Hi,
I would like to know whether "$_SERVER['PHP_SELF'];" can be used more than one time in a script? This is because I have 2 forms in a script therefore I used "self reference" twice but it is not working.
Thank you.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Member Search</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<h2>Search Members' Profile</h2>
<?php
require_once('db_connection.php');
if (isset($_POST['submit'])) {
// Grab the score data from the POST
$target = $_POST['target'];
//Make sure the search term is not empty
if (!empty($target)) {
// Connect to the database
$dbc = mysqli_connect(db_host, db_un, db_psw, db_name) or die('Error to connect MySQL');
// perform search query
$query = "SELECT * FROM members WHERE id = '$target'";
$data = mysqli_query($dbc, $query);
//Loop through the array
echo '<table>';
while($row = mysqli_fetch_array($data)) {
//Display the Members' Profile
echo '<form enctype="multipart/form-data" method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<tr><td>Name:</td><td><input type="text" id="name" name="name" value="' . $row['name'] . '" /></td></tr>';
echo '</table>';
echo '<input type="submit" value="UPDATE" name="update" />';
echo '</form>';
if (isset($_POST['update'])) {
// Grab the update data from the POST
$name = $_POST['name'];
// Update Data
$query = "UPDATE members SET name = '$name' WHERE id = '$target'";
mysqli_query($dbc, $query);
echo 'Changes are made.';
mysqli_close($dbc);
}
}
}
else {
echo 'Error! You must enter search term.';
}
}
?>
<hr />
<form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<table>
<tr>
<td>
Target ID:
</td>
<td>
<input type="text" id="target" name="target" value="<?php if (!empty($target)) echo $target; ?>" />
</td>
</tr>
</table>
<hr />
<input type="submit" value="Search" name="submit" />
</form>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Member Search</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<h2>Search Members' Profile</h2>
<?php
require_once('db_connection.php');
if (isset($_POST['submit'])) {
// Grab the score data from the POST
$target = $_POST['target'];
//Make sure the search term is not empty
if (!empty($target)) {
// Connect to the database
$dbc = mysqli_connect(db_host, db_un, db_psw, db_name) or die('Error to connect MySQL');
// perform search query
$query = "SELECT * FROM members WHERE id = '$target'";
$data = mysqli_query($dbc, $query);
//Loop through the array
echo '<table>';
while($row = mysqli_fetch_array($data)) {
//Display the Members' Profile
echo '<form enctype="multipart/form-data" method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<tr><td>Name:</td><td><input type="text" id="name" name="name" value="' . $row['name'] . '" /></td></tr>';
echo '</table>';
echo '<input type="submit" value="UPDATE" name="update" />';
echo '</form>';
}
} else {
echo 'Error! You must enter search term.';
}
}
if (isset($_POST['update'])) {
// Grab the update data from the POST
$name = $_POST['name'];
// Update Data
$query = "UPDATE members SET name = '$name' WHERE id = '$target'";
mysqli_query($dbc, $query);
echo 'Changes are made.';
mysqli_close($dbc);
}
?>
<hr />
<form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<table>
<tr>
<td>
Target ID:
</td>
<td>
<input type="text" id="target" name="target" value="<?php if (!empty($target)) echo $target; ?>" />
</td>
</tr>
</table>
<hr />
<input type="submit" value="Search" name="submit" />
</form>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Member Search</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<h2>Search Members' Profile</h2>
<?php
require_once('db_connection.php');
if (isset($_POST['submit'])) {
// Grab the score data from the POST
$target_id = $_POST['target_id'];
//Make sure the search term is not empty
if (!empty($target_id)) {
// Connect to the database
$dbc = mysqli_connect(db_host, db_un, db_psw, db_name) or die('Error to connect MySQL');
// perform search query
$query = "SELECT * FROM members WHERE id = '$target_id'";
$data = mysqli_query($dbc, $query);
//Loop through the array
echo '<table>';
while($row = mysqli_fetch_array($data)) {
//Display the Members' Profile
echo '<tr><td>ID:</td><td>' . $row['id'] . '</td></tr>';
echo '<tr><td>Name:</td><td>' . $row['name'] . '</td></tr>';
echo '<tr><td> </td></tr>';
echo '<tr><td> </td></tr>';
echo '<tr><td> </td></tr>';
echo '<tr><td><a href="update_profile.php?id=' . $row['id'] . '&name=' . $row['name'] . '&nric=' . $row['nric'] . '&age=' . $row['age'] . '&dob_date=' . $row['dob_date'] . '&dob_month=' . $row['dob_month'] . '&dob_year=' . $row['dob_year'] . '&gender=' . $row['gender'] . '&race=' . $row['race'] . '&other_race=' . $row['other_race'] . '&religion=' . $row['religion'] . '&other_religion=' . $row['other_religion'] . '&nationality=' . $row['nationality'] . '&other_nationality=' . $row['other_nationality'] . '&occupation=' . $row['occupation'] . '&address1=' . $row['address1'] . '&address2=' . $row['address2'] . '&address3=' . $row['address3'] . '&address4=' . $row['address4'] . '&post_code=' . $row['post_code'] . '&state=' . $row['state'] . '&house_area_code=' . $row['house_area_code'] . '&house_numbers=' . $row['house_numbers'] . '&office_area_code=' . $row['office_area_code'] . '&office_numbers=' . $row['office_numbers'] . '&hp_numbers=' . $row['hp_numbers'] . '&spouse=' . $row['spouse'] . '">Click here to edit Profile</a></td></tr>';
echo '</table>';
// Clear the score data to clear the form
$target_id = "";
mysqli_close($dbc);
}
}
else {
echo 'Error! You must enter search term.';
}
}
?>
<hr />
<form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<table>
<tr>
<td>
Target ID:
</td>
<td>
<input type="text" id="target_id" name="target_id" value="<?php if (!empty($target_id)) echo $target_id; ?>" />
</td>
</tr>
</table>
<hr />
<input type="submit" value="Search" name="submit" />
</form>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Update Members' Data</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
<h2>Update Members' Profile</h2>
<?php
require_once('db_connection.php');
if (isset($_GET['id']) && isset($_GET['name'])) {
//Grab data from GET
$id = $_GET['id'];
$name = $_GET['name'];
if (isset($_POST['update'])) {
// Grab the score data from the POST
$new_name = $_POST['new_name'];
//Make sure no terms are left not empty
if (!empty($new_name)) {
// Connect to the database
$dbc = mysqli_connect(db_host, db_un, db_psw, db_name) or die('Error to connect MySQL');
// Update Data
$query = "UPDATE members SET name = '$new_name' WHERE id = '$id'";
mysqli_query($dbc, $query);
echo 'Changes are made.';
// Clear the score data to clear the form
$new_name = "";
mysqli_close($dbc);
}
else {
echo 'Error! No changes are made.';
}
}
}
?>
<hr />
<form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<table>
<tr>
<td>
Name:
</td>
<td>
<input type="text" id="new_name" name="new_name" value="<?php if (!empty($name)) echo $name; ?>" />
</td>
</tr>
</table>
<hr />
<input type="submit" value="Update" name="update" />
</form>
</body>
</html>
//Loop through the array
echo '<table>';
while($row = mysqli_fetch_array($data)) {
[...]
// Clear the score data to clear the form
$target_id = "";
mysqli_close($dbc);
}
//Loop through the array
echo '<table>';
while($row = mysqli_fetch_array($data)) {
[...]
}
// Clear the score data to clear the form
$target_id = "";
mysqli_close($dbc);
if (isset($_GET['id']) && isset($_GET['name'])) {
<form method="post" action="<?php echo $_SERVER['PHP_SELF'] . '?id=' . intval($id) . '&name=' . htmlspecialchars($name); ?>">
$id = 0;
$name = '';
if (isset($_REQUEST['id']) && isset($_REQUEST['name'])) {
//Grab data from REQUEST
$id = $_REQUEST['id'];
$name = $_REQUEST['name'];
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<input type="hidden" name="id" value="<?php echo intval($id); ?>" />
<input type="hidden" name="name" value="<?php echo htmlspecialchars($name); ?>" />
$query = "UPDATE members SET name = '" . mysql_real_escape_string($new_name) . "' WHERE id = " . intval($id);
if (isset($_GET['id']) && isset($_GET['name'])) {
<form method="post" action="<?php echo $_SERVER['PHP_SELF'] . '?id=' . intval($id) . '&name=' . htmlspecialchars($name); ?>">
enctype="multipart/form-data"
dreamweaver
1) So, meaning I shall get rid of the above code from the script, am I right?
2) What if I want to use more information such as age, race, religion, address.....etc? Is it using intval for numbers and htmlspecialchars for alphabet letters as I plug in more information into it?
Users browsing this forum: No registered users and 8 guests