falkencreative Posted November 10, 2010 Author Report Share Posted November 10, 2010 Yes, adding a confirmation function is usually a good idea. Something like that can either be done by redirecting the visitor to a new page to confirm, or using a Javascript based confirm function (http://www.tizag.com/javascriptT/javascriptconfirm.php is one example.) Quote Link to comment Share on other sites More sharing options...
Guest Zaas Posted December 9, 2010 Report Share Posted December 9, 2010 Great post Ben. I've just done a version of this which detects and displays all the tables in your database, so you can add/edit/delete from any table in there. A demo is here: http://www.uk-web-solutions.co.uk/webdesign/crud/view.php?tb=players Mark Quote Link to comment Share on other sites More sharing options...
falkencreative Posted December 9, 2010 Author Report Share Posted December 9, 2010 Great post Ben. I've just done a version of this which detects and displays all the tables in your database, so you can add/edit/delete from any table in there. Interesting. So you provide it with MySQL host/username/password/database name, and it automatically finds all of your tables/columns? Quote Link to comment Share on other sites More sharing options...
DominiqueDeCaluwe Posted May 5, 2011 Report Share Posted May 5, 2011 I've been working with this script and although I'm a PHP newbee I'm almost there. I only have one issue with the NEW.PHP. When I submit data I get an error. Can anyone please get me in the right direction? Script: <?php /* NEW.PHP Allows user to create a new entry in the database */ // creates the new record form // since this form is used multiple times in this file, I have made it a function that is easily reusable function renderForm($order, $discrjob, $item, $status, $daytimereq, $contact, $error) { ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <title>New Record</title> </head> <body> <?php // if there are any errors, display them if ($error != '') { echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>'; } ?> <form action="" method="post"> <div> <strong>Order: *</strong> <input type="text" name="order" value="<?php echo $order; ?>" /><br/> <strong>Discrete job: *</strong> <input type="text" name="discrjob" value="<?php echo $discrjob; ?>" /><br/> <strong>Item: *</strong> <input type="text" name="item" value="<?php echo $item; ?>" /><br/> <strong>Status: *</strong> <input type="text" name="status" value="<?php echo $status; ?>" /><br/> <strong>Day&time request: *</strong> <input type="text" name="daytimereq" value="<?php echo $daytimereq; ?>" /><br/> <strong>Contact: *</strong> <input type="text" name="contact" value="<?php echo $contact; ?>" /><br/> <p>* required</p> <input type="submit" name="submit" value="Submit"> </div> </form> </body> </html> <?php } // connect to the database include('connect-db.php'); // check if the form has been submitted. If it has, start to process the form and save it to the database if (isset($_POST['submit'])) { // get form data, making sure it is valid $order = mysql_real_escape_string(htmlspecialchars($_POST['order'])); $discrjob = mysql_real_escape_string(htmlspecialchars($_POST['discrjob'])); $item = mysql_real_escape_string(htmlspecialchars($_POST['item'])); $status = mysql_real_escape_string(htmlspecialchars($_POST['status'])); $daytimereq = mysql_real_escape_string(htmlspecialchars($_POST['daytimereq'])); $contact = mysql_real_escape_string(htmlspecialchars($_POST['contact'])); // check to make sure both fields are entered if ($order == '' || $discrjob == '' || $item == '' || $status == '' || $daytimereq == '' || $contact == '') { // generate error message $error = 'ERROR: Please fill in all required fields!'; // if either field is blank, display the form again renderForm($order, $discrjob, $item, $status, $daytimereq, $contact, $error); } else { // save the data to the database mysql_query("INSERT qcdata SET order='$order', discrjob='$discrjob', item='$item', status='$status', daytimereq='$daytimereq', contact='$contact'") or die(mysql_error()); // once saved, redirect back to the view page header("Location: view.php"); } } else // if the form hasn't been submitted, display the form { renderForm('','','','','','',''); } ?> ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order='order1', discrjob='discrjob1', item='item1', status='status1', daytimereq' at line 1 Quote Link to comment Share on other sites More sharing options...
falkencreative Posted May 5, 2011 Author Report Share Posted May 5, 2011 @Dominique I believe that "order" is a reserved word within MySQL (it's used in "ORDER BY"), which can lead to issues if you try to use it as a column name. I would change that column name to something other than "order" ("sort" or "sortOrder"?) and update your mysql query. My guess is that will fix it, since I'm not seeing anything else wrong with the query at first glance. Quote Link to comment Share on other sites More sharing options...
DominiqueDeCaluwe Posted May 6, 2011 Report Share Posted May 6, 2011 @Dominique I believe that "order" is a reserved word within MySQL (it's used in "ORDER BY"), which can lead to issues if you try to use it as a column name. I would change that column name to something other than "order" ("sort" or "sortOrder"?) and update your mysql query. My guess is that will fix it, since I'm not seeing anything else wrong with the query at first glance. You're totally right Ben... this did the trick. Thanks very much! Quote Link to comment Share on other sites More sharing options...
DominiqueDeCaluwe Posted May 10, 2011 Report Share Posted May 10, 2011 Is there a possibility to use drop down boxes in the edit.php and new.php instead of the normal text fields? I have a "status" column where the user would like to choose from some options. Quote Link to comment Share on other sites More sharing options...
Guest George Mpopo Posted May 10, 2011 Report Share Posted May 10, 2011 Thanks Ben I am new in PHP development this will definitely help and will a lot from it :clap: Quote Link to comment Share on other sites More sharing options...
Guest rrrnew Posted May 12, 2011 Report Share Posted May 12, 2011 CodeIgniter is a PHP framework and from what I've seen, it is pretty good. I decided to back the Zend Framework thought because I figured it would become the predominant PHP framework over time - as it has. Stefan Hi im new to php in im having problem editing a db. I wrote down a code but it doesn't update the db. This is the code that i wrote: <?php include('mysql_connection.php'); include('../includes/header.php'); mysql_select_db($database_connection) or die ("unable to connect to the database"); $id=$_POST['id']; ?> <?php $dbc=NULL; //Verifica que los encasillado en la pgina de editar esten llenos if (empty($_POST['direccion_fisica'])) { $errors[]='No entrastes la direccion fisica.'; }else{ $df=mysqli_real_escape_string($dbc, trim($_POST['direccion_fisica'])); } if (empty($_POST['zip'])) { $errors[]='No entrastes el codigo postal.'; }else{ $zp=mysqli_real_escape_string($dbc, trim($_POST['zip'])); } if (empty($_POST['direccion_postal'])) { $errors[]='No entrastes la dirección postal.'; }else{ $dp=mysqli_real_escape_string($dbc, trim($_POST['direccion_postal'])); } if (empty($_POST['zip_ps'])) { $errors[]='No entrastes el codigo postal.'; }else{ $zp_ps=mysqli_real_escape_string($dbc, trim($_POST['zip_ps'])); } if (empty($_POST['telefono_1'])) { $errors[]='No entrastes el telefono.'; }else{ $tl_1=mysqli_real_escape_string($dbc, trim($_POST['telefono_1'])); } if (empty($_POST['telefono_2'])) { $errors[]='No entrastes el telefono.'; }else{ $tl_2=mysqli_real_escape_string($dbc, trim($_POST['telefono_2'])); } if (empty($_POST['fax'])) { $errors[]='No entrastes el fax.'; }else{ $fx=mysqli_real_escape_string($dbc, trim($_POST['fax'])); } if (empty($_POST['web_page'])) { $errors[]='No entrastes tu pagina de internet.'; }else{ $wb=mysqli_real_escape_string($dbc, trim($_POST['web_page'])); } if (empty($_POST['nombre'])) { $errors[]='No entrastes el nombre del contacto.'; }else{ $fn=mysqli_real_escape_string($dbc, trim($_POST['nombre'])); } if (empty($_POST['apellido'])) { $errors[]='No entrastes el apellido del contacto.'; }else{ $ln=mysqli_real_escape_string($dbc, trim($_POST['apellido'])); } if (empty($_POST['nombre_cs'])) { $errors[]='No entrastes el nombre del contacto secundario.'; }else{ $fn_2=mysqli_real_escape_string($dbc, trim($_POST['nombre_cs'])); } if (empty($_POST['apellido_cs'])) { $errors[]='No entrastes el apellido del contacto secundario.'; }else{ $ln_2=mysqli_real_escape_string($dbc, trim($_POST['apellido_cs'])); } if (empty($_POST['email'])) { $errors[]='No entrastes el correo electronico.'; }else{ $em=mysqli_real_escape_string($dbc, trim($_POST['email'])); } if (empty($_POST['email_sec'])) { $errors[]='No entrastes el correo electronico del contacto secundario.'; }else{ $em_2=mysqli_real_escape_string($dbc, trim($_POST['email_sec'])); } if (empty($_POST['telefono'])) { $errors[]='No entrastes el telefono del contacto.'; }else{ $tl_3=mysqli_real_escape_string($dbc, trim($_POST['telefono'])); } if (empty($_POST['phone_sec'])) { $errors[]='No entrastes el telefono del contacto secundario.'; }else{ $tl_4=mysqli_real_escape_string($dbc, trim($_POST['phone_sec'])); } if (empty($errors)) { //Si todo esta bien $q="UPDATE perfil_negocio_agricola SET direccion_fisica='$fn', zip='$zp', direccion_postal='$dp', zip_ps='$zp_ps', telefono_1='$tl_1', telefono_2='$tl_2', fax='$fx', web_page='$wb', nombre='$fn', apellido='$ln', nombre_cs='$fn_2', apellido_cs='$ln_2', email='$em', email_sec='$em_2', telefono='$tl_3', phone_sec='$tl_4', WHERE id='$id' "; $r=@mysqli_query($dbc, $q); if(mysqli_affected_rows($dbc) ==0) {//Si corrio OK echo'<p> Su perfil a sido editado.</p>'; }else{ echo'<p> class="error">Su perfil no pudo ser editado. Disculpenos por cualquier inconveniento que esto pueda causar.</p>'; echo '<p>' . mysqli_error($dbc) . '<br />Query: ' . $q . '</p>'; //Debuggin MSG } }else{ //Reportar errores echo'<p class="error">A ocurrido los siguientes errores:<br/>'; foreach($errors as $msg) { echo "- $msg<br/>\n"; } echo'</p><p>Intente de nuevo.</p>'; } //Finaliza sino hay errores mysqli_close($dbc); ?> I get this error mysqli_real_escape_string() expects parameter 1 to be mysqli, null given , i have look the code again to see if wrote something wrong but i dont found it. Since i start like 2 weeks ago with PHP if someone can help me it would be great. Quote Link to comment Share on other sites More sharing options...
falkencreative Posted May 14, 2011 Author Report Share Posted May 14, 2011 Sorry for the delay in answering this message... If you check the documentation for mysqli_real_escape_string (http://php.net/manual/en/mysqli.real-escape-string.php), you'll notice that it is expecting two arguments: a link to the mysqli connection, and the string you want escaped: string mysqli_real_escape_string ( mysqli $link , string $escapestr ) In your code above, you call this function like this: $df=mysqli_real_escape_string($dbc, trim($_POST['direccion_fisica'])); but just a couple lines above, you have set $dbc to NULL: $dbc=NULL; //Verifica que los encasillado en la pgina de editar esten llenos Why are you setting the variable to null? The error message indicates that it is expecting the first variable to be a link to the mysqli connection, but you are providing it with null instead. Quote Link to comment Share on other sites More sharing options...
Guest udai Posted May 24, 2011 Report Share Posted May 24, 2011 i want to view all data with shorting and with search. link i want to sort by first name, last name, id (increase or decrease) some one help me.......... Quote Link to comment Share on other sites More sharing options...
henrylayla Posted May 24, 2011 Report Share Posted May 24, 2011 Hi, Thanks for the great tips i always love to learn new things. I have little bit knowledge about programming languages. I hope i will learn a lot from here as This is the time to learn some PHP. Quote Link to comment Share on other sites More sharing options...
Coreinsanity Posted June 24, 2011 Report Share Posted June 24, 2011 Nice tutorial, though I do have a question. This may be beyond the scope of the tutorial, but I have seen it done a lot in tutorials a friend of mine looks at to learn PHP: $db = mysql_connect('localhost','wronguser','or_wrongpass') or die (mysql_error()); Now, with my wamp configuration (Pretty much default) and my hosting configuration (through a2 hosting) I get (as expected) the MySQL error printed out twice: > Once for the actual PHP error (due to what the error level is set to > And again for the or die (mysql_error());, except this time it's just the error reported from mysql. As such I have always done $db = @mysql_connect('localhost','wronguser','or_wrongpass') or die ('Could not connect to the DB'); Utilizing the @ error control operator to ignore the PHP error for this statement and then removing the mysql_error (I don't want my database user printed out). I am not sure if this is best practice or not, since (to my understanding) @ simply disables error reporting then executes the statement, and returns it to normal. http://us3.php.net/manual/en/language.operators.errorcontrol.php If anyone wants to read up more on it, and doesn't already know about it. So my question, is there any real reason people don't use the @ error control operator (Sparingly, of course) for stuff like this? Quote Link to comment Share on other sites More sharing options...
falkencreative Posted June 26, 2011 Author Report Share Posted June 26, 2011 You get this error twice because you most likely have error messages turned on within your hosting. You can disable this with this line: ini_set( "display_errors", 0); or by manually updating your php.ini file (which probably isn't possible on a shared host, though perhaps the host could handle that for you. As a general rule, I've heard that it's best to disable display_errors on a live site, so you don't accidentally give away database/server details that might expose security holes. You can learn a bit more about this here: http://php.net/manual/en/function.error-reporting.php In regards to using "@" for error suppression, my impression is that is generally frowned upon, and it should be used as minimally as possible. To summarize others, it seems like the main reasons are: -- the "@" causes performance issues -- Parts of the application may fail silently, and using the "@" means it is harder to tell what is going on -- If you have users that are using the application and something goes wrong, giving them a "white screen of death" when something fails silently is infinitely more frustrating than at least providing an error message they can pass on to support. For more info, see: http://php.net/manual/en/language.operators.errorcontrol.php http://stackoverflow.com/questions/136899/suppress-error-with-operator-in-php Searching for "php error suppression" will probably give you some other results as well. I'm not saying errors shouldn't be suppressed -- they should, to avoid security issues -- but you then need to provide an interface that gives the user an idea of what is failing and what is going on without showing database/server details. Quote Link to comment Share on other sites More sharing options...
Coreinsanity Posted June 27, 2011 Report Share Posted June 27, 2011 You get this error twice because you most likely have error messages turned on within your hosting. You can disable this with this line: Yeah, that's what I was saying (or intended to, anyway). Most tutorials don't go over (or ever say) to look into that. Thus, most people who I talked to who learned PHP from them simply think it's normal. ini_set( "display_errors", 0); or by manually updating your php.ini file (which probably isn't possible on a shared host, though perhaps the host could handle that for you. As a general rule, I've heard that it's best to disable display_errors on a live site, so you don't accidentally give away database/server details that might expose security holes. You can learn a bit more about this here: http://php.net/manual/en/function.error-reporting.php For this reason, I generally handle my own errors. In regards to using "@" for error suppression, my impression is that is generally frowned upon, and it should be used as minimally as possible. I would agree. I was mostly wondering what the reasoning behind not using it here was. (Thanks for answering, btw). To summarize others, it seems like the main reasons are: -- the "@" causes performance issues That is one reason. It's like I said in my post, disables error reporting - runs the code - sets error reporting to what it was: error_reporting(E_NONE); mysql_connect() ... error_reporting(whatever it was before); since this essentially turns one statement into 3, I can see how it would effect performance if used widely. -- Parts of the application may fail silently, and using the "@" means it is harder to tell what is going on True. With display_errors you can enable/disable them globally as you please, depending on if you're in the development environment or live. -- If you have users that are using the application and something goes wrong, giving them a "white screen of death" when something fails silently is infinitely more frustrating than at least providing an error message they can pass on to support. Never would actually plan on doing that (Though, that is why in my example I said 'Could not connect to DB') Generally, I have a nice error page setup for displaying them so that it's build into the template. For more info, see: http://php.net/manual/en/language.operators.errorcontrol.php http://stackoverflow.com/questions/136899/suppress-error-with-operator-in-php Searching for "php error suppression" will probably give you some other results as well. I'm not saying errors shouldn't be suppressed -- they should, to avoid security issues -- but you then need to provide an interface that gives the user an idea of what is failing and what is going on without showing database/server details. Yeah, leaving the errors displaying enabled by default is bad for a non-development environment. Though I always recommend logging errors (displayed or not) with some environment conditions (variables, etc, if available), and providing a way for users to report them. This way you can go back and see what happened, when it happened, and some environment stuff durring the time. Anyway, thanks again for your reply Quote Link to comment Share on other sites More sharing options...
hyze Posted June 29, 2011 Report Share Posted June 29, 2011 Hi Ben, Thanks for the very nice tutorial! But I guess I need your idea to enlighten me as I'm still new in PHP Here is my what I did so far - my form(name, email, address, picture) - before send to database, user can preview the form and edit it. - I'm using($_POST instead of session) on the preview page and "onClick='history.go(-1)'" to edit the page. - User able to see(name, email, address) and edit at textfield but for image, it missing( I dont know how to call the image that already upload and show it at Edit form). I want to let use delete or reattach new image on it. Sorry for my english and I hope you understand my problem. Thanks Quote Link to comment Share on other sites More sharing options...
falkencreative Posted June 29, 2011 Author Report Share Posted June 29, 2011 I'm not completely sure I understand what issue you're having. However, you probably want to look at some tutorials on image manipulation: http://net.tutsplus.com/articles/news/building-the-back-end-of-a-photo-site/ I imagine you can find other tutorials by searching for "upload display image php." Quote Link to comment Share on other sites More sharing options...
hyze Posted June 29, 2011 Report Share Posted June 29, 2011 Hi Ben, Apologize me for the confusing. let me rephrase and hope you get my question I have total of 3 page let say register.php, preview.php and submit.php 1. First, user fill at register form(name,email,address, profile picture) and click submit 2. It then go to preview.php page will the information name, email, address and picture --> all the information is not yet store at database. 3. Let say user want to edit it address hence it click button EDIT and it redirect to page register.php with all previous data at text field. 4. Here is the problem. all data for name, email, address are there at text field but not picture. Question 1. How to call the picture and display it at register.php once user click edit at preview page? 2. I would like also to allow user to delete the picture at edit(register.php). Hope that make sense. Thanks Quote Link to comment Share on other sites More sharing options...
falkencreative Posted June 29, 2011 Author Report Share Posted June 29, 2011 If you aren't storing this information (name/email/address/picture) in the database immediately, you do need to store it somewhere. If I understand you correctly, you are relying on the browser to save and display this information for you (using the "back" button functionality) whereas I would suggest storing it in the session so you can be sure that it is saved properly. In regards to the image, once the image has been uploaded on the first page, I would store the path to the uploaded image file in a session variable. Then you can display the image easily: <img src="<?php echo $your_image_path; ?>" alt="" /> If you need to delete the image, you can have a link that when clicked, checks the session variable for the image path and deletes the specified file. You could even potentially use jquery/AJAX, so that the user never has to leave the page they are currently on. Javascript would be used to call the PHP file that deletes the image, and then based on the result from that PHP file (if it was able to successfully delete the image) you can use Javascript to remove the image from the page and alert the user that the file has been updated. Quote Link to comment Share on other sites More sharing options...
toin Posted July 24, 2011 Report Share Posted July 24, 2011 Hello All, congratulation for the tutorial but I have a problem with the edit,insert page because when i push the submit button the browser doesn't redirect me to the page that I want but it gives to me: Error loading page and there aren't any new record or edit record. Thanks and sorry if english isn't perfect Quote Link to comment Share on other sites More sharing options...
falkencreative Posted July 24, 2011 Author Report Share Posted July 24, 2011 Hello All, congratulation for the tutorial but I have a problem with the edit,insert page because when i push the submit button the browser doesn't redirect me to the page that I want but it gives to me: Error loading page and there aren't any new record or edit record. Thanks and sorry if english isn't perfect Make sure the path to the file is correct. You may have a misspelling in the file name. Quote Link to comment Share on other sites More sharing options...
toin Posted July 24, 2011 Report Share Posted July 24, 2011 Make sure the path to the file is correct. You may have a misspelling in the file name. I try to do the same table,php page and page name but I have always that problem... Quote Link to comment Share on other sites More sharing options...
falkencreative Posted July 24, 2011 Author Report Share Posted July 24, 2011 I try to do the same table,php page and page name but I have always that problem... Can you start a new topic here in the PHP forum, and include the code you are using? Hopefully this is something I can help you figure out. Quote Link to comment Share on other sites More sharing options...
toin Posted July 24, 2011 Report Share Posted July 24, 2011 Can you start a new topic here in the PHP forum, and include the code you are using? Hopefully this is something I can help you figure out. But are the same on the first page of the topic, it's a copy and paste new topic:My link Quote Link to comment Share on other sites More sharing options...
debbiebazemore@yahoo.com Posted July 26, 2011 Report Share Posted July 26, 2011 I am very new to php and mysql and have been playing with your sample code. I am having a problem with the edit and delete links in view.php. When I click on the edit link it take me to http://www.website.com/edit.php8 instead of http://www.website.com/edit.php?id=8.'>http://www.website.com/edit.php?id=8. If I type http://www.website.com/edit.php?id=8 in the url it will display the page and allow me to edit. Also, I had to add <? ob_start(); ?> to the top and <? ob_flush(); ?> to the bottom of edit.php. Any suggestions? Quote Link to comment Share on other sites More sharing options...
falkencreative Posted July 26, 2011 Author Report Share Posted July 26, 2011 I am very new to php and mysql and have been playing with your sample code. I am having a problem with the edit and delete links in view.php. When I click on the edit link it take me to http://www.website.com/edit.php8 instead of http://www.website.com/edit.php?id=8.'>http://www.website.com/edit.php?id=8. If I type http://www.website.com/edit.php?id=8 in the url it will display the page and allow me to edit. Also, I had to add <? ob_start(); ?> to the top and <? ob_flush(); ?> to the bottom of edit.php. Any suggestions? The first place I would check would be the line that creates that link within view.php. Make sure it includes "?id=": echo '<td><a href="edit.php?id=' . $row['id'] . '">Edit</a></td>'; If you've double checked that and are still having problems, start a new topic in the PHP forum, post your code and I'll take a look. Quote Link to comment Share on other sites More sharing options...
debbiebazemore@yahoo.com Posted July 26, 2011 Report Share Posted July 26, 2011 The first place I would check would be the line that creates that link within view.php. Make sure it includes "?id=": echo '<td><a href="edit.php?id=' . $row['id'] . '">Edit</a></td>'; If you've double checked that and are still having problems, start a new topic in the PHP forum, post your code and I'll take a look. Thanks for the sample link. That worked! I was a little off on the formatting. Quote Link to comment Share on other sites More sharing options...
Guest xecvantec Posted September 27, 2011 Report Share Posted September 27, 2011 Hi, Ben! Can you upgrade this to do sort by name, and database not use MySQL, use array to store! Quote Link to comment Share on other sites More sharing options...
falkencreative Posted September 28, 2011 Author Report Share Posted September 28, 2011 You can use ORDER BY to choose how to sort the results: http://www.tizag.com/mysqlTutorial/mysqlorderby.php Using a flat array rather than database is a bit outside the scope of the tutorial, since the entire point of this tutorial was how to work with a database. I'm not sure if an array makes sense, since you'll have to recreate the array every time the page loads -- it won't stay consistent across different pages. You can add/remove/edit items from an array, but those changes won't stay when you visit a different page, or even refresh the page. Quote Link to comment Share on other sites More sharing options...
sakarora Posted October 4, 2011 Report Share Posted October 4, 2011 hi admin.. i used the script you provided for editing.. first of all thanks for the lovely script.. i created a table with id,firstname and lastname fields..as u told and it went perfect with no error... but i tried it for another table and fields 'signum' in place of 'id'.. and it gave me error because signum is varchar type... and id is int... if i keep signum as int then it works fine but gives error for varchar.... there's a line in edit.php which checks that input is_numeric... what to write inplace of that... please provide me with that script...i urgently need it.... THANKS IN ADVANCE... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.