Page 1 of 1
Problems with pasing variables from page to page.
Posted: Sat May 03, 2003 5:43 pm
by dmyers

To start with let me first say I have read the Stickys.
I have this code which consits of four pages. It is a simple update routine that turned out not to be so simple. I can get the values for password and email to display correctly, but for some reason can not get the username to display. I am using MySQL.
Here is the code:
(mod_edit: added
Code: Select all
<head>
<style>
td{
font-family:arial;
font-size:8pt;
color:#696969;
}
.wh{
color:white;
}
.more{
color:#0974A6;
}
.menu{
color:#748B3D;
}
</style>
</head>
<link href="style.css" rel="stylesheet" media="screen">
<div align="center"> <span class="headers">Password Recovery Profile</span><br>
<br>
<table width="650" cellspacing="2" border="0" cellpadding="1">
<tr bgcolor="#DADADA" align="center">
<td bgcolor="A5E2FF"><font color="#000000">Username</font></td>
<td bgcolor="A5E2FF"><font color="#000000">Password</font></td>
<td bgcolor="A5E2FF"><font color="#000000">E-Mail</font></td>
<td bgcolor="A5E2FF"><font color="#000000">Edit</font></td>
</tr>
<?php
mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_name);
$result = mysql_query("select * from $db_table where uname != 'sa'");
while($r=mysql_fetch_array($result))
{
$_POST[username]=$r['uname'];
$_POST[password]=$r['pass2'];
$_POST[email]=$r['email'];
print '
<tr>
<td><center>' . $_POST[username] . '</center></td>
<td><center>' . $_POST[password] . '</center></td>
<td>' . $_POST[email] . '</td>
<td><center><a href="index.php?todo=edit&editid=' . $_POST[username] . '">edit</center></td>
</tr>';
}
?>
</table>
</div>
==== edit.php ====
Code: Select all
<head>
<style>
td{
font-family:arial;
font-size:8pt;
color:#696969;
}
.wh{
color:white;
}
.more{
color:#0974A6;
}
.menu{
color:#748B3D;
}
</style>
</head>
<?
mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_name);
$result = mysql_query("SELECT * FROM $db_table WHERE uname=$editid");
$edit = mysql_fetch_array($result);
?>
<form method="post" action="index.php">
<input type="hidden" name="todo" value="update">
<input type="hidden" name="uname" value="<? echo $edit["editid"] ?>">
<table bordercolor="#000000" border="1" align="center" width="40%" height="138" cellpadding="4">
<tr bgcolor="A5E2FF">
<td width="104"><b><font color="#000000">Username:</font></b></td>
<td width="269" bgcolor="A5E2FF"> <font color="#000000">
<? print $edit["uname"] ?>
</font> </td>
</tr>
<tr bgcolor="A5E2FF">
<td width="104">
<p><b><font color="#000000">Password:</font></b></p>
</td>
<td width="269">
<input type="text" name="password" value="<? print $edit["pass2"] ?>">
</td>
</tr>
<tr bgcolor="A5E2FF">
<td width="104"><b><font color="#000000">E-Mail Address:</font></b></td>
<td width="269">
<input type="text" name="email" value="<? print $edit["email"] ?>" size="35">
</td>
</tr>
</table>
<br><div align="center">
<p>
<input type="submit" name="submit" value="Update Profile">
</p>
<? echo $_POST[$username]?>
</div>
<div align="center"></div>
</form>
==== update.php ====
Code: Select all
<?
mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_name);
// $result = mysql_query("UPDATE $db_table SET pass2=$password,email=$email WHERE uname='$username'");
$result = mysql_query("UPDATE $db_table SET pass2=$_POST[password], email=$_POST[email] WHERE id=$_POST[username]");
print '
<table border=1>
<tr>
<td>' . $_POST[username] . '</td>
<td>' . $_POST[password] . '</td>
<td>' . $_POST[email] . '</td>
</tr>
</table>';
?>
==== index.php ====
Code: Select all
<?
require("vars.php"); //for database connection vars
switch ($todo) {
case "add":
//dispaly a blank form
$title="Add new entry"; //used by header
require("header.php"); // your page header
require("add.php"); // submits to index.php?todo=save
require("footer.php"); // your page footer
break;
case "edit":
// pull the data from db and plugs into form
$title = "Edit Existing Entry"; // used by header
require("header.php"); // your page header
require("edit.php"); // edits $editid, submits to index.php?todo=update
require("footer.php"); // your page footer
break;
case "delete":
require("delete.php"); // deletes $deleteid from the db
header("Location: index.php"); // go to listing
break;
case "save":
require("save.php"); // add new entry to db
header("Location: index.php"); // go to listing
break;
case "update":
require("update.php"); // update the db where id=$id
header("Location: index.php"); // go to listing
break;
default:
$title = "Viewing All Entries"; // used by header
require("header.php"); // your page header
require("list.php"); //show all entries
require("footer.php"); // your page footer
break;
}
?>
==== end of code ====
All of my database connects seem to work for everything else except this update.
I am also having problems with the list.php page. I want it only to display the info for the current user and not the entire list. I have tried to edit the SQL SELECT statement with a WHERE, but I guess I am not getting that variable either.
Posted: Sat May 03, 2003 6:10 pm
by volka
let's begin with List.php and edit.php
Why do you assign
$_POST[username]=$r['uname']; in List.php?
edit.php wrote:$result = mysql_query("SELECT * FROM $db_table WHERE uname=$editid");
If you have a recent version of php with register_globals off you should try
Code: Select all
$result = mysql_query("SELECT * FROM $db_table WHERE uname=".$_GET['editid']);
Answer
Posted: Sun May 04, 2003 5:17 am
by dmyers
I have tried several things including every variation of variable I can think of. I basically left it where I ran out of ideas. I will make the changes you suggested and see if that works. I would really like to thank you for your time.
Posted: Sun May 04, 2003 11:20 am
by dmyers
Let me go into a little more detail.
list.php is used to display a list of usernames, passwords, email addresses and an edit link for each record in the list. All of this is on a webpage, which works fine except I want to be able to display only the user that is currently logged in. I have a cookie set that I should be able to use to retrieve the username ( echo $_COOKIE['PASSWORD'] ). I think so anyway.
$_POST[username]=$r['uname']; // used to display a list of the usernames
$_POST[password]=$r['uname']; // used to display a list of the passwords
$_POST[username]=$r['uname']; // used to display a list of the email addresses in a row, along wth the username and passwords above make one row in the list.
I sucessfully pass the variable $editid, which is another form of the username, to edit.php from list.php but can not pass that variable to update.php
update.php is a webform that allows the user to edit the record that was selected in list.php. For an example go to:
http://www.4-webdesign.net/glta/secure/prprofile/
and click on any edit link. When you click on the update profile button on update.php you will see a screen that echos the variables. I was just trying to display them so I knew I was getting them correctly.
If I can get the username variable to update.php I should be able to update the record that was clicked on in list.php
Posted: Sun May 04, 2003 11:43 am
by volka
so either register_globals is on or you're using an older version of php?
in edit.php you have
<input type="hidden" name="uname" value="<? echo $edit["editid"] ?>">
is
$edit["editid"] what you want?
If you make the first php-block
Code: Select all
<?php
error_reporting(E_ALL);
ini_set('display_errors', TRUE);
mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_name);
$result = mysql_query("SELECT * FROM $db_table WHERE uname=$editid");
$edit = mysql_fetch_array($result);
?>
do you get
undefined index warnings?
Posted: Sun May 04, 2003 8:54 pm
by dmyers
The $editid is what I want to pass onto update.php I can get it in edit.php just fine, just can not pass it to update.php
This is what I get if I plug that code into edit.php
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/a4-webde/public_html/glta/secure/prprofile/edit.php on line 26
20 <?
21 error_reporting(E_ALL);
22 ini_set('display_errors', TRUE);
23 mysql_connect($db_host, $db_user, $db_pass);
24 mysql_select_db($db_name);
25 $result = mysql_query("SELECT * FROM $db_table WHERE uname=$editid");
26 $edit = mysql_fetch_array($result);
27 ?>
Figured out some of it
Posted: Mon May 05, 2003 12:23 am
by dmyers
I have figured out everything except my update does not work. I know I am getting all of the right variables to all of the pages. I changed some of the code on edit.php, update.php and list.php
Here is the new code for those of you who want an exmaple of how to fix the problems I was having.
==== list.php ====
<head>
<style>
td{
font-family:arial;
font-size:8pt;
color:#696969;
}
.wh{
color:white;
}
.more{
color:#0974A6;
}
.menu{
color:#748B3D;
}
</style>
</head>
<link href="style.css" rel="stylesheet" media="screen">
<div align="center">
<table width="40%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td>
<div align="center"><b><font color="#000000">Password Recovery Profile
for user</font></b></div>
</td>
</tr>
</table>
<p><font face="Verdana, Arial, Helvetica, sans-serif"><font color="red">
<? echo $_COOKIE['USERNAME'] ?>
</font></font><br>
</p>
<table width="650" cellspacing="2" border="0" cellpadding="1">
<tr bgcolor="#DADADA" align="center">
<td bgcolor="A5E2FF"><font color="#000000">Username</font></td>
<td bgcolor="A5E2FF"><font color="#000000">Password</font></td>
<td bgcolor="A5E2FF"><font color="#000000">E-Mail</font></td>
<td bgcolor="A5E2FF"><font color="#000000">Edit</font></td>
</tr>
<?php
mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_name);
$result = mysql_query("select * from $db_table where uname = $_COOKIE[USERNAME]");
while($r=mysql_fetch_array($result))
{
$_POST[username]=$r['uname'];
$_POST[password]=$r['pass2'];
$_POST[email]=$r['email'];
print '
<tr>
<td><center>' . $_POST[username] . '</center></td>
<td><center>' . $_POST[password] . '</center></td>
<td><center>' . $_POST[email] . '<center></td>
<td><center><a href="index.php?todo=edit&editid=' . $_POST[username] . '">edit</center></td>
</tr>';
}
?>
</table>
</div>
==== edit.php ====
<head>
<style>
td{
font-family:arial;
font-size:8pt;
color:#696969;
}
.wh{
color:white;
}
.more{
color:#0974A6;
}
.menu{
color:#748B3D;
}
</style>
</head>
<?
// error_reporting(E_ALL);
// ini_set('display_errors', TRUE);
mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_name);
$result = mysql_query("SELECT * FROM $db_table WHERE uname=$editid");
$edit = mysql_fetch_array($result);
?>
<form method="post" action="index.php">
<input type="hidden" name="todo" value="update">
<input type="hidden" name="uname" value="<? echo $edit["editid"] ?>">
<table bordercolor="#000000" border="1" align="center" width="40%" height="138" cellpadding="4">
<tr bgcolor="A5E2FF">
<td width="104"><b><font color="#000000">Username:</font></b></td>
<td width="269" bgcolor="A5E2FF"> <font color="#000000">
<? print $edit["uname"] ?>
</font> </td>
</tr>
<tr bgcolor="A5E2FF">
<td width="104">
<p><b><font color="#000000">Password:</font></b></p>
</td>
<td width="269">
<input type="text" name="password" value="<? print $_COOKIE['PASSWORD'] ?>">
</td>
</tr>
<tr bgcolor="A5E2FF">
<td width="104"><b><font color="#000000">E-Mail Address:</font></b></td>
<td width="269">
<input type="text" name="email" value="<? print $edit["email"] ?>" size="35">
</td>
</tr>
</table>
<br><div align="center">
<p>
<input type="submit" name="submit" value="Update Profile">
</p>
</div>
<div align="center"></div>
</form>
==== update.php ====
<?
mysql_connect($db_host, $db_user, $db_pass);
mysql_select_db($db_name);
// $result = mysql_query("UPDATE $db_table SET pass2=$password,email=$email WHERE uname = '$username'");
$result = mysql_query("UPDATE $db_table SET uname={$_COOKIE['USERNAME']}, pass2=$_POST[password], email=$_POST[email] WHERE uname={$_COOKIE['USERNAME']}");
print '
<center>Variable Values</center><br>
<center><table border=1 bordercolor = "blue">
<tr>
<td> Username: </td>
<td>' . $_COOKIE['USERNAME'] . '</td>
</tr>
<tr>
<td> Password: </td>
<td>' . $_POST[password] . '</td>
</tr>
<tr>
<td> E-mail address: </td>
<td>' . $_POST[email] . '</td>
</tr>
</table></center>';
?>
==== end of code ====
I used a cookie that I had set in the login process to get the username to pass to all of the pages. The syntax I used as a variable was $_COOKIE[USERNAME]
I cant figure out why my update does not work. And on top of that when I click update I get the following message.
Warning: Cannot add header information - headers already sent by (output started at /home/a4-webde/public_html/glta/secure/prprofile/update.php:21) in /home/a4-webde/public_html/glta/secure/prprofile/index.php on line 28
The above error message refernces index.php so the code for that page is below.
==== insex.php ====
<?
require("vars.php"); //for database connection vars
switch ($todo) {
case "add":
//dispaly a blank form
$title="Add new entry"; //used by header
require("header.php"); // your page header
require("add.php"); // submits to index.php?todo=save
require("footer.php"); // your page footer
break;
case "edit":
// pull the data from db and plugs into form
$title = "Edit Existing Entry"; // used by header
require("header.php"); // your page header
require("edit.php"); // edits $editid, submits to index.php?todo=update
require("footer.php"); // your page footer
break;
case "delete":
require("delete.php"); // deletes $deleteid from the db
header("Location: index.php"); // go to listing
break;
case "save":
require("save.php"); // add new entry to db
header("Location: index.php"); // go to listing
break;
case "update":
require("update.php"); // update the db where id=$id
header("Location: index.php"); // go to listing
break;
default:
$title = "Viewing All Entries"; // used by header
require("header.php"); // your page header
require("list.php"); //show all entries
require("footer.php"); // your page footer
break;
}
?>
==== end of code ====
Any ideas would be great and much appreciated.
Posted: Mon May 05, 2003 4:00 am
by volka
replace
$result = mysql_query("SELECT * FROM $db_table WHERE uname=$editid");
by
Code: Select all
$query = "SELECT * FROM $db_table WHERE uname=$editid";
$result = mysql_query($query) or die($query.': '.mysql_error());
in edit.php
changing edit.php
Posted: Mon May 05, 2003 5:19 am
by dmyers
edit.php is working. The problem now is in my update.php It will not update the record.
Posted: Mon May 05, 2003 8:14 am
by volka
Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/a4-webde/public_html/glta/secure/prprofile/edit.php on line 26
I doubt it does. If you pass something else than a mysql result resource to mysql_fetch_array() you get an empty array (actually not an array at all) as return value. Since your (not-a-) resource variable is the result of mysql_query() directly before fetch_array it's quite certain that this query has failed.
Code: Select all
$query = "SELECT * FROM $db_table WHERE uname=$editid";
$result = mysql_query($query) or die($query.': '.mysql_error());
will show you the query and the error message in case the query failed.
You really should try it.