Keep carrying an ID over.

Question

bradly.spicer 47 Posting Whiz in Training

11 Years Ago

Hey guys,

got a system here which I'l try and explain in lame mans terms.

Search > Customer page > Edit Customer.

The problem I am having is that it is not letting me carry that ID over.
E.g, I put John smith in, I get the customer Page which echo's all his information, I click update and it doesn't seem to send the information.

http://rhino.minepress.co.uk/Selectcustomer.php
Try typing in John for a test then scroll down to update at the bottom

in Customer.php:

<?PHP
    $customer_id = $_GET['id'];

        $query = "SELECT id,
                customer_name,
                customer_name_letterhead,
                customer_notes,
                systype,
                status,
                signaltype,
                address,
                postcode,
                telephone,
                mobile,
                mobiletwo,
                email,
                mainarea,
                installation,
                Contract,
                expiration,
                SPA,
                nservice,
                maintenance,
                monitoring,
                MS,
                certdate 
                FROM Customers 
                       WHERE id = {$id}";

        $result = mysql_query($query) or die('<p>' . $query . '</p><div>' . 
                               mysql_error() . '</div>');

        $customer = mysql_fetch_assoc($result);  

?>

           <form action="Update.php" method="post">
                <input type="hidden" name="customer_id" class="customer_id" value="">
                <input type="submit" value="Update">
            </form>

php

2 Contributors
17 Replies
155 Views
4 Hours Discussion Span
Latest Post 11 Years Ago Latest Post by bradly.spicer

broj1 356 Humble servant

11 Years Ago

The method in the form is POST while you are reading $_GET. Change it to $_POST.

$customer_id = $_POST['id'];

And for security reasons validate and/or escape it.

if(!isset($_POST['id']) || !is_numeric($_POST['id'])) {
    header('location:logout.php');
}

$customer_id = mysql_real_escape_string($_POST['id']);

Edited 11 Years Ago by broj1

broj1 356 Humble servant

11 Years Ago

Well, the trouble is there is no id in your query. This is why this code:

if(!isset($_POST['id']) || !is_numeric($_POST['id'])) {
    // handle the error here
    ...
}

Redirecting to logout was just my guess. The thing is if there is no value in $_POST['id'] then you have to do something about it (warn the user, provide a default value...).

Why is there no $_POST['id'] is another question. How does the user pprovide the ID? If it is a form then the method of the form has to be post. If it is a link, it is usually get, but if updating, try to use post. Can you show the code for update.php?

broj1 356 Humble servant

11 Years Ago

OK, I see. TThe problem is that the ID is not comming to the update.php page from previous page. Can you post that page code too?

broj1 356 Humble servant

11 Years Ago

I am guessing but I think customer ID should be in the value of hidden input on line 34. This is the current code:

<input type="hidden" name="customer_id" class="customer_id" value="">

Shouldn't it be:

<input type="hidden" name="customer_id" class="customer_id" value="<?php echo $customer['customer_id']; ?>">

Edited 11 Years Ago by broj1

broj1 356 Humble servant

11 Years Ago

Weel, it's time to check the UPDATE sql statement which I guess might be in update.php. Can you post it please.

BTW: I'll probably won't be able to reply sooner than tomorrow morning.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

bradly.spicer 47 Posting Whiz in Training · Answer 1 · 2013-01-28T17:02:05+00:00

Hey broj,

This is a private script so it will be directory connected etc so we don't have a logout.php etc.

It is pretty much for storing details into a mysql db.

As for the $_POST change.

Would that be in Update.php or in Customer.php?

I've done it in both as I know I shouldn't be using _GET anyway (Different method and all).

So Update now has:

<?php

        $customer_id = $_POST['id'];

        $query = "SELECT id,
                customer_name,
                customer_name_letterhead,
                customer_notes,
                systype,
                status,
                signaltype,
                verification,
                address,
                postcode,
                telephone,
                mobile,
                mobiletwo,
                email,
                mainarea,
                installation,
                Contract,
                expiration,
                SPA,
                nservice,
                maintenance,
                monitoring,
                MS,
               certdate 
        FROM Customers 
                       WHERE id = {$customer_id}";?>

When I click Update, I get this error:

SELECT id, customer_name, customer_name_letterhead, customer_notes, systype, status, signaltype, verification, address, postcode, telephone, mobile, mobiletwo, email, mainarea, installation, Contract, expiration, SPA, nservice, maintenance, monitoring, MS, certdate FROM Customers WHERE id =

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 26

bradly.spicer 47 Posting Whiz in Training · Answer 2 · 2013-01-28T17:16:48+00:00

Hey Broj,

Thanks for your quick response. I will add the if once I get this sorted I think :P

Update.php:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<style>
input, textarea {  
    padding: 9px;  
    border: solid 1px #E5E5E5;  
    outline: 0;  
    font: normal 13px/100% Verdana, Tahoma, sans-serif;  
    width: 200px;  
    background: #FFFFFF;  
    }  
textarea {  
    width: 400px;  
    max-width: 400px;  
    height: 150px;  
    line-height: 150%;  
    }  
input:hover, textarea:hover,  
input:focus, textarea:focus {  
    border-color: #C9C9C9;  
    }  
.form label {  
    margin-left: 10px;  
    color: #999999;  
    }  
.submit input {  
    width: auto;  
    padding: 9px 15px;  
    background: #617798;  
    border: 0;  
    font-size: 14px;  
    color: #FFFFFF;  
    }  
</style>
<?php require 'header.php'; ?> 

        <div class="clear">
        </div>
        <div class="grid_12">
            <div class="box round first fullpage">
<?php

            $customer_id = $_POST['id'];

            $query = "SELECT id,
                    customer_name,
                    customer_name_letterhead,
                    customer_notes,
                    systype,
                    status,
                    signaltype,
                    verification,
                    address,
                    postcode,
                    telephone,
                    mobile,
                    mobiletwo,
                    email,
                    mainarea,
                    installation,
                    Contract,
                    expiration,
                    SPA,
                    nservice,
                    maintenance,
                    monitoring,
                    MS,
                   certdate 
            FROM Customers 
                           WHERE id = {$customer_id'}";

            $result = mysql_query($query) or die('<p>' . $query . '</p><div>' . 
                                   mysql_error() . '</div>');

            $customer = mysql_fetch_assoc($result);  

?>
 <h2>Updating <?php echo $customer['customer_name'] ?></h2>
                <div class="block ">
                    <table class="form">
                       <form name="Form" action="updateSQL.php" method="post">
<!--Intro-->
<h3>Introduction</h3>
<p class="field">  
Client/Company Name: <input type="text" name="customer_name" value="<?Php echo $customer['customer_name']?>"><br></p>
Contact / Letter name: <input type="text" name="customer_name_letterhead" value="<?Php echo $customer['customer_name_letterhead']?>"><br>
Notes: <textarea rows="5" cols="30" name="customer_notes" <?Php echo $customer['customer_notes']?>>
Notes go here
</textarea><br>

System Type
<?php $typearray= array(type1, type2, type3, type4, None); ?>

<select name="systype">
        <?php foreach($typearray as $typechoice){
                if($typechoice== $customer['systype'])
                        echo "<option selected value=\"$typechoice\">$typechoice</option>";
                else
                        echo "<option value=\"$typechoice\">$typechoice</option>";
        } ?>
</select>

<br>
Status
<?php $statusarray= array(Alive, Dead, Stop); ?>

<select name="status">
        <?php foreach($statusarray as $statuschoice){
                if($statuschoice== $customer['status'])
                        echo "<option selected value=\"$statuschoice\">$statuschoice</option>";
                else
                        echo "<option value=\"$statuschoice\">$statuschoice</option>";
        } ?>
</select><br>




Verification Method
<?php $verificationarray= array(verify1, verify2, verify3); ?>

<select name="verification">
        <?php foreach($verificationarray as $verificationchoice){
                if($verificationchoice== $customer['verification'])
                        echo "<option selected value=\"$verifychoice\">$verificationchoice</option>";
                else
                        echo "<option value=\"$verificationchoice\">$verificationchoice</option>";
        } ?>
</select><br>


<!--Start of Address etc-->
Address: <textarea rows="5" cols="30" name="address"><?Php echo $customer['address']?></textarea><br>
Postcode: <input type="text" name="postcode" value="<?Php echo $customer['postcode']?>"><br>
Telephone: <input type="text" name="telephone" value="<?Php echo $customer['telephone']?>"><br>
Mobile: <input type="text" name="mobile" value="<?Php echo $customer['mobile']?>"><br>
Mobile2: <input type="text" name="mobiletwo" value="<?Php echo $customer['mobiletwo']?>"><br>
Email: <input type="text" name="email" value="<?Php echo $customer['email']?>"><br>
Main Area: <input type="text" name="mainarea" value="<?Php echo $customer['mainarea']?>"><br>
<!--End of Address-->

<!--Start of Dates-->
Installation Date: <input type="date" name="installation" value="<?Php echo $customer['installation']?>"><br>
Contract Type: <input type="text" name="Contract" value="<?Php echo $customer['Contract']?>"><br>
Expiration date: <input type="date" name="expiration" value="<?Php echo $customer['expiration']?>"><br>

Services Per Annum:
<?php $verificationarray= array(0, 1, 2, None); ?>

<select name="SPA">
        <?php foreach($SPAarray as $SPAchoice){
                if($SPAchoice== $customer['SPA'])
                        echo "<option selected value=\"$SPAchoice\">$SPAchoice</option>";
                else
                        echo "<option value=\"$SPAchoice\">$SPAchoice</option>";
        } ?>
</select><br>

Next Service: <input type="date" name="nservice" value="<?Php echo $customer['nservice']?>"><br>
Appointment Req: 

<!--End of Dates-->

<!--Start of Financial Details-->

Invoice Run: ??<br>

Invoice Code:??<br>

<!--End of Financial Details-->

<!--Start of Charges-->

Maintenance: <input type="number" name="maintenance" value="<?Php echo $customer['maintenance']?>"><br> 
Monitoring: <input type="number" name="monitoring" value="<?Php echo $customer['monitoring']?>"><br>

<!--End of Charges-->

<!--Start of Monitored System-->

Y/N:
<?php $MSarray = array(Yes, No); ?>

<select name="MS">
        <?php foreach($MSarray as $MSchoice){
                if($MSchoice== $customer['MS'])
                        echo "<option selected value=\"$MSchoice\">$MSchoice</option>";
                else
                        echo "<option value=\"$MSchoice\">$MSchoice</option>";
        } ?>
</select><br>

<!--End of Monitored System-->
<!--Start of Certificate details-->
Date: <input type="date" name="certdate" value="<?Php echo $customer['certdate']?>"><br>
Certificate: ??
<!--End of Certificate details-->
<p>

<input type="submit" value="Submit">
</form> 
                    </table>
                </div>
            </div>
        </div>
        <div class="clear">
        </div>
    </div>
    <div class="clear">
    </div>
    <div id="site_info">
        <p>
            Copyright <a href="#">Rhino Admin</a>. All Rights Reserved.
        </p>
    </div>
</body>
</html>

bradly.spicer 47 Posting Whiz in Training · Answer 3 · 2013-01-28T18:14:20+00:00

Heres the path:

Selectcustomer.php > Customer.php > Update.php

and this is Customer.php:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<style>
input, textarea {  
    padding: 9px;  
    border: solid 1px #E5E5E5;  
    outline: 0;  
    font: normal 13px/100% Verdana, Tahoma, sans-serif;  
    width: 200px;  
    background: #FFFFFF;  
    }  
textarea {  
    width: 400px;  
    max-width: 400px;  
    height: 150px;  
    line-height: 150%;  
    }  
input:hover, textarea:hover,  
input:focus, textarea:focus {  
    border-color: #C9C9C9;  
    }  
.form label {  
    margin-left: 10px;  
    color: #999999;  
    }  
.submit input {  
    width: auto;  
    padding: 9px 15px;  
    background: #617798;  
    border: 0;  
    font-size: 14px;  
    color: #FFFFFF;  
    }

.Update {

   font-size: 20px;


}
</style>
<?php require 'header.php'; ?> 

        <div class="clear">
        </div>
        <div class="grid_12">
            <div class="box round first fullpage">
<?PHP
        $customer_id = $_POST['id'];

            $query = "SELECT id,
                    customer_name,
                    customer_name_letterhead,
                    customer_notes,
                    systype,
                    status,
                    signaltype,
                    address,
                    postcode,
                    telephone,
                    mobile,
                    mobiletwo,
                    email,
                    mainarea,
                    installation,
                    Contract,
                    expiration,
                    SPA,
                    nservice,
                    maintenance,
                    monitoring,
                    MS,
                    certdate 
            FROM Customers 
                           WHERE id = {$customer_id}";

            $result = mysql_query($query) or die('<p>' . $query . '</p><div>' . 
                                   mysql_error() . '</div>');

            $customer = mysql_fetch_assoc($result);  

?>
 <h2><?php echo $customer['customer_name'] ?></h2>
                <div class="block ">

                <?PHP 
               echo "<h4> Letter Name:</h4>" . "<br>"; 
               echo $customer['customer_name_letterhead'] . "<p>";
               echo "<h4> Notes:</h4>" . "<br>";
               echo $customer['customer_notes'] . "<p>";
               echo "<h4> System Type:</h4>" . "<br>";
               echo $customer['systype']. "<p>";
               echo "<h4> Customer Status:</h4>" . "<br>";
               echo $customer['status']. "<p>";
               echo "<h4> Signal Type:</h4>" . "<br>";
               echo $customer['signaltype']. "<p>";
               echo "<h4> Address:</h4>" . "<br>";
               echo $customer['address']. "<p>";
               echo "<h4> Postcode:</h4>" . "<br>";
               echo $customer['postcode']. "<p>";
               echo "<h4> Telephone:</h4>" . "<br>";
               echo $customer['telephone']. "<p>";
               echo "<h4> Mobile:</h4>" . "<br>";
               echo $customer['mobile']. "<p>";
               echo "<h4> Second mobile:</h4>" . "<br>";
               echo $customer['mobiletwo']. "<p>";
               echo "<h4> Email:</h4>" . "<br>";
               echo $customer['email']. "<p>";
               echo "<h4> Mainarea:</h4>" . "<br>";
               echo $customer['mainarea']. "<p>";
               echo "<h4> Installation:</h4>" . "<br>";
               echo $customer['installation']. "<p>";
               echo "<h4> Contract:</h4>" . "<br>";
               echo $customer['Contract']. "<p>";
               echo "<h4> Expiration:</h4>" . "<br>";
               echo $customer['expiration']. "<p>";
               echo "<h4> S.P.A:</h4>" . "<br>";
               echo $customer['SPA']. "<p>";
               echo "<h4> Next Service:</h4>" . "<br>";
               echo $customer['nservice']. "<p>";
               echo "<h4> Maintenance:</h4>" . "<br>";
               echo $customer['maintenance']. "<p>";
               echo "<h4>Monitoring:</h4>" . "<br>";
               echo $customer['monitoring']. "<p>";
               echo "<h4> MS:</h4>" . "<br>";
               echo $customer['MS']. "<p>";
               echo "<h4> Certdate:</h4>" . "<br>";
               echo $customer['certdate']. "<p>";

                ?>
                <form action="Update.php" method="post">

                    <input type="hidden" name="customer_id" class="customer_id" value="">
                    <input type="submit" value="Update">
                </form>  
                </div>

            </div>
        </div>
        <div class="clear">
        </div>
    </div>
    <div class="clear">
    </div>
    <div id="site_info">
        <p>
            Copyright <a href="#">Rhino Admin</a>. All Rights Reserved.
        </p>
    </div>
</body>
</html>

bradly.spicer 47 Posting Whiz in Training · Answer 4 · 2013-01-28T19:32:21+00:00

Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING, expecting '}' in /home/xtrapsp/public_html/Rhino/Update.php on line 73

:(

broj1 356 Humble servant Featured Poster · Answer 5 · 2013-01-28T19:53:58+00:00

OK, we are getting there. This could be due to stray single quote in the query:

WHERE id = {$customer_id'}";

Either remove it or change it to:

WHERE id = '{$customer_id}'";

bradly.spicer 47 Posting Whiz in Training · Answer 6 · 2013-01-28T20:01:23+00:00

WHERE id = '{$customer_id}'";

Did that, It's still going to the wrong page

broj1 356 Humble servant Featured Poster · Answer 7 · 2013-01-28T20:03:46+00:00

It's still going to the wrong page

What page does it go to? It should go to the Update.php.

broj1 356 Humble servant Featured Poster · Answer 8 · 2013-01-28T20:06:04+00:00

Can you put this debugging code into Update.php on the very beginning:

<?php
    die(print_r($_POST, 1));
?>

This will print the contents of the $_POST array and stop the script. Please post the output.

bradly.spicer 47 Posting Whiz in Training · Answer 9 · 2013-01-28T20:21:47+00:00

it does go to update.php but it's the wrong one.

E.G

In customer select I choose John Smith. It goes to his customer page fine, then when I click update it goes to the update page for Smith Johnson...(The person first in the db)

Array ( [customer_id] => )

broj1 356 Humble servant Featured Poster · Answer 10 · 2013-01-28T20:29:52+00:00

OK, try this in Update.php:

<input type="hidden" name="customer_id" class="customer_id" value="<?php echo $customer_id; ?>">

$customer_id actualy holds your customer ID (and not $customer['customer_id'] as in my previous post). My mistake, sory, it's a lot of code and sometimes hard to follow.

bradly.spicer 47 Posting Whiz in Training · Answer 11 · 2013-01-28T20:55:20+00:00

ok so Now the array goes to 1 however it still goes to other person.

This is my database:

http://prntscr.com/qrjxz

Sorry about the image, it's just the best way to do it

Array ( [customer_id] => 1)

bradly.spicer 47 Posting Whiz in Training · Answer 12 · 2013-01-28T21:18:04+00:00

bradly.spicer 47 Posting Whiz in Training

11 Years Ago

THANK YOU! The updatesql had a GET