[Resolved] What am I missing? Form handlers etc

Tiigeress

I am trying to build a profile module for the members of my site to create and manage their own and have it completely automated (IE from them entering the info to the database, to it displaying on a dynamic page).

I got the user submission form working, and the display page and dynamic links all working... however i am really stuck with allowing users to edit their own entries..... So far i have it set to identify by password, and that works, but no matter what i do it wont submit the newly updated information to the database... when you press submit it takes you to the thank you page but the record remains unchanged... so if anyone has a spare moment could you maybe look over my code and see if you can help? Thanks much 🙂

This is the form handler code: locate.php

<html><head></head><body>
// random html stuff commented out
<?php
      $bgcolor="black"; 
      $text="white";
      $fontfamily= "Arial, Verdana, Helvetica";
      $database_name="#####"; 
      $table_name = "myth"; 
      $idx = "ID";     // I added this thinking maybe it 
// wasnt recognizing idx when the field in the db is named 
// ID -- either way it does the same thing....

  $conndb = mysql_connect("host", "usr", "pass") or die("Unable to connect to database:user");
	mysql_select_db($database_name, $conndb) or die ("Could not select the database!");

if ($actiontotake == 'deleterecord') {
	$query = "DELETE FROM  $table_name  WHERE ID='$idx'";
	$result = mysql_db_query( $database_name, $query);
  	echo "Your record data has been deleted.";

    exit;
}

if ($actiontotake == 'updaterec') {
   $query = "UPDATE $table_name SET NAME='$NAME', RACE='$RACE', CITY='$CITY', MAINJOB='$MAINJOB', SUBJOB='$SUBJOB' WHERE ID='$idx'";
   $result = mysql_db_query($database_name, $query);
   echo "Your record data has been updated.";
       exit;
}

if ( $actiontotake == 'editrec'|| $actiontotake == 'delrec' )  {
	$query = "SELECT * FROM $table_name WHERE pwd='$pwd'";
	$result = mysql_db_query( $database_name, $query );
	$numrecfound = mysql_num_rows($result);
	if (!$numrecfound )  {
		echo "<BASEFONT SIZE=4><CENTER>";
        echo "\n<BR><BR>Record with entered password <B>( <font color=white>'$pwd'</font> )</B> 
not found<BR>Or, you did not enter your password 
correctly";
           echo "\n<BR>Press the <B>Back</B> button on your browser<BR> and enter your Password again";
            exit;
        }
    }
	if( $actiontotake == 'editrec' )  {
		echo "<Font Size=4>Edit your record shown below<BR>
Then press <B>'MakeChanges'</B> button</font><BR><BR><BR>";
    }

if( $actiontotake == 'delrec' )  {
	echo "<Font Size=4>Is this your record to delete?</font><BR><BR>";
	echo "<Font Size=3>Clicking the DeleteRecord button below will delete this record</font><BR><BR><BR>";
}
while ( $r = mysql_fetch_array($result) )  {
  $Fetchedidx = $r["ID"];
  $FetchedNAME = $r["NAME"];
  $FetchedRACE = $r["RACE"];
  $FetchedCITY = $r["CITY"];
  $FetchedSEX = $r["SEX"];
  $FetchedMAINJOB = $r["MAINJOB"];
  echo "\n<FORM NAME=editform ACTION=locate.php METHOD=POST>";
  echo "\n<TABLE width=\"50%\">";
  echo "\n<TR><TD>NAME:</TD>
<TD><INPUT TYPE=TEXT NAME=NAME  VALUE=\"$FetchedNAME\"></TD>
</TR>";
      echo "\n<TR><TD>RACE:</TD>
<TD><INPUT TYPE=TEXT NAME=RACE  VALUE=\"$FetchedRACE\"></TD>
</TR>";
      echo "\n<TR><TD>CITY:</TD>
<TD><INPUT TYPE=TEXT NAME=CITY  VALUE=\"$FetchedCITY\"></TD>
</TR>";
      echo "\n<TR><TD>MAINJOB:</TD>
<TD><INPUT TYPE=TEXT NAME=MAINJOB  VALUE=\"$FetchedMAINJOB\"></TD>
</TR>";
      echo "\n<TR><TD>SUBJOB:</TD>
<TD><INPUT TYPE=TEXT NAME=SUBJOB  VALUE=\"$FetchedSUBJOB\"></TD>
</TR>";
	  echo "\n<INPUT TYPE=Hidden NAME=ID  VALUE=\"$FetchedID\">";
	  if( $actiontotake == 'editrec' ) { 
		 echo "\n<INPUT TYPE=Hidden NAME=actiontotake  VALUE=updaterec>";
		 echo "\n<TR><TD COLSPAN=2 Align=Center><BR><INPUT TYPE=Submit VALUE=MakeChanges></TD></TR></TABLE></FORM>";
      }
 	  if( $actiontotake == 'delrec' ) {
         echo "\n<INPUT TYPE=Hidden NAME=actiontotake  VALUE=deleterecord>";
         echo "\n<TR><TD COLSPAN=2 Align=Center><BR><INPUT TYPE=Submit VALUE=DeleteRecord></TD></TR></TABLE></FORM>";
      }
   }

?> 
 </BODY></HTML>

dunno if you need this but here ya go.
the page that asks you for password: edit2.php

<SCRIPT Language=JavaScript>
<!-->Hide from old browsers
function check_form()
{
  valid=true;


if (document.addform.pwd.value.length==0)
{ valid=false; alert('Password field is empty!');
document.addform.pwd.focus(); return false}
}
//-->
</SCRIPT>

// html headers blah blah

<Form Name=addform Action="locate.php" Method="POST" onsubmit='return check_form()'>
<CENTER><Font Color=ffeedd Size=-1>Fields with Asterik are Required</font></center>
<Table Border="0" Width="300">
<TR><TD Align="Right">Your Password *: </Td><TD><INPUT Type="password" name=pwd Size=20 maxlength=8></Td></Tr>
<TR><TD Colspan=2><INPUT Type="Hidden" Name="actiontotake" Value="editrec"></TD></TR>
<TR><TD></TD><TD><BR><INPUT Type="Submit" Value="Go Get It!" action="locate.php"></Td></Tr>
</Table></Form><BR>

Tiigeress

sleep might be a good thing 😉