I need a form that allows a user to edit data from an SQL database.
The main page of my form contains a table where any available data is shown and, also, there are edit and delete options available. Sample:
{
$row=mysql_fetch_array($result);
echo "<tr>";
echo "<td>".$row["name"]."</td>";
echo "<td>".$row["occuptation"]."</td>";
echo '<td><img src="edit.png"/></td>';
echo '<td><img src="delete.png"/></td>';
echo "</tr>";
}
When the user clicks the edit.png I need it to direct to edit.php where the data from the whole row selected (whichever row the user chooses to click edit or delete from) shows up in a form (like default values). I have no idea how to achieve this.
Any help is appreciated! Please tell me if i'm being confusing and I will try to explain further.
What you'll want to do is include an identifier as a query string parameter in the edit and delete links:
echo '<td><img src="edit.png"/></td>';
echo '<td><img src="delete.png"/></td>';
(Of course, I'm assuming the name of your identifier. But you get the idea.)
This will tell those pages which record they should display. The pages would get the identifier with:
$_GET["id"]
A few things you'll want to consider:
Make sure to check for a proper identifier value in $_GET["id"] before you try to do anything with it. Never assume it's valid without checking.
DO NOT simply concatenate the value into a SQL string. Use something like PDO to build queries with parameters. What you're trying to avoid here is something called a SQL injection vulnerability.
Make sure the user is permitted to access the record in question for the operation in question (edit or delete) before you display anything. Never assume that the link came directly from something your code output on a page. Anybody can just as easily manually change the id value in the URL.
What you could do is include the data in the href of the a tag
{
$row=mysql_fetch_array($result);
echo "<tr>";
echo "<td>".$row["name"]."</td>";
echo "<td>".$row["occuptation"]."</td>";
echo '<td><img src="edit.png"/></td>';
echo '<td><img src="delete.png"/></td>';
echo "</tr>";
}
The same could be done for delete.php if data also needs to be sent to that script.
$selectQuery = mysqli_query($database, "SELECT * FROM products");
if($selectQuery){
while ($row =mysqli_fetch_array($selectQuery)){
<td><a href="delete.php?editid=<?php echo $row['id'];?>">
<img src="delete.png"/></a></td><?php } }?>
echo '<td><img src="delete.png"/></td>';
Related
I have a page called order_page.php and it has a hyperlink that should pass the Order ID of a particular order to another page called edit.php.
I looked up some tutorials on youtube but it's still not passing what I want.
This is what I've tried.
echo "<td class='total'></td><td class='total' id='total2'>TOTAL:</td><td class='total' id='total2'>".$float_total."</td><td> <a href='edit.php'?edit=$row[orderid]>Edit</a></td>";
And then this is the edit.php code
<?php
if(isset($_GET['edit']))
{
$oid = $_GET['edit'];
$res = mysql_query("SELECT * FROM orderdb");
$rowww= mysql_fetch_array($res);
}
?>
It doesn't seem to pass an orderid. If you want I can show the full source code.
Your problem appears to have arisen from losing track of all those quotation marks. Consider not using echo() for the whole line because it doesn't seem to be serving any advantage in your case. In this way you can then use ascsoftw's answer.
In addition, take a look at your href=. The part containing your query string is outside of the single quotes when it should be inside.
Given these mistakes it is also highly advisable that you don't immediately get into the db side of things without first testing what your GET returns at the destination script.
First you need to check if your URL has id or not so you get idea where things goes wrong.
You need to change following line
echo "<td class='total'></td><td class='total' id='total2'>TOTAL:</td><td class='total' id='total2'>".$float_total."</td><td> <a href='edit.php'?edit=$row[orderid]>Edit</a></td>";
By
echo "<td class='total'></td><td class='total' id='total2'>TOTAL:</td><td class='total' id='total2'>".$float_total."</td><td> <a href='edit.php?edit='".$row[orderid]."'>Edit</a></td>";
I´ve been having a weird problem trying to create a php page that uses html forms to update mysql data.
The idea is to create a page that retrieves all the rows from a "news" table that I have, and inserts all the data into html forms as "default" values, so I can see what is already written before changing whatever I want in this form. Each form is generated exclusively for each row of data retrieved.
For that I use the POST method and two php files, one called "updateNews.php" which retrieves data and renders forms, and another one called "newsUpdater.php" which injects the updated data.
I have two problems here. One, the form doesn´t post the new data written in the form, but instead it posts the original data posted as "default". I guess this is a problem in my form code. I guess I´m not coding "default" values right.
The second problem is pretty strange. I retrieve rows from "news" table in reverse order, but when I "submit" the form associated with a particular row, it posts the data from the first row, not the row I´m interested in.
This is my code in the first php file, which retrieves data and renders forms:
<html>
<head>
<?php
include "connectToNews.php";
mysqli_set_charset($conToNews,"utf8");
$query = mysqli_query ($conToNews, "SELECT * FROM news ORDER BY id DESC");
?>
</head>
<body>
<?php
while ($newsArray = mysqli_fetch_array($query, MYSQLI_ASSOC)) {
echo "<form action='newsUpdater.php' method='post' enctype='multipart/form-data'>";
echo "<p>".$newsArray['id']."</p><br>";
echo "<input name='Id' type='hidden' value='".$newsArray['id']."'>";
echo "<input class='input' name='Fecha' type='text' value='".$newsArray['fecha']."'><br>";
echo "<textarea class='textarea' name='Headline' type='text'>".$newsArray['headline']."</textarea><br>";
echo "<textarea class='textarea' name='Story' type='text'>".$newsArray['story']."</textarea><br>";
echo "<input type='submit' value='Actualizar'><br><br><br>";
echo "</form>";
}
?>
</body>
</html>
So, as you can see, I render a new <Form> for each existing row. I use 2 <input> tags and 2 <textarea> tags. One of the <input> tags is hidden and has he "Id" info associated with the particular row data. In anycase, I use "echo" with this Id data to verify that is retrieving ok (and it is). I use "value" attribute to set the retrieved text as default text in this <input> tags.
In the <textarea> tags, I use the space between the opening tag and the closing tag to locate the "default" text.
At this point, everything renders ok, I get as many forms as there are rows in "news" table and and when i press submit button, it takes me to the second php file.
The second php file is the "data updater". The code is the faollowing:
<html>
<head>
<?php
$Id=$_POST['Id'];
$Fecha=$_POST['Fecha'];
$Headline=$_POST['Headline'];
$Story=$_POST['Story'];
echo "<p>".$Id."</p><br>";
echo "<p>".$Fecha."</p><br>";
echo "<p>".$Headline."</p><br>";
echo "<p>".$Story."</p><br>";
include "connectToNews.php";
mysqli_set_charset($conToNews,"utf8");
$query=mysqli_query ($conToNews, "UPDATE news SET fecha='$Fecha' headline='$Headline' story='$Story' WHERE id='$Id'");
?>
</head>
<body>
<?php
echo "<p>News updated</p><br>";
echo "<p><a href='updateNews.php'>Go back to form</a></p>";
?>
</body>
</html>
As you can see, I´m saving the posted data "$_POST['whatever']" into 4 variables, just to have an easier time writting the future mySql query.
Then, I echo this variables to check what info is really been passed. And this is where it gets weird, because te rendered texts are the ones retrieved from to the first row in my "news" table, no matter which row am I editing in the form or what I´m writting in the form.
The other problem is that, regard of getting the "ok" message related to the updating process, the data never saves to "news" table. Although, I could be wrong, because I´m really injecting the original text from row 1 into row 1, no matter of which row I was really trying to edit.
Could you read my code and tell me if you guys see any problem.
Thanks!!!
In an UPDATE query the columns being updated must be seperated by commas, this explains why your data is not being updated.
The reason you didnt know for sure that the query was failing, and why, is that you are not testing that the query actually worked or not.
It is always a VERY good idea to test the results of all MYSQLI_ calls so I would add. This will then show you an error message that would help in bebugging
$query=mysqli_query ($conToNews,
"UPDATE news SET fecha='$Fecha',
headline='$Headline',
story='$Story'
WHERE id='$Id'");
if ( $query === FALSE ) {
echo mysqli_error($conToNews);
exit;
}
You have some SQL Injection issues in this code, you should read How can I prevent SQL injection in PHP?
I have an input box in index.php which takes some user input and queries a database using that input field as an attribute. This input is stored in $arrInput[0].
I also have a link to inspect.php which, when clicked, takes me to inspect.php but I need to pass $resultArr[0] to inspect.php so that I can use that variable to continue doing other things within inspect.php. How can I achieve this? \
Currently this is what I have:
/* inspect.php */
// Create a table with some rows. Then create this
// column which has the inspect link
echo "<td> <a href='inspect.php?id=<?php echo $resultArr[0]; ?>'>Inspect</a>
</td>";
...
But I don't know how to access $resultArr[0] within inspect.php. I was told $_GET[] would help, but I'm not sure how and googling the subject hasn't been much help.
Can anyone please help?
Thank you
echo "<td><a href='inspect.php?id=".$resultArr[0]."'>Inspect</a></td>";
I think you are using wrong syntax. Please check above code. You can the access 'id' key inside $_GET.
Not that hard. use $_GET['id'].
I am currently trying to pass data from my server to my main page. I currently have my php echoing for each returned result:
while($row = mysql_fetch_array($result))
{
echo "<img class='s' id=" . $row['id'] . " src=QR/" . $row['src'] ".png>";
}
when i tried adding a field, num, after id:
<img class='s' id=(rowid) num=".$row['num']." .......
I get undefined when i use
alert(this.num)
but
alert(this.id)
works. How can I pass the num value too?
EDIT:
Hey Everyone, thanks for you help, I have included a jsfiddle on how i solved this problem.
http://jsfiddle.net/3yzcx/4/
I had to use jQuery and used .attr() to define my own attribute called num and called that out.
Very simple. id is a valid property for the img tag. num is not. You can't assign arbitrary properties to a tag and expect it to work.
If you want to pass your PHP data to javascript, using a hidden form element or even more simply something like this:
<?php
echo '<script type="text/javascript">';
echo 'var num = ' . $num . ';';
echo '</script>';
?>
Of course I know you're in a loop, this is just an example. You could easily make it an array or something.
Adding properties doesn't work. You'll want to add an <input type=hidden value='num'> or something inside the <div> where num is your number data. You'll need to make the input field addressable by giving it an ID as well:
echo("<input type=hidden id=\"$row[id]-num\" value='num'>");
Also, I see a closing div tag but no opening tag. You'll want to fix that!
Technically you are not supposed to assign custom attributes. Jcolebrand's original post is worth an upvote due to the discussion about the data prefix. However, even though it is technically not correct, you should be able to get the value with the getAttribute() function.
this.getAttribute("num");
That will work in Firefox, but no guarantees in other browsers.
I've not tried this outside of jQuery, but within that framework you would use
alert(this.attr("num"));
to retrieve non-standard attributes. May work with plain javascript as well, but I've not tried it.
I'm a newbie in PHP and i've got stucked into this...
I have a database and a simple search form. I can search without problems using the criteria i want - for example, i fill in as name "Alex" and i can see 5 records in my resultset with this criteria. So far so good...
Here's the problem : I need to create a Link / Button - whatever - and Post/Get the values for the specific record that i'll choose. When the resultset contains only one record found, i have no problems - everything works fine. But, whenever the resultset returns more than 1 records, the Post/Get method grabs the data for the last record.
Let me show you what i'm doing here... Here's the data i'm retrieving :
while ($row= mysql_fetch_array($result)) {
$my_id = $row["ID"];
$my_name = $row["name"];
$my_profession = $row["profession"];
echo "<div align='center'><tr>
<td><div align='center' style='color:white;'><font size='2' face='Arial'>$my_id</div></td></font>
<td><div align='center' style='color:white;'><font size='2' face='Arial'>$my_name</div></td></font>
<td><div align='center' style='color:white;'><font size='2' face='Arial'>$my_profession</div></td></font>
<td><div align='center' style='color:white;'><font size='2' face='Arial'><form action='person_info.php' method='POST'><input type='hidden' name='PersonID' value='$my_id' /><input type='hidden' name='PersonName' value='$my_name' /><input type='hidden' name='PersonProfession' value='$my_profession' /><input type='submit' value='Show' /></div></td></font>
.....
Here's the code for person_info.php :
$my_id = $_POST["PersonID"];
$my_name = $_POST["PersonName"];
$my_profession = $_POST["PersonProfession"];
echo "
<div align='center'><font size='4' face='Georgia' style='color:red';><b>$my_id, $my_name, $my_profession</b></font></div>
If there's only one record involved, everything works great. If there's more than one, i get the last one's details. For example, from the resultset :
1 Alex Unemployed
2 Alex Carpenter
3 Alex Gardener
... the record that will be posted finally is the "3 Alex Gardener".
Any ideas ?
Thanks in advance!
If that is the exact code you are using, it doesn't look like you are closing your form. So when you click the submit button, it's grabbing all of the data and then overwriting it each time until it gets to the last one.
Throw a:
</form>
At the end there and it should clear it up.
is personID, personname and personProffesion always the name of the input? it looks like you base the value on the database entry that is currently pulled in but If you are not using a unique name that will cause an issue.
If you are using the same name for each set of hidden inputs there is no way for to tell them apart when you pass them with Post or Get, your name field should be unique, the last entry is the only one that is going through because as each one is added its essentially overwriting the past entries.
let me know if that works for you, I hope you get it figured out!
EDIT:
The easiest way to make each entry go to a unique page is using a GET (as mentioned by Paul Weber) multiple forms with post work but it gets messy quick:
while ($row= mysql_fetch_array($result)) {
$my_id = $row["ID"];
$my_name = $row["name"];
$my_profession = $row["profession"];
echo'Name Your Link';
}
the code above would create a link that passes the required information as a get you can then pull it out on the somepage.php its also a lot cleaner then the forms.
If you can use get, you can pass the Parameters just by appending them to the Url.
So you could go
Save
If you cannot use Get, you could either seperate the Forms, creating a Form tag around all the Input elements, so only the ones in the current scope would be submitted. Which would mean you would create a new Form for every Line.
Alternatively use JQuery to do a post.