mysql - PHP Update query not receiving variable already defined in page

991

Hi I'm trying to update a single field from a HTML form, for some reason one of the session variables I am passing to the update query is not being accepted. I have already echoed the variable in the page so am fairly certain it exists in memory.

NB, I know my code is horrifically insecure but I'm learning PHP and once I've got the basics working Ill go over it and bring it upto best practice standards.

E2A: If I do var_dump($filename); before trying to run the query it returns string(6) "356/18", after the query it returns NULL. I'm not unsetting the variable anywhere so where could it be going!

Here is my form:

      <form method="post" action="">
      <p>Your username is:&nbsp;<?php echo $_SESSION['userid'] ?>&nbsp;Your company ID is:&nbsp;<?php echo $companyid['id']?></p>
      <h3>Please enter note for file: <?php echo $filename; ?></h3>
      <table width="200" cellpadding="5">
        <tr>
        <th width="18%" align="right" nowrap>Add Note:&nbsp;</th>
        <td width="82%" nowrap>
            <input type="text" name="note" />
        </td>
        </tr>
        <tr>
        <td colspan="2" width="100%" nowrap>
            <input type="submit" value="Submit" name="Submit" />
        </td>
        </tr>
        </table>
      </form>

Here is my UPDATE query:

     $sql = "UPDATE fields SET Notes =          ('".mysql_real_escape_string(stripslashes($_REQUEST['note']))."') 
        WHERE companyId='".$companyid['id']."' AND fileNumber ='".$filename."'";
    if($result = mysql_query($sql)) { 
        echo "<h1>Thank you</h1>Your information has been entered into our database<br><br>";
        echo $sql;
        echo $filename;
        } else { 
        echo "ERROR: ".mysql_error(); 
        } 
        } else { 

echoing $sql produces the following:

     UPDATE fields SET Notes = ('asdasda') WHERE companyId='11' AND fileNumber =''

and here is the bit where I instantiate the POST vars.

         include "header.php";
         $checkFiles = "checkFiles.php";
         // Catches form input from previous page and stores it into session variable called filename for future reference;
         $_SESSION['filename']=$_POST['filename'];
         $filename = $_SESSION['filename'];
         //User id stuff from previous page too; 
         $userid = $_SESSION['userid'];
         $id = mysql_query("SELECT id FROM users WHERE DXNumber='".$userid."'");
         // Returns pointer so fetch it as an array and insert it into variable $companyid for later use;
         $companyid = mysql_fetch_array($id);
27

Answer

Solution:

You need to includesession_start() on the top of each file.

Just do:

AND fileNumber ='".$_SESSION[filename]."'";

In your update query.

If that doesn't work, make sure that a value for$_SESSION[filename] is being set.

849

Answer

Solution:

<h3>Please enter note for file: <?php echo $filename; ?></h3> 

Create a input box

<input type="text" name="filename" value="<?php echo $filename; ?>"/>

Then filename value will be pass to $_POST array

People are also looking for solutions to the problem: php array loop with an array loop to find values

Source

Didn't find the answer?

Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.

Ask a Question

Write quick answer

Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.

Similar questions

Find the answer in similar questions on our website.