Update php mysql image field lost - php

I'm updating my post with an image field. Every thing is going fine, but i lose the path of the image, son if i leave the field empty the image path is null.
I have been trying different ways of including the old path to the field image. Those are the lines that have the old path and the new path.
<input type="file" name="image" value="<?php echo $row['image']; ?>">
<input type="hidden" name="old_image" value="<?php echo $row['image']; ?>" >
I tried also with <input type="file" name="image" value="<?php echo $image; ?>"> but it doesn't work.
Any suggestion?
Thanks in advance!
:)
This is my code:
<?php
require 'database.php';
$db = mysqli_connect("", "", "", "");
$id=$_GET["id"];
$title='';
$image='';
$image_text='';
$category='';
$result = mysqli_query($db, "SELECT * FROM `images` WHERE `id` = $id ");
while ($row = mysqli_fetch_array($result))
{
$title=$row['title'];
$image=$row['image'];
$papayos = $row['papayos'];
$cantidad = $row['cantidad'];
$image_text=nl2br($row['image_text']);
$category=$row['category'];
}
?>
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8">
<title>Modificar. Lapapaya.org Educación y colaboración </title>
<meta name="keywords" content="colaboracion, economía del bien común, emprendimiento"/>
<meta name="description" content="Plataforma para desarrollo de proyectos productivos con bonos de intercambio"/>
<link rel="stylesheet" href="css/style.css">
<link rel="shortcut icon" type="image/png" href="images/favicon.png">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bulma#0.8.0/css/bulma.min.css">
<script defer src="https://use.fontawesome.com/releases/v5.3.1/js/all.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
</head>
<body>
<section class="section has-background-white">
<div class="container">
<div class="columns is-centered">
<img class="logo-intro" src="images/logo.png" alt="Logo">
<br>
</div>
</div>
</section>
<form method="POST" action='' enctype="multipart/form-data">
<div class="container">
<h1>Título del artículo</h1>
<br>
<div class="field">
<div class="control">
<input class="input is-warning is-fullwidth" type="text" name="title" value="<?php echo $title; ?>" placeholder="Título">
</div>
<br>
<br>
<div>
<div class="notification"> <h1>Imagen</h1>
<input type="hidden" name="size" value="1000000">
<div class="field">
<div class="control">
<input type="file" name="image" value="<?php echo $row['image']; ?>">
<input type="hidden" name="old_image" value="<?php echo $row['image']; ?>" >
</div>
</div>
<div>
<h1>Descripción</h1>
<textarea class="textarea" name="image_text" rows="8" cols="80"><?php echo $image_text; ?></textarea>
<br>
<h1>Categoría</h1>
<div class=" select is-warning is-fullwidth">
<select type="text" class="" name="category" value="<?php echo $category; ?>">
<option value="1 ">Productos agrícolas</option>
<option value="2 ">Servicio</option>
<option value="3 ">Artesanía</option>
<option value="4 ">Arte</option>
<option value="5">Diseño Industrial</option>
<option value="6 ">Ciudad</option>
<option value="7 ">Economía</option>
<option value="8 ">Emprendimiento</option>
<option value="9 ">Programación</option>
<option value="10 ">Reflexión</option>
<option value="11">Río</option>
<option value="12 ">Seguridad alimentaria</option>
<option value="13 ">Vivienda</option>
</select>
</div>
<h1>Precio</h1>
<br>
<div class="field">
<div class="control">
<input class="input is-warning" type="number" name="papayos" value="<?php echo $papayos; ?>" placeholder="Papayos">
</div>
<br>
<h1>Cantidad</h1>
<br>
<div class="field">
<div class="control">
<input class="input is-warning" type="number" name="cantidad" value="<?php echo $cantidad; ?>" placeholder="Cantidad">
</div>
<br>
<br>
<div>
<button class="button is-outlined is-medium is-fullwidth" type="update" name="update">Modificar</button>
</div>
</div>
</form>
</body>
</html>
<?php
$server = '';
$username = '';
$password = '';
$database = '';
if (isset($_POST['update'])) {
$title=$_POST['title'];
$image_text=nl2br($_POST['image_text']);
$category=$_POST['category'];
$papayos =$_POST['papayos'];
$cantidad =$_POST['cantidad'];
$total = $papayos * $cantidad;
$old_image = $_POST['old_image'];
if(isset($_FILES['image']['name']) && ($_FILES['image']['name']!="")) {
$size=$_FILES['image']['size'];
$temp=$_FILES['image']['tmp_name'];
$type=$_FILES['image']['type'];
$image_name=$_FILES['image']['name'];
unlink("images/$old_image");
move_uploaded_file($temp, "images/$image_name");
}else {
$image_name=$old_image;
}
$update=mysqli_query($db, "UPDATE images SET title = '$title', image = '$image_name', image_text = '$image_text', category = '$category', papayos = '$papayos', cantidad = '$cantidad', total = '$total' WHERE id = $id");
if ($update) {
echo "<script>alert('Datos actualizados exitosamente')</script>";
echo "<script>window.open('index.php', '_self')</script>";
}
else {
echo "<script>alert('Inserción fallida')</script>";
}
} ?>


I fixed adding this above the imput file:
<img src="images/<?php echo $image; ?>">
:)

Related

php honeypot field needs to redirect to certain page if value is present or other page is null [duplicate]

This question already has an answer here:
PHP form - if honeypot input field is filled - redirect to another page
(1 answer)
Closed 9 months ago.
I have a 2-page form to gather potential client data, and using a honeypot field to stop spam from entering our database table.
The code inserts the data into the table, so that is not an issue.
What I want to have happen is if the honeypot field is NOT NULL, then I want it to redirect to the noway.html file. Otherwise, redirect to the home.html file.
index.php:
<?php
session_start();
require_once 'config/config.php';
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Purchase Form | HomePromise</title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/js-cookie#2/src/js.cookie.min.js"></script>
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" rel="stylesheet" />
<link rel="stylesheet" href="../../assets/css/style.css" />
</head>
<body>
<div class="container box">
<h2 class="page-title" align="center">Purchase Form</h2><br />
<form method="post" id="refi_form" action="index2.php">
<div class="tab-content" style="margin-top:16px;">
<div class="tab-pane active" id="fins_details">
<div class="panel panel-default">
<div class="panel-body">
<div class="form-group">
<!-- Refi label: <label>What's the value of your home?</label> -->
<input type="hidden" name="branch" id="branch" class="form-control" value="Army" />
</div>
<div class="form-group">
<label>What is the sales price of your home?</label>
<select name="salesprice" id="salesprice" class="form-control">
<option value="">Select One</option>
<option value="75000">50,000 - 99,999</option>
<option value="150000">100,000 - 199,999</option>
<option value="250000">200,000 - 299,999</option>
<option value="350000">300,000 - 399,999</option>
<option value="450000">400,000 - 499,999</option>
<option value="550000">500,000 - 599,999</option>
<option value="650000">600,000 - 699,999</option>
<option value="700000">Over 700,000</option>
<span id="error_salesprice" class="text-danger"></span>
</select>
</div>
<div class="form-group">
<label>What loan amount do you want?</label>
<select name="loan_amount" id="loan_amount" class="form-control">
<option value="">Select One</option>
<option value="75000">50,000 - 99,999</option>
<option value="150000">100,000 - 199,999</option>
<option value="250000">200,000 - 299,999</option>
<option value="350000">300,000 - 399,999</option>
<option value="450000">400,000 - 499,999</option>
<option value="550000">500,000 - 599,999</option>
<option value="650000">600,000 - 699,999</option>
<option value="700000">Over 700,000</option>
<span id="error_loan_amount" class="text-danger"></span>
</select>
</div>
<div class="form-group">
<label>What is your yearly income?</label>
<select name="income" id="income" class="form-control">
<option value="">Select One</option>
<option value="25000">Under 25k</option>
<option value="37000">25k - 49k</option>
<option value="62000">50k - 74k</option>
<option value="87000">75k - 99k</option>
<option value="125000">100k - 149k</option>
<option value="175000">150k - 200k</option>
<option value="200000">Over 200k</option>
<span id="error_income" class="text-danger"></span>
</select>
</div>
<br />
<div align="right">
<input type='submit' name='save' id='btn_fins_details' style="background-color:rgb(50,50,200);color:#fff;font-size:1.5em;padding:10px;" value="Next">
</div>
</div>
</div>
</div>
</div>
</form>
</div>
</body>
<script src="../assets/js/script.js"></script>
</html>
index2.php (Note: I am only echoing the values to verify that the honeypot and other values are being stored in their sessions.):
<?php
session_start();
$_SESSION['branch'] = $_POST['branch'];
$_SESSION['salesprice'] = $_POST['salesprice'];
$_SESSION['loan_amount'] = $_POST['loan_amount'];
$_SESSION['income'] = $_POST['income'];
$_SESSION['formurl'] = $_SERVER['HTTP_REFERER'];
echo $_SESSION['branch']; ?><br><?php
echo $_SESSION['salesprice']; ?><br><?php
echo $_SESSION['loan_amount']; ?><br><?php
echo $_SESSION['income']; ?><br><?php
echo $_SESSION['formurl']; ?><br><?php
$client_url = $_POST['client_url'];
require_once 'config/config.php';
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Refinance Form | HomePromise</title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" rel="stylesheet" />
<link rel="stylesheet" href="../../assets/css/style.css" />
</head>
<body>
<div class="container box">
<br />
<h2 class="page-title" align="center">Purchase Form</h2><br />
<form method="post" id="refi_form" action="submit.php">
<div class="tab-content" style="margin-top:16px;">
<div class="tab-pane active" id="fins_details">
<div class="panel panel-default">
<div class="panel-body">
<table class="center">
<tr>
<td class="left">
<div class="form-group">
<label>First Name</label>
<input type="hidden" name="formurl" value="<?php echo $_SESSION['formurl']; ?>">
<input type="hidden" name="client_url" value="<?php echo $_SESSION['client_url']; ?>">
<input type="hidden" name="ip" value="<?php echo $_SESSION['ip']; ?>"></input>
<input type="hidden" name="branch" value="<?php echo $_SESSION['branch']; ?>"></input>
<input type="hidden" name="salesprice" value="<?php echo $_SESSION['salesprice']; ?>"></input>
<input type="hidden" name="loan_amount" value="<?php echo $_SESSION['loan_amount']; ?>"></input>
<input type="hidden" name="income" value="<?php echo $_SESSION['income']; ?>"></input>
<input type="hidden" name="transaction_type" id="transaction_type" value="Purchase">
<input type="text" name="fName" id="fName" class="form-control" />
<span id="error_fName" class="text-danger"></span>
</div>
</td>
</tr>
</table>
<br />
<div class="text-message" style="display: block;">
<p>By clicking submit below, I/we acknowledge that I/we have read and agree to the User Agreement and acknowledge that I/we have read the Privacy Statement, and Disclosures.</p>
<br />
</div>
<div align="right">
<input type='submit' name='save' id='btn_personal_details' style="background-color:rgb(50,50,200);color:#fff;font-size:1.5em;padding:10px;" value="Submit">
</div>
</div>
</div>
</div>
</form>
</div>
</body>
<script src="..assets/js/script.js"></script>
</html>
submit.php:
<?php
session_start();
$_SESSION['branch'] = $_POST['branch'];
require_once 'config/config.php';
if (isset($_POST['client_url']) && $_POST['formurl'] && $_POST['ip'] && $_POST['salesprice'] && $_POST['loan_amount'] && $_POST['transaction_type'] && $_POST['fName'] && (empty($_POST['branch']))) {
$client_url = $_POST['client_url'];
$formurl = $_POST['formurl'];
$ip = $_POST['ip'];
$salesprice = $_POST['salesprice'];
$loan_amount = $_POST['loan_amount'];
$income = $_POST['income'];
$transaction_type = $_POST['transaction_type'];
$fName = $_POST['fName'];
$sql = "INSERT INTO whp (client_url, formurl, ip, salesprice, loan_amount, income, transaction_type, fName) VALUES ('$client_url', '$formurl', '$ip', '$salesprice', '$loan_amount', '$income', '$transaction_type', '$fName')";
$db_con->exec($sql);
header("Location: home.html");
} else {
header("Location: noway.html");
}
?>

Create your honeypot input (name can be whatever, in my example I'm using honeypot).
if (empty($_POST['honeypot'])){
Add that just after the $sql string is set (or just before).
empty will return true if the variable is undefined or set to false. In terms of a POST value, that means it will be true if the POST value is not set or is blank (and you should trigger home.html). If it's filled, it it will return false and you should trigger the else noway.html.

php - edit SESSION variable in multiple page form

currently I am doing multiple page form (page 1 and page 2). I save the details in page 1 using SESSION and insert successfully to database. I also successfully retrieve the data from database and display on page (activityLog.php).
However, I face problem when I want to edit/update the form.The value in the form wasn't update as well as the database. Please help.Thanks.
Below is my display cause page and edit form (editIndividual.php).
activityLog.php
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<title>My Activity Log</title>
<?php
session_start();
include 'header.php';
?>
<div id="content">
<div class="section">
<h4 align="center" style="font-size:28px;">My Activity Log</h4>
<div>
Basic Setting
Change Password
<a class="selected" href="activityLog.php">My Activity Log</a>
</div>
<label style="font-size:19px;color:#333;"<strong>Manage your cause below.</strong>
<div class="figure">
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post" class="register">
<div class="first" >
<?php
include 'dbconn.php';
if(isset($_SESSION['email'])){
$query="SELECT * from cause join user_info on cause.userID=user_info.userID where email='{$_SESSION['email']}'";
$result=mysqli_query($conn, $query);
while ($row=mysqli_fetch_array($result)){
$causeID = $row['causeID'];
$title = $row['title'];
$category = $row['category'];
$donateType = $row['donateType'];
$goal = $row['goal'];
$description = $row['description'];
$createDate = $row['createDate'];
$image = $row['image'];
echo "<a href='editIndividual.php?u=$causeID'>".$title."</a><br>";
echo "<img height='80' width='100' src='upload/".$image."'><br>";
}
}
?>
<fieldset>
</fieldset>
</div>
</form><!--end form-->
</div>
</div>
</div>
<?php include 'footer.php';?> <!--include footer.php-->
</body>
</html>
editIndividual.php
<html>
<head>
<meta charset="UTF-8" />
<!--include header-->
<?php
session_start();
include 'dbconn.php';
include 'header.php';
if(!isset($_SESSION['email'])){
echo "Please login before proceed!";
header("location:login.php");
}
else{
if(isset($_GET['u'])){
$causeID = $_GET['u'];
$query="SELECT * from cause where causeID=$causeID ";
$result=mysqli_query($conn, $query);
while ($row=mysqli_fetch_array($result)){
$causeID = $row['causeID'];
$title = $row['title'];
$category = $row['category'];
$donateType = $row['donateType'];
$goal = $row['goal'];
$description = $row['description'];
$createDate = $row['createDate'];
$image = $row['image'];
}
//update title
$title = $_SESSION['title'];
$upTitle = "UPDATE cause set title='$title' where causeID='$causeID'";
$upTitleResult = mysqli_query($conn,$upTitle);
//update category
$category = $_SESSION['category'];
$upCategory = "UPDATE cause set category='$category' where causeID='$causeID'";
$upCategoryResult = mysqli_query($conn,$upCategory);
//update donate type
$donateType = $_SESSION['donateType'];
$upDonateType = "UPDATE cause set donateType='$donateType' where causeID='$causeID'";
$upDonateTypeResult = mysqli_query($conn,$upDonateType);
//update goal
$goal = $_SESSION['goal'];
$upGoal = "UPDATE cause set goal='$goal' where causeID='$causeID'";
$upGoalResult = mysqli_query($conn,$upGoal);
//update description
$description = $_POST['description'];
$upDes = "UPDATE cause set description='$description' where causeID='$causeID'";
$upDesResult = mysqli_query($conn,$upDes);
//update image
$image = $_FILES['imageToUpload']['name'];
$upImage = "UPDATE cause set image='$image' where causeID='$causeID'";
$upImageResult = mysqli_query($conn,$upImage);
}
}
?>
<!--Change choose file button default name-->
<script>
function HandleBrowseClick()
{
var fileinput = document.getElementById("imageToUpload");
fileinput.click();
}
function Handlechange()
{
var fileinput = document.getElementById("imageToUpload");
fileinput.value;
}
</script>
<div id="content">
<div>
<form action="activityLog.php" id="editInd_form" name="editInd_form" class= "register" method="post">
<div class="first">
<fieldset>
<label for="title"><strong>Cause Title: </strong></label><br>
<input type="text" id="title" name="title" class="inputtext" value="<?php echo $title?>"/><br>
<label for="category" ><strong><span class="error-message" style="color:red">*</span>Category:</strong></label><br>
<select id="category" name="category" onchange="document.getElementById('editInd_form').submit()">
<?php
$categoryArray=array("Select a category", "Animal Welfare", "Children", "Education", "Environment", "Health", "OKU", "Refugees", "Senior Citizen", "Community", "Women Welfare", "Youth");
for ($i=0; $i<count($categoryArray); $i++){
if ($i == $category){
echo "<option value='".$i."' selected>".$categoryArray[$i]."</option>";
}
else{
echo "<option value='".$i."'>".$categoryArray[$i]."</option>";
}
}
?>
</select><br>
<label for="donateType"><strong><span class="error-message" style="color:red;">*</span>Type of Donation:</strong></label><br>
<select id="donateType" name="donateType" onchange="document.getElementById('editInd_form').submit()" >
<?php
$donateTypeArray=array("Please Select","Fundraising","Books","Clothing","Electric product", "Food","Water","Other");
for ($j=0; $j<count($donateTypeArray); $j++){
if ($j == $donateType){
echo "<option value='".$j."' selected>".$donateTypeArray[$j]."</option>";
}
else{
echo "<option value='".$j."'>".$donateTypeArray[$j]."</option>";
}
}
?>
</select><br>
<label for="goal"><strong><span class="error-message" style="color:red">*</span>Please state your goal:</strong></label><br>
<input type="text" id="goal" name="goal" class="inputtext" value="<?php echo $goal?>" placeholder="enter an amount(RM) for fundraising, uniform, 1.5L mineral water, ..."><br>
</fieldset></div>
<div><fieldset>
<label for="description"><strong>Tell us your story: </strong></label><br>
<textarea name="description" style="width:350px;height:150px;"><?php echo $description?>
</textarea><br>
<!-- <img src="images/image-icon.png" class="image-icon" height="150" width="150"> <img src="images/video-icon.png" height="150" width="150">-->
<label for="imageToUpload"><strong>Upload Your Photo:</strong></label><br>
<input type="file" name="imageToUpload" id="imageToUpload" style="display:none;" onChange="Handlechange();">
<input type="button" value="Change image" id="fakeBrowse" onclick="HandleBrowseClick();"/>
<?php include 'upload1.php';?>
<input type="submit" name="submit" id="save" value=""><br>
</fieldset>
</div>
</form>
</table>
</div>
</div> <!--content end-->
<!--include footer-->
<?php include 'footer.php';?>
</body>
</html>
for your reference, this is my create form (2 pages form)
createIndividual.php
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<!--include header-->
<?php
session_start();
include 'dbconn.php';
if(!isset($_SESSION['email'])){
echo "Please login before proceed!";
header("location:login.php");
}
include 'header.php';
?>
<div id="content">
<div>
<h3 align="center"> Create your own cause</h3>
<h4><strong> Step 1: Title, Category, Goal</strong></h4>
<form action="createIndividual2.php" id="createInd_form" class= "register" method="post">
<div class="form">
<fieldset>
<label for="title"><strong>Cause Title: </strong></label><br>
<input type="text" id="title" name="title" class="inputtext"/><br>
<label for="category" ><strong><span class="error-message" style="color:red">*</span>Category:</strong></label><br>
<select id="category" name="category">
<option value="0"> Select a category</option>
<option value="1"> Animal Welfare</option>
<option value="2"> Children</option>
<option value="3"> Education </option>
<option value="4"> Environment</option>
<option value="5"> Health</option>
<option value="6"> OKU</option>
<option value="7"> Refugees</option>
<option value="8"> Senior Citizen</option>
<option value="9"> Community</option>
<option value="10"> Women Welfare</option>
<option value="11"> Youth</option>
</select><br>
<label for="donateType"><strong><span class="error-message" style="color:red;">*</span>Type of Donation:</strong></label><br>
<select id="donateType" name="donateType">
<option value="0">Please Select</option>
<option value="1">Fundraising</option>
<option value="2">Books</option>
<option value="3">Clothing</option>
<option value="4">Electric product</option>
<option value="5">Food</option>
<option value="6">Water</option>
<option value="7">Other</option>
</select><br>
<label for="goal"><strong><span class="error-message" style="color:red">*</span>Please state your goal:</strong></label><br>
<input type="text" id="goal" name="goal" class="inputtext" placeholder="enter an amount(RM) for fundraising, uniform, 1.5L mineral water, ..."><br>
<input type="submit" name="submit" id="next" value=""><br>
</fieldset>
</div>
</form>
</table>
</div>
</div> <!--content end-->
<!--include footer-->
<?php include 'footer.php';?>
</body>
</html>
createIndividual2.php
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<!--include header-->
<?php
session_start();
$_SESSION['title'] = $_POST['title'];
$_SESSION['category'] = $_POST['category'];
$_SESSION['donateType'] = $_POST['donateType'];
$_SESSION['goal'] = $_POST['goal'];
include 'header.php';
?>
<div id="content">
<div>
<h3 align="center"> Create your own cause</h3>
<h4><strong> Step 2: Tell us your story</strong></h4>
<form action="checkCause.php" id="createIndividual" class= "register" method="post" enctype="multipart/form-data">
<div class="form">
<fieldset>
<label for="title"><strong>Tell us your story: </strong></label><br>
<textarea name="description" style="width:500px;height:150px;">
</textarea><br>
<!-- <img src="images/image-icon.png" class="image-icon" height="150" width="150"> <img src="images/video-icon.png" height="150" width="150">-->
<label for="imageToUpload"><strong>Upload Your Photo:</strong></label><br>
<input type="file" name="imageToUpload" id="imageToUpload">
<input type="submit" name="upload" id="submit" value=""><br>
<button onclick="goBack()" id="back"></button>
<script>
function goBack() {
window.history.back();
}
</script>
<?php include 'upload1.php';?>
</fieldset>
</div>
</form>
</table>
</div>
</div> <!--content end-->
<?php include 'footer.php';?> <!--include footer.php-->
</body>
</html>

In editIndividual.php you have a error. You first get data from MySQL and after that you setup data from sessions. But where you check if new data exist and return old if not exists?
Look my integration in your code:
<html>
<head>
<meta charset="UTF-8" />
<!--include header-->
<?php
session_start();
include 'dbconn.php';
include 'header.php';
if(!isset($_SESSION['email'])){
echo "Please login before proceed!";
header("location:login.php");
}
else{
if(isset($_GET['u'])){
$causeID = $_GET['u'];
$query="SELECT * from cause where causeID=$causeID ";
$result=mysqli_query($conn, $query);
while ($row=mysqli_fetch_array($result)){
$causeID = $row['causeID'];
$title = $row['title'];
$category = $row['category'];
$donateType = $row['donateType'];
$goal = $row['goal'];
$description = $row['description'];
$createDate = $row['createDate'];
$image = $row['image'];
}
//update title
$title = (isset($_SESSION['title'])&&!empty($_SESSION['title'])?$_SESSION['title']:$title);
$upTitle = "UPDATE cause set title='$title' where causeID='$causeID'";
$upTitleResult = mysqli_query($conn,$upTitle);
//update category
$category = (isset($_SESSION['category'])&&!empty($_SESSION['category'])?$_SESSION['category']:$category);
$upCategory = "UPDATE cause set category='$category' where causeID='$causeID'";
$upCategoryResult = mysqli_query($conn,$upCategory);
//update donate type
$donateType = (isset($_SESSION['donateType'])&&!empty($_SESSION['donateType'])?$_SESSION['donateType']:$donateType);
$upDonateType = "UPDATE cause set donateType='$donateType' where causeID='$causeID'";
$upDonateTypeResult = mysqli_query($conn,$upDonateType);
//update goal
$goal = (isset($_SESSION['goal'])&&!empty($_SESSION['goal'])?$_SESSION['goal']:$goal);
$upGoal = "UPDATE cause set goal='$goal' where causeID='$causeID'";
$upGoalResult = mysqli_query($conn,$upGoal);
//update description
$description = (isset($_POST['description'])&&!empty($_POST['description'])?$_POST['description']:$description);
$upDes = "UPDATE cause set description='$description' where causeID='$causeID'";
$upDesResult = mysqli_query($conn,$upDes);
//update image
$image = (isset($_FILES['imageToUpload']['name']) && !empty($_FILES['imageToUpload']['name'])?$_FILES['imageToUpload']['name']:$image);
$upImage = "UPDATE cause set image='$image' where causeID='$causeID'";
$upImageResult = mysqli_query($conn,$upImage);
}
}
?>
<!--Change choose file button default name-->
<script>
function HandleBrowseClick()
{
var fileinput = document.getElementById("imageToUpload");
fileinput.click();
}
function Handlechange()
{
var fileinput = document.getElementById("imageToUpload");
fileinput.value;
}
</script>
<div id="content">
<div>
<form action="activityLog.php" id="editInd_form" name="editInd_form" class= "register" method="post">
<div class="first">
<fieldset>
<label for="title"><strong>Cause Title: </strong></label><br>
<input type="text" id="title" name="title" class="inputtext" value="<?php echo $title?>"/><br>
<label for="category" ><strong><span class="error-message" style="color:red">*</span>Category:</strong></label><br>
<select id="category" name="category" onchange="document.getElementById('editInd_form').submit()">
<?php
$categoryArray=array("Select a category", "Animal Welfare", "Children", "Education", "Environment", "Health", "OKU", "Refugees", "Senior Citizen", "Community", "Women Welfare", "Youth");
for ($i=0; $i<count($categoryArray); $i++){
if ($i == $category){
echo "<option value='".$i."' selected>".$categoryArray[$i]."</option>";
}
else{
echo "<option value='".$i."'>".$categoryArray[$i]."</option>";
}
}
?>
</select><br>
<label for="donateType"><strong><span class="error-message" style="color:red;">*</span>Type of Donation:</strong></label><br>
<select id="donateType" name="donateType" onchange="document.getElementById('editInd_form').submit()" >
<?php
$donateTypeArray=array("Please Select","Fundraising","Books","Clothing","Electric product", "Food","Water","Other");
for ($j=0; $j<count($donateTypeArray); $j++){
if ($j == $donateType){
echo "<option value='".$j."' selected>".$donateTypeArray[$j]."</option>";
}
else{
echo "<option value='".$j."'>".$donateTypeArray[$j]."</option>";
}
}
?>
</select><br>
<label for="goal"><strong><span class="error-message" style="color:red">*</span>Please state your goal:</strong></label><br>
<input type="text" id="goal" name="goal" class="inputtext" value="<?php echo $goal?>" placeholder="enter an amount(RM) for fundraising, uniform, 1.5L mineral water, ..."><br>
</fieldset></div>
<div><fieldset>
<label for="description"><strong>Tell us your story: </strong></label><br>
<textarea name="description" style="width:350px;height:150px;"><?php echo $description?>
</textarea><br>
<!-- <img src="images/image-icon.png" class="image-icon" height="150" width="150"> <img src="images/video-icon.png" height="150" width="150">-->
<label for="imageToUpload"><strong>Upload Your Photo:</strong></label><br>
<input type="file" name="imageToUpload" id="imageToUpload" style="display:none;" onChange="Handlechange();">
<input type="button" value="Change image" id="fakeBrowse" onclick="HandleBrowseClick();"/>
<?php include 'upload1.php';?>
<input type="submit" name="submit" id="save" value=""><br>
</fieldset>
</div>
</form>
</table>
</div>
</div> <!--content end-->
<!--include footer-->
<?php include 'footer.php';?>
</body>
</html>

Updating a phpmyadmin table through Php using a url varible

im having a problem when trying to implement a edit page in php.
Getting items from the database doesent pose any problem, yet trying to update it tells me that i have missed a field and trying to skip the check just leaves me with a unedited table.
To explain more, there is a page that directs to this one while passing on a id (propertyID) veriable and from that we use it to grab the desired variables.
Can anyone look at the code and tell me what i have done wrong, i have prevously got a similar page working and am getting quite flustered trying to figure out why this one isent.
<?php
// Start sessions
include('includes/security.inc.php');
authorise();
if (!isset($_GET['propertyID']) || !is_numeric($_GET['propertyID']))
{
header('Location:./houselist.php');
}
else
{
// Include connection file
include('includes/connection.inc.php');
// Get details
connect();
$propertyID = $_GET['propertyID'];
$sql = "SELECT * FROM Properties WHERE propertyID='$propertyID' LIMIT 1";
$result = #mysql_query($sql) or die('Unable to run query');
$record = mysql_fetch_object($result);
mysql_close();
// Check to see if the form has been submitted
if (isset($_POST['submit']))
{
// Check to see all fields have been completed
$address = $_POST['address'];
$categoryID = $_POST['categoryID'];
$price = $_POST['price'];
$landlordName = $_POST['landlordName'];
$img = $_POST['img'];
$description= $_POST['description'];
if (!empty($address) && !empty($categoryID) && !empty($price) && !empty($landlordName) && !empty($img) && !empty($description))
{
// Create an SQL query to add the comment
$sql = "UPDATE property SET propertyID = '$propertyID', img = '$img', address = '$address', price = '$price', landlordName = '$landlordName', description = '$description' WHERE propertyID = $propertyID";
// Connect to the database
connect();
// Run the query and store the result in a variable
$result = mysql_query($sql) or die("Could not run query1");
// Close connection to the database
mysql_close();
// Check if query was successful
if ($result)
{
$message = '<div class="success"><p>You have successfully edited Article details.</p><p>Please Click Here to view the Animal list.</p></div>';
}
else
{
$message = '<div class="error"><p>There was an error editing details, please try again</p></div>';
}
}
else
{
$message = '<div class="error"><p>Please make sure you fill all fields in before submitting the form.</p></div>';
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" type="text/css" href="css/960.css"/>
<link rel="stylesheet" type="text/css" href="css/demo.css"/>
<link rel="stylesheet" type="text/css" href="css/960_24_col.css"/>
<link rel="stylesheet" type="text/css" href="css/reset.css"/>
<link rel="stylesheet" type="text/css" href="css/text.css"/>
<link rel="stylesheet" type="text/css" href="css/style.css"/>
<title>Complete Property Solutions</title>
<title>Homescreen - Complete Property Solutions</title>
</head>
<body>
<div class="container_24" id="container">
<div class="grid_24" id="banner">
<img src="img/banner.png" width="960" height="92" />
</div>
<div class="grid_18" id="nav" align="right">
<ul id="topnav">
<li>Home</li>
<li>Properties</li>
<li>Landlords</li>
<li>Tenants</li>
<li>Logout</li>
</ul>
</div>
<div class="grid_6" id="search" align="right">
<form action="search.php" method="GET">
<input type="text" name="term" size="15">
<input type="submit" value="Search">
</form>
</div>
</div>
<div class="container_24" id="container" align="center">
<div id="container">
<form id="PropertyEdit" name="PropertyEdit" method="post" action="<? echo $_SERVER['PHP_SELF'] . "?propertyID=" . $propertyID; ?>">
<input type="hidden" name="propertyID" id="propertyID" value="<?php echo $propertyID; ?>" />
<?php
if (isset($message))
{
echo $message;
}
else
{
?>
<div class="label"><label for="propertyID"></label></div>
<div class="input"><input type="hidden" name="propertyID" id="propertyID" tabindex="1" value="<? echo $record->propertyID; ?>" /></div>
<br />
<div class="label"><label for="categoryID">Category</label></div>
<div class="input"><input type="text" name="categoryID" id="categoryID" tabindex="1" value="<? echo $record->categoryID; ?>" /></div>
<br />
<div class="label">
<label for="address">Address:</label></div>
<div class="input"><input type="text" name="address" id="address" tabindex="1" value="<? echo $record->address; ?>" /></div>
<br />
<div class="label"><label for="price">Price:</label></div>
<div class="input"><input type="text" name="Price" id="price" tabindex="3" value="<? echo $record->price; ?>" /></div>
<div class="label"><label for="landlordName">Landlord</label></div>
<div class="input"><input type="text" name="landlordName" id="landlordName" tabindex="1" value="<? echo $record->landlordName; ?>" /></div>
<br />
<div class="label"><label for="img">Image</label></div>
<div class="input"><input type="text" name="img" id="img" tabindex="1" value="<? echo $record->img; ?>" /></div>
<br />
<div class="label"><label for="description">Description:</label></div>
<div class="input"><textarea name="description" id="description" cols="50" rows="10" tabindex="5"><? echo $record->description; ?></textarea></div>
<br />
<div class="label"> </div>
<div class="input">
<input type="reset" name="reset" id="reset" value="Reset" tabindex="6" />
<input type="submit" name="submit" id="submit" value="Submit" tabindex="7" />
</div>
<p class="normal">Click Here to Return to the Home page</p>
<?php
}
?>
</form> </div>
</div>
</body>
</html>
<?php
}
?>
my best guess for the problem would revolve around
// Check to see if the form has been submitted
if (isset($_POST['submit']))
{
// Check to see all fields have been completed
$address = $_POST['address'];
$categoryID = $_POST['categoryID'];
$price = $_POST['price'];
$landlordName = $_POST['landlordName'];
$img = $_POST['img'];
$description= $_POST['description'];
if (!empty($address) && !empty($categoryID) && !empty($price) && !empty($landlordName) && !empty($img) && !empty($description))
{
// Create an SQL query to add the comment
$sql = "UPDATE property SET propertyID = '$propertyID', img = '$img', address = '$address', price = '$price', landlordName = '$landlordName', description = '$description' WHERE propertyID = $propertyID";
// Connect to the database
connect();
// Run the query and store the result in a variable
$result = mysql_query($sql) or die("Could not run query1");
// Close connection to the database
mysql_close();
// Check if query was successful
if ($result)
{
$message = '<div class="success"><p>You have successfully edited Article details.</p><p>Please Click Here to view the Animal list.</p></div>';
}
else
{
$message = '<div class="error"><p>There was an error editing details, please try again</p></div>';
}
}
else
{
$message = '<div class="error"><p>Please make sure you fill all fields in before submitting the form.</p></div>';
}
}
And the below section, my problem is that im not sure where exactly
<div class="container_24" id="container" align="center">
<div id="container">
<form id="PropertyEdit" name="PropertyEdit" method="post" action="<? echo $_SERVER['PHP_SELF'] . "?propertyID=" . $propertyID; ?>">
<input type="hidden" name="propertyID" id="propertyID" value="<?php echo $propertyID; ?>" />
<?php
if (isset($message))
{
echo $message;
}
else
{
?>
<div class="label"><label for="propertyID"></label></div>
<div class="input"><input type="hidden" name="propertyID" id="propertyID" tabindex="1" value="<? echo $record->propertyID; ?>" /></div>
<br />
<div class="label"><label for="categoryID">Category</label></div>
<div class="input"><input type="text" name="categoryID" id="categoryID" tabindex="1" value="<? echo $record->categoryID; ?>" /></div>
<br />
<div class="label">
<label for="address">Address:</label></div>
<div class="input"><input type="text" name="address" id="address" tabindex="1" value="<? echo $record->address; ?>" /></div>
<br />
<div class="label"><label for="price">Price:</label></div>
<div class="input"><input type="text" name="Price" id="price" tabindex="3" value="<? echo $record->price; ?>" /></div>
<div class="label"><label for="landlordName">Landlord</label></div>
<div class="input"><input type="text" name="landlordName" id="landlordName" tabindex="1" value="<? echo $record->landlordName; ?>" /></div>
<br />
<div class="label"><label for="img">Image</label></div>
<div class="input"><input type="text" name="img" id="img" tabindex="1" value="<? echo $record->img; ?>" /></div>
<br />
<div class="label"><label for="description">Description:</label></div>
<div class="input"><textarea name="description" id="description" cols="50" rows="10" tabindex="5"><? echo $record->description; ?></textarea></div>
<br />
<div class="label"> </div>
<div class="input">
<input type="reset" name="reset" id="reset" value="Reset" tabindex="6" />
<input type="submit" name="submit" id="submit" value="Submit" tabindex="7" />

Update Mysql and PHP

I'm trying to create an update form. When I send the form it shows me that the variable person has not been defined. It's important to say that this variable contains the information obtained in the first query that is used to fill out the first table.
So far everything works well. However, when the user presses the button modify, a message saying that the variable person has not been defined. When i try to re-use the variable serial in the last query it tells me that isn't defined either. I don't really know why if i did at the beginning of the script.
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>CTE Modificar Registro</title>
<?php
include "conexiondblocal.php";
if(!isset($_POST['submit'])){
$serial = mysqli_real_escape_string($con,$_GET['numeroorden']);
$qry= "SELECT * FROM producto WHERE numeroorden = $serial";
$muestra = mysqli_query($con,$qry);
$person=$muestra->fetch_array();
}
?>
<style type="text/css">
#cuerpo form table {
text-align: center;
}
</style>
<link href="../CTE/estilospaginas.css" rel="stylesheet" type="text/css">
<style type="text/css">
body {
background-color: #FFF;
}
</style>
</head>
<body>
<div id="cuerpo">
<script>
$( "#entregaacliente,#fecharecepcion").datepicker();
</script>
<div id="formulario">
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<div> <label for="inputproducto">Producto</label> <input name="inputproducto"type="text" class="tabla" id="producto" value = "<?php echo $person['producto']; ?>" />
</div>
<div> <label for="inputproducto">Orden número</label> <input name="inputcedula"type="text" class="tabla" id="inputcedula" value = "<?php echo $person['cedula']; ?>" />
</div>
<div> <label for="inputtipodeservicio">Cedula</label> <input name="inputtipodeservicio"type="text" id="inputtipodeservicio" value = "<?php echo $person['tipodeservicio']; ?>" />
</div>
<div> <label for="inputnumeromarca">Numero de Marca</label> <input name="inputnumeromarca"type="text" id="inputnumeromarca" value = "<?php echo $person['numeromarca']; ?>" />
</div>
<div> <label for="inputmarca">Marca</label> <input name="inputmarca"type="text" id="inputmarca" value = "<?php echo $person['marca']; ?>" />
</div>
<div> <label for="inputtelefono">Modelo</label> <input name="inputmodelo"type="text" id="inputmodelo" value = "<?php echo $person['modelo']; ?>" /> </div>
<div> <label for="inputproducto">Almacen</label> <input name="inputalmacen"type="text" id="inputalmacen" value = "<?php echo $person['almacen']; ?>" /> </div>
<div> <label for="inputmarca">Dano</label> <input name="inputdano"type="text" id="inputdano" value = "<?php echo $person['dano']; ?>" /> </div>
<div> <label for="inputfecharecepcion">Fecha de Recepción</label> <input name="inputfecharecepcion"type="text" id="inputfecharecepcion" value = "<?php echo $person['fecharecepcion']; ?>" />
</div>
<div> <label for="inputfecharecepcion">Técnico</label>
<textarea name="inputtecnico" cols="30" id="inputtecnico" /><?php echo $person['tecnico']; ?>
</textarea> </div>
<div> <label for="inputestado">Estado</label> <select name="inputestado"type="text"value = "<?php echo $person['estado']; ?>" id="inputestado"> <option>Reparado </option>
<option>Pendiente </option>
<option>Entregado</option>
</select> </div>
<div> <label for="inputsede">Sede</label> <select name="inputsede"value = "<?php echo $person['sede']; ?>"type="text" id="inputsede"> <option>Centro </option>
<option>Calipso </option>
</select> </div>
<div> <label for="inputentregaacliente">Entrega a Cliente</label> <input name="inputentregaacliente"type="text" id="inputentregaacliente" value = "<?php echo $person['entregaacliente']; ?>" /> </div>
<div id="enviarboton">
<input type = "submit" name = "submit" value= "Modificar"/>
</div>
<input type="hidden" name="numeroorden" value="<?php echo $serial;?>"/>
</form>
</div>
<?php
if (isset($_POST['submit'])){
$producto=
"UPDATE producto
SET producto = '$_POST[inputproducto]',
cedula = '$_POST[inputcedula]',
tipodeservicio = '$_POST[inputtipodeservicio]',
numeromarca = '$_POST[inputnumeromarca]',
marca = '$_POST[inputmarca]',
modelo = '$_POST[inputmodelo]',
almacen = '$_POST[inputalmacen]',
dano = '$_POST[inputdano]',
fecharecepcion = '$_POST[inputfecharecepcion]',
tecnico = '$_POST[inputtecnico]',
estado = '$_POST[inputestado]',
sede = '$_POST[inputsede]',
entregaacliente = '$_POST[inputentregaacliente]',
numeroorden = '$_POST[numeroorden]'
WHERE numeroorden = $serial";
mysqli_query($con,$producto);
echo "El usuario ha sido modificado";
}
?>
</body>
</html>

Can not upload photo in mozilla firefox 8.0

I have created a simple form. In the form there is a option to upload photo. I have created that and submitted successfully. But when I updated the mozilla firefox browser to 8.0 the form showing problem. When I submit the form in firefox 8.0 the browser hangs only because of the upload photo section, all other are working well while the same code is running in internet explorer. Then I installed old version of firefox same code is running well. I don't understand why it is happening and what will be the solution? Please help me. Thanks in advance...
Here is the code....
<?php
session_start();
if(!isset($_SESSION['user']))
{
header("Location:index.php");
exit();
}
include("./include/dbc.php");
$msg='';
if(isset($_POST['check'])){
$p=$_FILES['photo']['name'];
$q=$_FILES['photo1']['name'];
if($_REQUEST['a_name'] == '' ||$_REQUEST['b_name'] == ''||$_REQUEST['no_flats'] == ''||$p == ''||$q == '')
{
$msg='Enter Details!!';
}
if($msg==''){
$target = "images/";
$target = $target . basename( $_POST['a_name'].$_FILES['photo']['name']);
$pic=$_POST['a_name'].$_FILES['photo']['name'];
$target1 = "loc_images/";
$target1 = $target1 . basename( $_POST['a_name'].$_FILES['photo1']['name']);
$pic1=$_POST['a_name'].$_FILES['photo1']['name'];
$time=$_POST['month'].' '.$_POST['year'];
$sql= "INSERT INTO flats
SET
app_name = '$_REQUEST[a_name]',
builder = '$_REQUEST[b_name]',
loc_id = '$_REQUEST[loc]',
status_id = '$_REQUEST[status]',
no_of_flats = '$_REQUEST[no_flats]',
completion_time = '$time',
main_pic = '$pic',
loc_map = '$pic1'";
$result=mysql_query($sql) or die(mysql_error());
move_uploaded_file($_FILES['photo']['tmp_name'], $target);
move_uploaded_file($_FILES['photo1']['tmp_name'], $target1);
$id=$_REQUEST['a_name'];
$sql2 =mysql_query("select id from flats where app_name='$id'");
while ($result= mysql_fetch_row($sql2)){
$_SESSION['flat_id']=$result[0];
}
header("Location:new1.php");
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<form id="form1" action="<?php echo $_SERVER['PHP_SELF'];?>" method="post" enctype="multipart/form-data">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Welcome To Prime Properties</title>
<link rel="stylesheet" href="style.css" type="text/css"/>
</head>
<body>
<div class="container">
<div class="heading">
<div class="banner"><img src="../images/top.jpg" width="995" height="169" /></div>
<!--menu start-->
<div>
<?php include('include/menu.php');?>
</div>
<!--menu end-->
</div>
<div class="main">
<!--left menu start-->
<div class="left_menu">
<?php include('include/lm.php');?>
</div>
<!--left menu end-->
<div class="divider"></div>
<!--body contant goes here-->
<div class="right">
<div id="error">
<?php
echo $msg;
?></div>
<p>
Enter Your Credentials......</p>
<fieldset><p class="first">
<label for="a_name">Appartment Name:</label>
<input type="text" name="a_name" id="a_name"><br/></input></p>
<p>
<label for="b_name">Builder Name:</label>
<input type="text" name="b_name" id="b_name"><br/></input></p>
<p>
<label for="loc">Location:</label>
<select name="loc">
<option value="1">Maligaon</option>
<option value="2">Panbazaar</option>
<option value="3">Fancy Bazar</option>
<option value="4">Kahilipara</option>
<option value="5">Noonmati</option>
<option value="6">Lokhra</option>
<option value="7">Jalukbari</option>
<option value="8">Chandmari</option>
<option value="9">Beltola</option>
<option value="10">Dispur</option>
</select><br/></p>
<p>
<label for="status"> Status:</label>
<select name="status">
<option value="1">Ongoing</option>
<option value="2">Future</option>
<option value="3">Completed</option>
</select><br/></p>
<p><label for="no_flats">No of Flats:</label>
<input type="text" name="no_flats" id="no_flats"><br/></input></p>
<p><label for="c_time">Completion Time:</label>
<select name="month">
<option>Month</option>
<option>January</option>
<option>February</option>
<option>March</option>
<option>April</option>
<option>May</option>
<option>June</option>
<option>July</option>
<option>August</option>
<option>September</option>
<option>October</option>
<option>November</option>
<option>December</option>
</select>
<select name="year">
<option>Year</option>
<option>2012</option>
<option>2013</option>
<option>2014</option>
<option>2015</option>
<option>2016</option>
<option>2017</option>
<option>2018</option>
<option>2019</option>
<option>2020</option>
</select>
</p>
<p><label for="m_pic">Main Picture:</label>
<input type="file" name="photo"/><br/></p>
<p><label for="l_map">Location Map:</label>
<input type="file" name="photo1"/><br/></p>
<p class="submit">
<input type="hidden" name="check" value="1"/>
<button type="submit" name="submit" >NEXT</button></p>
</fieldset></div>
<!--body contant end here -->
</div>
</div>
</body>
</html>
</form>

Your:
<form id="form1" action="<?php echo $_SERVER['PHP_SELF'];?>" method="post" enctype="multipart/form-data">
Cannot be outside of the <body>, and you stuck yours outside of the <head> even.
Try to only wrap what you need in your <form></form> tags.
That is most likely the problem!

Categories