-------EDIT-------
hi guys, seeing that you solved this problem for me, i thought it would be a good idea to solve the same problem again but on a different page. i cannot get the image to show up.
<?php
$id = $_GET['product_id'];
$query = mysql_query("SELECT * FROM products WHERE serial = '$id'")
or die(mysql_error());
while($info = mysql_fetch_array($query)) {
echo "";
$name = $info['name'];
$description = $info['description'];
$price = $info['price'];
$picture = $info['picture'];
}
?>
<form action="editsuccess.php?product_id=<?php echo $id; ?>" method="post">
Product ID:<br/>
<input type="text" value="<?php echo $id;?>" name="product_id" disabled/>
<br/>
Name:<br/>
<input type="text" value="<?php echo $name;?>" name="name"/>
<br/>
Description:<br/>
<input type="text" value="<?php echo $description;?>" name="description"/>
<br/>
Price:<br/>
<input type="text" value="<?php echo $price;?>" name="price"/>
<br/>
Picture:<br/>
<? echo'<img src="../getImage.php?id=' . $info['serial'] .'"/>'?>
</br>
<input type="submit" value="Update Product"/>
</form>
This is a page where an admin can edit a product from a row in a table.
The image is not showing up for some reason.
Thanks for any suggestions.
------EDIT ENDS HERE--------
I still cannot get my PHP image to show up even after following the right method in uploading an image to the database. the following code is for displaying the image:
<form name="form1">
<input type="hidden" name="productid" />
<input type="hidden" name="command" />
</form>
<table border="0" cellpadding="2px" width="600px">
<?
$result=mysql_query("select * from products");
while($row=mysql_fetch_array($result)){
?>
<tr>
<td><?php '<img src="getImage.php?id=' . $row['serial'] .'"/>'
?>
</td>
<td> <b><?=$row['name']?></b><br />
<?=$row['description']?><br />
Price:<big style="color:green">
£<?=$row['price']?></big><br /><br />
<input type="button" value="Add to Cart" onclick="addtocart(<?=$row['serial']?>)" />
</td>
</tr>
<tr><td colspan="2"><hr size="1" /></td>
<? } ?>
</table>
the getImage.php looks like this:
...
$link = mysql_connect($host, $user, $passwd);
mysql_select_db($dbName);
$query = 'SELECT picture FROM products WHERE serial="' . $_GET['id'] . '"';
$result = mysql_query($query,$link);
$row = mysql_fetch_assoc($result);
echo $row['picture'];
?>
only the name, description and price is showing up on the webpage. my MySQL table looks like this:
serial
name
description
price
picture (blob)
You are not setting the correct Content-type header before echoing out the image data.
You MUST also escape the $_GET['id'] parameter.
// Escape $id
$id = mysql_real_escape_string($_GET['id']);
$link = mysql_connect($host, $user, $passwd);
mysql_select_db($dbName);
// Use the escaped $id
$query = "SELECT picture FROM products WHERE serial='$id'";
$result = mysql_query($query,$link);
if ($result) {
$row = mysql_fetch_assoc($result);
// Set the Content-type
// This assumes image/jpeg. If you have different image types,
// you'll need logic to supply the correct MIME type
// image/jpeg image/png image/gif, etc
header("Content-type: image/jpeg");
echo $row['picture'];
}
?>
In your main script, it looks like you are merely missing an echo
<td><?php '<img src="getImage.php?id=' . $row['serial'] .'"/>'
// Should be
<td><?php echo '<img src="getImage.php?id=' . $row['serial'] .'"/>'
// ------^^^^^^
Related
I am having an issue editing mysql database through a html table.
when I run a simple while loop it works, I can pull in the data and update the database:
Working Code
<?php
while ($row = mysqli_fetch_array($res))
echo "$row[id]. $row[Key_Role] .$row[Incumbant] .$row[Attrition_Risk] .$row[Ready_Now] .$row[lowerYears] .$row[higherYears]<a href='edit.php?edit=$row[id]'>edit</a> <br />";
?>
However, when I run the php through a table, the edit links no longer pull in the data from mysql and I am not able to update information. I have put below the index and edit php files.
Index.php
<?php
include_once('db.php');
if(ISSET($_POST['Key_Role']))
{
$Key_Role = $_POST['Key_Role'];
$Incumbant = $_POST['Incumbant'];
$Attrition_Risk = $_POST['Attrition_Risk'];
$Ready_Now = $_POST['Ready_Now'];
$lowerYears = $_POST['1-2_Years'];
$higherYears = $_POST['3-5_Years'];
$sql = "INSERT INTO tmdata VALUES('','$Key_Role','$Incumbant','$Attrition_Risk','$Ready_Now','$lowerYears','$higherYears')";
$res = mysqli_query($conn, $sql);
echo "<meta http-equiv='refresh' content='0;url=index.php'>";
if ($res)
echo "<meta http-equiv='refresh' content='0;url=index.php'>";
else
echo "Failed";
} else {
echo "please enter a key Role";
}
$res = mysqli_query($conn, "SELECT * FROM tmdata");
?>
<style>
<?php include 'style.css' ?>
</style>
<H1 class="Title">Talent Management System</H1>
<form action="." method="post">
Key Role:<input type="text" name="Key_Role">
Incumbant:<input type="text" name="Incumbant">
Attrition_Risk:<input type="text" name="Attrition_Risk">
Ready_Now:<input type="text" name="Ready_Now">
1-2_Years:<input type="text" name="1-2_Years">
3-5_Years:<input type="text" name="3-5_Years">
<input type ="submit" value="Enter">
</form>
<h1> List Of Key Roles</h1>
<?php
/*
while ($row = mysqli_fetch_array($res))
echo "$row[id]. $row[Key_Role] .$row[Incumbant] .$row[Attrition_Risk] .$row[Ready_Now] .$row[lowerYears] .$row[higherYears]<a href='edit.php?edit=$row[id]'>edit</a> <br />";
*/
?>
<table>
<tr>
<th>id</th>
<th>Key_Role</th>
<th>Incumbant</th>
<th>Attrition_Risk</th>
<th>Ready_Now</th>
<th>1-2_Years</th>
<th>3-5_Years</th>
<th>Edit</th>
</tr>
<?php while ($row = mysqli_fetch_array($res)):;?>
<tr>
<td><?php echo $row['id'];?></td>
<td><?php echo $row['Key_Role'];?></td>
<td><?php echo $row['Incumbant'];?></td>
<td><?php echo $row['Attrition_Risk'];?></td>
<td><?php echo $row['Ready_Now'];?></td>
<td><?php echo $row['lowerYears'];?></td>
<td><?php echo $row['higherYears'];?></td>
<td><a href='edit.php?edit=$row["id"]'>edit</a></td>
</tr>
<?php endwhile;?>
</table>
Edit.php
<?php
include_once('db.php');
if (isset($_GET["edit"]))
{
$id = $_GET["edit"];
$res = mysqli_query($conn, "SELECT * FROM tmdata WHERE id='".$id."'");
$row = mysqli_fetch_array($res);
}
if( isset($_POST['newKey_Role']) || isset($_POST['newIncumbant']) || isset($_POST['newAttrition_Risk']) || isset($_POST['newReady_Now']) || isset($_POST['newLowerYears']) || isset($_POST['newHigherYears']) )
{
$newKey_Role = $_POST['newKey_Role'];
$newIncumbant = $_POST['newIncumbant'];
$newAttrition_Risk = $_POST['newAttrition_Risk'];
$newReady_Now = $_POST['newReady_Now'];
$newLowerYears = $_POST['newLowerYears'];
$newHigherYears = $_POST['newHigherYears'];
$id = $_POST['id'];
$sql = "UPDATE tmdata SET Key_Role='$newKey_Role', Incumbant='$newIncumbant', Attrition_Risk='$newAttrition_Risk', Ready_Now='$newReady_Now', lowerYears='$newLowerYears', higherYears='$newHigherYears' WHERE id='".$id."'";
$res = mysqli_query($conn, $sql) or die(mysqli_error($conn));
echo "<meta http-equiv='refresh' content='0;url=index.php'>";
}
?>
<form action="edit.php" method="post">
Key Role:<input type="text" name="newKey_Role" value ="<?php echo $row[1]; ?>"></input> <br />
Incumbant:<input type="text" name="newIncumbant" value ="<?php echo $row[2]; ?>"></input> <br />
Attrition_Risk:<input type="text" name="newAttrition_Risk" value ="<?php echo $row[3]; ?>"></input> <br />
Ready_Now:<input type="text" name="newReady_Now" value ="<?php echo $row[4]; ?>"></input> <br />
1-2 Years:<input type="text" name="newLowerYears" value ="<?php echo $row[5]; ?>"></input> <br />
3-5 Years:<input type="text" name="newHigherYears" value ="<?php echo $row[6]; ?>"></input> <br />
<input type="hidden" name="id" value ="<?php echo $row[0]; ?>">
<input type ="submit" value="Update">
</form>
<style>
<?php include 'style.css' ?>
</style>
It looks as though the ID is not pulling across to the edit php. I also tried manually inputting the id in the table:
<td><a href='edit.php?edit=$row[184]'>edit</a></td>
but this also did not work.
Any help would be very much appreciated.
Thank you in advance.
I figured out that you need to put the link in php.
<td><?php echo "<a href='edit.php?edit=$row[id]'>edit</a>"?></td>
That worked in the end.
I have created a php sticky form so data will not disappear when the submit button is clicked. A url link is being used to pass values to a form so they can be edited. However, the values from the url are not being passed into the form fields. Why are the values from the url not being passed into the form fields? Thank you so much for your time.
This is the code:
index.php
<?php
require_once('authorize.php');
?>
<!DOCTYPE html>
<html>
<head>
</head>
<body>
<?php
require_once('appvars.php');
require_once('connectvars.php');
$conn = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
$data = mysqli_query($conn, $query);
echo '<table>';
echo '<tr><th>Name</th><th>Caption</th><th>Action</th></tr>';
while ($row = mysqli_fetch_array($data)) {
//link
echo '<td><a href="link.php?id=' . $row['id'] . '&image=' . $row['image1'] . '&name=' . $row['name'] .
'&caption=' . $row['caption'] .
'&video=' . $row['video'] . '">Edit </a>';
echo '</td></tr>';
}
echo '</table>';
echo "<br><br>";
mysqli_close($conn);
?>
</body>
</html>
sticky_form.php
<!DOCTYPE html>
<html>
<head>
<title>Edit Conent</title>
</head>
<body>
<h3>Edit Conent</h3>
<?php
require_once('appvars.php');
require_once('connectvars.php');
$vid="";
$vname="";
$vcaption="";
$vvideo="";
$id ="";
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
if(isset($_POST["button_edit"])){
$id = $_POST["id"];
$name = $_POST['name'];
$caption = $_POST['caption'];
$video = $_POST['video'];
$qry = mysqli_query($dbc,"Update table1 Set name='$name', caption='$caption', video='$video' Where id='$id'");
else if(isset($_GET["id"])){
$qry = mysqli_query($dbc,"Select * From table1 Where id='".$_GET["id"]."'");
while($row=mysqli_fetch_array($qry,MYSQLI_ASSOC)){
$vid=$row["id"];
$vname=$row["name"];
$vcaption=$row["caption"];
$vvideo=$row["video"];
}
}
?>
<body>
<form action='' method="post" enctype="multipart/form-data" >
<table>
<tr>
<td>ID</td>
<td><input type="text" name="id" value="<?php echo $vid;?>"></td></tr>
<tr>
<td>Name</td>
<td><input type="text" class="bigger_textbox" name="name" value="<?php if (isset($_POST['name'])) {echo htmlentities($_POST['name']);}?>"></td></tr>
<tr><td>Caption</td>
<td><input type="text" class="bigger_textbox" name="caption" value="<?php if (isset($_POST['caption'])) {echo htmlentities($_POST['caption']);}?>"></td></tr>
<tr><td>Video</td>
<td><input type="text" class="bigger_textbox" name="video" value="<?php if (isset($_POST['video'])) {echo htmlentities($_POST['video']);}?>"></td></tr>
<tr><td colspan="2">
<input type="submit" name="button_edit" value="Edit Content"></td></tr> </table>
</form>
<table border=1>
<tr><th>Name</th><th>Caption</th>
<th>Video</th> <th>Action</th></tr>
<?php
if (isset($_GET["id"])) {
$qry =mysqli_query($dbc, "Select * From table1 Where id='".$_GET["id"]."'");
while($row=mysqli_fetch_array($qry,MYSQLI_ASSOC)) {
echo '<tr><td>'.$row["name"].'</td>';
echo '<td>'.$row["caption"].'</td>';
echo '<td>'.$row["video"].'</td>';
echo '<td>Edit </td></tr>';
}
}
?>
</table>
</body>
</html>
Apparently you already have the values you need in stick_form.php:
else if(isset($_GET["id"])){
$qry = mysqli_query($dbc,"Select * From table1 Where id='".$_GET["id"]."'");
while($row=mysqli_fetch_array($qry,MYSQLI_ASSOC)){
$vid=$row["id"];
$vname=$row["name"];
$vcaption=$row["caption"];
$vvideo=$row["video"];
}
Try replacing this part of the code of stick_form.php:
<td><input type="text" class="bigger_textbox" name="name" value="<?php if (isset($_POST['name'])) {echo htmlentities($_POST['name']);}?>"></td></tr>
<tr><td>Caption</td>
<td><input type="text" class="bigger_textbox" name="caption" value="<?php if (isset($_POST['caption'])) {echo htmlentities($_POST['caption']);}?>"></td></tr>
<tr><td>Video</td>
<td><input type="text" class="bigger_textbox" name="video" value="<?php if (isset($_POST['video'])) {echo htmlentities($_POST['video']);}?>" </td></tr>
With:
<td><input type="text" class="bigger_textbox" name="name" value="<?php echo $vname; ?>"></td></tr>
<tr><td>Caption</td>
<td><input type="text" class="bigger_textbox" name="caption" value="<?php echo $vcaption; ?>"></td></tr>
<tr><td>Video</td>
<td><input type="text" class="bigger_textbox" name="video" value="<?php echo $vvideo; ?>"></td></tr>
Update
As you commented, after clicking the edit button, your form fields get empty. That's because you're not setting the correct variables in this part of your code:
if(isset($_POST["button_edit"])){
$id = $_POST["id"];
$name = $_POST['name'];
$caption = $_POST['caption'];
$video = $_POST['video'];
$qry = mysqli_query($dbc,"Update table1 Set name='$name', caption='$caption', video='$video' Where id='$id'");
Change it to:
if(isset($_POST["button_edit"])){
$vid = $_POST["id"];
$vname = $_POST['name'];
$vcaption = $_POST['caption'];
$vvideo = $_POST['video'];
$qry = mysqli_query($dbc,"Update table1 Set name='$vname', caption='$vcaption', video='$vvideo' Where id='$vid'");
Hope it helps.
I want to display the article ID in my URL when i press the a href in code beneath
Update, i included the php section and the while loop with the article ID
require_once("inc/connection.php");
mysql_select_db("nieuws");
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$id = $_GET['id'];
$datum = $_POST["datum"];
$titel = $_POST["titel"];
$artikel = $_POST["artikel"];
$checkbox = $_POST["checkbox"];
$titel = mysql_real_escape_string(nl2br(htmlentities($_POST["titel"])));
$artikel = mysql_real_escape_string($_POST["artikel"]);
$id = mysql_real_escape_string($_POST['id']);
date_default_timezone_set('GMT');
$datum = date('Y-m-d', strtotime(str_replace('-', '/', $datum)));
if(isset($_POST['add'])){
if(!empty($_POST['titel']) && !empty($_POST['artikel']) && !empty($_POST['datum'])){
$query="INSERT INTO nieuws (id,datum,titel,artikel) VALUES ('$id','$datum','$titel','$artikel')";
$datum = date('Y-m-d', strtotime(str_replace('-', '/', $datum)));
str_replace('<br />', "\n", $textarea);
$result=mysql_query($query);
$juist1 = true;
}else{
$fout1 = true;
}
}if(isset($_POST['delete'])){
foreach($_POST['checkbox'] as $del_id){
$sql="DELETE FROM nieuws WHERE id='$del_id'";
$result = mysql_query($sql);
$juist2 = true;
}
}
}
This is the accordion script that opens on click
$('.acc_container').hide(); //Hide/close all containers
$('.acc_trigger').click(function(){
if( $(this).next().is(':hidden') ) { //If immediate next container is closed...
$('.acc_trigger').removeClass('active').next().slideUp();
$(this).toggleClass('active').next().slideDown();
}
return false;
});
});
This is the FORM part
<form method="POST" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>">
<table style="width:950px; margin-bottom:5px;">
<tr>
<td>Datum:<br />
<input type="text" name="datum" size="20" style="width:100px;" value="<?php echo $datum; ?>" id="datepicker" placeholder="Kies datum"/><br /></td>
<td>Titel:<br />
<input type="text" name="titel" size="200" style="width:500px;" maxlength="45" value="<? php echo $titel; ?>" placeholder="Max. 50 characters toegelaten"/><br /></td> </tr>
</table>
Artikel: <br />
<textarea id="textarea" name="artikel" style="width:500px; height:150px;" value="<?php echo $artikel; ?>" ></textarea><br />
<input type="submit" name="add" value="Artikel toevoegen" />
</form>
This is the while loop where i ADD the row ID
$query="SELECT id,datum,titel,artikel FROM nieuws ORDER BY id DESC";
$result=mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result)){
echo ("<div id=\"artikeltitel\" align=\"center\">
<div id=\"containerdatum\">".$row['datum']."</div>
<div id=\"containertitel\">".$row['titel']."</div>
<div id=\"container3\" style=\"font-size:12px;\">".$row['id']."
<input type=\"checkbox\" name=\"checkbox[]\" id=\"checkbox\" value=\"".$row['id']."\" />
</div>
</div>
<div class=\"container\" align=\"center\">
<h2 class=\"acc_trigger\"> » </h2>
<div class=\"acc_container\">
<div class=\"block\">".$row['artikel']."</div>
<div class=\"fb-comments\" data-href=\"http://www.zpb-polonez.be/user.php\" data-num- posts=\"10\" data-width=\"678\" style=\"margin-top:2px;\"></div>
</div>
</div>
");
}
I don't know what to add more to explain what i'm trying to achive
We lack some information here to be able to help but let's try anyway.
Let's assume that your article id is $row['id'] you could build your link this way:
echo 'Link';
I wasn't sure what else to call the title...I have a PHP page that accesses a certain MySQL database, pulls the values from the table, and places them in an HTML form (POST method - PHP_SELF). The user can then view the values, alter them as they wish, and submit them. The page then takes those values and updates the MySQL database. Everything works perfectly except that when the user submits and the page goes to show the new updated variables, it still shows the old values. The user is forced refresh the page before the new variables show up. I thought that PHP was perhaps not deleting the variables, so I unset all stored variables after the script was over and it's still not working. I ever tried putting a sleep timer before the script started, and that didn't work either. I'd appreciate any suggestions. Here is my script just for reference:
<html>
<body>
<?php
$sql = "SELECT * FROM lease";
$result = mysql_query($sql);
?>
<form id="lease_update" method="post" action="<?php echo htmlentities($PHP_SELF); ?>">
<table>
<tr>
<th>Account</th>
<th>Car Lease</th>
<th>Radio Lease</th>
<th>Misc. Charges</th>
</tr>
<?php
while($rows = mysql_fetch_array($result)){
?>
<tr>
<td><input type="text" name="account[]" value="<?php echo $rows['accnt']; ?>" /></td>
<td><input type="int" name="car_lease[]" value="<?php echo $rows['car']; ?>" /></td>
<td><input type="int" name="radio_lease[]" value="<?php echo $rows['radio']; ?>" /> </td>
<td><input type="int" name="misc_lease[]" value="<?php echo $rows['misc']; ?>" /></td>
<input type="hidden" name="lease_ID[]" value="<?php echo $rows['ID']; ?>" />
</tr>
<?php
}
?>
</table>
<input type="submit" value="Update" name="lease_update" />
<?php
if(isset($_POST['lease_update'])){
$account = $_POST['account'];
$car_lease = $_POST['car_lease'];
$radio_lease = $_POST['radio_lease'];
$misc_lease = $_POST['misc_lease'];
$lease_ID = $_POST['lease_ID'];
//Get Array Lengths For Each Section
$A = count($lease_ID);
//Update Lease Information
$i = 0;
while($i < $A){
if(!mysql_query('UPDATE lease SET accnt = "' .$account[$i]. '", car = "' .$car_lease[$i]. '", radio = "' .$radio_lease[$i]. '", misc = "' .$misc_lease[$i]. '" WHERE ID = ' .$lease_ID[$i]))
die('Error: ' .mysql_error());
$i++;
}
unset($_POST);
unset($rows);
unset(result);
}
?>
</body>
</html>
You are displaying the data from the database before you update it.
It is normally good practice to do all your database connectivity at the top of the page, then display the results.
In your code (even if a user has submitted an update), you query the data, pull it from database and display it, then run the update with what the user submitted.
Changing your code to this should do the trick (Do read the note below though):
<html>
<body>
<?php
if(isset($_POST['lease_update'])){
$account = $_POST['account'];
$car_lease = $_POST['car_lease'];
$radio_lease = $_POST['radio_lease'];
$misc_lease = $_POST['misc_lease'];
$lease_ID = $_POST['lease_ID'];
//Get Array Lengths For Each Section
$A = count($lease_ID);
//Update Lease Information
$i = 0;
while($i < $A){
if(!mysql_query('UPDATE lease SET accnt = "' .$account[$i]. '", car = "' .$car_lease[$i]. '", radio = "' .$radio_lease[$i]. '", misc = "' .$misc_lease[$i]. '" WHERE ID = ' .$lease_ID[$i]))
die('Error: ' .mysql_error());
$i++;
}
unset($_POST);
unset($rows);
unset(result);
}
$sql = "SELECT * FROM lease";
$result = mysql_query($sql);
?>
<form id="lease_update" method="post" action="<?php echo htmlentities($PHP_SELF); ?>">
<table>
<tr>
<th>Account</th>
<th>Car Lease</th>
<th>Radio Lease</th>
<th>Misc. Charges</th>
</tr>
<?php
while($rows = mysql_fetch_array($result)){
?>
<tr>
<td><input type="text" name="account[]" value="<?php echo $rows['accnt']; ?>" /></td>
<td><input type="int" name="car_lease[]" value="<?php echo $rows['car']; ?>" /></td>
<td><input type="int" name="radio_lease[]" value="<?php echo $rows['radio']; ?>" /> </td>
<td><input type="int" name="misc_lease[]" value="<?php echo $rows['misc']; ?>" /></td>
<input type="hidden" name="lease_ID[]" value="<?php echo $rows['ID']; ?>" />
</tr>
<?php
}
?>
</table>
<input type="submit" value="Update" name="lease_update" />
</body>
</html>
Bad note - your code is wide open to injection attacks. You are using form data with no verification. That's a big red flag. Secondly, you are using deprecated mysql_* functions. Your code should be using mysqli_* functions or better yet move to PDO. It is much safer and you will be able to do a lot more with it.
Edit 2: The page IS being updated after the user submits the form, but the page you display to the user is querying the database before you update it - and using that to display the page to the user.
This question already has an answer here:
Closed 11 years ago.
Possible Duplicate:
Why isn't my image showing up?
I have a weird problem here. I have this line of code where it works on one page but it doesnt on another. The PHP code is as follows:
PHP Page That Shows Image
<table border=1>
<tr>
<td align=center>EDIT</td>
</tr>
<tr>
<td>
<table>
<?
$id = $_GET['product_id'];
$result = mysql_query("SELECT * FROM products WHERE serial = '$id'");
$info = mysql_fetch_array($result);
?>
<form method="post" action="editsuccess.php">
<input type="hidden" name="id" value="<? echo "$info[name]"?>">
<table border='0' width=100%>
<tr>
<td>Name</td>
<td>
<input type="text" name="name"
size="20" value="<? echo "$info[name]"?>">
</td>
</tr>
<tr>
<td>Description</td>
<td>
<input type="text" name="name"
size="20" value="<? echo "$info[description]"?>">
</td>
</tr>
<tr>
<td>Price</td>
<td>
<input type="text" name="address" size="40"
value="<? echo "$info[price]"?>">
</td>
</tr>
<tr>
<td>Image</td>
<td>
<? echo'<img src="../getImage.php?id=' . $info['serial'] .'"/>'?>
</td>
</tr>
<tr>
<td align="right">
<input type="submit"
name="submit value" value="Update Product">
</td>
</tr>
</form>
</table>
</td>
</tr>
</table>
PHP Page That Doesnt Show Image
<?php
$id = $_GET['product_id'];
$query = mysql_query("SELECT * FROM products WHERE serial = '$id'")
or die(mysql_error());
while($info = mysql_fetch_array($query)) {
echo "";
$name = $info['name'];
$description = $info['description'];
$price = $info['price'];
$picture = $info['picture'];
}
?>
<form action="editsuccess.php?product_id=<?php echo $id; ?>" method="post">
Product ID:<br/>
<input type="text" value="<?php echo $id;?>" name="product_id" disabled/>
<br/>
Name:<br/>
<span id="sprytextfield1">
<input type="text" value="<?php echo $name;?>" name="name"/>
<span class="textfieldRequiredMsg">Enter Product Name</span></span><br/>
Description:<br/>
<span id="sprytextfield2">
<input type="text" value="<?php echo $description;?>" name="description"/>
<span class="textfieldRequiredMsg">Enter A Description</span></span><br/>
Price:<br/>
<span id="sprytextfield3">
<input type="text" value="<?php echo $price;?>" name="price"/>
<span class="textfieldRequiredMsg">Enter Price</span><span class="textfieldInvalidFormatMsg">Enter Numbers Only</span></span><br/>
Picture:<br/>
<?php echo '<img src="../getImage.php?id=' . $row['serial'] .'"/>'
?>
</br>
<input type="submit" value="Update Product"/>
</form>
The line of code i am talking about is this one:
<?php echo '<img src="../getImage.php?id=' . $row['serial'] .'"/>'
?>
Any ideas why it dont work???
-----EDIT--------
getImage.php code is as follows:
<?php
$host="localhost"; // Host name
$user="****"; // Mysql username
$passwd="****"; // Mysql password
$dbName="**********"; // Database name
// Connect to server and select databse.
mysql_connect("$host", "$user", "$passwd")or die("cannot connect");
mysql_select_db("$dbName")or die("cannot select DB");
$link = mysql_connect($host, $user, $passwd);
mysql_select_db($dbName);
$query = 'SELECT picture FROM products WHERE serial="' . $_GET['id'] . '"';
$result = mysql_query($query,$link);
$row = mysql_fetch_assoc($result);
header("Content-type: image/jpeg");
echo $row['picture'];
?>
First of all, try to avoid short tags (<?). Not every webserver is configured to understand them and it kind of conflicts with XML tags (which open with <?xml). So replace your <? with <?php to make sure your code always works on any webserver, regardless of it's configuration setting for short_open_tags.
Second, You're calling $row['serial'], but $row doesn't appear to be an array (at least it's not defined within the code you pasted here). Are you sure it shouldn't be $info['serial']?
But most importantly, whenever you allow user-input (like a $_GET) to determine your SQL query, always escape your code with mysql_real_escape_string, like this:
$result = mysql_query("SELECT * FROM products WHERE serial = '" . mysql_real_escape_string($id) . "'");
Or when you're sure that it's always an integer (e.g. if the field has INT datatype in your database), cast the value as an integer, like so:
$result = mysql_query("SELECT * FROM products WHERE serial = " . (int) $id);
You shooed to remove while cicluse
next code
while($info = mysql_fetch_array($query)) {
echo "";
$name = $info['name'];
$description = $info['description'];
$price = $info['price'];
$picture = $info['picture'];
}
?>
change just with
$info = mysql_fetch_array($query)
Try and tell us does is ok, and does is like you want. :)