Problems with pasing variables from page to page.

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
dmyers
Forum Newbie
Posts: 7
Joined: Sat May 03, 2003 5:43 pm
Location: Texas, USA

Problems with pasing variables from page to page.

Post by dmyers »

:?: To start with let me first say I have read the Stickys.

I have this code which consits of four pages. It is a simple update routine that turned out not to be so simple. I can get the values for password and email to display correctly, but for some reason can not get the username to display. I am using MySQL.

Here is the code:
(mod_edit: added

Code: Select all

tags to code) 
==== List.php ====

Code: Select all

<head>
<style>
td{
font-family:arial;
font-size:8pt;
color:#696969;
}
.wh{
color:white;
}
.more{
color:#0974A6;
}
.menu{
color:#748B3D;

}
</style>
</head>
<link href="style.css" rel="stylesheet" media="screen"> 
<div align="center"> <span class="headers">Password Recovery Profile</span><br>
  <br>
    <table width="650" cellspacing="2" border="0" cellpadding="1">
    <tr bgcolor="#DADADA" align="center"> 
      <td bgcolor="A5E2FF"><font color="#000000">Username</font></td>
      <td bgcolor="A5E2FF"><font color="#000000">Password</font></td>
      <td bgcolor="A5E2FF"><font color="#000000">E-Mail</font></td>
      <td bgcolor="A5E2FF"><font color="#000000">Edit</font></td>
    </tr>
    <?php
mysql_connect($db_host, $db_user, $db_pass); 
mysql_select_db($db_name); 
$result = mysql_query("select * from $db_table where uname != 'sa'"); 
while($r=mysql_fetch_array($result)) 
{ 
$_POST[username]=$r['uname']; 
$_POST[password]=$r['pass2']; 
$_POST[email]=$r['email']; 
print ' 
<tr> 
        <td><center>' . $_POST[username] . '</center></td> 
        <td><center>' . $_POST[password] . '</center></td> 
        <td>' . $_POST[email] . '</td> 
        <td><center><a href="index.php?todo=edit&editid=' . $_POST[username] . '">edit</center></td> 
</tr>'; 
} 
?>
  </table> 
</div>
==== edit.php ====

Code: Select all

<head>
<style>
td{
font-family:arial;
font-size:8pt;
color:#696969;
}
.wh{
color:white;
}
.more{
color:#0974A6;
}
.menu{
color:#748B3D;

}
</style>
</head>
<? 
mysql_connect($db_host, $db_user, $db_pass); 
mysql_select_db($db_name); 
$result = mysql_query("SELECT * FROM $db_table WHERE uname=$editid"); 
$edit = mysql_fetch_array($result);
?> 
<form method="post" action="index.php"> 
<input type="hidden" name="todo" value="update"> 
<input type="hidden" name="uname" value="<? echo $edit["editid"] ?>"> 
  <table bordercolor="#000000" border="1" align="center" width="40%" height="138" cellpadding="4">
    <tr bgcolor="A5E2FF"> 
      <td width="104"><b><font color="#000000">Username:</font></b></td>
      <td width="269" bgcolor="A5E2FF"> <font color="#000000"> 
        <? print $edit["uname"] ?>
        </font> </td>
    </tr>
    <tr bgcolor="A5E2FF"> 
      <td width="104"> 
        <p><b><font color="#000000">Password:</font></b></p>
      </td>
      <td width="269"> 
        <input type="text" name="password" value="<? print $edit["pass2"] ?>">
      </td>
    </tr>
    <tr bgcolor="A5E2FF"> 
      <td width="104"><b><font color="#000000">E-Mail Address:</font></b></td>
      <td width="269"> 
        <input type="text" name="email" value="<? print $edit["email"] ?>" size="35">
      </td>
    </tr>
  </table> 
  <br><div align="center">
    <p>
      <input type="submit" name="submit" value="Update Profile">
    </p>
    <? echo $_POST[$username]?>
  </div>
  <div align="center"></div>
</form>
==== update.php ====

Code: Select all

<? 
mysql_connect($db_host, $db_user, $db_pass); 
mysql_select_db($db_name); 
// $result = mysql_query("UPDATE $db_table SET pass2=$password,email=$email WHERE uname='$username'"); 
$result = mysql_query("UPDATE $db_table SET pass2=$_POST[password], email=$_POST[email] WHERE id=$_POST[username]");
print ' 
<table border=1>
<tr> 
        <td>' . $_POST[username] . '</td> 
        <td>' . $_POST[password] . '</td> 
        <td>' . $_POST[email] . '</td> 
</tr>
</table>';
?>
==== index.php ====

Code: Select all

<? 
require("vars.php"); //for database connection vars 
switch ($todo) { 
case "add": 
//dispaly a blank form 
$title="Add new entry"; //used by header 
require("header.php"); // your page header 
require("add.php"); // submits to index.php?todo=save 
require("footer.php"); // your page footer 
break; 
case "edit": 
// pull the data from db and plugs into form 
$title = "Edit Existing Entry"; // used by header 
require("header.php"); // your page header 
require("edit.php"); // edits $editid, submits to index.php?todo=update 
require("footer.php"); // your page footer 
break; 
case "delete": 
require("delete.php"); // deletes $deleteid from the db 
header("Location: index.php"); // go to listing 
break; 
case "save": 
require("save.php"); // add new entry to db 
header("Location: index.php"); // go to listing 
break; 
case "update": 
require("update.php"); // update the db where id=$id 
header("Location: index.php"); // go to listing 
break; 
default: 
$title = "Viewing All Entries"; // used by header 
require("header.php"); // your page header 
require("list.php"); //show all entries 
require("footer.php"); // your page footer 
break; 
} 
?>
==== end of code ====

All of my database connects seem to work for everything else except this update.

I am also having problems with the list.php page. I want it only to display the info for the current user and not the entire list. I have tried to edit the SQL SELECT statement with a WHERE, but I guess I am not getting that variable either.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

let's begin with List.php and edit.php
Why do you assign $_POST[username]=$r['uname']; in List.php?
edit.php wrote:$result = mysql_query("SELECT * FROM $db_table WHERE uname=$editid");
If you have a recent version of php with register_globals off you should try

Code: Select all

$result = mysql_query("SELECT * FROM $db_table WHERE uname=".$_GET['editid']);
dmyers
Forum Newbie
Posts: 7
Joined: Sat May 03, 2003 5:43 pm
Location: Texas, USA

Answer

Post by dmyers »

I have tried several things including every variation of variable I can think of. I basically left it where I ran out of ideas. I will make the changes you suggested and see if that works. I would really like to thank you for your time.
dmyers
Forum Newbie
Posts: 7
Joined: Sat May 03, 2003 5:43 pm
Location: Texas, USA

Post by dmyers »

Let me go into a little more detail.

list.php is used to display a list of usernames, passwords, email addresses and an edit link for each record in the list. All of this is on a webpage, which works fine except I want to be able to display only the user that is currently logged in. I have a cookie set that I should be able to use to retrieve the username ( echo $_COOKIE['PASSWORD'] ). I think so anyway.

$_POST[username]=$r['uname']; // used to display a list of the usernames

$_POST[password]=$r['uname']; // used to display a list of the passwords

$_POST[username]=$r['uname']; // used to display a list of the email addresses in a row, along wth the username and passwords above make one row in the list.

I sucessfully pass the variable $editid, which is another form of the username, to edit.php from list.php but can not pass that variable to update.php

update.php is a webform that allows the user to edit the record that was selected in list.php. For an example go to:

http://www.4-webdesign.net/glta/secure/prprofile/

and click on any edit link. When you click on the update profile button on update.php you will see a screen that echos the variables. I was just trying to display them so I knew I was getting them correctly.

If I can get the username variable to update.php I should be able to update the record that was clicked on in list.php
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

so either register_globals is on or you're using an older version of php?
in edit.php you have
<input type="hidden" name="uname" value="<? echo $edit["editid"] ?>">
is $edit["editid"] what you want?
If you make the first php-block

Code: Select all

<?php
error_reporting(E_ALL);
ini_set('display_errors', TRUE);
mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_name);
$result = mysql_query("SELECT * FROM $db_table WHERE uname=$editid");
$edit = mysql_fetch_array($result);
?>
do you get undefined index warnings?
dmyers
Forum Newbie
Posts: 7
Joined: Sat May 03, 2003 5:43 pm
Location: Texas, USA

Post by dmyers »

The $editid is what I want to pass onto update.php I can get it in edit.php just fine, just can not pass it to update.php

This is what I get if I plug that code into edit.php

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/a4-webde/public_html/glta/secure/prprofile/edit.php on line 26


20 <?
21 error_reporting(E_ALL);
22 ini_set('display_errors', TRUE);
23 mysql_connect($db_host, $db_user, $db_pass);
24 mysql_select_db($db_name);
25 $result = mysql_query("SELECT * FROM $db_table WHERE uname=$editid");
26 $edit = mysql_fetch_array($result);
27 ?>
dmyers
Forum Newbie
Posts: 7
Joined: Sat May 03, 2003 5:43 pm
Location: Texas, USA

Figured out some of it

Post by dmyers »

I have figured out everything except my update does not work. I know I am getting all of the right variables to all of the pages. I changed some of the code on edit.php, update.php and list.php

Here is the new code for those of you who want an exmaple of how to fix the problems I was having.

==== list.php ====

<head>
<style>
td{
font-family:arial;
font-size:8pt;
color:#696969;
}
.wh{
color:white;
}
.more{
color:#0974A6;
}
.menu{
color:#748B3D;

}
</style>
</head>
<link href="style.css" rel="stylesheet" media="screen">
<div align="center">
<table width="40%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
<div align="center"><b><font color="#000000">Password Recovery Profile
for user</font></b></div>
</td>
</tr>
</table>
<p><font face="Verdana, Arial, Helvetica, sans-serif"><font color="red">
<? echo $_COOKIE['USERNAME'] ?>
</font></font><br>
</p>
<table width="650" cellspacing="2" border="0" cellpadding="1">
<tr bgcolor="#DADADA" align="center">
<td bgcolor="A5E2FF"><font color="#000000">Username</font></td>
<td bgcolor="A5E2FF"><font color="#000000">Password</font></td>
<td bgcolor="A5E2FF"><font color="#000000">E-Mail</font></td>
<td bgcolor="A5E2FF"><font color="#000000">Edit</font></td>
</tr>
<?php
mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_name);
$result = mysql_query("select * from $db_table where uname = $_COOKIE[USERNAME]");
while($r=mysql_fetch_array($result))
{
$_POST[username]=$r['uname'];
$_POST[password]=$r['pass2'];
$_POST[email]=$r['email'];
print '
<tr>
<td><center>' . $_POST[username] . '</center></td>
<td><center>' . $_POST[password] . '</center></td>
<td><center>' . $_POST[email] . '<center></td>
<td><center><a href="index.php?todo=edit&editid=' . $_POST[username] . '">edit</center></td>
</tr>';
}
?>
</table>
</div>



==== edit.php ====

<head>
<style>
td{
font-family:arial;
font-size:8pt;
color:#696969;
}
.wh{
color:white;
}
.more{
color:#0974A6;
}
.menu{
color:#748B3D;

}
</style>
</head>
<?
// error_reporting(E_ALL);
// ini_set('display_errors', TRUE);
mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_name);
$result = mysql_query("SELECT * FROM $db_table WHERE uname=$editid");
$edit = mysql_fetch_array($result);
?>
<form method="post" action="index.php">
<input type="hidden" name="todo" value="update">
<input type="hidden" name="uname" value="<? echo $edit["editid"] ?>">
<table bordercolor="#000000" border="1" align="center" width="40%" height="138" cellpadding="4">
<tr bgcolor="A5E2FF">
<td width="104"><b><font color="#000000">Username:</font></b></td>
<td width="269" bgcolor="A5E2FF"> <font color="#000000">
<? print $edit["uname"] ?>
</font> </td>
</tr>
<tr bgcolor="A5E2FF">
<td width="104">
<p><b><font color="#000000">Password:</font></b></p>
</td>
<td width="269">
<input type="text" name="password" value="<? print $_COOKIE['PASSWORD'] ?>">
</td>
</tr>
<tr bgcolor="A5E2FF">
<td width="104"><b><font color="#000000">E-Mail Address:</font></b></td>
<td width="269">
<input type="text" name="email" value="<? print $edit["email"] ?>" size="35">
</td>
</tr>
</table>
<br><div align="center">
<p>
<input type="submit" name="submit" value="Update Profile">
</p>
</div>
<div align="center"></div>
</form>


==== update.php ====

<?
mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_name);
// $result = mysql_query("UPDATE $db_table SET pass2=$password,email=$email WHERE uname = '$username'");
$result = mysql_query("UPDATE $db_table SET uname={$_COOKIE['USERNAME']}, pass2=$_POST[password], email=$_POST[email] WHERE uname={$_COOKIE['USERNAME']}");
print '
<center>Variable Values</center><br>
<center><table border=1 bordercolor = "blue">
<tr>
<td> Username: </td>
<td>' . $_COOKIE['USERNAME'] . '</td>
</tr>
<tr>
<td> Password: </td>
<td>' . $_POST[password] . '</td>
</tr>
<tr>
<td> E-mail address: </td>
<td>' . $_POST[email] . '</td>
</tr>
</table></center>';
?>


==== end of code ====

I used a cookie that I had set in the login process to get the username to pass to all of the pages. The syntax I used as a variable was $_COOKIE[USERNAME]

I cant figure out why my update does not work. And on top of that when I click update I get the following message.

Warning: Cannot add header information - headers already sent by (output started at /home/a4-webde/public_html/glta/secure/prprofile/update.php:21) in /home/a4-webde/public_html/glta/secure/prprofile/index.php on line 28

The above error message refernces index.php so the code for that page is below.

==== insex.php ====

<?
require("vars.php"); //for database connection vars
switch ($todo) {
case "add":
//dispaly a blank form
$title="Add new entry"; //used by header
require("header.php"); // your page header
require("add.php"); // submits to index.php?todo=save
require("footer.php"); // your page footer
break;
case "edit":
// pull the data from db and plugs into form
$title = "Edit Existing Entry"; // used by header
require("header.php"); // your page header
require("edit.php"); // edits $editid, submits to index.php?todo=update
require("footer.php"); // your page footer
break;
case "delete":
require("delete.php"); // deletes $deleteid from the db
header("Location: index.php"); // go to listing
break;
case "save":
require("save.php"); // add new entry to db
header("Location: index.php"); // go to listing
break;
case "update":
require("update.php"); // update the db where id=$id
header("Location: index.php"); // go to listing
break;
default:
$title = "Viewing All Entries"; // used by header
require("header.php"); // your page header
require("list.php"); //show all entries
require("footer.php"); // your page footer
break;
}
?>

==== end of code ====

Any ideas would be great and much appreciated.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

replace
$result = mysql_query("SELECT * FROM $db_table WHERE uname=$editid");
by

Code: Select all

$query = "SELECT * FROM $db_table WHERE uname=$editid";
$result = mysql_query($query) or die($query.': '.mysql_error());
in edit.php
dmyers
Forum Newbie
Posts: 7
Joined: Sat May 03, 2003 5:43 pm
Location: Texas, USA

changing edit.php

Post by dmyers »

edit.php is working. The problem now is in my update.php It will not update the record.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/a4-webde/public_html/glta/secure/prprofile/edit.php on line 26
I doubt it does. If you pass something else than a mysql result resource to mysql_fetch_array() you get an empty array (actually not an array at all) as return value. Since your (not-a-) resource variable is the result of mysql_query() directly before fetch_array it's quite certain that this query has failed.

Code: Select all

$query = "SELECT * FROM $db_table WHERE uname=$editid";
$result = mysql_query($query) or die($query.': '.mysql_error());
will show you the query and the error message in case the query failed.
You really should try it.
Post Reply