Posted by toedipper on 09/06/05 02:06

Hello,

PHP4 and MySql

I have the code below, a mixture of handcoded and Dreamweaver genaratd
php code. Basically it's an update record form - I load the values from
a db and bind text boxes etc. This works ok. But I also have an update
action - if a user changes any of the text box values then he can click
update and the code should write the new values to the db. Should, but
it does'nt! When I go and look in the db I can see that the values are
still the old ones. But it does not trip up either and I have a 'on
update success' action that redirects to a congrats page and this DOES work.

thanks in advance,

rg.

<?
session_start();
require_once('Connections/ppchcust.php');


//go and get the pre update values for the form
$colname_rseditprofile = "1";
if (isset($_SESSION['MM_Username'])) {
$colname_rseditprofile = (get_magic_quotes_gpc()) ?
$_SESSION['MM_Username'] : addslashes($_SESSION['MM_Username']);
}
mysql_select_db($database_local, $local);
$query_rseditprofile = sprintf("SELECT custid, password, title,
firstname, surname, company, displayname, `position`, address1,
address2, city, country, postcode, telephone, fax, emailaddress FROM
customers WHERE userid = '%s'", $colname_rseditprofile);
$rseditprofile = mysql_query($query_rseditprofile, $local) or
die(mysql_error());
$row_rseditprofile = mysql_fetch_assoc($rseditprofile);
$totalRows_rseditprofile = mysql_num_rows($rseditprofile);

//this is the update part
function GetSQLValueString($theValue, $theType, $theDefinedValue = "",
$theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) :
$theValue;

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'"
: "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue :
$theNotDefinedValue;
break;
}
return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

//this the actual update code and sql
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] ==
"custregisterform")) {
$updateSQL = sprintf("UPDATE customers SET password=%s, title=%s,
firstname=%s, surname=%s, company=%s, displayname=%s, `position`=%s,
address1=%s, address2=%s, city=%s, country=%s, postcode=%s,
telephone=%s, fax=%s, emailaddress=%s WHERE custid=%s",
GetSQLValueString($_POST['password'], "text"),
GetSQLValueString($_POST['title'], "text"),
GetSQLValueString($_POST['firstname'], "text"),
GetSQLValueString($_POST['surname'], "text"),
GetSQLValueString($_POST['company'], "text"),
GetSQLValueString($_POST['displayname'], "text"),
GetSQLValueString($_POST['position'], "text"),
GetSQLValueString($_POST['address1'], "text"),
GetSQLValueString($_POST['address2'], "text"),
GetSQLValueString($_POST['city'], "text"),
GetSQLValueString($_POST['country'], "text"),
GetSQLValueString($_POST['postcode'], "text"),
GetSQLValueString($_POST['telephone'], "text"),
GetSQLValueString($_POST['fax'], "text"),
GetSQLValueString($_POST['emailaddress'],"text"),
GetSQLValueString($_POST['custid'], "int"));

mysql_select_db($database_local, $local);
$Result1 = mysql_query($updateSQL, $local) or die(mysql_error());

// if update ok then redir to somewhere else THIS WORKS....
$updateGoTo = "regeditprofileok.php";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
}
?>

[Back to original message]