Possible Ideas/ Need advice mysql update "admin"

[clarnp49]

I am trying to figure somethings out on what I want and I have read many a threads and pages on this so I thought I would ask about it here. I hope I can get an answer that will push one way or another.
Here is what I am looking for and I can't seem to get it.

I am looking for a way to display all data in mysql database in textboxes so I can update them or delete them. Pictures work better:
[-----] = textbox

id url name category - formatted of course
[--] [----] [-----] [------] update / delete
The above will show ALL records in the database, list(will be about 150 records) each having a textbox and corresponding data, will concider a dropdown and then the info in the dropdown put in the update/delete section.

[--] [----] [-----] [------] add new record --- this I would like to upload file as well (if possible)

I have looked at many posts and many articles but way over my head and don't understand enough, probably not what I want to get into but need to get into because I like to learn and try. Any suggestions will be taken and no advice will be turned down, this your playground guys/girls, let me know what you think.

I know I could use phpMyAdmin but don't want user to be able to get there, only want to be able to do above functions.

[arborint]

You have asked 3-4 different questions. Maybe if you focused on one first.

[clarnp49]

I am looking for a way to display all data in mysql database in textboxes so I can update them or delete them. Pictures work better:
[-----] = textbox

id url name category - formatted of course
[--] [----] [-----] [------] update / delete
The above will show ALL records in the database, list(will be about 150 records) each having a textbox and corresponding data, will concider a dropdown and then the info in the dropdown put in the update/delete section.

[spikeZ]

You need to use a basic query to the database

display.php

PHP Code:

<?
/* assuming connection already made */
$data_sql = "SELECT * FROM mytable";
$data_result = mysql_query($data_sql) or die(mysql_error());
$data_row = mysql_fetch_assoc($data_result);
# the above gets the data from the database

?>
# IN YOUR PAGE LAYOUT #

<table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr> 
    <td>id</td>
    <td>url</td>
    <td>name</td>
    <td>category</td>
   <td>&nbsp;</td>
  </tr>
  <? do { ?>
   <tr> 
    <td><? echo $data_row['id']; ?></td>
    <td><? echo $data_row['$url'];?></td>
    <td><? echo $data_row['$name']; ?></td>
    <td><? echo $data_row['$category']; ?></td>
    <td><a href="edit.php?id=<? echo $data_row['id']; ?>">edit</a> / delete</td>
  </tr>
<? } while ($data_row = mysql_fetch_assoc($data_result)); ?>
</table>

This gives you a start, you then need to create the edit.php page using the id passed from this page to select the record to be updated.

Use a sql select for that and echo the $data_row['whatever'] as the value of your text box on your form.

Hope this is taking you on the right direction, if you are still getting nowhere - let me know.

SpikeZ

[clarnp49]

I have it so it lists the data in a table and the edit button works. The problem and what I am lost on is passing the data from one page to another?
$mysql = SELECT * FROM links WHERE id=last page?
what do I use for last page?

[clarnp49]

I tried to store the id that I used in the edit link and then echo it back to the next page

PHP Code:

<a href="edit.php?id=<? echo $data_row['id'] $_SESSION=[$data_row['id'];"?>>edit</a>

HTML Code:

[B]but I get this error in the textbox:[/B]
<br /><b>Notice</b>:  Undefined index:  id in <b>c:\program files\webserver\www\admin\edit.php</b> on line <b>20</b><br />

Below is what I was using to output the id into the box hoping it would take everything with it.

PHP Code:

<input type="text" name="" value="<? echo $_SESSION['id'];?>" size="5"><BR>

Thanks for the help so far.

[spikeZ]

OK,
you need to think about what is being passed to the next page.

The edit link is:

PHP Code:

<a href="edit.php?id=<? echo $data_row['id']; ?>">edit</a>

which gives you the row id from the database that you want to edit.
This is being passed as a GET variable to the next page in the URL so what you want on the next page is something to retrieve the GET var from the URL.

edit.php

PHP Code:

# to retrieve the variable in the url
$id_from_last_page = $_GET['id'];

# use that variable to select the correct record from the database.
$select_sql = "SELECT * FROM table WHERE id = '$id_from_last_page'";
$result_sql = mysql_query($select_sql);
$row_sql = mysql_fetch_assoc($result_sql); 


you need to then display the results in your table and write an UPDATE sql query after the form is set.

In the form use

Code:

<input type = "text" value="<? echo $row_sql['name']; ?>">

A good tip is to read the PHP manual, it has so much information in it that will help you!

SpikeZ

[clarnp49]

Code:

<HTML>
<? 
include("../settings.php");
include("../dbcon.php");

db_connect();
$idlast = $_GET['id'];
$select_sql = "SELECT * FROM links; 
$result_sql = mysql_query($select_sql); 
$row_sql = mysql_fetch_assoc($result_sql); 

# the above gets the data from the database 

?> 

<!---# IN YOUR PAGE LAYOUT #---> 

<table width="100%" border="0" cellspacing="0" cellpadding="0"> 
   
<tr>
   <td>
Id: <input type="text" name="" value="<? echo $row_sql['id'];?>" size="5"><BR>
URL: <input type="text" name="" value="<? echo $row_sql['url'];?>" size="58"><BR>
Title: <input type="text" name="" value="<? echo $row_sql['name'];?>" size="25"><BR>
Category: <input type="text" name="" value="<? echo $row_sql['category'];?>" size="25"><BR>
<input type="submit" value="Update">
<td>
</table>
</HTML>

This is what my code on the edit page is. Now when I reload the page it gives this error and I have looked at the manual and searched. Any suggestions?
Line 18 is the beginning of the table.

HTML Code:

Parse error: parse error, unexpected T_LNUMBER in c:\program files\webserver\www\admin\edit.php on line 18

[spikeZ]

oooh it's Monday Morning!!!!

You are not telling the select statement which record you want to edit!

PHP Code:

$idlast = $_GET['id'];
$select_sql = "SELECT * FROM links; 
$result_sql = mysql_query($select_sql); 
$row_sql = mysql_fetch_assoc($result_sql); 


Should be...

PHP Code:

$idlast = $_GET['id'];
$select_sql = "SELECT * FROM links WHERE id = '$idlast'"; 
$result_sql = mysql_query($select_sql); 
$row_sql = mysql_fetch_assoc($result_sql); 


so now you are telling it which record you want to edit.
(If you copied my example, I missed off the closing " at the end of the statement! Sorry!)

Now your form will pick the correct record out of the database.

So now we have the record id, use the form to edit the data and resend it to the database...

PHP Code:

if(isset($_POST['submit'])) {
$url = $_POST['url'];
$name = $_POST['name'];
$category = $_POST['category'];

$updateSql = "UPDATE links SET url='$url' , name='$name' , category='$category' WHERE id='$idlast'";
$update_reult = mysql_query($updateSql) or die(mysql_error())";
} 


Also on your form you need to name the input types as well as the submit button.

Code:

<table width="100%" border="0" cellspacing="0" cellpadding="0"> 
   
<tr>
   <td>
Id: <input type="text" name="id" value="<? echo $row_sql['id'];?>" size="5"><BR>
URL: <input type="text" name="url" value="<? echo $row_sql['url'];?>" size="58"><BR>
Title: <input type="text" name="name" value="<? echo $row_sql['name'];?>" size="25"><BR>
Category: <input type="text" name="category" value="<? echo $row_sql['category'];?>" size="25"><BR>
<input type="submit" name="submit" value="Update">
<td>
</table>

To conclude, your php page would look something like....

SQL select

if(isset($_POST['submit'])) {

SQL UPDATE

}

<html>

FORM

</html>

Any problems, post back


SpikeZ

[clarnp49]

Ok for one more problem and I then will be done asking. Thank you very much for all the help, I have learned more about php and mysql then I thought I would if you can answer this one for me and tell me why it happens I will be forgever grateful. Also please include someway I can give credit for all the help you have given.

PHP Code:

<HTML>
<? 
include("../settings.php");
include("../dbcon.php");

# the above gets the data from the database
db_connect();
$idlast = $_GET['id'];
$select_sql = "SELECT * FROM links WHERE id = '$idlast'"; 
$result_sql = mysql_query($select_sql); 
$row_sql = mysql_fetch_assoc($result_sql);  

#Posts updates to the database 
if(isset($_POST['submit'])) { 
$url = $_POST['url']; 
$name = $_POST['name']; 
$category = $_POST['category']; 

$updateSql = "UPDATE links SET url='$url', name='$name', category='$category' WHERE id='$idlast'"; 
$update_result = mysql_query($updateSql) or die(mysql_error()); 
} 
SQL select

if(isset($_POST['submit'])) {

SQL UPDATE

}
?>

#Table to display contents to edit
<table width="100%" border="0" cellspacing="0" cellpadding="0"> 
  
<tr>
   <td>
Id: <input type="text" name="id" value="<? echo $row_sql['id'];?>" size="5"><BR>
URL: <input type="text" name="url" value="<? echo $row_sql['url'];?>" size="58"><BR>
Title: <input type="text" name="name" value="<? echo $row_sql['name'];?>" size="25"><BR>
Category: <input type="text" name="category" value="<? echo $row_sql['category'];?>" size="25"><BR>
<input type="submit" name="submit" value="Update"><BR>
<a href=admin.php>Edit Another Record</a>
<td>
</table>
</HTML>

I get this error:

HTML Code:

Parse error: parse error, unexpected T_STRING in c:\program files\webserver\www\admin\edit.php on line 22

and I have read about T_STRINGS and T_LNUMBERS etc.. nothing, should I have something else turned on in php to tell me something more about T_STRINGS or am I missing something about php errors? Line 22 is the line with a "}" all by itself just above the SQL select.

Thanks again for the help, you are awesome with php and mysql.

[spikeZ]

Hi Bud,
as the code stands at the moment, line 22 is the line:

PHP Code:

SQL select 


You took me a little too literally! When I said this is how your page would look, I meant that this is a flow chart of how your page would look!

Take out the lines....

PHP Code:


SQL select 

if(isset($_POST['submit'])) { 

SQL UPDATE 

} 


The T_STRING error is referring to the SQL select line because it is looking for a SQL variable that it doesn't recognise or has not been set.

One other quick thing is what happens next after the form is submitted, ie select another record or go to another page?

Try setting a variable to control a header() location.....

As for credit, don't worry about it, Glad I can impart some of my knowledge!

Regards

SpikeZ

[clarnp49]

Ok that was going to be the last time but now I have a problem. Everything works. Thank you very much for making it straight for me. I have a problem now when I update the url it takes out \ in the path. What am I doing wrong?

All I am doing is taking the global variable like we set and putting it in a
$url = $_GET['url']; and adding the $url to the update list.

Do I need something special to use characters?

Hope I am clear on everything.

[spikeZ]

just to check, are you using $_GET or $_POST?
You should be using $_POST.....
$_GET will put it into the URL and possibly cause problems.

SpikeZ

[clarnp49]

I was using $_GET and just changed it to $_POST staying the same, but now it doesn't like the variables.

PHP Code:

$idlast = $_POST['id']; 
$url = $_POST['url'];
$name = $_POST['name'];
$category= $_POST['category'];

// Ask the database for the information from the links table 
$query="UPDATE links SET url='$url', name='$name',category='$category' WHERE id='$idlast'"; 

mysql_query($query); 
echo "Record Updated<BR>"; 


Just an idea of what I am dealing with. Thanks for help, sorry it took so long to get back.

[spikeZ]

It is possible you are mixing your $_GET's and your $_POST's.

The ID should be $_GET because that is being passed via the link/ URL, the rest of the information is coming from your form ie: $_POST.

SpikeZ

[clarnp49]

Ok, I have it so it knows what the ID is but when it posts the rest of the information it is blank, with a notice that

HTML Code:

Notice: Undefined index: url in c:\program files\webserver\www\admin\updated.php on line 9

Notice: Undefined index: name in c:\program files\webserver\www\admin\updated.php on line 10

Notice: Undefined index: category in c:\program files\webserver\www\admin\updated.php on line 11

It does do the update but because it doesn't know what the variable is it leaves it blank.
Thanks again.

[spikeZ]

Hi bud,

PHP Code:

$idlast = $_GET['id']; # retrieve the record ID from the URL
# posted values
$url = $_POST['url']; 
$name = $_POST['name']; 
$category= $_POST['category']; 

mysql_select_db($yourdatabase) # Your connection details etc

// update the information from the links table 
$query = mysql_query("UPDATE links SET url='$url', name='$name', category='$category' WHERE id='$idlast'"); 


Make sure the form inputs are named url, name and category ie.
<input type="text" name="url">

and it should work, also check your form method is POST..

SpikeZ

[clarnp49]

I am really confused. Let me post some code and hope it will make sense. I now am back to where I was. Will try to break it up.

HTML Code:

    <td width="80%"><FORM METHOD="POST" action="updated.php">
Id: <input type="hidden" name="id" value="<? echo $row_sql['id'];?>" size="5"><BR> 
URL: <input type="text" name="url" value="<? echo $row_sql['url'];?>" size="58"><BR> 
Title: <input type="text" name="name" value="<? echo $row_sql['name'];?>" size="25"><BR> 
Category: <input type="text" name="category" value="<? echo $row_sql['category'];?>" size="25"><BR> 
<BR>
<input type="submit" name="submit" value="Update"><BR> 
</FORM></td>

The above is the form when it loads the page.

PHP Code:

$idlast = $_POST['id']; 
$url = $_POST['url'];
$name = $_POST['name'];
$category= $_POST['category'];

// Ask the database for the information from the links table 
$query=("UPDATE links SET url='$url', name='$name',category='$category' WHERE 

id='$idlast'"); 

mysql_query($query); 
echo "Record Updated<BR>";
echo "<a href=admin.php>Edit Another Record</a>";
mysql_close(); 
?> 


The above is the process to update, this is called from the form as an action.
When it is posted it posts like below. In a table of course.
34 manualsfreedomtechspecs.pdf Freedom Radio Tech Specs Freedom Radio edit

The problem that I can't figure out is why can't I have it post the URL like this? It does from add new record, but not on update

HTML Code:

\manuals\freedomtechspecs.pdf

[clarnp49]

SpikeZ, Thanks for all the help getting this up and running. It all works and I read once again in the manual of PHP and learned about "addslashes". After adding that to the variable it lets the slashes show through in the database.

[spikeZ]

You welcome, I don't mind helping people who want to learn!


SpikeZ

[Xchange14]

<html>
<head>
<title>Edit Record</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>

<?
# create connection to the database
$dbname="bdscreative_com";
$dbuser="bulldog";
$dbpass="fLcYNN4x";
$hostname="localhost";
$lnk = mysql_connect($hostname, $dbuser, $dbpass);
$lnk1 = mysql_select_db($dbname);

# get the data from the database
$idlast = $_POST['code'];
$select_sql = "SELECT * FROM client_reg WHERE code = '$idlast'";
$result_sql = mysql_query($select_sql);
$row_sql = mysql_fetch_assoc($result_sql);

# edit the database values
if(isset($_POST['submit'])) {
$code = $_POST['code'];
$name = $_POST['c_name'];
$category = $_POST['code'];

# update the database values
$updateSql = "UPDATE client_reg SET code='$code',name='$code',category='$code' WHERE id='$idlast'";
$update_result = mysql_query($updateSql) or die(mysql_error());
}
?>

<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
Id: <input name="code" type="text" id="code" value="<? echo $row_sql['code'];?>" size="3"><BR>
URL: <input name="c_name" type="text" id="c_name" value="<? echo $row_sql['code'];?>" size="58"><BR>
Title: <input type="text" name="" value="<? echo $row_sql['code'];?>" size="25"><BR>
Category: <input type="text" name="" value="<? echo $row_sql['code'];?>" size="25"><BR>
<form name="form1" method="post" action="updated.php">
<input name="submit" type="submit" id="submit" value="Update">
</form>
<td>
</table>


</body>
</html>

[Xchange14]

Could anyone tell me what is wrong with that code? The database values don't show up in the text boxes and it will not update the record. Any help would be appreciated. Thank you.

[spikeZ]

oooh, I remember this thread!

Your form setup is the wrong way round...

PHP Code:

<table width="100%" border="0" cellspacing="0" cellpadding="0"> 
<tr>
<td>
<form name="form1" method="post" action="updated.php">
Id: <input name="code" type="text" id="code" value="<? echo $row_sql['code'];?>" size="3"><BR>
URL: <input name="c_name" type="text" id="c_name" value="<? echo $row_sql['code'];?>" size="58"><BR>
Title: <input type="text" name="" value="<? echo $row_sql['code'];?>" size="25"><BR>
Category: <input type="text" name="" value="<? echo $row_sql['code'];?>" size="25"><BR>
<input name="submit" type="submit" id="submit" value="Update">
</form> 
<td>
</table>

Try that.

[Xchange14]

This is a little off the topic but you know this so well. I keep getting

"Parse error: parse error, expecting `T_VARIABLE' or `'$'' in /home/bulldog/bdscreative-www/validate.php on line 17"

I am trying to set up a login page so if the username/password matched the administrator information, then they are directed to the admin page (say admin.html) but if it matches a client password, they are taken to a different page (say client.html). These pages would have different links.


<?php
session_start();
?>

<?php
$dbname="bdscreative_com";
$db_user = 'bulldog';
$db_pass = 'fLcYNN4x';
$hostname="localhost";
$user_name = $_POST['user_name'];
$password = $_POST['password'];

//connect to the DB and select the "bdscreative_com" database
$connection = mysql_connect('localhost', $db_user, $db_pass) or die(mysql_error());
mysql_select_db('bdscreative_com', $connection) or die(mysql_error());

//set up the query
$query = "SELECT * FROM login WHERE user_name='$user_name' AND password='$password'";

//run the query and get the number of affected rows
$result = mysql_query($query, $connection) or die('error making query');
$affected_rows = mysql_num_rows($result);

//if($affected_rows == 1) {
// $_SESSION['user_name'] = 'admin';
// print 'validated as administrator';
//}
//else {
// print 'not valid';
// }

if*((isset(*$user_name*))*||*(isset($password)))*{
****header('http://www.bdscreative.com/test.htm');
****print*"Success";
}
else*{
***print*"You*entered*$user_name*for*a*username.";
***print*"You*entered*$password for*a*password.";
}
?>
<html>
<head>
<title>validate.php</title>
</head>
<body>
</body>
</html>

[clarnp49]

Don't know if you figured it out or it's too late, but I quick idea.

How about instead of how you have it laid out try this.

Once the information is submitted bring it to a function or another page and check the user name against the database matching both user/pass and if correct then redirect with a javscript redirect to the admin page sending the username and password to it for security. At the admin page double check the username/pass in case they came in from somewhere else.

redesign the database alittle, make a column that includes the admin or client, 1 or 2 and then if they are a 1 send them to admin area if they are 2 or something else then send them to client area.

I think you might find it would be easier and more secure, also just for FYI, try not to output a password to the screen, MD5 encode the password in the database as well for added security.