0

I have two .php files which show all contacts in a database, then allows the user to choose a contact to be edited. The first script is called pick_modcontact.php where I choose a contact, then posts to the script show_modcontact.php When I click the post button on the form on pick.modcontact.php the browser returns to that file due to this code on the beginning of show_modcontact.php

if (!$_POST['id']) {
    header( "Location: pick_modcontact.php");
    exit;
} else {
    session_start();
}
if ($_SESSION['valid'] != "yes") {
    header( "Location: pick_modcontact.php");
    exit;
}

I can not work out how to correct the code so that it will show the results of the script show_modcontact.php

This script shows all contacts in a database which is an "address book" this part works fine. please see below. Name:pick_modcontact.php 

if ($_SESSION['valid'] != "yes") {
    header( "Location: contact_menu.php");
    exit;
} 

$db_name = "testDB";
$table_name = "my_contacts";
$connection = @mysql_connect("localhost", "admin", "user") or die(mysql_error());
$db = @mysql_select_db($db_name, $connection) or die(mysql_error());

$sql = "SELECT id, f_name, l_name FROM $table_name ORDER BY f_name";

$result = @mysql_query($sql, $connection) or die(mysql_error());

$num = @mysql_num_rows($result);

if ($num < 1) {
    $display_block = "<p><em>Sorry No Results!</em></p>";
} else {
    while ($row = mysql_fetch_array($result)) {
        $id = $row['id'];
        $f_name = $row['f_name'];
        $l_name = $row['l_name'];
        $option_block .= "<option value\"$id\">$f_name, $l_name</option>";
    }
    $display_block = "<form method=\"POST\" action=\"show_modcontact.php\">
    <p><strong>Contact:</strong>
    <select name=\"id\">$option_block</select>
    <input type=\"submit\" name=\"submit\" value=\"Select This Contact\"></p>
    </form>";
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Modify A Contact</title>
</head>

<body>
<h1>My Contact Management System</h1>
<h2><em>Modify a Contact</em></h2>
<p>Select a contact from the list below, to modify the contact's record.</p>
<? echo "$display_block"; ?>
<br>
<p><a href="contact_menu.php">Return to Main Menu</a></p>
</body>
</html>

This script is for modifying the contact: named show_modcontact.php

 <?php
if (!$_POST['id']) {
    header( "Location: pick_modcontact.php");
    exit;
} else {
    session_start();
}
if ($_SESSION['valid'] != "yes") {
    header( "Location: pick_modcontact.php");
    exit;
}
$db_name = "testDB";
$table_name = "my_contacts";

$connection = @mysql_connect("localhost", "admin", "pass") or die(mysql_error());

$db = @mysql_select_db($db_name, $connection) or die(mysql_error());

$sql = "SELECT f_name, l_name, address1, address2, address3, postcode, prim_tel, sec_tel, email, birthday FROM $table_name WHERE id = '" . $_POST['id'] . "'"; 

$result = @mysql_query($sql, $connection) or die(mysql_error());

while ($row = mysql_fetch_array($result)) {
    $f_name = $row['f_name'];
    $l_name = $row['l_name'];
    $address1 = $row['address1'];
    $address2 = $row['address2'];
    $address3 = $row['address3'];
    $country = $row['country'];
    $prim_tel = $row['prim_tel'];
    $sec_tel = $row['sec_tel'];
    $email = $row['email'];
    $birthday = $row['birthday'];
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Modify A Contact</title>
</head>

<body>
<form action="do_modcontact.php" method="post">
<input type="text" name="id" value="<? echo $_POST['id']; ?>" />
<table cellpadding="5" cellspacing="3">
<tr>
<th>Name & Address Information</th>
<th> Other Contact / Personal Information</th>
</tr>
<tr>
<td align="top">
<p><strong>First Name:</strong><br />
<input type="text" name="f_name" value="<? echo "$f_name"; ?>" size="35" maxlength="75"  /></p>
<p><strong>Last Name:</strong><br />
<input type="text" name="l_name" value="<? echo "$l_name"; ?>" size="35" maxlength="75"  /></p>
<p><strong>Address1:</strong><br />
<input type="text" name="f_name" value="<? echo "$address1"; ?>" size="35" maxlength="75"  /></p>
<p><strong>Address2:</strong><br />
<input type="text" name="f_name" value="<? echo "$address2"; ?>" size="35" maxlength="75"  /></p>
<p><strong>Address3:</strong><br />
<input type="text" name="f_name" value="<? echo "$address3"; ?>" size="35" maxlength="75" /> </p>
<p><strong>Postcode:</strong><br />
<input type="text" name="f_name" value="<? echo "$postcode"; ?>" size="35" maxlength="75"  /></p>
<p><strong>Country:</strong><br />
<input type="text" name="f_name" value="<? echo "$country"; ?>" size="35" maxlength="75" /> </p>
<p><strong>First Name:</strong><br />
<input type="text" name="f_name" value="<? echo "$f_name"; ?>" size="35" maxlength="75"  /></p>
</td>
<td align="top">
<p><strong>Prim Tel:</strong><br />
<input type="text" name="f_name" value="<? echo "$prim_tel"; ?>" size="35" maxlength="75"  /></p>
<p><strong>Sec Tel:</strong><br />
<input type="text" name="f_name" value="<? echo "$sec_tel"; ?>" size="35" maxlength="75"  /></p>
<p><strong>Email:</strong><br />
<input type="text" name="f_name" value="<? echo "$email;" ?>" size="35" maxlength="75" /> </p>
<p><strong>Birthday:</strong><br />
<input type="text" name="f_name" value="<? echo "$birthday"; ?>" size="35" maxlength="75" /> </p>
</td>
</tr>
<tr>
<td align="center">
<p><input type="submit" name="submit" value="Update Contact" /></p>
<br />
<p><a href="contact_menu.php">Retuen To Menu</a></p>
</td>
</tr>
</table>
</form>

</body>
</html>
Improve this question

1 Answer 1

Reset to default
3

Edited answer to reflect discoveries found in comment thread below for future readers

In your PHP files you need to update 

$_POST[id]

to be 

$_POST['id']

PHP will not now what id is, and therefor will evaluate to false, causing your script to exit, and fall into the loop you are describing.

This is also the case when you are using your $_SESSION array

$_SESSION[valid]

should be

$_SESSION['valid']

$_SESSION, $_POST, $_GET, $_REQUEST, etc are all associative arrays, in order to refer to any of their contents you need to specify the string that refers to the key they are located in.

Ok, in your if statement

if (!$_POST['id']) {
    header( "Location: pick_modcontact.php");
    exit;
} else {
    session_start();
}
if ($_SESSION['valid'] != "yes") {
    header( "Location: pick_modcontact.php");
    exit;
}

You are checking to see if $_SESSION['valid'] does not equal yes, this will evaluate to true because you never set $_SESSION['valid'] = "yes" so it will always go back to pick_modcontact.php here.

Try updating it to be 

if (!$_POST['id']) {
    header( "Location: pick_modcontact.php");
    exit;
} else {
    session_start();

    // let the script know that this is a valid contact
    $_SESSION['valid'] = 'yes';
}
if ($_SESSION['valid'] != "yes") {
    header( "Location: pick_modcontact.php");
    exit;
}

Also

$option_block .= "<option value\"$id\">$f_name, $l_name</option>";

should be (you're misssing an equals sign) which means that on submit, it wont know the value of 'id'

$option_block .= "<option value=\"$id\">$f_name, $l_name</option>";
Improve this answer
Sign up to request clarification or add additional context in comments.

29 Comments

So you've copied the example entirely.. this would assume there are no code errors (my other suggestion would be to make sure you are creating a session using session_start()) so are you sure that your database settings are correct? Can you create a simple script to output the validity of your db connection - I see that you have different db credentials in two scripts.. admin/user and admin_cantsayno/cantsayno maybe that is your issue?
updated my answer, youre using id, not 'id', it doesnt know what id is, needs to be a string 'id'
Both, it will NEVER understand id it has to be $id if it was a variable, or 'id' if its a string, in your case, its 'id' which tells it to grab the 'id' parameter from the POST array
$sql = "SELECT f_name, l_name, address1, address2, address3, postcode, prim_tel, sec_tel, email, birthday FROM $table_name WHERE id = '" . $_POST['id'] . "'";
make sure you update the SESSION and POST issue in ALL files, I still see it in your question.. I dont know if youve updated them or not though..
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.