ie . index.php?id=1 if the link was for the story whose ID is 1.
My script checks if a user is logged in, if not they are redirected to the login page.
If logged in they may edit the story.
I assign $_GET['id'] to $id.
So I check if the form is submitted, if submitted, handle the data, output a success message(for now).
$_GET['id'] is ok up to this point, the correct id is outputted when checked with a simple echo $_GET['id']; and with an echo $id'
If the form has not been submitted then the user will type their data into the input form and then submit it.
The problem is that when the form is submitted the $_GET['id'] is not passed.
Meaning that when the form goes through the If (isset($_POST['submitted'] {
the query SELECT * FROM table WHERE id = $ID fails because there is no id as the $_GET['id'] was never passed on when the form was submitted.
So, I know why the query is failing, ie. $id doesn't get a variable from $_GET['id'] when the form is submitted.
I just don't know who I would pass the ID from $_GET['id'] before the form has been submitted to $_GET['id'] after the page has been submitted.
Any help would be greatly appreciated.
Thankyou in advance.
Here is my code:
Expand|Select|Wrap|Line Numbers
- <?php
- # Filename - edit_story.php
- # Date - 9th August 2007
- # Author - Stephen Hoult
- # Author Email - stephen@hoult.org.uk
- // This file allows logged in users to edit a story.
- // Include config file for error management and such
- include('./includes/config.inc.php');
- // Set page title and include HTML header
- $page_title = 'Edit a Story';
- include('./includes/header.html');
- // If no first_name variable exists, redirect the user.
- if (!isset($_SESSION['first_name'])) {
- // Start defining the URL.
- $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
- // Check for a trailing slash.
- if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
- $url = substr ($url, 0, -1); // Chop off the slash.
- }
- // Add the page.
- $url .= '/login.php';
- ob_end_clean(); // Delete the buffer.
- header("Location: $url");
- exit(); // Quit the script.
- } else { // First name variable exists - user is logged in
- // Connect to the Database
- require_once('../mysql_connect_ur.php');
- if (isset($_POST['submitted'])) { // if the form has beeen submitted
- echo' The form has been submitted.';
- // Handle the form
- // Get story ID
- if (isset($_GET['id'])) {
- $id = escape_data($_GET['id']);
- echo '<p>The story ID is: ' . $id . '.</p>';
- } else {
- $id = FALSE;
- echo '<p><font color="red" size="+1">No ID has been selected.</font></p>';
- }
- // Validate title
- if(!empty($_POST['title'])) {
- $t = escape_data($_POST['title']);
- } else {
- echo '<p><font color="red" size="+1">Please enter a title.</font></p>';
- }
- // Validate main text
- if(!empty($_POST['main_text'])) {
- $mt = escape_data($_POST['main_text']);
- } else {
- echo '<p><font color="red" size="+1">Please enter the main text.</font></p>';
- }
- // Check that the ID exists in the database.
- // Build query
- $query = "SELECT id, title, main_text FROM content WHERE id =$id";
- $result = mysql_query($query);
- echo '<p>Query: ' . $query .'</p>';
- if (mysql_num_rows($result == 1)) { // If a row was found by the query - ie the story id exists in the table.
- echo '<p>Success a row for this ID exists.</p>';
- } else {
- echo '<p><font color="red" size="+1">The selected ID does not exist in the database. Please try again.</font></p>';
- } // End mysql_num_rows($result) to see if id exists in the table.
- } else { // The form has not yet been submitted - Display the form
- echo' The form hasn\'t been submitted.';
- // Get story ID
- if (isset($_GET['id'])) {
- $id = escape_data($_GET['id']);
- echo '<p>The story ID is: ' . $id . '.</p>';
- } else {
- $id = FALSE;
- echo '<p><font color="red" size="+1">No ID has been selected.</font></p>';
- }
- ?>
- <fieldset><legend>Edit a story</legend>
- <form action="edit_story.php" method="post" >
- <p>Title: <input type="text" name="title" size="30" maxlength="50" value="<?php if (isset($_POST['title'])) echo $_POST['title']; ?>" /></p>
- <p>Main Text<textarea name="main_text" cols="40" rows="5"/><?php if (isset($_POST['main_text'])) echo $_POST['main_text']; ?></textarea></p>
- <p><input type="submit" name="submit" value="Submit" /></p>
- <input type="hidden" name="submitted" value="TRUE" />
- </form>
- </fieldset>
- <?php
- }// End of if is submitted
- } // End of is logged in
- include('./includes/footer.html'); // Include HTML footer
- ?>