Level = Beginner
I'm trying to learn PHP by building a fictional site. I've updated my code from INSERT only to INSERT and UPDATE. When I just had INSERT, I could go to the page and it would pull the record for my username and display the entries I had in the table for that username. Then I received some guidance on how to add UPDATE to the page. Now the page doesn't pull my MySQL data and display it. In fact, what it's doing is deleting the record when I load the page. I believe the issue lies in the code I'm going to post below, so that's all I'm posting for now unless someone thinks the problem lies elsewhere.
Please take a look:
Code: Select all
<?php session_start();
include ("../_includes/dbconnect.php");
$b_firstname = mysql_real_escape_string($_POST['b_firstname'] , $con);
$b_lastname = mysql_real_escape_string($_POST['b_lastname'] , $con);
$b_address = mysql_real_escape_string($_POST['b_address'] , $con);
$b_address2 = mysql_real_escape_string($_POST['b_address2'] , $con);
$b_city = mysql_real_escape_string($_POST['b_city'] , $con);
$b_state = mysql_real_escape_string($_POST['b_state'] , $con);
$b_zipcode = mysql_real_escape_string($_POST['b_zipcode'] , $con);
$b_ssn = mysql_real_escape_string($_POST['b_ssn'] , $con);
$b_birthday = mysql_real_escape_string($_POST['b_birthday'] , $con);
$b_dl = mysql_real_escape_string($_POST['b_dl'] , $con);
$b_phone_h = mysql_real_escape_string($_POST['b_phone_h'] , $con);
$b_phone_m = mysql_real_escape_string($_POST['b_phone_m'] , $con);
$b_phone_w = mysql_real_escape_string($_POST['b_phone_w'] , $con);
$cb_firstname = mysql_real_escape_string($_POST['cb_firstname'] , $con);
$cb_lastname = mysql_real_escape_string($_POST['cb_lastname'] , $con);
$cb_address = mysql_real_escape_string($_POST['cb_address'] , $con);
$cb_address2 = mysql_real_escape_string($_POST['cb_address2'] , $con);
$cb_city = mysql_real_escape_string($_POST['cb_city'] , $con);
$cb_state = mysql_real_escape_string($_POST['cb_state'] , $con);
$cb_zipcode = mysql_real_escape_string($_POST['cb_zipcode'] , $con);
$cb_ssn = mysql_real_escape_string($_POST['cb_ssn'] , $con);
$cb_birthday = mysql_real_escape_string($_POST['cb_birthday'] , $con);
$cb_dl = mysql_real_escape_string($_POST['cb_dl'] , $con);
$cb_phone_h = mysql_real_escape_string($_POST['cb_phone_h'] , $con);
$cb_phone_m = mysql_real_escape_string($_POST['cb_phone_m'] , $con);
$cb_phone_w = mysql_real_escape_string($_POST['cb_phone_w'] , $con);
// Sanitize all phone number entries to our preferred format
$phoneTypes = array('b_phone_h', 'b_phone_m', 'b_phone_w', 'cb_phone_h', 'cb_phone_m', 'cb_phone_w');
$replaceThese = array('(', ')', ' ', '.');
$withThese = array('', '', '-', '-');
foreach ($phoneTypes as $value) {
$$value = str_replace($replaceThese, $withThese, $$value);
}
unset($value);
// ----------------------------------------------------------------------------------------------------------
// Create FIELD variables for both INSERT & UPDATE functions later/below.
// ----------------------------------------------------------------------------------------------------------
$fields = "b_firstname = '$b_firstname',
b_lastname = '$b_lastname',
b_address = '$b_address',
b_address2 = '$b_address2',
b_city = '$b_city',
b_state = '$b_state',
b_zipcode = '$b_zipcode',
b_ssn = '$b_ssn',
b_birthday = '$b_birthday',
b_dl = '$b_dl',
b_phone_h = '$b_phone_h',
b_phone_m = '$b_phone_m',
b_phone_w = '$b_phone_w',
cb_firstname = '$cb_firstname',
cb_lastname = '$cb_lastname',
cb_address = '$cb_address',
cb_address2 = '$cb_address2',
cb_city = '$cb_city',
cb_state = '$cb_state',
cb_zipcode = '$cb_zipcode',
cb_ssn = '$cb_ssn',
cb_birthday = '$cb_birthday',
cb_dl = '$cb_dl',
cb_phone_h = '$cb_phone_h',
cb_phone_m = '$cb_phone_m',
cb_phone_w = '$cb_phone_w'
" ;
// ----------------------------------------------------------------------------------------------------------
// Before submitting new/changed data, search the table for a matching record based on USERNAME.
// ----------------------------------------------------------------------------------------------------------
$query = "SELECT * FROM contact_info WHERE username = '".$_SESSION['myusername']."' " ;
$result = mysql_query($query) ; //or die(mysql_error());
// ----------------------------------------------------------------------------------------------------------
// If nothing matches (which won't happen) INSERT the new Field data otherwise UPDATE the field data.
// ----------------------------------------------------------------------------------------------------------
if (mysql_num_rows($result) == 0)
$sql = "INSERT contact_info SET ".$fields." " ;
else
$sql = "UPDATE contact_info SET ".$fields." WHERE username = '".$_SESSION['myusername']."' " ;
mysql_query($sql,$con) or die("query: $query<br>" . mysql_error());
// ----------------------------------------------------------------------------------------------------------
// Retrieve data from database and send to form
// ----------------------------------------------------------------------------------------------------------
$query = "SELECT * FROM contact_info WHERE username = '".$_SESSION['myusername']."' " ;
$result = mysql_query($query);
if (!$result) die(mysql_error());
else
{
$row = mysql_fetch_object($result);
$b_firstname = $row -> b_firstname;
$b_lastname = $row -> b_lastname;
$b_address = $row -> b_address;
$b_address2 = $row -> b_address2;
$b_city = $row -> b_city;
$b_state = $row -> b_state;
$b_zipcode = $row -> b_zipcode;
$b_ssn = $row -> b_ssn;
$b_birthday = $row -> b_birthday;
$b_dl = $row -> b_dl;
$b_phone_h = $row -> b_phone_h;
$b_phone_m = $row -> b_phone_m;
$b_phone_w = $row -> b_phone_w;
$cb_firstname = $row -> cb_firstname;
$cb_lastname = $row -> cb_lastname;
$cb_address = $row -> cb_address;
$cb_address2 = $row -> cb_address2;
$cb_city = $row -> cb_city;
$cb_state = $row -> cb_state;
$cb_zipcode = $row -> cb_zipcode;
$cb_ssn = $row -> cb_ssn;
$cb_birthday = $row -> cb_birthday;
$cb_dl = $row -> cb_dl;
$cb_phone_h = $row -> cb_phone_h;
$cb_phone_m = $row -> cb_phone_m;
$cb_phone_w = $row -> cb_phone_w;
// ----------------------------------------------------------------------------------------------------------
// Close IF & ELSE statements above
// ----------------------------------------------------------------------------------------------------------
}
// ----------------------------------------------------------------------------------------------------------
// Close database connection
// ----------------------------------------------------------------------------------------------------------
mysql_close($con);
?>
I've tried several changes here and there, but nothing I do seems to make a difference. I can save new data (example: Change first name) and the new data is presented to me after clicking the Save button. I did run a simple test and found the data is still saved in the table when I leave the page; it's when I return to this page (contact.php) the data is deleted from the table.
Thank you in advance for any help..