1 Reply Latest reply on Sep 27, 2008 12:27 PM by Newsgroup_User

    Record Update Form Wizard

    Level 7
      These wizards are definitely double-edged.

      I am using PHP, MySQL, and DW CS3.

      I have a form, created by the Update Form Wizard, which updates fields
      in a table with the name of a pdf. This is later retrieved and formated
      as a link to the actual pdf.

      I also have a form that calls a php script that uploads the actual pdf
      to the hosting server.

      I am trying to combine the 2, so that before the update form script
      actually updates anything, the upload script runs, and if it completes
      without an error, then the rest of the update should run.

      I think I can handle the logic of this, but the code generated by the
      wizard is a bit beyond me. I need some help finding exactly where to
      insert the file upload code, and would appreciate any comments.

      I have copied the code below.

      Thank you,
      Harvey

      Here is a sample of the update form:

      <form method="post" name="form1" action="<?php echo $editFormAction; ?>">
      <input type="text" name="date" value="<?php echo
      htmlentities($row_update['date'], ENT_COMPAT, 'iso-8859-1'); ?>" size="32">
      <input type="hidden" name="MM_update" value="form1">
      <input type="hidden" name="ID" value="<?php echo
      $row_update['ID']; ?>">
      </form>

      and here is the update script:

      <?php
      if (!function_exists("GetSQLValueString")) {
      function GetSQLValueString($theValue, $theType, $theDefinedValue = "",
      $theNotDefinedValue = "")
      {
      $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

      $theValue = function_exists("mysql_real_escape_string") ?
      mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

      switch ($theType) {
      case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
      case "long":
      case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
      case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'"
      : "NULL";
      break;
      case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
      case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue :
      $theNotDefinedValue;
      break;
      }
      return $theValue;
      }
      }

      $editFormAction = $_SERVER['PHP_SELF'];
      if (isset($_SERVER['QUERY_STRING'])) {
      $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
      }

      if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
      $updateSQL = sprintf("UPDATE agendasCRA SET `date`=%s, agenda=%s,
      minutes=%s, audio=%s, notes=%s WHERE ID=%s",
      GetSQLValueString($_POST['date'], "date"),
      GetSQLValueString($_POST['agenda'], "text"),
      GetSQLValueString($_POST['minutes'], "text"),
      GetSQLValueString($_POST['audio'], "text"),
      GetSQLValueString($_POST['notes'], "text"),
      GetSQLValueString($_POST['ID'], "int"));

      mysql_select_db($database_fellsmere, $fellsmere);
      $Result1 = mysql_query($updateSQL, $fellsmere) or die(mysql_error());

      $updateGoTo = "agendasCRAlist.php";
      if (isset($_SERVER['QUERY_STRING'])) {
      $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
      $updateGoTo .= $_SERVER['QUERY_STRING'];
      }
      header(sprintf("Location: %s", $updateGoTo));
      }

      $colname_update = "-1";
      if (isset($_GET['ID'])) {
      $colname_update = $_GET['ID'];
      }
      mysql_select_db($database_fellsmere, $fellsmere);
      $query_update = sprintf("SELECT * FROM agendasCRA WHERE ID = %s",
      GetSQLValueString($colname_update, "int"));
      $update = mysql_query($query_update, $fellsmere) or die(mysql_error());
      $row_update = mysql_fetch_assoc($update);
      $totalRows_update = mysql_num_rows($update);
      ?>
        • 1. Re: Record Update Form Wizard
          Level 7
          I know this is a bit complicated, but any thoughts would really be
          appreciated!

          Harvey

          eclipsme wrote:
          > These wizards are definitely double-edged.
          >
          > I am using PHP, MySQL, and DW CS3.
          >
          > I have a form, created by the Update Form Wizard, which updates fields
          > in a table with the name of a pdf. This is later retrieved and formated
          > as a link to the actual pdf.
          >
          > I also have a form that calls a php script that uploads the actual pdf
          > to the hosting server.
          >
          > I am trying to combine the 2, so that before the update form script
          > actually updates anything, the upload script runs, and if it completes
          > without an error, then the rest of the update should run.
          >
          > I think I can handle the logic of this, but the code generated by the
          > wizard is a bit beyond me. I need some help finding exactly where to
          > insert the file upload code, and would appreciate any comments.
          >
          > I have copied the code below.
          >
          > Thank you,
          > Harvey
          >
          > Here is a sample of the update form:
          >
          > <form method="post" name="form1" action="<?php echo $editFormAction; ?>">
          > <input type="text" name="date" value="<?php echo
          > htmlentities($row_update['date'], ENT_COMPAT, 'iso-8859-1'); ?>" size="32">
          > <input type="hidden" name="MM_update" value="form1">
          > <input type="hidden" name="ID" value="<?php echo
          > $row_update['ID']; ?>">
          > </form>
          >
          > and here is the update script:
          >
          > <?php
          > if (!function_exists("GetSQLValueString")) {
          > function GetSQLValueString($theValue, $theType, $theDefinedValue = "",
          > $theNotDefinedValue = "")
          > {
          > $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
          >
          > $theValue = function_exists("mysql_real_escape_string") ?
          > mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
          >
          > switch ($theType) {
          > case "text":
          > $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          > break;
          > case "long":
          > case "int":
          > $theValue = ($theValue != "") ? intval($theValue) : "NULL";
          > break;
          > case "double":
          > $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" :
          > "NULL";
          > break;
          > case "date":
          > $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
          > break;
          > case "defined":
          > $theValue = ($theValue != "") ? $theDefinedValue :
          > $theNotDefinedValue;
          > break;
          > }
          > return $theValue;
          > }
          > }
          >
          > $editFormAction = $_SERVER['PHP_SELF'];
          > if (isset($_SERVER['QUERY_STRING'])) {
          > $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
          > }
          >
          > if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
          > $updateSQL = sprintf("UPDATE agendasCRA SET `date`=%s, agenda=%s,
          > minutes=%s, audio=%s, notes=%s WHERE ID=%s",
          > GetSQLValueString($_POST['date'], "date"),
          > GetSQLValueString($_POST['agenda'], "text"),
          > GetSQLValueString($_POST['minutes'], "text"),
          > GetSQLValueString($_POST['audio'], "text"),
          > GetSQLValueString($_POST['notes'], "text"),
          > GetSQLValueString($_POST['ID'], "int"));
          >
          > mysql_select_db($database_fellsmere, $fellsmere);
          > $Result1 = mysql_query($updateSQL, $fellsmere) or die(mysql_error());
          >
          > $updateGoTo = "agendasCRAlist.php";
          > if (isset($_SERVER['QUERY_STRING'])) {
          > $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
          > $updateGoTo .= $_SERVER['QUERY_STRING'];
          > }
          > header(sprintf("Location: %s", $updateGoTo));
          > }
          >
          > $colname_update = "-1";
          > if (isset($_GET['ID'])) {
          > $colname_update = $_GET['ID'];
          > }
          > mysql_select_db($database_fellsmere, $fellsmere);
          > $query_update = sprintf("SELECT * FROM agendasCRA WHERE ID = %s",
          > GetSQLValueString($colname_update, "int"));
          > $update = mysql_query($query_update, $fellsmere) or die(mysql_error());
          > $row_update = mysql_fetch_assoc($update);
          > $totalRows_update = mysql_num_rows($update);
          > ?>