Hi, I am having trouble with something.

I have a form that submits something to a database, and another to edit what's been submitted. When I click the edit form, the address when clicked shows as

/edit_event.php?pid=3

but as soon as I submit the form to replace what's in the database, it comes up with an error page saying the address can't be found, because the ? in the URL for the submit button has been replaced with %3F, going to a page that doesn't exist.

/edit_event.php%3fpid=3

Sorry if this is poorly worded, not sure on the best terminology. Any ideas on how to fix this? I did research it but I couldn't find anything that worked. Any help would be much appreciated.

    I haven't used that anywhere, or perhaps I just don't get it.

    Here's some snippets of code that deal with how I get the ID for this:

    if (isset($_POST['event_name'])){

$pid = mysql_real_escape_string($_POST['thisID']);
    if(isset($_GET['pid'])){
	$targetID = $_GET['pid'];
	$sql = mysql_query("SELECT * FROM events WHERE id='$targetID' LIMIT 1");

    Then in my form, I have:

    <td><input name="thisID" type="hidden" value="<?php echo $targetID; ?>" />

    Where am I going wrong?

      How is it that your form field is named "thisID" but the URL has a field named "pid" and the $GET array an element named 'pid'? How does the input field you quoted relate to the URL you're having trouble with? Indeed, where does $GET['pid'] come from? Where does the URL come from - how is it generated and how is it used?

        And why are you using the value from $_GET['pid']
        1. as a string
        2. without proplery escpaing it

        rather than casting to int and using it as an int (provided it is one).

          Ehm sorry, I'm not sure what part of the code i've got wrong so I probably missed something vital. I've learned a lot while doing this project but I'm sure I'm making plenty of mistakes with it as well. Everything else works just fine though with what I have here, the ? becoming %3F is the only issue i'm having, at least for now.

          With this code, when I click the submit button to update the data in the MYSQL database, it goes to an error 404 saying the page doesn't exist. Rather than being "admin/edit_event.php?pid=3" it's "admin/edit_event.php%3fpid=3"

          On the events_list.php page, I have

          $id = $row["id"];

          followed by, for the edit link that takes you to edit_events.php

          $event_list .= '<td><a href="edit_event.php?pid='.$id .'">edit</a></td>';

          which adds a link to the table with the ID of the event i'm editing.

          <?php 
if (isset($_POST['event_name'])){

$pid = mysql_real_escape_string($_POST['thisID']);
$event_name = mysql_real_escape_string($_POST['event_name']);
$event_category = mysql_real_escape_string($_POST['event_category']);
$event_details = mysql_real_escape_string($_POST['event_details']);
$month = $_POST['datemonth'];
$day = $_POST['dateday'];
$year = $_POST['dateyear'];
$event_date = date('Y-m-d', strtotime($year.'-'.$month.'-'.$day));

//Match event to other events
$sql = mysql_query("UPDATE events SET event_name='$event_name', event_details='$event_details', event_category='$event_category', event_date='$event_date', WHERE id='$pid'");

header("location: admin_login.php");
exit();
}
?>
          <?php 
//Gather information on this event to insert into form
if(isset($_GET['pid'])){
	$targetID = $_GET['pid'];
	$sql = mysql_query("SELECT * FROM events WHERE id='$targetID' LIMIT 1");
	$eventCount = mysql_num_rows($sql); //count the output amount
	if ($eventCount > 0) {
		while ($row = mysql_fetch_array($sql)){

	$event_name = $row["event_name"];	
	$event_category = $row["event_category"];
	$event_details = $row["event_details"];
	$event_date = strftime("%b %d, %Y", strtotime($row["event_date"]));
}
} else {
	echo "This item does not exist. Return to the <a href='index.php'>admin area</a>";
	exit();
}
}
?>

          And here is a cut-down version of the form

          <form action="edit_event.php" enctype="multipart/form-data" name="eventform" id="eventform" method="post">
            <table width="100%" border="0" cellpadding="2">
              <tr>
                <td width="200">Name</td>
                <td><input type="text" name="event_name" id="event_name" size="64" value="<?php echo $event_name ?>"/></td>
              </tr>
              <tr>
                <td width="200">Category</td>
                <td><select name="event_category" id="event_category">
                  <option value="<?php echo $event_category ?>"><?php echo $event_category ?></option>
                  <option value="Category 1">Category 1</option>
                  <option value="Category 2">Category 2</option>
                  <option value="Category 3">Category 3</option>
                </select></td>
              </tr>
              <tr>
                <td width="200">Event Details</td>
                <td><label>
                <textarea name="event_details" id="event_details" cols="64" rows="5"><?php echo $event_details ?></textarea>
                </label></td>
              </tr>
              <tr>
                <td>&nbsp;</td>
                <td>Day <select name="dateday" id="dateday">
                  <option selected="selected">1</option>
                  <option>2</option>
                </select>
                  Month
                  <select name="datemonth" id="datemonth">
                    <option selected="selected">1</option>
                    <option>2</option>
                    <option>3</option>
                </select>
                  Year
                  <select name="dateyear" id="dateyear">
                    <option selected="selected">1999</option>
                    <option>2000</option>
                    <option>2001</option>
                 </select></td>
              </tr>
              <tr>
                <td width="200">&nbsp;</td>
                <td><input name="thisID" type="hidden" value="<?php	echo $targetID; ?>" />
                <input type="submit" name="button" id="button" value="Submit Changes" /></td>
              </tr>
            </table>
        </form>
            Kritter5x wrote:

            followed by, for the edit link that takes you to edit_events.php

            $event_list .= '<td><a href="edit_event.php?pid='.$id .'">edit</a></td>';

            Where and how is this used? What do you do with $event_list?

            If you look at the HTML source of the page where it is used, what does the link's URL look like?

              It's used on the previous page to populate a table with listed events, each with an "edit" and "delete" button.

              When you click the "edit" button, it takes you to the "edit_events.php" page. It uses the ID of the event in the URL so that you can edit or delete a specific event from the database based on the ID.

              $event_list="";

$sql = mysql_query("SELECT * FROM events");
$productCount = mysql_num_rows($sql); 
if ($productCount > 0) {
	while ($row = mysql_fetch_array($sql)){
		$id = $row["id"];	
		$event_name = $row["event_name"];	
		$event_category = $row["event_category"];
		$event_date = strftime("%b %d, %Y", strtotime($row["event_date"]));
		$event_list .= "<tr>";
		$event_list .= '<td>'. $id . '</td>';
		$event_list .= '<td>'. $event_name . '</td>';
		$event_list .= '<td>'. $event_date . '</td>';
		$event_list .= '<td><a href="edit_event.php?pid='.$id .'">edit</a></td>';
		$event_list .= '<td><a href="event_list.php?deleteid='. $id . '">delete</a></td>';
		$event_list .= "</tr>";
	}
} else {
    //echo 'There are currently no events listed';
	$event_list = "You have no events listed in your store yet";
}

                Hi, thanks all for the help. I actually managed to solve this one myself after basically rewriting the thing and basing it off something else I've used before that was much less convoluted. Live and learn I suppose, it all seems to work now without any errors or problems and updates everything nicely.

                Cheers!

                  Write a Reply...