I am a newbie, i want to update the database and when i submit the form to update the record, i get this error
Notice: Undefined index: idno in /Library/WebServer/Documents/practice/employee/edit_employee.php on line 6 Call Stack: 0.0001 633952 1. {main}() /Library/WebServer/Documents/practice/employee/edit_employee.php:0
This is the code
<?php
require_once '../includes/configuration.php';
if (!isset($_POST['enter']))
{
$employee_id_passport = $_GET['idno'];
$sql_query = "SELECT * FROM employee_master WHERE employee_id_passport = '$employee_id_passport'";
$result = mysql_query($sql_query, $connection);
$row = mysql_fetch_assoc($result);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http:www.w3.org/TR/xhthml1/DTD/xhtml1-transitional.dtd">
<html xmls="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title> </title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rel="stylesheet" type "text/css" href="styles/global.css" />
</head>
<body>
<form name="view_employee" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" />
Employee ID/Passport: <input type="text" name="id_passport" disabled="disabled" value="<?php echo $row['employee_id_passport']; ?>" /> <br />
First Name: <input type="text" name="first_name" value="<?php echo $row['first_name']; ?>" /> <br />
Surname: <input type="text" name="surname" value="<?php echo $row['surname']; ?>" /> <br />
Mobile Number: <input type="text" name="mobile_number" value="<?php echo $row['mobile_number']; ?>"/> <br />
<input type="submit" value="Enter" name="submit" />
</form>
</body>
<html>
<?php
}
else
{
$_POST['employee_id_passport'] = $employee_id_passport;
$_POST['first_name'] = $first_name;
$_POST['surname'] = $surname;
$_POST['mobile_number'] = $mobile_number;
$sql_query_update = "UPDATE employee_master SET first_name = '$first_name', SET surname = '$surname', SET mobile_number = '$mobile_number', WHERE employee_id_passport = '$employee_id_passport'";
$result = mysql_query($sql_query_update, $connection);
}
?>
A few bugs in your code.
Never trust Users to input anything without validating and sanitising their data.
Always test for and act on errors or unexpected conditions.
There is no comma before the WHERE clause in an SQL command.
Try the below:
<?php
require_once '../includes/configuration.php';
if( !isset( $_POST ) ){
# No Update Form Submission
if( isset( $_GET['idno'] ) ){
# ID Number Set for Query
$employee_id_passport = mysql_real_escape_string( $_GET['idno'] );
$sql_query = "SELECT * FROM employee_master WHERE employee_id_passport = '$employee_id_passport'";
if( !( $result = mysql_query( $sql_query , $connection ) ) ){
# Query Failed
}elseif( mysql_num_rows( $result )==0 || mysql_num_rows( $result )>1 ){
# Query Succeeded, but No Rows Returned OR More than One Row Returned
}else{
$row = mysql_fetch_assoc( $result );
}
}else{
# No ID Number sent for Query
}
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http:www.w3.org/TR/xhthml1/DTD/xhtml1-transitional.dtd">
<html xmls="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Employee Search</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rel="stylesheet" type "text/css" href="styles/global.css" />
</head>
<body>
<?php if( $row ){ ?>
<form name="view_employee" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" />
Employee ID/Passport: <input type="text" name="id_passport" disabled="disabled" value="<?php echo $row['employee_id_passport']; ?>" /> <br />
First Name: <input type="text" name="first_name" value="<?php echo $row['first_name']; ?>" /> <br />
Surname: <input type="text" name="surname" value="<?php echo $row['surname']; ?>" /> <br />
Mobile Number: <input type="text" name="mobile_number" value="<?php echo $row['mobile_number']; ?>"/> <br />
<input type="submit" value="Enter" name="submit" />
</form>
<?php } ?>
</body>
<html>
<?php
} else {
# Declare Error Holder
$error = array();
# Declare Field Holder
$field = array();
# Validate
if( !isset( $_POST['employee_id_passport'] ) || $_POST['employee_id_passport']=='' )
$error['employee_id_passport'] = 'No ID/Passport Set';
elseif( !is_int( $_POST['employee_id_passport'] ) )
$error['employee_id_passport'] = 'ID/Passport is not a Number';
else
$field['employee_id_passport'] = mysql_real_escape_string( $_POST['employee_id_passport'] );
if( !isset( $_POST['first_name'] ) || $_POST['first_name']=='' )
$error['first_name'] = 'No First Name Set';
else
$field['first_name'] = mysql_real_escape_string( $_POST['first_name'] );
if( !isset( $_POST['surname'] ) || $_POST['surname']=='' )
$error['surname'] = 'No First Name Set';
else
$field['surname'] = mysql_real_escape_string( $_POST['surname'] );
if( !isset( $_POST['mobile_number'] ) || $_POST['mobile_number']=='' )
$error['mobile_number'] = 'No First Name Set';
else
$field['mobile_number'] = mysql_real_escape_string( $_POST['mobile_number'] );
if( !count( $error ) ){
# Validation was Passed
$sql_query_update = "UPDATE employee_master
SET first_name = '{$field['first_name']}',
SET surname = '{$field['surname']}',
SET mobile_number = '{$field['mobile_number']}'
WHERE employee_id_passport = '{$field['$employee_id_passport']}'";
if( !( $result = mysql_query($sql_query_update, $connection) ) ){
# Update Query Failed
}else{
# Update Query OK
}
}
?>
The key idno is not set in your $_GET superglobal. Check your query string for &indo=.
Related
I have been updating my members site so it will work with mysqli. I'm rather new to php and mysql.
I have a page where users can edit their information in a form which posts to send_post.php.
Can anyone tell me what is wrong with my code? I just get a white screen and a syntax error, 'unexpected ',' in send_post.php on line 7'.
This is the page with my form.
<?php
// See if they are a logged in member by checking Session data
include_once("php_includes/check_login_status.php");
if (isset($_SESSION['username'])) {
// Put stored session variables into local php variable
$username = $_SESSION['username'];
}
//Connect to the database through our include
include_once "php_includes/db_conx.php";
// Query member data from the database and ready it for display
$sql = "SELECT * FROM members WHERE username='$username' AND activated='1' LIMIT 1";
$user_query = mysqli_query($db_conx, $sql);
// Now make sure that user exists in the table
$numrows = mysqli_num_rows($user_query);
if($numrows < 1){
echo "That user does not exist or is not yet activated, press back";
exit();
}
while ($row = mysqli_fetch_array($user_query, MYSQLI_ASSOC)) {
$state = $row["state"];
$city = $row["city"];
$name = $row["name"];
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<link rel="shortcut icon" href="../../assets/ico/favicon.png">
<title>Edit</title>
</head>
<body>
<br>
<div class = "container">
<div align="center">
<h3><br />
Edit your account info here<br />
<br />
</h3>
<table align="center" cellpadding="8" cellspacing="8">
<form action="send_post.php" method="post" enctype="multipart/form-data" name="form"
id="form">
<tr>
<td><div align="right">Name:</div></td>
<td><input name="city" type="text" id="city" value="<?php echo "$name"; ?>"
size="30" maxlength="24" /></td>
</tr>
<tr>
<td><div align="right">State:</div></td>
<td><input name="state" type="text" id="state" value="<?php echo "$state"; ?>"
size="30" maxlength="64" /></td>
</tr>
<tr>
<td><div align="right">City:</div></td>
<td><input name="city" type="text" id="city" value="<?php echo "$city"; ?>"
size="30" maxlength="24" /></td>
</tr>
<tr>
<td> </td>
<td><input name="Submit" type="submit" value="Submit Changes" /></td>
</tr>
</form>
</table>
</div>
</div>
</body>
</html>
This is the form processing page. send_post.php
<?php
if ($_POST['state']) {
$city = $_POST['city'];
$name = $_POST['name'];
//Connecting to sql db.
$connect = mysqli_connect("localhost","username","password","database");
$mysqli_query=($connect,"UPDATE members (`state`, `city`, `name` WHERE
username='$username'");
VALUES ('$state', '$city', '$name')";
mysqli_query($connect, $query);
mysqli_close($connect);
echo "Your information has been successfully added to the database.";
?>
Add a hidden field in the form like this
<input type="hidden" name="username" value="<?php echo $username; ?>">
Change send_post.php
<?php
//checking that all the fields have been entered
if( isset( $_POST['state'] ) && !empty( $_POST['state'] ) )
{
$state = $_POST['state'];
}
if( isset( $_POST['city'] ) && !empty( $_POST['city'] ) )
{
$city = $_POST['city'];
}
if( isset( $_POST['name'] ) && !empty( $_POST['name'] ) )
{
$name = $_POST['name'];
}
if( isset( $_POST['username'] ) && !empty( $_POST['username'] ) )
{
$username = $_POST['username'];
}
//Connecting to sql db.
$mysqli = new mysqli("localhost","username","password","database");
//updating database
$query = $mysqli->query( "UPDATE members SET `state` = '$state', `city` = '$city', `name` = '$name' WHERE `username` = '$username'" );
//closing mysqli connection
$mysqli->close;
//echoing that the information has been added
echo "Your information has been successfully added to the database.";
?>
change
$mysqli_query=($connect,"UPDATE members (`state`, `city`, `name` WHERE
username='$username'");
VALUES ('$state', '$city', '$name')";
to
$mysqli_query=($connect,"UPDATE members (`state`, `city`, `name`) VALUES ('$state', '$city', '$name') WHERE username='$username' ");
I am currently making a login form and although there are no error as far as i know when i tried to log in, however, it doesn't show any successful message or whatsoever so i don't know if I successfully log in or not.
<?php
session_start();
require_once('sqlconnect.inc.php');
if (isset($_POST["Login"]))
{
$conn = #mysqli_connect($host, $user, $pswd);
if (!$conn) {
echo "<p>Database connection failure</p>";
} else {
$selectDatabase = #mysqli_select_db($conn,$dbnm)
or die("<p>The database is not available.</p>");
}
$email = $_POST['email'];
$passw = $_POST['password'];
$query = "SELECT member_email FROM team WHERE member_email = '$email' AND password = '$passw'";
$queryResult = #mysqli_query($conn,$query)
or die ("<p>Unable to execute query.</p>". "<p>Error code" . mysqli_errno($conn) .":" . mysqli_error($conn))."</p>";
if(mysqli_num_rows($queryResult) == 0) //user is not found
{
header('Location: login.php');
}else{
if(mysqli_num_rows($queryResult) == 1)
{
echo ("<p>User is found, Successful login!</p>");
echo('<p>member add </p>');
echo('<p>Log out </p>');
$query2 = "SELECT member_name FROM team WHERE member_email = '$email' AND password= '$passw'";
$queryResult2 = #mysqli_query($conn, $query2)
or die ("<p>Unable to execute query.</p>". "<p>Error code" . mysqli_errno($conn) .":" . mysqli_error($conn))."</p>";
$array = mysqli_fetch_row($queryResult2);
$_SESSION['membername'] = $array[0];
}
else
{
echo"<p>Email and password do not match</p>";
echo'<p>Home page </p>';
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/chtml-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en" >
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="description" content="Web Programming :: Assignment 2" />
<meta name="Keywords" content="Web, programming" />
<title>Register Page</title>
</head>
<body>
<form id='login' action='login.php' method='POST'>
<fieldset >
<legend><h1>My Team System Log in Page</h1></legend>
<?php $email = isset($_POST['email']) ? filter_var($_POST['email'], FILTER_SANITIZE_STRING) : ''; ?>
<label for='email' >Email:</label>
<input type='text' name='email' id='email' maxlength="50" value="<?php echo $email; ?>" />
</div>
<br />
<div class="elements">
<label for='password' >Password:</label>
<input type='password' name='password' id='password' maxlength="50" />
</div>
<br />
<div class="submit">
<input type='submit' name='login' value='Login' />
<input type='reset' name='Submit' value='Clear' />
<br />
<div class="elements">
Home
</fieldset>
</form>
</body>
</html>
Either you have an error from the mysql call that is being masked by using the # or the code block where you have the header function is being called. What happens if you remove the # and/or replace the header call with just a plain
echo "Debug: Test";
I want to display error message or alert message after checking the condition.
here is my code
session_start();
$plan = #$_GET['plan'];
$plan = +$plan;
include('connect.php');
If (isset($_POST['submit']))
{
$CompanyName = $_POST['CompanyName'];
$CompanyEmail = $_POST['CompanyEmail'];
$CompanyContact = $_POST['CompanyContact'];
$CompanyAddress = $_POST['CompanyAddress'];
$RegistrationType = $_POST['RegistrationType'];
$Plans = $_POST['plan'];
$Status = "Active";
$query1 = "select count(CompanyEmail) from ApplicationRegister where CompanyEmail = '$CompanyEmail'" ;
$result1 = mysql_query($query1) or die ("ERROR: " . mysql_error());
//$result1 = mysql_result($query1, 0, 0);
//echo $result1;
while ($row = mysql_fetch_array($result1))
{
//$companyemail = $row['CompanyEmail'];
//if($companyemail != '' || $companyemail!= 'NULL')
//{
if($row['count(CompanyEmail)'] > 0)
{
echo "This E-mail id is already registered ";
}
else
{
$sql = "INSERT INTO ApplicationRegister(CompanyName, CompanyEmail, CompanyContact, CompanyAddress, RegistrationType, ApplicationPlan, ApplicationStatus, CreatedDate) VALUES ('$CompanyName', '$CompanyEmail', '$CompanyContact', '$CompanyAddress', '$RegistrationType', '$Plans', '$Status', NOW() )";
$result = mysql_query($sql) or die(mysql_error());
$id = mysql_insert_id();
$_SESSION['application_id'] = $id;
//if(isset($plan == "trail"))
if($plan == "trail")
{
header("Location: userRegister.php?id=$id");
exit();
}
else
{
header("Location : PaymentGateway.php");
exit();
}
}
}
}
?>
and after this i have placed my html form
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link href="style.css" rel="stylesheet" type="text/css" />
<title>Welcome</title>
</head>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><h2><br />
Application Registration</h2>
<p> </p></td>
</tr>
<tr>
<td><form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data" name="form1" id="form1" onsubmit="return Validate();">
<input type="hidden" name="plan" value="<?php echo $plan ?>"/>
Company Name:
<input type="text" name="CompanyName" style="width:230px; height:20px;" /><br /><br />
Company E-mail :
<input type="text" name="CompanyEmail" style="width:230px; height:20px;" /><br /><br />
Company Contact <input type="text" name="CompanyContact" style="width:230px; height:20px;" /><br /><br />
Company Address: <input type="text" name="CompanyAddress" style="width:230px; height:20px;" /><br /><br />
Select Your Registration Type : <br /><br />
Trail: <input type="radio" name="RegistrationType" value="Trail" /><br />
Paid<input type="radio" name="RegistrationType" value="Paid" /><br /><br />
<input type="hidden" name="form_submitted" value="1"/>
<input type="submit" value="REGISTER" name="submit" />
</form>
</td>
</tr>
</table>
When the user entered companyemail is already exists it should display the alert message just below the company email field in the form. But now its displaying in the starting of the page. I dont know what to use and how to use. Please suggest
$msg = "";
if($row['count(CompanyEmail)'] > 0)
{
$msg = "This E-mail id is already registered ";
}
and HTML
<input type="text" name="CompanyEmail" style="width:230px; height:20px;" /><br />
<?php echo $msg; ?>
This query will return only one record. So its not need to use while loop
$query1 = "select count(CompanyEmail) from ApplicationRegister where CompanyEmail = '$CompanyEmail'" ;
$result1 = mysql_query($query1) or die ("ERROR: " . mysql_error());
Try this,
$query1 = "select count(CompanyEmail) from ApplicationRegister where CompanyEmail = '$CompanyEmail'" ;
$result1 = mysql_query($query1);
$row = mysql_ferch_array($result1);
if($row['count(CompanyEmail)'] > 0){
error message
}else{
insert uery
}
Error stating
Notice: Undefined variable: row in E:\xampp\htdocs\Edit_Supp.php on line 9
Notice: Undefined index: id in E:\xampp\htdocs\Edit_Supp.php on line 12
Supplier Updated
Code: Edit_Supp_Form.php
<?php
$SupplierID = $_GET['id'];
//Connect and select a database
mysql_connect ("localhost", "root", "");
mysql_select_db("supplierdetails");
//Run query
$result1 = mysql_query("SELECT * FROM suppliers WHERE SupplierID=$SupplierID");
while($row = mysql_fetch_array($result1)){
$SupplierID = $_GET['id'] = $row['SupplierID'];
$SupplierID = $row['SupplierID'];
$SupplierName = $row['SupplierName'];
$Currency = $row['Currency'];
$Location = $row['Location'];
$ContactNumber = $row['ContactNumber'];
$Email = $row['Email'];
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1- strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="description" content="" />
<meta name="keywords" content="" />
<meta name="author" content="" />
<link rel="stylesheet" type="text/css" href="style.css" media="screen" />
<form action="Edit_Supp.php" method="post">
<br>
</br>
<input type="hidden" name="SupplierID" value="<?php echo $SupplierID;?>"/>
Supplier Name: <input type="text" name="SupplierName" value="<?php echo $SupplierName ;?>" />
<br>
</br>
Currency: <input type="text" name="Currency" value="<?php echo $Currency ;?>" />
<br>
</br>
Location: <input type="text" name="Location" value="<?php echo $Location ;?>" />
<br>
</br>
Contact Number:<input type="text" name="ContactNumber" value="<?php echo $ContactNumber ;?>" />
<br>
</br>
Email:<input type="text" name="Email" value="<?php echo $Email ;?>" />
<br>
</br>
<input type="submit" value= "Edit Supplier Information"/>
</form>
</div>
</body>
</html>
//Plus code for the Edit_Sup which is the code behind this page:
<?php
$con = mysql_connect("localhost", "root", "");
mysql_select_db("supplierdetails");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
//Run a query
$SupplierID= $_POST['id'] = $row ["SupplierID"];
$result1 = mysql_query ("SELECT * FROM suppliers WHERE SupplierID= '".$SupplierID."'") or die (mysql_error());
$row = mysql_fetch_array($result1);
$SupplierID = $_GET['id'];
$SupplierID = $_POST['id'];
$SupplierName = $_POST['SupplierName'];
$Currency = $_POST['Currency'];
$Location = $_POST['Location'];
$ContactNumber = $_POST['ContactNumber'];
$Email = $_POST['Email'];
$SupplierID = $row['SupplierID'];
$query = "UPDATE suppliers SET SupplierName = '".$SupplierName."', Currency = '".$Currency."', Location = '".$Location."', ContactNumber = '".$ContactNumber."', Email = '".$Email."' WHERE SupplierID = '".$SupplierID."'";
$result1 = mysql_query($query);
//Check whether the query was successful or not
if($result1)
{
echo "Supplier Updated";
}
else
{
die ("Query failed");
}
?>
You have referenced $_POST['id'] in Edit_sup.php, but I don't see any input field with the name id.
and line 9 of Edit_sup.php reads -
$SupplierID= $_POST['id'] = $row ["SupplierID"];
I don't see where you got that $row variable from.
You're trying to get $row['id'], I think what you want is $_POST['SupplierID']
I have two .php files which show all contacts in a database, then allows the user to choose a contact to be edited.
The first script is called pick_modcontact.php where I choose a contact, then posts to the script show_modcontact.php When I click the post button on the form on pick.modcontact.php the browser returns to that file due to this code on the beginning of show_modcontact.php
if (!$_POST['id']) {
header( "Location: pick_modcontact.php");
exit;
} else {
session_start();
}
if ($_SESSION['valid'] != "yes") {
header( "Location: pick_modcontact.php");
exit;
}
I can not work out how to correct the code so that it will show the results of the script show_modcontact.php
This script shows all contacts in a database which is an "address book" this part works fine. please see below.
Name:pick_modcontact.php
if ($_SESSION['valid'] != "yes") {
header( "Location: contact_menu.php");
exit;
}
$db_name = "testDB";
$table_name = "my_contacts";
$connection = #mysql_connect("localhost", "admin", "user") or die(mysql_error());
$db = #mysql_select_db($db_name, $connection) or die(mysql_error());
$sql = "SELECT id, f_name, l_name FROM $table_name ORDER BY f_name";
$result = #mysql_query($sql, $connection) or die(mysql_error());
$num = #mysql_num_rows($result);
if ($num < 1) {
$display_block = "<p><em>Sorry No Results!</em></p>";
} else {
while ($row = mysql_fetch_array($result)) {
$id = $row['id'];
$f_name = $row['f_name'];
$l_name = $row['l_name'];
$option_block .= "<option value\"$id\">$f_name, $l_name</option>";
}
$display_block = "<form method=\"POST\" action=\"show_modcontact.php\">
<p><strong>Contact:</strong>
<select name=\"id\">$option_block</select>
<input type=\"submit\" name=\"submit\" value=\"Select This Contact\"></p>
</form>";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Modify A Contact</title>
</head>
<body>
<h1>My Contact Management System</h1>
<h2><em>Modify a Contact</em></h2>
<p>Select a contact from the list below, to modify the contact's record.</p>
<? echo "$display_block"; ?>
<br>
<p>Return to Main Menu</p>
</body>
</html>
This script is for modifying the contact: named show_modcontact.php
<?php
if (!$_POST['id']) {
header( "Location: pick_modcontact.php");
exit;
} else {
session_start();
}
if ($_SESSION['valid'] != "yes") {
header( "Location: pick_modcontact.php");
exit;
}
$db_name = "testDB";
$table_name = "my_contacts";
$connection = #mysql_connect("localhost", "admin", "pass") or die(mysql_error());
$db = #mysql_select_db($db_name, $connection) or die(mysql_error());
$sql = "SELECT f_name, l_name, address1, address2, address3, postcode, prim_tel, sec_tel, email, birthday FROM $table_name WHERE id = '" . $_POST['id'] . "'";
$result = #mysql_query($sql, $connection) or die(mysql_error());
while ($row = mysql_fetch_array($result)) {
$f_name = $row['f_name'];
$l_name = $row['l_name'];
$address1 = $row['address1'];
$address2 = $row['address2'];
$address3 = $row['address3'];
$country = $row['country'];
$prim_tel = $row['prim_tel'];
$sec_tel = $row['sec_tel'];
$email = $row['email'];
$birthday = $row['birthday'];
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Modify A Contact</title>
</head>
<body>
<form action="do_modcontact.php" method="post">
<input type="text" name="id" value="<? echo $_POST['id']; ?>" />
<table cellpadding="5" cellspacing="3">
<tr>
<th>Name & Address Information</th>
<th> Other Contact / Personal Information</th>
</tr>
<tr>
<td align="top">
<p><strong>First Name:</strong><br />
<input type="text" name="f_name" value="<? echo "$f_name"; ?>" size="35" maxlength="75" /></p>
<p><strong>Last Name:</strong><br />
<input type="text" name="l_name" value="<? echo "$l_name"; ?>" size="35" maxlength="75" /></p>
<p><strong>Address1:</strong><br />
<input type="text" name="f_name" value="<? echo "$address1"; ?>" size="35" maxlength="75" /></p>
<p><strong>Address2:</strong><br />
<input type="text" name="f_name" value="<? echo "$address2"; ?>" size="35" maxlength="75" /></p>
<p><strong>Address3:</strong><br />
<input type="text" name="f_name" value="<? echo "$address3"; ?>" size="35" maxlength="75" /> </p>
<p><strong>Postcode:</strong><br />
<input type="text" name="f_name" value="<? echo "$postcode"; ?>" size="35" maxlength="75" /></p>
<p><strong>Country:</strong><br />
<input type="text" name="f_name" value="<? echo "$country"; ?>" size="35" maxlength="75" /> </p>
<p><strong>First Name:</strong><br />
<input type="text" name="f_name" value="<? echo "$f_name"; ?>" size="35" maxlength="75" /></p>
</td>
<td align="top">
<p><strong>Prim Tel:</strong><br />
<input type="text" name="f_name" value="<? echo "$prim_tel"; ?>" size="35" maxlength="75" /></p>
<p><strong>Sec Tel:</strong><br />
<input type="text" name="f_name" value="<? echo "$sec_tel"; ?>" size="35" maxlength="75" /></p>
<p><strong>Email:</strong><br />
<input type="text" name="f_name" value="<? echo "$email;" ?>" size="35" maxlength="75" /> </p>
<p><strong>Birthday:</strong><br />
<input type="text" name="f_name" value="<? echo "$birthday"; ?>" size="35" maxlength="75" /> </p>
</td>
</tr>
<tr>
<td align="center">
<p><input type="submit" name="submit" value="Update Contact" /></p>
<br />
<p>Retuen To Menu</p>
</td>
</tr>
</table>
</form>
</body>
</html>
Edited answer to reflect discoveries found in comment thread below for future readers
In your PHP files you need to update
$_POST[id]
to be
$_POST['id']
PHP will not now what id is, and therefor will evaluate to false, causing your script to exit, and fall into the loop you are describing.
This is also the case when you are using your $_SESSION array
$_SESSION[valid]
should be
$_SESSION['valid']
$_SESSION, $_POST, $_GET, $_REQUEST, etc are all associative arrays, in order to refer to any of their contents you need to specify the string that refers to the key they are located in.
Ok, in your if statement
if (!$_POST['id']) {
header( "Location: pick_modcontact.php");
exit;
} else {
session_start();
}
if ($_SESSION['valid'] != "yes") {
header( "Location: pick_modcontact.php");
exit;
}
You are checking to see if $_SESSION['valid'] does not equal yes, this will evaluate to true because you never set $_SESSION['valid'] = "yes" so it will always go back to pick_modcontact.php here.
Try updating it to be
if (!$_POST['id']) {
header( "Location: pick_modcontact.php");
exit;
} else {
session_start();
// let the script know that this is a valid contact
$_SESSION['valid'] = 'yes';
}
if ($_SESSION['valid'] != "yes") {
header( "Location: pick_modcontact.php");
exit;
}
Also
$option_block .= "<option value\"$id\">$f_name, $l_name</option>";
should be (you're misssing an equals sign) which means that on submit, it wont know the value of 'id'
$option_block .= "<option value=\"$id\">$f_name, $l_name</option>";