Jump to content
Killersites Forums

Basic Php System: View/edit/delete/add Records


falkencreative
 Share

Recommended Posts

@LiquidFire:

 

Within your ADMIN.php file, I believe you would want to change this line:

 

echo '<td>' . mysql_result($result, $i, 'content') . '</td>';

to this:

 

echo '<td>' . htmlspecialchars(mysql_result($result, $i, 'content')) . '</td>';

and within edit.php, you would want to chnage this line:

 

 $content = mysql_real_escape_string(htmlspecialchars($_POST['content']));

to this:

 

 $content = stripslashes(mysql_real_escape_string(htmlspecialchars($_POST['content'])));

Link to comment
Share on other sites

@LadyMustache:

Since you are working with different code than I have used at the start of this topic, why don't you make a new topic for your issue within the PHP section? If you can be more clear about what is wrong with add.php and what errors you are getting, that would be helpful.

 

Thank you for replying! Sorry my bad. ;)

Link to comment
Share on other sites

  • 2 weeks later...

Hi Administrator,

 

I am very happy for this post. And Thanks so much.

I am beginner for PHP.So I have created my staff directory table within refer your post.

I want editing my staff directory table. But if click on edit link come following error

"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@dwu.ac.pg' at line 1"

 

Please check bellow attachment from link. It has my database and php file.

 

http://kithusara.org/download/manju/test.zip

 

 

If you can help me , I appreciate so much.

Thanks,

 

Manjula.

Link to comment
Share on other sites

  • 2 weeks later...

Hi Administrator,

 

I am very happy for this post. And Thanks so much.

 

can u help me... how to make a

id_level(AUTO_INCREMENT) in n group_level..

(1 administrator) (2 super_user) etc... with dropdown menu n if edit show all group not only choosen group

 

sory for my bad english

Link to comment
Share on other sites

Hi Ben,

 

Great example here, I have been mulling over a way to do this for days!

I have obviously had to amend your code somewhat to fit in with my Database setup and required data. The edit.php is successfully pulling the data required.

However when I edit the data and click on submit I am getting the Error displayed. I have amended the error messages to identify where the error is, but cannot locate the rror in the code. The error being thrown is for the id being invalid. Can you see where I have gone wrong in the below code at all? Many Thanks Gunny

 

<?php
/* 
EDIT.PHP
Allows user to edit specific entry in database
*/

// creates the edit record form
// since this form is used multiple times in this file, I have made it a function that is easily reusable
function renderForm($id, $routenumber, $depicao, $arricao, $aircrafttype, $error)
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Edit Record</title>
</head>
<body>
<?php 
// if there are any errors, display them
if ($error != '')
{
echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
}
?> 

<form action="" method="post">
<input type="hidden" name="id" value="<?php echo $id; ?>"/>
<div>
<p><strong>ID:</strong> <?php echo $id; ?></p>
<strong>Route Number *</strong> <input type="text" name="route_number" value="<?php echo $routenumber; ?>"/><br/>
<strong>Dep ICAO</strong> <input type="text" size="5" name="dep_icao" value="<?php echo $depicao; ?>"/><br/>
 <strong>Arr ICAO</strong> <input type="text" size="5" name="arr_icao" value="<?php echo $arricao; ?>"/><br/>
  <strong>Aircraft Type*</strong> <input type="text" name="aircraft_type" value="<?php echo $aircrafttype; ?>"/><br/>
<p>* Required</p>
<input type="submit" name="submit" value="Submit">
</div>
</form> 
</body>
</html> 
<?php
}



   // connect to the database
       require_once 'connect.php';
$db_server = mysql_connect($db_hostname, $db_username, $db_password);

if (!$db_server) die ("Unable to connect to MySQL: " . mysql_error());

mysql_select_db($db_database) or die("Unable to Select database: " . mysql_error());


// check if the form has been submitted. If it has, process the form and save it to the database
if (isset($_POST['submit']))
{ 
// confirm that the 'route_id' value is a valid integer before getting the form data
if (is_numeric($_POST['route_id']))
{
// get form data, making sure it is valid
$id = $_POST['route_id'];
$routenumber = mysql_real_escape_string(htmlspecialchars($_POST['route_number']));
$depicao = mysql_real_escape_string(htmlspecialchars($_POST['dep_icao']));
$arricao = mysql_real_escape_string(htmlspecialchars($_POST['arr_icao']));
$aircrafttype = mysql_real_escape_string(htmlspecialchars($_POST['aircraft_type']));

// check that firstname/lastname fields are both filled in
if ($routenumber == '' || $depicao == '')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';

//error, display form
renderForm($id, $routenumber, $depicao, $arricao, $aircrafttype, $error);
}
else
{
// save the data to the database
mysql_query("UPDATE route_info SET route_number='$routenumber', dep_icao='$depicao', arr_icao='$arricao', aircraft_type='$aircrafttype' WHERE route_id='$id'")
or die(mysql_error()); 

// once saved, redirect back to the view page
header("Location: va.php"); 
}
}
else
{
// if the 'route_id' isn't valid, display an error
echo 'Error Invalid Route ID!';
}
}
else
// if the form hasn't been submitted, get the data from the db and display the form
{

// get the 'route_id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
if (isset($_GET['route_id']) && is_numeric($_GET['route_id']) && $_GET['route_id'] > 0)
{
// query db
$id = $_GET['route_id'];
$query = "Select * from route_info where route_id=$id";
         $result = mysql_query($query);
$row = mysql_fetch_array($result);

// check that the 'route_id' matches up with a row in the databse
if($row)
{

// get data from db
$routenumber = $row['route_number'];
$depicao = $row['dep_icao'];
$arricao = $row['arr_icao'];
$aircrafttype = $row['aircraft_type'];

// show form
renderForm($id, $routenumber, $depicao, $arricao, $aircrafttype, '');
}
else
// if no match, display result
{
echo "No results!";
}
}
else
// if the 'route_id' in the URL isn't valid, or if there is no 'route_id' value, display an error
{
echo 'Error!';
}
}
?>

Link to comment
Share on other sites

@teke: You would use "ASC": http://php.about.com/od/learnmysql/p/SQL_order_by.htm

 

@iv4n: That's a bit outside the scope of this tutorial, since it only covers add/remove/delete, not setting up an entire administrative system with login functionality. If you want something more complex, check out my PHP Login series on the KillerSites Video Library within the PHP section: http://killersites.com/video-library/

Link to comment
Share on other sites

@Gunny:

 

You have a route_id set in your URL, correct? It should look like: edit.php?route_id=[number]. Route_id should be numeric -- only consisting of numbers -- otherwise you will get an error.

 

Does that help get you started?

 

 

Hi Ben,

 

Yes my url ends like this editroute.php?route_id=13

 

Thanks for your help, I have been going over and over the code for hours now :bash: but still cannot find where the issue is!

 

Cheers

 

Gunny

Link to comment
Share on other sites

Ben,

 

Hats of too you my friend you're a genius!

 

I amended line 57 to

 

if (is_numeric($_GET['route_id']))

 

and line 60 to

 

$id = $_GET['route_id'];

 

All is now working.

 

Thank you so much for your assistance :clap:

 

Take care,

 

Gunny

Link to comment
Share on other sites

  • 4 weeks later...

Hi, Ben that is good coding. I have problem in delete and edit pages with "is_numeric". I think so! I cannot delete data whose Id is varchar and it is primary key in database but I can delete and edit data with numeric id in it. In this case I want to go with the type cast so that varchar can be recognize as numeric. I not able to understand the type cast implementation. Can you help me with this?

Link to comment
Share on other sites

Take a look at intval() -- http://php.net/manual/en/function.intval.php

 

The examples should be pretty clear, but as an example:

 

$id = '42'; // a string

$id = intval($id) // string converted to int

 

...this really sounds like a database issue. If you're dealing with numbers, you really should be using the int type in the database, not varchar.

Link to comment
Share on other sites

  • 3 weeks later...

Hi Ben,

 

I just start My Website just now , this app php was great but can we coding that our member view his own datebase?

 

Any code?

If you want help, you'll need to explain more about what you need.

 

If you're talking about a member login system, see http://www.killersitesuniversity.com/courses/view/php_login_with_oop_and_mvc

Link to comment
Share on other sites

I mean that i use this basic Php System : view /edit/detele /add records + Member login , Any idea that we can make our user just can view his own database?

 

Example : User A view /edit/detele /add records to A Database and cannot view DateBase of B and C

User B view /edit/detele /add records to B Database and cannot view DateBase of A and C

User C view /edit/detele /add records to A Database and cannot view DateBase of Aand B

 

Does it Possbile ?

Link to comment
Share on other sites

Hi Ben, can user having they own mysql database use this php apps?

 

For example , I login using My ID then just only can view my data that i add/edit/delete ?

Any idea or code for it ?

 

 

this code i search at Google just now : SELECT * FROM table WHERE id_user = [id_login_user] ? How to add on it ?

 

Sorry my english was so poor :)

Link to comment
Share on other sites

  • 2 months later...

Hi,

 

I am a new member and also new in php/mysql.

Thanks a lot for the tutorial, it is a great help for people who just started learning php.

 

I am trying to do something very similar with the tutorial but keep getting an sql error when I try to add a new record.

 

The only difference is that I have some extra fields : "from" "to" "reason" are varchar, "amount" is a decimal and "date" is a timestamp.

I am using a form just like the tutorial to add new data:

 

<form action="" method="post">
<div>
<strong>From: *</strong> <input type="text" name="from" value="<?php echo $fromm; ?>" /><br/>
<strong>To: *</strong> <input type="text" name="to" value="<?php echo $too; ?>" /><br/>
<strong>Amount: *</strong> <input type="text" name="amount" value="<?php echo $amountt; ?>" /><br/>
<strong>Reason: *</strong> <input type="text" name="reason" value="<?php echo $reasonn; ?>" /><br/>
<p>* required</p>
<input type="submit" name="submit" value="Submit">
</div>
</form> 

 

but get an error for this part:

 

// save the data to the database
mysql_query("INSERT connections SET from='$from', to='$to', amount='$amount', reason='$reason', date=NOW()")
or die(mysql_error()); 

 

I would appreciate if someone could help

Thanks!

Link to comment
Share on other sites

What is the exact error message that you are getting?

 

Hi Ben,

 

Thanks for the fast reply. I get this:

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'from='George', to='Paul', amount='3.5', reason='something', date=NOW()' at line 1

 

Would it help if I paste all the code from new.php?

 

Thanks

Link to comment
Share on other sites

Personally, I would open up PHPMyAdmin and try pasting the query into a SQL query field (open up your database in PHPMyAdmin and look for the SQL tab). I'm not immediately seeing an issue with the query (though I could be missing something obvious) so entering it into PHPMyAdmin should give you a more specific error message.

Link to comment
Share on other sites

Actually after giving it more thought, I think I know what is going on -- "from" is a reserved word in MySQL (see http://dev.mysql.com/doc/refman/5.5/en/reserved-words.html). Personally, I would change that column in the database to something else, or use backticks to escape it (see the first solution on http://serverfault.com/questions/124083/mysql-how-to-quote-or-escape-field-names).

Link to comment
Share on other sites

Personally, I would open up PHPMyAdmin and try pasting the query into a SQL query field (open up your database in PHPMyAdmin and look for the SQL tab). I'm not immediately seeing an issue with the query (though I could be missing something obvious) so entering it into PHPMyAdmin should give you a more specific error message.

 

I tried that, but it shows me the same generic error. Does it matter that I am not mentioning the id? (it has an AUTO_INCREMENT attribute)

Or maybe there is an error with my php?

 

Cheers

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...