What's wrong with update query in php - php

I am trying to update and insert using one file. Following code can insert the data but when i try to update it is not working but data is also going to else part when i try to update it.
Flow Homepage -> Insert/Update UI -> Insert/Update Operation
Homepage which display all the data. There is update and delete link button. Now you got idea that id is already passing.
<!DOCTYPE>
<?php
session_start();
/*if(!isset($_SESSION["isLogin"]))
{
header("location:index.php");
}*/
?>
<html>
<head>
<title></title>
<?php
include_once("include.html");
include_once("dbconfig.php");
?>
</head>
<body>
<?php include_once("navbar.html"); ?>
<div class="main mainContentMargin">
<div class="row">
<?php
$sth = $pdo->prepare("SELECT * FROM product_master where isActive='y' order by id desc");
$sth->execute();
?>
<div class="card col s12">
<table class="responsive-table centered striped">
<thead>
<tr>
<th style="width: 15%">Product Name</th>
<th>Description</th>
<th style="width: 15%">Price</th>
<th>Update</th>
<th>Delete</th>
</tr>
</thead>
<tbody>
<?php
while ($row = $sth->fetch(PDO::FETCH_ASSOC))
{
?>
<tr>
<td style="width: 15%"><?php echo $row["p_name"] ?></td>
<td ><?php echo $row["description"] ?></td>
<td style="width: 15%"><?php echo $row["price"]." Rs./".$row["unit"] ?></td>
<td style="width:5%"><i class="material-icons">mode_edit</i></td>
<td style="width:5%"><i class="material-icons">mode_delete</i></td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
</div>
</div>
<?php include_once("footer.html");?>
</body>
</html>
Insert / Update UI
<?php
session_start();
/*if(!isset($_SESSION["isLogin"]))
{
header("location:index.php");
}*/
?>
<html>
<head>
<title></title>
<?php
include_once("include.html");
include_once("dbconfig.php");
?>
</head>
<body>
<?php include_once("navbar.html"); ?>
<?php
$product="";
$descritpion="";
$price="";
$unit="";
$ins_up="Insert";
if(isset($_REQUEST["id"]))
{
$sth = $pdo->prepare("SELECT * FROM product_master where id=".$_REQUEST["id"]);
$sth->execute();
while ($row = $sth->fetch(PDO::FETCH_ASSOC))
{
$product=$row["p_name"];
$descritpion=$row["description"];
$price=$row["price"];
$unit=$row["unit"];
$ins_up="Update";
}
}
?>
<div class="main mainContentMargin">
<div class="row">
<form method="post" action="insertProduct.php">
<div class="card col s12">
<div class="card-content">
<div class="input-field">
<input type="text" name="txtProductname" id="txtProductname" value="<?php echo $product ?>">
<label for="txtProductname">Product Name</label>
</div>
<div class="input-field">
<textarea name="txtDesc" id="txtDesc" class="materialize-textarea" value="<?php echo $descritpion ?>"></textarea>
<label for="txtDesc">Description</label>
<script>
$(document).ready(function($) {
$('#txtDesc').val("<?php echo $descritpion ?>");
});
</script>
</div>
<div class="input-field">
<input type="number" name="txtProductprice" id="txtProductprice" value="<?php echo $price ?>">
<label for="txtProductprice">Price</label>
</div>
<div>
<?php
if($unit=="pcs" || $unit=="")
{
?>
<input name="group1" type="radio" id="pcsUnit" value="pcs" checked />
<label for="pcsUnit">Pcs.</label>
<input name="group1" type="radio" id="pcsKg" value="kg" />
<label for="pcsKg">KG.</label>
<?php
}
else
{
?>
<input name="group1" type="radio" id="pcsUnit" value="pcs" />
<label for="pcsUnit">Pcs.</label>
<input name="group1" type="radio" id="pcsKg" value="kg" checked />
<label for="pcsKg">KG.</label>
<?php
}
?>
</div>
</div>
<div class="card-action">
<div class="input-field">
<input type="submit" class="btn" name="btnInsert" id="btnInsert" value="<?php echo $ins_up ?>"></td>
</div>
</div>
</div>
</form>
</div>
</div>
<?php include_once("footer.html");?>
</body>
</html>
Insert / Update Operation File
<?php
include("dbconfig.php");
if(isset($_REQUEST["id"]))
$id=$_REQUEST["id"];
$name=$_REQUEST["txtProductname"];
$description=$_REQUEST["txtDesc"];
$price=$_REQUEST["txtProductprice"];
$unit=$_REQUEST["group1"];
if($_REQUEST["btnInsert"]!="Update")
{
$stmt=$pdo->prepare("INSERT INTO product_master (p_name, description, price,unit,isActive)
VALUES (:p_name, :description, :price,:unit,:isActive)");
$isActive='y';
$stmt->bindParam(':isActive', $isActive);
}
else
{
$stmt=$pdo->prepare("update product_master SET p_name=:p_name , description=:description , price=:price , unit=:unit where id=:id");
$stmt->bindParam(":id",$id);
}
$stmt->bindParam(':p_name', $name);
$stmt->bindParam(':description', $description);
$stmt->bindParam(':price', $price);
$stmt->bindParam(':unit', $unit);
$stmt->execute();
if($stmt->rowCount()) {
echo 'success';
} else {
echo 'update failed';
}
//header('Location: home.php');
?>
DBConfig
<?php
$pdo = new PDO("mysql:host=localhost; dbname=db_inventory;","root","");
$pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$pdo->exec("set names utf8");
?>


$id is not defined when you run your UPDATE.
While you have defined id while you're on on the GUI page, the value is not passed with the next request to the script that actually queries your database.
Add the following line to your form:
<input type="hidden" name="id" value="<?php echo htmlentities($_GET['id']); ?>" />


Make user your id is retrieved properly. In your form i didn't any input element for the id. So when you try to get from the request it always comes empty.
If you server error logs are on, you might get the error undefined variable $id...

Related

I want to echo the fullname of the user without him putting it on the form

I have a table that has some values. One of them is the full name of the user. I want to echo the full name from the db that it is saved. I have 2 different tables for the risks and for the users. I thought about doing it with something like <?php echo $_SESSION['user']['fullname'] ?> but I don't know where to write that. There is also another page that i pass the values from the form into the db but I don't know if I should echo the full name from there.
<?php require_once('config.php') ?>
<?php
session_start();
// Check if the user is logged in, if not then redirect him to login page
if (!isset($_SESSION["loggedin"]) and $_SESSION["loggedin"] !== true) {
header("location: index.php");
exit;
}
?>
<?php
$connect = new PDO("mysql:host=localhost;dbname=riskit", "root", "");
$query = "SELECT * FROM risktable ORDER BY riskId";
$statement = $connect->prepare($query);
$statement->execute();
$result = $statement->fetchAll();
?>
<html>
<title>Risk Table</title>
<head>
<?php require_once( ROOT_PATH . '/includes/head_section.php') ?>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script>
<body>
<div class="container">
<?php include( ROOT_PATH . '/includes/navbar.php') ?>
<br />
<br />
<h2 align="center">Risk Table</h2><br />
<h3 align="center">Add Risks</h3>
<br />
<form method="post" id="add_details">
<div class="form-group">
<label>Your Name</label>
<input type="text" name="fullname" class="form-control" required />
</div>
<div class="form-group">
<label>Risk Name</label>
<input type="text" name="riskName" class="form-control" required />
</div>
<div class="form-group">
<label>Description</label>
<input type="text" name="description" class="form-control" required />
</div>
<div class="form-group">
<label>Control Enviroment</label>
<input type="radio" name="controlEnv" class="form-control" required
<?php if (isset($controlEnv) && $controlEnv=="internal") echo "checked";?>
value="internal">Internal
<input type="radio" name="controlEnv" class="form-control" required
<?php if (isset($controlEnv) && $controlEnv=="external") echo "checked";?>
value="external">External
</div>
<br/>
<div class="form-group">
<label>Risk Category</label>
<input type="text" name="riskCat" class="form-control" required />
</div>
<div class="form-group">
<label>Risk Type</label>
<input type="radio" name="rtype" class="form-control" required
<?php if (isset($rtype) && $rtype=="threat") echo "checked";?>
value="threat">Threat
<input type="radio" name="rtype" class="form-control" required
<?php if (isset($rtype) && $rtype=="opportunity") echo "checked";?>
value="opportunity">Opportunity
</div>
<br/>
<div class="form-group">
<label>Phase</label>
<input type="text" name="phase" class="form-control" required />
</div>
<input type="submit" name="add" id="add" class="btn btn-success" value="Add" />
</div>
</form>
<br />
<h3 align="center">View Details</h3>
<br />
<table class="table table-striped table-bordered">
<thead>
<tr>
<th>Risk Name</th>
<th>Description</th>
<th>Contol Enviroment</th>
<th>Risk Category</th>
<th>Risk Type</th>
<th>Phase</th>
<th>Creator</th>
</tr>
</thead>
<tbody id="table_data">
<?php
foreach($result as $row)
{
echo '
<tr>
<td>'.$row["riskName"].'</td>
<td>'.$row["description"].'</td>
<td>'.$row["controlEnv"].'</td>
<td>'.$row["riskCat"].'</td>
<td>'.$row["rtype"].'</td>
<td>'.$row["phase"].'</td>
<td>'.$row["fullname"].'</td>
</tr>
';
}
?>
</tbody>
</table>
</div>
</body>
</html>
<script>
$(document).ready(function(){
$('#add_details').on('submit', function(event){
event.preventDefault();
$.ajax({
url:"insertRiskTable.php",
method:"POST",
data:$(this).serialize(),
dataType:"json",
beforeSend:function(){
$('#add').attr('disabled', 'disabled');
console.log('before');
},
success:function(data){
$('#add').attr('disabled', false);
console.log('in success');
if(data.riskName)
{
var html = '<tr>';
html += '<td>'+data.riskName+'</td>';
html += '<td>'+data.description+'</td>';
html += '<td>'+data.controlEnv+'</td>';
html += '<td>'+data.riskCat+'</td>';
html += '<td>'+data.rtype+'</td>';
html += '<td>'+data.phase+'</td>';
html += '<td>'+data.fullname+'</td></tr>';
$('#table_data').prepend(html);
$('#add_details')[0].reset();
}
}
})
});
});
</script>

echo a html page and entering values into a form from php variables

I want to block access to a PHP page.
I'm doing that with this way: If you been logged in, PHP check if exist a cookie, and doing echo the HTML, else it's redirecting you to login page.
Here is the code but when I'm trying to set value attribute equal to a PHP variable, I'm getting back the php code ex.""
The PHP code inside the selection tag, isn't working either!
<?php
if(isset($_COOKIE['User_Email_Cookie'])) {
session_start();
$name =$_SESSION['User_FullName'];
$phone =$_SESSION['User_Phone'];
echo '<!DOCTYPE html>
<html>
<body>
<h1 class="Title">Reserve a table now!</h1>
<center>
<form action="reservation2.php" method="post">
<div class="App">
<div class="User">
<h2 style="text-align:left;"> Contact:</h2>
<input type="text" id="Name" placeholder="Full Name" value="<?php echo $name ?>" required>
<input type="tel" id="Phone" placeholder="Phone" value="<?php echo $phone ?>" required>
</div>
<div class="DatePeople">
<h2> Choose the Date:</h2>
<input type="date" id="Date" name="TableDate">
<select name="Time" class="time">
<option>19:00</option>
<option>19:30</option>
<option>20:00</option>
<option>20:30</option>
<option>21:00 </option>
<option>21:30</option>
<option>22:00</option>
</select>
<h2 style="margin-top:0px;">Choose Table, People: <a target="_blank" href="media/diagram.png"><img src="media/info.png" width="23px"></a></h2>
<select name="TableNum" class="table">
<?php
include \'connectDb.php\'; #Eisagwgi stoixeiwn gia syndesi me ti vasi
$result=mysqli_query($con,"SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.Columns WHERE
TABLE_NAME = \'available\' AND COLUMN_NAME NOT IN (\'Date\', \'Time\')");
while($row = mysqli_fetch_array($result)) {
echo \'<option>\'.$row[0].\'</option>\';
}
?>
</select>
<input type="number" id="seats" name="People" min="2" max="8" value="4" >
</div>
</div>
<div>
<input type="submit" name="Submit" value="Reserve">
<a class="button" href="logout.php">Log out</a>
</div> </center>
</form>
else {
header("location: reservation.php");
}

The issue is that you echo the html, and inside that echo you combine "inner" php tags (value="<?php echo $name ?>" instead of value="' . $name . '" for example).
Change:
echo '<!DOCTYPE html>
To:
?><!DOCTYPE html>
And at the end, where you have:
</form>
Replace it with
</form></body></html><?php
The above code allows you combine html markup, by closing the php tags in the correct place, without you having to echo it with php.
Read the documentation for more details.

Please try this code
<?php
if(isset($_COOKIE['User_Email_Cookie'])) {
session_start();
$name =$_SESSION['User_FullName'];
$phone =$_SESSION['User_Phone'];
?>
<!DOCTYPE html>
<html>
<body>
<h1 class="Title">Reserve a table now!</h1>
<center>
<form action="reservation2.php" method="post">
<div class="App">
<div class="User">
<h2 style="text-align:left;"> Contact:</h2>
<input type="text" id="Name" placeholder="Full Name" value="<?php echo $name ?>" required>
<input type="tel" id="Phone" placeholder="Phone" value="<?php echo $phone ?>" required>
</div>
<div class="DatePeople">
<h2> Choose the Date:</h2>
<input type="date" id="Date" name="TableDate">
<select name="Time" class="time">
<option>19:00</option>
<option>19:30</option>
<option>20:00</option>
<option>20:30</option>
<option>21:00 </option>
<option>21:30</option>
<option>22:00</option>
</select>
<h2 style="margin-top:0px;">Choose Table, People: <a target="_blank" href="media/diagram.png"><img src="media/info.png" width="23px"></a></h2>
<select name="TableNum" class="table">
<?php
include \'connectDb.php\'; #Eisagwgi stoixeiwn gia syndesi me ti vasi
$result=mysqli_query($con,"SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.Columns WHERE
TABLE_NAME = \'available\' AND COLUMN_NAME NOT IN (\'Date\', \'Time\')");
while($row = mysqli_fetch_array($result)) {
echo \'<option>\'.$row[0].\'</option>\';
}
?>
</select>
<input type="number" id="seats" name="People" min="2" max="8" value="4" >
</div>
</div>
<div>
<input type="submit" name="Submit" value="Reserve">
<a class="button" href="logout.php">Log out</a>
</div> </center>
</form>
<?php
else {
header("location: reservation.php");
}
?>

php - edit SESSION variable in multiple page form

currently I am doing multiple page form (page 1 and page 2). I save the details in page 1 using SESSION and insert successfully to database. I also successfully retrieve the data from database and display on page (activityLog.php).
However, I face problem when I want to edit/update the form.The value in the form wasn't update as well as the database. Please help.Thanks.
Below is my display cause page and edit form (editIndividual.php).
activityLog.php
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<title>My Activity Log</title>
<?php
session_start();
include 'header.php';
?>
<div id="content">
<div class="section">
<h4 align="center" style="font-size:28px;">My Activity Log</h4>
<div>
Basic Setting
Change Password
<a class="selected" href="activityLog.php">My Activity Log</a>
</div>
<label style="font-size:19px;color:#333;"<strong>Manage your cause below.</strong>
<div class="figure">
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post" class="register">
<div class="first" >
<?php
include 'dbconn.php';
if(isset($_SESSION['email'])){
$query="SELECT * from cause join user_info on cause.userID=user_info.userID where email='{$_SESSION['email']}'";
$result=mysqli_query($conn, $query);
while ($row=mysqli_fetch_array($result)){
$causeID = $row['causeID'];
$title = $row['title'];
$category = $row['category'];
$donateType = $row['donateType'];
$goal = $row['goal'];
$description = $row['description'];
$createDate = $row['createDate'];
$image = $row['image'];
echo "<a href='editIndividual.php?u=$causeID'>".$title."</a><br>";
echo "<img height='80' width='100' src='upload/".$image."'><br>";
}
}
?>
<fieldset>
</fieldset>
</div>
</form><!--end form-->
</div>
</div>
</div>
<?php include 'footer.php';?> <!--include footer.php-->
</body>
</html>
editIndividual.php
<html>
<head>
<meta charset="UTF-8" />
<!--include header-->
<?php
session_start();
include 'dbconn.php';
include 'header.php';
if(!isset($_SESSION['email'])){
echo "Please login before proceed!";
header("location:login.php");
}
else{
if(isset($_GET['u'])){
$causeID = $_GET['u'];
$query="SELECT * from cause where causeID=$causeID ";
$result=mysqli_query($conn, $query);
while ($row=mysqli_fetch_array($result)){
$causeID = $row['causeID'];
$title = $row['title'];
$category = $row['category'];
$donateType = $row['donateType'];
$goal = $row['goal'];
$description = $row['description'];
$createDate = $row['createDate'];
$image = $row['image'];
}
//update title
$title = $_SESSION['title'];
$upTitle = "UPDATE cause set title='$title' where causeID='$causeID'";
$upTitleResult = mysqli_query($conn,$upTitle);
//update category
$category = $_SESSION['category'];
$upCategory = "UPDATE cause set category='$category' where causeID='$causeID'";
$upCategoryResult = mysqli_query($conn,$upCategory);
//update donate type
$donateType = $_SESSION['donateType'];
$upDonateType = "UPDATE cause set donateType='$donateType' where causeID='$causeID'";
$upDonateTypeResult = mysqli_query($conn,$upDonateType);
//update goal
$goal = $_SESSION['goal'];
$upGoal = "UPDATE cause set goal='$goal' where causeID='$causeID'";
$upGoalResult = mysqli_query($conn,$upGoal);
//update description
$description = $_POST['description'];
$upDes = "UPDATE cause set description='$description' where causeID='$causeID'";
$upDesResult = mysqli_query($conn,$upDes);
//update image
$image = $_FILES['imageToUpload']['name'];
$upImage = "UPDATE cause set image='$image' where causeID='$causeID'";
$upImageResult = mysqli_query($conn,$upImage);
}
}
?>
<!--Change choose file button default name-->
<script>
function HandleBrowseClick()
{
var fileinput = document.getElementById("imageToUpload");
fileinput.click();
}
function Handlechange()
{
var fileinput = document.getElementById("imageToUpload");
fileinput.value;
}
</script>
<div id="content">
<div>
<form action="activityLog.php" id="editInd_form" name="editInd_form" class= "register" method="post">
<div class="first">
<fieldset>
<label for="title"><strong>Cause Title: </strong></label><br>
<input type="text" id="title" name="title" class="inputtext" value="<?php echo $title?>"/><br>
<label for="category" ><strong><span class="error-message" style="color:red">*</span>Category:</strong></label><br>
<select id="category" name="category" onchange="document.getElementById('editInd_form').submit()">
<?php
$categoryArray=array("Select a category", "Animal Welfare", "Children", "Education", "Environment", "Health", "OKU", "Refugees", "Senior Citizen", "Community", "Women Welfare", "Youth");
for ($i=0; $i<count($categoryArray); $i++){
if ($i == $category){
echo "<option value='".$i."' selected>".$categoryArray[$i]."</option>";
}
else{
echo "<option value='".$i."'>".$categoryArray[$i]."</option>";
}
}
?>
</select><br>
<label for="donateType"><strong><span class="error-message" style="color:red;">*</span>Type of Donation:</strong></label><br>
<select id="donateType" name="donateType" onchange="document.getElementById('editInd_form').submit()" >
<?php
$donateTypeArray=array("Please Select","Fundraising","Books","Clothing","Electric product", "Food","Water","Other");
for ($j=0; $j<count($donateTypeArray); $j++){
if ($j == $donateType){
echo "<option value='".$j."' selected>".$donateTypeArray[$j]."</option>";
}
else{
echo "<option value='".$j."'>".$donateTypeArray[$j]."</option>";
}
}
?>
</select><br>
<label for="goal"><strong><span class="error-message" style="color:red">*</span>Please state your goal:</strong></label><br>
<input type="text" id="goal" name="goal" class="inputtext" value="<?php echo $goal?>" placeholder="enter an amount(RM) for fundraising, uniform, 1.5L mineral water, ..."><br>
</fieldset></div>
<div><fieldset>
<label for="description"><strong>Tell us your story: </strong></label><br>
<textarea name="description" style="width:350px;height:150px;"><?php echo $description?>
</textarea><br>
<!-- <img src="images/image-icon.png" class="image-icon" height="150" width="150"> <img src="images/video-icon.png" height="150" width="150">-->
<label for="imageToUpload"><strong>Upload Your Photo:</strong></label><br>
<input type="file" name="imageToUpload" id="imageToUpload" style="display:none;" onChange="Handlechange();">
<input type="button" value="Change image" id="fakeBrowse" onclick="HandleBrowseClick();"/>
<?php include 'upload1.php';?>
<input type="submit" name="submit" id="save" value=""><br>
</fieldset>
</div>
</form>
</table>
</div>
</div> <!--content end-->
<!--include footer-->
<?php include 'footer.php';?>
</body>
</html>
for your reference, this is my create form (2 pages form)
createIndividual.php
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<!--include header-->
<?php
session_start();
include 'dbconn.php';
if(!isset($_SESSION['email'])){
echo "Please login before proceed!";
header("location:login.php");
}
include 'header.php';
?>
<div id="content">
<div>
<h3 align="center"> Create your own cause</h3>
<h4><strong> Step 1: Title, Category, Goal</strong></h4>
<form action="createIndividual2.php" id="createInd_form" class= "register" method="post">
<div class="form">
<fieldset>
<label for="title"><strong>Cause Title: </strong></label><br>
<input type="text" id="title" name="title" class="inputtext"/><br>
<label for="category" ><strong><span class="error-message" style="color:red">*</span>Category:</strong></label><br>
<select id="category" name="category">
<option value="0"> Select a category</option>
<option value="1"> Animal Welfare</option>
<option value="2"> Children</option>
<option value="3"> Education </option>
<option value="4"> Environment</option>
<option value="5"> Health</option>
<option value="6"> OKU</option>
<option value="7"> Refugees</option>
<option value="8"> Senior Citizen</option>
<option value="9"> Community</option>
<option value="10"> Women Welfare</option>
<option value="11"> Youth</option>
</select><br>
<label for="donateType"><strong><span class="error-message" style="color:red;">*</span>Type of Donation:</strong></label><br>
<select id="donateType" name="donateType">
<option value="0">Please Select</option>
<option value="1">Fundraising</option>
<option value="2">Books</option>
<option value="3">Clothing</option>
<option value="4">Electric product</option>
<option value="5">Food</option>
<option value="6">Water</option>
<option value="7">Other</option>
</select><br>
<label for="goal"><strong><span class="error-message" style="color:red">*</span>Please state your goal:</strong></label><br>
<input type="text" id="goal" name="goal" class="inputtext" placeholder="enter an amount(RM) for fundraising, uniform, 1.5L mineral water, ..."><br>
<input type="submit" name="submit" id="next" value=""><br>
</fieldset>
</div>
</form>
</table>
</div>
</div> <!--content end-->
<!--include footer-->
<?php include 'footer.php';?>
</body>
</html>
createIndividual2.php
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<!--include header-->
<?php
session_start();
$_SESSION['title'] = $_POST['title'];
$_SESSION['category'] = $_POST['category'];
$_SESSION['donateType'] = $_POST['donateType'];
$_SESSION['goal'] = $_POST['goal'];
include 'header.php';
?>
<div id="content">
<div>
<h3 align="center"> Create your own cause</h3>
<h4><strong> Step 2: Tell us your story</strong></h4>
<form action="checkCause.php" id="createIndividual" class= "register" method="post" enctype="multipart/form-data">
<div class="form">
<fieldset>
<label for="title"><strong>Tell us your story: </strong></label><br>
<textarea name="description" style="width:500px;height:150px;">
</textarea><br>
<!-- <img src="images/image-icon.png" class="image-icon" height="150" width="150"> <img src="images/video-icon.png" height="150" width="150">-->
<label for="imageToUpload"><strong>Upload Your Photo:</strong></label><br>
<input type="file" name="imageToUpload" id="imageToUpload">
<input type="submit" name="upload" id="submit" value=""><br>
<button onclick="goBack()" id="back"></button>
<script>
function goBack() {
window.history.back();
}
</script>
<?php include 'upload1.php';?>
</fieldset>
</div>
</form>
</table>
</div>
</div> <!--content end-->
<?php include 'footer.php';?> <!--include footer.php-->
</body>
</html>

In editIndividual.php you have a error. You first get data from MySQL and after that you setup data from sessions. But where you check if new data exist and return old if not exists?
Look my integration in your code:
<html>
<head>
<meta charset="UTF-8" />
<!--include header-->
<?php
session_start();
include 'dbconn.php';
include 'header.php';
if(!isset($_SESSION['email'])){
echo "Please login before proceed!";
header("location:login.php");
}
else{
if(isset($_GET['u'])){
$causeID = $_GET['u'];
$query="SELECT * from cause where causeID=$causeID ";
$result=mysqli_query($conn, $query);
while ($row=mysqli_fetch_array($result)){
$causeID = $row['causeID'];
$title = $row['title'];
$category = $row['category'];
$donateType = $row['donateType'];
$goal = $row['goal'];
$description = $row['description'];
$createDate = $row['createDate'];
$image = $row['image'];
}
//update title
$title = (isset($_SESSION['title'])&&!empty($_SESSION['title'])?$_SESSION['title']:$title);
$upTitle = "UPDATE cause set title='$title' where causeID='$causeID'";
$upTitleResult = mysqli_query($conn,$upTitle);
//update category
$category = (isset($_SESSION['category'])&&!empty($_SESSION['category'])?$_SESSION['category']:$category);
$upCategory = "UPDATE cause set category='$category' where causeID='$causeID'";
$upCategoryResult = mysqli_query($conn,$upCategory);
//update donate type
$donateType = (isset($_SESSION['donateType'])&&!empty($_SESSION['donateType'])?$_SESSION['donateType']:$donateType);
$upDonateType = "UPDATE cause set donateType='$donateType' where causeID='$causeID'";
$upDonateTypeResult = mysqli_query($conn,$upDonateType);
//update goal
$goal = (isset($_SESSION['goal'])&&!empty($_SESSION['goal'])?$_SESSION['goal']:$goal);
$upGoal = "UPDATE cause set goal='$goal' where causeID='$causeID'";
$upGoalResult = mysqli_query($conn,$upGoal);
//update description
$description = (isset($_POST['description'])&&!empty($_POST['description'])?$_POST['description']:$description);
$upDes = "UPDATE cause set description='$description' where causeID='$causeID'";
$upDesResult = mysqli_query($conn,$upDes);
//update image
$image = (isset($_FILES['imageToUpload']['name']) && !empty($_FILES['imageToUpload']['name'])?$_FILES['imageToUpload']['name']:$image);
$upImage = "UPDATE cause set image='$image' where causeID='$causeID'";
$upImageResult = mysqli_query($conn,$upImage);
}
}
?>
<!--Change choose file button default name-->
<script>
function HandleBrowseClick()
{
var fileinput = document.getElementById("imageToUpload");
fileinput.click();
}
function Handlechange()
{
var fileinput = document.getElementById("imageToUpload");
fileinput.value;
}
</script>
<div id="content">
<div>
<form action="activityLog.php" id="editInd_form" name="editInd_form" class= "register" method="post">
<div class="first">
<fieldset>
<label for="title"><strong>Cause Title: </strong></label><br>
<input type="text" id="title" name="title" class="inputtext" value="<?php echo $title?>"/><br>
<label for="category" ><strong><span class="error-message" style="color:red">*</span>Category:</strong></label><br>
<select id="category" name="category" onchange="document.getElementById('editInd_form').submit()">
<?php
$categoryArray=array("Select a category", "Animal Welfare", "Children", "Education", "Environment", "Health", "OKU", "Refugees", "Senior Citizen", "Community", "Women Welfare", "Youth");
for ($i=0; $i<count($categoryArray); $i++){
if ($i == $category){
echo "<option value='".$i."' selected>".$categoryArray[$i]."</option>";
}
else{
echo "<option value='".$i."'>".$categoryArray[$i]."</option>";
}
}
?>
</select><br>
<label for="donateType"><strong><span class="error-message" style="color:red;">*</span>Type of Donation:</strong></label><br>
<select id="donateType" name="donateType" onchange="document.getElementById('editInd_form').submit()" >
<?php
$donateTypeArray=array("Please Select","Fundraising","Books","Clothing","Electric product", "Food","Water","Other");
for ($j=0; $j<count($donateTypeArray); $j++){
if ($j == $donateType){
echo "<option value='".$j."' selected>".$donateTypeArray[$j]."</option>";
}
else{
echo "<option value='".$j."'>".$donateTypeArray[$j]."</option>";
}
}
?>
</select><br>
<label for="goal"><strong><span class="error-message" style="color:red">*</span>Please state your goal:</strong></label><br>
<input type="text" id="goal" name="goal" class="inputtext" value="<?php echo $goal?>" placeholder="enter an amount(RM) for fundraising, uniform, 1.5L mineral water, ..."><br>
</fieldset></div>
<div><fieldset>
<label for="description"><strong>Tell us your story: </strong></label><br>
<textarea name="description" style="width:350px;height:150px;"><?php echo $description?>
</textarea><br>
<!-- <img src="images/image-icon.png" class="image-icon" height="150" width="150"> <img src="images/video-icon.png" height="150" width="150">-->
<label for="imageToUpload"><strong>Upload Your Photo:</strong></label><br>
<input type="file" name="imageToUpload" id="imageToUpload" style="display:none;" onChange="Handlechange();">
<input type="button" value="Change image" id="fakeBrowse" onclick="HandleBrowseClick();"/>
<?php include 'upload1.php';?>
<input type="submit" name="submit" id="save" value=""><br>
</fieldset>
</div>
</form>
</table>
</div>
</div> <!--content end-->
<!--include footer-->
<?php include 'footer.php';?>
</body>
</html>

ECHO Results into a FORM after multiple pages

I've seen tutorials on doing this sort of things echo'ing the results directly from the form into a different form on the following page however the issue I'm facing is slightly different and I can't find any threads that cover it, I'm sure someone will prove how much of a novice I am by answering this however.
I have a search form as shown here:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Search Contacts</title>
</head>
<p><body>
<h3>Search Contacts Details</h3>
<p>You may search either by first or last name</p>
<form method="post" action="search.php?go" id="client">
<input type="text" name="name">
<input type="submit" name="submit" value="Search">
</form>
</body>
</html>
</p>
The results are then display in a table on the Search.PHP page, the code is shown here:
enter code here
}
}
}
?>
<!DOCTYPE HTML>
<html>
<head>
<title>Client/title>
<link href="/csstwo.css" type="text/css" rel="stylesheet">
</head>
<div id="Header">
<h1>Search results</h1>
<div id="Banner"></div>
<div id="logo"></div>
<div style="clear: both;"></div>
</div> <!-- /Header -->
<body>
<div id="nav">
<div id="nav_wrapper">
<ul>
<li>Home</li>
<li>Client
<ul>
<li>Add a Client</li>
<li>Manage Client</li>
</li><li>Client List</li>
</ul>
<li>Case
<ul>
<li>Add a Case</li>
</li><li>Manage Case</li>
</ul>
<li>Help <img src="arrow.jpg">
<ul>
<li>Case</li>
<li>Client</li>
</li><li>Contacts</li>
</ul>
</li>
</ul>
</div>
</div>
<div id="content">
<table width="70%" cellpadding="5" cellspace="5" position="centre">
<tr>
<td><strong>ID</strong></td>
<td><strong>Forename</strong></td>
<td><strong>Surname</strong></td>
<td><strong>Postcode</strong></td>
<td><strong>Address Line One</strong></td>
<td><strong>Address Line Two</strong></td>
<td><strong>Town/City</strong></td>
<td><strong>Contact Number</strong></td>
<td><strong>Manage Client</strong></td>
</tr>
<?php while ($row =mysql_fetch_array($result)) { ?>
<tr>
<td><?php echo $ID =$row ['ClientID'] ?></td>
<td><?php echo $FirstName =$row ['forename'] ?></td>
<td><?php echo $LastName =$row ['surname'] ?></td>
<td><?php echo $row ['postcode'] ?></td>
<td><?php echo $row ['addresslineone'] ?></td>
<td><?php echo $row ['addresslinetwo'] ?></td>
<td><?php echo $row ['towncity'] ?></td>
<td><?php echo $row ['contactnumber'] ?></td>
<td><a href='manageclient.php?id={$row['id']}'>Manage</a></td>
</tr>
<?php } ?>
</table>
</body>
I have a link at the end that takes you to Manageclient.php, the user would select Manage Client on the Search.php page that displays results. This would then take the user to Manageclient.php with a prepopulate form from the results of Search.php.
I'm probably being extremely stupid but I can't seem to carry the results from the Search.php and echo them into the form on Manageclient.php, I always keep getting errors saying the variables are not defined.
I hope this makes sense and any help on this would be appreciated greatly.
EDIT:
I'm posting to this form on manageclient.php:
<form action="manageclient.php" method="post" form id="client">
<div class="label">
<h1> Edit a Client
<span>Please enter the case's details below.</span>
</h1>
<div class="label">*ClientID:
<div class="txtbox">
<input name="ClientID" type="text" id="txt" placeholder="Enter Your First Name." value="<?php echo $result ['ClientID']; ?>"/>
</div>
</div>
<br>
<div class="label">*Forename:
<div class="txtbox">
<input name="forename" type="text" id="txt" placeholder="Enter Your Last Name." value="<?php echo $result ['forename']; ?>"/>
</div>
</div>
<div class="label">*Surname:
<div class="txtbox">
<input name="surname" type="text" id="txt" placeholder="DD/MM/YYYY." value="<?php echo $result ['surname']; ?>"/>
</div>
</div>
I get the following error messages:
Notice: Undefined variable: result in C:\xampp\htdocs\acaproject\manageclient.php on line 105
Warning: mysql_fetch_array() expects parameter 1 to be resource, null given in C:\xampp\htdocs\acaproject\manageclient.php on line 105
Notice: Undefined index: ClientID in C:\xampp\htdocs\acaproject\manageclient.php on line 75
Notice: Undefined index: forename in C:\xampp\htdocs\acaproject\manageclient.php on line 81
Notice: Undefined index: surname in C:\xampp\htdocs\acaproject\manageclient.php on line 86
FURTHER EDIT: Showing PHP in search.php
<?php
if(isset($_POST['submit'])){
if(isset($_GET['go'])){
if(preg_match("/^[ a-zA-Z]+/", $_POST['name'])){
$name=$_POST['name'];
//connect to the database
$db=mysql_connect ("localhost", "root", "password") or die ('I cannot connect to the database because: ' . mysql_error());
//-select the database to use
$mydb=mysql_select_db("acatestdb");
//-query the database table
$sql="SELECT ClientID, forename, surname, dateofbirth, postcode, addresslineone, addresslinetwo, towncity, contactnumber FROM clienttbl WHERE surname LIKE '%" . $name . "%' OR forename LIKE '%" . $name ."%'";
//-run the query against the mysql query function
$result=mysql_query($sql);
//-create while loop and loop through result set
}
}
}
?>

I am not sure what are you asking for.
Your style is very unclear same as code :-(
But check this line:
<td><a href='manageclient.php?id={$row['id']}'>Manage</a></td>
should be
<td>Manage</td>
and in your manageclient.php you can try:
<div class="label">*ClientID:
<div class="txtbox">
<input name="ClientID" type="text" id="txt" placeholder="Enter Your First Name." value="<?=(isset($_GET['ClientID']))?$_GET['ClientID']:'' ?>"/>
</div>
</div>
<br>
<div class="label">*Forename:
<div class="txtbox">
<input name="forename" type="text" id="txt" placeholder="Enter Your Last Name." value="<?=(isset($_GET['forename']))?$_GET['forename']:'' ?>"/>
</div>
</div>
<div class="label">*Surname:
<div class="txtbox">
<input name="surname" type="text" id="txt" placeholder="DD/MM/YYYY." value="<?=(isset($_GET['surname']))?$_GET['surname']:'' ?>"/>
</div>

Post data for comment is not being transferred to query

I have a update query that I want to use and it's not working. All data is being posted except for CommentID and I can't understand why.
This is my query's output:
UPDATE comments SET
title='PHP',universitet='Högskolan',
kurs='Objekt orienterad programmering i PHP',
kurskod='HIG480-34', betyg='8', message='kom igen nu PHP'
WHERE CommentID = ''
As you can see WHERE CommentID = '' is empty.
<?php
require_once 'DBConnection/connection.php';
class EditPost{
public $comment;
public $id;
public function __construct() {
$this->comment = comment;
$this->id = mysql_real_escape_string($_GET['CommentID']);
}
public function EditThePost(){
if(!isset($_POST['editComment'])){
$query = "SELECT * FROM comments WHERE CommentID = '$this->id'";
$result = mysql_query($query);
$this->comment = mysql_fetch_array($result);
}elseif(isset($_POST['CommentID'])){
$updateQuery = "UPDATE comments SET title='$_POST[title]',universitet='$_POST[universitet]',kurs='$_POST[kurs]',kurskod='$_POST[kurskod]',betyg='$_POST[betyg]',message='$_POST[TheComment]' WHERE CommentID = '$_POST['CommentID]'";
mysql_query($updateQuery) or die(mysql_error());
echo $updateQuery;
header("Location: loggedin.php");
exit();
}
}
}
Here is the edit page with HTML:
<?php
session_start();
error_reporting(E_ALL ^ E_NOTICE);
require_once 'DBConnection/connection.php';
require_once 'Posting/editPost.php';
$edit = new EditPost();
$edit->EditThePost();
?>
<!DOCTYPE html>
<html lang="sv">
<?php include('incl/header.php'); ?>
<body>
<!--The Navbar-->
<div class="navbar navbar-inverse navbar-fixed-top">
<div class="container" align="center">
Hem ||
<?php include('incl/logoutUser.php'); ?>
</div>
</div>
<!--The page container-->
<div id="container" >
<img src="logo.png" id="logoType" align="center">
<br>
<br>
<span class="label label-warning">Redigera inlägg:</span>
<div class="container" align="left">
<br>
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<p><span class="label label-info">Titel: </span> <br><input type="text" require name="title" placeholder="Ange titel.." value="<?php echo $edit->comment['title'] ;?>"</p>
<p><span class="label label-info">Högskola: </span> <br><input type="text" require name="universitet" placeholder="Ange högskola.." value="<?php echo $edit->comment['universitet']?>"></p>
<p><span class="label label-info">Kurs: </span> <br><input type="text" require name="kurs" placeholder="Ange kurs.." value="<?php echo $edit->comment['kurs']; ?>"></p>
<p><span class="label label-info">Kurskod: </span> <br><input type="text" require name="kurskod" placeholder="Ange kurskod.." value="<?php echo $edit->comment['kurskod']; ?>"></p>
<p><span class="label label-info">Betyg: </span> <br><input type="text" require name="betyg" placeholder="Betyg mellan 1-10" value="<?php echo $edit->comment['betyg']; ?>"></p>
<p><span class="label label-info">Meddelande: </span></p>
<textarea rows="10" cols="80" require name="TheComment" placeholder="Skriv ditt meddelande.." ><?php echo $edit->comment['message'];?></textarea>
<br><br>
<input type="hidden" name="CommentID" value="<?php echo $_POST['CommentID'];?>"/>
<p><input type="submit" class="btn btn-primary" name="editComment" value="Redigera inlägg"></p>
<br>
</form>
<br />
</div>
</div>
<?php include('incl/footer.php'); ?>
</div>
</body>
</html>

I will answer your question while ignoring the security issues, mostly because I don't have much time right now.
You have one issue in your constructor, where you're assigning the contents of a $_GET['CommentID'] to one variable a the $_POST['CommentID']. This is a really bad idea, you should use either $_GET['CommentID'] or $_POST['CommentID'], using both is asking for trouble.
The reason why your comment ID isn't posting is because it's not in your HTML form. From your link, you are doing
<input type="hidden" name="id" value="<?php echo $_GET['CommentID'];?>"/>
To do what you want, it should read
<input type="hidden" name="CommentID" value="<?php echo $_POST['CommentID'];?>"/>
Change the name attribute of this input to be CommentID, read the contents of $_POST['CommentID'], and your code should work.

Categories