Try adding the following to the very start of the script so that all warnings and notices are dsplayed:

<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);

My guess is that there is some configuration difference, such as with the register_globals setting. If so, I would expect to see a bunch of notices about variables not being set, or other such problems.

You're right, I just added the script and got a shed load of errors about variables.
I've got something to work on now. Thank you very much NogDog

Notice: Undefined variable: staff_first_name in D:\xampp\htdocs\admin\adminpage_staff_edit.php on line 20

Notice: Undefined variable: staff_last_name in D:\xampp\htdocs\admin\adminpage_staff_edit.php on line 21

Notice: Undefined variable: dept_id in D:\xampp\htdocs\admin\adminpage_staff_edit.php on line 22

Notice: Undefined variable: staff_title in D:\xampp\htdocs\admin\adminpage_staff_edit.php on line 23

Notice: Undefined variable: staff_email in D:\xampp\htdocs\admin\adminpage_staff_edit.php on line 24

Notice: Undefined variable: staff_telephone in D:\xampp\htdocs\admin\adminpage_staff_edit.php on line 25

Notice: Undefined variable: staff_is_manager in D:\xampp\htdocs\admin\adminpage_staff_edit.php on line 58

Notice: Undefined variable: staff_reports_to in D:\xampp\htdocs\admin\adminpage_staff_edit.php on line 59

Notice: Undefined variable: staff_fax in D:\xampp\htdocs\admin\adminpage_staff_edit.php on line 60

I've tried everything I can but I still cant fix it.

Please help

Wow, that was quick to try everything, I always thought it would take months :p

Anyway, the best thing is to solve the problems and use $POST['staff_first_name'] (if it is a POSTed value) or $GET['staff_first_name'] (if it a GET value). It will take some time, but then it is ready to handle new versions of PHP.

I've tried it using $POST and $GET and it works. This must be down to register_globals being turned off with php.ini in the later versions of PHP.

Thank you so much I would never have done it without your help

Just been fixing my other edit forms using $POST and $GET but I still cant get one of them working.

<?
if($_GET["cmd"]=="edit" || $_POST["cmd"]=="edit")
{
   if (!isset($_POST["submit"]))
   {
      $id = $_GET["id"];
      $sql = "SELECT * FROM news WHERE id=$id";
      $result = mysql_query($sql);
      $myrow = mysql_fetch_array($result);
      ?>

  <form action="editNews.php" method="post">
  <input type=hidden name="id" value="<?php echo $myrow["id"] ?>">

  name:<INPUT TYPE="TEXT" NAME="name" VALUE="<?php echo $myrow["name"] ?>" SIZE=30><br>
  start_date:<TEXTAREA NAME="start_date" ROWS=10 COLS=30><? echo $myrow["start_date"] ?></TEXTAREA><br>
  headline:<INPUT TYPE="TEXT" NAME="headline" VALUE="<?php echo $myrow["headline"] ?>" SIZE=30><br>
  article:<INPUT TYPE="TEXT" NAME="article" VALUE="<?php echo $myrow["article"] ?>" SIZE=30><br>
  <input type="hidden" name="cmd" value="edit">

  <input type="submit" name="submit" value="submit">

  </form>

   <? }?>


<?
   if ($_POST["$submit"])
   {

$name = addslashes(trim($_POST['name']));
$start_date = addslashes(trim($_POST['start_date']));
$headline = addslashes(trim($_POST['headline']));
$article = addslashes(trim($_POST['article']));


  $sql = "UPDATE news SET name='$name',start_date='$start_date',headline='$headline',article='$article' WHERE id=$id";

  $result = mysql_query($sql);
  echo "Thank you! Information updated.";
   }
}
?>

1. silverf0x wrote:

   but I still cant get one of them working.

   Okay, so... mind giving us some more information than that? What does it do? Is error reporting turned on and set to E_ALL ? If so, do you get any error messages?

2. In this code:

   if($_GET["cmd"]=="edit" || $_POST["cmd"]=="edit")

   Is "cmd" really that ambiguous, that you never know where it might be coming from? If so, it might be easier to reference the $_REQUEST array instead.

3. Never use short tags ('<?' or '<?='). You should always use the full '<?php' tag.

4. In this bit of code:

         <input type="submit" name="submit" value="submit">
   
     </form>
   
      <? }?>
   
   
   <?
      if ($_POST["$submit"])
      {

   Is there really any need to escape out of PHP just for some blank lines? Might make the PHP code shorter and easier to read if you cut down on some of this whitespace and unnecessary closing/reopening of the PHP tags. No errors or anything here (other than this habit possibly giving you "headers already sent" errors in the future), just a tip/suggestion/etc.

5. Speaking of the above if() statement... Instead of code such as

   if (!$_SESSION['user']) {

   , you should be using something like:

   if (!empty($_SESSION['user'])) {

   or

   if (!isset($_SESSION['user']))

6. Err, now that I look at the logic, there's no need for a separate if() statement to simply reverse the logic; use an [man]else[/man] instead.

7. Your script is vulnerable to SQL injection attacks. You should always sanitize user-supplied data before putting it into a SQL query. Normally you'd do this by running the data through a function such as [man]mysql_real_escape_string/man (when talking to a MySQL server), but since the query I'm talking about is the SELECT query where you take the id number from the query string, I'd say you could use a function such as [man]intval/man instead - that way you know you're getting an integer and not a string (which would break the SQL query).

8. In addition to the above point, later on you use addslashes(). Again, this is sufficient in most cases, though it can still cause your SQL query to become broken. You should always use [man]mysql_real_escape_string/man over [man]addslashes/man because the former is specifically designed for sanitizing data to be used in MySQL queries.

9. This may seem random and out of order, but I just noticed that in this if() statement:

   if ($_POST["$submit"])

   you have an erroneous $ in there. Might want to get rid of that! :p

10. Many take this for granted, but the HTML that appears in the provided code snippet is not W3C standards compliant (e.g. not all values are quoted, elements should be lowercase, elements should always be closed ('<br>' versus '<br />'), etc.).

Eh.. guess I can be rather long-winded. Sorry 'bout that! :o

bradgrafelman wrote:

What does it do?

Its just to edit a row in MySQL. Here's the first page:

include ('inc/config.php');

$query = ('SELECT ID,name,start_date,headline FROM cmsnews2 WHERE CURDATE() >= start_date ORDER BY ID DESC LIMIT 0,5');

if(!isset($cmd)) 
{

$result = mysql_query($query) or die(mysql_error());

while ($row = mysql_fetch_array($result))
      {
echo $row['name'];
echo '<a href="pages/news/viewNews.php?id='.$row['ID'].'">';
echo $row['headline'];
echo '</a>';
echo $row['start_date'];
echo '<a href="pages/news/editNews.php?cmd=edit&id='.$row['ID'].'">Edit</a>';
echo '<p>';
      }
}

A user clicks 'edit' and gets taken to the page I posted.

bradgrafelman wrote:

Is error reporting turned on and set to E_ALL ? If so, do you get any error messages?

Yes and I get "Undefined index: submit in H:\xampplite\htdocs\pages\news\editNews.php on line 39"

bradgrafelman wrote:

Is there really any need to escape out of PHP just for some blank lines? Might make the PHP code shorter and easier to read if you cut down on some of this whitespace and unnecessary closing/reopening of the PHP tags. No errors or anything here (other than this habit possibly giving you "headers already sent" errors in the future), just a tip/suggestion/etc.

If I just have } without escaping out of PHP I get "Parse error: syntax error, unexpected $end in H:\xampplite\htdocs\pages\news\editNews.php on line 70"

bradgrafelman wrote:

Eh.. guess I can be rather long-winded. Sorry 'bout that! :o

Not at all. You're very helpful thanks

What code would you use to edit a row in a MySQL table?