Results 1 to 25 of 25

Thread: PHP Help

  1. #1
    Join Date
    Dec 2008
    Location
    Florida
    Posts
    1,052

    PHP Help

    Hey everyone,

    Well I'm having some trouble, I can't seem to get this edit script to work.

    I found a great tutorial and changed it around a lot, and I simply can't figure out the first.

    The error I am getting: Query failed: Unknown column 'name' in 'where clause'

    My goal is to have it load the information that is in the database and then post it so I can edit the information, once I have changed what I wanted, have it re-submit to the database making the changes.

    Edit_Record.php
    Code:
    <html>
    <body>
    <form name="update_record" action="update.php" method="post">
    <table style="margin-bottom: 1px; padding-left:10px;" border="0" cellpadding="0"
    cellspacing="1" width="75%">
    <tbody>
    <tr>
       <td align="right" bgcolor="#e9ece9" >Enter Doctor ID to edit: </td>
       <td bgcolor="#e9ece9" style="padding-left:4px;" >
      <input name="phone"  size="20" maxlength="20"   value="<? echo $BNAME; ?>">
      </td>
    </tr>
    </tbody>
    </table>
    
    
    <table style="margin-bottom: 1px; padding-left:455px;" border="0" cellpadding="0" cellspacing="1" width="50%">
    <tbody>
    <tr>
           <td colspan="2" align="right" bgcolor="#dadce1" height="4">
       <input name="submit" value="submit" type="submit">
       </td>
    </tr>
    </tbody>
    </table>
    
    </body>
    </html>
    Update.php
    Code:
    <?php
    #Form Variables.
    $BNAME='';
    
    #Database connection strings.
    $usr = "#";
    $pwd = "#";
    $db = "#";
    $host = "localhost";
    
    # connect to database
    $cid = mysql_connect($host,$usr,$pwd);
    mysql_select_db($db);
    if (mysql_error()) { print "Database ERROR: " . mysql_error(); }
    
    if(isset($_POST['submit'])){
     extract($_POST);
    
    #A query is written which will extract all information
    #from basic_info table based on phone number entered.
    
    $query = "SELECT * FROM INFORMATION where name='".$BNAME."'";
    #Execute query and store result into variable $result.
    #echo $query;
    $result = mysql_query($query) or die('Query failed: ' . mysql_error());
    
     while ($row = mysql_fetch_array($result, MYSQL_BOTH)) {
     $BNAME=$row["name"];
     $FAPPOINTMENT=$row["fappoint"];
     $SAPPOINTMENT=$row["sappoint"];
     $NOMINATION=$row["nomination"];
     $NOMINATIONC=$row["nominationc"];
     $FINALIST=$row["finalist"];
     $FINALISTV=$row["finalistv"];
     $NOTESPS=$row["notesps"];
     $NOTESND=$row["notesnd"];
     $DATE=$row["date"];
    
     }
    
    echo "<form method=\"post\">";
    echo "<table style=\"margin-bottom: 1px;\" border=\"0\" cellpadding=\"0\" cellspacing=\"1\" width=\"60%\">\n";
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\" colspan=\"2\">Business Name:\t $BNAME</td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"hidden\" value='$BNAME' name=\"name\" size=\"50\" ></td>";
    
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">First Appointment: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"text\" value='$FAPPOINTMENT' name=\"fappoint\" size=\"50\" ></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Second Appointment: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"text\" value='$SAPPOINTMENT' name=\"sappoint\" size=\"50\"></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Nomination Received: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"checkbox\" value='$NOMINATIONC' name=\"nomination\"></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Nomination Congratulations (Letter/Visit): </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"checkbox\" value='$NOMINATIONC' name=\"nominationc\"></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Finalist: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"checkbox\" value='$FINALIST' name=\"finalist\"></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Finalist Congratulations Visit: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"checkbox\" value='$FINALISTV' name=\"finalistv\"></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Products Sold: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <textarea value='$NOTESPS' name=\"noteps\" rows=4 cols=30></textarea></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">New Dollars: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <textarea value='$NOTESND' name=\"notend\" rows=4 cols=30></textarea></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Date of Last Contact: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"checkbox\" value='$DATE' name=\"date\"></td>";
    echo "\t</tr>\n";
    
    echo "</table>\n";
    
    echo "<table style=\"margin-bottom: 1px;\" border=\"0\" cellpadding=\"0\" cellspacing=\"1\" width=\"40%\">";
    echo "<tr>";
    echo "<td colspan=\"2\" align=\"right\" bgcolor=\"#dadce1\" height=\"4\">";
    echo "<input name=\"submit02\" value=\"submit\" type=\"submit\">";
    echo "</td>";
    echo "</tr>";
    echo "</table>";
    echo "</form>";
    #Free up Memory for $result.
    
    mysql_free_result($result);
    #Close database connection.
    mysql_close($link);
    }
    ?>
    The Database structure is:

    $BNAME - varchar(60)
    $FAPPOINTMENT - varchar(60)
    $SAPPOINTMENT - varchar(60)
    $NOMINATION - varchar(60)
    $NOMINATIONC - varchar(60)
    $FINALIST - varchar(60)
    $FINALISTV - varchar(60)
    $NOTESPS - text
    $NOTESND - text
    $DATE - varchar(60)
    Not sure what to put here :-P

  2. #2
    Join Date
    Jun 2003
    Location
    Scotland
    Posts
    299
    PHP Code:
    $query "SELECT * FROM INFORMATION where name='".$BNAME."'"
    Is there any reason why you would need to have the dot (.) before and after the variable name?

    Is it not sufficient to have

    PHP Code:
    $query "SELECT * FROM INFORMATION where name='$BNAME'"
    Last edited by liam_tmt7; 07-16-2009 at 05:48 PM. Reason: new suggestion

  3. #3
    Join Date
    Mar 2008
    Posts
    1,717
    Should it not be bname? You're not showing a name column in your schema, yet you're asking for it. You don't need PHP help you need SQL help, I recommend sams' teach yourself SQL in 24 hours.

    Also, sanitize that input. What happens if your post variable is "' or 1=1 or '"? Ideally since you seem to be starting from scratch, look into whether or not your language's SQL interface supports prepared statements (sometimes called query binding) and do it that way from the start... things that come from userland ideally shouldn't be anywhere near the query when it's parsed.
    I used to run the oldest commercial Mumble host.

  4. #4
    Join Date
    Dec 2008
    Location
    Florida
    Posts
    1,052
    Quote Originally Posted by fwaggle View Post
    Should it not be bname? You're not showing a name column in your schema, yet you're asking for it. You don't need PHP help you need SQL help, I recommend sams' teach yourself SQL in 24 hours.

    Also, sanitize that input. What happens if your post variable is "' or 1=1 or '"? Ideally since you seem to be starting from scratch, look into whether or not your language's SQL interface supports prepared statements (sometimes called query binding) and do it that way from the start... things that come from userland ideally shouldn't be anywhere near the query when it's parsed.
    Not really sure what most of that meant, and yes I'm just getting started. I just wanted to know if someone could help me figure out this problem since books are worthless to me. I'm a hands on learner, not a read and recite learner.
    Not sure what to put here :-P

  5. #5
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,849
    To reiterate what fwaggle stated:
    Quote Originally Posted by mooseweb View Post
    PHP Code:
    $query "SELECT * FROM INFORMATION where name='".$BNAME."'";
    #Execute query and store result into variable $result.
    #echo $query;
    $result mysql_query($query) or die('Query failed: ' mysql_error());

     while (
    $row mysql_fetch_array($resultMYSQL_BOTH)) {
     
    $BNAME=$row["name"];
     
    $FAPPOINTMENT=$row["fappoint"];
     
    $SAPPOINTMENT=$row["sappoint"];
     
    $NOMINATION=$row["nomination"];
     
    $NOMINATIONC=$row["nominationc"];
     
    $FINALIST=$row["finalist"];
     
    $FINALISTV=$row["finalistv"];
     
    $NOTESPS=$row["notesps"];
     
    $NOTESND=$row["notesnd"];
     
    $DATE=$row["date"];

     } 
    The Database structure is:

    $BNAME - varchar(60)
    $FAPPOINTMENT - varchar(60)
    $SAPPOINTMENT - varchar(60)
    $NOMINATION - varchar(60)
    $NOMINATIONC - varchar(60)
    $FINALIST - varchar(60)
    $FINALISTV - varchar(60)
    $NOTESPS - text
    $NOTESND - text
    $DATE - varchar(60)
    1. The database structure should be:
    name - varchar(60)
    fappoint - varchar(60)
    etc.

    2. Make sure you understand SQL injection and protect your script against it before it goes public.
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  6. #6
    Join Date
    Dec 2008
    Location
    Florida
    Posts
    1,052
    Quote Originally Posted by foobic View Post
    To reiterate what fwaggle stated:


    1. The database structure should be:
    name - varchar(60)
    fappoint - varchar(60)
    etc.

    2. Make sure you understand SQL injection and protect your script against it before it goes public.
    The script won't need much protection, it's going to be in a password protected members area, so I should be fine there, also thanks foobic, I appreciate the help.


    I have changed the name field to BNAME, should that fix my issues?

    Code:
    $query = "SELECT * FROM INFORMATION where name='".$BNAME."'"; 
    #Execute query and store result into variable $result. 
    #echo $query; 
    $result = mysql_query($query) or die('Query failed: ' . mysql_error()); 
    
     while ($row = mysql_fetch_array($result, MYSQL_BOTH)) { 
     $BNAME=$row["BNAME"]; 
     $FAPPOINTMENT=$row["FAPPOINTMENT"]; 
     $SAPPOINTMENT=$row["SAPPOINTMENT"]; 
     $NOMINATION=$row["NOMINATION"]; 
     $NOMINATIONC=$row["NOMINATIONC"]; 
     $FINALIST=$row["FINALIST"]; 
     $FINALISTV=$row["FINALISTV"]; 
     $NOTESPS=$row["NOTESPS"]; 
     $NOTESND=$row["NOTESND"]; 
     $DATE=$row["DATE"]; 
    
     } 
    



    Last edited by mooseweb; 07-16-2009 at 07:49 PM.
    Not sure what to put here :-P

  7. #7
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,849
    Quote Originally Posted by mooseweb View Post
    I have changed the name field to BNAME, should that fix my issues?
    Provided that the field name in your database is in fact "BNAME" and not "$BNAME" as you stated earlier, or "name" as the code suggests. You can verify your table structure with this (in phpMyAdmin, for example):
    Code:
    SHOW CREATE TABLE INFORMATION;
    (Just as an aside, it's conventional to use lower case for table names / field names and upper case for MySQL keywords - makes it easier to read.)
    Last edited by foobic; 07-16-2009 at 08:11 PM.
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  8. #8
    Join Date
    Dec 2008
    Location
    Florida
    Posts
    1,052
    Quote Originally Posted by foobic View Post
    Provided that the field name in your database is in fact "BNAME" and not "$BNAME" as you stated earlier, or "name" as the code suggests. You can verify your table structure with this (in phpMyAdmin, for example):
    Code:
    SHOW CREATE TABLE INFORMATION;
    (Just as an aside, it's conventional to use lower case for table names / field names and upper case for MySQL keywords - makes it easier to read.)

    Wait so are you saying that $BNAME should actually be BNAME by itself if BNAME is the entry in the DB?

    I thought all rows or columns in a DB had to start with a $
    Not sure what to put here :-P

  9. #9
    Join Date
    Feb 2005
    Location
    Australia
    Posts
    5,849
    Variable names in PHP must start with a $ character. There's no such restriction on field names in MySQL - they can contain special characters but it's probably a bad idea to use any. Why don't you run that command in phpMyAdmin and post the result so we can see what you actually have in your database?
    Chris

    "Some problems are so complex that you have to be highly intelligent and well informed just to be undecided about them." - Laurence J. Peter

  10. #10
    Er... what about your form?

    <input name="phone" size="20" maxlength="20" value="<? echo $BNAME; ?>">
    Where are you getting that variable from? If that's being obtained from the database, make sure you include the connection.

    I'd recommend using one single connecting file, and including it whereever a MySQL query will be performed.

    Eg/

    con.php
    PHP Code:
    <?php

    $host 
    'localhost';
    $u '#'// Your username
    $p '#'// Your password
    $dbn '#'// The databases name
    $con mysql_connect($host,$u,$p);
    if (!
    $con)
    {    die(
    mysql_error());
    }
    else
    {    
    $seldb mysql_select_db($dnb);
         if (!
    $seldb)
         {    die(
    mysql_error());
         }
    }

    ?>
    Then, before you do your query, you insert...

    PHP Code:
    <?php

    include('con.php');

    ?>
    So with your edit_record.php, you would include it before the head if you like.
    Then, you would have...
    (Make sure to change "condition" to the conditions you want met, and "table" to the table this information is stored in. Eg/ SELECT * FROM appointments WHERE bname = mooseweb
    LIMIT 1 may not be required if bname is unique. You could also add a primary key and look information up with that, instead of the name. LIMIT 1 will just make sure this only happens once.


    PHP Code:
    $sql mysql_query("SELECT * FROM table WHERE condition LIMIT 1");
    while (
    $row mysql_fetch_array($sql))
    {   echo 
    "<input name='phone'  size='20' maxlength='20'   value='".$BNAME."'>";



    As for your error, I get this all the time and it's just a tiny error.

    $query = "SELECT * FROM INFORMATION where name='".$BNAME."'";
    Is the error, does the column "name" even exist?

    If plausible, post a screenshot of your table from phpMyAdmin.

  11. #11
    Join Date
    Dec 2008
    Location
    Florida
    Posts
    1,052
    Quote Originally Posted by reKo View Post
    Er... what about your form?



    Where are you getting that variable from? If that's being obtained from the database, make sure you include the connection.

    I'd recommend using one single connecting file, and including it whereever a MySQL query will be performed.

    Eg/

    con.php
    PHP Code:
    <?php

    $host 
    'localhost';
    $u '#'// Your username
    $p '#'// Your password
    $dbn '#'// The databases name
    $con mysql_connect($host,$u,$p);
    if (!
    $con)
    {    die(
    mysql_error());
    }
    else
    {    
    $seldb mysql_select_db($dnb);
         if (!
    $seldb)
         {    die(
    mysql_error());
         }
    }

    ?>
    Then, before you do your query, you insert...

    PHP Code:
    <?php

    include('con.php');

    ?>
    So with your edit_record.php, you would include it before the head if you like.
    Then, you would have...
    (Make sure to change "condition" to the conditions you want met, and "table" to the table this information is stored in. Eg/ SELECT * FROM appointments WHERE bname = mooseweb
    LIMIT 1 may not be required if bname is unique. You could also add a primary key and look information up with that, instead of the name. LIMIT 1 will just make sure this only happens once.


    PHP Code:
    $sql mysql_query("SELECT * FROM table WHERE condition LIMIT 1");
    while (
    $row mysql_fetch_array($sql))
    {   echo 
    "<input name='phone'  size='20' maxlength='20'   value='".$BNAME."'>";

    As for your error, I get this all the time and it's just a tiny error.

    $query = "SELECT * FROM INFORMATION where name='".$BNAME."'";
    Is the error, does the column "name" even exist?

    If plausible, post a screenshot of your table from phpMyAdmin.

    That helps a lot, here is the screenshot.


    http://i612.photobucket.com/albums/t...screenshot.jpg
    Not sure what to put here :-P

  12. #12
    Join Date
    Jun 2009
    Posts
    35
    As the table field has the name 'BNAME' your query should be

    $query = "SELECT * FROM INFORMATION where BNAME='".$BNAME."'";

    And the code should be like this:


    $result = mysql_query($query) or die('Query failed: ' . mysql_error());

    while ($row = mysql_fetch_array($result, MYSQL_BOTH)) {

    $BNAME=$row["BNAME"];
    $FAPPOINTMENT=$row["FAPPOINTMENT"];
    $SAPPOINTMENT=$row["SAPPOINTMENT"];
    $NOMINATION=$row["NOMINATION"];
    $NOMINATIONC=$row["NOMINATIONC"];
    $FINALIST=$row["FINALIST"];
    $FINALISTV=$row["FINALISTV"];
    $NOTESPS=$row["NOTESPS"];
    $NOTESND=$row["NOTESND"];
    $DATE=$row["DATE"];

    }

  13. #13
    Join Date
    Mar 2008
    Posts
    1,717
    Quote Originally Posted by mooseweb View Post
    The script won't need much protection, it's going to be in a password protected members area, so I should be fine there, also thanks foobic, I appreciate the help.
    You still want to sanitize that data, don't put it past any of your "members" to accidentally drop a table or something silly (I don't think php's mysql_query will let you ;drop table, but that doesn't mean you shouldn't sanitize the data still). Let's put it this way, unsanitized variables going to MySQL at the very least gives the user the opportunity to completely disregard everything after the WHERE clause, so think about how that will mess with the business logic of your application.

    There's two ways to sanitize the data, the first is to make sure everything that lives in a PHP variable that goes through mysql_query() goes through mysql_real_escape_string() first. You want to keep track of this, and ensure that it only goes through it once or you'll end up with ugly backslashes and whatnot in the database - to ensure that they all get done once and don't get done twice I recommend doing it right before the query is sent, so you keep it all together. In fact, I'd personally do it like this:

    Code:
    $BNAME = mysql_real_escape_string($_POST['BNAME']);
    $result = mysql_query("....'" . $BNAME . "'");
    That way, if you don't actually modify the POST variable, and you copy+paste the code further down the page, you don't double-escape anything.

    (If you're feeling like this is too much information, stop reading here. The part below probably holds no bearing on your programming because you're learning PHP and it doesn't work in PHP.)

    The other way, which is superior in my opinion, is to use query binding. Unfortunately, I don't think PHP's MySQL module supports it, which is stupid IMHO (btw Python, Java, and many other languages all support this method just fine), but basically you'd use place holders in the query (this is pseudo-code, won't work):

    $query = mysql_query('SELECT id,data FROM table WHERE id = ?');
    $result = mysql_execute($query, array($id));

    By the time the data from the user ends up anywhere near the database, the query's already parsed by the server - you could put big chunks of binary in there with all kinds of symbols, none of it escaped and it'll handle it just fine. It effectively eliminates the possibility of screwing up and forgetting to escape something, which is why I like that method more - and I can't fathom why PHP still doesn't support it, particularly when the underlying C API (which PHP is at it's base level just really ugly glue to) supports it just fine, and after all these years no one's bothered to write two or three extra functions to make it work.
    I used to run the oldest commercial Mumble host.

  14. #14
    Join Date
    Apr 2007
    Location
    Calgary, Canada
    Posts
    201
    Quote Originally Posted by fwaggle View Post
    (If you're feeling like this is too much information, stop reading here. The part below probably holds no bearing on your programming because you're learning PHP and it doesn't work in PHP.)

    The other way, which is superior in my opinion, is to use query binding. Unfortunately, I don't think PHP's MySQL module supports it, which is stupid IMHO (btw Python, Java, and many other languages all support this method just fine), but basically you'd use place holders in the query (this is pseudo-code, won't work):

    $query = mysql_query('SELECT id,data FROM table WHERE id = ?');
    $result = mysql_execute($query, array($id));
    You can always make your own method/functions to do that. It's even easier if you're passing in an array like the example you gave.

    PHP Code:
    function queryf($query$vars) {
      foreach (
    $vars as $var)
        
    $queryVars[] = mysql_real_escape_string($var)
      
    $newQuery vsprintf($query$queryVars);
      return 
    mysql_query($newQuery);
    }

    $result queryf("SELECT * FROM table WHERE name = '%s' AND userID = %d", array('bob'12)); 
    Note: And I just typed this out, so I don't guarantee it'll work straight off the bat.

  15. #15
    Join Date
    Mar 2008
    Posts
    1,717
    Quote Originally Posted by Kohrar View Post
    Note: And I just typed this out, so I don't guarantee it'll work straight off the bat.
    True, but that's not exactly the same thing... it just automates escaping the strings.
    I used to run the oldest commercial Mumble host.

  16. #16
    Join Date
    Dec 2008
    Location
    Florida
    Posts
    1,052
    I keep getting an error on update.php line 108, specifically this line:

    Code:
    mysql_free_result($result);
    #Close database connection.
    mysql_close($link);
    }
    ?>
    Any ideas? I've tried searching for that command what not but have come up with little to nothing.
    Not sure what to put here :-P

  17. #17
    Join Date
    Apr 2007
    Location
    Calgary, Canada
    Posts
    201
    From your first post, it seems like your code is

    PHP Code:
    $cid mysql_connect($host,$usr,$pwd); 
    so your mysql_close() should take in $cid instead of $link:

    PHP Code:
    mysql_close($cid); 

  18. #18
    Join Date
    Dec 2008
    Location
    Florida
    Posts
    1,052
    Quote Originally Posted by Kohrar View Post
    From your first post, it seems like your code is

    PHP Code:
    $cid mysql_connect($host,$usr,$pwd); 
    so your mysql_close() should take in $cid instead of $link:

    PHP Code:
    mysql_close($cid); 

    Thanks, but I still can't seem to get this to update the database.

    I've followed everyone's instructions down to the last dot.

    Whenever I include the con.php file in edit_record.php it just gives me a "Database No Selected" error, even with the changes I made..
    Not sure what to put here :-P

  19. #19
    Join Date
    Apr 2007
    Location
    Calgary, Canada
    Posts
    201
    Can you post what you currently have in con.php and edit_record.php?

  20. #20
    Quote Originally Posted by mooseweb View Post
    Thanks, but I still can't seem to get this to update the database.

    I've followed everyone's instructions down to the last dot.

    Whenever I include the con.php file in edit_record.php it just gives me a "Database No Selected" error, even with the changes I made..
    Quote Originally Posted by Kohrar View Post
    Can you post what you currently have in con.php and edit_record.php?
    I'm sorry, that would be my fault.
    The keyboard I was using had an extremely bad response time, and often I'd type a full sentence and it would get button presses confused, resulting in a lot of errors such as mixing up letters, repeating letters more than 3 times, using shift when I didnt put it down and repeating various words twice.

    The code I posted was
    PHP Code:
    <?php

    $host 
    'localhost';
    $u '#'// Your username
    $p '#'// Your password
    $dbn '#'// The databases name
    $con mysql_connect($host,$u,$p);
    if (!
    $con)
    {    die(
    mysql_error());
    }
    else
    {    
    $seldb mysql_select_db($dnb);
         if (!
    $seldb)
         {    die(
    mysql_error());
         }
    }

    ?>
    As you can see in variabl $seldb, I am selecting the database based on a variable called $dnb. Obviously, this variable has never been set.

    Please update your con.php code to the following (remembering to edit your variables)
    PHP Code:
    <?php

    $host 
    'localhost';
    $u '#'// Your username
    $p '#'// Your password
    $dbn '#'// The databases name
    $con mysql_connect($host,$u,$p);
    if (!
    $con)
    {    die(
    mysql_error());
    }
    else
    {    
    $seldb mysql_select_db($dbn);
         if (!
    $seldb)
         {    die(
    mysql_error());
         }
    }

    ?>

  21. #21
    Join Date
    Dec 2008
    Location
    Florida
    Posts
    1,052
    I fixed that, although it still does not work, no clue why either =/
    Not sure what to put here :-P

  22. #22
    Join Date
    Dec 2008
    Location
    Florida
    Posts
    1,052
    Here are the latest code samples:

    Data.php
    Code:
    <?php
    
    $host = 'localhost';
    $u = 'mooseweb_db2user'; // Your username
    $p = '3#?Ci~7|'; // Your password
    $dbn = 'mooseweb_db2'; // The databases name
    $con = mysql_connect($host,$u,$p);
    if (!$con)
    {    die(mysql_error());
    }
    else
    {    $seldb = mysql_select_db($dbn);
         if (!$seldb)
         {    die(mysql_error());
         }
    }
    
    ?>
    Edit_Record.php
    Code:
    <?php
    
    include('data.php');
    
    ?> 
    
    <html>
    <body>
    <form action="update.php" method="post">
    <table style="margin-bottom: 1px; padding-left:10px;" border="0" cellpadding="0"
    cellspacing="1" width="75%">
    <tbody>
    <tr>
       <td align="right" bgcolor="#e9ece9" >Enter Doctor ID to edit: </td>
       <td bgcolor="#e9ece9" style="padding-left:4px;" >
        <input name='phone'  size='20' maxlength='20'   value='".$BNAME."'>
        </td>
    </tr>
    </tbody>
    </table>
    
    
    <table style="margin-bottom: 1px; padding-left:455px;" border="0" cellpadding="0" cellspacing="1" width="50%">
    <tbody>
    <tr>
           <td colspan="2" align="right" bgcolor="#dadce1" height="4">
       <input name="submit" value="submit" type="submit">
       </td>
    </tr>
    </tbody>
    </table>
    
    </body>
    </html>
    Update.php
    Code:
    <?php
    #Form Variables.
    $BNAME='';
    
    #Database connection strings.
    $usr = "mooseweb_db2user";
    $pwd = "3#?Ci~7|";
    $db = "mooseweb_db2";
    $host = "localhost";
    
    # connect to database
    $cid = mysql_connect($host,$usr,$pwd);
    mysql_select_db($db);
    if (mysql_error()) { print "Database ERROR: " . mysql_error(); }
    
    if(isset($_POST['submit'])){
     extract($_POST);
    
    #A query is written which will extract all information
    #from basic_info table based on phone number entered.
    
    $query = "SELECT * FROM INFORMATION where BNAME='".$BNAME."'"; 
    #Execute query and store result into variable $result.
    #echo $query;
    $result = mysql_query($query) or die('Query failed: ' . mysql_error());
    
     while ($row = mysql_fetch_array($result, MYSQL_BOTH)) {
     $BNAME=$row["BNAME"];
     $FAPPOINTMENT=$row["FAPPOINTMENT"];
     $SAPPOINTMENT=$row["SAPPOINTMENT"];
     $NOMINATION=$row["NOMINATION"];
     $NOMINATIONC=$row["NOMINATIONC"];
     $FINALIST=$row["FINALIST"];
     $FINALISTV=$row["FINALISTV"];
     $NOTESPS=$row["NOTESPS"];
     $NOTESND=$row["NOTESND"];
     $DATE=$row["DATE"];
    
     }
    
    echo "<form method=\"post\">";
    echo "<table style=\"margin-bottom: 1px;\" border=\"0\" cellpadding=\"0\" cellspacing=\"1\" width=\"60%\">\n";
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\" colspan=\"2\">Business Name:\t $BNAME</td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"hidden\" value='$BNAME' name=\"BNAME\" size=\"50\" ></td>";
    
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">First Appointment: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"text\" value='$FAPPOINTMENT' name=\"FAPPOINTMENT\" size=\"50\" ></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Second Appointment: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"text\" value='$SAPPOINTMENT' name=\"SAPPOINTMENT\" size=\"50\"></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Nomination Received: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"checkbox\" value='$NOMINATION' name=\"NOMINATION\"></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Nomination Congratulations (Letter/Visit): </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"checkbox\" value='$NOMINATIONC' name=\"NOMINATIONC\"></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Finalist: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"checkbox\" value='$FINALIST' name=\"FINALIST\"></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Finalist Congratulations Visit: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"checkbox\" value='$FINALISTV' name=\"FINALISTV\"></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Products Sold: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <textarea value='$NOTESPS' name=\"NOTESPS\" rows=4 cols=30></textarea></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">New Dollars: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <textarea value='$NOTESND' name=\"NOTESND\" rows=4 cols=30></textarea></td>";
    echo "\t</tr>\n";
    
    echo "\t<tr>\n";
    echo "\t\t<td bgcolor=\"#dadce1\">Date of Last Contact: </td>";
    echo "\t\t<td bgcolor=\"#dadce1\"> <input type=\"checkbox\" value='$DATE' name=\"DATE\"></td>";
    echo "\t</tr>\n";
    
    echo "</table>\n";
    
    echo "<table style=\"margin-bottom: 1px;\" border=\"0\" cellpadding=\"0\" cellspacing=\"1\" width=\"40%\">";
    echo "<tr>";
    echo "<td colspan=\"2\" align=\"right\" bgcolor=\"#dadce1\" height=\"4\">";
    echo "<input name=\"submit02\" value=\"submit\" type=\"submit\">";
    echo "</td>";
    echo "</tr>";
    echo "</table>";
    echo "</form>";
    #Free up Memory for $result.
    
    mysql_free_result($result);
    #Close database connection.
    mysql_close($cid);
    }
    ?>
    Not sure what to put here :-P

  23. #23
    Join Date
    Jun 2009
    Posts
    35

    <td bgcolor="#e9ece9" style="padding-left:4px;" >
    <input name='phone' size='20' maxlength='20' value='".$BNAME."'>
    </td>
    As the name field in the form for input is phone, when extracting the post array $phone will have the corresponding value.
    Try by changing the query.


    if(isset($_POST['submit'])){
    extract($_POST);

    #A query is written which will extract all information
    #from basic_info table based on phone number entered.

    $query = "SELECT * FROM INFORMATION where BNAME='".$phone."'";
    Hope this will help..

  24. #24
    Join Date
    Dec 2008
    Location
    Florida
    Posts
    1,052
    Quote Originally Posted by Neseema M M View Post
    As the name field in the form for input is phone, when extracting the post array $phone will have the corresponding value.
    Try by changing the query.



    Hope this will help..
    That brought it half way there, thanks.

    It now loads the database, but does not edit it once Submit has been clicked.

    Strange.... Such a simple idea and a complicated script.
    Not sure what to put here :-P

  25. #25
    Join Date
    Jun 2009
    Posts
    35
    I think you missed update query...
    It is not written..
    Neseema M M
    Ezeelogin - The ultimate multiple server administration software.
    * Parallel shell * rm -rf protection * SSH logging * automated password changes * encrypted storage *
    AdMod.com - Delivering innovative web hosting solutions

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •