Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

PHP and MySQL problem

N

nick9191

macrumors 68040
Original poster
Feb 17, 2008
3,407
316
Britain
I have a piece of PHP code I'm writing for a Uni assignment, I'm hoping you can guess the functionality from the 2 attached screenshots. Basically, input an ID of a car, it searches the database, retrieves and displays the info. That bit is fine. The user should then be able to change the available field and update the database, I can't get that working.

Excuse the mucky code, comments, bad web design. Obviously this is in development, I'll clean it up and break out the CSS later :)

Any help is appreciated, thank you very much.

Code: 
<html>
  <head>
    <title>Car checkout</title>
  </head>
  <body>
    <h1>Check in or check out a car</h1>
    <?php
      $link = mysql_connect ("localhost", "root", "root");
      mysql_select_db ("najah");
      
      print ("<form action=\"http://localhost:8888/final/check2.php\" method=\"get\">");
      print ("<table border='1'>");
      print ("<tr><th>ID</th></tr>");
      print ("<td><input type=\"text\" name=\"idCode\" size=20></td>");
      print ("<td colspan='2' align='center'>Search<input type=\"checkbox\" name=\"search\" value=\"on\"></td></tr>");
      printf ("<tr><td colspan='6' align='center'><input type=\"submit\" value=\"Search Database\"></td></tr></table></form>");
      
      $iGet = $_GET['idCode'];
      
      //$ids = $_GET['ids'];
      //$carnames = $_GET['carnames'];
      //$totals = $_GET['totals'];
      //$availables = $_GET['availables'];
      
      $search = $_GET['search'];
      
      if ($search == "on")
      {
      		echo "Selecting from car where ID = $iGet";
			$query = "SELECT * from car WHERE ID='$iGet'";
      		$result = mysql_query ($query);
      }
      
      $modify = $_GET['modify'];
      
      if ($modify == "modify")
        {
          echo "working";
          //$query = "update xxyyppeople SET pe_CARNAME='$carnames[$i]', pe_FUELTYPE='$fueltypes[$i]', pe_TRANSMISSION='$transmissions[$i]', pe_ENGINESIZE='$enginesizes[$i]', pe_DOORS='$doors[$i]', pe_TOTAL='$totals[$i]', pe_AVAILABLE='$availables[$i]', pe_DATEADDED='$dateaddeds[$i]' where pe_ID = $id[$i]";
          $query = "UPDATE car SET AVAILABLE='$availables', WHERE ID='$iGet'";
          $result2 = mysql_query ($query);
        }
        
        //if ($modify [$i] == "modify")
        //{
          //mysql_query("UPDATE car SET AVAILABLE='$availables', WHERE ID='$iGet'";
        //}
      
      //$result = mysql_query("SELECT * FROM car WHERE ID=iGet");
      

      print ("<form action=\"http://localhost:8888/final/\" method=\"get\">");
      print "<table>";
      print "<tr>";
      print "<th>ID</th><th>Car Name</th><th>Fuel Type</th><th>Transmission</th><th>Engine Size</th><th>Doors</th><th>Total</th><th>Available</th><th>Date Added</th>";
      print "</tr>";
      for ($i = 0; $i < mysql_num_rows ($result); $i ++)
      {        
        $row = mysql_fetch_object ($result);
        $availables = $_GET['availables'];
        print "<tr>";
        print "<td>$row->ID</td>";
        print "<td>$row->CARNAME</td>";
        print "<td>$row->FUELTYPE</td>";
        print "<td>$row->TRANSMISSION</td>";
        print "<td>$row->ENGINESIZE</td>";
        print "<td>$row->DOORS</td>";
        print "<td>$row->TOTAL</td>";
        printf ("<td><input type='text' name='availables[$i]' value='%s' size='4'></td>", $row->AVAILABLE);
        print "<td>$row->DATEADDED</td>";
        printf ("<td>Modify <input type='checkbox' name='modify' value='modify'></td>");
        print "</tr>";
      }
      print "</table>";
      printf ("<tr><td colspan='6' align='center'><input type=\"submit\" value=\"Update Database\"></td></tr></table></form>");
      
      mysql_close ($link);
    ?>
  </body>
</html>
 

Attachments

  • pic1.png
    pic1.png
    22.8 KB · Views: 150
  • pic2.png
    pic2.png
    33.7 KB · Views: 110
In the Update query I don't think you need the comma after $availables, try removing that.

A few things you can/should do during development.

1. In your query add the "or die (mysql_error()" as should below. That will usually output a message if the query if is failing.

$result2 = mysql_query($query) or die (mysql_error());

2. Double check your database fields AVAILABLE and ID in phpMyAdmin to make sure they are correct (spelling and data) and also echo out the variable $availables before the query to see if it contains the expected data.

echo $availables; exit;
 
This is NOT the problem you mentioned but in your code for the form I see you are referencing the http://localhost:8888/. You really should do that because then the code is not transferable to another web server. You should be able to just do something like this.

print '<form action= "final.php" method="get">';

Assuming final.php is in the same directory as the running script. Or could be final/processForm.php - something like that.

If you want to submit the form to itself (the running script) which is commonly done do this:

?>
<!===== My Form ===============>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<?php
 
Last edited:
In your for loop you have, $i ++. Don't put a space in there. To reduce the number of print statements, look into how to use the heredoc syntax. You make use of the variable, $availables, but you also have it commented out where it is declared. You might want to check out the PHP error log file to see if there are any messages that help you determine why your code is not working.

I also hope your professor will teach you about SQL-injection vulnerabilities as your code has big holes that could easily compromise your database.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back