A few smaller problems

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
Keanman
Forum Newbie
Posts: 18
Joined: Fri Jun 13, 2003 3:19 pm
Contact:

A few smaller problems

Post by Keanman »

Hey guys and gals,

I'm having some smaller troubles with my page. I can't really nail them down not knowing a whole lot about php. Just wondering if anybody can give me a hand with this. Here's the few problems.

1. I'm trying to have the page so that after searching for an item. All records will be displayed in a table (in search.php) with an edit link next to them. When you click this link you will be sent to update.php where it will get the info from that record and display it for you in text/list boxes. You can the update or delete the record from there. Two of my smaller problems occur here. For some reason when I click on update it cuts any multiple words in the location down to one word. For example "Fogo Island" becomes "Fogo". Also, any item names that have a single or double quote in them will screw up. For example, "Gateway 17" Monitor" becomes "Gateway 17".

2. My second problem occured when I tried to have the page automatically refresh to search.php after clicking update of delete buttons. Basically I want to start with the search page, click on edit which brings you to update.php. Then get brought back to search.php where the database is refreshed. But when you go to search.php again this error pops up "You have an error in your SQL syntax near '' at line 1"

If you guys have any questions about how my pages works Just ask. Here is my code to date for these two pages:

SEARCH.PHP

Code: Select all

<?
include("header.inc");
include("menu.inc");
include("details.inc");
?>

<TR ALIGN="CENTER">
   <TD><H2><CENTER>Display results</CENTER></H2><P>
   </TD>
</TR>

<TR ALIGN="CENTER">
   <TD>

<?
$searching=$_POST['searching'];

?>
<form name="frmCheck" action="<?php echo $PHP_SELF; ?>" method="post">

<?
//post values into the variables from the search.php form
$asset = stripslashes(addslashes($_POST['asset']));
$name = stripslashes(addslashes($_POST['name']));
$location = stripslashes(addslashes($_POST['location']));
$description = stripslashes(addslashes($_POST['description']));
$warranty = stripslashes(addslashes($_POST['warranty']));
$serial = stripslashes(addslashes($_POST['serial']));

//get id num into the $id variable, else post
if(isset($_GET['id'])){
$id=$_GET['id'];
}else{
$id = $_POST['id'];
}

if(isset($_POST['btnDelete'])) {
$query="DELETE FROM assets WHERE id=".$id;
mysql_query($query) or die (mysql_error());
}

if(isset($_POST['btnUpdate'])) {
$query = "UPDATE assets SET serialNum = '".$serial."', assetNum = '".$asset."', itemName = '".$name."',location = '".$location."', description = '".$description."',warranty = '".$warranty."' WHERE id = ".$id;
mysql_query($query) or die (mysql_error());
}

//Check if the search button is clicked
if (isset($_POST['btnSearch'])) {
   //Check if the user checked a search criteria
   if($searching == "") {
     printf("Please select a search criteria");
   }
   //Check if the user did select a search criteria
   elseif ($searching != "") {
      include("title.inc");
      //Check if the selected search criteria is by serial number
      if ($searching == "serNum") {
         $search=$_POST['serial'];
         $query="SELECT * FROM assets WHERE serialNum='" . $search . "'";
         $result=mysql_query($query);
      }
      //Check if the selected search criteria is by asset number
      elseif ($searching == "assNum") {
         $search=$_POST['asset'];
         $query="SELECT * FROM assets WHERE assetNum='" . $search . "'";
         $result=mysql_query($query);
      }
      //Check if the selected search criteria is by location
      elseif ($searching == "locate") {
         $search=$_POST['location'];
         $query="SELECT * FROM assets WHERE location='" . $search . "'";
         $result=mysql_query($query);
         //Check if the user choose to display all
         if ($search == "Display All") {
            $query="SELECT * FROM assets ORDER BY location ASC";
            $result=mysql_query($query);
         }
      }

//Fetch the info from the database into an array and display the records with an edit link beside them
While ($rs = mysql_fetch_array($result)) {

print ("<TR ALIGN=CENTER><TD><A HREF=update.php?id=".$rs['id'].">Edit</A></TD><TD>" . $rs['itemName'] . "</TD><TD>" . $rs['serialNum'] . "</TD><TD>" . $rs['assetNum'] . "</TD><TD>" . $rs['location'] . "</TD><TD>" . $rs['description'] . "</TD><TD>" . $rs['entryDate'] . "</TD><TD>" . $rs['warranty'] . "</TD></TR>");}
   }
}
?>

</TABLE>
</TD>
</TR>

<?
include("footer.inc");
?>
UPDATE.PHP

Code: Select all

<?
include("details.inc");

//post values into the variables from the search.php form
$asset = stripslashes(addslashes($_POST['asset']));
$name = stripslashes(addslashes($_POST['name']));
$location = stripslashes(addslashes($_POST['location']));
$description = stripslashes(addslashes($_POST['description']));
$warranty = stripslashes(addslashes($_POST['warranty']));
$serial = stripslashes(addslashes($_POST['serial']));

//get id num into the $id variable, else post
if(isset($_GET['id'])){
$id=$_GET['id'];
}else{
$id = $_POST['id'];
}

$query="SELECT * FROM assets WHERE id=".$id;
$result=mysql_query($query);
$rs= mysql_fetch_array($result);

//if the delete button is clicked, delete the current record and display to the user that it was deleted
if(isset($_POST['btnDelete'])) {
$query="DELETE FROM assets WHERE id=".$id;
mysql_query($query) or die (mysql_error());
header("Location: search.php");
}

//if the update button is clicked, update the current record and display to the user that it was updated
if(isset($_POST['btnUpdate'])) {
$query = "UPDATE assets SET serialNum = '".$serial."', assetNum = '".$asset."', itemName = '".$name."',location = '".$location."', description = '".$description."',warranty = '".$warranty."' WHERE id = ".$id;
mysql_query($query) or die (mysql_error());
header("Location: search.php");
}

include("header.inc");
include("menu.inc");
?>

<TR ALIGN="CENTER">
   <TD><CENTER><H2>Update Database</H2></CENTER><P></TD>
</TR>

<form method="post" action="search.php">

<TR ALIGN="CENTER">
   <TD>
      <TABLE BORDER=1 WIDTH=40% ALIGN="CENTER">
      <TR ALIGN=CENTER>
        <TD><B>Item Name</B></TD>
        <TD><Input type="text" name="name" size="20" value="<? echo $rs['itemName'] ?>"></TD>
      </TR>
      <TR ALIGN=CENTER>
         <TD><B>Serial Number</B></TD>
         <TD><Input type="text" name="serial" size="20" value="<? echo $rs['serialNum'] ?>"></TD>
      </TR>
      <TR ALIGN=CENTER>
         <TD><B>Asset Number</B></TD>
         <TD><Input type="text" name="asset" size="20" value="<? echo $rs['assetNum'] ?>"></TD>
      </TR>
      <TR ALIGN=CENTER>
         <TD><B>Location</B></TD><TD>
   <?
//selection array to place the locations into the select box and determine which one is selected

    $location_array = array("Baie Verte", "Botwood", "Bishop Falls", "Buchans", "Carmanville", "Centreville", "Change Islands", "Fogo Island", "Gambo", "Gander", "Gaultois", "Glenwood", "Glovertown", "Grand Falls", "Greenspond", "HarbourBreton", "Hare Bay", "Harry's Harbour", "Hermitage", "King's Point", "LaScie", "Lewisporte", "Lumsden", "Musgrave Harbour", "Norris Arm", "Point Leamington", "Robert's Arm", "Seal Cove", "Springdale", "St. Alban's", "Summerford", "Twillingate", "Wesleyville");
    echo "<SELECT NAME=location>";
    foreach($location_array as $value){
    echo "<OPTION VALUE=".$value;
    if($rs['location'] == $value)
       echo " SELECTED";
       echo ">".$value."</OPTION>";
    }
    echo "</SELECT>";
   ?>
         </TD>
      </TR>
      <TR ALIGN=CENTER>
         <TD><B>Description</B></TD>
         <TD><Input type="text" name="description" size="20" value="<? echo $rs['description'] ?>"></TD>
      </TR>
      <TR ALIGN=CENTER>
         <TD><B>Warranty</B></TD>
         <TD><Input type="text" name="warranty" size="20" value="<? echo $rs['warranty'] ?>"></TD>
      </TiR>
      </TABLE>
      <BR><CENTER>
      <input type="Submit" name="btnUpdate" Value="Update Record">
       <input type="Submit" name="btnDelete" Value="Delete Record">
      </FORM></CENTER>
   </TD>
</TR>

<?
include("footer.inc");
?>
Any help is greatly appreciated and thanks in advance.
jmarcv
Forum Contributor
Posts: 131
Joined: Tue Jul 29, 2003 7:17 pm
Location: Colorado

Post by jmarcv »

checkout php.net
lookup addslashes and stripslashes
Post Reply