[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 201
  • Last Modified:

PHP Code Help Needed

Can someone take a look at this code? It is not pulling the data from mysql & displaying it in my form....
<html>  
<body bgcolor="pink"> 
<head> 

<?php # psd_dqa.php

$page_title = 'Edit a Record';

$con = mysql_connect("localhost","uname","password");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("psrflow", $con);

ini_set('display_errors',1); 
error_reporting(E_ALL);

if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // Accessed through view_users.php
	$id = $_GET['id'];
} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form has been submitted.
	$id = $_POST['id'];
} else { // No valid ID, kill the script.
	echo '<h1 id="mainhead">Page Error</h1>
	<p class="error">This page has been accessed in error.</p><p><br /><br /></p>';
	include ('./includes/footer.html'); 
	exit();
}

// Check if the form has been submitted.

if (isset($_POST['submitted'])) {

	$errors = array(); // Initialize error array.

	
	if (empty($_POST['fname'])) {
		$errors[] = 'You forgot to enter the first name.';
	} else {
		$fn = $_POST['fname'];
	}
	
	if (empty($_POST['lname'])) {
		$errors[] = 'You forgot to enter the last name.';
	} else {
		$ln = $_POST['lname'];
	}

			if (empty($_POST['mname'])) {
		$errors[] = 'You forgot to enter a middle name. If none, please enter NONE';
	} else {
		$mn = $_POST['mname'];
	}

	if (empty($errors)) { // If everything's OK.
	
	// Make the query.
		
	$query = "UPDATE psrinfo SET fname='$fn', lname='$ln', mname='$mn'  WHERE fid=$id";
	$result = mysql_query($query);


} 

// Retrieve the user's information.
$query = "SELECT fname, lname, mname FROM psrinfo WHERE fid = " . $_REQUEST['id'];
$result = @mysql_query ($query); // Run the query.

if (mysql_num_rows($result) == 1) { 


	$row = mysql_fetch_array ($result, MYSQL_NUM);
		
?>	





<form action="psd_dqa.php" method="post">
<legend><h1> You are editing a record! </h1></legend>

<table width="100%" border="0">

  <tr>
    <td><b>First Name:</b> <br><input type="text" name="fname" size="15" maxlength="30" value="'.$row[1].'" /><br /></td>
	<td><b>Middle Name:</b> <br><input type="text" name="mname" size="15" maxlength="30" value="'.$row[16].'" /></td>
    <td><b>Last Name:</b> <br><input type="text" name="lname" size="15" maxlength="30" value="'.$row[2].'" /></td>
  </tr>
</table>

<div align="left"><input type="submit" name="submit" value="Submit" /></div>

<?php

} else { 
	echo '<h1 id="mainhead">Page Error</h1>
	<p class="error">This page has been accessed in error.</p><p><br /><br /></p>';
}
mysql_close(); 
?>

Open in new window

0
wantabe2
Asked:
wantabe2
2 Solutions
 
k_romychCommented:
I would rather use
       $row = mysql_fetch_row($result);
not
       $row = mysql_fetch_array ($result, MYSQL_NUM);
0
 
wantabe2Author Commented:
Would I then replace the code with something like below? The below code is not pulling anything either...
<td><b>First Name:</b> <br><input type="text" name="fname" size="15" maxlength="30" value='fname' /></td>

Open in new window

0
 
Beverley PortlockCommented:
If you going to use MYSQL_NUM then you must use numbers for the columns. In your code you have $row[16] and similar. If you change MYSQL_NUM to MYSQL_ASSOC then you will have to use names in stead of numbers. So your SELECT

query = "SELECT fname, lname, mname FROM psrinfo WHERE fid = " . $_REQUEST['id'];

would then be retrieved like this

$result = @mysql_query ($query); // Run the query.

if (mysql_num_rows($result) == 1) {
      $row = mysql_fetch_array ($result, MYSQL_ASSOC);
        ....... etc

and used like this

<input type="text" name="fname" size="15" maxlength="30" value='<?php echo $row['fname']; ?>' />
0
 
sbickerstaffCommented:
if your query fails, $result will be empty so mysql_num_rows($result) will give an error (from my experience)


I've modified part of your code to how I would do it (also, personal choice, but i would normally use double quotes and then escape the html double quotes

i.e.
echo "<h1 id=\"mainhead\"> ....";

Open in new window


See modified segment below
// Retrieve the user's information.
$query = "SELECT fname, lname, mname FROM psrinfo WHERE fid = " . $_REQUEST['id'];
$result = @mysql_query($query); // Run the query.
?>


if (isset($result) && (mysql_num_rows($result) == 1)) { 
  $row = mysql_fetch_array($result);
  
  echo 
}
else { 
	echo "<h1 id=\"mainhead\">Page Error</h1>
        <p class=\"error\">This page has been accessed in error.</p><p><br /><br /></p>";
}

<form action="psd_dqa.php" method="post">
<legend><h1> You are editing a record! </h1></legend>

<table width="100%" border="0">
<?php
  if (isset($result) && (mysql_num_rows($result) == 1)) { 
    $row = mysql_fetch_array($result);
    
    echo "
  <tr>
    <td><b>First Name:</b> <br><input type=\"text\" name=\"fname\" size=\"15\" maxlength=\"30\" value=\"".$row["fname"]."\" /><br /></td>
        <td><b>Middle Name:</b> <br><input type=\"text\" name=\"mname\" size=\"15\" maxlength=\"30\" value=\"".$row["mname"]."\" /></td>
    <td><b>Last Name:</b> <br><input type=\"text\" name=\"lname\" size=\"15\" maxlength=\"30\" value=\"".$row["lname"]."\" /></td>
  </tr>";

}
else { 
	echo "<h1 id=\"mainhead\">Page Error</h1>
        <p class=\"error\">This page has been accessed in error.</p><p><br /><br /></p>";
}
?>
</table>

<div align="left"><input type="submit" name="submit" value="Submit" /></div>

Open in new window

0
 
sbickerstaffCommented:
sorry, ignore that last code segment, should be:

// Retrieve the user's information.
$query = "SELECT fname, lname, mname FROM psrinfo WHERE fid = " . $_REQUEST['id'];
$result = @mysql_query($query); // Run the query.
?>

<form action="psd_dqa.php" method="post">
<legend><h1> You are editing a record! </h1></legend>

<table width="100%" border="0">
<?php
  if (isset($result) && (mysql_num_rows($result) == 1)) { 
    $row = mysql_fetch_array($result);
    
    echo "
  <tr>
    <td><b>First Name:</b> <br><input type=\"text\" name=\"fname\" size=\"15\" maxlength=\"30\" value=\"".$row["fname"]."\" /><br /></td>
        <td><b>Middle Name:</b> <br><input type=\"text\" name=\"mname\" size=\"15\" maxlength=\"30\" value=\"".$row["mname"]."\" /></td>
    <td><b>Last Name:</b> <br><input type=\"text\" name=\"lname\" size=\"15\" maxlength=\"30\" value=\"".$row["lname"]."\" /></td>
  </tr>";

}
else { 
	echo "<h1 id=\"mainhead\">Page Error</h1>
        <p class=\"error\">This page has been accessed in error.</p><p><br /><br /></p>";
}
?>
</table>

<div align="left"><input type="submit" name="submit" value="Submit" /></div>

Open in new window

0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now