Could someone please check my code for this filter query? After filtering a record(s) by field, It's supposed to allow me to select and then either update or delete a record. The code works for the filtering part, but when I try to select the record and then click the Update button it just returns to the first page for filtering. Here's the code:
<fieldset><legend align="center"><b>Filter Your Query</b></legend>
<form action="<?php echo $PHP_SELF; ?>" method="post">
<?php
@ $db = mysql_pconnect('host', 'username', 'pw');
if (!$db)
{
echo 'Error: Could not connect to database. Please try again later.';
exit;
}
mysql_select_db('dbname');
$query = "select * from webform where ".$searchtype." like '%".$searchterm."%'";
$result = mysql_query($query);
if(!$Filter)
{
?>
Query Type:
<select name="searchtype">
<option value="fullname">Name</option>
<option value="city">City</option>
<option value="state">State</option>
<option value="service">Service</option>
<option value="review">Review Type</option>
<option value="reviewyear">Review Year</option>
</select>
<br />
Query Term:
<input name="searchterm" type="text">
<br />
<input type="submit" name="Filter" value="Filter Records">
<?php
}
?>
<?php
if($Filter)
{
if (!$Submit)
{
if (!$searchtype || !$searchterm)
{
echo 'You have not entered search details. Please go <a href="searchclients.php">back</a> and try again.';
exit;
}
while($r = mysql_fetch_array($result))
{
$id=$r["id"];
$fullname=$r["fullname"];
$address=$r["address"];
$city=$r["city"];
$state=$r["state"];
$zip=$r["zip"];
$phone=$r["phone"];
$extension=$r["extension"];
$fax=$r["fax"];
$email=$r["email"];
$service=$r["service"];
$review=$r["review"];
$reviewyear=$r["reviewyear"];
$reviewduemonth=$r["reviewduemonth"];
$reviewdueday=$r["reviewdueday"];
$reviewdueyear=$r["reviewdueyear"];
$comments=$r["comments"];
$searchtype=$HTTP_POST_VARS['searchtype'];
$searchterm=$HTTP_POST_VARS['searchterm'];
$searchterm= trim($searchterm);
$searchtype = addslashes($searchtype);
$searchterm = addslashes($searchterm);
?>
<input type="radio" name="id" value="<?php echo $id; ?>">
<?php echo $fullname; ?><br />
<?php echo $address; ?><br />
<?php echo $city; ?>, <?php echo $state; ?> <?php echo $zip; ?><br />
Tel: <?php echo $phone; ?> Ext: <?php echo $extension; ?><br />
Fax: <?php echo $fax; ?><br />
Email: <?php echo $email; ?><br />
Service: <?php echo $service; ?><br />
Peer Review: <?php echo $review; ?><br />
Peer Review Year: <?php echo $reviewyear; ?><br />
Peer Review Date: <?php echo $reviewduemonth; ?> <?php echo $reviewdueday; ?>,
<?php echo $reviewdueyear; ?>
Comments: <?php echo $comments; ?>
<br /><br />
<a href="accessdatabase.php">Unfilter database</a><br /><br />
<?php
}
?>
<input type="submit" name="Submit" value="Update">
<?php
}
?>
<?php
if($Submit)
{
if(!$id)
{
echo 'Please select a record before pressing the Update button.<br /><br />';
while($r = mysql_fetch_array($result))
{
$id=$r["id"];
$fullname=$r["fullname"];
$address=$r["address"];
$city=$r["city"];
$state=$r["state"];
$zip=$r["zip"];
$phone=$r["phone"];
$extension=$r["extension"];
$fax=$r["fax"];
$email=$r["email"];
$service=$r["service"];
$review=$r["review"];
$reviewyear=$r["reviewyear"];
$reviewduemonth=$r["reviewduemonth"];
$reviewdueday=$r["reviewdueday"];
$reviewdueyear=$r["reviewdueyear"];
$comments=$r["comments"];
?>
<input type="radio" name="id" value="<?php echo $id; ?>">
<?php echo $fullname; ?><br />
<?php echo $address; ?><br />
<?php echo $city; ?>, <?php echo $state; ?> <?php echo $zip; ?><br />
Tel: <?php echo $phone; ?> Ext: <?php echo $extension; ?><br />
Fax: <?php echo $fax; ?><br />
Email: <?php echo $email; ?><br />
Service: <?php echo $service; ?><br />
Peer Review: <?php echo $review; ?><br />
Peer Review Year: <?php echo $reviewyear; ?><br />
Peer Review Due Date: <?php echo $reviewduemonth; ?> <?php echo $reviewdueday; ?>,
<?php echo $reviewdueyear; ?><br />Comments: <?php echo $comments; ?>
<br /><br />
<?php
}
?>
<input type="submit" name="Submit" value="Update">
<?php
exit;
}
if (!$Update)
{
$sql = "SELECT * FROM webform WHERE id=$id";
$result = mysql_query($sql);
$myrow = mysql_fetch_array($result);
?>
<input type="hidden" name="id" value="<?php echo $myrow["id"]; ?>">
Client Name:
<input type="text" name="fullname" value="<?php echo $myrow["fullname"]; ?>" size=30><br />
Address:<input type="text" name="address" value="<?php echo $myrow["address"]; ?>" size=30><br />
City:<input type="text" name="city" value="<?php echo $myrow["city"]; ?>" size=15>,
State:<input type="text" name="state" value="<?php echo $myrow["state"]; ?>" size="2">
Zip:<input type="text" name="zip" value="<?php echo $myrow["zip"]; ?>" size="5"><br />
Phone:<input type="text" name="phone" value="<?php echo $myrow["phone"]; ?>" size="15">
Ext:<input type="text" name="extension" value="<?php echo $myrow["extension"]; ?>" size="4"><br />
Fax:<input type="text" name="fax" value="<?php echo $myrow["fax"]; ?>" size="11"><br />
Email:<input type="text" name="email" value="<?php echo $myrow["email"]; ?>" size=40><br /> <br />
Service:
<input type="text" name="service" value="<?php echo $myrow["service"]; ?>" size=20><br /><br />
Peer Review:
<input type="text" name="review" value="<?php echo $myrow["review"]; ?>" size=19><br />
Peer Review Year:
<input type="text" name="reviewyear" value="<?php echo $myrow["reviewyear"]; ?>"
size=4><br />
Peer Review Due Date:<br />
<input type="text" name="reviewduemonth" value="<?php echo $myrow["reviewduemonth"]; ?>" size=9>
<input type="text" name="reviewdueday" value="<?php echo $myrow["reviewdueday"]; ?>" size=2>,
<input type="text" name="reviewdueyear" value="<?php echo $myrow["reviewdueyear"]; ?>" size=4><br />
Comments: <textarea name="comments" class="bodytext" style="width:500" rows="5" cols="75" value="<?php echo $myrow["comments"]; ?>"><?php echo $myrow["comments"]; ?></text><br /><br />
<input type="hidden" name="Submit" value="Update">
<input type="submit" name="Update" value="Edit">
<input type="submit" name="Update" value="Delete">
<input type="submit" name="Update" value="Cancel">
<?php
}
if($Update == 'Edit')
{
$sql = "UPDATE webform SET fullname=$fullname, address=$address, city=$city,
state=$state, zip=$zip, phone=$phone, extension=$extension, fax=$fax, email=$email, service=$service, review=$review, reviewyear=$reviewyear,
reviewduemonth=$reviewduemonth, reviewdueday=$reviewdueday,
reviewdueyear=$reviewdueyear, comments=$comments WHERE id=$id";
$result= mysql_query($sql);
if($result)
{
echo 'The record for '.$fullname.' was successfully updated.<br /> Click <a href="allclients.php">here</a> to go back.';
}
if(!$result)
{
echo 'The record for '.$fullname.' was not successfully updated.<br /> Click <a href="allclients.php">here</a> to go back.';
}
}
if($Update == 'Delete')
{
$sql = "DELETE FROM webform WHERE id='$id'";
$result = mysql_query($sql);
if($result)
{
echo 'The record for '.$fullname.' was successfully deleted.<br /> Click <a href="allclients.php">here</a> to go back.';
}
if(!$result)
{
echo 'The record for '.$fullname.' was not successfully deleted.<br /> Click <a href="allclients.php">here</a> to go back.';
}
}
if($Update == 'Cancel')
{
echo 'Update canceled<br /><br /><a href="allclients.php">Back to client results</a>';
exit;
}
}
}
?>
</form>
</fieldset>
