0

i want to make so my webpage takes values from a table in a database and displays them on the screen in the format that is shown below in the code, however i would then like to take the values for BikeID and ContactEmail and save them to session storage to be used on the update confirm page which your taken to when the update button is clicked. however the first issue is that the values wont save to the session storage and the second is that even if they did would the session get the correct value according to the Table/BikeID selected where the button is clicked. Image of the page layout after the code is run is below.

if anyone has any ideas i would be grateful.

  <?php

        mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

        $username="Username"; // change this to your database username
        $password="Password"; // change this to your database password
        $database="Database"; // change this to your database username

        $conn = new mysqli('localhost', $username, $password, $database);
        // Check connection
        if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
        }
        $sql = "SELECT * FROM tblBikeStolen, tblBike WHERE tblBike.BikeID=tblBikeStolen.BikeID";
            $result = $conn->query($sql);

            if ($result->num_rows > 0) {
            // output data of each row
                while($row = $result->fetch_assoc()) {
                echo "<div id='UpdateTable'><table><tr><td> User No: " . $row["User"] . "</td> 
 <td>Bike ID: " . $row["BikeID"]. "</td><td> Contact: " . $row["ContactEmail"] . "</td></tr><tr><td> 
 Reported Time: " . $row["ReportTime"] . "</td><td> Address: " . $row["Address"] . "</td><td> Bike 
 MPN: " . $row["BikeMPN"] . "</td></tr><tr><td> Bike Brand: " . $row["BikeBrand"] . "</td><td> Bike 
 Model: " . $row["BikeModel"] . "</td><td> Bike Type: " . $row["BikeType"] . "</td><tr><td> 
 Investigation Notes: " . $row["UpdateNotes"] . "</td></tr><tr><td> Status: " . $row["Status"] . " 
 </td></tr><tr><form><button class='btn btn-primary btnUpdateInvest' type='submit' 
 value='Update'formaction='ConfirmUpdate.php' onClick='UpdateFunctionDAO.php'>Update</button></form> 
 </tr></table></div>";
                $BikeID = $row['BikeID'];
                $_SESSION["BikeID"] = $BikeID;
                $ContactEmail = $row['ContactEmail'];
                $_SESSION["ContactEmail"] = $ContactEmail;
                }
                } else { echo "0 results"; }

                $conn->close();

    ?>

enter image description here

Improve this question

1 Answer 1

Reset to default
1

I recommend starting simple and then expanding your use case:

Instead of using formaction = 'ConfirmUpdate.php', try using formaction = 'ConfirmUpdate.php?bikeid=<your-bike-id>&contactemail=<the-contact-email>'

In ConfirmUpdate.php, check if $_GET['bikeid'] and $_GET['contactemail'] are set and valid. If you didn't get either of those keys or if they were invalid, write a meaningful error message on the screening instructing the user what to do next.

If you received both those keys and their values were reasonable, you can store them in a session for future processing. Once your processing is done, clear out that information from the session.

Your PHP code will look something like this:

echo "...value='Update' formaction='ConfirmUpdate.php?bikeid=" . $row["BikeID"] . "&amp;contactemail=" . $row["ContactEmail"] . "' onClick='UpdateFunctionDAO.php'>...";

Try this and see how it works. You might have to do more work after this to ensure that the data you are publishing on the page is sanitized and not susceptible to injection.

Example

Let's say your initial page is called test.php and it looks like this:

<?php

    mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);

    $username=""; // change this to your database username
    $password=""; // change this to your database password
    $database=""; // change this to your database username

    $conn = new mysqli('localhost', $username, $password, $database);

    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    }

    $sql = "your sql query";
    $result = $conn->query($sql);
    if ($result->num_rows > 0)
    {
        while ($row = $result->fetch_assoc())
        {
            $displayText = sprintf('<div>Some other info. Bike ID is %s and contact is %s.</div>',
                $row['bikeid'],
                $row['contactemail']
            );

            $form = sprintf('
                <form method="post" action="ConfirmUpdate.php">
                    <input type="hidden" name="bikeid" value="%s">
                    <input type="hidden" name="contactemail" value="%s">
                    %s
                    <input type="submit" value="Submit">
                </form>',
                $row['bikeid'],
                $row['contactemail'],
                $displayText
            );

            echo $form;
        }
    }

    $conn->close();
?>

Result

enter image description here

Your ConfirmUpdate.php will look like this:

<?php
    session_start();
    $_SESSION['bikeid'] = $_POST['bikeid'];
    $_SESSION['contactemail'] = $_POST['contactemail'];

    echo sprintf('Received bike id %s and contact email %s',
        $_SESSION['bikeid'],
        $_SESSION['contactemail']
    );
?>

When you click on the first button, you will be taken to ConfirmUpdate page, which will look like this:

Received bike id 1 and contact email [email protected]

When you click the 2nd button, you will see:

Received bike id 2 and contact email [email protected]

Test this out on your own systems and you should be able to replicate this code in your project.

Improve this answer
Sign up to request clarification or add additional context in comments.

19 Comments

Ok thank you ill have a go to see if this fix works, ill let you know
Don't worry about the session first. Just try to ensure that each update button has a formaction like the one I have show. Once you get to that step, we can discuss the next step. Were you able to ensure that update button had the formaction like I mentioned?
Yes each update button has the formaction as described.
this is the code i have so far . ` $BikeID = $_GET['BikeID']; $ContactEmail = $_GET['ContactEmail']; $_SESSION["BikeID"] = "$BikeID"; $_SESSION["ContactEmail"] = "$ContactEmail"; echo "<table><tr><td id='BikeID'>Bike ID: " . $_SESSION["BikeID"] . "</td><td id='ContactEmail'> Contact: " . $_SESSION["ContactEmail"] . "</td></tr></table>";`
Awesome. In ConfirmUpdate.php, right after <?php, type var_dump($_GET). When you try your application again and reach ConfirmUpdate, you will see the bike ID and contact email. Do you see that?
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.