//page2 edit button code.. page2 send the data back to page1 if user wants to edit

<a href="purchase_form1.php?id=<?php echo $id; ?>" class="button4">Edit</a>

//page1 php code. here the form is on this page

//This GET[id] is sent from page2 which is user view page of the form on page1.
//If user do not like the form he clicks on edit button (code above) and reaches this page

$id = 0;
if(isset($_GET['id']) && !empty($_GET['id'])) 

$id = (int)$_GET['id'];
}
$query  = "SELECT * from db_purchase_form where id = $id";
$result = mysql_query($query);
$has_data = false;
while($row = mysql_fetch_row($result))
{
    $has_data = true;
    $product_name = $row[1];
    $choice_actor = $row[2];
    $user_name = $row[3];
    $user_email = $row[4];
    $vdo_script = $row[5];
    $hrt_msg = $row[6];
    $portApproval = $row[7];
    $delivery = $row[8];
    $net_price = $row[9];
}
if(isset($_POST['submit']))
{
    // here i am trying to UPDATE DB if the user edited the form AND CLICKS ON submit
    if ($has_data == true){
    $sql = "UPDATE db_purchase_form ". "SET db_product_name  = \".pSQL($product_name).'\' , db_actor = \".pSQL($choice_actor).'\', db_user_name = \".pSQL($user_name).'\', db_user_email = \".pSQL($user_email).'/', db_vdo_script = \".pSQL($vdo_script).'\', db_hrt_msg = \".pSQL($hrt_msg).'\', db_port_approval = \".pSQL($portApproval).'\', db_delivery = \".pSQL($delivery).'\', db_price = \".pSQL($net_price).'\', db_date_time = NOW()". "WHERE id = '{$id}'";
    }
// form validation and insert into DB if form is okay

what shall be happening is if the GET[id] is set then UPDATE query shall run i.e. user has edited the form and saving changes to that id, otherwise the new id shall be inserted.

What is happening is, when user clicks on edit on page2, and reaches page1 & make changes to page1 form and clicks submit, instead of updating the same ID the page is inserting a new id to the db.

Help friends!!!

but it is not working the way it shall be working, any help friends?

Thanks a lot

Can you post the code for the form also?

<div class="slider11">
                        <strong>Purchase Form</strong><br />
                        <?php
                            if(!empty($message))
                            {
                                echo "<p style='color:red; font-weight:bold;'>" . $message . "</p>";
                            }
                        ?>
                        <form id="PurchaseForm" name="PurchaseForm" method="post" action="purchase_form1.php">
              <div>

              <div  class="wrapper"> <b>Product Name:</b>
                    <div class="generalDisp">
                     HD Video Message  in the dress of Traditional Indian Bride OR Indian Groom.
                    </div>                   
              </div>

                <div class="wrapper"> <b><span style="color:red;">*</span> Who shall deliver script?</b>
                  <div class="formText">
                  <input type="radio" name="rdDelPerson" value="bride" <?php echo(isset($_POST['rdDelPerson']))? (($_POST['rdDelPerson'] == "bride") ? "checked" : ""):"checked";?>/>Bride
                  <input type="radio" name="rdDelPerson" value="groom" <?php echo(isset($_POST['rdDelPerson']) && $_POST['rdDelPerson'] == "SM") ? "checked" : "";?>/>Groom
                </div>
                </div>

                <div class="wrapper"> <b><span style="color:red;">*</span> Your Name:</b>
                  <div class="bg">
                  <input type="text" class="input" name="txtUserName" value="<?php if(isset($user_name)){echo $user_name;} ?>" <?php if(isset($flag) && $flag == 1){echo "div style = 'border:2px solid red;'". "/div";}?>>
                  </div>
                </div>

                <div class="wrapper"> <b><span style="color:red;">*</span> Your Email:</b>
                  <div class="bg">
                    <input type="text" class="input" name="txtUserEMail" value="<?php if(isset($user_email)){echo $user_email;} ?>" <?php if(isset($flag) && $flag == 2){echo "div style = 'border:2px solid red;'" . "/div";}?>><span style="float:right; padding-left:10px;"> This email will be used for all communications. Please ensure it is correct and latest.</span>
                  </div>
                </div>

                <div class="wrapper">
                    <div class="bg">
                        <div class="textarea_box">
                        <b style="float:left;"><span style="color:red;">*</span> Script for Video Message:</b>
                        <input type="radio" name="rdScriptChoice" value="now" checked= "checked" style="float:left;"/>
                        <?php $class = 'correct';if (isset($flag) && ($flag == 3)){$class = 'wrong';}$content = isset($vdo_script) ? $vdo_script : "";?>
                <textarea name="txtVdoScript" id="word_count" cols="1" rows="1" class="<?php echo $class; ?>"><?php echo $content;?></textarea>
                </div><span style="padding-left:10px;">Total word Count :
<span id="display_count" style="font-size:16px; color:black;">0</span> words & 
<span id="count_left" style="font-size:16px; color:black;">200</span> words left.
</span><br>

                <span style="padding-left:10px;">For single order you can order upto 200 words only.</span>

                <div style="clear:both; margin-left:220px">

                <input type="radio" name="rdScriptChoice" value="later"/> I will email the script Later.

                </div>
                </div>
                </div>


                <div class="wrapper"> <b><span style="color:red;">*</span> Terms & Conditions:</b>
                  <div class="bg">
                    <input type="checkbox" name="cbTnc" value="Yes"> I agree to <a style="text-decoration:none;" href="terms.php">terms and conditions</a>
                  </div>
                </div> 
                <div class="wrapper"> <b><span style="color:red;">*</span> Neoflux Marketing can use this video/image as their portfolio:</b>
                  <div class="formText">
                  <input type="radio" name="rdPortApprvl" value="yes" checked= "checked"/>Yes
                  <input type="radio" name="rdPortApprvl" value="no" />No
                </div>
                </div>

                <div class="wrapper"> <b><span style="color:red;">*</span> Delivery:</b>
                  <div class="formText">
                  <input type="radio" name="rdDelivery" value="standard" />Standard
                  <input type="radio" name="rdDelivery" value="express" checked= "checked"/>Express<br>


                </div><span style="font-size:11px; display:inline-block; padding-left:20px; width: 500px;"> Standard Delivery Takes  <span style="font-size:14px; color:black;">10</span>. days, and no charges extra. Express Delivery costs <span style="color:red;">$20</span> extra, and makes your order a priority order, it is delivered in <span style="font-size:14px; color:black;">4 </span> days. </span>
                </div>

                <div  class="wrapper"> <b>Amount to pay ($):</b>
                    <div class="priceDisp">
                    <div id="calc_value">
                     $<span id="price_org">20</span>
                    (Product Cost)
                     + $<span id="price_deliver">20</span>
                     (Delivery)
                     + $<span id="price_extra">0</span>
                     (Extra amount)
                     + $<span id="price_pp">0</span>
                     (Paypal Charges)
                     = $<span id="price_tt">0</span>


                   <!-- <?php
                    echo "$" . $service_price1. '<span>' . " (Product Cost)" . '</span>' . " + $20" . '<span>' . " (Delivery)" . '</span>' . " + " . "$" . $paypal_charge . '<span>' . " (Paypal Charges)" . '</span>' ." = " . "$" . $net_price;
                    ?> -->
                    </div>
                    </div>                   
              </div>

                <b><span style="color:red;">* </span><span>Compulsory</span>
                <input type="submit" name="submit" value="Buy Now" class="button3">
               </div>
            </form>
                        </div>

Can you put this temporary debug code just before line 27:

die($sql);

This will print the query (on submit) and stop the script. Please post the displayed query here.

nothing was changed...

Put his code just before line 22:

die(print_r($_POST, 1));

This will display the contents of the $_POST array after submitting the form (don't forget to click on the Submit button). Post the displayed result here.

Array ( ) 

just this...

also the page is not displayed, so i could not click on submit button..

If array() is displayed that means that the $_POST contains nothing. Have you put the die() statement in the correct script (the snippet from your first post)? I do not know why the form is not displayed. I has got nothing to do with the processing.

here i have pasted it here..

die(print_r($_POST, 1));
    if(isset($_POST['submit']))
    {

Could you post the latest versions of the code for both the form page and the processing page, please.

hii broj, can you provide me e*mail so that i can send you the complete code, for your review

ohh, din't know that, sorry.. :(

here is the php code for page1

<?php require_once("includes/connection.php"); ?>
<?php
    include_once("includes/form_functions.php");
    $service_price1 = 20;
    $express_delivery = 20;
    $paypal_fixed = 0.3;
    $additional_charges = 0;
    $paypal_charge = ($service_price1 + $express_delivery + $additional_charges) * 4.1/100 + $paypal_fixed;
    $net_price = $service_price1 + $paypal_charge + $express_delivery + $additional_charges;
    $product_name = "Video Message 1";
    $id = 0;
    if (isset($_GET['id']) && ($_GET['id'] != ''))
    {
    $id = (int)htmlspecialchars($_GET['id']);
    }
    $query  = "SELECT * from db_purchase_form where id = $id";
    $result = mysql_query($query);
    $has_data = false;
    while($row = mysql_fetch_row($result))
    {
        $has_data = true;
        $product_name = $row[1];
        $choice_actor = $row[2];
        $user_name = $row[3];
        $user_email = $row[4];
        $vdo_script = $row[5];
        $hrt_msg = $row[6];
        $portApproval = $row[7];
        $delivery = $row[8];
        $net_price = $row[9];
    }
    if(isset($_POST['submit']))
    {

        if ($has_data == true){
        $sql = "UPDATE db_purchase_form ". "SET db_product_name  = \".pSQL($product_name).'\' , db_actor = \".pSQL($choice_actor).'\', db_user_name = \".pSQL($user_name).'\', db_user_email = \".pSQL($user_email).'/', db_vdo_script = \".pSQL($vdo_script).'\', db_hrt_msg = \".pSQL($hrt_msg).'\', db_port_approval = \".pSQL($portApproval).'\', db_delivery = \".pSQL($delivery).'\', db_price = \".pSQL($net_price).'\', db_date_time = NOW()". "WHERE id = '{$id}'";
        }
        else
        {
        $errors = array();
        if(isset($_POST['rdDelPerson']))
        {
            $choice_actor = $_POST["rdDelPerson"];           
        }
        if(isset($_POST['txtUserName']))
        {
            $user_name = trim($_POST["txtUserName"]);
        }
        if(isset($_POST['txtUserEMail']))
        {
            $user_email = trim($_POST["txtUserEMail"]);
        }
        if(isset($_POST['rdScriptChoice']))
        {
            $script_choice = $_POST['rdScriptChoice'];
            $vdo_script = $_POST['txtVdoScript'];
        }
        if(isset($_POST["rdPortApprvl"]))
        {
            $portApproval = $_POST["rdPortApprvl"];
        }
        if(isset($_POST["rdDelivery"]))
        {
            $delivery = $_POST["rdDelivery"];
        }
        if(!isset($_POST['rdDelPerson']))
        {
            $message = "Please select from Bride or Groom";
        }
        elseif(empty($_POST['txtUserName']))
        {
            $message = "Please enter your name.";
            $flag= "1";
        }
        elseif(strlen($_POST['txtUserName']) > 200)
        {
            $message = "Maximum 200 characters are allowed as name length.";
            $flag= "1";
        }
        elseif(empty($_POST['txtUserEMail']))
        {
            $message = "Please enter your email.";
            $flag= "2";
        }
        elseif(!preg_match("/^[_\.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$/i", $user_email))
        {
            $message= "Please enter a valid email.";
            $flag= "2";
            unset($user_email);
        }
        /*elseif(str_word_count($_POST['txtVdoScript']) > 15)
        {
            $message = "Maximum 15 characters are allowed as tooltip message.";
            $flag= "4";
        }*/ // validation to be added for number of words more than 100 then auto option to be selected in paypal button

        elseif(empty($_POST['cbTnc']))
        {
            $message = "You shall agree to terms and conditions";
        }
        elseif(!isset($_POST['rdPortApprvl']))
        {
            $message = "Please select the Approval or Denial";           
        }
        elseif(!isset($_POST['rdDelivery']))
        {
            $message = "Please select the Delivery Method";           
        }
        else
        {
            if ($_POST['rdScriptChoice'] == "later")
            {
                $vdo_script = $_POST['rdScriptChoice'];
            }
            else
            {
                if(empty($_POST['txtVdoScript']))
                {
                    $message = "Script for Video is compulsory.";
                    $flag= "3";
                }
            }

            if(str_word_count($_POST['txtVdoScript']) > 100 && str_word_count($_POST['txtVdoScript']) <= 125)
            {
                $additional_charges = 5;
            }
            elseif(str_word_count($_POST['txtVdoScript']) > 125 && str_word_count($_POST['txtVdoScript']) <= 150)
            {
                $additional_charges = 10;
            }
            if(str_word_count($_POST['txtVdoScript']) > 150 && str_word_count($_POST['txtVdoScript']) <= 175)
            {
                $additional_charges = 15;
            }
            if(str_word_count($_POST['txtVdoScript']) > 175 && str_word_count($_POST['txtVdoScript']) <= 200)
            {
                $additional_charges = 20;
            }
            if(str_word_count($_POST['txtVdoScript']) > 200 && str_word_count($_POST['txtVdoScript']) <= 225)
            {
                $additional_charges = 25;
            }
            if(str_word_count($_POST['txtVdoScript']) > 225 && str_word_count($_POST['txtVdoScript']) <= 250)
            {
                $additional_charges = 30;
            }

            if($_POST["rdDelivery"] == "standard")
            {
                $paypal_charge = ($service_price1 + $additional_charges) * 4.1 / 100 + $paypal_fixed;
                $net_price = $service_price1 + $paypal_charge + $additional_charges;
            }
            else
            {
                $paypal_charge = ($service_price1 + $express_delivery + $additional_charges) * 4.1/100 + $paypal_fixed;
                $net_price = $service_price1 + $paypal_charge + $express_delivery + $additional_charges;
            }   

            if(empty($message))
            {
                $net_rounded_price = round($net_price, 2);
                $insert = "INSERT INTO db_purchase_form (db_product_name, db_actor, db_user_name, db_user_email, db_vdo_script, db_hrt_msg, db_port_approval, db_delivery, db_price, db_date_time) VALUES ('{$product_name}', '{$choice_actor}', '{$user_name}', '{$user_email}','{$vdo_script}', '{$hrt_msg}','{$portApproval}','{$delivery}','{$net_rounded_price}', NOW())";
                $result = mysql_query($insert);
                if($result)
                {
                    //echo("<br>Input data is succeed");
                    $lastInsertedId =  mysql_insert_id();
                    $timestamp = time();
                    header('Location:purchase_form1_conf.php?'.http_build_query(array('id' => $lastInsertedId,'time' => $timestamp,'hash' => sha1('some-generated-key'.$timestamp.$lastInsertedId))));
                }
                else
                {
                    $message = "The data cannot be inserted.";
                    $message .= "<br />" . mysql_error();
                }
            }
            }
        }
    }
?>

and this is the form on this page

<div class="slider11">
                        <strong>Purchase Form</strong><br />
                        <?php
                            if(!empty($message))
                            {
                                echo "<p style='color:red; font-weight:bold;'>" . $message . "</p>";
                            }
                        ?>
                        <form id="PurchaseForm" name="PurchaseForm" method="post" action="purchase_form1.php">
              <div>

              <div  class="wrapper"> <b>Product Name:</b>
                    <div class="generalDisp">
                     HD Video Message  in the dress of Traditional Indian Bride OR Indian Groom.
                    </div>                   
              </div>

                <div class="wrapper"> <b><span style="color:red;">*</span> Who shall deliver script?</b>
                  <div class="formText">
                  <input type="radio" name="rdDelPerson" value="bride" <?php echo(isset($_POST['rdDelPerson']))? (($_POST['rdDelPerson'] == "bride") ? "checked" : ""):"checked";?>/>Bride
                  <input type="radio" name="rdDelPerson" value="groom" <?php echo(isset($_POST['rdDelPerson']) && $_POST['rdDelPerson'] == "SM") ? "checked" : "";?>/>Groom
                </div>
                </div>

                <div class="wrapper"> <b><span style="color:red;">*</span> Your Name:</b>
                  <div class="bg">
                  <input type="text" class="input" name="txtUserName" value="<?php if(isset($user_name)){echo $user_name;} ?>" <?php if(isset($flag) && $flag == 1){echo "div style = 'border:2px solid red;'". "/div";}?>>
                  </div>
                </div>

                <div class="wrapper"> <b><span style="color:red;">*</span> Your Email:</b>
                  <div class="bg">
                    <input type="text" class="input" name="txtUserEMail" value="<?php if(isset($user_email)){echo $user_email;} ?>" <?php if(isset($flag) && $flag == 2){echo "div style = 'border:2px solid red;'" . "/div";}?>><span style="float:right; padding-left:10px;"> This email will be used for all communications. Please ensure it is correct and latest.</span>
                  </div>
                </div>

                <div class="wrapper">
                    <div class="bg">
                        <div class="textarea_box">
                        <b style="float:left;"><span style="color:red;">*</span> Script for Video Message:</b>
                        <input type="radio" name="rdScriptChoice" value="now" checked= "checked" style="float:left;"/>
                        <?php $class = 'correct';if (isset($flag) && ($flag == 3)){$class = 'wrong';}$content = isset($vdo_script) ? $vdo_script : "";?>
                <textarea name="txtVdoScript" id="word_count" cols="1" rows="1" class="<?php echo $class; ?>"><?php echo $content;?></textarea>
                </div><span style="padding-left:10px;">Total word Count :
<span id="display_count" style="font-size:16px; color:black;">0</span> words & 
<span id="count_left" style="font-size:16px; color:black;">200</span> words left.
</span><br>

                <span style="padding-left:10px;">For single order you can order upto 200 words only.</span>

                <div style="clear:both; margin-left:220px">

                <input type="radio" name="rdScriptChoice" value="later"/> I will email the script Later.

                </div>
                </div>
                </div>


                <div class="wrapper"> <b><span style="color:red;">*</span> Terms & Conditions:</b>
                  <div class="bg">
                    <input type="checkbox" name="cbTnc" value="Yes"> I agree to <a style="text-decoration:none;" href="terms.php">terms and conditions</a>
                  </div>
                </div> 
                <div class="wrapper"> <b><span style="color:red;">*</span> Neoflux Marketing can use this video/image as their portfolio:</b>
                  <div class="formText">
                  <input type="radio" name="rdPortApprvl" value="yes" checked= "checked"/>Yes
                  <input type="radio" name="rdPortApprvl" value="no" />No
                </div>
                </div>

                <div class="wrapper"> <b><span style="color:red;">*</span> Delivery:</b>
                  <div class="formText">
                  <input type="radio" name="rdDelivery" value="standard" />Standard
                  <input type="radio" name="rdDelivery" value="express" checked= "checked"/>Express<br>


                </div><span style="font-size:11px; display:inline-block; padding-left:20px; width: 500px;"> Standard Delivery Takes  <span style="font-size:14px; color:black;">10</span>. days, and no charges extra. Express Delivery costs <span style="color:red;">$20</span> extra, and makes your order a priority order, it is delivered in <span style="font-size:14px; color:black;">4 </span> days. </span>
                </div>

                <div  class="wrapper"> <b>Amount to pay ($):</b>
                    <div class="priceDisp">
                    <div id="calc_value">
                     $<span id="price_org">20</span>
                    (Product Cost)
                     + $<span id="price_deliver">20</span>
                     (Delivery)
                     + $<span id="price_extra">0</span>
                     (Extra amount)
                     + $<span id="price_pp">0</span>
                     (Paypal Charges)
                     = $<span id="price_tt">0</span>


                   <!-- <?php
                    echo "$" . $service_price1. '<span>' . " (Product Cost)" . '</span>' . " + $20" . '<span>' . " (Delivery)" . '</span>' . " + " . "$" . $paypal_charge . '<span>' . " (Paypal Charges)" . '</span>' ." = " . "$" . $net_price;
                    ?> -->
                    </div>
                    </div>                   
              </div>

                <b><span style="color:red;">* </span><span>Compulsory</span>
                <input type="submit" name="submit" value="Buy Now" class="button3">
               </div>
            </form>
                        </div>





NOW WHEN I SEND THE DATA TO PAGE2, HERE IS THE CODE FOR PAGE2. PAGE2 IS THE DISPLAY PAGE, IT DISPLAYS THE FORM DATA AND IF USER CLICKS ON EDIT BUTTON, HE IS TAKEN BACK TO PAGE1.

PHP CODE FOR PAGE2

<?php require_once("includes/connection.php"); ?>
<?php
    $id = isset($_GET['id']) ? $_GET['id'] : null;
    $time = $_GET['time'];
    if($_GET['hash'] != sha1('some-generated-key'.$time.$id))
      die('URL was tampered with');
    //if(time() - $time > 300)
      //die('URL was only valid for 5 minutes');

    //}
    //if (isset($_GET['id']))
    //{
    //$lastInsertedId = $_GET['id'];
    //}
    //$id = $_SESSION['last_id'];
    //$query  = "SELECT * FROM db_purchase_form WHERE id=$lastInsertedId";
    //$result = mysql_query($query);
    //while($row = mysql_fetch_row($result))

    if ($id)
    {
        $query  = "SELECT * FROM db_purchase_form WHERE id=$id";
        $result = mysql_query($query);
        while($row = mysql_fetch_row($result))
        {
            $product_name = $row[1];
            $choice_actor = $row[2];
            $user_name = $row[3];
            $user_email = $row[4];
            $vdo_script = $row[5];
            $hrt_msg = $row[6];
            $portApproval = $row[7];
            $delivery = $row[8];
            $net_price = $row[9];
        }
}
?>

// NOW HERE I DISPLAYS THE VALUES AS I GET FROM DB AS $row[1], 2 SO ON AND THERE ARE TWO BUTTONS ON THIS PAGE, BUT IT IS NOT THE FORM, ONE IS EDIT BUTTON AND OTHER IS PAYPAL

THE CODE FOR EDIT BUTTON IS
<a href="purchase_form1.php?id=<?php echo $id; ?>" class="button4">Edit</a>
IT TAKES USER TO PAGE1.

NOW WHAT IS THE ISSUE?

THE ISSUE IS WHEN USER CLICKS ON SUBMIT ON PAGE1 AND IS TAKEN TO PAGE2, THE URL FOR PAGE2 IS

http://localhost/site1/purchase_form1_conf.php?id=48&time=1375804521&hash=bba5f71dfae78bffbb731c9af1ea5846eaa15df8

NOW WHEN EDIT BUTTON FOR PAGE2 IS CLICKED, USER IS TAKEN BACK TO PAGE1 AND THE URL FOR PAGE1 IS

http://localhost/site1/purchase_form1.php?id=48

BUT FINALLY WHEN USER CLICKS THE SUBMIT BUTTON [AFTER EDITING THE VALUES IN THE FORM] THE DATABASE IS NOT UPDATING FOR THE SAME ID, INSTEAD IT IS MAKING A NEW ROW IN THE DB WITH NEW ID, FOR THE ABOVE EXAMPLE (id 48) WHEN I EDIT THE PAGE AND CLICK ON SUBMIT AGAIN I AM TAKEN TO PAGE2 BUT THE NEW URL IS

http://localhost/site1/purchase_form1_conf.php?id=49&time=1375804707&hash=0a30e55d2b3a37354973bd65a14c1dc55fbf650f

SEE THE id IS CHANGED TO 49, AND DB HAS A NEW ROW, WHILE IT SHALL BE UPDATING THE VALUES FOR id = 48.

IF YOU CAN EXACTLY DO NOT SOLVE THE QUERY {MAYBE DUE TO LACK OF TIME} BUT FOR YOU IT IS JUST 15 MINUTES WORK, PLEASE TELL ME THE LOCATION OF PROBLEMS AND GIVE THE SOLUTION SO THAT I TRY TO SOLVE THAT ACCORDINGLY.

Thanks a lot in advance for all your help.

I desperately need that this time.

Thanks

I'll check your code in next hour (waiting a big download to finish so I can switch to Linux :-). In mean time - I have a question: what is the pSQL function meant to be doing?

the pSQL function will ensure that the unwanted char will be stripped and substitued accordingly :)

actually it's a good practice to use the pSQL for the data that are given by users and that must be saved in the db.

however if it not needed we can remove it as well,

however if it not needed we can remove it as well,

No, it is OK, just to know what the output of it is (it is not directly related to the problem).

any luck friend?

Trying to get through your code. I am affraid your explanation is confusing me a bit. You are talking about page1 and page2 but those pages have filenames (like purchase_form1.php referred to in a form). Can you please post the two scripts as they are and with their proper names. At the moment I can't figure out in which script the form is. Sory about the delay. I will have to go out for a couple of hours now but will be back at the problem later, if this is OK.

page1 is purchase_form1.php

page2 is purchase_form1_conf.php

hope that is suffice

here is the php code for page1 (purchase_form1.php)

<?php require_once("includes/connection.php"); ?>
<?php
    include_once("includes/form_functions.php");
    $service_price1 = 20;
    $express_delivery = 20;
    $paypal_fixed = 0.3;
    $additional_charges = 0;
    $paypal_charge = ($service_price1 + $express_delivery + $additional_charges) * 4.1/100 + $paypal_fixed;
    $net_price = $service_price1 + $paypal_charge + $express_delivery + $additional_charges;
    $product_name = "Video Message 1";
    $id = 0;
    if (isset($_GET['id']) && ($_GET['id'] != ''))
    {
    $id = (int)htmlspecialchars($_GET['id']);
    }
    $query  = "SELECT * from db_purchase_form where id = $id";
    $result = mysql_query($query);
    $has_data = false;
    while($row = mysql_fetch_row($result))
    {
        $has_data = true;
        $product_name = $row[1];
        $choice_actor = $row[2];
        $user_name = $row[3];
        $user_email = $row[4];
        $vdo_script = $row[5];
        $hrt_msg = $row[6];
        $portApproval = $row[7];
        $delivery = $row[8];
        $net_price = $row[9];
    }
    if(isset($_POST['submit']))
    {
        if ($has_data == true){
        $sql = "UPDATE db_purchase_form ". "SET db_product_name  = \".pSQL($product_name).'\' , db_actor = \".pSQL($choice_actor).'\', db_user_name = \".pSQL($user_name).'\', db_user_email = \".pSQL($user_email).'/', db_vdo_script = \".pSQL($vdo_script).'\', db_hrt_msg = \".pSQL($hrt_msg).'\', db_port_approval = \".pSQL($portApproval).'\', db_delivery = \".pSQL($delivery).'\', db_price = \".pSQL($net_price).'\', db_date_time = NOW()". "WHERE id = '{$id}'";
        }
        else
        {
        $errors = array();
        if(isset($_POST['rdDelPerson']))
        {
            $choice_actor = $_POST["rdDelPerson"];           
        }
        if(isset($_POST['txtUserName']))
        {
            $user_name = trim($_POST["txtUserName"]);
        }
        if(isset($_POST['txtUserEMail']))
        {
            $user_email = trim($_POST["txtUserEMail"]);
        }
        if(isset($_POST['rdScriptChoice']))
        {
            $script_choice = $_POST['rdScriptChoice'];
            $vdo_script = $_POST['txtVdoScript'];
        }
        if(isset($_POST["rdPortApprvl"]))
        {
            $portApproval = $_POST["rdPortApprvl"];
        }
        if(isset($_POST["rdDelivery"]))
        {
            $delivery = $_POST["rdDelivery"];
        }
        if(!isset($_POST['rdDelPerson']))
        {
            $message = "Please select from Bride or Groom";
        }
        elseif(empty($_POST['txtUserName']))
        {
            $message = "Please enter your name.";
            $flag= "1";
        }
        elseif(strlen($_POST['txtUserName']) > 200)
        {
            $message = "Maximum 200 characters are allowed as name length.";
            $flag= "1";
        }
        elseif(empty($_POST['txtUserEMail']))
        {
            $message = "Please enter your email.";
            $flag= "2";
        }
        elseif(!preg_match("/^[_\.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$/i", $user_email))
        {
            $message= "Please enter a valid email.";
            $flag= "2";
            unset($user_email);
        }
        /*elseif(str_word_count($_POST['txtVdoScript']) > 15)
        {
            $message = "Maximum 15 characters are allowed as tooltip message.";
            $flag= "4";
        }*/ // validation to be added for number of words more than 100 then auto option to be selected in paypal button
        elseif(empty($_POST['cbTnc']))
        {
            $message = "You shall agree to terms and conditions";
        }
        elseif(!isset($_POST['rdPortApprvl']))
        {
            $message = "Please select the Approval or Denial";           
        }
        elseif(!isset($_POST['rdDelivery']))
        {
            $message = "Please select the Delivery Method";           
        }
        else
        {
            if ($_POST['rdScriptChoice'] == "later")
            {
                $vdo_script = $_POST['rdScriptChoice'];
            }
            else
            {
                if(empty($_POST['txtVdoScript']))
                {
                    $message = "Script for Video is compulsory.";
                    $flag= "3";
                }
            }
            if(str_word_count($_POST['txtVdoScript']) > 100 && str_word_count($_POST['txtVdoScript']) <= 125)
            {
                $additional_charges = 5;
            }
            elseif(str_word_count($_POST['txtVdoScript']) > 125 && str_word_count($_POST['txtVdoScript']) <= 150)
            {
                $additional_charges = 10;
            }
            if(str_word_count($_POST['txtVdoScript']) > 150 && str_word_count($_POST['txtVdoScript']) <= 175)
            {
                $additional_charges = 15;
            }
            if(str_word_count($_POST['txtVdoScript']) > 175 && str_word_count($_POST['txtVdoScript']) <= 200)
            {
                $additional_charges = 20;
            }
            if(str_word_count($_POST['txtVdoScript']) > 200 && str_word_count($_POST['txtVdoScript']) <= 225)
            {
                $additional_charges = 25;
            }
            if(str_word_count($_POST['txtVdoScript']) > 225 && str_word_count($_POST['txtVdoScript']) <= 250)
            {
                $additional_charges = 30;
            }
            if($_POST["rdDelivery"] == "standard")
            {
                $paypal_charge = ($service_price1 + $additional_charges) * 4.1 / 100 + $paypal_fixed;
                $net_price = $service_price1 + $paypal_charge + $additional_charges;
            }
            else
            {
                $paypal_charge = ($service_price1 + $express_delivery + $additional_charges) * 4.1/100 + $paypal_fixed;
                $net_price = $service_price1 + $paypal_charge + $express_delivery + $additional_charges;
            }   
            if(empty($message))
            {
                $net_rounded_price = round($net_price, 2);
                $insert = "INSERT INTO db_purchase_form (db_product_name, db_actor, db_user_name, db_user_email, db_vdo_script, db_hrt_msg, db_port_approval, db_delivery, db_price, db_date_time) VALUES ('{$product_name}', '{$choice_actor}', '{$user_name}', '{$user_email}','{$vdo_script}', '{$hrt_msg}','{$portApproval}','{$delivery}','{$net_rounded_price}', NOW())";
                $result = mysql_query($insert);
                if($result)
                {
                    //echo("<br>Input data is succeed");
                    $lastInsertedId =  mysql_insert_id();
                    $timestamp = time();
                    header('Location:purchase_form1_conf.php?'.http_build_query(array('id' => $lastInsertedId,'time' => $timestamp,'hash' => sha1('some-generated-key'.$timestamp.$lastInsertedId))));
                }
                else
                {
                    $message = "The data cannot be inserted.";
                    $message .= "<br />" . mysql_error();
                }
            }
            }
        }
    }
?>
and this is the form on this page (purchase_form1.php)
<div class="slider11">
                        <strong>Purchase Form</strong><br />
                        <?php
                            if(!empty($message))
                            {
                                echo "<p style='color:red; font-weight:bold;'>" . $message . "</p>";
                            }
                        ?>
                        <form id="PurchaseForm" name="PurchaseForm" method="post" action="purchase_form1.php">
              <div>
              <div  class="wrapper"> <b>Product Name:</b>
                    <div class="generalDisp">
                     HD Video Message  in the dress of Traditional Indian Bride OR Indian Groom.
                    </div>                   
              </div>
                <div class="wrapper"> <b><span style="color:red;">*</span> Who shall deliver script?</b>
                  <div class="formText">
                  <input type="radio" name="rdDelPerson" value="bride" <?php echo(isset($_POST['rdDelPerson']))? (($_POST['rdDelPerson'] == "bride") ? "checked" : ""):"checked";?>/>Bride
                  <input type="radio" name="rdDelPerson" value="groom" <?php echo(isset($_POST['rdDelPerson']) && $_POST['rdDelPerson'] == "SM") ? "checked" : "";?>/>Groom
                </div>
                </div>
                <div class="wrapper"> <b><span style="color:red;">*</span> Your Name:</b>
                  <div class="bg">
                  <input type="text" class="input" name="txtUserName" value="<?php if(isset($user_name)){echo $user_name;} ?>" <?php if(isset($flag) && $flag == 1){echo "div style = 'border:2px solid red;'". "/div";}?>>
                  </div>
                </div>
                <div class="wrapper"> <b><span style="color:red;">*</span> Your Email:</b>
                  <div class="bg">
                    <input type="text" class="input" name="txtUserEMail" value="<?php if(isset($user_email)){echo $user_email;} ?>" <?php if(isset($flag) && $flag == 2){echo "div style = 'border:2px solid red;'" . "/div";}?>><span style="float:right; padding-left:10px;"> This email will be used for all communications. Please ensure it is correct and latest.</span>
                  </div>
                </div>
                <div class="wrapper">
                    <div class="bg">
                        <div class="textarea_box">
                        <b style="float:left;"><span style="color:red;">*</span> Script for Video Message:</b>
                        <input type="radio" name="rdScriptChoice" value="now" checked= "checked" style="float:left;"/>
                        <?php $class = 'correct';if (isset($flag) && ($flag == 3)){$class = 'wrong';}$content = isset($vdo_script) ? $vdo_script : "";?>
                <textarea name="txtVdoScript" id="word_count" cols="1" rows="1" class="<?php echo $class; ?>"><?php echo $content;?></textarea>
                </div><span style="padding-left:10px;">Total word Count :
<span id="display_count" style="font-size:16px; color:black;">0</span> words & 
<span id="count_left" style="font-size:16px; color:black;">200</span> words left.
</span><br>
                <span style="padding-left:10px;">For single order you can order upto 200 words only.</span>
                <div style="clear:both; margin-left:220px">
                <input type="radio" name="rdScriptChoice" value="later"/> I will email the script Later.
                </div>
                </div>
                </div>
                <div class="wrapper"> <b><span style="color:red;">*</span> Terms & Conditions:</b>
                  <div class="bg">
                    <input type="checkbox" name="cbTnc" value="Yes"> I agree to <a style="text-decoration:none;" href="terms.php">terms and conditions</a>
                  </div>
                </div> 
                <div class="wrapper"> <b><span style="color:red;">*</span> Neoflux Marketing can use this video/image as their portfolio:</b>
                  <div class="formText">
                  <input type="radio" name="rdPortApprvl" value="yes" checked= "checked"/>Yes
                  <input type="radio" name="rdPortApprvl" value="no" />No
                </div>
                </div>
                <div class="wrapper"> <b><span style="color:red;">*</span> Delivery:</b>
                  <div class="formText">
                  <input type="radio" name="rdDelivery" value="standard" />Standard
                  <input type="radio" name="rdDelivery" value="express" checked= "checked"/>Express<br>
                </div><span style="font-size:11px; display:inline-block; padding-left:20px; width: 500px;"> Standard Delivery Takes  <span style="font-size:14px; color:black;">10</span>. days, and no charges extra. Express Delivery costs <span style="color:red;">$20</span> extra, and makes your order a priority order, it is delivered in <span style="font-size:14px; color:black;">4 </span> days. </span>
                </div>
                <div  class="wrapper"> <b>Amount to pay ($):</b>
                    <div class="priceDisp">
                    <div id="calc_value">
                     $<span id="price_org">20</span>
                    (Product Cost)
                     + $<span id="price_deliver">20</span>
                     (Delivery)
                     + $<span id="price_extra">0</span>
                     (Extra amount)
                     + $<span id="price_pp">0</span>
                     (Paypal Charges)
                     = $<span id="price_tt">0</span>
                   <!-- <?php
                    echo "$" . $service_price1. '<span>' . " (Product Cost)" . '</span>' . " + $20" . '<span>' . " (Delivery)" . '</span>' . " + " . "$" . $paypal_charge . '<span>' . " (Paypal Charges)" . '</span>' ." = " . "$" . $net_price;
                    ?> -->
                    </div>
                    </div>                   
              </div>
                <b><span style="color:red;">* </span><span>Compulsory</span>
                <input type="submit" name="submit" value="Buy Now" class="button3">
               </div>
            </form>
                        </div>



NOW WHEN I SEND THE DATA TO PAGE2 (purchase_form1_conf.php), HERE IS THE CODE FOR PAGE2 (purchase_form1_conf.php). 

PAGE2 (purchase_form1_conf.php) IS THE DISPLAY PAGE, IT DISPLAYS THE FORM DATA AND IF USER CLICKS ON EDIT BUTTON, HE IS TAKEN BACK TO PAGE1(purchase_form1.php).

PHP CODE FOR PAGE2 (purchase_form1_conf.php)

<?php require_once("includes/connection.php"); ?>
<?php
    $id = isset($_GET['id']) ? $_GET['id'] : null;
    $time = $_GET['time'];
    if($_GET['hash'] != sha1('some-generated-key'.$time.$id))
      die('URL was tampered with');
    //if(time() - $time > 300)
      //die('URL was only valid for 5 minutes');
    //}
    //if (isset($_GET['id']))
    //{
    //$lastInsertedId = $_GET['id'];
    //}
    //$id = $_SESSION['last_id'];
    //$query  = "SELECT * FROM db_purchase_form WHERE id=$lastInsertedId";
    //$result = mysql_query($query);
    //while($row = mysql_fetch_row($result))
    if ($id)
    {
        $query  = "SELECT * FROM db_purchase_form WHERE id=$id";
        $result = mysql_query($query);
        while($row = mysql_fetch_row($result))
        {
            $product_name = $row[1];
            $choice_actor = $row[2];
            $user_name = $row[3];
            $user_email = $row[4];
            $vdo_script = $row[5];
            $hrt_msg = $row[6];
            $portApproval = $row[7];
            $delivery = $row[8];
            $net_price = $row[9];
        }
}
?>


// NOW HERE I DISPLAYS THE VALUES AS I GET FROM DB AS $row[1], 2 SO ON AND THERE ARE TWO BUTTONS ON THIS PAGE, BUT IT IS NOT THE FORM, ONE IS EDIT BUTTON AND OTHER IS PAYPAL

THE CODE FOR EDIT BUTTON IS ON PAGE2 (purchase_form1_conf.php)

<a href="purchase_form1.php?id=<?php echo $id; ?>" class="button4">Edit</a>

IT TAKES USER TO PAGE1 (purchase_form1.php).

NOW WHAT IS THE ISSUE?

THE ISSUE IS WHEN USER CLICKS ON SUBMIT ON PAGE1 AND IS TAKEN TO PAGE2, THE URL FOR PAGE2 IS

http://localhost/site1/purchase_form1_conf.php?id=48&time=1375804521&hash=bba5f71dfae78bffbb731c9af1ea5846eaa15df8

NOW WHEN EDIT BUTTON FOR PAGE2 IS CLICKED, USER IS TAKEN BACK TO PAGE1 AND THE URL FOR PAGE1 IS

http://localhost/site1/purchase_form1.php?id=48

BUT FINALLY WHEN USER CLICKS THE SUBMIT BUTTON [AFTER EDITING THE VALUES IN THE FORM] 
THE DATABASE IS NOT UPDATING FOR THE SAME ID, INSTEAD IT IS MAKING A NEW ROW IN THE DB WITH NEW ID, 
FOR THE ABOVE EXAMPLE (id 48) WHEN I EDIT THE PAGE AND CLICK ON SUBMIT AGAIN I AM TAKEN TO PAGE2 BUT THE NEW URL IS

http://localhost/site1/purchase_form1_conf.php?id=49&time=1375804707&hash=0a30e55d2b3a37354973bd65a14c1dc55fbf650f

SEE THE id IS CHANGED TO 49, AND DB HAS A NEW ROW, WHILE IT SHALL BE UPDATING THE VALUES FOR id = 48.

Thanks a lot in advance for all your help.

Thanks

BUT FINALLY WHEN USER CLICKS THE SUBMIT BUTTON [AFTER EDITING THE VALUES IN THE FORM]
THE DATABASE IS NOT UPDATING FOR THE SAME ID, INSTEAD IT IS MAKING A NEW ROW IN THE DB WITH NEW ID,
FOR THE ABOVE EXAMPLE (id 48) WHEN I EDIT THE PAGE AND CLICK ON SUBMIT AGAIN I AM TAKEN TO PAGE2 BUT THE NEW URL IS

OK. The solution is quite simple:

The action attribute of the form is set to:

<form id="PurchaseForm" name="PurchaseForm" method="post" action="purchase_form1.php">

When the form gets submitted the page is reloaded and you do not have an ID anymore. Therefore you do not read the data and the $has_data variable is set to FALSE. Due to this the INSERT gets carried out instead of UPDATE. All you have to do is add the id into the action URL:

<form id="PurchaseForm" name="PurchaseForm" method="post" action="purchase_form1.php?id=<?php echo $id;?>">

I am not sure if this is 100% solution since I do not know the rest of the app (maybe you should add other parameters to the querystring). But at least $has_data will be true and it will get to the UPDATE part.

Probably not the most elegant solution either. I would prefer to use ajax on this one but it is up to you (if you want to bother learning ajax approach).

Also, the update query is a mess and it contains errors - mainly the backslashes which act as escape sequences for the double quotes that follow. This is how I construct long queries that involve functions, variables etc (this is also the corrected version):

if ($has_data == true){
    $sql  = "UPDATE db_purchase_form SET ";
    $sql .= "db_product_name = '" . pSQL($product_name) . "', ";
    $sql .= "db_actor = '" . pSQL($choice_actor) . "', ";
    $sql .= "db_user_name = '" . pSQL($user_name) . "', ";
    $sql .= "db_user_email = '" . pSQL($user_email) . "', ";
    $sql .= "db_vdo_script = '" . pSQL($vdo_script) . "', ";
    $sql .= "db_hrt_msg = '" . pSQL($hrt_msg) . "', ";
    $sql .= "db_port_approval = '" . pSQL($portApproval) . "', ";
    $sql .= "db_delivery = '" . pSQL($delivery) . "', ";
    $sql .= "db_price = '" . pSQL($net_price) . "', ";
    $sql .= "db_date_time = NOW() ";
    $sql .= "WHERE id = '{$id}'";
}

Much easier to read and debug.

let me check and then i will come back to you.

Thanks

okay dokey, here is the error

( ! ) Fatal error: Call to undefined function pSQL() in C:\wamp\www\site1\purchase_form1.php on line 41
Call Stack
#   Time    Memory  Function    Location
1   0.0015  453680  {main}( )   ..\purchase_form1.php:0

this is line 41
$sql .= "db_product_name = '" . pSQL($product_name) . "', ";

also all pSQL are shown in black.

please remove them from this code and update a new code.

now what?

okay, i have removed the psql function and now the code looks like this,

if ($has_data == true)
        {
            $sql  = "UPDATE db_purchase_form SET ";
            $sql .= "db_product_name = '" . $product_name . "', ";
            $sql .= "db_actor = '" . $choice_actor . "', ";
            $sql .= "db_user_name = '" . $user_name . "', ";
            $sql .= "db_user_email = '" . $user_email . "', ";
            $sql .= "db_vdo_script = '" . $vdo_script . "', ";
            $sql .= "db_hrt_msg = '" . $hrt_msg . "', ";
            $sql .= "db_port_approval = '" . $portApproval . "', ";
            $sql .= "db_delivery = '" . $delivery . "', ";
            $sql .= "db_price = '" . $net_price . "', ";
            $sql .= "db_date_time = NOW() ";
            $sql .= "WHERE id = '{$id}'";
        }

i made other change to purchaseform as well, but when i click submit, nothing is happening, though url on the page is holding the same id, but the DB is not updating.

Help please?

Put the temporary debug code after the code for constructing SQL:

if ($has_data == true)
{
    $sql = "UPDATE db_purchase_form SET ";
    $sql .= "db_product_name = '" . $product_name . "', ";
    $sql .= "db_actor = '" . $choice_actor . "', ";
    $sql .= "db_user_name = '" . $user_name . "', ";
    $sql .= "db_user_email = '" . $user_email . "', ";
    $sql .= "db_vdo_script = '" . $vdo_script . "', ";
    $sql .= "db_hrt_msg = '" . $hrt_msg . "', ";
    $sql .= "db_port_approval = '" . $portApproval . "', ";
    $sql .= "db_delivery = '" . $delivery . "', ";
    $sql .= "db_price = '" . $net_price . "', ";
    $sql .= "db_date_time = NOW() ";
    $sql .= "WHERE id = '{$id}'";

    // temporary debug code
    die($sql);
}

When you submit the form it should display the SQL and stop the script. Post the output here.

when i click submit, after i use the code you mentioned above, this is the output

UPDATE db_purchase_form SET db_product_name = 'Video Message 1', db_actor = 'bride', db_user_name = 'dfdfdfd', db_user_email = 'fghgfh@fff.vom', db_vdo_script = 'later', db_hrt_msg = '', db_port_approval = 'yes', db_delivery = 'express', db_price = '41.94', db_date_time = NOW() WHERE id = '54'

in a white screen.

here i attached screenshot

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.