PHP Version 5.6.14 & Javascript
status_note.php page simply shows a date ordered list of notes added to the db for a given user. Next to each note is an EDIT NOTE button.
When I click the EDIT NOTE button, a javascript pop-up window opens (status_notes_edit_note.php). At this point, everything is in order. See attached image. However, when I submit the edited status note, I get all sorts of errors as seen in 2nd attached image.
Yes, I am aware that using 'isset' would help, but when used, my $id = $_GET['id']; no longer works in PART 1 of the page.
I've also noticed, when adding: if(isset($_POST['save_edited_note']) { to PART 2, then the $id doesn't work in that section.
In opening the status_note.php initially, the ID= is sent properly in the url. See attachment (working.jpg)
I've even tried doing the query again in PART 2, but that's not been successful either.
Bottom Line: I'm losing the $id to pass to the sections. Oh, I also tried doing this with $_SESSION, but it gets lost when using if(isset($_POST['save_edited_note'])
I'm lost ...
Code: Select all
<?php session_start();
include("../_includes/_connect.php");
// set undefined variable(s)
$status_note = null;
// PART 1: Get data to show in javascript pop-up window ---------------->
$id = $_GET['id'];
$query = "SELECT userid, status_note, visible
FROM status_notes
WHERE id = '".$id."' && userid = '".$_SESSION['users_id']."' ";
$result = mysqli_query($con, $query) or die (mysqli_error($con));
if (!$result) die(mysqli_error());
else {
$row = mysqli_fetch_object($result);
$status_note = $row->status_note;
$visible = $row->visible;
}
// PART 2: Save changed/edited data back to db ---------------->
if (isset($_POST['save_edited_note'])) {
$query = "SELECT userid, status_note, visible
FROM status_notes
WHERE id = '".$id."' && userid = '".$_SESSION['users_id']."' ";
$result = mysqli_query($con, $query) or die (mysqli_error($con));
$status_note = mysqli_real_escape_string($con, $_POST['status_note']);
$visible = mysqli_real_escape_string($con, $_POST['visible']);
$sql = "UPDATE status_notes SET status_note = '$status_note', visible = '$visible'
WHERE id = '".$id."' && '".$_SESSION['users_id']."' ";
mysqli_query($con, $sql) or die (mysqli_error($con));
}
?>
<title>Edit Status Note for Applicant</title>
<div align="center">
<form name="edit_status_note" method="post" action="status_notes_edit_note.php">
<table cellspacing="5" >
<tr>
<td><textarea name="status_note" style="width: 380px; height: 200px" /><?php echo stripslashes($status_note); ?></textarea></td>
</tr>
<tr>
<td>
<input type="submit" name="save_edited_note" value="Save Status Note" style="margin-right: 20px" /> <!-- onclick="window.close() -->
Hide Note from Applicant<input name="visible" type="checkbox" checked="checked" value="0" style="margin-left: 10px; vertical-align: text-bottom">
<input type="hidden" name="users_id" value="<?=$_SESSION['users_id'];?>" /><input type="hidden" name="id" value="<?=$_SESSION['id'];?>" />
</td>
</tr>
</table>
</form>
</div>