Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

display data from mysql db in text box??

4 views
Skip to first unread message

PAkerly

unread,
Sep 8, 2010, 3:12:22 PM9/8/10
to
I want to create a simple page to edit a record, and when submit is
clicked I want to update the record.

First I want to display all the data for the record, based on ID, on
the page
Here is what I am doing:

<?php
$txtid= $_POST[txtid];

$sql = "SELECT date, user1, user2, user3, role, id
FROM myuserdata
WHERE id= $txtid
ORDER BY id";

And so then I have text boxes on the page and I want to fill those in
based on the current ID

I tried to do this:

<input type="text" name="txtdate" id="txtdate" value=<?php echo
[date];?> />

<input type="text" name="txtuser1" id="txtuser1" value=<?php echo
[user1];?> />

this did not work. How would I display the actual db fields in the
textboxes?

The Natural Philosopher

unread,
Sep 8, 2010, 4:04:31 PM9/8/10
to

/* add these bits */

$result=mysql_query($sql);

$date=mysql_result($result,'date',0);
$user1=mysql_result($result,'user1',0);
...etc.

Then


<input type="text" name="txtdate" id="txtdate" value=<?php echo

> $date;?> />

etc..

PAkerly

unread,
Sep 8, 2010, 4:20:39 PM9/8/10
to
On Sep 8, 4:04 pm, The Natural Philosopher <t...@invalid.invalid>
wrote:

Added this:

<input type="text" name="txtdate" id="txtdate" value=<?php echo> >

$date; ?> />

and the other things...

$result=mysql_query($sql);

$date=mysql_result($result,'date',0);
$user1=mysql_result($result,'user1',0);

$user2=mysql_result($result,'user2',0);

and I get an error:
Parse error: syntax error, unexpected '>'

The Natural Philosopher

unread,
Sep 8, 2010, 4:32:27 PM9/8/10
to

well that could be anywhere.

I am not convinced the select statement is properly formed either.

rf

unread,
Sep 8, 2010, 7:01:25 PM9/8/10
to

"PAkerly" <pak...@gmail.com> wrote in message
news:359db7d3-eadf-4b79...@x42g2000yqx.googlegroups.com...

On Sep 8, 4:04 pm, The Natural Philosopher <t...@invalid.invalid>
wrote:

> Added this:

> <input type="text" name="txtdate" id="txtdate" value=<?php echo> >
> $date; ?> />

> and I get an error:


> Parse error: syntax error, unexpected '>'

When the parser says it has found an unexpeced > it's best to start looking
for a > where it shouldn't be. I see one after the word echo.


Michael Fesser

unread,
Sep 8, 2010, 7:06:01 PM9/8/10
to
.oO(The Natural Philosopher)

mysql_fetch_assoc() would be much more appropriate here, easier and more
efficient. Additionally some input validation will be needed in order to
prevent SQL injection.

Micha

"Álvaro G. Vicario"

unread,
Sep 9, 2010, 3:20:00 AM9/9/10
to
El 08/09/2010 21:12, PAkerly escribió/wrote:
> I want to create a simple page to edit a record, and when submit is
> clicked I want to update the record.
>
> First I want to display all the data for the record, based on ID, on
> the page
> Here is what I am doing:
>
> <?php
> $txtid= $_POST[txtid];

You are (inadvertently) using an undefined constant. This should trigger
a notice. Try this instead:

<?php

error_reporting(E_ALL);
ini_set('display_errors', TRUE);

$txtid = isset($_POST['txtid']) ? $_POST['txtid'] : NULL;

>
> $sql = "SELECT date, user1, user2, user3, role, id
> FROM myuserdata
> WHERE id= $txtid
> ORDER BY id";

You are basically taking raw random input from an untrusted source,
injecting it into a SQL statement and running the resulting query
against your database server. It's not very different from publishing
your password in the front page :)

You don't say what DB library you are using but, in this case, you can
probably do something like this:

if( !is_null($txtid) ){


$sql = 'SELECT date, user1, user2, user3, role, id
FROM myuserdata

WHERE id=' . (int)$txtid;
// ...
}

Please note I've removed the ORDER BY statement: there's no point in
sorting a result set than can contain at most one row.


> And so then I have text boxes on the page and I want to fill those in
> based on the current ID
>
> I tried to do this:
>
> <input type="text" name="txtdate" id="txtdate" value=<?php echo
> [date];?> />
>
> <input type="text" name="txtuser1" id="txtuser1" value=<?php echo
> [user1];?> />
>
> this did not work. How would I display the actual db fields in the
> textboxes?

Perhaps you mean this:

<input type="text" name="txtuser1" id="txtuser1" value=<?php echo

htmlspecialchars($a_variable_name); ?> />

Or this:

<input type="text" name="txtuser1" id="txtuser1" value=<?php echo

htmlspecialchars($an_array_name['user1']); ?> />


PHP is very picky: you must use the PHP syntax to write PHP code; you
cannot invent your own.

--
-- http://alvaro.es - Álvaro G. Vicario - Burgos, Spain
-- Mi sitio sobre programación web: http://borrame.com
-- Mi web de humor satinado: http://www.demogracia.com
--

Ajayendra

unread,
Sep 9, 2010, 8:18:48 AM9/9/10
to


<!-- Code Below -->


$sql = "SELECT date, user1, user2, user3, role, id
FROM myuserdata
WHERE id= $txtid
ORDER BY id";

$result=mysql_query($sql);
$row=mysql_fetch_array($result);


<input type="text" name="txtdate id="txtdate" value="<?php echo

$row['date']?>" />

etc...
enjoy!!!!!!


Ajayendra Nath Tripathi
E-Mail- ajayendra...@gmail.com
web- http://www.ajspark.co.cc

0 new messages