$_Get

**Rodney** · Oct 15, 2003 14:37

I have an adminform which makes a list by name of all addresses in the table. Behind each line I use a link to go to the editform.

PHP Code:


<?php

include("connect.php");



$query= "SELECT id, ordernummer, naam FROM zadres ORDER BY naam";

$result= mysql_db_query($database, $query) or die("Cannot query the database.<br>" . mysql_error());

?>

<table width="100%" border="1" cellspacing="2" cellpadding="2">

<?php

while ($row = mysql_fetch_assoc($result)) { 

    $ordernummer = $row['ordernummer']; 

    $naam = $row['naam']; 

?>

<tr>

    <td width="40%"><?php echo "$ordernummer ($naam)";?></td>

    <td width="5%"><a href=formeditadres.php?id=<?echo $row['id'];?>>edit</a></td>

    <td width="5%"><a href=formdeleteadres.php?id=<?echo $row['id'];?>>delete</a></td>

    </tr>

<?php

}

?>

In formeditadres.php I have to use $_GET ['id'] somewhere. I just don't know how en where.

PHP Code:


<?php

include("connect.php");

if($_POST['verstuurd'] == "1") {

$plaatdat= addslashes($_POST['plaatdat']);

$einddat= addslashes($_POST['einddat']);

$ordnr= addslashes($_POST['ordnr']);

$afkom= addslashes($_POST['afkom']);

$rubr= addslashes($_POST['rubr']);

$naam= addslashes($_POST['naam']);

$omsch= addslashes($_POST['omsch']);

$straat= addslashes($_POST['straat']);

$postc= addslashes($_POST['postc']);

$woonp= addslashes($_POST['woonp']);

$prov= addslashes($_POST['prov']);

$land= addslashes($_POST['land']);

$contp= addslashes($_POST['contp']);

$telnr= addslashes($_POST['telnr']);

$mobnr= addslashes($_POST['mobnr']);

$faxnr= addslashes($_POST['faxnr']);

$email= addslashes($_POST['email']);

$web= addslashes($_POST['web']);

$query= "UPDATE zadres (plaatsingsdatum, einddatum, ordernummer, afkomst_id, rubriek_id, naam, zomschrijving, straatnaam, postcode, woonplaats, provincie_id, land_id, contactpersoon, telefoonnummer, mobielnummer, faxnummer, emailadres, website) VALUES ('$plaatdat', '$einddat', '$ordnr', '$afkom', '$rubr', '$naam', '$omsch', '$straat', '$postc', '$woonp', '$prov', '$land', '$contp', '$telnr', '$mobnr', '$faxnr', '$email', '$web') WHERE id='$id'";

$result = mysql_db_query($database, $query) or die("Cannot query the database.<br>" . mysql_error());

echo "Data gewijzigd.<br><br>";

} else {

$sql= "SELECT * FROM zadres WHERE id='$id'";

$query = mysql_query($sql) or die("Cannot query the database.<br>" . mysql_error());

$result = mysql_fetch_array($query);

$plaatsingsdatum= stripslashes($result["plaatsingsdatum"]);

$einddatum= stripslashes($result["einddatum"]);

$ordernummer= stripslashes($result["ordernummer"]);

$afkomst_id= stripslashes($result["afkomst_id"]);

$rubriek_id= stripslashes($result["rubriek_id"]);

$naam= stripslashes($result["naam"]);

$omschrijving= stripslashes($result["omschrijving"]);

$straatnaam= stripslashes($result["straatnaam"]);

$postcode= stripslashes($result["postcode"]);

$woonplaats= stripslashes($result["woonplaats"]);

$provincie_id= stripslashes($result["provincie_id"]);

$land_id= stripslashes($result["land_id"]);

$contactpersoon= stripslashes($result["contactpersoon"]);

$telefoonnummer= stripslashes($result["telefoonnummer"]);

$mobielnummer= stripslashes($result["mobielnummer"]);

$faxnummer= stripslashes($result["faxnummer"]);

$emailadres= stripslashes($result["emailadres"]);

$website= stripslashes($result["website"]);

}

?>

I need help.

**Anarchos** · Oct 15, 2003 14:55

When you output the form to edit the address, add:

HTML Code:

<input type="hidden" name="id" value="<?php echo $_GET['id'] ?>" />

Also, in your page you have $id a couple of times, and those should be either $_GET['id'] or $_POST['id'], depending on the circumstances.

**marylin77** · Oct 15, 2003 15:07

You can use $_REQUEST['id']and forget the method you used.

**Helge** · Oct 16, 2003 02:05

Hi.
I disagree on using the $_REQUEST array.

My opinion is that you should not use $_REQUEST. It's better to use $_POST and $_GET depending on where the variable is coming from. It increase the readability of you script. And you always know exatly where your variable is coming from.

What happens if you have a form (method post) containing a field called 'id' and a 'id' variable in your url?

-Helge

**marylin77** · Oct 16, 2003 10:26

Helge you are right...i have never thought in the case you have posted...perhaps because I try not to name 2 or more variables equally

**Rodney** · Oct 16, 2003 11:46

I'm trying several things but none of them seem to work.
I'm almost going crazy right now, because I'm battling this file for 5 full days now.

**vgarcia** · Oct 16, 2003 11:56

Originally Posted by Helge

Hi.
I disagree on using the $_REQUEST array.

My opinion is that you should not use $_REQUEST. It's better to use $_POST and $_GET depending on where the variable is coming from. It increase the readability of you script. And you always know exatly where your variable is coming from.

What happens if you have a form (method post) containing a field called 'id' and a 'id' variable in your url?

-Helge

For security purposes, using $_REQUEST can also be a bad thing. If you expect $_POST variables and somebody hacks your querystring, using $_REQUEST can lead to some dastardly results.

**AWilliams** · Oct 16, 2003 12:08

Typically I use $_REQUEST when I don't care whether data came from the $_GET or $_POST arrays, however whenever dealing with data which is inserted into a database (or requires a fair amount of processing/validation) I always use $_POST.

**Rodney** · Oct 16, 2003 12:23

Wo wants to help me with my files?

**Helge** · Oct 17, 2003 01:23

Originally Posted by Rodney

Wo wants to help me with my files?

Sorry Rodney.

Try to put this right after your } else { but before the $sql.

PHP Code:


$id = $_GET['id'];

If that doesn't do it, do you get any errormessages?

HTH

-Helge

**Rodney** · Oct 17, 2003 03:22

That doesn't work.
I don't get errormassages.
I believe it's "something" in my adminfile.
When I put something like :

PHP Code:


<?php 

if(!isset($_GET['id'])) 

    echo "sh**"; 

else 

    echo $_GET['id']; 

?>

... in formeditadres.php, I do get "sh**" on my screen.

When I go to formeditadres this is in my browser :
../formeditadres.php

This is my adminfile :

PHP Code:


<body>

<?php

include("connect.php");

$query= "SELECT id, ordernummer, naam FROM zadres ORDER BY naam";

$result= mysql_db_query($database, $query) or die("Cannot query the database.<br>" . mysql_error());

?>

<table width="100%" border="1" cellspacing="2" cellpadding="2">

<?php

while ($row = mysql_fetch_assoc($result)) { 

    $ordernummer = $row['ordernummer']; 

    $naam = $row['naam']; 

?>

<tr>

    <td width="40%"><?php echo "$ordernummer ($naam)";?></td>

    <td width="5%"><a href=formeditadres.php?id=<?echo $row['id'];?>>wijzigen</a></td>

    <td width="5%"><a href=formdeleteadres.php?id=<?echo $row['id'];?>>verwijderen</a></td>

    </tr>

<?php

}

?>    

</table>    

</body>

**Helge** · Oct 17, 2003 04:03

The problem is then that the url isn't correct when you click on an edit link? Correct?

Try

PHP Code:


while ($row = mysql_fetch_array($result)) { 

    $ordernummer = $row['ordernummer']; 

    $naam = $row['naam']; 

    $id = $row['id'];

?> 

<tr> 

    <td width="40%"><?php echo "$ordernummer ($naam)";?></td> 

    <td width="5%"><a href=formeditadres.php?id=<?php echo $id; ?>>wijzigen</a></td> 

    <td width="5%"><a href=formdeleteadres.php?id=<?php echo $id; ?>>verwijderen</a></td> 

    </tr> 

<?php 

} 

?

HTH

-Helge

**Rodney** · Oct 17, 2003 04:43

I do go to the right page.
It's only a empty page without the data from the id I requested in admin.php.

**Helge** · Oct 17, 2003 04:50

Originally Posted by Rodney

I do go to the right page.
It's only a empty page without the data from the id I requested in admin.php.

Yes. But do the id get transferred to the form edit page.

In your previous post it didn't seem like that.

Originally Posted by Rodney

When I go to formeditadres this is in my browser :
../formeditadres.php

First you need to sort out is: Get the id, through the url, from admin to form edit page. That's why I gave you the code in my last post.

-Helge

**Rodney** · Oct 17, 2003 04:53

Yes, it works!
Almost than....
I only don't get the data that was selected in my drop down lists.

This is what I use :

PHP Code:


  <tr>

    <td>Rubriek</td>

    <td>

    <select name="rubr">

    <?php

    include("connect.php");

    $query = "SELECT id, rubriek from zrubriek";

    $result = mysql_db_query($database, $query) or die("Cannot query the database.<br>" . mysql_error());

    while (list($id, $rubr) = mysql_fetch_row($result))

    {

    if ($rubriek_id == $waarde['id'])

    {

    echo ("<option value=\"$waarde[id]\">$waarde[rubriek]</option>");

    } else { 

    echo ("<option value=\"$waarde[id]\" selected>$waarde[rubriek]</option>");  

    }

    }

    ?>

    </select>

    </td>

  </tr>

**Helge** · Oct 17, 2003 05:18

Originally Posted by Rodney

I only don't get the data that was selected in my drop down lists.

And I don't get what the problem is

Form, drop down? Where did that come from?

Where do the variables $rubriek_id and $waarde['id'] coming from?

-Helge

**Rodney** · Oct 17, 2003 06:04

I have a form addadress.php to fill the table "zadres".
I use several drop downs like this to add :

PHP Code:


    <td>Rubriek</td>

    <td>

    <select name="rubr">

    <?php

    include("connect.php");

    $query = "SELECT id, rubriek from zrubriek";

    $result = mysql_query($query);

    while ($waarde = mysql_fetch_array($result))

    {

    echo ("<option value=\"$waarde[id]\">$waarde[rubriek]</option>");

    }

    ?>

    </select>

    </td>

Now I also want to see the dropdown in formeditadres.php, only prefilled with the selected data. In case this has to be changed to.
The variables come from :

PHP Code:


<?php

include("connect.php");

if($_POST['verstuurd'] == "1") {

$plaatdat= addslashes($_POST['plaatdat']);

$einddat= addslashes($_POST['einddat']);

$ordnr= addslashes($_POST['ordnr']);

$afkom= addslashes($_POST['afkom']);

$rubr= addslashes($_POST['rubr']);

$naam= addslashes($_POST['naam']);

$omsch= addslashes($_POST['omsch']);

$straat= addslashes($_POST['straat']);

$postc= addslashes($_POST['postc']);

$woonp= addslashes($_POST['woonp']);

$prov= addslashes($_POST['prov']);

$land= addslashes($_POST['land']);

$contp= addslashes($_POST['contp']);

$telnr= addslashes($_POST['telnr']);

$mobnr= addslashes($_POST['mobnr']);

$faxnr= addslashes($_POST['faxnr']);

$email= addslashes($_POST['email']);

$web= addslashes($_POST['web']);

$query= "UPDATE zadres (plaatsingsdatum, einddatum, ordernummer, afkomst_id, rubriek_id, naam, zomschrijving, straatnaam, postcode, woonplaats, provincie_id, land_id, contactpersoon, telefoonnummer, mobielnummer, faxnummer, emailadres, website) VALUES ('$plaatdat', '$einddat', '$ordnr', '$afkom', '$rubr', '$naam', '$omsch', '$straat', '$postc', '$woonp', '$prov', '$land', '$contp', '$telnr', '$mobnr', '$faxnr', '$email', '$web') WHERE id='$id'";

$result = mysql_db_query($database, $query) or die("Cannot query the database.<br>" . mysql_error());

echo "Data gewijzigd.<br><br>";

} else {

$sql= "SELECT * FROM zadres WHERE id='$id'";

$query = mysql_query($sql) or die("Cannot query the database.<br>" . mysql_error());

$result = mysql_fetch_array($query);

$plaatsingsdatum= stripslashes($result["plaatsingsdatum"]);

$einddatum= stripslashes($result["einddatum"]);

$ordernummer= stripslashes($result["ordernummer"]);

$afkomst_id= stripslashes($result["afkomst_id"]);

$rubriek_id= stripslashes($result["rubriek_id"]);

$naam= stripslashes($result["naam"]);

$zomschrijving= stripslashes($result["omschrijving"]);

$straatnaam= stripslashes($result["straatnaam"]);

$postcode= stripslashes($result["postcode"]);

$woonplaats= stripslashes($result["woonplaats"]);

$provincie_id= stripslashes($result["provincie_id"]);

$land_id= stripslashes($result["land_id"]);

$contactpersoon= stripslashes($result["contactpersoon"]);

$telefoonnummer= stripslashes($result["telefoonnummer"]);

$mobielnummer= stripslashes($result["mobielnummer"]);

$faxnummer= stripslashes($result["faxnummer"]);

$emailadres= stripslashes($result["emailadres"]);

$website= stripslashes($result["website"]);

}

?>

**Helge** · Oct 17, 2003 06:36

I'm sorry Rodney, but I don't follow you.

I can't tell which code is relevant to the problem. Things don't get better when you use your native (probably) language as variable names.
Is the 30+ variables you posted relevant to the problem you want help to?

I suggest that you strip out the irrelevant code. Do only show how you try to get one select to work. Where does the variables to that spesific select come from and the if clause to check which option to pre select.
Where do the $waarde['id'] variable coming from? I can't tell from the code you provided.

I can show you how to do this in generic manner, but if you want something spesific you need to provide more information. I don't want to do alot of guessing on how your system work.

I don't mean to be harsh on you, but it's kind of frustrating when you want help but don't take the time to give a better description of your problem/system.

-Helge

**Rodney** · Oct 17, 2003 12:34

I'm sorry. I thought I had made myself clear.
But I'll try it again.

**Rodney** · Oct 17, 2003 12:44

I'll try to fix the "$waarde" first.

**Rodney** · Oct 19, 2003 06:13

We are now 2 days later and finally I get all the (right) data in my file (formeditadres).

When I change something in this file and want to submit it, I get the next error :

Cannot query the database.
You have an error in your SQL syntax near '(plaatsingsdatum, einddatum, ordernummer, afkomst_id, rubriek_id, naam, zomschri' at line 1

Line 1 is <html>, so that cannot be the problem.
What do I have to look for? I checked the ";", "[", etc.

**firepages** · Oct 19, 2003 20:33

PHP Code:


<?php
mysql_query($sql) or die(mysql_error());
?>

...may or may not give you a better ide on what the error is depending on what the error is

For security purposes, using $_REQUEST can also be a bad thing. If you expect $_POST variables and somebody hacks your querystring, using $_REQUEST can lead to some dastardly results.

...thats the entire anti-argument to register globals , just because a variable came from $_POST rather than $_GET should not make your code any more or less secure , if it does you may as well code with register_globals off cos you missed the point.

I use $_REQUEST a lot where input may come from (in cases I may expect it to) $_GET or $_POST, but its also useful to have them as seperate variables as well , remember that once you have a $_REQUEST variable you can check its source if and when necc'y << still can't spell that!

**Helge** · Oct 20, 2003 02:20

Hi Rodney.
You have missed the "key word" SET in your query.
Try:

PHP Code:


$query= "UPDATE zadres SET(plaatsingsdatum, einddatum, ordernummer, afkomst_id, rubriek_id, naam, zomschrijving, straatnaam, postcode, woonplaats, provincie_id, land_id, contactpersoon, telefoonnummer, mobielnummer, faxnummer, emailadres, website) VALUES ('$plaatdat', '$einddat', '$ordnr', '$afkom', '$rubr', '$naam', '$omsch', '$straat', '$postc', '$woonp', '$prov', '$land', '$contp', '$telnr', '$mobnr', '$faxnr', '$email', '$web') WHERE id='$id'";

If still have problems with the query, a tip for debugging is to echo out the query to see if all the variables are set properly. If you can't spot any errors, post the echoed query here (and the error message, if any) and someone will probably look into it.

A small sidenote: If the id is stored in an integer type column (in the db) you should drop the quotes around it.

PHP Code:


(...) WHERE id=$id";

-Helge

**Rodney** · Oct 20, 2003 14:48

Hi Helge

First of all thanks for all your help.
The way you told me didn't work.
I read a few articles and changed the query into :

PHP Code:


$query= "UPDATE zadres SET plaatsingsdatum='$plaatdat', einddatum='$einddat', ordernummer='$ordnr', afkomst_id='$afkom', rubriek_id='$rubr', naam='$naam', zomschrijving='$omsch', straatnaam='$straat', postcode='$postc', woonplaats='$woonp', provincie_id='$prov', land_id='$land', contactpersoon='$contp', telefoonnummer='$telnr', mobielnummer='$mobnr', faxnummer='$faxnr', emailadres='$email', website='$web' WHERE id='$id'";

And now it's working !!!!

It's pure luck and I don't understand why it's working.
Fanatic newbie as I am, I want to understand what I'm doing and do not want it to be luck everytime.

Could you tell me what's the difference?

**Helge** · Oct 21, 2003 00:04

Hi.
I'm glad you finally got it working!

Both the methods are equal. I usually use the latter one because I find it more readable, and esaier to get right. That's propably why you got it working also.

I usually "format" the query a bit more to make it even more readable. I would have written the last one like this.

PHP Code:


$query= "UPDATE zadres 

            SET plaatsingsdatum = '$plaatdat', 

                einddatum       = '$einddat', 

                ordernummer     = '$ordnr', 

                afkomst_id      = '$afkom', 

                rubriek_id      = '$rubr', 

                naam            = '$naam', 

                zomschrijving   = '$omsch', 

                straatnaam      = '$straat', 

                postcode        = '$postc', 

                woonplaats      = '$woonp', 

                provincie_id    = '$prov', 

                land_id         = '$land', 

                contactpersoon  = '$contp', 

                telefoonnummer  = '$telnr', 

                mobielnummer    = '$mobnr', 

                faxnummer       = '$faxnr', 

                emailadres      = '$email', 

                website         = '$web' 

          WHERE id = '$id'

                ";

-Helge

User Tag List

Thread: $_Get

Thread Tools

Display

$_Get

Bookmarks

Bookmarks

Posting Permissions