Allowing user to edit only their record

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
tsm4781
Forum Commoner
Posts: 38
Joined: Wed Jul 09, 2003 7:17 pm

Allowing user to edit only their record

Post by tsm4781 »

I am creating an alumni database, and I am running into come difficulties with a few things.

When a user initially wants to submit their information, I "SELECT * FROM members" which is the table that stores all user information entered when a user registeres for the site. I then pre-populate the input fields with that data. When the user clicks submit, it stores all of that data into a different table called "current".

Additionally, I store their unique ID in the current table as "memnum."

The problem I am having is now I need to let the users be able to edit their information once submitted. They can't submit twice because I do not want duplicate entries.

What I have done is entered the following onto the page:

Code: Select all

if ($_POST['action'] == 'updatecurrent')
	{
		$name = $_POST['name'];
		$email = $_POST['email'];
		$city = $_POST['city'];
		$state = $_POST['state'];
		$phone = $_POST['phone'];
		$cell = $_POST['cell'];			
		$website = $_POST['website'];
		$memnum = $_POST['memnum'];
$query = "UPDATE current SET name = '$name', email = $email', city = '$city', state = '$state', phone = '$phone', cell = '$cell', website = '$website' WHERE id = '$id', memnum = '$memnum'";

		$result = mysql_query($query);
		$errormsg = "<font color ='#FF0000'>Updated!</font>";
		$p = 6; //List View

		}
  		else
		{ 
	$errormsg = "<font color ='#FF0000'>Oops.. something went wrong!</font>";
	$p = 6;
	}
I somehow (first) need to prepopulate the form with info from the CURRENT table that is specific to that user (which is where memnum comes into play, but it is not working.

Here is the code from the include file which (in theory) should prepopulate that users information, but I know I am wrong somewhere.

Code: Select all

<?PHP
	include_once("db.inc.php");
	
	mysql_connect($db_host,$db_user,$db_pass) or DIE("Could not connect to DB Server");
	mysql_select_db("$db_name") or DIE("Could not find DB on Server");
	
	$query = "SELECT * FROM current WHERE id = '$memnum'";
	$result = mysql_query($query);
	
	
	if (mysql_num_rows($result) > 0)
	{	
		$row = mysql_fetch_array($result);
		extract($row);
	}	

?>

<title>Update Member Information</title><table width="100%" border="0" cellspacing="5" cellpadding="0">
	<tr> 
	  <td valign="top" align="center"><form name="editcurrent" method="post" action="<?PHP echo "$PHP_SELF"; ?>">
        <table width="100%" border="0" cellspacing="2" cellpadding="3">
          <tr> 
            <td colspan="2"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="3">Edit 
              Your Current Member Directory Info: 
              <?PHP echo $errormsg; ?>
              </font></b></td>
          </tr>
          <tr> 
            <td colspan="2">If all of the information is correct, please click 
              submit. You will need to enter the year you began at IV and the 
              year you ended.</td>
          </tr>
        </table>
        <table width="100%" border="0" cellspacing="1" cellpadding="3" bgcolor="#CCCCCC">
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Username:</b></td>
            <td width="70%"> 
              <?PHP echo "$memnum"; ?>
            </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Name:</b></td>
            <td width="70%"> 
              <input name="name" type="text" id="name" value="<?PHP echo "$name"; ?>">
            </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Email:</b></td>
            <td width="70%"> 
              <input name="email" type="text" id="email" value="<?PHP echo "$email"; ?>">
            </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>City/State/Zip</b></td>
            <td width="70%"> 
              <input name="city" type="text" id="city" value="<?PHP echo "$city"; ?>">
              <input name="state" type="text" id="state" value="<?PHP echo "$state"; ?>" size="2" maxlength="2">
              <input name="zip" type="text" id="zip" value="<?PHP echo "$zip"; ?>" size="5" maxlength="5">
            </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Phone:</b></td>
            <td width="70%"> 
              <input name="phone" type="text" id="phone" value="<?PHP echo "$phone"; ?>">
              EX: (802) 123-4567</td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Cell:</b></td>
            <td width="70%"> 
              <input name="cell" type="text" id="cell" value="<?PHP echo "$cell"; ?>">
              EX: (802) 123-4567 </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Website:</b></td>
            <td width="70%"> http:// 
              <input name="website" type="text" id="website" value="<?PHP echo "$website"; ?>">
              EX: http://www.burlingtonivcf.org</td>
          </tr>
          <tr> 
            <td height="15" colspan="2" align="center" bgcolor="#4A6588"> 
              <input name="action" type="hidden" value="updatecurrent">
              <input name="id" type="hidden" value="<?PHP echo "$id"; ?>">
              <input name="memnum" type="hidden" id="memnum" value="<?PHP echo "$memnum"; ?>">
              <input name="Submit" type="submit" id="Submit" value="Submit">
              <input type="reset" name="Reset" value="Reset">
            </td>
          </tr>
        </table>
		</form> 
		
	  </td>
	</tr>
</table>
?>
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

Well, start with adding ?> 's

Code: Select all

<?PHP echo "$memnum"; 
            </td>
..is bound to be broken.

Additionally, you could remove the extract, and use $row['memnum'] instead.
tsm4781
Forum Commoner
Posts: 38
Joined: Wed Jul 09, 2003 7:17 pm

Post by tsm4781 »

I did that. It automatically is giving me the error message "Oops.. something went wrong!" that I have as the $errormsg and it isn't prepopulating the fields at all.
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

But are you realizing that you have a bunch of those errors?
Another example:

Code: Select all

="<?PHP echo "$website"; "> 
// missing the ?>
="<?PHP echo "$website"; ?>">
tsm4781
Forum Commoner
Posts: 38
Joined: Wed Jul 09, 2003 7:17 pm

Post by tsm4781 »

I think it just pasted wrong into the forum.

Code: Select all

<?PHP
	include_once("db.inc.php");
	
	mysql_connect($db_host,$db_user,$db_pass) or DIE("Could not connect to DB Server");
	mysql_select_db("$db_name") or DIE("Could not find DB on Server");
	
	$query = "SELECT * FROM current WHERE id = '$memnum'";
	$result = mysql_query($query);
	
	
	if (mysql_num_rows($result) > 0)
	&#123;	
		$row = mysql_fetch_array($result);
		extract($row);
	&#125;	

?>

<title>Update Member Information</title><table width="100%" border="0" cellspacing="5" cellpadding="0">
	<tr> 
	  <td valign="top" align="center"><form name="editcurrent" method="post" action="<?PHP echo "$PHP_SELF"; ?>">
        <table width="100%" border="0" cellspacing="2" cellpadding="3">
          <tr> 
            <td colspan="2"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="3">Edit 
              Your Current Member Directory Info: 
              <?PHP echo $errormsg; ?>
              </font></b></td>
          </tr>
          <tr> 
            <td colspan="2">If all of the information is correct, please click 
              submit. You will need to enter the year you began at IV and the 
              year you ended.</td>
          </tr>
        </table>
        <table width="100%" border="0" cellspacing="1" cellpadding="3" bgcolor="#CCCCCC">
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Username:</b></td>
            <td width="70%"> 
              <?PHP echo "$memnum"; ?>
            </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Name:</b></td>
            <td width="70%"> 
              <input name="name" type="text" id="name" value="<?PHP echo "$name"; ?>">
            </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Email:</b></td>
            <td width="70%"> 
              <input name="email" type="text" id="email" value="<?PHP echo "$email"; ?>">
            </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>City/State/Zip</b></td>
            <td width="70%"> 
              <input name="city" type="text" id="city" value="<?PHP echo "$city"; ?>">
              <input name="state" type="text" id="state" value="<?PHP echo "$state"; ?>" size="2" maxlength="2">
              <input name="zip" type="text" id="zip" value="<?PHP echo "$zip"; ?>" size="5" maxlength="5">
            </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Phone:</b></td>
            <td width="70%"> 
              <input name="phone" type="text" id="phone" value="<?PHP echo "$phone"; ?>">
              EX: (802) 123-4567</td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Cell:</b></td>
            <td width="70%"> 
              <input name="cell" type="text" id="cell" value="<?PHP echo "$cell"; ?>">
              EX: (802) 123-4567 </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Website:</b></td>
            <td width="70%"> http:// 
              <input name="website" type="text" id="website" value="<?PHP echo "$website"; ?>">
              EX: www.burlingtonivcf.org</td>
          </tr>
          <tr> 
            <td height="15" colspan="2" align="center" bgcolor="#4A6588"> 
              <input name="action" type="hidden" value="updatecurrent">
              <input name="id" type="hidden" value="<?PHP echo "$id"; ?>">
              <input name="id" type="hidden" id="id" value="<?PHP echo "$memnum"; ?>">
              <input name="Submit" type="submit" id="Submit" value="Submit">
              <input type="reset" name="Reset" value="Reset">
            </td>
          </tr>
        </table>
		</form> 
		
	  </td>
	</tr>
</table>
m3rajk
DevNet Resident
Posts: 1191
Joined: Mon Jun 02, 2003 3:37 pm

Re: Allowing user to edit only their record

Post by m3rajk »

i agree with jam. your code is flawed since it assumes php will automatically leave itself. i was advised to switched to heredocs since it's faster, so i've done that to your code for you so you can see how it's done. the ending signal can be any string, i use END, but it IS case sensitive and MUST be on a line by itself.

if you have issues after this, the repopulation from db thing i've already accomplished, so debug so you can give me just the relevant lines and i'll give you more help
tsm4781 wrote:

Code: Select all

<?PHP
	include_once("db.inc.php");
	
	mysql_connect($db_host,$db_user,$db_pass) or DIE("Could not connect to DB Server");
	mysql_select_db("$db_name") or DIE("Could not find DB on Server");
	
	$query = "SELECT * FROM current WHERE id = '$memnum'";
	$result = mysql_query($query);
	
	
	if (mysql_num_rows($result) > 0)
	{	
		$row = mysql_fetch_array($result);
		extract($row);
	}	

echo <<<END
<title>Update Member Information</title><table width="100%" border="0" cellspacing="5" cellpadding="0">
	<tr> 
	  <td valign="top" align="center"><form name="editcurrent" method="post" action="$PHP_SELF">
        <table width="100%" border="0" cellspacing="2" cellpadding="3">
          <tr> 
            <td colspan="2"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="3">Edit 
              Your Current Member Directory Info: 
              $errormsg
              </font></b></td>
          </tr>
          <tr> 
            <td colspan="2">If all of the information is correct, please click 
              submit. You will need to enter the year you began at IV and the 
              year you ended.</td>
          </tr>
        </table>
        <table width="100%" border="0" cellspacing="1" cellpadding="3" bgcolor="#CCCCCC">
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Username:</b></td>
            <td width="70%"> 
              $memnum
            </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Name:</b></td>
            <td width="70%"> 
              <input name="name" type="text" id="name" value="$name">
            </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Email:</b></td>
            <td width="70%"> 
              <input name="email" type="text" id="email" value="$email">
            </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>City/State/Zip</b></td>
            <td width="70%"> 
              <input name="city" type="text" id="city" value="$city">
              <input name="state" type="text" id="state" value="$state" size="2" maxlength="2">
              <input name="zip" type="text" id="zip" value="$zip" size="5" maxlength="5">
            </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Phone:</b></td>
            <td width="70%"> 
              <input name="phone" type="text" id="phone" value="$phone">
              EX: (802) 123-4567</td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Cell:</b></td>
            <td width="70%"> 
              <input name="cell" type="text" id="cell" value="$cell">
              EX: (802) 123-4567 </td>
          </tr>
          <tr bgcolor="e7e7e7"> 
            <td width="30%"><b>Website:</b></td>
            <td width="70%"> http:// 
              <input name="website" type="text" id="website" value="$website">
              EX: http://www.burlingtonivcf.org</td>
          </tr>
          <tr> 
            <td height="15" colspan="2" align="center" bgcolor="#4A6588"> 
              <input name="action" type="hidden" value="updatecurrent">
              <input name="id" type="hidden" value="$id">
              <input name="memnum" type="hidden" id="memnum" value="$memnum">
              <input name="Submit" type="submit" id="Submit" value="Submit">
              <input type="reset" name="Reset" value="Reset">
            </td>
          </tr>
        </table>
		</form> 
		
	  </td>
	</tr>
</table>
END;
?>
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

7th row : $memnum
Where does that come from? $_GET or $_POST. Perhaps your problem is passing variables? (Last link in my signature)

Did you try to remove the extract and use $row['field'] instead as of my previous post?

You don't happen to get mysql_num_rows($result) > 1 result do you? If you get 2 hits, you might have a problem.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

the missing ?> happen when you have more than one

Code: Select all

block and one of them is not complete (having matching <?php ... ?> )
see: this is working

Code: Select all

<?php
$i = NULL;
?>

Code: Select all

<?php
$i = FALSE;
?>
Last edited by volka on Sun Aug 31, 2003 11:04 am, edited 1 time in total.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

this one isn't

Code: Select all

$i = NULL;

Code: Select all

<?php
$i = FALSE;
?>
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Post by JAM »

Ah... wierdness, but thanks volka. Would explain some of the obvious issues around the board here...
Post Reply