row['location_name'];
           echo "<option value=\"$location_id5\">$location_name5</option>\n";
          }
          echo"</select>\n";
        ?>
</center></th>
       </tr>
        <td><input type="file" id="upload_5" name="upload_5" /></td>
      </tr>
     </table>
    </td>
   </tr>

<th>IMAGE 6 HERE</th>
   <td>
    <table>
     <tbody>
      <tr>
       <th><center><?php
         require_once('connvars.php');
         //drop down for image 6 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id6 = $row['location_id'];
           $location_name6 = $row['location_name'];
           echo "<option value=\"$location_id6\">$location_name6</option>\n";
          }
          echo"</select>\n";
        ?>
</center></th>
      </tr>
       <td><input type="file" id="upload_6" name="upload_6" /></td>
      </tr>
</table>
</td>
</tr>

   <th>IMAGE 7 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 7 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id7 = $row['location_id'];
           $location_name7 = $row['location_name'];
           echo "<option value=\"$location_id7\">$location_name7</option>\n";
          }
          echo"</select>\n";
        ?></center></th>
       </tr>
        <td><input type="file" id="upload_7" name="upload_7" /></td>
     </table>
    </td>
   </tr>


   <th>IMAGE 8 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 8 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id8 = $row['location_id'];
           $location_name8 = $row['location_name'];
           echo "<option value=\"$location_id8\">$location_name8</option>\n";
          }
          echo"</select>\n";
        ?>
</center></th>
       </tr>
        <td><input type="file" id="upload_8" name="upload_8" /></td>
      </tr>
     </table>
    </td>
   </tr>
    
<th>IMAGE 9 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 9 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id9 = $row['location_id'];
           $location_name9 = $row['location_name'];
           echo "<option value=\"$location_id9\">$location_name9</option>\n";
          }
          echo"</select>\n";
        ?></center></th>
       </tr>
        <td><input type="file" id="upload_9" name="upload_9" /></td>
      </tr>
     </table>
    </td>
   </tr>

<th>IMAGE 10 HERE</th>
   <td>
    <table>
     <tbody>
      <tr>
       <th><center><?php
         require_once('connvars.php');
         //drop down for image 10 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id10 = $row['location_id'];
           $location_name10 = $row['location_name'];
           echo "<option value=\"$location_id10\">$location_name10</option>\n";
          }
          echo"</select>\n";
        ?></center></th>
      </tr>
       <td><input type="file" id="upload_10" name="upload_10" /></td>
      </tr>
</table>
</td>
</tr>

   <th>IMAGE 11 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 11 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id11 = $row['location_id'];
           $location_name11 = $row['location_name'];
           echo "<option value=\"$location_id11\">$location_name11</option>\n";
          }
          echo"</select>\n";
        ?></center></th>
       </tr>
        <td><input type="file" id="upload_11" name="upload_11" /></td>
     </table>
    </td>
   </tr>

<th>IMAGE 12 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 12 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id12 = $row['location_id'];
           $location_name12 = $row['location_name'];
           echo "<option value=\"$location_id12\">$location_name12</option>\n";
          }
          echo"</select>\n";
        ?></center></th>
       </tr>
        <td><input type="file" id="upload_12" name="upload_12" /></td>
     </table>
    </td>
   </tr>
    </table>
   </td>
 </tbody>
</table><br />


Agent Name: <input name="agent_name" type="text" /> Date Inspection Completed:  <input name="completed_date" type="date" />
<p>&nbsp;</p>
<input value="Submit Data" name="submit" type="submit" /><input value="Produce PDF" name="propinsppdf" type="submit" /></p><br />


</form>
</body>
</html>

Open in new window

rcowen00Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

scrathcyboyCommented:
You can do all of what you want, but the question is PHP specific.  I am asking a MOD to get some PHP experts involved in this question, since it can all be done with the following plan -- get the query terms, search the PHP database, if a record match exists, present it on screen, allow the user to edit it, then save the new data to the PHP database.  Simple in principle, but a lot of coding to get it right.  I hope they help.
0
rcowen00Author Commented:
Thank you and please realize I am not trying to get anyone to write my code.  I merely am looking for a the function names or tags I should use.
0
rcowen00Author Commented:
scrathcyboy- I believe I have all of the items you mentioned except the piece to show the results of the query in an editable box.
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

Richard DavisSenior Web DeveloperCommented:
First, I would like to say that you REALLY need to scrub all your form posted data prior to storing them into the database. The way you have you code written right now, someone could drop some really nice malicious code into the form and submit it and gain full access to your database or worse yet, to your server. This is known as SQL Injection Attacking and is a major security threat!

Secondly, as for your code, You should first perform a SELECT on the database to search the table/s for whatever it is that you are attempting to make sure doesn't exist already. If it does exist, then you already will have the results from the SELECT by which to populate your form with in the textarea or input form elements. If it does not exist, then you can go ahead and store the data into your table as a new entry.

NOTE: Scrubbing your data is as simple as the following;

Change anything like this:
$job_id=$_GET['job_id'];
or this
$listing_agent=$_POST['listing_agent'];

to read like these;
$job_id=mysql_real_escape_string($_GET['job_id']);
and
$listing_agent=mysql_real_escape_string($_POST['listing_agent']);

And now you have clean data.

The 'mysql_real_escape_string' command assumes that you already have an open connection to your database server. If you don't, then you will get a fatal error.

Hope this helped. :)

~A~
0
rcowen00Author Commented:
That is great, I will do all of the your suggestions.  Thank you.
0
rcowen00Author Commented:
I did get an error, and moved my database connection before the GET, but I still am getting this error?

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/content/t/r/a/transconvalue/html/propinsp.php on line 63
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN http: //www.w3.org/TR/html4/loose.dtd">

<html>
	<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
		<title>Property Inspection Form</title>
		<style type="text/css">
			body {
				background-color: #FFFFFF;
				margin-left: 10%;
				margin-right: 10%;
				border: 2px solid gray;
				padding: 20px 20px 20px 20px;
				font-family: Verdana, Helvetica, Arial, sans-serif;
				}
			table {
				margin-left: 20px;
				margin-right: 20px;
				border: thin solid white;
				caption-side: top;
				background-color: #E6E6FA
				}
			td, th {
                                font-weight: normal; 
                                font-size: 8pt; 
                                color: #000000; 
                                font-family: verdana, arial, helvetica, sans-serif;
                                text-decoration: none;
                                align="center"
				border: 2px solid white;
				padding: 5px;
				text-align: left;
				}
			caption {
				padding-top: 8px;
				}
			#prop_insp_form{
				background-color: #A3C2FF;
                                align="center";
				}
		</style>
	</head>
	<body>
<form enctype="multipart/form-data" method="POST" action="<?php echo $_SERVER['PHP_SELF'].'?'.$_SERVER['QUERY_STRING']; ?>">
<div id="nav">
<ul id="headerNav">
<li><a href="index.php" title="index">Home</a></li>
<li><a href="pending.php" title="Pending">Pending</a></li>
<li class="headerRight"><a href="/logout" title="Logout">Logout</a></li>
</ul>
</div>
<div id="?header?">
<h4><b>Instructions to Broker/Agent</b></h4>
<ul>
<li>Please inspect and complete within 1 business day, unless otherwise agreed upon </li>
</ul>
</div>

<?php
require_once('connvars.php');
$dbc=mysqli_connect(db_host,db_user,db_password,db_name);

  $job_id=mysql_real_escape_string($_GET['job_id']);
 
 $tc_number=$_GET['tc_number'];
 $prop_addr_1=$_GET['prop_addr_1'];
 $prop_city=$_GET['prop_city'];
 $prop_state=$_GET['prop_state'];
 $prop_zip=$_GET['prop_zip'];
 $prop_county=$_GET['prop_county'];

echo 'TC Number:  '. $tc_number .''; 
                echo 'Property Address:  '. $prop_addr_1. '<br />';  
	        echo '  City:  '. $prop_city. '';
                echo '  State:  '. $prop_state. '';
                echo '  Zip:  '. $prop_zip .'<br />';
                echo '  County:  '. $prop_county . '';


                      
     $listing_agent=$_POST['listing_agent'];			
     $listed_realtor=$_POST['listed_realtor'];
     $listing_office=$_POST['listing_office'];
     $sale_sign=$_POST['sale_sign'];
     $sale_sign_comm=$_POST['sale_sign_comm'];
     $vandalism=$_POST['vandalism'];
     $vandalism_comm=$_POST['vandalism_comm'];
     $code_viol=$_POST['code_viol'];
     $code_viol_comm=$_POST['code_viol_comm'];
     $health_safe=$_POST['health_safe'];
     $health_safe_comm=$_POST['health_safe_comm'];
     $prop_secure=$_POST['prop_secure'];
     $prop_secure_comm=$_POST['prop_secure_comm'];
     $land_main=$_POST['land_main'];
     $land_main_comm=$_POST['land_main_comm'];
     $int_clean=$_POST['int_clean'];
     $int_clean_comm=$_POST['int_clean_comm'];
     $electricity=$_POST['electricity'];
     $electricity_comm=$_POST['electricity_comm'];
     $water=$_POST['water'];
     $water_comm=$_POST['water_comm'];
     $winterized=$_POST['winterized'];
     $winterized_comm=$_POST['winterized_comm'];
     $add_comm=$_POST['add_comm'];
     $mls_number=$_POST['mls_number'];
     $mls_location=$_FILES['uploadmls']['name'];
     $curr_price=$_POST['curr_price'];
     $prev_price=$_POST['prev_price'];
     $dt_last_reduc=$_POST['dt_last_reduc'];
   
if(isset($_POST['submit'])){
     //insert new record to prop_insp
     $query_pir_insert="INSERT INTO prop_insp(job_id,listing_agent,listed_realtor,sale_sign,sale_sign_comm,vandalism,vandalism_comm,health_safe,health_safe_comm,prop_secure,prop_secure_comm,land_main,land_main_comm,electricity,electricity_comm,water,water_comm,int_clean,int_clean_comm,winterized,winterized_comm,listing_office,code_viol,code_viol_comm)
VALUES('$job_id','$listing_agent','$listed_realtor','$sale_sign','$sale_sign_comm','$vandalism','$vandalism_comm','$health_safe','$health_safe_comm','$prop_secure','$prop_secure_comm','$land_main','$land_main_comm','$electricity','$electricity_comm','$water','$water_comm','$int_clean','$int_clean_comm','$winterized','$winterized_comm','$listing_office','$code_viol','$code_viol_comm')";
     $result_pir_insert=mysqli_query($dbc,$query_pir_insert) or die('ERROR PIR INSERT');

//update job fields
     $query_job_update="UPDATE job 
                        SET  mls_number='$mls_number',curr_price='$curr_price',prev_price='$prev_price',dt_last_reduc='$dt_last_reduc', mls_location='$mls_location'
                        WHERE job_ID='$job_id'";
     $result_job_update=mysqli_query($dbc,$query_job_update)or die('ERROR JOB UPDATE');
  
mysqli_close($dbc);
}

?>            
<h2><center>PROPERTY INSPECTION FORM</center></h2>
<input value="Submit Data" name="submit" type="submit" />
<table>
<tbody>
<tr>
<th>Listing Agent Name</th>
<td></td>
<td><input name="listing_agent" type="text" /></td>
</tr>
<tr>
<th>Listing Agent Office</th>
<td></td>
<td><input name="listing_office" type="text" /></td>
</tr>
<tr>
<th>Is the property currently listed on any listing databases?</th>
<td>
 <?php

         //drop down for listing databases 
         $dd_listing_db="select listing_db_id, listing_db_name from listing_db order by listing_db_name ASC";
         $dd_listing_db_result=mysqli_query($dbc,$dd_listing_db);
          echo "<select name=\"listing_db_id\">\n"; 
          echo "<option value=\"NULL\">Select Listing Database</option>\n";
           while($row = mysqli_fetch_array($dd_listing_db_result)){
           $listing_db_id = $row['listing_db_id'];
           $listing_db_name = $row['listing_db_name'];
           echo "<option value=\"$listing_db_id\">$listing_db_name</option>\n";
          }
          echo"</select>\n";
        ?>
        <td><input name="mls_number" type="text" /></td>
<td><input type="file" id="uploadmls" name="uploadmls" /></td>
</tr>
<tr>
<th>Is the property currently listed on Realtor.com?</th>
<td>Yes<input name="listed_realtor" value="Y" type="radio" /> No<input name="listed_realtor" value="N" type="radio" /></td>
</tr>
<tr>
<th>Current Price: </th>
<td></td>
<td><input name="curr_price" type="currency" /></td>
</tr>
<tr>
<th>Previous Price: </th>
<td></td>
<td><input name="curr_price" type="currency" /></td>
</tr>
<tr>
<th>Date of Last Price Reduction: </th>
<td></td>
<td><input name="dt_last_reduc" type="date" />
<p>&nbsp;</p>
</td>
</tr>
<tr>
<th>Is there a for sale sign visible from the street?</th>
<td>Yes<input name="sale_sign" value="Y" type="radio" /> No<input name="sale_sign" value="N" type="radio" /></td>
<td></td>
<td><textarea name="sale_sign_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Are there any signs of vadalism?</th>
<td>Yes<input name="vandalism" value="Y" type="radio" /> No<input name="vandalism" value="N" type="radio" /></td>
<td></td>
<td><textarea name="vandalism_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Are there any visible signs of code violations?</th>
<td>Yes<input name="code_viol" value="Y" type="radio" /> No<input name="code_viol" value="N" type="radio" /></td>
<td></td>
<td><textarea name="code_viol_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Are there any health and safety issues with the property?</th>
<td>Yes<input name="health_safe" value="Y" type="radio" /> No<input name="health_safe" value="N" type="radio" /></td>
<td></td>
<td><textarea name="health_safe_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Is the property secured?</th>
<td>Yes<input name="prop_secure" value="Y" type="radio" /> No<input name="prop_secure" value="N" type="radio" /></td>
<td></td>
<td><textarea name="prop_secure_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Is the landscaping maintained?</th>
<td>Yes<input name="land_main" value="Y" type="radio" />No<input name="land_main" value="N" type="radio" /></td>
<td></td>
<td><textarea name="land_main_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Is the interior of the property clean?</th>
<td>Yes<input name="int_clean" value="Y" type="radio" /> No<input name="int_clean" value="N" type="radio" /></td>
<td></td>
<td><textarea name="int_clean_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Is the electricity turned on?</th>
<td>Yes<input name="electricity" value="Y" type="radio" /> No<input name="electricity" value="N" type="radio" /></td>
<td></td>
<td><textarea name="electricity_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>Is the water turned on?</th>
<td>Yes<input name="water" value="Y" type="radio" /> No<input name="water" value="N" type="radio" /></td>
<td></td>
<td><textarea name="water_comm" rows="2" cols="40"></textarea></td>
</tr>
<tr>
<th>If between September and April, are there notices that the home has been winterized? (please provide photos of notices)?</th>
<td>Yes<input name="winterized" value="Y" type="radio" /> No<input name="winterized" value="N" type="radio" />N/A<input name="winterized" value="na" type="radio" /></td>
<td></td>
<td><textarea name="winterized_comm" rows="2" cols="40"></textarea></td>
</tr>
</tbody>
</table><br />
<table>
<tbody>
<tr>
<th>Please provide any additional comments, such as, condition of neighboring homes, current real estate market conditions in the area.</th>
</tr>
<tr>
<td><textarea name="add_comm" rows="10" cols="111"></textarea></td>
</tr>
</tbody>
</table><br />

<table>
 <tbody>
  <tr>
   <th>IMAGE HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center>SUBJECT FRONT</center></th>
       </tr>
        <td><input type="file" id="upload_front" name="upload_front" /></td>
     </table>
    </td>
   </tr>
   <tr>
<th>IMAGE 2 HERE</th>
   <td>
    <table>
     <tbody>
      <tr>
       <th><center>
        <?php
         require_once('connvars.php');
         //drop down for image 2 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id2 = $row['location_id'];
           $location_name2 = $row['location_name'];
           echo "<option value=\"$location_id2\">$location_name2</option>\n";
          }
          echo"</select>\n";
        ?>
     </center></th>
      </tr>
       <td><input type="file" id="upload_2" name="upload_2" /></td>
      </tr>
    </table>
   </td>
 </tr>

<th>IMAGE 3 HERE</th>
   <td>
    <table>
     <tbody>
      <tr>
       <th><center>
<?php
         require_once('connvars.php');
         //drop down for image 3 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id3 = $row['location_id'];
           $location_name3 = $row['location_name'];
           echo "<option value=\"$location_id3\">$location_name3</option>\n";
          }
          echo"</select>\n";
        ?>
</center></th>
      </tr>
       <td><input type="file" id="upload_3" name="upload_3" /></td>
      </tr>
   </table>
</td>
</tr>

   <th>IMAGE 4 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 4 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id4 = $row['location_id'];
           $location_name4 = $row['location_name'];
           echo "<option value=\"$location_id4\">$location_name4</option>\n";
          }
          echo"</select>\n";
        ?>
</center></th>
       </tr>
        <td><input type="file" id="upload_4" name="upload_4" /></td>
      </tr>
     </table>
    </td>
   </tr>
    
<th>IMAGE 5 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 5 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id5 = $row['location_id'];
           $location_name5 = $row['location_name'];
           echo "<option value=\"$location_id5\">$location_name5</option>\n";
          }
          echo"</select>\n";
        ?>
</center></th>
       </tr>
        <td><input type="file" id="upload_5" name="upload_5" /></td>
      </tr>
     </table>
    </td>
   </tr>

<th>IMAGE 6 HERE</th>
   <td>
    <table>
     <tbody>
      <tr>
       <th><center><?php
         require_once('connvars.php');
         //drop down for image 6 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id6 = $row['location_id'];
           $location_name6 = $row['location_name'];
           echo "<option value=\"$location_id6\">$location_name6</option>\n";
          }
          echo"</select>\n";
        ?>
</center></th>
      </tr>
       <td><input type="file" id="upload_6" name="upload_6" /></td>
      </tr>
</table>
</td>
</tr>

   <th>IMAGE 7 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 7 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id7 = $row['location_id'];
           $location_name7 = $row['location_name'];
           echo "<option value=\"$location_id7\">$location_name7</option>\n";
          }
          echo"</select>\n";
        ?></center></th>
       </tr>
        <td><input type="file" id="upload_7" name="upload_7" /></td>
     </table>
    </td>
   </tr>


   <th>IMAGE 8 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 8 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id8 = $row['location_id'];
           $location_name8 = $row['location_name'];
           echo "<option value=\"$location_id8\">$location_name8</option>\n";
          }
          echo"</select>\n";
        ?>
</center></th>
       </tr>
        <td><input type="file" id="upload_8" name="upload_8" /></td>
      </tr>
     </table>
    </td>
   </tr>
    
<th>IMAGE 9 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 9 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id9 = $row['location_id'];
           $location_name9 = $row['location_name'];
           echo "<option value=\"$location_id9\">$location_name9</option>\n";
          }
          echo"</select>\n";
        ?></center></th>
       </tr>
        <td><input type="file" id="upload_9" name="upload_9" /></td>
      </tr>
     </table>
    </td>
   </tr>

<th>IMAGE 10 HERE</th>
   <td>
    <table>
     <tbody>
      <tr>
       <th><center><?php
         require_once('connvars.php');
         //drop down for image 10 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id10 = $row['location_id'];
           $location_name10 = $row['location_name'];
           echo "<option value=\"$location_id10\">$location_name10</option>\n";
          }
          echo"</select>\n";
        ?></center></th>
      </tr>
       <td><input type="file" id="upload_10" name="upload_10" /></td>
      </tr>
</table>
</td>
</tr>

   <th>IMAGE 11 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 11 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id11 = $row['location_id'];
           $location_name11 = $row['location_name'];
           echo "<option value=\"$location_id11\">$location_name11</option>\n";
          }
          echo"</select>\n";
        ?></center></th>
       </tr>
        <td><input type="file" id="upload_11" name="upload_11" /></td>
     </table>
    </td>
   </tr>

<th>IMAGE 12 HERE</th>
    <td>
     <table>
      <tbody>
       <tr>
        <th><center><?php
         require_once('connvars.php');
         //drop down for image 12 
         $dbc=mysqli_connect(db_host,db_user,db_password,db_name)or die('Error connecting to MySQL server.');
         $dd_loc="select location_id, location_name from location_type order by location_name ASC";
         $dd_loc_result=mysqli_query($dbc,$dd_loc);
          echo "<select name=\"location_id\">\n"; 
          echo "<option value=\"NULL\">Select Image Location</option>\n";
           while($row = mysqli_fetch_array($dd_loc_result)){
           $location_id12 = $row['location_id'];
           $location_name12 = $row['location_name'];
           echo "<option value=\"$location_id12\">$location_name12</option>\n";
          }
          echo"</select>\n";
        ?></center></th>
       </tr>
        <td><input type="file" id="upload_12" name="upload_12" /></td>
     </table>
    </td>
   </tr>
    </table>
   </td>
 </tbody>
</table><br />


Agent Name: <input name="agent_name" type="text" /> Date Inspection Completed:  <input name="completed_date" type="date" />
<p>&nbsp;</p>
<input value="Submit Data" name="submit" type="submit" /><input value="Produce PDF" name="propinsppdf" type="button" onClick="window.open('prop_insp_pdf.php')" /></p><br />

</form>
</body>
</html>

Open in new window

0
Richard DavisSenior Web DeveloperCommented:
Try replacing this;

$job_id=mysql_real_escape_string($_GET['job_id']);

whit this;

$job_id=mysqli_real_escape_string($_GET['job_id']);

Also, you will want to use that on every $_GET or $_POST variable that you're going to use in a SQL statement for proper scrubbing.

~A~
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Richard DavisSenior Web DeveloperCommented:
Is there any particular reason that you're using mysqli over just mysql also?

~A~
0
rcowen00Author Commented:
No particular reason.  I did get it to work with on minor change, add in the database connection variable.

  $job_id=mysqli_real_escape_string($dbc,$_GET['job_id']);

Thank
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.