ECHO Results into a FORM after multiple pages - php

I've seen tutorials on doing this sort of things echo'ing the results directly from the form into a different form on the following page however the issue I'm facing is slightly different and I can't find any threads that cover it, I'm sure someone will prove how much of a novice I am by answering this however.
I have a search form as shown here:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Search Contacts</title>
</head>
<p><body>
<h3>Search Contacts Details</h3>
<p>You may search either by first or last name</p>
<form method="post" action="search.php?go" id="client">
<input type="text" name="name">
<input type="submit" name="submit" value="Search">
</form>
</body>
</html>
</p>
The results are then display in a table on the Search.PHP page, the code is shown here:
enter code here
}
}
}
?>
<!DOCTYPE HTML>
<html>
<head>
<title>Client/title>
<link href="/csstwo.css" type="text/css" rel="stylesheet">
</head>
<div id="Header">
<h1>Search results</h1>
<div id="Banner"></div>
<div id="logo"></div>
<div style="clear: both;"></div>
</div> <!-- /Header -->
<body>
<div id="nav">
<div id="nav_wrapper">
<ul>
<li>Home</li>
<li>Client
<ul>
<li>Add a Client</li>
<li>Manage Client</li>
</li><li>Client List</li>
</ul>
<li>Case
<ul>
<li>Add a Case</li>
</li><li>Manage Case</li>
</ul>
<li>Help <img src="arrow.jpg">
<ul>
<li>Case</li>
<li>Client</li>
</li><li>Contacts</li>
</ul>
</li>
</ul>
</div>
</div>
<div id="content">
<table width="70%" cellpadding="5" cellspace="5" position="centre">
<tr>
<td><strong>ID</strong></td>
<td><strong>Forename</strong></td>
<td><strong>Surname</strong></td>
<td><strong>Postcode</strong></td>
<td><strong>Address Line One</strong></td>
<td><strong>Address Line Two</strong></td>
<td><strong>Town/City</strong></td>
<td><strong>Contact Number</strong></td>
<td><strong>Manage Client</strong></td>
</tr>
<?php while ($row =mysql_fetch_array($result)) { ?>
<tr>
<td><?php echo $ID =$row ['ClientID'] ?></td>
<td><?php echo $FirstName =$row ['forename'] ?></td>
<td><?php echo $LastName =$row ['surname'] ?></td>
<td><?php echo $row ['postcode'] ?></td>
<td><?php echo $row ['addresslineone'] ?></td>
<td><?php echo $row ['addresslinetwo'] ?></td>
<td><?php echo $row ['towncity'] ?></td>
<td><?php echo $row ['contactnumber'] ?></td>
<td><a href='manageclient.php?id={$row['id']}'>Manage</a></td>
</tr>
<?php } ?>
</table>
</body>
I have a link at the end that takes you to Manageclient.php, the user would select Manage Client on the Search.php page that displays results. This would then take the user to Manageclient.php with a prepopulate form from the results of Search.php.
I'm probably being extremely stupid but I can't seem to carry the results from the Search.php and echo them into the form on Manageclient.php, I always keep getting errors saying the variables are not defined.
I hope this makes sense and any help on this would be appreciated greatly.
EDIT:
I'm posting to this form on manageclient.php:
<form action="manageclient.php" method="post" form id="client">
<div class="label">
<h1> Edit a Client
<span>Please enter the case's details below.</span>
</h1>
<div class="label">*ClientID:
<div class="txtbox">
<input name="ClientID" type="text" id="txt" placeholder="Enter Your First Name." value="<?php echo $result ['ClientID']; ?>"/>
</div>
</div>
<br>
<div class="label">*Forename:
<div class="txtbox">
<input name="forename" type="text" id="txt" placeholder="Enter Your Last Name." value="<?php echo $result ['forename']; ?>"/>
</div>
</div>
<div class="label">*Surname:
<div class="txtbox">
<input name="surname" type="text" id="txt" placeholder="DD/MM/YYYY." value="<?php echo $result ['surname']; ?>"/>
</div>
</div>
I get the following error messages:
Notice: Undefined variable: result in C:\xampp\htdocs\acaproject\manageclient.php on line 105
Warning: mysql_fetch_array() expects parameter 1 to be resource, null given in C:\xampp\htdocs\acaproject\manageclient.php on line 105
Notice: Undefined index: ClientID in C:\xampp\htdocs\acaproject\manageclient.php on line 75
Notice: Undefined index: forename in C:\xampp\htdocs\acaproject\manageclient.php on line 81
Notice: Undefined index: surname in C:\xampp\htdocs\acaproject\manageclient.php on line 86
FURTHER EDIT: Showing PHP in search.php
<?php
if(isset($_POST['submit'])){
if(isset($_GET['go'])){
if(preg_match("/^[ a-zA-Z]+/", $_POST['name'])){
$name=$_POST['name'];
//connect to the database
$db=mysql_connect ("localhost", "root", "password") or die ('I cannot connect to the database because: ' . mysql_error());
//-select the database to use
$mydb=mysql_select_db("acatestdb");
//-query the database table
$sql="SELECT ClientID, forename, surname, dateofbirth, postcode, addresslineone, addresslinetwo, towncity, contactnumber FROM clienttbl WHERE surname LIKE '%" . $name . "%' OR forename LIKE '%" . $name ."%'";
//-run the query against the mysql query function
$result=mysql_query($sql);
//-create while loop and loop through result set
}
}
}
?>


I am not sure what are you asking for.
Your style is very unclear same as code :-(
But check this line:
<td><a href='manageclient.php?id={$row['id']}'>Manage</a></td>
should be
<td>Manage</td>
and in your manageclient.php you can try:
<div class="label">*ClientID:
<div class="txtbox">
<input name="ClientID" type="text" id="txt" placeholder="Enter Your First Name." value="<?=(isset($_GET['ClientID']))?$_GET['ClientID']:'' ?>"/>
</div>
</div>
<br>
<div class="label">*Forename:
<div class="txtbox">
<input name="forename" type="text" id="txt" placeholder="Enter Your Last Name." value="<?=(isset($_GET['forename']))?$_GET['forename']:'' ?>"/>
</div>
</div>
<div class="label">*Surname:
<div class="txtbox">
<input name="surname" type="text" id="txt" placeholder="DD/MM/YYYY." value="<?=(isset($_GET['surname']))?$_GET['surname']:'' ?>"/>
</div>

Related

echo a html page and entering values into a form from php variables

I want to block access to a PHP page.
I'm doing that with this way: If you been logged in, PHP check if exist a cookie, and doing echo the HTML, else it's redirecting you to login page.
Here is the code but when I'm trying to set value attribute equal to a PHP variable, I'm getting back the php code ex.""
The PHP code inside the selection tag, isn't working either!
<?php
if(isset($_COOKIE['User_Email_Cookie'])) {
session_start();
$name =$_SESSION['User_FullName'];
$phone =$_SESSION['User_Phone'];
echo '<!DOCTYPE html>
<html>
<body>
<h1 class="Title">Reserve a table now!</h1>
<center>
<form action="reservation2.php" method="post">
<div class="App">
<div class="User">
<h2 style="text-align:left;"> Contact:</h2>
<input type="text" id="Name" placeholder="Full Name" value="<?php echo $name ?>" required>
<input type="tel" id="Phone" placeholder="Phone" value="<?php echo $phone ?>" required>
</div>
<div class="DatePeople">
<h2> Choose the Date:</h2>
<input type="date" id="Date" name="TableDate">
<select name="Time" class="time">
<option>19:00</option>
<option>19:30</option>
<option>20:00</option>
<option>20:30</option>
<option>21:00 </option>
<option>21:30</option>
<option>22:00</option>
</select>
<h2 style="margin-top:0px;">Choose Table, People: <a target="_blank" href="media/diagram.png"><img src="media/info.png" width="23px"></a></h2>
<select name="TableNum" class="table">
<?php
include \'connectDb.php\'; #Eisagwgi stoixeiwn gia syndesi me ti vasi
$result=mysqli_query($con,"SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.Columns WHERE
TABLE_NAME = \'available\' AND COLUMN_NAME NOT IN (\'Date\', \'Time\')");
while($row = mysqli_fetch_array($result)) {
echo \'<option>\'.$row[0].\'</option>\';
}
?>
</select>
<input type="number" id="seats" name="People" min="2" max="8" value="4" >
</div>
</div>
<div>
<input type="submit" name="Submit" value="Reserve">
<a class="button" href="logout.php">Log out</a>
</div> </center>
</form>
else {
header("location: reservation.php");
}

The issue is that you echo the html, and inside that echo you combine "inner" php tags (value="<?php echo $name ?>" instead of value="' . $name . '" for example).
Change:
echo '<!DOCTYPE html>
To:
?><!DOCTYPE html>
And at the end, where you have:
</form>
Replace it with
</form></body></html><?php
The above code allows you combine html markup, by closing the php tags in the correct place, without you having to echo it with php.
Read the documentation for more details.

Please try this code
<?php
if(isset($_COOKIE['User_Email_Cookie'])) {
session_start();
$name =$_SESSION['User_FullName'];
$phone =$_SESSION['User_Phone'];
?>
<!DOCTYPE html>
<html>
<body>
<h1 class="Title">Reserve a table now!</h1>
<center>
<form action="reservation2.php" method="post">
<div class="App">
<div class="User">
<h2 style="text-align:left;"> Contact:</h2>
<input type="text" id="Name" placeholder="Full Name" value="<?php echo $name ?>" required>
<input type="tel" id="Phone" placeholder="Phone" value="<?php echo $phone ?>" required>
</div>
<div class="DatePeople">
<h2> Choose the Date:</h2>
<input type="date" id="Date" name="TableDate">
<select name="Time" class="time">
<option>19:00</option>
<option>19:30</option>
<option>20:00</option>
<option>20:30</option>
<option>21:00 </option>
<option>21:30</option>
<option>22:00</option>
</select>
<h2 style="margin-top:0px;">Choose Table, People: <a target="_blank" href="media/diagram.png"><img src="media/info.png" width="23px"></a></h2>
<select name="TableNum" class="table">
<?php
include \'connectDb.php\'; #Eisagwgi stoixeiwn gia syndesi me ti vasi
$result=mysqli_query($con,"SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.Columns WHERE
TABLE_NAME = \'available\' AND COLUMN_NAME NOT IN (\'Date\', \'Time\')");
while($row = mysqli_fetch_array($result)) {
echo \'<option>\'.$row[0].\'</option>\';
}
?>
</select>
<input type="number" id="seats" name="People" min="2" max="8" value="4" >
</div>
</div>
<div>
<input type="submit" name="Submit" value="Reserve">
<a class="button" href="logout.php">Log out</a>
</div> </center>
</form>
<?php
else {
header("location: reservation.php");
}
?>

What's wrong with update query in php

I am trying to update and insert using one file. Following code can insert the data but when i try to update it is not working but data is also going to else part when i try to update it.
Flow Homepage -> Insert/Update UI -> Insert/Update Operation
Homepage which display all the data. There is update and delete link button. Now you got idea that id is already passing.
<!DOCTYPE>
<?php
session_start();
/*if(!isset($_SESSION["isLogin"]))
{
header("location:index.php");
}*/
?>
<html>
<head>
<title></title>
<?php
include_once("include.html");
include_once("dbconfig.php");
?>
</head>
<body>
<?php include_once("navbar.html"); ?>
<div class="main mainContentMargin">
<div class="row">
<?php
$sth = $pdo->prepare("SELECT * FROM product_master where isActive='y' order by id desc");
$sth->execute();
?>
<div class="card col s12">
<table class="responsive-table centered striped">
<thead>
<tr>
<th style="width: 15%">Product Name</th>
<th>Description</th>
<th style="width: 15%">Price</th>
<th>Update</th>
<th>Delete</th>
</tr>
</thead>
<tbody>
<?php
while ($row = $sth->fetch(PDO::FETCH_ASSOC))
{
?>
<tr>
<td style="width: 15%"><?php echo $row["p_name"] ?></td>
<td ><?php echo $row["description"] ?></td>
<td style="width: 15%"><?php echo $row["price"]." Rs./".$row["unit"] ?></td>
<td style="width:5%"><i class="material-icons">mode_edit</i></td>
<td style="width:5%"><i class="material-icons">mode_delete</i></td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
</div>
</div>
<?php include_once("footer.html");?>
</body>
</html>
Insert / Update UI
<?php
session_start();
/*if(!isset($_SESSION["isLogin"]))
{
header("location:index.php");
}*/
?>
<html>
<head>
<title></title>
<?php
include_once("include.html");
include_once("dbconfig.php");
?>
</head>
<body>
<?php include_once("navbar.html"); ?>
<?php
$product="";
$descritpion="";
$price="";
$unit="";
$ins_up="Insert";
if(isset($_REQUEST["id"]))
{
$sth = $pdo->prepare("SELECT * FROM product_master where id=".$_REQUEST["id"]);
$sth->execute();
while ($row = $sth->fetch(PDO::FETCH_ASSOC))
{
$product=$row["p_name"];
$descritpion=$row["description"];
$price=$row["price"];
$unit=$row["unit"];
$ins_up="Update";
}
}
?>
<div class="main mainContentMargin">
<div class="row">
<form method="post" action="insertProduct.php">
<div class="card col s12">
<div class="card-content">
<div class="input-field">
<input type="text" name="txtProductname" id="txtProductname" value="<?php echo $product ?>">
<label for="txtProductname">Product Name</label>
</div>
<div class="input-field">
<textarea name="txtDesc" id="txtDesc" class="materialize-textarea" value="<?php echo $descritpion ?>"></textarea>
<label for="txtDesc">Description</label>
<script>
$(document).ready(function($) {
$('#txtDesc').val("<?php echo $descritpion ?>");
});
</script>
</div>
<div class="input-field">
<input type="number" name="txtProductprice" id="txtProductprice" value="<?php echo $price ?>">
<label for="txtProductprice">Price</label>
</div>
<div>
<?php
if($unit=="pcs" || $unit=="")
{
?>
<input name="group1" type="radio" id="pcsUnit" value="pcs" checked />
<label for="pcsUnit">Pcs.</label>
<input name="group1" type="radio" id="pcsKg" value="kg" />
<label for="pcsKg">KG.</label>
<?php
}
else
{
?>
<input name="group1" type="radio" id="pcsUnit" value="pcs" />
<label for="pcsUnit">Pcs.</label>
<input name="group1" type="radio" id="pcsKg" value="kg" checked />
<label for="pcsKg">KG.</label>
<?php
}
?>
</div>
</div>
<div class="card-action">
<div class="input-field">
<input type="submit" class="btn" name="btnInsert" id="btnInsert" value="<?php echo $ins_up ?>"></td>
</div>
</div>
</div>
</form>
</div>
</div>
<?php include_once("footer.html");?>
</body>
</html>
Insert / Update Operation File
<?php
include("dbconfig.php");
if(isset($_REQUEST["id"]))
$id=$_REQUEST["id"];
$name=$_REQUEST["txtProductname"];
$description=$_REQUEST["txtDesc"];
$price=$_REQUEST["txtProductprice"];
$unit=$_REQUEST["group1"];
if($_REQUEST["btnInsert"]!="Update")
{
$stmt=$pdo->prepare("INSERT INTO product_master (p_name, description, price,unit,isActive)
VALUES (:p_name, :description, :price,:unit,:isActive)");
$isActive='y';
$stmt->bindParam(':isActive', $isActive);
}
else
{
$stmt=$pdo->prepare("update product_master SET p_name=:p_name , description=:description , price=:price , unit=:unit where id=:id");
$stmt->bindParam(":id",$id);
}
$stmt->bindParam(':p_name', $name);
$stmt->bindParam(':description', $description);
$stmt->bindParam(':price', $price);
$stmt->bindParam(':unit', $unit);
$stmt->execute();
if($stmt->rowCount()) {
echo 'success';
} else {
echo 'update failed';
}
//header('Location: home.php');
?>
DBConfig
<?php
$pdo = new PDO("mysql:host=localhost; dbname=db_inventory;","root","");
$pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$pdo->exec("set names utf8");
?>

$id is not defined when you run your UPDATE.
While you have defined id while you're on on the GUI page, the value is not passed with the next request to the script that actually queries your database.
Add the following line to your form:
<input type="hidden" name="id" value="<?php echo htmlentities($_GET['id']); ?>" />

Make user your id is retrieved properly. In your form i didn't any input element for the id. So when you try to get from the request it always comes empty.
If you server error logs are on, you might get the error undefined variable $id...

Why are my search results not visible under the search form?

hoping somebody is able to help!
I have created a search form to enable a user to search for a specific assessment day using the name, date and the company it is for.
The results of this search should appear below the form used to generate the search. However, at the moment, when the search button is selected the form just refreshes and does not show any results?
Can anyone advise? Code below:
<?php
if(isset($_GET['submit'])){
require_once 'connect.php';
if(isset($_GET['nameofassessmentday'])) {
if(isset($_GET['dateofassessmentday'])) {
if(isset($_GET['companyname'])) {
$nameofassessmentday = $db-> real_escape_string($_GET['nameofassessmentday']);
$dateofassessmentday = $db-> real_escape_string($_GET['dateofassessmentday']);
$companyname = $db-> real_escape_string($_GET['companyname']);
$query = $db->query ("
SELECT Name, Company
FROM assessment_day_details
WHERE Name LIKE '{$nameofassessmentday}'
AND Company LIKE '{$companyname}'
AND Date_of_Day = '{$dateofassessmentday}'
");
}
}
}
?>
<div class="result-count">
Found <?php echo $query->num_rows; ?> results.
</div>
<?php
if($query-> num_rows) {
while($r = $query->fetch_object()) {
?>
<div class="result">
<?php echo $r->Name; ?>
<?php echo $r->Company; ?>
</div>
<?php
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Assess Existing Assessment Day-Search</title>
<link rel="stylesheet" href="style.css">
</head>
<?php
include 'function.php';
}
?>
<body>
<div id="form">
<form method="get">
<p>
<label>Name of Assessment Day:</label>
<input type="text" id="nameofassessmentday" name="nameofassessmentday" required/>
</p>
<p>
<label>Date of Assessment Day:</label>
<input type="date" id="dateofassessmentday" name="dateofassessmentday" required />
</p>
<p>
<label>Company Name :</label>
<input type="text" id="companyname" name="companyname" required/>
</p>
<p>
<input type="submit" id="btn" value="Search" />
</p>
</form>
</div>
</body>
</html>
Also, just one additional question for future reference. Is there anyway I would be able to hyperlink a search result to go to a particular page?
Thanks in advance!
And as some further information, prior to trying to get the search results to show in the same webpage, I had the below two pages and it worked perfectly.
<!DOCTYPE html>
<html>
<head>
<title>Assess Existing Assessment Day-Search</title>
<link rel="stylesheet" href="style.css">
</head>
<?php
include 'function.php';
?>
<body>
<div id="form">
<form action="search.php" method="get">
<p>
<label>Name of Assessment Day:</label>
<input type="text" id="nameofassessmentday" name="nameofassessmentday" required/>
</p>
<p>
<label>Date of Assessment Day:</label>
<input type="date" id="dateofassessmentday" name="dateofassessmentday" required />
</p>
<p>
<label>Company Name :</label>
<input type="text" id="companyname" name="companyname" required/>
</p>
<p>
<input type="submit" id="btn" value="Search" />
</p>
</form>
</div>
</body>
</html>
<?php
require_once 'connect.php';
include 'function.php';
if(isset($_GET['nameofassessmentday'])) {
if(isset($_GET['dateofassessmentday'])) {
if(isset($_GET['companyname'])) {
$nameofassessmentday = $db-> real_escape_string($_GET['nameofassessmentday']);
$dateofassessmentday = $db-> real_escape_string($_GET['dateofassessmentday']);
$companyname = $db-> real_escape_string($_GET['companyname']);
$query = $db->query ("
SELECT Name, Company
FROM assessment_day_details
WHERE Name LIKE '{$nameofassessmentday}'
AND Company LIKE '{$companyname}'
AND Date_of_Day = '{$dateofassessmentday}'
");
}
}
}
?>
<div class="result-count">
Found <?php echo $query->num_rows; ?> results.
</div>
<?php
if($query-> num_rows) {
while($r = $query->fetch_object()) {
?>
<div class="result">
<?php echo $r->Name; ?>
<?php echo $r->Company; ?>
</div>
<?php
}
}
?>

you have to add '%' when you use LIKE in query
check here https://www.w3schools.com/sql/sql_like.asp

Post data for comment is not being transferred to query

I have a update query that I want to use and it's not working. All data is being posted except for CommentID and I can't understand why.
This is my query's output:
UPDATE comments SET
title='PHP',universitet='Högskolan',
kurs='Objekt orienterad programmering i PHP',
kurskod='HIG480-34', betyg='8', message='kom igen nu PHP'
WHERE CommentID = ''
As you can see WHERE CommentID = '' is empty.
<?php
require_once 'DBConnection/connection.php';
class EditPost{
public $comment;
public $id;
public function __construct() {
$this->comment = comment;
$this->id = mysql_real_escape_string($_GET['CommentID']);
}
public function EditThePost(){
if(!isset($_POST['editComment'])){
$query = "SELECT * FROM comments WHERE CommentID = '$this->id'";
$result = mysql_query($query);
$this->comment = mysql_fetch_array($result);
}elseif(isset($_POST['CommentID'])){
$updateQuery = "UPDATE comments SET title='$_POST[title]',universitet='$_POST[universitet]',kurs='$_POST[kurs]',kurskod='$_POST[kurskod]',betyg='$_POST[betyg]',message='$_POST[TheComment]' WHERE CommentID = '$_POST['CommentID]'";
mysql_query($updateQuery) or die(mysql_error());
echo $updateQuery;
header("Location: loggedin.php");
exit();
}
}
}
Here is the edit page with HTML:
<?php
session_start();
error_reporting(E_ALL ^ E_NOTICE);
require_once 'DBConnection/connection.php';
require_once 'Posting/editPost.php';
$edit = new EditPost();
$edit->EditThePost();
?>
<!DOCTYPE html>
<html lang="sv">
<?php include('incl/header.php'); ?>
<body>
<!--The Navbar-->
<div class="navbar navbar-inverse navbar-fixed-top">
<div class="container" align="center">
Hem ||
<?php include('incl/logoutUser.php'); ?>
</div>
</div>
<!--The page container-->
<div id="container" >
<img src="logo.png" id="logoType" align="center">
<br>
<br>
<span class="label label-warning">Redigera inlägg:</span>
<div class="container" align="left">
<br>
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post">
<p><span class="label label-info">Titel: </span> <br><input type="text" require name="title" placeholder="Ange titel.." value="<?php echo $edit->comment['title'] ;?>"</p>
<p><span class="label label-info">Högskola: </span> <br><input type="text" require name="universitet" placeholder="Ange högskola.." value="<?php echo $edit->comment['universitet']?>"></p>
<p><span class="label label-info">Kurs: </span> <br><input type="text" require name="kurs" placeholder="Ange kurs.." value="<?php echo $edit->comment['kurs']; ?>"></p>
<p><span class="label label-info">Kurskod: </span> <br><input type="text" require name="kurskod" placeholder="Ange kurskod.." value="<?php echo $edit->comment['kurskod']; ?>"></p>
<p><span class="label label-info">Betyg: </span> <br><input type="text" require name="betyg" placeholder="Betyg mellan 1-10" value="<?php echo $edit->comment['betyg']; ?>"></p>
<p><span class="label label-info">Meddelande: </span></p>
<textarea rows="10" cols="80" require name="TheComment" placeholder="Skriv ditt meddelande.." ><?php echo $edit->comment['message'];?></textarea>
<br><br>
<input type="hidden" name="CommentID" value="<?php echo $_POST['CommentID'];?>"/>
<p><input type="submit" class="btn btn-primary" name="editComment" value="Redigera inlägg"></p>
<br>
</form>
<br />
</div>
</div>
<?php include('incl/footer.php'); ?>
</div>
</body>
</html>

I will answer your question while ignoring the security issues, mostly because I don't have much time right now.
You have one issue in your constructor, where you're assigning the contents of a $_GET['CommentID'] to one variable a the $_POST['CommentID']. This is a really bad idea, you should use either $_GET['CommentID'] or $_POST['CommentID'], using both is asking for trouble.
The reason why your comment ID isn't posting is because it's not in your HTML form. From your link, you are doing
<input type="hidden" name="id" value="<?php echo $_GET['CommentID'];?>"/>
To do what you want, it should read
<input type="hidden" name="CommentID" value="<?php echo $_POST['CommentID'];?>"/>
Change the name attribute of this input to be CommentID, read the contents of $_POST['CommentID'], and your code should work.

php if statement and comparison value

<?php
error_reporting(0);
session_start();
if(!$_SESSION["login"]){
print '<script type="text/javascript">';
print 'alert("You need to login first")';
print '</script>'; echo '<meta http-equiv="REFRESH" content="0;url=home.php">';
die();
}
?>
<?php
//This is the book stuff
ob_start();
#error_reporting(0);
$host="localhost"; // Host name
include 'databaselogin.php';
$db_name="X"; // Database name
$tbl_name="Books"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$id = $_GET["id"];
$sql = 'SELECT * FROM Books WHERE `id` = '.$id.' LIMIT 1';
$result=mysql_query($sql) or die(mysql_error());
while($rows = mysql_fetch_array($result)){
?>
<?
//this is user stuff.
ob_start();
error_reporting(0);
$host="localhost"; // Host name
include 'databaselogin.php';
$currentuser = $_SESSION["id"];
$db_name="X"; // Database name
$tbl_name="users"; // Table name
$tbl_name="Books"; // Table name
/*
if ($rows['userid'] != $currentusers)
{
print '<script type="text/javascript">';
print 'alert("you dont have permissions")';
print '</script>'; echo '<meta http-equiv="REFRESH" content="0;url=home.php">';
}
*/
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Silent Generation</title>
<link rel="stylesheet" href="styles.css" type="text/css" media="screen" />
<link rel="stylesheet" type="text/css" href="print.css" media="print" />
<!--[if IE]><script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script><![endif]-->
<!--script section-->
<script type="text/javascript">
</script>
<!--end script section-->
</head>
<body>
<div id="wrapper"><!-- #wrapper -->
<header><!-- header -->
<h1>Silent Generation</h1>
<h2>Would it be too chezy to say silent but deadly</h2>
</header><!-- end of header -->
<nav><!-- top nav -->
<div class="menu">
<ul>
<li>Home</li>
<li>Sell</li>
<li>Buy</li>
<li>Stores</li>
<li>Donate</li>
<li>Contact Us</li>
<li>Support</li>
</ul>
</div>
</nav><!-- end of top nav -->
<section id="main"><!-- #main content and sidebar area -->
<section id="content"><!-- #content -->
<article>
<form method="GET" action="editadd.php" name="add" id="add">
Book Name:
<div align="center" style="margin-top:-15px;">
<input type="text" name="name" id="name" value="<?echo $rows["name"];?>"/></div>
Author's Name: <div align="center" style="margin-top:-15px;"><input type="text" name="author" id="author" value="<?echo $rows["author"];?>"></div>
ISBN: <div align="center" style="margin-top:-15px;"><input type="text" name="ISBN" id="ISBN" value="<?echo $rows["ISBN"];?>"></div>
Edition : <div align="center" style="margin-top:-15px;"><input type="text" name="edition" id="edition" value="<?echo $rows["edition"];?>"></div>
Contact info:<div align="center" style="margin-top:-15px;"> <input type="text" name="contact" id="contact" value="<?echo $rows["contact"];?>" /></div>
Price: <div align="center" style="margin-top:-15px;"> <input type="text" name="price" id="price" / value="<?echo $rows["price"];?>"></div>
Comments: <div align="center"><textarea id="comments" name="comments" rows="13" cols="80" ><?echo $rows["comment"];?> </textarea></div>
<div align="center"><input type="submit" value="Submit" style="width:660px;height:70px;"/></div>
<input type="hidden" name="id" value="<?echo $rows["id"];?>" />
</form>
current user: <?echo $currentuser;?>
posted by: <?echo $rows['userid']?>
<?
}
ob_end_flush();
if ( intval($rows['userid']) == intval($currentusers))
{echo "true";}
else
{echo "fasle";}
?>
</article>
<pre>
</pre>
</section><!-- end of #content -->
<aside id="sidebar"><!-- sidebar -->
<?php
error_reporting(0);
session_start();
if(!$_SESSION["login"]){
?>
<h3>Login</h3>
<form method="post" ACTION="login.php">
E-mail
<input type="text" id="myusername" name="myusername" />
<br/>
<br/>
Password <input type="password" id="mypassword" name="mypassword" />
<br/>
<br/>
<INPUT TYPE="submit" VALUE="Submit" />
<br/>
<input TYPE="button" VALUE="Password?"onclick="javascript:document.location='lostpass.php'; return false; "/>
</form>
<pre>
</pre>
<h3>Register</h3>
<form method="post" action="register.php" name="register" id="register">Name <br/><input type="text" id="name" name="name" ><br/>
Email <br/> <input type="text" id="email" name="email"><br/>
School <br/> <select name="school" id="school">
<option value='Sierra College'>Sierra College</option>
<option value='American River'>American River</option>
<option value='UC Davis'>UC Davis</option>
<option value='UCLA'>UCLA</option>
<option value='UCSD'>UCSD</option>
</select><br/>
Password <br/> <input type="password" id="password" name="password"><br/>
Conform Password <br/> <input type="password" id="password2" name="password2"><br/>
<br/>
<input type="submit" value="Submit">
<input type="reset" value="Clear">
</form>
<?}else{?>
<h3>Welcome</h3> <?php echo $_SESSION["username1"] ?>
Logout
<?}
?>
<h3>Connect With Us</h3>
<ul>
<li>Twitter</li>
<li>Facebook</li>
</ul>
</aside><!-- end of sidebar -->
</section><!-- end of #main content and sidebar-->
<footer>
<section id="footer-area">
<section id="footer-outer-block">
<aside class="footer-segment">
<h4>Joubin Jabbari</h4>
<p>© 2011 Silentgen.com
presents a site by a student for students.
</p>
</aside><!-- end of #fourth footer segment -->
</section><!-- end of footer-outer-block -->
</section><!-- end of footer-area -->
</footer>
</div><!-- #wrapper -->
<!-- Free template created by http://freehtml5templates.com -->
</body>
</html>
The above is my entire code.... the fist few blocks of php is all you need to look at. All I want to is to make sure that the person is trying to edit this post is the person that has posted it. otherwise, they need to be rerouted else where.

hmm... perhaps trying if ( intval($rows['userid']) == intva($currentusers))
Ok, you were using the wrong variable name. It is meant to by $currentuser not $currentusers.
if ( $rows['userid'] == $currentuser)
echo "true";
else
echo "false";

based on your variable name your $currentusers is an array of users, if so you can check if a value exists in it with in_array($value,$array);
if not, you have named your variable in a bad manner =D, maybe it's a type problem. cast both of them to int values with intval function
if(inval($rows['userid']) == intval($currentusers))

Nothing is wrong with your conditional statement, so it must be an issue with what is being stored in $currentusers and $rows['userid']. Can you provide more code specific to the values being assigned to those two variables?
EDIT: You have a typo in your code. You're comparing to "$currentusers" instead of "$currentuser". Try this:
if ( intval($rows['userid']) == intval($currentuser))
{echo "true";}
else
{echo "fasle";}

Categories