This page is redirecting without running the validation processes, if i comment out the header redirect all the processes work as they should, as soon as i uncomment the header tag when the page loads it automatically redirects, this page is modelled from the members registered page i have created which runs fine without this issue, so i cant see the issue, would someone please be kind enough to help me resolve this issue please.
Following is the page code with the header tag commented out
<?php
include_once 'functions.php';
//Start session
sec_session_start();
//Check whether the session variable SESS_MEMBER_ID is present or not
if(!isset($_SESSION['sess_user_id']) || (trim($_SESSION['sess_user_id']) == '')) {
header("location: login.php");
exit();
}
if(!isset($_SESSION['login']) == '1') {
header("location: admin_login.php");
exit();
}
?>
<?php
//display users info with checkbox to delete
$sql = "SELECT * FROM `links` LIMIT 0, 30 ";
$result = mysqli_query($mysqli, $sql);
?>
<?php
// define variables and set to empty values
$link_titleErr = $type_of_linkErr = $web_linkErr = "";
$link_title = $type_of_link = $web_link = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$link_title = test_input($_POST["link_title"]);
$type_of_link = test_input($_POST["select"]);
$web_link = test_input($_POST["web_link"]);
}
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
return $data;
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (empty($_POST["link_title"])) {
$link_titleErr = "**Link Title is required**";
} else {
$link_title = test_input($_POST["link_title"]);
if (!preg_match("/^[a-zA-Z ]*$/",$link_title)) {
$link_titleErr = "**Only letters and white space allowed**";
}
}
if (empty($_POST["web_link"])) {
$web_linkErr = "**Web Link is required**";
} else {
// do nothing
}
if($_POST['select'] == "") {
$type_of_linkErr = "**Type of Link is required**";
}
else {
// do nothing
}
}
if ($link_titleErr == '' && $web_linkErr == '' && $type_of_linkErr == '') {
$_SESSION['data'] = array($_POST['link_title'],$_POST['web_link'],$_POST['type_of_link']);
//header("Location: add_link.inc.php");
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Add Links</title>
<link href="../styles/main.css" rel="stylesheet" type="text/css">
</head>
<div class="nav"><table width="100%" border="0" align="center" cellpadding="2" cellspacing="2">
<tr>
<td width="20%" bgcolor="#980002"><div align="center">ADMIN</div></td>
<td width="20%" bgcolor="#980002"><div align="center">FORUM</div></td>
<td width="20%" bgcolor="#980002"><div align="center">ADD PICTURES</div></td>
<td width="20%" bgcolor="#980002"><div align="center">ADD LINKS</div></td>
<td width="%" bgcolor="#980002"><div align="center">ADD EVENTS</div></td>
</tr>
<td height="4"></tr>
</table>
</div>
<div class="subheader">ADD LINKS</div>
<div class="header">logout</div>
<div class="content">
<div id="links_form">
<form action="add_link.inc.php" method="post" id="links_form">
<fieldset>
<legend>Add Link</legend>
<table width="100%">
<tbody>
<tr>
<td width="33%"><div>
<div align="right">Link Title:</div>
</div></td>
<td width="33%"><div id="form_box">
<input name="link_title" type="text" id="link_title" value="<?php echo $link_title;?>" size="40">
</div></td>
<td width="33%"><div align="left"><span class="error" style="color: red"><?php echo $link_titleErr;?></span></div></td>
</tr>
<tr>
<td width="33%"><div align="right">Website Link:</div></td>
<td width="33%"><div id="form_box">
<input name="web_link" type="text" id="web_link" value="<?php echo $web_link;?>" size="40">
</div></td>
<td width="33%"><div align="left"><span class="error" style="color: red" ><?php echo $web_linkErr;?></span></div></td>
</tr>
<tr>
<td width="33%"><div align="right">Type of Business or Service:</div></td>
<td width="33%"><div id="form_box">
<select name="select" id="select">
<option value="">SELECT TYPE OF LINK</option>
<option value="Pub/Restaurant">Pub/Restaurant</option>
<option value="Shop/Store">Shop/Store</option>
<option value="Motorcycle/Car">Motorcycle/Car</option>
<option value="Other">Other</option>
</select>
</div></td>
<td width="33%"><div align="left"><span class="error" style="color: red"><?php echo $type_of_linkErr;?></span></div></td>
</tr>
<tr>
<td> </td>
<td><div align="center">
<input type="submit" name="submit" id="submit" value="Add Link" formaction="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" formmethod="post">
</div></td>
<td> </td>
</tr>
</tbody>
</table>
</fieldset>
</form>
</div>
<p> </p>
<div id="delete_link"><form><fieldset><legend>Delete Link</legend>
<?php while($row = mysqli_fetch_array($result)): ?>
<label>
<input type="checkbox" value="<?php echo $row['linkid']; ?>" name="delete[]" />
<?php echo $row['linkid']; ?> - <?php echo $row['link_title']; ?> - <?php echo $row['type_of_link']?> - <?php echo $row['web_link']?> <?php echo '<br/>'?>
</label>
<?php endwhile; ?>
<br>
<input name="submit" type="submit" value="Delete Link" formmethod="post" formaction="delete_link.inc.php"/>
</p>
<p> </p>
</form>
</form></div>
</div>
<div class="footer" >All contents on this site are Copyright of the TVC.</div>
</body>
</html>
Change this line:
if(!isset($_SESSION['login']) == '1') {
to
if(isset($_SESSION['login']) && $_SESSION['login'] == '1') {
Related
One of my html forms is not POSTing data, the submit button respect the action attribute and redirect the page as spected BUT $_POST[] is empty for some reason. could sonebody help me find the issue here?
I already tried using html method POST and even ajax to process the form and submit the data, and theres no case. $_POST[] will allways stay empty (this is the only page that does that, I hava an exact copy of the form but without the GET method and it works fine...
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<link href="nocep-rules.css" rel="stylesheet" type="text/css">
<?php
session_start();
$link = mysqli_connect("localhost", "xxxx", "xxxx", "xxxxxx");
if($link === false){
die("ERROR: Could not connect. " . mysqli_connect_error());
}
?>
<?php
if(!isset($_SESSION['logged'])){
header("location: /bubale/login.php");
}
?>
</head>
<body>
<div class="header">
<img class="logo" src="/bubale/img/logo1.png" alt="" />
<img class="foro-title" src="/bubale/img/loja_title.png" alt="" />
</div>
<div class="menu">
<nav class="site-nav">
<ul>
<li>HOME</li>
<li>LOJA</li>
<li>FORUM</li>
<li>CHECKOUT</li>
<li>SAIR</li>
</ul>
</nav>
</div>
<div class="info">
<table width="100%">
<tr>
<td width="20%">
<h2 class="text">USUÁRIO:</h2>
<?php echo $_SESSION['logged']; ?>
<h2 class="text2">PONTOS:</h2>
<?php
$sql5= "Select points from profile where user = '".$_SESSION['logged']."'";
$result5 = mysqli_query($link, $sql5);
if(mysqli_num_rows($result5)==1){
while($row5 = mysqli_fetch_assoc($result5)) {
echo $row5['points'];
}
}
?>
</td>
<td width="30%">
<?php
$sql2= "select * from bolsinhas where user = '".$_SESSION['logged']."' && rev_id = '0'";
$result2 = mysqli_query($link, $sql2);
$count = mysqli_num_rows($result2);
?>
<h2 class="text">BOLSINHAS:</h2>
<?php echo $count; ?>
<h2 class="text2">PRODUTOS:</h2>
<?php
$sql3= "select * from fullsize where user = '".$_SESSION['logged']."' && rev_id = '0'";
$result3 = mysqli_query($link, $sql3);
$count3 = mysqli_num_rows($result3);
echo $count3;
?>
</td>
<td>
<?php
if(!empty($_SESSION["shopping_cart"])) {
$cart_count = count(array_keys($_SESSION["shopping_cart"]));
}else{$cart_count = "0";}
?>
<img id="icon1" src="img/basket.png" title="Compras" ><span id = "count_wrapper"><a id="count">
<?php echo $cart_count; ?></a></span>
<img class="icon" src="img/sale.png" title="Promoção" alt="" >
<img class="icon" src="img/points.png" title="Fidelidade Buba'le" alt="" >
</td>
</table>
</div>
<h1 class="frete">FRETE:</h1>
<div class="wrapper_frete">
<?php
$rua1 = $_GET['1'];
$numero1 = $_GET['2'];
$apt1 = $_GET['3'];
$cep1 = $_GET['4'];
?>
<table id="forma_frete" width="100%">
<tbody>
<th>DADOS PESSOAIS</th>
<th>OOPS!!!</th>
<tr>
<form id="modform" method="POST" action="nocep2.php">
<td width="40%" class="td2">
<table id="nested" width="100%">
<tr>
<td id="td-nested-left" width="30%">
<label class="label-form" for="user">USUÁRIO:</label><br>
<label class="label-form" for="rua">RUA:</label><br>
<label class="label-form" for="numero">NÚMERO:</label><br>
<label class="label-form" for="apt">APT:</label><br>
<label class="label-form" for="cep">CEP:</label><br>
</td>
<td id="td-nested-right">
<input name="user" form="buttons" type="text" maxlenght="20" disabled value="<?php echo $_SESSION['logged']; ?>" /><br>
<input name="rua" form="buttons" type="text" value="<?php echo $rua1; ?>" /><br>
<input name="numero" form="buttons" type="text" value="<?php echo $numero1;?>" /><br>
<input name="apt" form="buttons" type="text" value="<?php echo $apt1; ?>" /><br>
<input name="cep" form="buttons" type="text" value="<?php echo $cep1;?>" />
</td>
</tr>
</table>
<input type="submit" class="refresh" value="ATUALIZAR">
</td>
</form>
<td id="td_mensage">
<h3 id="mensage">-irrelevant text-. </h3>
</td>
</tr>
<tr>
<td id="td_ob" colspan="2">
<h3 id="comentario">OBSERVAÇAÕ:</h3>
<textarea form="buttons" name="observacion" id="text_ob" placeholder="Deixe aqui sua observaçaõ..."></textarea>
</td>
</tr>
</tbody>
</table>
</div>
<h1 class="frete">SUA COMPRA:</h1>
<?php
if(isset($_SESSION["shopping_cart"])){
$total_price = 0;
?>
<?php } ?>
<table class="table">
<tbody>
<tr>
<th></th>
<th>PRODUTO</th>
<th>QUANTIDADE</th>
<th>VALOR UNITARIO</th>
<th>VALOR TOTAL</th>
</tr>
<?php
foreach ($_SESSION["shopping_cart"] as $product){
?>
<tr>
<td id="imgtd"><img src='<?php echo $product["image"]; ?>' width="90" height="80" /></td>
<td><?php echo $product["name"]; ?><br />
<form method='post' action=''>
<input type='hidden' name='code' value="<?php echo $product["code"]; ?>" />
</form></td>
<td><form method='post' action=''>
<input type='hidden' name='code2' value="<?php echo $product["code"]; ?>" />
<?php echo $product["quantity"];?>
</form></td>
<td><?php echo "R$".$product["price"]; ?></td>
<td><?php echo "R$".$product["price"]*$product["quantity"]; ?></td>
</tr>
<?php
$total_price += ($product["price"]*$product["quantity"]);
}
?>
<tr>
<td class="td_tot" colspan="5" align="right"><strong id="total">TOTAL: <?php echo "R$".$total_price; ?></strong></td>
</tr>
</tbody>
</table>
<form method="post" action="contact-venta.php" id="buttons">
<?php
?>
<input type="hidden" name="compras" value="<?php echo print_r($_SESSION["shopping_cart"], TRUE); ?>"/>
<input type="hidden" name="total" value="<?php echo $total_price; ?>">
<input type="submit" id="submit" value="ENVIAR">
</form>
<?php mysqli_close($link); ?>
</body>
</html>
the issue is with the first submit (the one with the value ACTUALIZAR), the form will go to nocep2.php BUT $_POST[] will remain empty .... I posted the entire page just in case there is an issue I'm not seeing....
Your HTML is rather confused.
Firstly, <form> is not a valid element in <tr>. The browser is rendering them outside the table, and separate from your <input>. Move your form tags inside the <td>, or move them outside the <table>
Eg
<table>
<tr>
<td>
<form method="POST">
<input type="text" name="inputName">
<input type="submit">
</form>
</td>
</tr>
</table>
Or, if you need to spread your form over several cells:
<form method="POST">
<table>
<tr>
<td>
<input type="text" name="inputName1">
</td>
<td>
<input type="text" name="inputName2">
</td>
<td>
<input type="submit">
</td>
</tr>
</table>
</form>
Secondly, you're creating a number of <input> elements of type "hidden", each with their own form tags, so they are each part of a different form. Reorder your code so that the hidden elements appear within the same <form> as the rest of your <input>
I want to make a CMS that is able to update my articles. When I use the update page I get the following error:
Notice: Undefined variable: post_image in C:\xampp\htdocs\website\admin\edit_posts.php on line 105
This is my code:
<?php
session_start();
if(!isset($_SESSION['user_name'])){
header("location: ../login.php");
}
else {
?>
<html>
<head>
<title>Admin Panel</title>
<link rel="stylesheet" href="../apearance/stylesheet.css" />
</head>
<body>
<div id="navbar">
<div id="logo"><img id="logo" src="../apearance/logo.png" height="27px"></div>
<a id="button" href="view_posts.php">View Posts</a>
<a id="button" href="index.php?insert=insert">Insert New Post</a>
<a id="button" href="#">View Comments</a>
<a id="button" href="#">Webshop</a>
<a id="button" href="#">Do do list</a>
<a id="button" href="logout.php"><span style="color:red">Logout</span></a>
<br><hr>
</div>
<?php
include("includes/connect.php");
if(isset($_GET['edit'])){
$edit_id = $_GET['edit'];
$edit_query = "select * from posts where post_id = '$edit_id' ";
$run_edit = mysql_query($edit_query);
while ($edit_row = mysql_fetch_array($run_edit)){
$post_id = $edit_row['post_id'];
$post_title = $edit_row['post_title'];
$post_category = $edit_row['post_category'];
$post_header_image = $edit_row['post_header_image'];
$post_image = $edit_row['post_image'];
$post_content = $edit_row['post_content'];
$post_content2 = $edit_row['post_content2'];
$post_video = $edit_row['post_video'];
}}
?>
<div id="tile" height="100px">
<form method="post" action="edit_posts.php?edit_form=<?php $post_id; ?>" enctype="multipart/form-data">
<table align="center" border="0">
<tr>
<td align="center" colspan="2"><h1>Edit Post Here</h1></td>
</tr>
<tr>
<td align="left">Post Title:</td>
<td><input value="<?php echo $post_title; ?>" type="text" name="title" size="30"></td>
</tr>
<tr>
<td align="left">Post Category:</td>
<td><input value="<?php echo $post_category; ?>" type="text" name="category" size="30"></td>
</tr>
<tr>
<td align="left">Post header Images:</td>
<td>
<input type="file" name="header_image">
</td>
</tr>
<tr>
<td>
</td>
<td>
<img src="../images/<?php echo $post_header_image; ?>" height="100" >
</td>
</tr>
<tr>
<td align="left">Post Content:</td>
<td><textarea name="content" cols="30" rows="15"><?php echo $post_content; ?></textarea></td>
</tr>
<tr>
<td align="left">Post Images:</td>
<td><input type="file" name="files[]" multiple>
</td>
</tr>
<tr>
<td>
</td>
<td>
<?php
$values = explode(',', $post_image);
if( count($values)){
foreach($values as $value){
echo "<img src=\"../images/".$value."\" height=\"100\">";
}
}
?>
</td>
</tr>
<tr>
<td align="left">Post Content2:</td>
<td><textarea name="content2" cols="30" rows="15"><?php echo $post_content2; ?></textarea></td>
</tr>
<tr>
<td align="left">Post Video:</td>
<td><textarea name="video" cols="30" rows="15"><?php echo $post_video; ?></textarea></td>
</tr>
<tr>
<td align="right" colspan="6"><input type="submit" name="submit" value="Update Now"></td>
</tr>
</table>
</form>
</div>
</body>
</html>
<?php
if(isset($_POST['update'])){
$update_id = $_GET['edit_form'];
$post_title1 = $_POST['title'];
$post_date1 = date('m-d-y');
$post_category1 = $_POST['category'];
$post_content1 = $_POST['content'];
$post_content21 = $_POST['content2'];
$post_video1 = $_POST['video'];
$post_header_image1= $_FILES['header_image']['name'];
$header_image_tmp= $_FILES['header_image']['tmp_name'];
$filenames = array_values($_FILES['files']['name']);
$post_image1 = rtrim(implode(',', $filenames), ',');
if($post_title1=='' or $post_category1=='' or $post_content1=='' or $post_header_image1==''){
echo "<script>alert('Any of the fields is empty')</script>";
exit();
}
else {
move_uploaded_file($header_image_tmp,"../images/$post_image1");
$update_query = "update posts set post_title='$post_title1',post_date='$post_date1',post_category='$post_category1',post_header_image='$post_header_image1',post_image='$post_image1',post_content='$post_content1',post_content2='$post_content21',post_video='$post_video1' where post_id='$update_id'";
if(mysql_query($update_query)){
echo "<script>alert('Post has been updated')</script>";
echo "<script>window.open('view_posts.php','_self')</script>";
}
}
}
?>
<?php }?>
Any help would be much appreciated.
"Undefined index: image in
C:\xampp\htdocs\learn_php\Category\insertup.php on line 34" this error
is showing and that line 34 is-
$path= "Image/".$_FILES["image"]["name"];
EDIT.PHP File:-
<?php
if(isset($_GET['id']) && $_GET['id'] != '') {
mysql_connect('localhost', 'root', '');
mysql_select_db('opencart_php');
$id=$_GET['id'];
$query=mysql_query("SELECT * FROM categories WHERE Id='".$id."'");
$row=mysql_fetch_array($query);
$cname = $row['category_name'];
$sname = $row['sort_order'];
$desc = $row['description'];
$image = $row['image'];
} else {
$id = '';
$cname = '';
$sname = '';
$desc = '';
$image = '';
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Category Details</title>`
<h1 align="center">Category Details</h1>
</head>
<body>
<table width="400" border="1" align="center">
<tr>
<td><form name="myform" action="insertup.php?id=<?php echo $id; ?>" method="post" enctype="multipart/form_data">
<table width="334" border="0" align="center">
<tr>
<td><b>Category Name:</b></td>
<td><input type="text" name="cname" value="<?php echo $cname; ?>"></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td><b>Sort Order:</b></td>
<td><input type="text" name="sorder" size="5" value="<?php echo $sname; ?>"></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="40"><b>Description:</b></td>
<td><input type="text" rows="10" cols="20" name="desc" value="<?php echo $desc; ?>" /></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td height="37"><b>Image:</b></td>
<td><input type="file" name="image" id="image"></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
<tr>
<td><b>Status:</b></td>
<td><select name="status">
<option value='1'>Enable</option>
<option value='0'>Disable</option>
</select></td>
</tr>
<tr>
<td> </td>
<td> </td>
</tr>
</table>
<table width="368">
<tr>
<td width="173" align="right"><input type="submit" name="submit" value="Submit"></td>
<td width="183" align="center"><input type="reset" name="reset" value="Reset"></td>
</tr>
</table>
</form></td>
</tr>
</table>
</body>
</html>
INSERTUP.PHP :-
if($_POST["cname"] != "" && $_POST["desc"] != "" && $_POST["image"] != "") {
$_SESSION['cname']=$_POST["cname"];
//echo $_SESSION['cname'];
$query=mysql_query("SELECT * FROM categories WHERE category_name='".$_SESSION['cname']."'");
$row=mysql_fetch_array($query);
$c_name=$row['category_name'];
$img=$row['image'];
echo $c_name;
//$id=$row['id'];
//if(isset($_FILES["image"])) {
print_r($_FILES);
if($cname != $c_name && $image != $img) {
$path= "Image/".$_FILES["image"]["name"];
if($path != '') {
if(copy($_FILES["image"]["tmp_name"], $path)) {
$sql=mysql_query("INSERT INTO categories (category_name, sort_order, description, image, status)
VALUES ('$cname', '$sorder', '$desc', '$image', '$status')") or die(mysql_error());
header('location: index.php');
} else {
echo "Error in Insertion";
}
} else {
echo "Image not Uploaded";
}
} //}
}
}
On your html there is a typo in (form-data)
change
<form name="myform" action="insertup.php?id=<?php echo $id; ?>" method="post" enctype="multipart/form_data">
to
<form name="myform" action="insertup.php?id=<?php echo $id; ?>" method="post" enctype="multipart/form-data">
In your HTML, in form has to be enctype="multipart/form-data", not enctype="multipart/form_data".
<form name="myform" action="insertup.php?id=<?php echo $id; ?>" method="post" enctype="multipart/form-data">
Then, $_POST['image'] in your condition on line 1 of insertup.php will be probably empty, so change that to
if($_POST["cname"] != "" && $_POST["desc"] != "" && !empty($_FILES["image"]["name"])) {
I have a database which I am using to collect test data.
It shows each record on a new line with an edit and delete link at the end and also an add new record link.
Everything is working apart from the edit section. I can't see where I'm going wrong?
When I click the edit link, it shows me the layout of the table with the fields etc, but it is only passing across the row ID, and showing it in the date field. If i type into the fields and submit, it will change. It just won't pass over the data.
Here is my edit page, and the edit script.
<?php
function valid($date,$error)
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Edit Records</title>
</head>
<body>
<?php
if ($error != '')
{
echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
}
?>
<form action="" method="post">
<input type="hidden" name="id" value="<?php echo $date; ?>"/>
<table border="1">
<tr>
<td colspan="2"><b><font color='Red'>Edit Records </font></b></td>
</tr>
<tr>
<td width="179"><b><font color='#663300'>Date</font></b></td>
<td><label>
<input type="text" name="date" value="<?php echo $date; ?>" />
</label></td>
</tr>
<tr>
<td width="179"><b><font color='#663300'>Ammonia</em></font></b></td>
<td><label>
<input type="text" name="amm" value="<?php echo $amm; ?>" />
</label></td>
</tr>
<tr>
<td width="179"><b><font color='#663300'>Nitrate</font></b></td>
<td><label>
<input type="text" name="nat" value="<?php echo $nat; ?>" />
</label></td>
</tr>
<tr>
<td width="179"><b><font color='#663300'>Nitrite</font></b></td>
<td><label>
<input type="text" name="nit" value="<?php echo $nit; ?>" />
</label></td>
</tr>
<tr>
<td width="179"><b><font color='#663300'>pH</font></b></td>
<td><label>
<input type="text" name="ph" value="<?php echo $ph; ?>" />
</label></td>
</tr>
<tr>
<td width="179"><b><font color='#663300'>Alkalinity</font></b></td>
<td><label>
<input type="text" name="alk" value="<?php echo $alk; ?>" />
</label></td>
</tr>
<tr>
<td width="179"><b><font color='#663300'>SG</font></b></td>
<td><label>
<input type="text" name="sg" value="<?php echo $sg; ?>" />
</label></td>
</tr>
<tr>
<td width="179"><b><font color='#663300'>Temperature</font></b></td>
<td><label>
<input type="text" name="temp" value="<?php echo $temp; ?>" />
</label></td>
</tr>
<tr align="Right">
<td colspan="2"><label>
<input type="submit" name="submit" value="Edit Records">
</label></td>
</tr>
</table>
</form>
</body>
</html>
<?php
}
include('config.php');
if (isset($_POST['submit']))
{
if (is_numeric($_POST['id']))
{
$id = $_POST['id'];
$date = mysql_real_escape_string(htmlspecialchars($_POST['date']));
$amm = mysql_real_escape_string(htmlspecialchars($_POST['amm']));
$nat = mysql_real_escape_string(htmlspecialchars($_POST['nat']));
$nit = mysql_real_escape_string(htmlspecialchars($_POST['nit']));
$ph = mysql_real_escape_string(htmlspecialchars($_POST['ph']));
$alk = mysql_real_escape_string(htmlspecialchars($_POST['alk']));
$sg = mysql_real_escape_string(htmlspecialchars($_POST['sg']));
$temp = mysql_real_escape_string(htmlspecialchars($_POST['temp']));
if ($date == '')
{
$error = 'ERROR: Please fill in all required fields!';
valid($date, $error);
}
else
{
mysql_query("UPDATE employee SET date='$date', amm='$amm', nat='$nat', nit='$nit', ph='$ph', alk='$alk', sg='$sg', temp='$temp'")
or die(mysql_error());
header("Location: view.php");
}
}
else
{
echo 'Error!';
}
}
else
{
if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0)
{
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM employee WHERE id=$id")
or die(mysql_error());
$row = mysql_fetch_array($result);
if($row)
{
$date = $row['date'];
$amm = $row['amm'];
$nat = $row['nat'];
$nit = $row['nit'];
$ph = $row['ph'];
$alk = $row['alk'];
$sg = $row['sg'];
$temp = $row['temp'];
valid($id,'');
}
else
{
echo "No results!";
}
}
else
{
echo 'Error!';
}
}
?>
The function valid is responsible for rendering your form. But you only pass the $date into this function, so this is the only thing it can fill in. You have to pass the other values, too!
check this:
UPDATE employee SET date='$date', amm='$amm', nat='$nat', nit='$nit', ph='$ph', alk='$alk', sg='$sg', temp='$temp' WHERE id='$id'
I am having concern re this input type FILE I used for uploading an image. In an edit state, every time the user enters the edit form, the input type file for the image becomes null. Its not like every time the user edits, he/she would want to edit his/her picture, too. I am trying to apply value="<?php echo $fuser['file'] ?>" just like what i did with the input type TEXT, but i have learned that putting value for an input type file is just a waste. How would I get the value of the last chosen image so that when a user does not want to edit the picture, the image still remains.
Here is my code:
<?php session_start(); ?>
<?php if($_SESSION["schoUsername"]) { ?>
<?php
include('konek.php');
$user=mysql_query("select * from tblscholar where id='$_REQUEST[edit_id]'");
$fuser=mysql_fetch_array($user);
if(isset($_POST['UPDATE']) && $_POST['UPDATE']=='Update')
{
$id=$_POST['id'];
$schoSurname=$_POST['schoSurname'];
$schoFirstname=$_POST['schoFirstname'];
$schoMiddlename=$_POST['schoMiddlename'];
$schoCourse=$_POST['schoCourse'];
$schoSchool=$_POST['schoSchool'];
$schoSag=$_POST['schoSag'];
$schoPosition=$_POST['schoPosition'];
$schoUsername=$_POST['schoUsername'];
$schoPassword=$_POST['schoPassword'];
$schoEmail=$_POST['schoEmail'];
$file=$_FILES['file']['name'];
$error=array("schoSurname"=>"","schoFirstname"=>"","schoMiddlename"=>"","schoCourse"=>"","schoSchool"=>"","schoSag"=>"","schoPosition"=>"","schoUsername"=>"","schoPassword"=>"","schoEmail"=>"","file"=>"");
//********************schoSurname*********************
if($schoSurname=="")
{
$error['schoSurname']="Lastname Is Required.";
}
else
{
if(!preg_match('/^[a-zA-Z\s]+$/',$schoSurname))
{
$error['schoSurname']="Lastname Can't Contain Numeric Value.";
}
else
{
$valid_lastname=$schoSurname;
}
}
//********************schoFirstname*********************
if($schoFirstname=="")
{
$error['schoFirstname']="Firstname Is Required.";
}
else
{
if(!preg_match('/^[a-zA-Z\s]+$/',$schoFirstname))
{
$error['schoFirstname']="Firstname Can't Contain Numeric Value.";
}
else
{
$valid_firstname=$schoFirstname;
}
}
//********************schoMiddlename*********************
if($schoMiddlename=="")
{
$error['schoMiddlename']="Middlename Is Required.";
}
else
{
if(!preg_match('/^[a-zA-Z\s]+$/',$schoMiddlename))
{
$error['schoMiddlename']="Middlename Can't Contain Numeric Value.";
}
else
{
$valid_middlename=$schoMiddlename;
}
}
//********************schoCourse*********************
if($schoCourse=="")
{
$error['schoCourse']="Course Is Required.";
}
else
{
if(!preg_match('/^[a-zA-Z\s]+$/',$schoCourse))
{
$error['schoCourse']="Course Can't Contain Numeric Value.";
}
else
{
$valid_course=$schoCourse;
}
}
//********************schoSchool*********************
if($schoSchool=="")
{
$error['schoSchool']="School Is Required.";
}
else
{
if(!preg_match('/^[a-zA-Z\s]+$/',$schoSchool))
{
$error['schoSchool']="School Can't Contain Numeric Value.";
}
else
{
$valid_school=$schoSchool;
}
}
//********************schoEmail*********************
if($schoEmail=="")
{
$error['schoEmail']="Email Is Required.";
}
else
{
if(preg_match("/^[_a-z0-9-]+(\.[_a-z0-9-]+)*#[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/", $schoEmail))
{
$valid_email=$schoEmail;
}
else
{
$error['schoEmail']="Invalid Email Address.";
}
}
//********************file*********************
if($file=="")
{
$error['file']="Image Is Required.";
}
else
{
if($_FILES['file']['type']=='image/jpeg' || $_FILES['file']['type']=='image/jpg')
{
$valid_file=$file;
}
else
{
$error['file']="Image Must Be .jpg or .jpeg";
}
}
if( (strlen($valid_lastname)>0) && (strlen($valid_firstname)>0) && (strlen($valid_middlename)>0) && (strlen($valid_course)>0) && (strlen($valid_school)>0) && (strlen($valid_email)>0) && (strlen($valid_file)>0))
{
$sel=mysql_query("SELECT * FROM tblscholar WHERE schoEmail='$schoEmail' id!=$_REQUEST[edit_id]");
$n=mysql_num_rows($sel);
if($n==0)
{
$path="scholarspics/";
copy($_FILES['file']['tmp_name'],$path.$file);
$upd="update tblscholar set schoSurname='$schoSurname',schoFirstname='$schoFirstname',schoMiddlename='$schoMiddlename',schoCourse='$schoCourse',schoSchool='$schoSchool',schoSag='$schoSag',schoPosition='$schoPosition',schoUsername='$schoUsername',schoPassword='$schoPassword',schoEmail='$schoEmail',file='$file' where id=$_REQUEST[edit_id]";
mysql_query($upd);
echo "<script>
alert('(Id No.$_REQUEST[edit_id]) Record Successfully Updated.');
window.location='Dashboard.php';
</script>";
}
else
{
$error['email'] = "Same Email Already Exist";
}
}
}
?><head>
<title> Edit Record </title>
<link href="stylesheet.css" rel="stylesheet" type="text/css" />
<?php include "header.php";?> </head>
<div id="divTitleHead">
<strong>EDIT SCHOLAR</strong>
</div>
<div id = "divInsertAnnouncement">
<div id="divInnerIA">
<form name="f1" method="post" enctype="multipart/form-data">
<table width="600px" border="0" cellspacing="1" cellpadding="3">
<tr>
<td width="70px">ID</td>
<td width="7px">:</td>
<td color="#0d192f"><b><?php echo $fuser['id']; ?></b></td>
</tr>
<tr>
<td>Lastname</td>
<td>*</td>
<td>
<input type="text" name="schoSurname" id="schoSurname" class="box" value="<?php echo $fuser['schoSurname']; ?>" />
<span class="err"><?php echo $error["schoSurname"];?></span>
</td>
</tr>
<tr>
<td>First Name</td>
<td>*</td>
<td>
<input type="text" name="schoFirstname" id="schoFirstname" class="box" value="<?php echo $fuser['schoFirstname']; ?>" />
<span class="err"><?php echo $error["schoFirstname"];?></span>
</td>
</tr>
<tr>
<td>Middle Name</td>
<td>*</td>
<td><input type="text" name="schoMiddlename" id="schoMiddlename" class="box" value="<?php echo $fuser['schoMiddlename']; ?>" />
<span class="err"><?php echo $error["schoMiddlename"];?></span></td>
</tr>
<tr>
<td>School</td>
<td>*</td>
<td><input type="text" name="schoSchool" id="schoSchool" class="box" value="<?php echo $fuser['schoSchool'];?>" />
<span class="err"><?php echo $error["schoSchool"];?></span></td>
</tr>
<tr>
<td>Course</td>
<td>*</td>
<td><input type="text" name="schoCourse" id="schoCourse" class="box" value="<?php echo $fuser['schoCourse'];?>" />
<span class="err"><?php echo $error["schoCourse"];?></span></td>
</tr>
<tr>
<td>SAG</td>
<td>*</td>
<td>
<select name="schoSag" id="schoSag" class="box">
<option value="Businesslicious" <?php if($fuser['schoSag']=='Businesslicious') echo "selected='selected'";?>>Businesslicious</option>
<option value="Engineering" <?php if($fuser['schoSag']=='Engineering') echo "selected='selected'";?>>Engineering Design</option>
<option value="Gods_Squad" <?php if($fuser['schoSag']=='Gods_Squad') echo "selected='selected'";?>>God's Squad</option>
<option value="Marketista" <?php if($fuser['schoSag']=='Marketista') echo "selected='selected'";?>>Marketista</option>
<option value="MDAS" <?php if($fuser['schoSag']=='MDAS') echo "selected='selected'";?>>MDAS</option>
<option value="Professional_Warriors">Professional Warriors</option>
<option value="Rhetor" <?php if($fuser['schoSag']=='Rhetor') echo "selected='selected'";?>>Rhetor</option>
<option value="Socialites" <?php if($fuser['schoSag']=='Socialites') echo "selected='selected'";?>>Socialites</option>
<option value="Techies" <?php if($fuser['schoSag']=='Techies') echo "selected='selected'";?>>Techies</option>
</select>
</td>
</tr>
<tr>
<td>Position</td>
<td>*</td>
<td>
<select name="schoPosition" id="schoPosition" class="box">
<option value="President" <?php if($fuser['schoPosition']=='President') echo "selected='selected'";?>>President</option>
<option value="Vice_President_Internal" <?php if($fuser['schoPosition']=='Vice_President_Internal') echo "selected='selected'";?>>Vice President Internal</option>
<option value="Vice_President_External" <?php if($fuser['schoPosition']=='Vice_President_External') echo "selected='selected'";?>>Vice President External</option>
<option value="Secretary_General" <?php if($fuser['schoPosition']=='Secretary_General') echo "selected='selected'";?>>Secretary General</option>
<option value="Assistant_Secretary"<?php if($fuser['schoPosition']=='Assistant_Secretary') echo "selected='selected'";?>>Assistant Secretary</option>
<option value="Finance_Committee_Head" <?php if($fuser['schoPosition']=='Finance_Committee_Head') echo "selected='selected'";?>>Finance Committee Head</option>
<option value="Legal_and_Corporate_Affairs_Committee_Head" <?php if($fuser['schoPosition']=='Legal_and_Corporate_Affairs_Committee_Head') echo "selected='selected'";?>>Legal and Corporate Affairs Committee Head</option>
<option value="Spiritual_and_Community_Services_Committee_Head" <?php if($fuser['schoPosition']=='Spiritual_and_Community_Services_Committee_Head') echo "selected='selected'";?>>Spiritual and Community Services Committee Head</option>
<option value="Librarian" <?php if($fuser['schoPosition']=='Librarian') echo "selected='selected'";?>>Librarian</option>
<option value="Member" <?php if($fuser['schoPosition']=='Member') echo "selected='selected'";?>>Member</option>
<option value="Leader" <?php if($fuser['schoPosition']=='Leader') echo "selected='selected'";?>>Leader</option>
</select>
</td>
</tr>
<tr>
<td>Username</td>
<td>*</td>
<td><input type="text" name="schoUsername" id="schoUsername" class="box" value="<?php echo $fuser['schoUsername'];?>" />
<span class="err"><?php echo $error["schoUsername"];?></span></td>
</tr>
<tr>
<td>Password</td>
<td>*</td>
<td><input type="text" name="schoPassword" id="schoPassword" class="box" value="<?php echo $fuser['schoPassword'];?>" />
<span class="err"><?php echo $error["schoPassword"];?></span></td>
</tr>
<tr>
<td>Email</td>
<td>*</td>
<td><input type="text" name="schoEmail" class="box" onblur="checkEmail('checkEmail.php?schoEmail='+this.value)" class="fieldsize" value="<?php echo $fuser['schoEmail']?>"/>
<span class="err" id="checkEmail"><?php echo $error["schoEmail"];?></span></td>
</tr>
<tr>
<td>Image</td>
<td>
<input type="file" name="file" /><br>
<img src="scholarspics/<?php echo $fuser[11]; ?>" height="150" width="150"/>
<span class="err"><?php echo $error["file"];?></span></td>
</tr>
<tr>
<td colspan="3" align="center"><input type="button" value="Cancel" class="btn"onClick="alert('No Changes Have Been Made');window.location='viewscholars.php';" />
<input type="submit" name="UPDATE" value="Update" class="btn" /></td>
</tr>
</table>
</form>
</div>
</div>
<?php
}
?>