Solved

PHP Code Help Needed

Posted on 2011-03-21
5
192 Views
Last Modified: 2012-05-11
Can someone take a look at this code? It is not pulling the data from mysql & displaying it in my form....
<html>  
<body bgcolor="pink"> 
<head> 

<?php # psd_dqa.php

$page_title = 'Edit a Record';

$con = mysql_connect("localhost","uname","password");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("psrflow", $con);

ini_set('display_errors',1); 
error_reporting(E_ALL);

if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // Accessed through view_users.php
	$id = $_GET['id'];
} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form has been submitted.
	$id = $_POST['id'];
} else { // No valid ID, kill the script.
	echo '<h1 id="mainhead">Page Error</h1>
	<p class="error">This page has been accessed in error.</p><p><br /><br /></p>';
	include ('./includes/footer.html'); 
	exit();
}

// Check if the form has been submitted.

if (isset($_POST['submitted'])) {

	$errors = array(); // Initialize error array.

	
	if (empty($_POST['fname'])) {
		$errors[] = 'You forgot to enter the first name.';
	} else {
		$fn = $_POST['fname'];
	}
	
	if (empty($_POST['lname'])) {
		$errors[] = 'You forgot to enter the last name.';
	} else {
		$ln = $_POST['lname'];
	}

			if (empty($_POST['mname'])) {
		$errors[] = 'You forgot to enter a middle name. If none, please enter NONE';
	} else {
		$mn = $_POST['mname'];
	}

	if (empty($errors)) { // If everything's OK.
	
	// Make the query.
		
	$query = "UPDATE psrinfo SET fname='$fn', lname='$ln', mname='$mn'  WHERE fid=$id";
	$result = mysql_query($query);


} 

// Retrieve the user's information.
$query = "SELECT fname, lname, mname FROM psrinfo WHERE fid = " . $_REQUEST['id'];
$result = @mysql_query ($query); // Run the query.

if (mysql_num_rows($result) == 1) { 


	$row = mysql_fetch_array ($result, MYSQL_NUM);
		
?>	





<form action="psd_dqa.php" method="post">
<legend><h1> You are editing a record! </h1></legend>

<table width="100%" border="0">

  <tr>
    <td><b>First Name:</b> <br><input type="text" name="fname" size="15" maxlength="30" value="'.$row[1].'" /><br /></td>
	<td><b>Middle Name:</b> <br><input type="text" name="mname" size="15" maxlength="30" value="'.$row[16].'" /></td>
    <td><b>Last Name:</b> <br><input type="text" name="lname" size="15" maxlength="30" value="'.$row[2].'" /></td>
  </tr>
</table>

<div align="left"><input type="submit" name="submit" value="Submit" /></div>

<?php

} else { 
	echo '<h1 id="mainhead">Page Error</h1>
	<p class="error">This page has been accessed in error.</p><p><br /><br /></p>';
}
mysql_close(); 
?>

Open in new window

0
Comment
Question by:wantabe2
5 Comments
 
LVL 2

Expert Comment

by:k_romych
ID: 35180783
I would rather use
       $row = mysql_fetch_row($result);
not
       $row = mysql_fetch_array ($result, MYSQL_NUM);
0
 
LVL 15

Author Comment

by:wantabe2
ID: 35180812
Would I then replace the code with something like below? The below code is not pulling anything either...
<td><b>First Name:</b> <br><input type="text" name="fname" size="15" maxlength="30" value='fname' /></td>

Open in new window

0
 
LVL 34

Accepted Solution

by:
Beverley Portlock earned 250 total points
ID: 35180849
If you going to use MYSQL_NUM then you must use numbers for the columns. In your code you have $row[16] and similar. If you change MYSQL_NUM to MYSQL_ASSOC then you will have to use names in stead of numbers. So your SELECT

query = "SELECT fname, lname, mname FROM psrinfo WHERE fid = " . $_REQUEST['id'];

would then be retrieved like this

$result = @mysql_query ($query); // Run the query.

if (mysql_num_rows($result) == 1) {
      $row = mysql_fetch_array ($result, MYSQL_ASSOC);
        ....... etc

and used like this

<input type="text" name="fname" size="15" maxlength="30" value='<?php echo $row['fname']; ?>' />
0
 
LVL 3

Expert Comment

by:sbickerstaff
ID: 35181848
if your query fails, $result will be empty so mysql_num_rows($result) will give an error (from my experience)


I've modified part of your code to how I would do it (also, personal choice, but i would normally use double quotes and then escape the html double quotes

i.e.
echo "<h1 id=\"mainhead\"> ....";

Open in new window


See modified segment below
// Retrieve the user's information.
$query = "SELECT fname, lname, mname FROM psrinfo WHERE fid = " . $_REQUEST['id'];
$result = @mysql_query($query); // Run the query.
?>


if (isset($result) && (mysql_num_rows($result) == 1)) { 
  $row = mysql_fetch_array($result);
  
  echo 
}
else { 
	echo "<h1 id=\"mainhead\">Page Error</h1>
        <p class=\"error\">This page has been accessed in error.</p><p><br /><br /></p>";
}

<form action="psd_dqa.php" method="post">
<legend><h1> You are editing a record! </h1></legend>

<table width="100%" border="0">
<?php
  if (isset($result) && (mysql_num_rows($result) == 1)) { 
    $row = mysql_fetch_array($result);
    
    echo "
  <tr>
    <td><b>First Name:</b> <br><input type=\"text\" name=\"fname\" size=\"15\" maxlength=\"30\" value=\"".$row["fname"]."\" /><br /></td>
        <td><b>Middle Name:</b> <br><input type=\"text\" name=\"mname\" size=\"15\" maxlength=\"30\" value=\"".$row["mname"]."\" /></td>
    <td><b>Last Name:</b> <br><input type=\"text\" name=\"lname\" size=\"15\" maxlength=\"30\" value=\"".$row["lname"]."\" /></td>
  </tr>";

}
else { 
	echo "<h1 id=\"mainhead\">Page Error</h1>
        <p class=\"error\">This page has been accessed in error.</p><p><br /><br /></p>";
}
?>
</table>

<div align="left"><input type="submit" name="submit" value="Submit" /></div>

Open in new window

0
 
LVL 3

Assisted Solution

by:sbickerstaff
sbickerstaff earned 250 total points
ID: 35181871
sorry, ignore that last code segment, should be:

// Retrieve the user's information.
$query = "SELECT fname, lname, mname FROM psrinfo WHERE fid = " . $_REQUEST['id'];
$result = @mysql_query($query); // Run the query.
?>

<form action="psd_dqa.php" method="post">
<legend><h1> You are editing a record! </h1></legend>

<table width="100%" border="0">
<?php
  if (isset($result) && (mysql_num_rows($result) == 1)) { 
    $row = mysql_fetch_array($result);
    
    echo "
  <tr>
    <td><b>First Name:</b> <br><input type=\"text\" name=\"fname\" size=\"15\" maxlength=\"30\" value=\"".$row["fname"]."\" /><br /></td>
        <td><b>Middle Name:</b> <br><input type=\"text\" name=\"mname\" size=\"15\" maxlength=\"30\" value=\"".$row["mname"]."\" /></td>
    <td><b>Last Name:</b> <br><input type=\"text\" name=\"lname\" size=\"15\" maxlength=\"30\" value=\"".$row["lname"]."\" /></td>
  </tr>";

}
else { 
	echo "<h1 id=\"mainhead\">Page Error</h1>
        <p class=\"error\">This page has been accessed in error.</p><p><br /><br /></p>";
}
?>
</table>

<div align="left"><input type="submit" name="submit" value="Submit" /></div>

Open in new window

0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
This article discusses how to create an extensible mechanism for linked drop downs.
In this tutorial viewers will learn how to embed Flash content in a webpage using HTML5. Ensure your DOCTYPE declaration is set to HTML5: "<!DOCTYPE html>": Use the <object> tag to embed Flash content.: To specify that the object is Flash content, d…
The viewer will receive an overview of the basics of CSS showing inline styles. In the head tags set up your style tags: (CODE) Reference the nav tag and set your properties.: (CODE) Set the reference for the UL element and styles for it to ensu…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now