PHP script not running - Page 2

willscarlet · 12-05-2012, 03:25 PM

I am sorry to sound so ignorant about this, but I removed the ; at the end and nothing changed. I removed the while loop and the page just goes white. Im really not that good at this at all I rekon. Is there just an all around better way that I need to rewrite this code, sir?

Fou-Lu · 12-05-2012, 05:42 PM

If the page goes white, then that's typically a syntactical error. You can check your logs or enable error reporting with

PHP Code:


			
ini_set('display_errors', 1);
error_reporting(E_ALL);

You can poll for the result count as well:

PHP Code:


			
printf('There are %d records returned.', sqlsrv_num_rows($_rs));

Before that while loop. That needs to have at least one record. If it shows 0 (and no error), that indicates that your query simply has no matching results.

The semi-colon must not be on the while loop. Since the property of it takes the last resultant, that makes the returned fetch to become null (or false). Therefore it will never enter the conditional block to assign the variables individually.

willscarlet · 12-06-2012, 03:24 PM

Ah, ok. I now get the print out of:
There are 0 records returned.

I went to my SQL DB and ran ran a querry for ID number 249
(msag/modify2.php?StreetID=249) and the record is indeed in the DB but still nothing outputs to the screen but the empty form. the CSS and all the form boxes show, just empty. Since it shows the correct StreetID number in the URL im assuming that it is in fact finding the record, just wont show it, Its got to just be a simple syntax error on my part in tryin to convert it from MySQL to MsSQL, but i fail to see the error.

Any suggestions, sir?

PHP Code:


			
<?php include 'includes/head/head_main.php'; ?>



<div id = "top_content">

<body>



<?php



ini_set('display_errors', 1);

error_reporting(E_ALL);  



include 'includes/header/header_main.php'; 



include 'includes/db/connect.php';



if(isset($_POST['edit'])) 

{ 

    $_StreetPrefix = $_rw['StreetPrefix'];

    $_StreetName = $_rw['StreetName'];

    $_LOWNUMBER = $_rw['LOWNUMBER'];

    $_HighNumber = $_rw['HighNumber'];

    $_EOB = $_rw['EOB'];

    $_ESN = $_rw['ESN'];

    $_COMMUNITY = $_rw['COMMUNITY'];

    $_TELCO = $_rw['TELCO'];

    $_MAP = $_rw['MAP'];    

    $_DateEntered = $_rw['DateEntered'];

    $_DateModified = $_rw['DateModified'];

    $_StreetID = $_rw['StreetID']; 

   

  $_SQL = "UPDATE MSAG SET StreetPrefix='$_StreetPrefix',  

                                StreetName='$_StreetName',  

                                LOWNUMBER='$_LOWNUMBER',

                                HighNumber='$_HighNumber',

                                EOB='$_EOB',

                                ESN='$_ESN',

                                COMMUNITY='$_COMMUNITY',

                                TELCO='$_TELCO',

                                MAP='$_MAP',

                                DateEntered='$_DateEntered',

                                DateModified='$_DateModified'

                      WHERE StreetID='$_StreetID'";

        

 sqlsrv_query($_SQL) or die(sqlsrv_error()); 

  //header("Location : index.php?id=$_id"); 

  $_html ="<tabel><tr>  

       <td width=\"19%\">RECORD HAS BEEN </td> 

       <td width=\"81%\">UPDATED CLICK <a href=\"index.php\">HERE</a></td> 

     </tr></table>"; 

}



else 

{

$_StreetID = (int)($_GET['StreetID']);

$_sql ="SELECT * FROM MSAG WHERE StreetID=$_StreetID";

$_rs = sqlsrv_query($conn, $_sql);



printf('There are %d records returned.', sqlsrv_num_rows($_rs));  







while($_rw = sqlsrv_fetch_array($_rs));

{

    $_StreetID = $_rw['StreetID'];

    $_StreetPrefix = $_rw['StreetPrefix'];

    $_StreetName = $_rw['StreetName'];

    $_LOWNUMBER = $_rw['LOWNUMBER'];

    $_HighNumber = $_rw['HighNumber'];

    $_EOB = $_rw['EOB'];

    $_ESN = $_rw['ESN'];

    $_COMMUNITY = $_rw['COMMUNITY'];

    $_TELCO = $_rw['TELCO'];

    $_MAP = $_rw['MAP'];

    $_DateEntered = $_rw['DateEntered'];

    $_DateModified = $_rw['DateModified'];

}

$_html=" <center>

<form action=\"\" method=\"post\" id=\"_form\" name=\"_form\" enctype=\"multipart/form-data\">



<table> 

<tr>  

<td>Directional: <br><input type=\"text\" name=\"_StreetPrefix\"   size= \"8\" value=\"$_StreetPrefix\" /> <br></td>

<td>Street Name: <br><input type=\"text\" name=\"_StreetName\"   size= \"50\" value=\"$_StreetName\"  /> <br></td>

<td>Community: <br><input type=\"text\" name=\"_COMMUNITY\"   size= \"50\" value=\"$_COMMUNITY\"  /> <br></td>

</tr></table>

<br>



<table> 

<tr>  

<td>Low Range : <br><input type=\"text\" name=\"_LOWNUMBER\" size= \"8\" value=\"$_LOWNUMBER\" /> <br></td>

<td>High Range: <br><input type=\"text\" name=\"_HighNumber\"   size= \"8\" value=\"$_HighNumber\"  /> <br></td>

<td>OEB: <br><input type=\"text\" name=\"_EOB\" size= \"8\" value=\"$_EOB\" /> <br></td>

<td>ESN Number: <br><input type=\"text\" name=\"_ESN\"   size= \"8\" value=\"$_ESN\"  /> <br></td>

</tr></table>

<br>



<table> 

<tr>  

<td>Telco : <br><input type=\"text\" name=\"_TELCO\" size= \"8\" value=\"$_TELCO\" /> <br></td>

<td>Map Number: <br><input type=\"text\" name=\"_MAP\" size= \"8\" value=\"$_MAP\"  /> <br></td>

</tr></table>

<br>



<table> 

<tr>  

<td>Entry Date : <br><input type=\"text\" name=\"_DateEntered\" size= \"8\" value=\"$_DateEntered\" /> <br></td>

<td>Last Modified: <br><input type=\"text\" name=\"_DateModified\"   size= \"8\" value=\"$_DateModified\" /> <br></td>

</tr></table>

<br>



<table>

<tr>

<td>

<input type=\"submit\" align = \"left\" name=\"edit\" value=\"Edit\"/>

<input type=\"hidden\" name=\"id\" value=\"$_StreetID\"/>

</td>



<td>

<input type=\"submit\" id=\"delete\" name=\"delete\" value=\"Delete\"/>

<input type=\"hidden\" name=\"id\" value=\"$_StreetID\"/>

</td>

</tr>

</table>

</center>"; 



} 

?> 

<center>

<h1><u>Record Details</u></h1>

<br>

<br>

</center>



<?php echo $_html; ?>

Fou-Lu · 12-06-2012, 05:51 PM

This may not work: StreetID='$_StreetID'. MySQL is one of the only databases that allows loose datatyping (and it is a feature of it). If StreetID is an integer type, you must remove the quotations around it. Same goes with any assignment in the SQL code.
I'm surprised the die doesn't indicate a datatype issue.
Where are these $_rw coming from:

PHP Code:


			
if(isset($_POST['edit'])) 
{  
    $_StreetPrefix = $_rw['StreetPrefix'];
    $_StreetName = $_rw['StreetName'];
    $_LOWNUMBER = $_rw['LOWNUMBER'];
    $_HighNumber = $_rw['HighNumber'];
    $_EOB = $_rw['EOB'];
    $_ESN = $_rw['ESN'];
    $_COMMUNITY = $_rw['COMMUNITY'];
    $_TELCO = $_rw['TELCO'];
    $_MAP = $_rw['MAP'];    
    $_DateEntered = $_rw['DateEntered'];
    $_DateModified = $_rw['DateModified'];
    $_StreetID = $_rw['StreetID'];

?
I'd suspect you intend to use $_POST for those.

willscarlet · 12-06-2012, 06:03 PM

The $_rw Variable is declared in the while loop.
while($_rw = sqlsrv_fetch_array($_rs));

Also, If I try and remove the while loop, if statement, or the update/delete feature (Just trying to get the output to work, then i'll worry about updating and deleting) the screen again just goes white.

The code below, inside the output form (value=\"$_StreetName\" ) if you remove the $_StreetName and put any random text there, the text will show up, so it is not actually pulling the infor from the DB.

I striped the code down to just one field (this was just getting too complicated and jumbled up):

PHP Code:


			
<?php include 'includes/head/head_main.php'; ?>



<div id = "top_content">

<body>



<?php



ini_set('display_errors', 1);

error_reporting(E_ALL);  



include 'includes/header/header_main.php'; 



include 'includes/db/connect.php';



if(isset($_POST['edit'])) 

{ 

    $_StreetName = $_POST['StreetName'];

    $_StreetID = $_POST['StreetID'];



    $_SQL = "UPDATE MSAG SET StreetName='$_StreetName'

                      WHERE StreetID='$_StreetID'";

        

 sqlsrv_query($_SQL) or die(sqlsrv_error()); 

  //header("Location : index.php?id=$_id"); 

  $_html ="<tabel><tr>  

       <td width=\"19%\">RECORD HAS BEEN </td> 

       <td width=\"81%\">UPDATED CLICK <a href=\"index.php\">HERE</a></td> 

     </tr></table>"; 

}



else 

{

$_StreetID = (int)($_GET['StreetID']);

$_sql ="SELECT * FROM MSAG WHERE StreetID=$_StreetID";

$_rs = sqlsrv_query($conn, $_sql);



printf('There are %d records returned.', sqlsrv_num_rows($_rs));  



while($_rw = sqlsrv_fetch_array($_rs));

{

    $_StreetID = $_rw['StreetID'];

    $_StreetName = $_rw['StreetName'];

}

$_html=" <center>

<form action=\"\" method=\"post\" id=\"_form\" name=\"_form\" enctype=\"multipart/form-data\">



<table> 

<tr>  

<td>Street Name: <br><input type=\"text\" name=\"_StreetName\" value=\".$_StreetName\"  /> <br></td>

</tr></table>

<br>



<table>

<tr>

<td>

<input type=\"submit\" align = \"left\" name=\"edit\" value=\"Edit\"/>

<input type=\"hidden\" name=\"id\" value=\"$_StreetID\"/>

</td>



<td>

<input type=\"submit\" id=\"delete\" name=\"delete\" value=\"Delete\"/>

<input type=\"hidden\" name=\"id\" value=\"$_StreetID\"/>

</td>

</tr>

</table>

</center>"; 



} 

?> 

<center>

<h1><u>Record Details</u></h1>

<br>

<br>

</center>



<?php echo $_html; ?>

willscarlet · 12-07-2012, 06:31 PM

in case anyone has a need for a smiliar script, This is the fixed code so far:

PHP Code:


			
<?php include 'includes/head/head_main.php'; ?>



<div id = "top_content">

<body>



<?php



ini_set('display_errors', 1);

error_reporting(E_ALL);  



include 'includes/header/header_main.php'; 



include 'includes/db/connect.php';



if(isset($_POST['edit'])) 

{ 

    $_StreetName = $_POST['StreetName'];

    $_StreetID = $_POST['StreetID'];



    $_SQL = "UPDATE MSAG SET StreetName='$StreetName'

                      WHERE StreetID='$StreetID'";

        

 sqlsrv_query($_SQL) or die(sqlsrv_error());

  $_html ="<tabel><tr>  

       <td width=\"19%\">RECORD HAS BEEN </td> 

       <td width=\"81%\">UPDATED CLICK <a href=\"index.php\">HERE</a></td> 

     </tr></table>"; 

}



else 

{

$StreetID = (int)($_GET['StreetID']);

$query ="SELECT * FROM MSAG WHERE StreetID=$StreetID";

$resource = sqlsrv_query($conn, $query);



while($result=sqlsrv_fetch_array($resource))

{

    echo "

    <center>

<h1><u>Record Details</u></h1>

<br>

<br>

</center>

<form action=\"\" method=\"post\" id=\"_form\" name=\"_form\" enctype=\"multipart/form-data\">



<table> 

<tr>  

<td>Prefix         <br><input type=\"text\" name=\"StreetPrefix\" value=".$result['StreetPrefix']."> <br></td>

<td>Street:     <br><input type=\"text\" name=\"StreetName\" value=".$result['StreetName']."> <br></td>

<td>Suffix         <br><input type=\"text\" name=\"StreetSuffix\" value=".$result['StreetSuffix']."> <br></td>

<td>Post         <br><input type=\"text\" name=\"StreetPostDi\" value=".$result['StreetPostDir']."> <br></td>

<td>Community:     <br><input type=\"text\" name=\"COMMUNITY\" value=".$result['COMMUNITY']."> <br></td>

</tr></table>

<br>



<table> 

<tr>  

<td>Low:    <br><input type=\"text\" name=\"LOWNUMBER\" value=".$result['LOWNUMBER']."> <br></td>

<td>High:    <br><input type=\"text\" name=\"HighNumber\" value=".$result['HighNumber']."> <br></td>

<td>EOB:    <br><input type=\"text\" name=\"EOB\" value=".$result['EOB']."> <br></td>

<td>ESN:    <br><input type=\"text\" name=\"ESN\" value=".$result['ESN']."> <br></td>

</tr>

</table>

<br>



<table> 

<tr>  

<td>Telco:    <br><input type=\"text\" name=\"TELCO\" value=".$result['TELCO']."> <br></td>

<td>Map:    <br><input type=\"text\" name=\"MAP\" value=".$result['MAP']."> <br></td>

<td>Zone:    <br><input type=\"text\" name=\"ZONE\" value=".$result['ZONE']."> <br></td>

<td>ZIP:    <br><input type=\"text\" name=\"PostOffice\" value=".$result['PostOffice']."> <br></td>

</tr>

</table>

<br>



<table>

<tr>

<td>Entered:    <br><input type=\"text\" name=\"DateEntered\" value=".(($result['DateEntered'] instanceof DateTime) ? $result['DateEntered']->format('Y-m-d') : $result['DateEntered'])."> <br></td>

<td>Modified:    <br><input type=\"text\" name=\"DateUpdated\" value=".(($result['DateUpdated'] instanceof DateTime) ? $result['DateUpdated']->format('Y-m-d') : $result['DateUpdated'])."> <br></td>

</tr>

</table>

<br>





<table> 

<tr>  

<td>Comments:    <br><input type=\"text\" name=\"Commments\" value=".$result['Commments']."> <br></td>

</tr>

</table>

<br>



<table>

<tr>

<td>

<input type=\"submit\" align = \"left\" name=\"edit\" value=\"Edit\"/>

<input type=\"hidden\" name=\"id\" value=\"$StreetID\"/>

</td>



<td>

<input type=\"submit\" id=\"delete\" name=\"delete\" value=\"Delete\"/>

<input type=\"hidden\" name=\"id\" value=\"$StreetID\"/>

</td>

</tr>

</table>



";         

}

} 

?>

Now all is needed is to make it able to update the record or delete the record. If anyone has done this in MsSQL, I owuld appreciate some guidance and advice. I will post the finished code once I figure it out though. and thank you guys for all your help so far

Fou-Lu · 12-07-2012, 07:35 PM

Simply use elseif's to keep going with the if/else chain you have here. So you'd have an else if (isset($_POST['delete'])) block. Simply follow the same logic you have for the editing. You'll probably want to keep adding with the logic to the edit as well, otherwise the form only deals with one field modification.
You should look at prepared statements as well to protect the input from corrupting the SQL Structure. Looks like the SQLSrv package does not roll its own version of mysql_real_escape_string.

willscarlet · 12-07-2012, 08:11 PM

I have the edit isset in there for it to update the record but im getting the error:
Notice: Undefined index: StreetID in C:\Inetpub\wwwroot\msag\modify2.php on line 18

My code is:

PHP Code:


			
<?php include 'includes/head/head_main.php'; ?>



<div id = "top_content">

<body>



<?php



ini_set('display_errors', 1);

error_reporting(E_ALL);  



include 'includes/header/header_main.php'; 



include 'includes/db/connect.php';



if(isset($_POST['edit'])) 

{ 

    $StreetName =     $_POST['StreetName'];

    $StreetID     =     $_POST['StreetID'];



    $_SQL = "UPDATE MSAG SET StreetName='$StreetName'

                      WHERE StreetID='$StreetID'";

        

 sqlsrv_query($conn, $_SQL) or die(sqlsrv_error());

  $_html ="<tabel><tr>  

       <td width=\"19%\">RECORD HAS BEEN </td> 

       <td width=\"81%\">UPDATED CLICK <a href=\"index.php\">HERE</a></td> 

     </tr></table>"; 

}



else 

{

$StreetID = (int)($_GET['StreetID']);

$query ="SELECT * FROM MSAG WHERE StreetID=$StreetID";

$resource = sqlsrv_query($conn, $query);



while($result=sqlsrv_fetch_array($resource))

{

echo "

<center>

<h1><u>Record Details</u></h1>

<br>

<br>

</center>

<div id = \"modify\">

<form action=\"\" method=\"post\" id=\"_form\" name=\"_form\" enctype=\"multipart/form-data\">



<table> 

<tr>

<td>Pre Dir:    <br><input type=\"text\" name=\"StreetPrefix\" value=".$result['StreetPrefix']."> <br></td>

<td>Street:     <br><input type=\"text\" name=\"StreetName\" value=".$result['StreetName']."> <br></td>

<td>Suffix:     <br><input type=\"text\" name=\"StreetSuffix\" value=".$result['StreetSuffix']."> <br></td>

<td>Post Dir:     <br><input type=\"text\" name=\"StreetPostDi\" value=".$result['StreetPostDir']."> <br></td>

<td>Community:     <br><input type=\"text\" name=\"COMMUNITY\" value=".$result['COMMUNITY']."> <br></td>

</tr></table>

<br>



<table> 

<tr>  

<td>Low:    <br><input type=\"text\" name=\"LOWNUMBER\" value=".$result['LOWNUMBER']."> <br></td>

<td>High:    <br><input type=\"text\" name=\"HighNumber\" value=".$result['HighNumber']."> <br></td>

<td>EOB:    <br><input type=\"text\" name=\"EOB\" value=".$result['EOB']."> <br></td>

<td>ESN:    <br><input type=\"text\" name=\"ESN\" value=".$result['ESN']."> <br></td>

</tr>

</table>

<br>



<table> 

<tr>

<td>Telco:    <br><input type=\"text\" name=\"TELCO\" value=".$result['TELCO']."> <br></td>

<td>ZIP:    <br><input type=\"text\" name=\"PostOffice\" value=".$result['PostOffice']."> <br></td>

<td>Zone:    <br><input type=\"text\" name=\"ZONE\" value=".$result['ZONE']."> <br></td>

<td>Map:    <br><input type=\"text\" name=\"MAP\" value=".$result['MAP']."> <br></td>

</tr>

</table>

<br>



<table>

<tr>

<td>Archive:     <input type = 'radio' Name ='inactive' value= 'inactive'></td>

<td>&nbsp;</td>

<td>Entered:    <br><input type=\"text\" name=\"DateEntered\" value=".(($result['DateEntered'] instanceof DateTime) ? $result['DateEntered']->format('Y-m-d') : $result['DateEntered'])."> <br></td>

<td>Modified:    <br><input type=\"text\" name=\"DateUpdated\" value=".(($result['DateUpdated'] instanceof DateTime) ? $result['DateUpdated']->format('Y-m-d') : $result['DateUpdated'])."> <br></td>

</tr>

</table>

<br>



<table>

<tr>

<td>Comments:    <br><input type=\"text\" name=\"Commments\" value=".$result['Commments']."> <br></td>

</tr>

</table>

<br>

</div>



<div class = \"button\">

<table>

<tr>

<td>

<input type=\"submit\" align = \"left\" name=\"edit\" value=\"Edit\"/>

<input type=\"hidden\" name=\"id\" value=\"$StreetID\"/>

</td>



<td>

<input type=\"submit\" id=\"delete\" name=\"delete\" value=\"Delete\"/>

<input type=\"hidden\" name=\"id\" value=\"$StreetID\"/>

</td>

</tr>

</table>

</div>

";

}

}

?>

what would you advice instead of mysql_real_escape_string.?
as we have discovered, this:

PHP Code:


			
$StreetName =     mysql_real_escape_string($_POST['StreetName']);

is not accepted

Fou-Lu · 12-07-2012, 08:21 PM

Of course not, that's for use with mysql which requires an open connection to a mysql server. It won't work for SQLServer as they have different rules on escaping.
I'd recommend you bind. I guess you can probably force the data via hex or binary though as an alternative, but I'd suggest not reinventing the wheel with it. The prepared statements can accept a bind, and the sqlsrv_query itself can also accept an array to bind.
See the first example here for an example of the bind: http://ca2.php.net/manual/en/function.sqlsrv-query.php you simply replace the data with the ? for a placeholder, then provide it as an array for the third parameter to the sqlsrv_query method.

As for this error, streetID is not a valid input name. It appears you will have an id method that is hidden, but it must be rearranged on the form to appear before the form submit. You also won't need to redeclare it for the delete, as long as its a part of the same form the delete will be able to access the same information when submitted. For the deletion though, it may be a better idea to force an "Are you sure you want to delete. . ." message, then when they submit that one send it off to another request with like doDelete or something for its values.