I'm trying to update wp_table (custom table) via frontend.
i want update records in self submitted page $_SERVER['PHP_SELF']
after update sucesfully i want redirect user to home page. but not working
$domain = $_POST['domain'];
$appointment = $_POST['appointment'];
$rid = $_POST['rid'];
global $wpdb;
if (!isset($_POST['save'])) {
if (mysql_query("UPDATE wp_domain SET domain='$domain', appointmenttime_setting='$appointment' WHERE re_id=$rid"))
{
//echo "UPDATE wp_domain SET domain='$domain', cron_setting='$twitime' WHERE re_id=$rid";
header( 'Location:http://localhost/thepost/?page_id=17' ) ;
}
}
My html code is here
<form method="post" action="<?php $_SERVER['PHP_SELF'] ?>">
<table width="300" border="1">
<tr style="width:450px;">
<td>Domain</td>
<td>
<?php
$act = $Rrow->active_not;
if($act=="NO")
{ ?>
<input name="domain" value="<?php echo $Rrow->domain; ?>" type="text">
<?php
}
else
{
echo $Rrow->domain;
}
?>
</td>
</tr>
<tr>
<td>Appointment Time</td>
<td><select name="appointment">
<option value="5 Minute">5 Minute</option>
<option value="10 Minute">10 Minute</option>
<option value="15 Minute">15 Minute</option>
<option value="30 Minute">30 Minute</option>
<option value="45 Minute">45 Minute</option>
<option value="1 Hour">1 Hour</option>
</select>
<input type="hidden" name="rid" value="<?php echo $Rrow->re_id; ?>" />
</td>
</tr>
<tr>
<td><a class="btn">SAVE</a></td>
<td><input name="save" id="save" type="submit" /></td>
</tr>
</table>
</form>
I feel your issue is with if (!isset($_POST['save'])) and mysql_query instead of wp_query, try like this
if (isset($_POST['save'])) {
if (wp_query("UPDATE wp_domain SET domain='$domain', appointmenttime_setting='$appointment' WHERE re_id=$rid")){
header( 'Location:http://localhost/thepost/?page_id=17' ) ;
exit;
}
}
Related
I have a list proxy.Once I select and save it I want to display the selected data. How can I do this?.I want to display it in selected list and once I reload or get back to that page `
<?php
include_once("../noaccess.php");
include_once(CLASS_PATH."fetch_service.php");
$objfetch = new fetchService();
include_once(CLASS_PATH."proxy.php");
$objproxy = new Proxy();
include_once(CLASS_PATH."log.php");
$objlog= new changelog();
$account_id=$_SESSION['account_id'];
global $mysqli;
if($_POST['submit']=="Save")
{
$pname=$_POST['proxy'];
$query="UPDATE `proxy` SET `proxy_default`='1' where `proxyname`='$pname'";
$mysqli->query($query) or die($mysqli->error);
$_SESSION['check_update'] = "1";
setcookie("msg","Proxy Seleted",time()+5,"/");
header("location:".SITE_URL."index.php?view=default_proxy");
}
?>
<form name="frmcr" id="frmcr" action="" method="post" enctype="multipart/form-data">
<input type="hidden" name="mode" id="mode" value="insert" />
<table align="left" id="tblworking_hours" class="tbl_altcolor shadow" style="width:25%;margin-left:30px">
<thead>
<tr>
<th align="center"><b>Proxy</b></th>
<td><select name="proxy" id="proxy" class="required input">
<option value="">Select</option>
<!-- <option value="<?php echo $i ;?>"<?php echo $i==$ring21 ? "selected":"";?> ><?php echo $i;?></option> -->
<?php
$result = $objfetch->fetch_proxy("*","where account_id='".$_SESSION['account_id']."' ");
foreach($result as $key=>$resrproxy)
{
?>
<option value="<?php echo $resrproxy['proxyname'];?>"<?php echo $resrproxy['proxyname']== $resrproxy['proxyname'] ? "selected":"";?>><?php echo $resrproxy['proxyname'];?></option>
<?php } ?>
</select></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="submit" id="submit" value="Save" class="btn" style="margin-left:35px;"/></td>
</tr>
</thead>
</table>
</div>
You've to compare $resrproxy['proxyname'] value with $pname. Your code should be like this:
// your code
<select name="proxy" id="proxy" class="required input">
<option value="">Select</option>
<?php
$result = $objfetch->fetch_proxy("*","where account_id='".$_SESSION['account_id']."' ");
foreach($result as $key=>$resrproxy){
$option = "<option value=\"{$resrproxy['proxyname']}\"";
if(isset($pname)){
if($pname == $resrproxy['proxyname']){
$option .= " selected=\"selected\"";
}
}
$option .= ">{$resrproxy['proxyname']}</option>";
echo $option;
}
?>
</select>
// your code `
<td>
<select name="proxy" id="proxy" class="required input">
<option value="">Select</option>
<?php
$result = $objfetch->fetch_proxy("*","where account_id='".$_SESSION['account_id']."' and `proxy_default`='1'");
$pname=$result[0]['proxyname'];
$result = $objfetch->fetch_proxy("*","where account_id='".$_SESSION['account_id']."' ");
foreach($result as $key=>$resrproxy)
{
?>
<option value="<?php echo $resrproxy['proxyname'];?>"<?php echo $resrproxy['proxyname']==$pname ? "selected":"";?>><?php echo $resrproxy['proxyname'];?></option>
<?php } ?>
</select>
</td>
I have a simple form on my page and I want to make sure every field is filled before inserting the values into the database. The problem is the condition never met, even if every field is filled I still get "Something is missing"...
Search:
<form method="post" action="<?php echo $_SERVER[" PHP_SELF "]?>">
<input placeholder="e-mail address" type="text" name="email_search">
<input type="submit" name="search" value="Go">
<?php if (isset($_POST[ "search"])) { $email_search=m ysql_real_escape_string($_POST[ "email_search"]); $check=m ysql_query( "SELECT * FROM torzsvendegek WHERE email = '$email_search'"); $s=m ysql_fetch_array($check); }?>
<form method="post" action="<?php echo $_SERVER[" PHP_SELF "]?>">
<table width="440" border="0" style="text-align:right;">
<tr>
<td>E-mail:</td>
<td>
<input type="text" name="email" value="<?php echo $email_search;?>" disabled>
</td>
</tr>
<tr>
<td>Név:</td>
<td>
<input type="text" name="nev" value="<?php echo $s['nev'];?>">
</td>
</tr>
<tr>
<td>Mikor:</td>
<td>
<input type="text" name="mikor">
</td>
</tr>
<tr>
<td>Éjszakák száma:</td>
<td>
<input type="text" name="ejszakak">
</td>
</tr>
<tr>
<td>Nemzetisége:</td>
<td align="left">
<select name="nyelv">
<option value="magyar" <?php if($s[ 'nyelv']=="magyar" ) echo "selected=\"selected\ ""; ?>>Magyar</option>
<option value="nemet" <?php if($s[ 'nyelv']=="nemet" ) echo "selected=\"selected\ ""; ?>>Német</option>
<option value="lengyel" <?php if($s[ 'nyelv']=="lengyel" ) echo "selected=\"selected\ ""; ?>>Lengyel</option>
<option value="roman" <?php if($s[ 'nyelv']=="roman" ) echo "selected=\"selected\ ""; ?>>Román</option>
<option value="szlovak" <?php if($s[ 'nyelv']=="szlovak" ) echo "selected=\"selected\ ""; ?>>Szlovák</option>
<option value="egyeb" <?php if($s[ 'nyelv']=="egyeb" ) echo "selected=\"selected\ ""; ?>>Egyéb</option>
</select>
</td>
</tr>
<tr>
<td>Megjegyzés:</td>
<td>
<textarea name="megjegyzes">
<?php echo htmlspecialchars($s[ 'megjegyzes']);?>
</textarea>
</td>
</tr>
</table>
<br>
<table width="440">
<tr>
<td>
<input type="submit" name="submit_add" value="Hozzáad">
</td>
</tr>
</table>
</form>
<?php if (isset($_POST[ "submit_add"]) && !empty($_POST[ "nev"]) && !empty($_POST[ "email"]) && !empty($_POST[ "mikor"]) && !empty($_POST[ "ejszakak"])){ $nev=m ysql_real_escape_string($_POST[ "nev"]); $email=m ysql_real_escape_string($_POST[ "email"]); $mikor=m ysql_real_escape_string($_POST[ "mikor"]); $ejszakak=m ysql_real_escape_string($_POST[ "ejszakak"]); $nyelv=m ysql_real_escape_string($_POST[ "nyelv"]); $megjegyzes=m ysql_real_escape_string($_POST[ "megjegyzes"]); $check2=m ysql_query( "SELECT * FROM torzsvendegek WHERE email = '$email'"); $br="<br>" ; if (mysql_num_rows($check2)> 0) { $adatok = mysql_fetch_array($check2); $osszesen = ($adatok['ejszakak'] + $ejszakak); mysql_query("UPDATE torzsvendegek SET nev = '".$nev."', mikor = '".$adatok['mikor']."".$mikor."".$br."', ejszakak = '".$osszesen."', nyelv = '".$nyelv."', megjegyzes = '".$adatok['megjegyzes']."".$megjegyzes."".$br."' WHERE email = '".$email."'"); echo "
<br>".$email." Updated"; } else { mysql_query("INSERT INTO torzsvendegek (id, nev, email, mikor, ejszakak, nyelv, megjegyzes) VALUES (NULL, '$nev', '$email', '".$mikor."".$br."', '$ejszakak', '$nyelv', '".$megjegyzes."')"); echo "
<br>".$email." Added"; } } else { echo "Something is missing"; } ?>
You made 2 mistakes in your code:
1) You didn't close the first form (missing </form>)
2) You disabled the E-mail input field which resulted in always empty
Here's the updated (though deprecated and insecure!!!) code:
<?php
if(isset($_POST["search"])){
$email_search = mysql_real_escape_string($_POST["email_search"]);
$check = mysql_query("SELECT * FROM torzsvendegek WHERE email = '$email_search'");
$s = mysql_fetch_array($check);
}
if(isset($_POST["submit_add"]) && !empty($_POST["nev"]) && !empty($_POST["email"]) && !empty($_POST["mikor"]) && !empty($_POST["ejszakak"])){
$nev = mysql_real_escape_string($_POST["nev"]);
$email = mysql_real_escape_string($_POST["email"]);
$mikor = mysql_real_escape_string($_POST["mikor"]);
$ejszakak = mysql_real_escape_string($_POST["ejszakak"]);
$nyelv = mysql_real_escape_string($_POST["nyelv"]);
$megjegyzes = mysql_real_escape_string($_POST["megjegyzes"]);
$check2 = mysql_query("SELECT * FROM torzsvendegek WHERE email = '$email'");
$br = "<br>";
if (mysql_num_rows($check2) > 0){
$adatok = mysql_fetch_array($check2);
$osszesen = ($adatok['ejszakak'] + $ejszakak);
mysql_query("UPDATE torzsvendegek SET nev = '".$nev."', mikor = '".$adatok['mikor']."".$mikor."".$br."', ejszakak = '".$osszesen."', nyelv = '".$nyelv."', megjegyzes = '".$adatok['megjegyzes']."".$megjegyzes."".$br."' WHERE email = '".$email."'");
echo "<br>".$email." Updated";
} else {
mysql_query("INSERT INTO torzsvendegek (id, nev, email, mikor, ejszakak, nyelv, megjegyzes) VALUES (NULL, '$nev', '$email', '".$mikor."".$br."', '$ejszakak', '$nyelv', '".$megjegyzes."')");
echo "<br>".$email." Added";
}
} else {
echo "Something is missing";
}
?>
<form method="post" action="<?php echo $_SERVER["PHP_SELF"]?>">
Search: <input placeholder="e-mail address" type="text" name="email_search">
<input type="submit" name="search" value="Go">
</form>
<form method="post" action="<?php echo $_SERVER["PHP_SELF"]?>">
<table width="440" border="0" style="text-align:right;">
<tr>
<td>E-mail:</td>
<td><input type="text" name="email" value="<?php echo $email_search;?>"></td>
</tr>
<tr>
<td>Név:</td>
<td><input type="text" name="nev" value="<?php echo $s['nev'];?>"></td>
</tr>
<tr>
<td>Mikor:</td>
<td><input type="text" name="mikor"></td>
</tr>
<tr>
<td>Éjszakák száma:</td>
<td><input type="text" name="ejszakak"></td>
</tr>
<tr>
<td>Nemzetisége:</td>
<td align="left">
<select name="nyelv">
<option value="magyar" <?php if($s['nyelv']=="magyar") echo "selected=\"selected\""; ?>>Magyar</option>
<option value="nemet" <?php if($s['nyelv']=="nemet") echo "selected=\"selected\""; ?>>Német</option>
<option value="lengyel" <?php if($s['nyelv']=="lengyel") echo "selected=\"selected\""; ?>>Lengyel</option>
<option value="roman" <?php if($s['nyelv']=="roman") echo "selected=\"selected\""; ?>>Román</option>
<option value="szlovak" <?php if($s['nyelv']=="szlovak") echo "selected=\"selected\""; ?>>Szlovák</option>
<option value="egyeb" <?php if($s['nyelv']=="egyeb") echo "selected=\"selected\""; ?>>Egyéb</option>
</select>
</td>
</tr>
<tr>
<td>Megjegyzés:</td>
<td><textarea name="megjegyzes"><?php echo htmlspecialchars($s['megjegyzes']);?></textarea></td>
</tr>
</table>
<br>
<table width="440">
<tr>
<td><input type="submit" name="submit_add" value="Hozzáad"></td>
</tr>
</table>
</form>
You need to close your search form tag to keep the two forms separated
Search:<form method="post" action="<?php echo $_SERVER["PHP_SELF"]?>"><input placeholder="e-mail address" type="text" name="email_search"><input type="submit" name="search" value="Go"></form>
and
<form method="post" action="<?php echo $_SERVER["PHP_SELF"]?>">
<table width="440" border="0" style="text-align:right;">
<tr><td>E-mail:</td><td><input type="text" name="email" value="<?php echo $email_search;?>" disabled></td></tr>
<tr><td>Név:</td><td><input type="text" name="nev" value="<?php echo $s['nev'];?>"></td></tr>
<tr><td>Mikor:</td><td><input type="text" name="mikor"></td></tr>
<tr><td>Éjszakák száma:</td><td><input type="text" name="ejszakak"></td></tr>
<tr><td>Nemzetisége:</td><td align="left"> <select name="nyelv">
<option value="magyar" <?php if($s['nyelv']=="magyar") echo "selected=\"selected\""; ?>>Magyar</option>
<option value="nemet" <?php if($s['nyelv']=="nemet") echo "selected=\"selected\""; ?>>Német</option>
<option value="lengyel" <?php if($s['nyelv']=="lengyel") echo "selected=\"selected\""; ?>>Lengyel</option>
<option value="roman" <?php if($s['nyelv']=="roman") echo "selected=\"selected\""; ?>>Román</option>
<option value="szlovak" <?php if($s['nyelv']=="szlovak") echo "selected=\"selected\""; ?>>Szlovák</option>
<option value="egyeb" <?php if($s['nyelv']=="egyeb") echo "selected=\"selected\""; ?>>Egyéb</option>
</select></td></tr>
<tr><td>Megjegyzés:</td><td><textarea name="megjegyzes"><?php echo htmlspecialchars($s['megjegyzes']);?></textarea></td></tr>
</table><br>
<table width="440"><tr><td><input type="submit" name="submit_add" value="Hozzáad"></td></tr></table>
</form>
You did not close your search form and you need to remove the disabled attribute from your email input field.
I re-wrote your code to help you will debugging. I commented out all the stuff related to the database so you can focus on the form fields only. Here is the code I re-wrote. I left comments so you can see what I did.
<?php
/******JUST TO MAKE DEBBUGGING EASIER***/
echo "<pre>"; // Start of the pre> tags
/**ANYTHING TO DO WITH THE DATABASE I HAVE COMMENTED OUT**/
if(isset($_POST["search"])){
$email_search = mysql_real_escape_string($_POST["email_search"]);
/**PRINT_R FOR DEBUGGING PURPOSES, REMOVE!!*/
print_r($email_search);
//$check = mysql_query("SELECT * FROM torzsvendegek WHERE email = '$email_search'");
//$s = mysql_fetch_array($check);
}
/***CHECK THE POST DATA, REMOVE FROM APPLICATION ONCE YOU HAVE DEBUGGED THE DATA**/
print_r($_POST);
/***I WILL STORE THE POST DATA IN VARIABLES BEFORE CHECKING**/
$nev = isset($_POST["nev"]) ? mysql_real_escape_string($_POST["nev"]) : null;
$email = isset($_POST["email"]) ? mysql_real_escape_string($_POST["email"]) : null;
$mikor = isset($_POST["mikor"]) ? mysql_real_escape_string($_POST["mikor"]) : null;
$ejszakak = isset($_POST["ejszakak"]) ? mysql_real_escape_string($_POST["ejszakak"]) : null;
$nyelv = isset($_POST["nyelv"]) ? mysql_real_escape_string($_POST["nyelv"]) : null;
$megjegyzes = isset($_POST["megjegyzes"]) ? mysql_real_escape_string($_POST["megjegyzes"]) : null;
if(isset($_POST["submit_add"]) && !is_null($nev) && !is_null($email) && !is_null($mikor) && !is_null($ejszakak)){
/*******
SINCE I ALREADY HAVE THEM, YOU NEED TO REMOVE THEM FROM THE CODE
$nev = mysql_real_escape_string($_POST["nev"]);
$email = mysql_real_escape_string($_POST["email"]);
$mikor = mysql_real_escape_string($_POST["mikor"]);
$ejszakak = mysql_real_escape_string($_POST["ejszakak"]);
$nyelv = mysql_real_escape_string($_POST["nyelv"]);
$megjegyzes = mysql_real_escape_string($_POST["megjegyzes"]);
******/
//$check2 = mysql_query("SELECT * FROM torzsvendegek WHERE email = '$email'");
$br = "<br>";
/*********
if (mysql_num_rows($check2) > 0) {
$adatok = mysql_fetch_array($check2);
$osszesen = ($adatok['ejszakak'] + $ejszakak);
mysql_query("UPDATE torzsvendegek SET nev = '".$nev."', mikor = '".$adatok['mikor']."".$mikor."".$br."', ejszakak = '".$osszesen."', nyelv = '".$nyelv."', megjegyzes = '".$adatok['megjegyzes']."".$megjegyzes."".$br."' WHERE email = '".$email."'");
echo "<br>".$email." Updated";
}else {
mysql_query("INSERT INTO torzsvendegek (id, nev, email, mikor, ejszakak, nyelv, megjegyzes) VALUES (NULL, '$nev', '$email', '".$mikor."".$br."', '$ejszakak', '$nyelv', '".$megjegyzes."')");
echo "<br>".$email." Added";
}
****/
}elseif (isset($_POST["submit_add"])) {
echo "Something is missing";
}
echo '</pre>';//end of pre
?>
Search:
<form method="post" action="<?php echo $_SERVER["PHP_SELF"]?>">
<input placeholder="e-mail address" type="text" name="email_search">
<input type="submit" name="search" value="Go">
</form>
<form method="post" action="<?php echo $_SERVER["PHP_SELF"]?>">
<table width="440" border="0" style="text-align:right;">
<tr>
<td>E-mail:</td>
<td><input type="text" name="email" value="<?php echo $email;?>" ></td>
</tr>
<tr>
<td>Név:</td>
<td><input type="text" name="nev" value="<?php echo $nev;?>"></td>
</tr>
<tr>
<td>Mikor:</td>
<td><input type="text" name="mikor" value="<?php echo $mikor;?>"></td>
</tr>
<tr>
<td>Éjszakák száma:</td>
<td><input type="text" name="ejszakak" value="<?php echo $ejszakak;?>"></td>
</tr>
<tr>
<td>Nemzetisége:</td>
<td align="left">
<select name="nyelv">
<option value="magyar" <?php if($nyelv=="magyar") echo "selected=\"selected\""; ?>>Magyar</option>
<option value="nemet" <?php if($nyelv=="nemet") echo "selected=\"selected\""; ?>>Német</option>
<option value="lengyel" <?php if($nyelv=="lengyel") echo "selected=\"selected\""; ?>>Lengyel</option>
<option value="roman" <?php if($nyelv=="roman") echo "selected=\"selected\""; ?>>Román</option>
<option value="szlovak" <?php if($nyelv=="szlovak") echo "selected=\"selected\""; ?>>Szlovák</option>
<option value="egyeb" <?php if($nyelv=="egyeb") echo "selected=\"selected\""; ?>>Egyéb</option>
</select>
</td>
</tr>
<tr>
<td>Megjegyzés:</td>
<td><textarea name="megjegyzes"><?php echo htmlspecialchars($megjegyzes);?></textarea>
</td>
</tr>
</table><br>
<table width="440">
<tr><td><input type="submit" name="submit_add" value="Hozzáad"></td></tr>
</table>
</form>
I am using this code to serach database and I am using 4 fields in this code but this code does not serach database value.
where problem in this code tell me plz edit my code for full working serach with 4 fields
my code :
<?php
{
include ('connection.php');
if(isset($_REQUEST['submit'])){
$optid = $_POST['OPRID'];
$optdec = $_POST['OPRDEFNDESC'];
$empid = $_POST['EMPLID'];
$empmail = $_POST['EMAILID'];
$query ="SELECT * FROM OPERATOR WHERE OPRID LIKE '%".$optid."%'
or OPRDEFNDESC LIKE '%".$optdec."%' or EMPLID LIKE '%".$empid."%'
or EMAILID LIKE '%".$empmail."%' ";
}
else{
$query="SELECT * FROM OPERATOR";
$objParse = oci_parse ($ora_conn, $query);
}
?>
<form action="multi.php" method="get" action="<?=$_SERVER['SCRIPT_NAME'];?>">
<table width="500" border="1" align="center">
<tr>
<th>Operator ID
<input name="OPRID" type="text" id="OPRID" value="";>
<tr>
<th>Operator Name
<input name="OPRDEFNDESC" type="text" id="OPRDEFNDESC" value="";>
<tr>
<th>Person ID
<input name="EMPLID" type="text" id="EMPLID" value="";>
<tr>
<th>Email ID
<input name="EMAILID" type="text" id="EMAILID" value="";>
<input type="submit" value="Search"></th>
</tr>
</table>
</form>
<table>
<tr>
<td>Operator ID</td>
<td>Operator Name</td>
<td>Person ID</td>
<td>Email ID</td>
</tr>
<?
$success = oci_execute($objParse);
//while($objResult = oci_fetch_array($objParse,OCI_BOTH))
while($objResult = oci_fetch_array($objParse, OCI_RETURN_NULLS+OCI_ASSOC))
{
?>
<tr>
<td><div align="center"><?=$objResult["OPRID"];?></div></td>
<td><?=$objResult["OPRDEFNDESC"];?></td>
<td><?=$objResult["EMPLID"];?></td>
<td><div align="center"><?=$objResult["EMAILID"];?></div></td>
<td align="center"><a href="Optr_Edit.php?OprID=
<?=$objResult["OPRID"];?>">Edit</a></td>
</tr>
<?
}
?>
</table>
<?
oci_free_statement($objParse);
oci_close($ora_conn);
}
?>
Try like this
<tr>
<td><div align="right"><strong>Password Encrypted:</strong></div></td>
<td>
<select name="txtENCRYPTED">
<option value="">Select</option>
<option <?php if ($objResult["ENCRYPTED"] == "Y") {echo 'selected';} ?>value="Y">Y</option>
<option <?php if ($objResult["ENCRYPTED"] == "N") {echo 'selected';} ?> value="N">N</option>
</select>
</td>
</tr>
You are doing it wrong
Select element do not have value attribute
You have value attribute only in options element.
For eg:
<select name="txtENCRYPTED" id="txtENCRYPTED">
<option value="">Select</option>
<option value="Y">Y</option>
<option value="N">N</option>
</select>
In your code you have provided the db-retrived-data in tags setting .
The tag defines the menu. It can have the following settings
The name setting adds an internal name to the field so the program that handles the form can identify the fields.
The size option defines how many items should be visible at a time. Default is one item.
The multiple setting will allow for multiple selections if present.
The tag defines the single items in the menu.
The value setting defines what will be submitted if the item is selected.
one solution :-
<form method="post" action="" >
<select name="encrypt" value="encrypted" id='select'>
<option value="">Select</option>
<option value="<?php if($objResult["ENCRYPTED"]=='Y'){ echo 'Y'; } ?>">Y</option>
<option value="<?php if($objResult["ENCRYPTED"]=='N'){ echo 'N'; } ?>">N</option>
</select>
<input type="submit" value="submit" id='form'/>
</form>
</td>
</tr>
//script type jquery.js
//script type javascript
$(document).ready(function(){
$('form').submit(function(){
alert($('#select').val());
});
});
</script>
Please, I am having a problem when updating data in the database through a form. When ever I press the Update button to submit any changes made to a record, all the data in the mysql fields corresponding to drop list controls is errased. I do not know what is causing this problem. Here is the code:
<?php
//include database connection
include 'db_connect.php';
// get value of object id that was sent from address bar
$c_id = $_GET['c_id'];
//check any user action
$action = isset( $_POST['action'] ) ? $_POST['action'] : "";
if($action == "update"){ //if the user hit the submit button
//write our update query
//$mysqli->real_escape_string() function helps us prevent attacks such as SQL injection
$query = "UPDATE collections
SET
ctitle = '".$mysqli->real_escape_string($_POST['ctitle'])."',
csubject = '".$mysqli->real_escape_string($_POST['csubject'])."',
creference = '".$mysqli->real_escape_string($_POST['creference'])."',
cyear = '".$mysqli->real_escape_string($_POST['cyear'])."',
cobjecttype = '".$mysqli->real_escape_string($_POST['cobjecttype'])."',
cmaterial = '".$mysqli->real_escape_string($_POST['cmaterial'])."',
ctechnic = '".$mysqli->real_escape_string($_POST['ctechnic'])."',
cwidth = '".$mysqli->real_escape_string($_POST['cwidth'])."',
cheight = '".$mysqli->real_escape_string($_POST['cheight'])."',
cperiod = '".$mysqli->real_escape_string($_POST['cperiod'])."',
cmarkings = '".$mysqli->real_escape_string($_POST['cmarkings'])."',
cdescription = '".$mysqli->real_escape_string($_POST['cdescription'])."',
csource = '".$mysqli->real_escape_string($_POST['csource'])."',
cartist = '".$mysqli->real_escape_string($_POST['cartist'])."'
where c_id='".$mysqli->real_escape_string($_REQUEST['c_id'])."'";
//execute the query
if( $mysqli->query($query) ) {
//if updating the record was successful
echo "The record was updated.";
}else{
//if unable to update new record
echo "Database Error: Unable to update record.";
}
}
//select the specific database record to update
$query = "SELECT c_id, ctitle, csubject, creference, cyear, cobjecttype, cmaterial, ctechnic, cwidth, cheight, cperiod, cmarkings, cdescription, csource, cartist, cfilename
FROM collections
WHERE c_id='".$mysqli->real_escape_string($_REQUEST['c_id'])."'
limit 0,1";
//execute the query
$result = $mysqli->query( $query );
//get the result
$row = $result->fetch_assoc();
//assign the result to certain variable so our html form will be filled up with values
$c_id = $row['c_id'];
$ctitle = $row['ctitle'];
$csubject = $row['csubject'];
$creference = $row['creference'];
$cyear = $row['cyear'];
$cobjecttype = $row['cobjecttype'];
$cmaterial = $row['cmaterial'];
$ctechnic = $row['ctechnic'];
$cwidth = $row['cwidth'];
$cheight = $row['cheight'];
$cperiod = $row['cperiod'];
$cmarkings = $row['cmarkings'];
$cdescription = $row['cdescription'];
$csource = $row['csource'];
$cartist = $row['cartist'];
$cfilename = $row['cfilename'];
?>
<!--we have our html form here where new object information will be entered-->
<table align=left>
<tr>
<td> <?php echo '<img src="./images/'.$cfilename.'" width="300" height="400" />'; ?> </td>
</tr>
<table>
<form action='#' method='post' border='0'>
<table>
<tr>
<td>TITLE</td>
<td><input type='text' name='ctitle' value='<?php echo $ctitle; ?>' /></td>
</tr>
<tr>
<td>SUBJECT</td>
<td><input type='text' name='csubject' value='<?php echo $csubject; ?>' /></td>
</tr>
<tr>
<td>REFERENCE No.</td>
<td><input type='text' name='creference' value='<?php echo $creference; ?>' /></td>
</tr>
<tr>
<td>YEAR</td>
<td><input type='text' name='cyear' value='<?php echo $cyear; ?>' /></td>
<tr><td>OBJECT TYPE</td>
<td>
<select name="cobjecttype" id="cobjecttype" tabindex="">
<option value="">---Select object type---</option>
<option value="ceramic">Ceramic</option>
<option value="clock">Clock</option>
<option value="gold">Gold and silverware</option>
<option value="mask">Mask</option>
<option value="painting">Painting</option>
<option value="sculpture">Sculpture</option>
<option value="tapestry">Tapestry</option>
</select>
</td></tr>
<tr><td>MATERIAL USED</td>
<td>
<select name="cmaterial" id="cmaterial" tabindex="" >
<option value="">---Select Material---</option>
<option value="brass">Brass</option>
<option value="oil">Oil</option>
<option value="wood">Wood</option>
<option value="carved">Canvas/Cotton/Fabric/Linen/Wool</option>
</select>
</td></tr>
<tr><td>TECHNIC</td>
<td>
<select name="ctechnic" id="ctechnic" tabindex="7" >
<option value="">---Select Technic---</option>
<option value="cast">Cast</option>
<option value="carved">Carved</option>
<option value="etched">Etched</option>
</select>
</td></tr>
<tr>
<td>WIDTH</td>
<td width="100"><input name="cwidth" type="text" id="cwidth" value="<?php echo $cwidth; ?>" size="10"></td>
</tr>
<tr>
<td>HEIGHT</td>
<td width="100"><input name="cheight" type="text" id="cheight" value="<?php echo $cheight; ?>" size="10"></td>
</tr>
<tr>
<td>PERIOD</td>
<td width="100"><input name="cperiod" type="text" id="cperiod" value="<?php echo $cperiod; ?>" size="30"></td>
</tr>
<tr>
<td>MARKINGS</td>
<td width="100"><input name="cmarkings" type="text" id="cmarkings" value="<?php echo $cmarkings; ?>" size="30"></td>
</tr>
<tr>
<td>DESCRIPTION</td>
<td width="400"><textarea name="cdescription" rows="2" cols="50" id="cdescription" value="<?php echo $cdescription; ?>"></textarea></td></tr>
<tr>
<td>SOURCE</td>
<td width="100"><input name="csource" type="text" id="csource" value="<?php echo $csource; ?>" size="30"></td>
</tr>
<tr>
<td>ARTIST</td>
<td width="100"><input name="cartist" type="text" id="cartist" value="<?php echo $cartist; ?>" size="30"></td>
</tr>
<td></td>
<td>
<!-- so that we could identify what record is to be updated -->
<input type='hidden' name='c_id' value='<?php echo $c_id ?>' />
<!-- we will set the action to update -->
<input type='hidden' name='action' value='update' />
<input type='submit' value='Save' />
<a href='gallery.php'>Back to display page</a>
</td>
</tr>
</table>
</form>
Can someone help to identify what the problem is?
Such problem occur when you dont validate your POST data correctly. In your code, you are updating your records directly, by using mysql_real_escape_string($variable). But although this might fix some security issues will not validated every data if it is present or not.
Validate your variables to be present and hold data before updating to the query.
you post a form with the method POST, but get the c_id with $_GET
change it to $_POST['c_id'] or $_REQUEST['c_id'] ...
I would like to insert datetime stamp into a variable once the if-condition is satisfied. But I get the following error:
Notice: Undefined index: status in C:\wamp\www\business\edit_log_widget.php on line 55
The following is the php code:
<?php
include 'scripts/init.php';
include 'html/header.php';
$page = 'servers';
$id =$_SESSION['logid'];
$query = "SELECT *FROM log WHERE logid = $id";
$query_submit = mysql_query($query) or die(mysql_error);
$row = mysql_fetch_assoc($query_submit);
?>
<div class="article">
<h2><span>Edit Logs</span></h2>
<div class="clr"></div>
<form action="" method="POST" >
<p>
<table border="0">
<tr>
<td><label for="Task Name">Task Name:*</label></td>
<td><input type="text" name="task_name" size="45" value="<?php echo $row['task_name'] ?>"/></td>
</tr>
<tr>
<td><label for="description">Problem Description:*</label></td>
<td><textarea name="description" cols="33" rows="10" ><?php echo $row['description'] ?></textarea></td>
</tr>
<tr>
<td><label for="solution">Solution Description:*</label></td>
<td><textarea name="solution" cols="33" rows="10" ><?php echo $row['solution'] ?></textarea></td>
</tr>
<tr>
<td><label for="status">Status:*</label></td>
<td>
<select id="Select2" name="status">
<option>-Select-</option>
<option>Resolved</option>
<option>Un-resolved</option>
<option>In-Progress</option>
</select>
</td>
</tr>
</table>
</p>
<p>
<td><input id="Submit" type="submit" value="Submit" /></td>
<td><input id ="Clear and Restart" type ="reset" value= "Clear and Restart" /></td>
</p>
<?php
if($_POST['status']== 'Resolved')
{
$today = DateTime::createFromFormat('!Y-m-d',date('Y-m-d')); // This is Line 55
}
if(isset($_GET['success']) && empty($_GET['sucess']))
{
echo 'the log has been captured';
}
else
{
if(empty($_POST) === false && empty($errors)=== true)
{
//Update Log details
$update_log = array(
'task_name'=>$_POST['task_name'],
'description' => $_POST['description'],
'solution' =>$_POST['solution'],
'status'=>$_POST['status'],
'closed_date'=>$today,
'userid' =>$_SESSION['userid']);
update_log($update_log);
//redirect
header('Location: edit_log_widget.php?success');
exit();
}
else if(empty($errors) === false)
{
//output errors if the errors array is not empty
echo output($errors);
}
}
?>
</form>
<?php
include 'html/side_menu.php';
include 'html/footer.php';
?>
Update: edit_log.php.
<?php
include 'scripts/init.php';
include 'html/header.php';
$page = 'servers';
$id = $_GET['logid'];
$_SESSION['logid'] = $id;
$query = "SELECT *FROM log WHERE logid = $id";
$query_submit = mysql_query($query) or die(mysql_error);
$row = mysql_fetch_assoc($query_submit);
?>
<div class="article">
<h2><span>Edit Logs</span></h2>
<div class="clr"></div>
<form action="edit_log_widget.php" method="POST" >
<p>
<table border="0">
<tr>
<td><label for="Task Name">Task Name:*</label></td>
<td><input type="text" name="task_name" size="45" value="<?php echo $row['task_name'] ?>"/></td>
</tr>
<tr>
<td><label for="description">Problem Description:*</label></td>
<td><textarea name="description" cols="33" rows="10" ><?php echo $row['description'] ?></textarea></td>
</tr>
<tr>
<td><label for="solution">Solution Description:*</label></td>
<td><textarea name="solution" cols="33" rows="10" ><?php echo $row['solution'] ?></textarea></td>
</tr>
<tr>
<td><label for="status">Status:*</label></td>
<td>
<select id="Select2" name="status">
<option>-Select-</option>
<option value="Resolved">Resolved</option>
<option value="Un-resolved">Un-resolved</option>
<option value="In-Progress">In-Progress</option>
</select>
</td>
</tr>
</table>
</p>
<p>
<td><input id="Submit" type="submit" value="Submit" /></td>
<td><input id ="Clear and Restart" type ="reset" value= "Clear and Restart" /></td>
</p>
</form>
<?php
include 'html/side_menu.php';
include 'html/footer.php';
?>
You haven't specified any value to your options ;)
<option value="Resolved">Resolved</option>
The PHP code is executed before the form has been submitted, and therefor $_POST['status'] has not yet been defined.
$_POST['status']
the entry status of the array $_POST is not defined
You are trying to access variables that are not yet set.
To avoid that you could check first, if the form was submitted before e.g.
<?php
if(!empty($_POST['Submit'])){
if($_POST['status']== 'Resolved')
{
$today = DateTime::createFromFormat('!Y-m-d',date('Y-m-d')); // This is Line 55
}
if(isset($_GET['success']) && empty($_GET['sucess']))
{
echo 'the log has been captured';
}
else
{
if(empty($_POST) === false && empty($errors)=== true)
{
//Update Log details
$update_log = array(
'task_name'=>$_POST['task_name'],
'description' => $_POST['description'],
'solution' =>$_POST['solution'],
'status'=>$_POST['status'],
'closed_date'=>$today,
'userid' =>$_SESSION['userid']);
update_log($update_log);
//redirect
header('Location: edit_log_widget.php?success');
exit();
}
else if(empty($errors) === false)
{
//output errors if the errors array is not empty
echo output($errors);
}
}
}
?>
You're missing some html props, your <option> must have a the value prop like so:
<td>
<select id="Select2" name="status">
<option value="0">-Select-</option>
<option value="1">Resolved</option>
<option value="2">Un-resolved</option>
<option value="3">In-Progress</option>
</select>
</td>
You're getting that error because you're missing it on your first html snippet, while you have it on your second, so there's nothing for PHP to get
I moved all the php to the top of the html form and now it works fine. Thanks guys for trying to help me out