Page 1 of 1

Saving Data to db from Javascript Pop-Up Window

Posted: Mon Nov 16, 2015 1:34 pm
by diseman
Ok, so 2 days after trying many different variations, I need to ask for some help, 'cause I'm going in circles.

PHP Version 5.6.14 & Javascript

status_note.php page simply shows a date ordered list of notes added to the db for a given user. Next to each note is an EDIT NOTE button.

When I click the EDIT NOTE button, a javascript pop-up window opens (status_notes_edit_note.php). At this point, everything is in order. See attached image. However, when I submit the edited status note, I get all sorts of errors as seen in 2nd attached image.

Yes, I am aware that using 'isset' would help, but when used, my $id = $_GET['id']; no longer works in PART 1 of the page.

I've also noticed, when adding: if(isset($_POST['save_edited_note']) { to PART 2, then the $id doesn't work in that section.

In opening the status_note.php initially, the ID= is sent properly in the url. See attachment (working.jpg)

I've even tried doing the query again in PART 2, but that's not been successful either.

Bottom Line: I'm losing the $id to pass to the sections. Oh, I also tried doing this with $_SESSION, but it gets lost when using if(isset($_POST['save_edited_note'])

I'm lost ...

Code: Select all


<?php session_start();

include("../_includes/_connect.php");

// set undefined variable(s)

$status_note = null;


// PART 1: Get data to show in javascript pop-up window ---------------->


		$id = $_GET['id'];

		$query = "SELECT userid, status_note, visible
				FROM status_notes
				WHERE id = '".$id."' && userid = '".$_SESSION['users_id']."' ";

				$result = mysqli_query($con, $query) or die (mysqli_error($con));

				if (!$result) die(mysqli_error());

				else	{

					$row = mysqli_fetch_object($result);

					$status_note = $row->status_note;
					$visible = $row->visible;
				}


// PART 2: Save changed/edited data back to db ---------------->


	if (isset($_POST['save_edited_note'])) {

	   $query = "SELECT userid, status_note, visible
				FROM status_notes
				WHERE id = '".$id."' && userid = '".$_SESSION['users_id']."' ";

				$result = mysqli_query($con, $query) or die (mysqli_error($con));

   		$status_note = mysqli_real_escape_string($con, $_POST['status_note']);
   		$visible = mysqli_real_escape_string($con, $_POST['visible']);

		$sql = "UPDATE status_notes SET status_note = '$status_note', visible = '$visible'
			   WHERE id = '".$id."' && '".$_SESSION['users_id']."'  ";

		mysqli_query($con, $sql) or die (mysqli_error($con));

	}

?>

<title>Edit Status Note for Applicant</title>

<div align="center">

<form name="edit_status_note" method="post" action="status_notes_edit_note.php">

<table cellspacing="5" >
	<tr>
		<td><textarea name="status_note" style="width: 380px; height: 200px" /><?php echo stripslashes($status_note); ?></textarea></td>
	</tr>
	<tr>
		<td>
			<input type="submit" name="save_edited_note" value="Save Status Note" style="margin-right: 20px" /> <!--  onclick="window.close() -->
			Hide Note from Applicant<input name="visible" type="checkbox" checked="checked" value="0" style="margin-left: 10px; vertical-align: text-bottom">
			<input type="hidden" name="users_id" value="<?=$_SESSION['users_id'];?>" /><input type="hidden" name="id" value="<?=$_SESSION['id'];?>" />
		</td>
	</tr>
</table>

</form>

</div>


Re: Saving Data to db from Javascript Pop-Up Window

Posted: Mon Nov 16, 2015 1:55 pm
by Celauran
Doesn't look like $id is defined in your $_POST block. You're setting it to $_GET['id'], but aren't passing any query string to the form action, so $_GET['id'] is null. You are, however, setting it in a hidden form field. You could leverage that to get the correct ID.

Re: Saving Data to db from Javascript Pop-Up Window

Posted: Mon Nov 16, 2015 2:04 pm
by diseman
I am passing the [id] = 'some number' on the previous page, but that's been a problem with the javascript pop-up window not seeing it. That's why I decided to pass it in the URL instead.

Re: Saving Data to db from Javascript Pop-Up Window

Posted: Mon Nov 16, 2015 3:14 pm
by Celauran

Code: Select all

if (isset($_POST['save_edited_note'])) {
    $id = $_POST['id'];
    ... // other code here

Re: Saving Data to db from Javascript Pop-Up Window

Posted: Mon Nov 16, 2015 5:58 pm
by diseman
Thanks Celauran. Good to see you again by the way.

I added that code many, many, many times in the past two days, but was going in circles 'cause I could get PART 2 to work with it, BUT if I put

Code: Select all

if (isset($_POST['edit_note']))
in PART 1 the

Code: Select all

$id = $_GET['id'];
no longer works. I have also tried to get the

Code: Select all

$_POST['id']
data, but it doesn't seem to pass the post data to the Javascript pop-up window.

So, I going to take a different approach. I'm gonna leave PART 2 alone for now as it's working and see if you can help me get PART 1 working.

Ok, so I put in

Code: Select all

if (isset($_POST['edit_note']))
, but now the GET doesn't work and I'm without an $ID again. If I take out the isset, I'll get the ID, but with other errors. POST data doesn't work for me yet, so I left it out for now.

Code: Select all


// PART 1: Get data to show in javascript pop-up window ---------------->

 	if (isset($_POST['edit_note'])) {

	$id = $_GET['id'];

		$query = "SELECT userid, status_note, visible
				FROM status_notes
				WHERE id = '".$id."' && userid = '".$_SESSION['users_id']."' ";

				$result = mysqli_query($con, $query) or die (mysqli_error($con));

				if (!$result) die(mysqli_error());

				else	{

					$row = mysqli_fetch_object($result);

					$status_note = $row->status_note;
					$visible = $row->visible;
				}
 }


Re: Saving Data to db from Javascript Pop-Up Window

Posted: Mon Nov 16, 2015 6:37 pm
by Celauran

Code: Select all

         if (isset($_POST['edit_note'])) {
Wait, this is new. This wasn't there before.

Code: Select all

<?php

// This is your "Part 1"
if (isset($_GET['id'])) {
    $id = $_GET['id'];
    // other stuff
}

// This is your "Part 2"
if (isset($_POST['id'])) {
    $id = $_POST['id'];
    // do stuff here
}

Re: Saving Data to db from Javascript Pop-Up Window

Posted: Mon Nov 16, 2015 6:47 pm
by diseman
I incorporated your code suggestion in part 2. then, went back and tried to make part 1 work, but couldn't. Just to be clear, here's where I'm sitting at the moment waiting for your assistance:

Code: Select all


<?php session_start(); echo "<pre>"; print_r($_POST); echo "</pre>";

include("../_includes/_connect.php");

// set undefined variable(s)

$status_note = null;


// PART 1: Get data to show in javascript pop-up window ---------------->

 	if (isset($_POST['edit_note'])) {

	$id = $_GET['id'];

		$query = "SELECT userid, status_note, visible
				FROM status_notes
				WHERE id = '".$id."' && userid = '".$_SESSION['users_id']."' ";

				$result = mysqli_query($con, $query) or die (mysqli_error($con));

				if (!$result) die(mysqli_error());

				else	{

					$row = mysqli_fetch_object($result);

					$status_note = $row->status_note;
					$visible = $row->visible;
				}
 }

// PART 2: Save changed/edited data back to db ---------------->


	if (isset($_POST['save_edited_note'])) {

	$id = $_POST['id'];

	   $query = "SELECT userid, status_note, visible
	    		   FROM status_notes
			   WHERE id = '".$id."' && userid = '".$_SESSION['users_id']."' ";

			   $result = mysqli_query($con, $query) or die (mysqli_error($con));

			   	   $status_note = mysqli_real_escape_string($con, $_POST['status_note']);
	   			   //$visible = mysqli_real_escape_string($con, $_POST['visible']);

				   $sql = "UPDATE status_notes SET status_note = '$status_note'
				   WHERE id = '".$id."' && '".$_SESSION['users_id']."'  ";

				   mysqli_query($con, $sql) or die (mysqli_error($con));

	}

?>

<title>Edit Status Note for Applicant</title>

<div align="center">

<form name="edit_status_note" method="post" action="status_notes_edit_note.php">

<table cellspacing="5" >
	<tr>
		<td><textarea name="status_note" style="width: 380px; height: 200px" /><?php echo stripslashes($status_note); ?></textarea></td>
	</tr>
	<tr>
		<td>
			<input type="submit" name="save_edited_note" value="Save Status Note" style="margin-right: 20px" /> <!--  onclick="window.close() -->
			Hide Note from Applicant<input name="visible" type="checkbox" checked="checked" value="0" style="margin-left: 10px; vertical-align: text-bottom">
			<input type="hidden" name="users_id" value="<?=$_SESSION['users_id'];?>" /><input type="hidden" name="id" value="<?=$id;?>" />
		</td>
	</tr>
</table>

</form>

</div>


Re: Saving Data to db from Javascript Pop-Up Window

Posted: Mon Nov 16, 2015 7:45 pm
by Celauran

Code: Select all

         if (isset($_POST['edit_note'])) {
What's up with this line? Are you using a POST or a GET request? At a glance it looks like a GET request and wrapping it in that if is what's breaking it. Hard to say for certain as I can't see all the moving parts.

Re: Saving Data to db from Javascript Pop-Up Window

Posted: Mon Nov 16, 2015 8:16 pm
by diseman
I think this might be the only moving part that's necessary and you haven't seen from the status_note.php page:

Code: Select all

"<input type=\"submit\" name=\"edit_note\" value=\"Edit Note\" class=\"btn_acp\" onClick=\"popupEdit('".$row['id']."')\" \"/><input type=\"hidden\" name=\"id\" value=\"".$row['id']."\"/>".
So, the status note page is filled with notes displayed in date order. Next to each note is an EDIT NOTE button. Code above is code used to generate EDIT NOTE button. When clicked, it then passes POST & URL data to the Javascript Pop-Up window, which is what we've been looking at. It's doing both 'cause I've been trying to get either one of them to work. :)

Here's where we are now and the screenshot error is attached:

Code: Select all


// PART 1: Get data to show in javascript pop-up window ---------------->


	$id = $_GET['id'];

		$query = "SELECT userid, status_note, visible
				FROM status_notes
				WHERE id = '".$id."' && userid = '".$_SESSION['users_id']."' ";

				$result = mysqli_query($con, $query) or die (mysqli_error($con));

				if (!$result) die(mysqli_error());

				else	{

					$row = mysqli_fetch_object($result);

					$status_note = $row->status_note;
					$visible = $row->visible;
				}


// PART 2: Save changed/edited data back to db ---------------->

If, I put an isset at the start of part 1, then the GET ID doesn't work. Without the isset, I get the errors you see in the screenshot when I click the name="save_edited_note button" in the popup.

It's the ole damned if you do and damned if you don't. That's what I meant earlier by going in circles.

Thanks again for your help and time.

Re: Saving Data to db from Javascript Pop-Up Window

Posted: Mon Nov 16, 2015 8:36 pm
by Celauran
What I was suggesting was something more like this:

Code: Select all

<?php

session_start();

include("../_includes/_connect.php");

// set undefined variable(s)
$status_note = null;

// PART 1: Get data to show in javascript pop-up window ---------------->

if (isset($_GET['id']) && isset($_SESSION['users_id'])) {
    $id = $_GET['id'];

    // You really ought to be escaping these or, better, using prepared statements
    $query = "SELECT userid, status_note, visible
        FROM status_notes
        WHERE id = '".$id."' && userid = '".$_SESSION['users_id']."' ";

    $result = mysqli_query($con, $query) or die (mysqli_error($con));

    if (!$result) {
        die(mysqli_error());
    } else {
        $row = mysqli_fetch_object($result);

        $status_note = $row->status_note;
        $visible = $row->visible;
    }
}

// PART 2: Save changed/edited data back to db ---------------->

if (isset($_POST['save_edited_note'])) {
    $id = $_POST['id'];

    $query = "SELECT userid, status_note, visible
        FROM status_notes
        WHERE id = '".$id."' && userid = '".$_SESSION['users_id']."' ";

    $result = mysqli_query($con, $query) or die (mysqli_error($con));

    $status_note = mysqli_real_escape_string($con, $_POST['status_note']);

    $sql = "UPDATE status_notes SET status_note = '$status_note'
        WHERE id = '".$id."' && '".$_SESSION['users_id']."'  ";

    mysqli_query($con, $sql) or die (mysqli_error($con));
}

?>

<title>Edit Status Note for Applicant</title>

<div align="center">

<form name="edit_status_note" method="post" action="status_notes_edit_note.php">

<table cellspacing="5" >
        <tr>
                <td><textarea name="status_note" style="width: 380px; height: 200px" /><?php echo stripslashes($status_note); ?></textarea></td>
        </tr>
        <tr>
                <td>
                        <input type="submit" name="save_edited_note" value="Save Status Note" style="margin-right: 20px" /> <!--  onclick="window.close() -->
                        Hide Note from Applicant<input name="visible" type="checkbox" checked="checked" value="0" style="margin-left: 10px; vertical-align: text-bottom">
                        <input type="hidden" name="users_id" value="<?=$_SESSION['users_id'];?>" /><input type="hidden" name="id" value="<?=$id;?>" />
                </td>
        </tr>
</table>

</form>

</div>

Re: Saving Data to db from Javascript Pop-Up Window

Posted: Mon Nov 16, 2015 8:56 pm
by diseman
Thank you so much Celeraun. I can't believe how close I was and couldn't see that! Looking at it now, I think you're right. I was mixing-up POSTs and GETs in part one.

Listen, there's one more small piece to this puzzle.

While learning PHP, I have been hiding from using checkboxes to indicate on/off or in my case 0 & 1. I've always used drop-down menus 'cause I once saw how someone did it and have stuck with it ever since.

Can you show me how to retrieve a 0 or 1 from the database and appropriately fill (or not fill) the checkbox in the pop-up form?

The db column is: visible ($visible). Meaning, can the user see it (1) or is it invisible to them (0). Right now, in my learning db, all 'visible' records have a 1 stored in them.

Just need to add:

Code: Select all

, visible = '$visible'
to Part 2's sql and everything else is somewhat ready to go.

Lastly, you're right I know. I should be learning PDO and prepared statements (OOP). However, I'm only into my second month of programming and I just wanted to focus on something I felt comfortable with before moving onto that part. I will be doing it though.

Re: Saving Data to db from Javascript Pop-Up Window

Posted: Tue Nov 17, 2015 6:37 am
by Celauran
PDO and prepared statements are great, and I definitely encourage you to learn them, but I also appreciate that having too many new concepts in one's head can become overwhelming. Get a solid understanding of what you're working on now, move on to more advanced concepts later. Totally reasonable approach. At the very least -- and I've seen you do this in some places -- use mysqli_real_escape_string before passing variables into your query. It's just a good habit to get into (and will make you appreciate prepared statements all the more). I repeat this again and again because you don't want to fall into the habit of security being an afterthought.

Re: Saving Data to db from Javascript Pop-Up Window

Posted: Tue Nov 17, 2015 6:40 am
by Celauran
diseman wrote:While learning PHP, I have been hiding from using checkboxes to indicate on/off or in my case 0 & 1. I've always used drop-down menus 'cause I once saw how someone did it and have stuck with it ever since.
I think checkboxes are the right way to handle binary options (on/off, true/false, yes/no). What I typically do is set the value of the checkbox to 1 so that checked = true. If the box is not checked, it will not be included in your $_POST array, so you can use isset when processing the form to update your DB.

Re: Saving Data to db from Javascript Pop-Up Window

Posted: Tue Nov 17, 2015 6:43 am
by diseman
ok, will start working on this now. thank you.

Re: Saving Data to db from Javascript Pop-Up Window

Posted: Tue Nov 17, 2015 7:56 am
by diseman
Got it.

Thank you again for all your help and advice.

Until next time!

Michael