CodingForums.com - View Single Post

willscarlet · 12-07-2012, 08:11 PM

I have the edit isset in there for it to update the record but im getting the error:
Notice: Undefined index: StreetID in C:\Inetpub\wwwroot\msag\modify2.php on line 18

My code is:

PHP Code:


			
<?php include 'includes/head/head_main.php'; ?>



<div id = "top_content">

<body>



<?php



ini_set('display_errors', 1);

error_reporting(E_ALL);  



include 'includes/header/header_main.php'; 



include 'includes/db/connect.php';



if(isset($_POST['edit'])) 

{ 

    $StreetName =     $_POST['StreetName'];

    $StreetID     =     $_POST['StreetID'];



    $_SQL = "UPDATE MSAG SET StreetName='$StreetName'

                      WHERE StreetID='$StreetID'";

        

 sqlsrv_query($conn, $_SQL) or die(sqlsrv_error());

  $_html ="<tabel><tr>  

       <td width=\"19%\">RECORD HAS BEEN </td> 

       <td width=\"81%\">UPDATED CLICK <a href=\"index.php\">HERE</a></td> 

     </tr></table>"; 

}



else 

{

$StreetID = (int)($_GET['StreetID']);

$query ="SELECT * FROM MSAG WHERE StreetID=$StreetID";

$resource = sqlsrv_query($conn, $query);



while($result=sqlsrv_fetch_array($resource))

{

echo "

<center>

<h1><u>Record Details</u></h1>

<br>

<br>

</center>

<div id = \"modify\">

<form action=\"\" method=\"post\" id=\"_form\" name=\"_form\" enctype=\"multipart/form-data\">



<table> 

<tr>

<td>Pre Dir:    <br><input type=\"text\" name=\"StreetPrefix\" value=".$result['StreetPrefix']."> <br></td>

<td>Street:     <br><input type=\"text\" name=\"StreetName\" value=".$result['StreetName']."> <br></td>

<td>Suffix:     <br><input type=\"text\" name=\"StreetSuffix\" value=".$result['StreetSuffix']."> <br></td>

<td>Post Dir:     <br><input type=\"text\" name=\"StreetPostDi\" value=".$result['StreetPostDir']."> <br></td>

<td>Community:     <br><input type=\"text\" name=\"COMMUNITY\" value=".$result['COMMUNITY']."> <br></td>

</tr></table>

<br>



<table> 

<tr>  

<td>Low:    <br><input type=\"text\" name=\"LOWNUMBER\" value=".$result['LOWNUMBER']."> <br></td>

<td>High:    <br><input type=\"text\" name=\"HighNumber\" value=".$result['HighNumber']."> <br></td>

<td>EOB:    <br><input type=\"text\" name=\"EOB\" value=".$result['EOB']."> <br></td>

<td>ESN:    <br><input type=\"text\" name=\"ESN\" value=".$result['ESN']."> <br></td>

</tr>

</table>

<br>



<table> 

<tr>

<td>Telco:    <br><input type=\"text\" name=\"TELCO\" value=".$result['TELCO']."> <br></td>

<td>ZIP:    <br><input type=\"text\" name=\"PostOffice\" value=".$result['PostOffice']."> <br></td>

<td>Zone:    <br><input type=\"text\" name=\"ZONE\" value=".$result['ZONE']."> <br></td>

<td>Map:    <br><input type=\"text\" name=\"MAP\" value=".$result['MAP']."> <br></td>

</tr>

</table>

<br>



<table>

<tr>

<td>Archive:     <input type = 'radio' Name ='inactive' value= 'inactive'></td>

<td>&nbsp;</td>

<td>Entered:    <br><input type=\"text\" name=\"DateEntered\" value=".(($result['DateEntered'] instanceof DateTime) ? $result['DateEntered']->format('Y-m-d') : $result['DateEntered'])."> <br></td>

<td>Modified:    <br><input type=\"text\" name=\"DateUpdated\" value=".(($result['DateUpdated'] instanceof DateTime) ? $result['DateUpdated']->format('Y-m-d') : $result['DateUpdated'])."> <br></td>

</tr>

</table>

<br>



<table>

<tr>

<td>Comments:    <br><input type=\"text\" name=\"Commments\" value=".$result['Commments']."> <br></td>

</tr>

</table>

<br>

</div>



<div class = \"button\">

<table>

<tr>

<td>

<input type=\"submit\" align = \"left\" name=\"edit\" value=\"Edit\"/>

<input type=\"hidden\" name=\"id\" value=\"$StreetID\"/>

</td>



<td>

<input type=\"submit\" id=\"delete\" name=\"delete\" value=\"Delete\"/>

<input type=\"hidden\" name=\"id\" value=\"$StreetID\"/>

</td>

</tr>

</table>

</div>

";

}

}

?>

what would you advice instead of mysql_real_escape_string.?
as we have discovered, this:

PHP Code:


			
$StreetName =     mysql_real_escape_string($_POST['StreetName']);

is not accepted

12-07-2012, 08:11 PM	PM User \| #23
willscarlet New Coder Join Date: Aug 2012 Posts: 65 Thanks: 5 Thanked 0 Times in 0 Posts	I have the edit isset in there for it to update the record but im getting the error: Notice: Undefined index: StreetID in C:\Inetpub\wwwroot\msag\modify2.php on line 18 My code is: PHP Code: <?php include 'includes/head/head_main.php'; ?> <div id = "top_content"> <body> <?php ini_set('display_errors', 1); error_reporting(E_ALL); include 'includes/header/header_main.php'; include 'includes/db/connect.php'; if(isset($_POST['edit'])) { $StreetName = $_POST['StreetName']; $StreetID = $_POST['StreetID']; $_SQL = "UPDATE MSAG SET StreetName='$StreetName' WHERE StreetID='$StreetID'"; sqlsrv_query($conn, $_SQL) or die(sqlsrv_error()); $_html ="<tabel><tr> <td width=\"19%\">RECORD HAS BEEN </td> <td width=\"81%\">UPDATED CLICK <a href=\"index.php\">HERE</a></td> </tr></table>"; } else { $StreetID = (int)($_GET['StreetID']); $query ="SELECT * FROM MSAG WHERE StreetID=$StreetID"; $resource = sqlsrv_query($conn, $query); while($result=sqlsrv_fetch_array($resource)) { echo " <center> <h1><u>Record Details</u></h1> <br> <br> </center> <div id = \"modify\"> <form action=\"\" method=\"post\" id=\"_form\" name=\"_form\" enctype=\"multipart/form-data\"> <table> <tr> <td>Pre Dir: <br><input type=\"text\" name=\"StreetPrefix\" value=".$result['StreetPrefix']."> <br></td> <td>Street: <br><input type=\"text\" name=\"StreetName\" value=".$result['StreetName']."> <br></td> <td>Suffix: <br><input type=\"text\" name=\"StreetSuffix\" value=".$result['StreetSuffix']."> <br></td> <td>Post Dir: <br><input type=\"text\" name=\"StreetPostDi\" value=".$result['StreetPostDir']."> <br></td> <td>Community: <br><input type=\"text\" name=\"COMMUNITY\" value=".$result['COMMUNITY']."> <br></td> </tr></table> <br> <table> <tr> <td>Low: <br><input type=\"text\" name=\"LOWNUMBER\" value=".$result['LOWNUMBER']."> <br></td> <td>High: <br><input type=\"text\" name=\"HighNumber\" value=".$result['HighNumber']."> <br></td> <td>EOB: <br><input type=\"text\" name=\"EOB\" value=".$result['EOB']."> <br></td> <td>ESN: <br><input type=\"text\" name=\"ESN\" value=".$result['ESN']."> <br></td> </tr> </table> <br> <table> <tr> <td>Telco: <br><input type=\"text\" name=\"TELCO\" value=".$result['TELCO']."> <br></td> <td>ZIP: <br><input type=\"text\" name=\"PostOffice\" value=".$result['PostOffice']."> <br></td> <td>Zone: <br><input type=\"text\" name=\"ZONE\" value=".$result['ZONE']."> <br></td> <td>Map: <br><input type=\"text\" name=\"MAP\" value=".$result['MAP']."> <br></td> </tr> </table> <br> <table> <tr> <td>Archive: <input type = 'radio' Name ='inactive' value= 'inactive'></td> <td> </td> <td>Entered: <br><input type=\"text\" name=\"DateEntered\" value=".(($result['DateEntered'] instanceof DateTime) ? $result['DateEntered']->format('Y-m-d') : $result['DateEntered'])."> <br></td> <td>Modified: <br><input type=\"text\" name=\"DateUpdated\" value=".(($result['DateUpdated'] instanceof DateTime) ? $result['DateUpdated']->format('Y-m-d') : $result['DateUpdated'])."> <br></td> </tr> </table> <br> <table> <tr> <td>Comments: <br><input type=\"text\" name=\"Commments\" value=".$result['Commments']."> <br></td> </tr> </table> <br> </div> <div class = \"button\"> <table> <tr> <td> <input type=\"submit\" align = \"left\" name=\"edit\" value=\"Edit\"/> <input type=\"hidden\" name=\"id\" value=\"$StreetID\"/> </td> <td> <input type=\"submit\" id=\"delete\" name=\"delete\" value=\"Delete\"/> <input type=\"hidden\" name=\"id\" value=\"$StreetID\"/> </td> </tr> </table> </div> "; } } ?> what would you advice instead of mysql_real_escape_string.? as we have discovered, this: PHP Code: `$StreetName = mysql_real_escape_string($_POST['StreetName']);` is not accepted