Submit pre-populated fields to MSSQL DB
Posted: Fri Feb 15, 2008 1:35 pm
Noob here. This is my first PHP project.
I'm using this form to SELECT a row(values) from a MSSQL DB:
The form does populate with the correct info when I enter the rowid.
What I'm trying to do from there is submit to the script below to determine if the values should be updated
in the DB, or if it's a new record, which should be inserted:
But, once the values are populated on the first form and I edit and submit them, I get:
Forbidden: You cannot access this page directly,
Which makes me think that $_POST[submit] is not set? I'm sure the code isn't nearly as
clean as it could be. Any assistance is much appreciated.
Jolok
I'm using this form to SELECT a row(values) from a MSSQL DB:
Code: Select all
<?php
// input the id to update
$rowID = $_POST[rowid];
//database connection variables
$myServer = "DBServer";
$myUser = "username";
$myPass = "password";
$myDB = "DB";
//connection to the database
$dbhandle = mssql_connect($myServer, $myUser, $myPass)
or die("Couldn't connect to SQL Server on $myServer");
//select a database to work with
$selected = mssql_select_db($myDB, $dbhandle)
or die("Couldn't open database $myDB");
$query = "SELECT Field1, Field2 ";
$query .= "FROM dbo.Log where varID = $varID";
//execute the SQL query and return records
$result = mssql_query($query, $dbhandle);
$return = mssql_get_last_message();
$row = mssql_fetch_assoc($result);
?>
<HTML>
<HEAD>
</HEAD>
<BODY>
<BR>
<IMG src="images/Logo.gif" align=top _alt="">
<FORM name="RetrieveRecord" action="<?php echo $PHP_SELF;?>" method="POST">
Record ID: <INPUT type="text" name="varid" size="4" value="" />
<INPUT type="submit" name="retrieve" value="Go" />
</FORM>
<FORM name="UpdateRecord" action="post_insert_record.php" method="POST">
<P>
<FIELDSET>
<LEGEND><b>Record Form</b></LEGEND>
<TABLE>
<TR>
<TD>Field1</TD>
<TD>
<?php
echo '<INPUT type="text" name="field1" value="'.$row[Field1].'" />';
?>
</TD>
</TR>
<TR>
<TD>Field2</TD>
<TD>
<?php
echo '<INPUT type="text" name="field2" value="'.$row[Field2].'" />';
?>
</TD>
</TR>
</TABLE>
</FIELDSET>
<br>
<INPUT type="submit" name="update" value="Submit" />
</P>
</FORM>
</BODY>
</HTML>
What I'm trying to do from there is submit to the script below to determine if the values should be updated
in the DB, or if it's a new record, which should be inserted:
Code: Select all
<?php
// set the default timezone to use.
date_default_timezone_set('America/Chicago');
if (isset($_POST[submit])) {
//database connection variables
$myServer = "DBServer";
$myUser = "username";
$myPass = "password";
$myDB = "DB";
$successURL = "http://webserver/Success.html";
//connection to the database
$dbhandle = mssql_connect($myServer, $myUser, $myPass)
or die("Couldn't connect to SQL Server $myServer");
//select a database to work with
$selected = mssql_select_db($myDB, $dbhandle)
or die("Couldn't open database $myDB");
if (isset($rowID)) {
// UPDATE query - Existing Alarm
$query = "UPDATE dbo.Log set Field1 = '$_POST[field1]', Field2 = '$_POST[field2]' ";
$query .= "WHERE RowID = $rowID";
} else {
// INSERT query - New Alarm
$query = "INSERT INTO dbo.Log (Field1, Field2) ";
$query .= "VALUES ( '$_POST[field1]', '$_POST[field2]')";
}
//execute the SQL query and return records
$result = mssql_query($query, $dbhandle);
//I want to see what the SQL server returns
$return = mssql_get_last_message();
if ($return = "Changed database context to '$dbname'.")
{
header( "Location: $successURL" );
} else {
echo $return;
//close the connection to the database
mssql_close($dbhandle);
exit();
}
// if the user didn't submit data from the webform, send this error
} else {
echo "Forbidden: You cannot access this page directly";
exit;
}
?>
Forbidden: You cannot access this page directly,
Which makes me think that $_POST[submit] is not set? I'm sure the code isn't nearly as
clean as it could be. Any assistance is much appreciated.
Jolok