[RESOLVED] Value not getting through ....

anoopd

hi ,

    I am trying to use a single form for adding and editing addresses ... while my add function works well ... the edit is showing some problem .. The address id is not being passed while trying to update .. i dont know what went wrong ... Any help will be appreciated and Thanks in Advance!

So here the code goes

addressForm.php

form action =?<?php echo $action; ?> method="post">

    <p><label>Address Line 1:</label><input type="text" name="add1" value="<?php echo $add1;?>" /></p>
    <p><label>Address Line 2:</label><input type="text" name="add2" value="<?php echo $add2;?>" /></p>
    <p><label>Place:</label><input type="text" name="place" value="<?php echo $place;?>" /></p>
    <p><label>PIN:</label><input type="text" name="pin" value="<?php echo $pin;?>" /></p>
     <p><input type="submit" name="action" value="<?php echo $button;?>" /></p>
    </form>

addAddress.php

<?php
require_once "menu.php";
if((isset($_GET['add'])))
    {
       $pagetitle="Add Address";
       $action="addaddress";
       $add1='';
       $add2='';
       $place='';
       $pin='';
       $button='add address';
       $uid = $uid;
       $aid='';  

       //echo $uid;
       include 'addressForm.php';
       exit();
    }

elseif(isset($_GET['edit']))
{
    $sql="select * from addresses where id=$_REQUEST[aid] and user_id=$_REQUEST[uid]";
    echo $sql."<br/>";
    $row=mysql_fetch_row(mysql_query($sql));
    $pagetitle="Edit Address";
    $action="editaddress";
    $aid = $row[0];

    $uid=$row[1];
   echo "Address Id is ".$aid."  and  User Id is ".$uid;
   $add1=$row[2];
   $add2=$row[3];
   $place=$row[4];
   $pin=$row[6];
   $button='edit address';
   include 'addressForm.php';
   exit();


}
 elseif(isset($_GET['delete']))
{
 $sql= "delete from addresses where addresses.id=$_REQUEST[aid] and addresses.user_id=$_REQUEST[uid]";
 mysql_query($sql);
 echo $_REQUEST[uid];
 echo "<meta http-equiv=\"refresh\" content=\"0;URL=userProfile.php?user_id=$_REQUEST[uid]>";
 }

  if (isset($_POST['action']) and $_POST['action'] =='add address')

  {  
      $add1=mysql_real_escape_string($_POST['add1']);
      $add2=mysql_real_escape_string($_POST['add2']);
      $place=mysql_real_escape_string($_POST['place']);
      $pin=mysql_real_escape_string($_POST['pin']);

      $sql = "insert into addresses (user_id,add1,add2,place,pin) values ('$uid','$add1','$add2','$place','$pin')";
	  mysql_query($sql);
	  echo "<meta http-equiv=\"refresh\" content=\"0;URL=userProfile.php?user_id=$uid>";

  }

   if (isset($_POST['action']) and $_POST['action'] =='edit address')

  {
      /*$add1=mysql_real_escape_string($_POST['add1']);
      $add2=mysql_real_escape_string($_POST['add2']);
      $place=mysql_real_escape_string($_POST['place']);
      $pin=mysql_real_escape_string($_POST['pin']);
      $sql = "update addresses (add1,add2,place,pin) values ('$add1','$add2','$place','$pin') where id= $aid and user_id=$uid";
      echo $sql;*/
	  echo '<br />';
      echo $aid;
	  echo '<br />';
      echo $uid;

  }

?>

When i try to echo $aid .. it is not showing it ...what could have went wrong ....

BuzzPHP

Im unsure how you are handling the "edit" action trigger.

From the code you have posted it looks like you need an anchor similar to this:

<a href=?edit=true&aid=xxxxx&uid=xxxxx>Edit</a>

But, you have not posted any code that generates such HTML.

So, im guessing you are using a button to edit a record. In which case you will need two hidden INPUT fields to pass the "aid" and "uid". ie:

<input type=hidden name=aid value=xxxx>
<input type=hidden name=uid value=xxxx>

But, you haven't posted such code either.

Anyway, normally the "uid" or user id, comes from a $_SESSION variable so its hidden from the user and not editable. Having it as a URL parameter or hidden INPUT field will enable hackers to fake user ids.

But, anyway. Thats all I can see. You need to work out how you are to submit a "aid" variable so that it actually appears in $_REQUEST[aid]

anoopd

Hi Buzz ,
Sorry .. so here is the code i use

<a href='./addAddress.php?edit&uid=$uid&aid=$row[id]'>Edit Address</a>

so i should add

<input type="hidden" name="aid" value=<?php echo $aid;  ?>  />

in address form right ...

Yes it is working ..... Thanks a lot .......