Search mySQL Database, view result, and resubmit back to database with hidden fields

Posted on 2012-08-21
Last Modified: 2012-08-22
Hi All

I am trying to write a small script to search a small database, view the result on screen, then have a button to say "Checked", which submits the data back to the database, along with some hidden fields:

The database structure is:
Table: main_stock


So first the user goes to a simple search page with one input box that searches the barcode field (each barcode is unique, so there will only be one result)
The following fields are then displayed on the page:

I have all the above working no problem, what i want to do then is have a button that says "Checked" which submits the info back into the database, along with the following hidden fields:

$curr_timestamp = strtotime("now"); 
$status = "CheckedOK"; 

Open in new window

What I have tried so far is the following but it doesnt find data from the array:


$url = ''; // Where to redirect after form is processed.
$curr_timestamp = strtotime("now"); 
$status = "CheckedOK"; 

$sql = "INSERT INTO main_stock WHERE id = $id ( 
                  `id`, `curr_timestamp`, `mastercategory`, `category`, `product_desc`, `newown`, `barcode`, `serial`, `stockcode`, `status` 
               ) VALUES ( 
                  '{$id}', '{$curr_timestamp}', '{$mastercategory}', '{$category}', '{$product_desc}', '{$newown}', '{$barcode}', '{$serial}', '{$stockcode}', '{$status}' 
echo '<META HTTP-EQUIV=Refresh CONTENT="0; URL='.$url.'">';
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
      <input type="submit" name="submit" value="Checked OK"><br>

Open in new window

As there is only one result, and the fields pulled from the database dont change, I presume that i only need to submit the hidden fields back to the database, to the item in the search result, but am unsure on how to do this

Any help is greatly appreciated
Thanks J
Question by:Jon C
    LVL 107

    Accepted Solution

    If you define a column as the type TIMESTAMP MySQL will update the timestamp automatically when the row is updated.  Note that something actually has to change in the row -- simply issuing the UPDATE will not trigger an actual update if the data is the same as the content of the row.

    I think I would add a column to the table.   Call it something like "checked" and make it varchar(3) DEFAULT 'No'.   Then you can have a hidden input like this:

    <input name="checked" type="hidden" value="Yes" />

    The general design of something like this would be to have a script that queries the data base and creates an HTML form prepopulated with the contents of the row of data.  The client would see the information in the form, change it (if appropriate) and submit the form.  The action= script would use the contents of the form to overwrite the row in the data base.

    HTH, ~Ray

    Author Comment

    by:Jon C
    Many thanks for your reply, That sounds like just what i need, i think I was trying to over complicate it.

    Just one last thing, once the search is done and the HTML form is populated, I wouldn't want to give the client access to edit the fields, how could I display the result that wasn't editable but that would able me to submit it with the hidden field?

    Thanks again
    LVL 107

    Expert Comment

    by:Ray Paseur
    You can mark some HTML form fields "readonly" but the only truly safe solution is to simply avoid updating the data base with any data items that are not things you want to change.  A hacker can (and eventually will) bypass your HTML form and post toxic information directly into your script.  So make sure that your script abides by the mantra, "Accept only known good values."

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    As a database administrator, you may need to audit your table(s) to determine whether the data types are optimal for your real-world data needs.  This Article is intended to be a resource for such a task. Preface The other day, I was involved …
    I imagine that there are some, like me, who require a way of getting currency exchange rates for implementation in web project from time to time, so I thought I would share a solution that I have developed for this purpose. It turns out that Yaho…
    In this tutorial viewers will learn how to style elements, such a divs, with a "drop shadow" effect using the CSS box-shadow property Start with a normal styled element, such as a div.: In the element's style, type the box shadow property: "box-shad…
    The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now