yoshee08

Also on the new.php page (code below), the form displays, but when it submits, it shows this. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''equipment' ('name','type','out','outbywho') VALUES ('','','','' at line 1 <?php include_once("php_includes/check_login_status.php"); $sql = "SELECT COUNT(id) FROM users WHERE activated='1'"; $query = mysqli_query($db_conx, $sql); $row = mysqli_fetch_row($query); $usercount = $row[0]; function renderForm($id, $name, $type, $out, $outbywho, $error) { ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>Lincoln Troop 3</title> <link rel="icon" href="favicon.ico" type="image/x-icon"> <link rel="stylesheet" href="style/style.css"> <style type="text/css"> div#dynmsgbox{ background: #C4E6FF; border:#0F99FF 1px solid; line-height:2.0em; padding:20px; margin:20px;} </style> <script src="js/main.js"></script> </head> <body> <?php include_once("template_pageTop.php"); ?> <br><br> <br> <h3 style="width: 1342px; height: 70px; font-family:Monotype Corsiva;font-size: xx-large;color: #A70C0C;text-align:center;">Welcome to the website of BSA Troop 3 of Rochester</h3> <table style="width: 134%; height: 137px"> <tr> <div id="pageMiddle" style="clear:left; line-height:1.5em; width:92%; margin:40px auto;"> </div> <td style="width: 387px"> </td> <td style="width: 628px"> <?php } // connect to the database include('connect-db.php'); // check if the form has been submitted. If it has, start to process the form and save it to the database if (isset($_POST['submit'])) { // get form data, making sure it is valid $name = mysql_real_escape_string(htmlspecialchars($_POST['name'])); $type = mysql_real_escape_string(htmlspecialchars($_POST['type'])); $out = mysql_real_escape_string(htmlspecialchars($_POST['out'])); $outbywho = mysql_real_escape_string(htmlspecialchars($_POST['outbywho'])); // check to make sure both fields are entered if ($name == '' || $type == '') { // generate error message $error = 'ERROR: Please fill in all required fields!'; // if either field is blank, display the form again renderForm($name, $type, $out, $outbywho, $error); } else { // save the data to the database mysql_query("INSERT equipment SET name='$name', type='$type', out='$out', outbywho='$outbywho'") or die(mysql_error()); // once saved, redirect back to the view page header("Location: view.php"); } } else // if the form hasn't been submitted, display the form { renderForm('','','','','',''); } ?> <form action="" method="post"> <div> <strong>Name: *</strong> <input type="text" name="name" value="<?php echo $name; ?>" /><br/> <strong>Type: *</strong> <input type="text" name="type" value="<?php echo $type; ?>" /><br/> <strong>Out: *</strong> <input type="text" name="out" value="<?php echo $outbywho; ?>" /><br/> <strong>Out By Who: *</strong> <input type="text" name="outbywho" value="<?php echo $outbywho; ?>" /><br/> <p>* required</p> <input type="submit" name="submit" value="Submit"> </div> </form> </body> </html> </td> <td> </td> </tr> </table> <br> <br> <br> <br> <?php include_once("template_pageBottom.php"); ?> </body> </html>

Hi Ben, I followed your script along (very nicely done by the way)and I had an issue for the edit.php page. As you can see, (after this) I added a few things to it. The delete page, view page all work fine, but when I go to this page (and yes, I have check words and spelling)it shows this (not the word places): Warning: Missing argument 6 for renderForm(), called in /home/content/26/8887926/html/Yoshee08/troop3/edit.php on line 110 and defined in /home/xxx/xxx/xxx/xxx/edit.php on line 9 ID: 2 Name: * [_____] type: *[_____] out: *[_____] out by who: *[_____] * Required SUBMIT(button is here) once i submit the form, it shows this error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'out = '1', outbywho = 'yoshee' WHERE id='2'' at line 1 What could be the problem? Heres the page code.. <?php /* EDIT.PHP Allows user to edit specific entry in database */ // creates the edit record form // since this form is used multiple times in this file, I have made it a function that is easily reusable function renderForm($id, $name, $type, $out, $outbywho, $error) { ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <title>Edit Record</title> </head> <body> <?php // if there are any errors, display them if ($error != '') { echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>'; } ?> <form action="" method="post"> <input type="hidden" name="id" value="<?php echo $id; ?>"/> <div> <p><strong>ID:</strong> <?php echo $id; ?></p> <strong>Name: *</strong> <input type="text" name="name" value="<?php echo $name; ?>"/><br/> <strong>type: *</strong> <input type="text" name="lastname" value="<?php echo $type; ?>"/><br/> <strong>out: *</strong> <input type="text" name="out" value="<?php echo $out; ?>"/><br/> <strong>out by who: *</strong> <input type="text" name="outbywho" value="<?php echo $outbywho; ?>"/><br/> <p>* Required</p> <input type="submit" name="submit" value="Submit"> </div> </form> </body> </html> <?php } // connect to the database include('connect-db.php'); // check if the form has been submitted. If it has, process the form and save it to the database if (isset($_POST['submit'])) { // confirm that the 'id' value is a valid integer before getting the form data if (is_numeric($_POST['id'])) { // get form data, making sure it is valid $id = $_POST['id']; $name = mysql_real_escape_string(htmlspecialchars($_POST['name'])); $type = mysql_real_escape_string(htmlspecialchars($_POST['type'])); $out = mysql_real_escape_string(htmlspecialchars($_POST['out'])); $outbywho = mysql_real_escape_string(htmlspecialchars($_POST['outbywho'])); if ($name == '') { // generate error message $error = 'ERROR: Please fill in all required fields!'; //error, display form renderForm($id, $name, $type, $out, $outbywho, $error); } else { // save the data to the database mysql_query("UPDATE equipment SET name = '$name', type = '$type', out = '$out', outbywho = '$outbywho' WHERE id='$id';") or die(mysql_error()); // once saved, redirect back to the view page header("Location: view.php"); } } else { // if the 'id' isn't valid, display an error echo 'Error!'; } } else // if the form hasn't been submitted, get the data from the db and display the form { // get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0) if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0) { // query db $id = $_GET['id']; $result = mysql_query("SELECT * FROM equipment WHERE id=$id") or die(mysql_error()); $row = mysql_fetch_array($result); // check that the 'id' matches up with a row in the databse if($row) { // get data from db $name = $row['name']; $type = $row['type']; $out = $row['out']; $outbywho = $row['outbywho']; // show form renderForm($id, $name, $type, $out, $outbywho); } else // if no match, display result { echo "No results!"; } } else // if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error { echo 'Error!'; } } ?>