Hey guys, I've just started coding php, for a school project. I'm creating a member login system with functions to add/edit contacts.

Currently I'm stuck at updating the contacts. I'm able to pull up data into a form in a page called 'edit.php', but after updating and clicking submit, it just returns a blank page and the SQL database is not updated.

This is the code from 'edit.php'.

<?
include ("dbConfig.php");
require ("check.php");

if($_GET["cmd"]=="edit" || $_POST["cmd"]=="edit")
{
   if (!isset($_POST["submit"]))
   {
      $id2 = $_GET["id2"];
      $sql = "SELECT * FROM contacts WHERE id2=$id2";
      $result = mysql_query($sql);        
      $myrow = mysql_fetch_array($result);
      ?>
	  
      <form action="edit.php" method="post">
      <input type=hidden name="id2" value="<?php echo $myrow["id2"] ?>">
   
      Name:<INPUT TYPE="text" NAME="name" VALUE="<?php echo $myrow["name"] ?>" SIZE=30><br>
      Email:<INPUT TYPE="text" NAME="email" VALUE="<? echo $myrow["email"] ?>" SIZE=30><br>
      Who:<INPUT TYPE="text" NAME="age" VALUE="<?php echo $myrow["age"] ?>" SIZE=30><br>
      Birthday:<INPUT TYPE="text" NAME="birthday" VALUE="<? echo $myrow["birthday"] ?>" SIZE=30><br>
      Address:<TEXTAREA NAME="address" ROWS=10 COLS=30><? echo $myrow["address"] ?></TEXTAREA><br>
      Number:<INPUT TYPE="text" NAME="number" VALUE="<? echo $myrow["number"] ?>" SIZE=30><br>
   
      <input type="hidden" name="cmd" value="edit">
   
      <input type="submit" name="submit" value="submit">
   
      </form>
      
      
<? } ?>
<?
   if ($_POST["$submit"])
   {
   	  $id2 = $_POST["id2"];
      $name = $_POST["name"];
	  $email = $_POST["email"];
	  $age = $_POST["age"];
	  $birthday = $_POST["birthday"];
	  $address = $_POST["address"];
	  $number = $_POST["number"];
	  
	  $sql = "UPDATE contacts SET name='$name',email='$email',age='$age',birthday='$birthday',address='$address',number='$number' WHERE id2=$id2";
      
      $result = mysql_query($sql);
      echo "Thank you! Information updated.";
	}
}
?>

Please help, truly appreciated.

cwarn23 commented: Good question +5

Try replacing lines 33 to 50 with the following

<?php
   if (isset($_POST["$submit"]))
   {
   	  $id2 = mysql_real_escape_string(stripslashes($_POST["id2"]));
      $name = mysql_real_escape_string(stripslashes($_POST["name"]));
	  $email = mysql_real_escape_string(stripslashes($_POST["email"]));
	  $age = mysql_real_escape_string(stripslashes($_POST["age"]));
	  $birthday = mysql_real_escape_string(stripslashes($_POST["birthday"]));
	  $address = mysql_real_escape_string(stripslashes($_POST["address"]));
	  $number = mysql_real_escape_string(stripslashes($_POST["number"]));
 
	  $sql = "UPDATE contacts SET name='$name', email='$email', age='$age', birthday='$birthday', address='$address', number='$number' WHERE id2=$id2";
 
      $result = mysql_query($sql) or die(mysql_error());
      echo "Thank you! Information updated.";
	}
}
?>

Hi cwarn23,

I tried doing as you said, but I'm still redirected to a blank page and the database is still not updated.

I've been at this for 2 days but I still can't find what went wrong.

Does column id2 equal the html form field named id2? That could be a problem if name=id2 doesn't exist in your html form and same with name=submit.

In my idea, the user goes to 'contacts.php', and in this page the user sees all the contacts that he/she have created in the DB table called 'contacts'.

Here is my code for 'contacts.php'. The field for id2 is same throughout, even in the MySQL column.

I am able to pull information so that it displays the contacts the user have added, after clicking on 'Edit', goes to 'edit.php', but after updating the data and clicking submit, it redirects me to a blank page.

<?php
include ("dbConfig.php");
require ("check.php");

 echo "<div align =\"center\">";
 echo "Welcome " . $_SESSION["valid_user"];echo ". Not you? <a href=\"http://localhost/cas/logout.php\">Click here.</a>";
 echo "<br />";
 echo "<h1>Contacts</h1>";
 echo "</div>";
 echo "<table align=\"center\" width=\"1100\" border=\"0\">";
 echo "<tr>";
 echo "<td width=\"100\"><b>Name</b></td>";
 echo "<td width=\"200\"><b>Email</b></td>";
 echo "<td width=\"100\"><b>Age</b></td>";
 echo "<td width=\"100\"><b>Birthday</b></td>";
 echo "<td width=\"300\"><b>Address</b></td>";
 echo "<td width=\"200\"><b>Number</b></td>";
 echo "<td><b>Photo</b></td>";
 echo "</tr>"; 
 echo "</table>";
 
//selectdatabase
//mysql_select_db("cas"); 

//store the current user into a variable
$username  = $_SESSION["valid_user"];

//select table
$result = mysql_query("SELECT id2, name, email, age, birthday, address, number FROM contacts WHERE username='$username'");

//grab content
while($r=mysql_fetch_array($result))
{	
  
   $id2=$r["id2"];
   $name=$r["name"];
   $email=$r["email"];
   $age=$r["age"];
   $birthday=$r["birthday"];
   $address=$r["address"];
   $number=$r["number"];
   $photo=$r["photo"];
   
  //display the row
  echo "<table align=\"center\" width=\"1100\" border=\"0\">";
 
  
  echo "<tr>";
  echo "<td width=\"100\">$name <a href=\"edit.php?cmd=edit&id2=$id2\">(Edit)</a></td>";
  echo "<td width=\"200\">$email</td>";
  echo "<td width=\"100\">$age</td>";
  echo "<td width=\"100\">$birthday</td>";
  echo "<td width=\"300\">$address</td>";
  echo "<td width=\"200\">$number</td>";
  echo "<td>$photo</td>";
  echo "</tr>";
  echo "</table>";
  echo "<br />";

}
  echo "<br />";
  echo "<br />";
  echo "<div align =\"center\">";
  echo "<a href=\"http://localhost/cas/members.php\">Member Home</a>";
  echo "</div>";

?>

Try the following.

<?
include ("dbConfig.php");
require ("check.php");

if($_GET["cmd"]=="edit" || $_POST["cmd"]=="edit")
{
   if (!isset($_POST["submit"]))
   {
      $id2 = $_GET["id2"];
      $sql = "SELECT * FROM contacts WHERE id2=$id2";
      $result = mysql_query($sql);        
      $myrow = mysql_fetch_array($result);
      ?>
	  
      <form action="<?php $v=explode('?',$_SERVER['PHP_SELF']); echo $v[0]; ?>" method="post">
      <input type=hidden name="id2" value="<?php echo $myrow["id2"]; ?>">
   
      Name:<INPUT TYPE="text" NAME="name" VALUE="<?php echo $myrow["name"]; ?>" SIZE=30><br>
      Email:<INPUT TYPE="text" NAME="email" VALUE="<?php echo $myrow["email"]; ?>" SIZE=30><br>
      Who:<INPUT TYPE="text" NAME="age" VALUE="<?php echo $myrow["age"]; ?>" SIZE=30><br>
      Birthday:<INPUT TYPE="text" NAME="birthday" VALUE="<?php echo $myrow["birthday"]; ?>" SIZE=30><br>
      Address:<TEXTAREA NAME="address" ROWS=10 COLS=30><?php echo $myrow["address"]; ?></TEXTAREA><br>
      Number:<INPUT TYPE="text" NAME="number" VALUE="<?php echo $myrow["number"]; ?>" SIZE=30><br>
   
      <input type="hidden" name="cmd" value="edit">
   
      <input type="submit" name="submit" value="submit">
   
      </form>
      
      
   }
}
   if (isset($_POST['submit'])) {
   	  $id2 = mysql_real_escape_string(stripslashes($_POST["id2"]));
      $name = mysql_real_escape_string(stripslashes($_POST["name"]));
	  $email = mysql_real_escape_string(stripslashes($_POST["email"]));
	  $age = mysql_real_escape_string(stripslashes($_POST["age"]));
	  $birthday = mysql_real_escape_string(stripslashes($_POST["birthday"]));
	  $address = mysql_real_escape_string(stripslashes($_POST["address"]));
	  $number = mysql_real_escape_string(stripslashes($_POST["number"]));
 
	  $sql = "UPDATE contacts SET name='$name', email='$email', age='$age', birthday='$birthday', address='$address', number='$number' WHERE id2=$id2";
 
      $result = mysql_query($sql) or die(mysql_error());
      echo "Thank you! Information updated.";
	}
?>

This gives me an error. You took away the

<? } ?>
<?php

at line 32 to 33 right?

It renders the php code below useless. Hmm.

This gives me an error. You took away the

<? } ?>
<?php

at line 32 to 33 right?

It renders the php code below useless. Hmm.

Oops, line 31 needs <?php

Can you tell me what you changed from my previous code? except for the <?php?

I changed to position of some brackets and fixed the php short tags. Also fixed some echo bugs for future versions of php. I also prevented sql injections. Fixed the additional slashes from being inserted into the mysql database. Also make parts of the code look pretty. And made the form to post to the the same php file the user is currently viewing.

So does that all work or are there still errors?

Did what you said and it gave me this error:

Parse error: parse error, unexpected $end in C:\Program Files\xampp\htdocs\cas\edit.php on line 46

Try the following.

<?php
include ("dbConfig.php");
require ("check.php");

if($_GET["cmd"]=="edit" || $_POST["cmd"]=="edit")
{
   if (!isset($_POST["submit"]))
   {
      $id2 = $_GET["id2"];
      $sql = "SELECT * FROM contacts WHERE id2=$id2";
      $result = mysql_query($sql);        
      $myrow = mysql_fetch_array($result);
      ?>
	  
      <form action="<?php $v=explode('?',$_SERVER['PHP_SELF']); echo $v[0]; ?>" method="post">
      <input type=hidden name="id2" value="<?php echo $myrow["id2"]; ?>">
   
      Name:<INPUT TYPE="text" NAME="name" VALUE="<?php echo $myrow["name"]; ?>" SIZE=30><br>
      Email:<INPUT TYPE="text" NAME="email" VALUE="<?php echo $myrow["email"]; ?>" SIZE=30><br>
      Who:<INPUT TYPE="text" NAME="age" VALUE="<?php echo $myrow["age"]; ?>" SIZE=30><br>
      Birthday:<INPUT TYPE="text" NAME="birthday" VALUE="<?php echo $myrow["birthday"]; ?>" SIZE=30><br>
      Address:<TEXTAREA NAME="address" ROWS=10 COLS=30><?php echo $myrow["address"]; ?></TEXTAREA><br>
      Number:<INPUT TYPE="text" NAME="number" VALUE="<?php echo $myrow["number"]; ?>" SIZE=30><br>
   
      <input type="hidden" name="cmd" value="edit">
   
      <input type="submit" name="submit" value="submit">
   
      </form>
      
<?php      
   }
}
   if (isset($_POST['submit'])) {
   	  $id2 = mysql_real_escape_string(stripslashes($_POST["id2"]));
      $name = mysql_real_escape_string(stripslashes($_POST["name"]));
	  $email = mysql_real_escape_string(stripslashes($_POST["email"]));
	  $age = mysql_real_escape_string(stripslashes($_POST["age"]));
	  $birthday = mysql_real_escape_string(stripslashes($_POST["birthday"]));
	  $address = mysql_real_escape_string(stripslashes($_POST["address"]));
	  $number = mysql_real_escape_string(stripslashes($_POST["number"]));
 
	  $sql = "UPDATE contacts SET name='$name', email='$email', age='$age', birthday='$birthday', address='$address', number='$number' WHERE id2=$id2";
 
      $result = mysql_query($sql) or die(mysql_error());
      echo "Thank you! Information updated.";
	}
?>
commented: Patient and just simply genius! +1

Ok,

and I still get this error that tells me it's an unexpected end:

Parse error: parse error, unexpected $end in C:\Program Files\xampp\htdocs\cas\edit.php on line 46

I wonder why?

-UPDATE BELOW-

No wait, I edited the wrong file. Goodness! It's working! Thank you so much!

Can you tell me what I did wrong? Were it just syntax errors?

That error normally indicates that there is a missing curly backet { or } but according to the code I posted it looks like it's all there. Perhaps when you copied and paste you missed the last two lines? Is that true?

[Edit]
I guess in your mistake your forgot to place one of the brackets.
[/Edit]

It's working now! You won't imagine my excitement. Thank you.

I'm now working on uploading and displaying contact image. I hope I wouldn't need to add another thread on this, but really, thank you.

Good to hear. Could you please mark this thread as solved by clicking the solved link as it gives others on the topic credit and shows the status as solved in the forum.

Done!

Thanks once again! God bless.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.