?
Solved

save data problem using get parameters?

Posted on 2011-05-07
7
Medium Priority
?
210 Views
Last Modified: 2012-05-11
Hi,

Your suggestions would be appreciated as I am having a problem saving data from a form, my users will select an employee from a the list, numerous bits of data should then be displayed in a form (text boxes) so the details can be updated (change of phone number etc)
I have the code below which displays the data but on clicking the save button the changes are not saved (save code also below)
Could this be because I am using get parameters in the address (main_page.php?p=5&q=6&btn=4&ID=5)

Have can I get the data to save?

<div id="content_wrapper">
<br/>
	<div class="onecolumn_wrapper">
	 <div class="onecolumn" style="margin-right:20%; margin-left:20%;">
	  <div class="content" >
<?php
                $query="SELECT * FROM teamdates WHERE id = $_GET[ID]";
                
                $result=mysql_query($query);
                
                $num=mysql_num_rows($result);
                
                mysql_close();
                
                $i=0;
                while ($i < $num) {         
                $Name=mysql_result($result,$i,"Name");
                $Address=mysql_result($result,$i,"Address");
				$City=mysql_result($result,$i,"City");
                $County=mysql_result($result,$i,"County");
				$Postcode=mysql_result($result,$i,"Postcode");
				$country=mysql_result($result,$i,"country");
                $B_Date=mysql_result($result,$i,"B_Date");
				$S_Date=mysql_result($result,$i,"S_Date");
                $H_Phone=mysql_result($result,$i,"H_Phone");
                $M_Phone=mysql_result($result,$i,"M_Phone");
                $B_Date=mysql_result($result,$i,"B_Date");
                $Email=mysql_result($result,$i,"Email");
                $department=mysql_result($result,$i,"department");
				$EC1_Name=mysql_result($result,$i,"EC1_Name");
                $EC1_Relationship=mysql_result($result,$i,"EC1_Relationship");
                $EC1_Contact1=mysql_result($result,$i,"EC1_Contact1");
                $EC1_Contact2=mysql_result($result,$i,"EC1_Contact2");
				$EC2_Name=mysql_result($result,$i,"EC2_Name");
                $EC2_Relationship=mysql_result($result,$i,"EC2_Relationship");
                $EC2_Contact1=mysql_result($result,$i,"EC2_Contact1");
                $EC2_Contact2=mysql_result($result,$i,"EC2_Contact2");   
        
                $i++;
                }
?>

  <div align="center">
<p>Edit Employee</p>



    <form action="***" method="post">
	<input type="hidden" name="p" value="5" />
	<input type="hidden" name="q" value="4" />
	<input type="hidden" name="btn" value="1" />
	<input type="hidden" name=ID value="<? echo @$ID; ?>">
    

  <table border="0">
  <tr><td>Name:</td><td><input type="text" name="Name" size="30" maxlength="50" value="<? echo @$Name; ?>"></tr></td>
<tr><td>Address Line 1:</td><td><input type="text" name="Address" size="30" maxlength="50" value="<? echo @$Address; ?>"></tr></td>
<tr><td>City:</td><td><input type="text" name="City" size="30" maxlength="50" value="<? echo @$City; ?>"></tr></td>
<tr><td>County:</td><td><input type="text" name="county" size="30" maxlength="50" value="<? echo @$County; ?>"></tr></td>
<tr><td>Postcode:</td><td><input type="text" name="Postcode" size="30" maxlength="50" value="<? echo @$Postcode; ?>"></tr></td>
<tr><td>Country:</td><td><input type="text" name="Country" size="30" maxlength="50" value="<? echo @$country; ?>"></tr></td>
<tr><td>Birthday:</td><td><input type="text" name="B_Date" size="30" maxlength="50" value="<? echo @$B_Date; ?>">(yyyy-mm-dd)</tr></td>
<tr><td>Start Date:</td><td><input type="text" name="S_Date" size="30" maxlength="50" value="<? echo @$S_Date; ?>">(yyyy-mm-dd)</tr></td>
<tr><td>Home Phone:</td><td><input type="text" name="H_Phone" size="30" maxlength="50" value="<? echo @$H_Phone; ?>"></tr></td>
<tr><td>Mobile Phone:</td><td><input type="text" name="M_Phone" size="30" maxlength="50" value="<? echo @$M_Phone; ?>"></tr></td>
<tr><td>Email:</td><td><input type="text" name="Email" size="30" maxlength="50" value="<? echo @$Email; ?>"></tr></td>
<tr><td>Department</td>
  <td><select name="department" size="1" id="department">
    <option value="<? echo @$department; ?>"><? echo @$department; ?></option>
    <option value="Accounts">Accounts</option>
    <option value="Bar">Bar</option>
    <option value="Grill">Grill</option>
    <option value="Guest Services">Guest Services</option>
    <option value="Housekeeping">Housekeeping</option>
    <option value="Kitchen">Kitchen</option>
    <option value="Maintenance">Maintenance</option>
    <option value="Meetings">Meetings</option>
    <option value="Nights">Nights</option>
    <option value="Reception">Reception</option>
    <option value="Sales">Sales</option>
    <option value="HOD">HOD</option>
  </select>  
    </tr></td>
<tr><td></tr></td>
<tr><td>Emergency Contact 1</tr></td>
<tr><td>Name :</td><td><input type="text" name="EC1_Name" size="30" maxlength="50" value="<? echo @$EC1_Name; ?>"></tr></td>
<tr><td>Relationship :</td><td><input type="text" name="EC1_Relationship" size="30" maxlength="50" value="<? echo @$EC1_Relationship; ?>"></tr></td>    
<tr><td>Contact Tel 1 :</td><td><input type="text" name="EC1_Contact1" size="30" maxlength="20" value="<? echo @$EC1_Contact1; ?>"></tr></td>
<tr><td>Contact Tel 2 :</td><td><input type="text" name="EC1_Contact2" size="30" maxlength="20" value="<? echo @$EC1_Contact2; ?>"></tr></td>
<tr><td>Emergency Contact 2</tr></td>
<tr><td>Name :</td><td><input type="text" name="EC2_Name" size="30" maxlength="50" value="<? echo @$EC2_Name; ?>"></tr></td>
<tr><td>Relationship :</td><td><input type="text" name="EC2_Relationship" size="30" maxlength="50" value="<? echo @$EC2_Relationship; ?>"></tr></td>    
<tr><td>Contact Tel 1 :</td><td><input type="text" name="EC2_Contact1" size="30" maxlength="20" value="<? echo @$EC2_Contact1; ?>"></tr></td>
<tr><td>Contact Tel 2 :</td><td><input type="text" name="EC2_Contact2" size="30" maxlength="20" value="<? echo @$EC2_Contact2; ?>"></tr></td>
  <tr><th colspan=2><input type="submit" name="submit" value="Save"></th></tr> 
</table>
</form>
  </div>
	<br class="clear">
</div> <!-- end content wrapper -->
<br/><br/><br/>

Open in new window

<div id="content_wrapper">
<br/>
	<div class="onecolumn_wrapper">
	 <div class="onecolumn" style="margin-right:20%; margin-left:20%;">
	  <div class="content" >

<?php
$ID=$_POST['ID'];
$Name=$_POST['Name'];
$Address=$_POST['Address'];
$City=$_POST['City'];
$county=$_POST['county'];
$Postcode=$_POST['Postcode'];
$Country=$_POST['Country'];
$B_Date=$_POST['B_Date'];
$H_Phone=$_POST['H_Phone'];
$M_Phone=$_POST['M_Phone'];
$Email=$_POST['Email'];
$department=$_POST['department'];
$EC1_Name = $_POST['EC1_Name'];
$EC1_Relationship = $_POST['EC1_Relationship'];
$EC1_Contact1 = $_POST['EC1_Contact1'];
$EC1_Contact2 = $_POST['EC1_Contact2'];
$EC2_Name = $_POST['EC2_Name'];
$EC2_Relationship = $_POST['EC2_Relationship'];
$EC2_Contact1 = $_POST['EC2_Contact1'];
$EC2_Contact2 = $_POST['EC2_Contact2'];

$query="UPDATE teamdates SET Name='$Name', Address='$Address', City='$City', county='$county', Postcode='$Postcode', Country='$Country', B_Date='$B_Date', H_Phone='$H_Phone', M_Phone='$M_Phone', Email='$Email', department='$department', EC1_Name='$EC1_Name', EC1_Relationship='$EC1_Relationship', EC1_Contact1='$EC1_Contact1', EC1_Contact2='$EC1_Contact2', EC2_Name='$EC2_Name', EC2_Relationship='$EC2_Relationship', EC2_Contact1='$EC2_Contact1', EC2_Contact2='$EC2_Contact2'  WHERE ID='$ID'";
mysql_query($query);

mysql_close();

// Confirm save
echo "Employee Details Updated";
?>

  </div>
	<br class="clear">
</div> <!-- end content wrapper -->
<br/><br/><br/>

Open in new window

0
Comment
Question by:AlexAmbler
  • 3
  • 2
  • 2
7 Comments
 
LVL 27

Expert Comment

by:Lukasz Chmielewski
ID: 35713320
I think this is the problematic line:
      <input type="hidden" name=ID value="<? echo @$ID; ?>">
Try to change it to:
      <input type="hidden" name=ID value="<? echo $_GET[ID]; ?>">
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 35713476
In PHP the @ is used to suppress error messages.  You never want to use that unless there is a reason you expect an error message and you deliberately want to suppress the expected error message.

This kind of statement relies on two "features" of PHP.

<? echo $_GET[ID]; ?>

The first "feature" is the short-open-tag that lets you start PHP with <? instead of the standard tag that says <?php.  There is a good reason to choose the standard tag, and it relates to the way XML tags work.  If your PHP code uses the short tags, the XML tags can become confusing.

The second "feature" is the rather quirky behavior that PHP uses around defined constants and associative array indexes.  For better or worse, PHP is a loosely typed language and many things are ambiguous, mostly with assumptions that the early designers thought would make programming easier for novice programmers.  In the case of this statement, PHP first looks for a defined constant named ID and if no such constant is found, it next looks for an index in the $_GET array named "ID".  Why would you care?  Because if you leave that statement as-is and you or another programmer ever adds a statement to define('ID'), the script will stop working suddenly and without any warning message.  If you have set error_reporting(E_ALL) you will see a Notice about things like this.  When you are developing new code you almost always want to have error_reporting(E_ALL) so you can find things like accidental dependence on undefined variables, etc.

So while the <? echo $_GET[ID]; ?> might work fine, a better programming practice would be to write it this way instead:

<?php echo $_GET["ID"]; ?>

And an even better programming practice would include filtering the variable that arrived in the $_GET array to make sure it did not represent an attack vector, and instead was something you actually wanted to pass it to the next script.  But that is a different exercise.

Cheers, ~Ray
0
 

Author Comment

by:AlexAmbler
ID: 35715731
Thank you for the advice it’s always good for hints on how to tide up the coding.
I have change the line to <?php echo $_GET["ID"]; ?> but still not saving I think the issues is with the form action, the page with the code to save the changes is called team_member_edit_save.php would it be better to somehow have this code on the same page as the edit form so a new page is not loaded when save is clicked.
Regards,
A
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 111

Accepted Solution

by:
Ray Paseur earned 2000 total points
ID: 35715768
still not saving

Looks like you might want to start the debugging process with data visualization.  Learn about how to use var_dump() to print out the contents of things like the $_POST array.  Hint: It will be MUCH easier to read if you echo "<pre>"; before you run var_dump($_POST);

Next, you might want to rethink this line of code (line 30 from above)

mysql_query($query);

Instead use something more like the code snippet so you can see if there are errors.

HTH, ~Ray


<?php // RAY_mysql_example.php
error_reporting(E_ALL);


// IMPORTANT PAGES FROM THE MANUALS
// MAN PAGE: http://php.net/manual/en/ref.mysql.php
// MAN PAGE: http://php.net/manual/en/mysql.installation.php
// MAN PAGE: http://php.net/manual/en/function.mysql-error.php


// CONNECTION AND SELECTION VARIABLES FOR THE DATABASE
$db_host = "localhost"; // PROBABLY THIS IS OK
$db_name = "??";        // GET THESE FROM YOUR HOSTING COMPANY
$db_user = "??";
$db_word = "??";

// OPEN A CONNECTION TO THE DATA BASE SERVER
// MAN PAGE: http://php.net/manual/en/function.mysql-connect.php
if (!$db_connection = mysql_connect("$db_host", "$db_user", "$db_word"))
{
    $errmsg = mysql_errno() . ' ' . mysql_error();
    echo "<br/>NO DB CONNECTION: ";
    echo "<br/> $errmsg <br/>";
}

// SELECT THE MYSQL DATA BASE
// MAN PAGE: http://php.net/manual/en/function.mysql-select-db.php
if (!$db_sel = mysql_select_db($db_name, $db_connection))
{
    $errmsg = mysql_errno() . ' ' . mysql_error();
    echo "<br/>NO DB SELECTION: ";
    echo "<br/> $errmsg <br/>";
    die('NO DATA BASE');
}
// IF WE GOT THIS FAR WE CAN DO QUERIES




// ESCAPING A DATA FIELD FOR USE IN MYSQL QUERIES
// MAN PAGE: http://php.net/manual/en/function.mysql-real-escape-string.php
$safe_username = mysql_real_escape_string($_POST["username"]);




// CREATING AND SENDING A SELECT QUERY AND TESTING THE RESULTS
// MAN PAGE:http://php.net/manual/en/function.mysql-query.php
$sql = "SELECT id FROM my_table WHERE username='$safe_username'";
$res = mysql_query($sql);

// IF mysql_query() RETURNS FALSE, GET THE ERROR REASONS
// MAN PAGE: http://php.net/manual/en/function.mysql-error.php
if (!$res)
{
    $errmsg = mysql_errno() . ' ' . mysql_error();
    echo "<br/>QUERY FAIL: ";
    echo "<br/>$sql <br/>";
    die($errmsg);
}
// IF WE GET THIS FAR, THE QUERY SUCCEEDED AND WE HAVE A RESOURCE-ID IN $res SO WE CAN NOW USE $res IN OTHER MYSQL FUNCTIONS

Open in new window

0
 

Author Comment

by:AlexAmbler
ID: 35716419
I have changed line 48 <form action to
    <form action="includes/team_member_edit_save.php" method="post">

With this the address is co.uk/0176/web/includes/team_member_edit_save.php and I get two erros
Warning: mysql_query() [function.mysql-query]: Access denied for user 'ODBC'@'localhost' (using password: NO) in C:\inetpub\vhosts\123.co.uk\httpdocs\0176\web\includes\team_member_edit_save.php on line 31

Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in C:\inetpub\vhosts\123.co.uk\httpdocs\0176\web\includes\team_member_edit_save.php on line 31
Employee Details Updated

Regards,
0
 
LVL 27

Expert Comment

by:Lukasz Chmielewski
ID: 35716433
Your team_member_edit_save.php file need to have a separate connection string to mysql.
0
 

Author Comment

by:AlexAmbler
ID: 35716525
yes adding connection string does make the update save, but I do not have this on all my other pages?
1.jpg
2.jpg
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses four methods for overlaying images in a container on a web page
3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Suggested Courses
Course of the Month14 days, 1 hour left to enroll

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question