working w/ code that searches mySQL db but want to update as well

**?foru** · 02-25-2009, 06:57 PM

Thank you for taking a look JasonDFR. I clearly missed the == after name. I changed that and it works now. Your explanation makes sense so thank you for that as well and for the additional tips because I wasn't echoing $_POST (definitely worth keeping in mind).

I normally always have
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org..."><html xmlns="http://www.w3.org/1999/xhtml"> in my page although I didn't have it along with proper /> tags in this one. I will be taking the php code out and placing it into a page already setup with a stylesheet...etc.

Once I know that no other fields will be needed I can go in and add the validation. Thank you again for the help

**?foru** · 02-26-2009, 02:33 AM

One other quick question...not sure where to put validation because it is showing "fqdn required" whether or not it was blank when I put it above this code section listed below?

PHP Code:


<?

if($_GET["cmd"]=="edit" || $_POST["cmd"]=="edit")

{

// I THINK I NEED TO ADD IT HERE...I TRIED BUT COULDN'T GET THE SYNTAX CORRECT

   if (!isset($_POST["submit"]))

   {

      $id = $_GET["id"];

      $sql = "SELECT * FROM toast_data WHERE id=$id";

      $result = mysql_query($sql);        

      $myrow = mysql_fetch_array($result);

      ?>

      <br />

      <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

      .......REST OF FORM HERE...................

   <input type="hidden" name="cmd" value="edit">

   <input type="submit" name="submit" value="submit">

   </form>

   

<? } ?>

<?

   if ($_POST["$submit"])

   {

      $tn = $_POST["tn"];

      $acct_number = $_POST["acct_number"];

      $port = $_POST["port"];

      $fqdn = $_POST["fqdn"];

      

      $sql = "UPDATE toast_data SET tn='$tn', acct_number='$acct_number', port='$port', fqdn='$fqdn' WHERE id=$id";

      $result = mysql_query($sql);

      echo "<BR><BR><table><tr><td class='confirm'>Thank you! Information updated.</td></tr></table>";

      echo "<BR><BR>";

      echo "<a href='". $_SERVER['PHP_SELF']. "'>Update another record</a>";

    }

}

?>

Thank you

**fobos** · 02-26-2009, 05:09 AM

im sorry you did bring out a couple of mistakes that i had.
1) this is the correct way to display your table.

PHP Code:


<tr bgcolor='$row_color'> 

                    <td>".$row['tn']."</td> 

                    <td>".$row['acct_number']."</td> 

                    <td>".$row['port']."</td> 

                    <td>".$row['fqdn']."</td> 

                    <td><a href=\"page.php?id=$id\">Update</a></td> 

                    <td><a onClick=\"return confirm("Are You Sure?")\" href=\"page.php?action=del&id=$id\">Delete</a></td> 

               </tr>

2) In this one i had "$table", but just put your table name there

PHP Code:


if($_REQUEST['action']=="del") { 

     mysql_query("DELETE FROM tablename WHERE id={$_REQUEST['id']};"); 

}

And yes there shouldnt be (2) == signs because that would mean nothing

**JasonDFR** · 02-26-2009, 07:12 AM

Since you need values for $tn, $acct_number, $port, and $fqdn before you update your database, you should validate them, 1. After they have been posted, 2 before you query the DB. So:

PHP Code:


 if ($_POST["$submit"])
   {

    // I'd do some validation here.
    
      $tn = $_POST["tn"];
      $acct_number = $_POST["acct_number"];
      $port = $_POST["port"];
      $fqdn = $_POST["fqdn"];
      
      $sql = "UPDATE toast_data SET tn='$tn', acct_number='$acct_number', port='$port', fqdn='$fqdn' WHERE id=$id";
      $result = mysql_query($sql);
      echo "<BR><BR><table><tr><td class='confirm'>Thank you! Information updated.</td></tr></table>";
      echo "<BR><BR>";
      echo "<a href='". $_SERVER['PHP_SELF']. "'>Update another record</a>";
    }
}

First decide what is important about each piece of information being entered.

For example, none of your values can == '' ( nothing ). So test for that.
Are all $acct_numbers numeric? If so, make sure it is numeric. If all $acct_numbers follow a certain pattern, check them against a regular expression.
And make sure the values are safe to enter into the db.

If you need help figuring out how to validate these values, start another thread titled form validation or something like that and ask your questions there. It's better for people searching the forms for stuff about validation and really is a different topic than this thread.

Good luck.

J

**?foru** · 02-27-2009, 01:34 AM

No worries at all fobos, I appreciate you posting what you had. For the update script I am going to pass the id from the search page so I won't need to display the records on the update page but I'm sure someone will put it to good use.

J that is correct the account #'s are only numeric values in this case, and those won't really be changed but they are mainly used to see if multiple pieces of equipment are tied to an account.

The validation works, but I will create a thread to see about stopping the script execution because after the echo the sql statement runs and updates. Thank you both!

Thread: working w/ code that searches mySQL db but want to update as well

Thread Tools

Search Thread

working w/ code that searches mySQL db but want to update as well

Bookmarks

Bookmarks

Posting Permissions