Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 10 of 10
  1. #1
    Regular Coder
    Join Date
    Jan 2008
    Posts
    216
    Thanks
    10
    Thanked 1 Time in 1 Post

    Edit record help

    I am trying to populate an edit form with a record from a mysql database, i have a view record page with an edit option which gets the username and id assigned to the record and this should then populate the edit record form with the record selected. Im have used a link to the edit page which is:

    PHP Code:
    <?php echo "<a href='editjob.php?username=$username&id=$id'>Edit/Update Job</a>"?>
    The username and id is being selected but i cant same to get it to populate the edit form with the record. Can anyone help?

    My code for the edit page is:

    Code:
    <?php  
    if (isset($_POST['submit'])) { 
    
    $username = $_GET['username'];
    $id = $_GET['id'];
    
    $error_stat = 0;  
    $jobtitle_message = ''; 
    $jobcatergory_message = ''; 
    $joblocation_message = ''; 
    $employmenttype_message = ''; 
    $salary_message = ''; 
    $date_message = ''; 
    $educationallevel_message = ''; 
    $description_message = ''; 
    $filesize_message = '';
    $filetype_message = '';
    
    $jobtitle = trim($_POST['jobtitle']);
    $jobcatergory = trim($_POST['jobcatergory']);
    $joblocation = trim($_POST['joblocation']);
    $employmenttype = trim($_POST['employmenttype']);
    $salary = trim($_POST['salary']);
    $date = trim($_POST['date']);
    $educationallevel = trim($_POST['educationallevel']);
    $description = trim($_POST['description']);
    
    //Error checking  
    
    
    
    // Job Title check)  
    if (!$jobtitle) { 
    //Set the error_stat to 1, which means that an error has occurred 
        $error_stat = 1; 
    
    //Set the message to tell the user to enter a username 
        $jobtitle_message = '*Please enter a job title*'; 
    } 
    
    else if (ctype_digit($jobtitle)) {  
       $error_stat = 1;  
       $jobtitle_message .= '*Invalid Job Title*';  
    }  
    
    else if ( preg_match( '/\W/', $jobtitle)){ 
         $error_stat = 1;  
        $jobtitle_message = '*Invalid jobtitle, letters only, no spaces*';  
    
    }  
    
    $jobtitle = $_POST['jobtitle'];  
    $jobtitle = trim($jobtitle);  
    
       if (strlen($jobtitle) > 30){  
       $error_stat = 1;  
       $jobtitle_message = '*Job Title must be 20 characters or less*';  
    }  
    
    
    
    
    
    
    //  Job Catergory Check)   
    if ($jobcatergory == 'Please Select'){ 
    //Set the error_stat to 1, which means that an error has occurred 
        $error_stat = 1; 
        $jobcatergory_message = '*Please select a Job Catergory*'; 
    } 
    
    
    
    
    
    //    Job Location Check)   
    if ($joblocation == 'Please Select'){ 
    //Set the error_stat to 1, which means that an error has occurred 
        $error_stat = 1; 
        $joblocation_message = '*Please select a Job location*'; 
    } 
    
    
    // Employment Type Check)   
    if ($employmenttype == 'Please Select'){ 
    //Set the error_stat to 1, which means that an error has occurred 
        $error_stat = 1; 
        $employmenttype_message = '*Please select Employment type*'; 
    } 
    
    
    
    
    
    // Salary check)  
    if (!$salary) { 
    //Set the error_stat to 1, which means that an error has occurred 
        $error_stat = 1; 
    
    //Set the message to tell the user to enter a username 
    $salary_message = '*Please enter job salary*'; 
    } 
    
    else if (!ctype_digit($salary)) {  
       $error_stat = 1;  
       $salary_message .= '*Invalid salary*';  
    } 
    
    
    
    
    //Date check)  
    if (empty($date)) { 
    //Set the error_stat to 1, which means that an error has occurred 
        $error_stat = 1; 
    
    //Set the message to tell the user to enter a dob 
    $date_message = '*Please enter job closing date*'; 
    } 
    
    //Check the format and explode into $parts 
      elseif (!ereg("^([0-9]{2})/([0-9]{2})/([0-9]{4})$",  
              $date, $parts)){ 
         $error_stat = 1;      
    
    //Set the message to tell the user the date is invalid 
    $date_message = '*Invalid date, must be DD/MM/YYYY format*'; 
    } 
         
      elseif (!checkdate($parts[2],$parts[1],$parts[3])) 
      { 
      $error_stat = 1;  
       
      //Set the message to tell the date is invalid for the month entered 
        $date_message = '*Invalid date, month must be between 1-12*'; 
    } 
       
    
    // Job Description check)  
    if (!$description) { 
    //Set the error_stat to 1, which means that an error has occurred 
        $error_stat = 1; 
    
    //Set the message to tell the user to enter a username 
        $description_message = '*Please enter a job description*'; 
    } 
    
    $description = $_POST['description'];  
    $description = trim($description);  
    
       if (strlen($description) > 150){  
       $error_stat = 1;  
       $description_message = '*Job Title must be 150 characters or less*';  
    }  
    
       
       
       
    //    Educational Level Check)   
    if ($educationallevel == 'Please Select'){ 
    //Set the error_stat to 1, which means that an error has occurred 
        $error_stat = 1; 
        $educationallevel_message = '*Please select Educational level required*'; 
    } 
    
    
    if( $_FILES['userfile']['size'] > 2000000 ){
        //Set the error_stat to 1, which means that an error has occurred
    	$error_stat = 1;
    	$filesize_message = '*Filesize too large *';
    
    	}
    	
    	$fileTypes = array("application/pdf", "application/msword");
    
    	if( !in_array("{$_FILES['userfile']['type']}", $fileTypes) ){
        $error_stat = 1;
    	$filetype_message = '*Filetype not allowed *';
    
    	}
    
    
    
    
    $uploadDir = 'applicationforms/';  
    
    if (isset($_POST['submit']) && $error_stat == 0) { 
    
    
        $fileName = $_FILES['userfile']['name']; 
        $tmpName  = $_FILES['userfile']['tmp_name']; 
        $fileSize = $_FILES['userfile']['size']; 
        $fileType = $_FILES['userfile']['type']; 
    
        // the files will be saved in filePath  
        $filePath = $uploadDir . $fileName; 
    
        // move the files to the specified directory 
        // if the upload directory is not writable or 
        // something else went wrong $result will be false 
        $result    = move_uploaded_file($tmpName, $filePath); 
         
         
        include("database.php"); 
    
        if(!get_magic_quotes_gpc()) 
        { 
            $fileName  = addslashes($fileName); 
            $filePath  = addslashes($filePath); 
        }   
    }   
        
        
     
    	 mysql_query("UPDATE job SET username='" . $_POST["username"] . "',jobtitle='" . $_POST["jobtitle"] . "',jobcatergory='" . $_POST["jobcatergory"] . "',joblocation='" . $_POST["joblocation"] . "',employmenttype='" . $_POST["employmenttype"] . "',salary='" . $_POST["salary"] . "',date='" . $_POST["date"] . "',educationallevel='" . $_POST["educationallevel"] . "',description='" . $_POST["description"] . "', name='$fileName', type='$fileType', size='$fileSize', path='$filePath' WHERE username='$username' AND id='$id'"); 
      
    ?>  
               
    <br /> 
    <a href="index.php">Back to main page</a> 
    <br /> 
    <br /> 
    <br /> 
    The Job record has been successfully updated. 
    <?php  
    }  
    else  
    {  
    $account = mysql_fetch_array(mysql_query("SELECT * FROM job WHERE username='$username' AND id='$id'"))
    ?>  
    <form method="post" class="addform" action="" enctype="multipart/fom-data"> 
    <fieldset>  
    <label for="cvtitle">Edit Job</label><fieldset> 
    <p align="right">&nbsp;</p>
    </fieldset> 
    <label for="username">Username:</label>  
    <input readonly name="username" type="text" id="username" value="<?php echo $_SESSION["username"]; ?>" /><br />  
    </fieldset>  
    
    <hr class="hr_blue"/>
    
    <fieldset> 
    <label for="jobtitle">Job Title:</label> 
    <input name="jobtitle" type="text" id="jobtitle" value="<?php echo $account['jobtitle']; ?>"/> 
    <span class="redboldtxt"><?php echo "$jobtitle_message";?></fieldset></span>
    
    
    <fieldset>    
    <label for="jobcatergory">Job Catergory:</label><p></p>   
    <select name="jobcatergory"> 
    <option value="Please Select">Please Select</option> 
    <?php 
      $jobcatergory_opts = array( 
        "Accountancy and Finance", 
        "Banking and Insurance", 
        "Construction", 
        "Customer Service", 
        "Engineering", 
        "Management",
        "Hotel and Catering", 
        "Information Technology",
        "Legal",
        "Marketing", 
        "Medical",
        "Retail",
        "Sales",
        "Secretarial",
        "Transport and Distribution",
        "Working from home",        
      ); 
      foreach($jobcatergory_opts as $opt){
        $selected = $account['jobcatergory'] == $opt ? " selected=true":"";
        print "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
    </select>
    <span class="redboldtxt"><?php echo "$jobcatergory_message";?><?php echo $error['jobcatergory']; ?></span></fieldset> 
    
    <fieldset> 
    <label for="joblocation">Location:</label> 
    <p></p>
    <select name="joblocation">
    <option value="Please Select">Please Select</option>
    <?php
      $joblocation_opts = array(
        "Co.Antrim",
        "Co.Armagh",
        "Co.Down",
        "Co.Fermanagh",
        "Co.Londonderry",
        "Co.Tyrone",
      );
      foreach($joblocation_opts as $opt){
        $selected = $account['joblocation'] == $opt ? " selected=true":"";
        print "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
    </select>
    <span class="redboldtxt"><?php echo "$joblocation_message";?><?php echo $error['joblocation']; ?></span></fieldset>  
    
    
    <fieldset>  
    <label for="employmenttype">Job Type:</label><p></p>  
    <select name="employmenttype"> 
    <option value="Please Select">Please Select</option> 
    <?php 
      $employmenttype_opts = array( 
        "permanent fulltime", 
        "permanent parttime", 
        "temporary fulltime", 
        "temporary parttime", 
      ); 
      foreach($employmenttype_opts as $opt){
        $selected = $account['employmenttype'] == $opt ? " selected=true":"";
        print "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
    </select>
    <span class="redboldtxt"><?php echo "$employmenttype_message";?><?php echo $error['employmenttype']; ?></span></fieldset> 
    
    
    <fieldset> 
    <label for="salary">Salary:</label> 
    <input name="salary" type="text" id="salary" value="<?php echo $account['salary']; ?>"/> 
    <span class="redboldtxt"><?php echo "$salary_message";?></span></fieldset>
    
    <fieldset> 
    <label for="date">Closing Date:</label> 
    <input name="date" type="text" id="date" value="<?php echo $account['date']; ?>"/> 
    <span class="redboldtxt"><?php echo "$date_message";?></span></fieldset> 
     
    
    <fieldset>  
    <label for="educationallevel">Qualification Level Required:</label><p></p>   
    <select name="educationallevel"> 
    <option value="Please Select">Please Select</option> 
    <?php 
      $educationallevel_opts = array( 
        "GCSE", 
        "A-Level", 
        "Third Level Certification", 
        "Third Level Diploma", 
        "Third Level Degree", 
        "Post Graduate Qualification",
        "Masters",
        "PHD",
        "Professional Qualification",
        "Part Professional Qualification",
        "Trade Qualification", 
      ); 
      foreach($educationallevel_opts as $opt){
        $selected = $account['educationallevel'] == $opt ? " selected=true":"";
        print "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
    </select>
    <span class="redboldtxt"><?php echo "$educationallevel_message";?><?php echo $error['educationallevel']; ?></span></fieldset> 
    
    <hr class="hr_blue"/>
    
    <fieldset> 
    Job Description -<br /> 
    </fieldset> 
    
    <fieldset> 
    <textarea rows="2" name="description" cols="20"><?php echo $account["description"]; ?></textarea><p></p> 
    <span class="redboldtxt"><?php echo "$description_message";?></span></fieldset> 
    
    Upload Application Form</label> 
    <input type="hidden" name="MAX_FILE_SIZE" value="2000000"><input name="userfile" type="file" class="box" id="userfile">
    <span class="redboldtxt"><?php echo "$filesize_message";?></span>
    <span class="redboldtxt"><?php echo "$filetype_message";?></span>
    </fieldset>
    
    <p></p>
    <fieldset> 
    <p class="submit"><input type="submit" name="submit" value="Edit Job" />
    
    </fieldset>
    </form>

  • #2
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    Again you have no error checking. You are really getting into a bad habit of not doing this. Change this
    PHP Code:
    $account mysql_fetch_array(mysql_query()) 
    to this
    PHP Code:
    $sql "SELECT * FROM job WHERE username='$username' AND id='$id'";
    $result mysql_query($sql) or die(mysql_error());
    $account mysql_fetch_array($result
    Also check the url to make sure username and id are actually set properly.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • Users who have thanked _Aerospace_Eng_ for this post:

    PRodgers4284 (03-05-2008)

  • #3
    Regular Coder
    Join Date
    Jan 2008
    Posts
    216
    Thanks
    10
    Thanked 1 Time in 1 Post
    Quote Originally Posted by _Aerospace_Eng_ View Post
    Again you have no error checking. You are really getting into a bad habit of not doing this. Change this
    PHP Code:
    $account mysql_fetch_array(mysql_query()) 
    to this
    PHP Code:
    $sql "SELECT * FROM job WHERE username='$username' AND id='$id'";
    $result mysql_query($sql) or die(mysql_error());
    $account mysql_fetch_array($result
    Also check the url to make sure username and id are actually set properly.
    Hi Aerospace thanks for the reply, i am aware of the error checking issue, i intend to change this once i get the edit record populating the form, appreciate your help on this.

  • #4
    Regular Coder
    Join Date
    Jan 2008
    Posts
    216
    Thanks
    10
    Thanked 1 Time in 1 Post
    I still cant get the code to populate the edit form with the record, ive tried everything i cant think of, can anyone please help?
    Last edited by PRodgers4284; 03-05-2008 at 09:01 PM.

  • #5
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    I guess you don't see the point I'm trying to make. The point I'm making is your query could be failing. If its then your form won't be populated. Post your new code please.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #6
    Regular Coder
    Join Date
    Jan 2008
    Posts
    216
    Thanks
    10
    Thanked 1 Time in 1 Post
    Quote Originally Posted by _Aerospace_Eng_ View Post
    I guess you don't see the point I'm trying to make. The point I'm making is your query could be failing. If its then your form won't be populated. Post your new code please.
    Aerospace there are no errors appearing, the form is just not being populated.

    My code for the edit page is:

    PHP Code:
    <?php  
    $username 
    $_GET['username'];
    $id $_GET['id'];

    if (isset(
    $_POST['submit'])) { 

    $error_stat 0;  
    $jobtitle_message ''
    $jobcatergory_message ''
    $joblocation_message ''
    $employmenttype_message ''
    $salary_message ''
    $date_message ''
    $educationallevel_message ''
    $description_message ''
    $filesize_message '';
    $filetype_message '';

    $jobtitle trim($_POST['jobtitle']);
    $jobcatergory trim($_POST['jobcatergory']);
    $joblocation trim($_POST['joblocation']);
    $employmenttype trim($_POST['employmenttype']);
    $salary trim($_POST['salary']);
    $date trim($_POST['date']);
    $educationallevel trim($_POST['educationallevel']);
    $description trim($_POST['description']);

    //Error checking  



    // Job Title check)  
    if (!$jobtitle) { 
    //Set the error_stat to 1, which means that an error has occurred 
        
    $error_stat 1

    //Set the message to tell the user to enter a username 
        
    $jobtitle_message '*Please enter a job title*'


    else if (
    ctype_digit($jobtitle)) {  
       
    $error_stat 1;  
       
    $jobtitle_message .= '*Invalid Job Title*';  
    }  

    else if ( 
    preg_match'/\W/'$jobtitle)){ 
         
    $error_stat 1;  
        
    $jobtitle_message '*Invalid jobtitle, letters only, no spaces*';  

    }  

    $jobtitle $_POST['jobtitle'];  
    $jobtitle trim($jobtitle);  

       if (
    strlen($jobtitle) > 30){  
       
    $error_stat 1;  
       
    $jobtitle_message '*Job Title must be 20 characters or less*';  
    }  






    //  Job Catergory Check)   
    if ($jobcatergory == 'Please Select'){ 
    //Set the error_stat to 1, which means that an error has occurred 
        
    $error_stat 1
        
    $jobcatergory_message '*Please select a Job Catergory*'






    //    Job Location Check)   
    if ($joblocation == 'Please Select'){ 
    //Set the error_stat to 1, which means that an error has occurred 
        
    $error_stat 1
        
    $joblocation_message '*Please select a Job location*'



    // Employment Type Check)   
    if ($employmenttype == 'Please Select'){ 
    //Set the error_stat to 1, which means that an error has occurred 
        
    $error_stat 1
        
    $employmenttype_message '*Please select Employment type*'






    // Salary check)  
    if (!$salary) { 
    //Set the error_stat to 1, which means that an error has occurred 
        
    $error_stat 1

    //Set the message to tell the user to enter a username 
    $salary_message '*Please enter job salary*'


    else if (!
    ctype_digit($salary)) {  
       
    $error_stat 1;  
       
    $salary_message .= '*Invalid salary*';  





    //Date check)  
    if (empty($date)) { 
    //Set the error_stat to 1, which means that an error has occurred 
        
    $error_stat 1

    //Set the message to tell the user to enter a dob 
    $date_message '*Please enter job closing date*'


    //Check the format and explode into $parts 
      
    elseif (!ereg("^([0-9]{2})/([0-9]{2})/([0-9]{4})$",  
              
    $date$parts)){ 
         
    $error_stat 1;      

    //Set the message to tell the user the date is invalid 
    $date_message '*Invalid date, must be DD/MM/YYYY format*'

         
      elseif (!
    checkdate($parts[2],$parts[1],$parts[3])) 
      { 
      
    $error_stat 1;  
       
      
    //Set the message to tell the date is invalid for the month entered 
        
    $date_message '*Invalid date, month must be between 1-12*'

       

    // Job Description check)  
    if (!$description) { 
    //Set the error_stat to 1, which means that an error has occurred 
        
    $error_stat 1

    //Set the message to tell the user to enter a username 
        
    $description_message '*Please enter a job description*'


    $description $_POST['description'];  
    $description trim($description);  

       if (
    strlen($description) > 150){  
       
    $error_stat 1;  
       
    $description_message '*Job Title must be 150 characters or less*';  
    }  

       
       
       
    //    Educational Level Check)   
    if ($educationallevel == 'Please Select'){ 
    //Set the error_stat to 1, which means that an error has occurred 
        
    $error_stat 1
        
    $educationallevel_message '*Please select Educational level required*'



    if( 
    $_FILES['userfile']['size'] > 2000000 ){
        
    //Set the error_stat to 1, which means that an error has occurred
        
    $error_stat 1;
        
    $filesize_message '*Filesize too large *';

        }
        
        
    $fileTypes = array("application/pdf""application/msword");

        if( !
    in_array("{$_FILES['userfile']['type']}"$fileTypes) ){
        
    $error_stat 1;
        
    $filetype_message '*Filetype not allowed *';

        }




    $uploadDir 'applicationforms/';  

    if (isset(
    $_POST['submit']) && $error_stat == 0) { 


        
    $fileName $_FILES['userfile']['name']; 
        
    $tmpName  $_FILES['userfile']['tmp_name']; 
        
    $fileSize $_FILES['userfile']['size']; 
        
    $fileType $_FILES['userfile']['type']; 

        
    // the files will be saved in filePath  
        
    $filePath $uploadDir $fileName

        
    // move the files to the specified directory 
        // if the upload directory is not writable or 
        // something else went wrong $result will be false 
        
    $result    move_uploaded_file($tmpName$filePath); 
         
         
        include(
    "database.php"); 

        if(!
    get_magic_quotes_gpc()) 
        { 
            
    $fileName  addslashes($fileName); 
            
    $filePath  addslashes($filePath); 
        }  
         
        
       
    $update mysql_query("UPDATE job SET jobtitle='" $_POST["jobtitle"] . "',jobcatergory='" $_POST["jobcatergory"] . "',joblocation='" $_POST["joblocation"] . "',employmenttype='" $_POST["employmenttype"] . "',salary='" $_POST["salary"] . "',date='" $_POST["date"] . "',educationallevel='" $_POST["educationallevel"] . "',description='" $_POST["description"] . "', name='$fileName', type='$fileType', size='$fileSize', path='$filePath' WHERE username='$username' AND id='$id'"); 


    ?>  
               
    <br /> 
    <a href="index.php">Back to main page</a> 
    <br /> 
    <br /> 
    <br /> 
    The Job record has been successfully updated. 
    <?php  
    }
    else  
    {  

    $sql "SELECT * FROM job WHERE username='$username' AND id='$id'"
    $result mysql_query($sql) or die(mysql_error()); 
    $account mysql_fetch_array($result); 
    }
    }

    ?>  
    <form method="post" class="addform" action="" enctype="multipart/fom-data"> 
    <fieldset>  
    <label for="cvtitle">Edit Job</label><fieldset> 
    <p align="right">&nbsp;</p>
    </fieldset> 
    <label for="username">Username:</label>  
    <input readonly name="username" type="text" id="username" value="<?php echo $_SESSION["username"]; ?>" /><br />  
    </fieldset>  

    <hr class="hr_blue"/>

    <fieldset> 
    <label for="jobtitle">Job Title:</label> 
    <input name="jobtitle" type="text" id="jobtitle" value="<?php echo $account['jobtitle']; ?>"/> 
    <span class="redboldtxt"><?php echo "$jobtitle_message";?></fieldset></span>


    <fieldset>    
    <label for="jobcatergory">Job Catergory:</label><p></p>   
    <select name="jobcatergory"> 
    <option value="Please Select">Please Select</option> 
    <?php 
      $jobcatergory_opts 
    = array( 
        
    "Accountancy and Finance"
        
    "Banking and Insurance"
        
    "Construction"
        
    "Customer Service"
        
    "Engineering"
        
    "Management",
        
    "Hotel and Catering"
        
    "Information Technology",
        
    "Legal",
        
    "Marketing"
        
    "Medical",
        
    "Retail",
        
    "Sales",
        
    "Secretarial",
        
    "Transport and Distribution",
        
    "Working from home",        
      ); 
      foreach(
    $jobcatergory_opts as $opt){
        
    $selected $account['jobcatergory'] == $opt " selected=true":"";
        print 
    "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
    </select>
    <span class="redboldtxt"><?php echo "$jobcatergory_message";?><?php echo $error['jobcatergory']; ?></span></fieldset> 

    <fieldset> 
    <label for="joblocation">Location:</label> 
    <p></p>
    <select name="joblocation">
    <option value="Please Select">Please Select</option>
    <?php
      $joblocation_opts 
    = array(
        
    "Co.Antrim",
        
    "Co.Armagh",
        
    "Co.Down",
        
    "Co.Fermanagh",
        
    "Co.Londonderry",
        
    "Co.Tyrone",
      );
      foreach(
    $joblocation_opts as $opt){
        
    $selected $account['joblocation'] == $opt " selected=true":"";
        print 
    "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
    </select>
    <span class="redboldtxt"><?php echo "$joblocation_message";?><?php echo $error['joblocation']; ?></span></fieldset>  


    <fieldset>  
    <label for="employmenttype">Job Type:</label><p></p>  
    <select name="employmenttype"> 
    <option value="Please Select">Please Select</option> 
    <?php 
      $employmenttype_opts 
    = array( 
        
    "permanent fulltime"
        
    "permanent parttime"
        
    "temporary fulltime"
        
    "temporary parttime"
      ); 
      foreach(
    $employmenttype_opts as $opt){
        
    $selected $account['employmenttype'] == $opt " selected=true":"";
        print 
    "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
    </select>
    <span class="redboldtxt"><?php echo "$employmenttype_message";?><?php echo $error['employmenttype']; ?></span></fieldset> 


    <fieldset> 
    <label for="salary">Salary:</label> 
    <input name="salary" type="text" id="salary" value="<?php echo $account['salary']; ?>"/> 
    <span class="redboldtxt"><?php echo "$salary_message";?></span></fieldset>

    <fieldset> 
    <label for="date">Closing Date:</label> 
    <input name="date" type="text" id="date" value="<?php echo $account['date']; ?>"/> 
    <span class="redboldtxt"><?php echo "$date_message";?></span></fieldset> 
     

    <fieldset>  
    <label for="educationallevel">Qualification Level Required:</label><p></p>   
    <select name="educationallevel"> 
    <option value="Please Select">Please Select</option> 
    <?php 
      $educationallevel_opts 
    = array( 
        
    "GCSE"
        
    "A-Level"
        
    "Third Level Certification"
        
    "Third Level Diploma"
        
    "Third Level Degree"
        
    "Post Graduate Qualification",
        
    "Masters",
        
    "PHD",
        
    "Professional Qualification",
        
    "Part Professional Qualification",
        
    "Trade Qualification"
      ); 
      foreach(
    $educationallevel_opts as $opt){
        
    $selected $account['educationallevel'] == $opt " selected=true":"";
        print 
    "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
    </select>
    <span class="redboldtxt"><?php echo "$educationallevel_message";?><?php echo $error['educationallevel']; ?></span></fieldset> 

    <hr class="hr_blue"/>

    <fieldset> 
    Job Description -<br /> 
    </fieldset> 

    <fieldset> 
    <textarea rows="2" name="description" cols="20"><?php echo $account["description"]; ?></textarea><p></p> 
    <span class="redboldtxt"><?php echo "$description_message";?></span></fieldset> 

    Upload Application Form</label> 
    <input type="hidden" name="MAX_FILE_SIZE" value="2000000"><input name="userfile" type="file" class="box" id="userfile">
    <span class="redboldtxt"><?php echo "$filesize_message";?></span>
    <span class="redboldtxt"><?php echo "$filetype_message";?></span>
    </fieldset>

    <p></p>
    <fieldset> 
    <p class="submit"><input type="submit" name="submit" value="Add Job" />

    </fieldset>
    </form>
    The username and id seem to be passing ok for each record, i get "http://localhost/Jobs4U/editjob.php?username=&id=7" when i select the record for editing.
    Last edited by PRodgers4284; 03-05-2008 at 10:04 PM.

  • #7
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    Try this, I added session_start(); at the top which you didn't have so sessions weren't being read. I also formatted the php a little better so its easier to read.
    PHP Code:
    <?php
    session_start
    ();

    // set these to nothing to help prevent sql injection
    $username '';
    $id '';

    // set $username to the get variable using mysql_real_escape_string, if it doesn't exist set it to null so the query won't fail.
    $username = (isset($_GET['username']) ? mysql_real_escape_string($_GET['username']) : NULL;

    // set $id to the get variable using intval so we can be sure that only the int is taken
    $id = (isset($_GET['id']) ? intval($_GET['id']) : 1;

    if (isset(
    $_POST['submit']))

        
    $error_stat 0;  
        
    $jobtitle_message ''
        
    $jobcatergory_message ''
        
    $joblocation_message ''
        
    $employmenttype_message ''
        
    $salary_message ''
        
    $date_message ''
        
    $educationallevel_message ''
        
    $description_message ''
        
    $filesize_message '';
        
    $filetype_message '';
        
        
    $jobtitle trim($_POST['jobtitle']);
        
    $jobcatergory trim($_POST['jobcatergory']);
        
    $joblocation trim($_POST['joblocation']);
        
    $employmenttype trim($_POST['employmenttype']);
        
    $salary trim($_POST['salary']);
        
    $date trim($_POST['date']);
        
    $educationallevel trim($_POST['educationallevel']);
        
    $description trim($_POST['description']);
        
        
    //Error checking  



        // Job Title check)  
        
    if (!$jobtitle)
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
        
        
    //Set the message to tell the user to enter a username 
            
    $jobtitle_message '*Please enter a job title*'
        } 
        else if (
    ctype_digit($jobtitle))
        {  
           
    $error_stat 1;  
           
    $jobtitle_message .= '*Invalid Job Title*';  
        }  
        else if ( 
    preg_match'/\W/'$jobtitle))
        { 
             
    $error_stat 1;  
            
    $jobtitle_message '*Invalid jobtitle, letters only, no spaces*';      
        }  

        
    $jobtitle $_POST['jobtitle'];  
        
    $jobtitle trim($jobtitle);  

        if (
    strlen($jobtitle) > 30)
        {  
            
    $error_stat 1;  
            
    $jobtitle_message '*Job Title must be 20 characters or less*';
        }  
        
    //  Job Catergory Check)   
        
    if ($jobcatergory == 'Please Select')
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
            
    $jobcatergory_message '*Please select a Job Catergory*'
        } 

        
    //    Job Location Check)   
        
    if ($joblocation == 'Please Select')
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
            
    $joblocation_message '*Please select a Job location*'
        } 

        
    // Employment Type Check)   
        
    if ($employmenttype == 'Please Select')
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
            
    $employmenttype_message '*Please select Employment type*'
        } 
        
        
    // Salary check)  
        
    if (!$salary)
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
        
        
    //Set the message to tell the user to enter a username 
            
    $salary_message '*Please enter job salary*'
        } 
        else if (!
    ctype_digit($salary))
        {  
           
    $error_stat 1;  
           
    $salary_message .= '*Invalid salary*';  
        } 
        
        
    //Date check)  
        
    if (empty($date))
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
        
        
    //Set the message to tell the user to enter a dob 
        
    $date_message '*Please enter job closing date*'
        } 
        
    //Check the format and explode into $parts 
        
    elseif (!ereg("^([0-9]{2})/([0-9]{2})/([0-9]{4})$",$date$parts))
        { 
            
    $error_stat 1;      
        
        
    //Set the message to tell the user the date is invalid 
            
    $date_message '*Invalid date, must be DD/MM/YYYY format*'
        } 
         
        elseif (!
    checkdate($parts[2],$parts[1],$parts[3])) 
        { 
            
    $error_stat 1;  
               
            
    //Set the message to tell the date is invalid for the month entered 
            
    $date_message '*Invalid date, month must be between 1-12*'
        } 
        
        
    // Job Description check)  
        
    if (!$description)
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
        
        
    //Set the message to tell the user to enter a username 
            
    $description_message '*Please enter a job description*'
        } 

        
    $description $_POST['description'];  
        
    $description trim($description);  

        if (
    strlen($description) > 150)
        {  
            
    $error_stat 1;  
            
    $description_message '*Job Title must be 150 characters or less*';  
        }  

        
    //    Educational Level Check)   
        
    if ($educationallevel == 'Please Select')
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
            
    $educationallevel_message '*Please select Educational level required*'
        } 

        if( 
    $_FILES['userfile']['size'] > 2000000 )
        {
            
    //Set the error_stat to 1, which means that an error has occurred
            
    $error_stat 1;
            
    $filesize_message '*Filesize too large *';
        
        }
        
        
    $fileTypes = array("application/pdf""application/msword");

        if( !
    in_array("{$_FILES['userfile']['type']}"$fileTypes) )
        {
            
    $error_stat 1;
            
    $filetype_message '*Filetype not allowed *';
        }
        
        
    $uploadDir 'applicationforms/';  
        if (isset(
    $_POST['submit']) && $error_stat == 0)
        { 
        
        
            
    $fileName $_FILES['userfile']['name']; 
            
    $tmpName  $_FILES['userfile']['tmp_name']; 
            
    $fileSize $_FILES['userfile']['size']; 
            
    $fileType $_FILES['userfile']['type']; 
        
            
    // the files will be saved in filePath  
            
    $filePath $uploadDir $fileName
        
            
    // move the files to the specified directory 
            // if the upload directory is not writable or 
            // something else went wrong $result will be false 
            
    $result    move_uploaded_file($tmpName$filePath); 
             
             
            include(
    "database.php"); 
        
            if(!
    get_magic_quotes_gpc()) 
            { 
                
    $fileName  addslashes($fileName); 
                
    $filePath  addslashes($filePath); 
            }  
             
            
           
    $update mysql_query("UPDATE job SET jobtitle='" $_POST["jobtitle"] . "',jobcatergory='" $_POST["jobcatergory"] . "',joblocation='" $_POST["joblocation"] . "',employmenttype='" $_POST["employmenttype"] . "',salary='" $_POST["salary"] . "',date='" $_POST["date"] . "',educationallevel='" $_POST["educationallevel"] . "',description='" $_POST["description"] . "', name='$fileName', type='$fileType', size='$fileSize', path='$filePath' WHERE username='$username' AND id='$id'"); 


    ?>

    <br />
    <a href="index.php">Back to main page</a> <br />
    <br />
    <br />
    The Job record has been successfully updated.
    <?php  
        
    }
        else  
        {  
        
            
    $sql "SELECT * FROM job WHERE username='$username' AND id='$id'"
            
    $result mysql_query($sql) or die(mysql_error()); 
            
    $account mysql_fetch_array($result); 
        }
    }

    ?>
    <form method="post" class="addform" action="" enctype="multipart/fom-data">
        <fieldset>
        <label for="cvtitle">Edit Job</label>
        <fieldset>
        <p align="right">&nbsp;</p>
        </fieldset>
        <label for="username">Username:</label>
        <input readonly name="username" type="text" id="username" value="<?php echo $_SESSION["username"]; ?>" />
        <br />
        </fieldset>
        <hr class="hr_blue"/>
        <fieldset>
        <label for="jobtitle">Job Title:</label>
        <input name="jobtitle" type="text" id="jobtitle" value="<?php echo $account['jobtitle']; ?>"/>
        <span class="redboldtxt"><?php echo "$jobtitle_message";?>
        </fieldset>
        </span>
        <fieldset>
        <label for="jobcatergory">Job Catergory:</label>
        <p></p>
        <select name="jobcatergory">
            <option value="Please Select">Please Select</option>
            <?php 
      $jobcatergory_opts 
    = array( 
        
    "Accountancy and Finance"
        
    "Banking and Insurance"
        
    "Construction"
        
    "Customer Service"
        
    "Engineering"
        
    "Management",
        
    "Hotel and Catering"
        
    "Information Technology",
        
    "Legal",
        
    "Marketing"
        
    "Medical",
        
    "Retail",
        
    "Sales",
        
    "Secretarial",
        
    "Transport and Distribution",
        
    "Working from home",        
      ); 
      foreach(
    $jobcatergory_opts as $opt){
        
    $selected $account['jobcatergory'] == $opt " selected='selected'":"";
        print 
    "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
        </select>
        <span class="redboldtxt"><?php echo "$jobcatergory_message";?><?php echo $error['jobcatergory']; ?></span>
        </fieldset>
        <fieldset>
        <label for="joblocation">Location:</label>
        <p></p>
        <select name="joblocation">
            <option value="Please Select">Please Select</option>
            <?php
      $joblocation_opts 
    = array(
        
    "Co.Antrim",
        
    "Co.Armagh",
        
    "Co.Down",
        
    "Co.Fermanagh",
        
    "Co.Londonderry",
        
    "Co.Tyrone",
      );
      foreach(
    $joblocation_opts as $opt){
        
    $selected $account['joblocation'] == $opt " selected=true":"";
        print 
    "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
        </select>
        <span class="redboldtxt"><?php echo "$joblocation_message";?><?php echo $error['joblocation']; ?></span>
        </fieldset>
        <fieldset>
        <label for="employmenttype">Job Type:</label>
        <p></p>
        <select name="employmenttype">
            <option value="Please Select">Please Select</option>
            <?php 
      $employmenttype_opts 
    = array( 
        
    "permanent fulltime"
        
    "permanent parttime"
        
    "temporary fulltime"
        
    "temporary parttime"
      ); 
      foreach(
    $employmenttype_opts as $opt){
        
    $selected $account['employmenttype'] == $opt " selected=true":"";
        print 
    "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
        </select>
        <span class="redboldtxt"><?php echo "$employmenttype_message";?><?php echo $error['employmenttype']; ?></span>
        </fieldset>
        <fieldset>
        <label for="salary">Salary:</label>
        <input name="salary" type="text" id="salary" value="<?php echo $account['salary']; ?>"/>
        <span class="redboldtxt"><?php echo "$salary_message";?></span>
        </fieldset>
        <fieldset>
        <label for="date">Closing Date:</label>
        <input name="date" type="text" id="date" value="<?php echo $account['date']; ?>"/>
        <span class="redboldtxt"><?php echo "$date_message";?></span>
        </fieldset>
        <fieldset>
        <label for="educationallevel">Qualification Level Required:</label>
        <p></p>
        <select name="educationallevel">
            <option value="Please Select">Please Select</option>
            <?php 
      $educationallevel_opts 
    = array( 
        
    "GCSE"
        
    "A-Level"
        
    "Third Level Certification"
        
    "Third Level Diploma"
        
    "Third Level Degree"
        
    "Post Graduate Qualification",
        
    "Masters",
        
    "PHD",
        
    "Professional Qualification",
        
    "Part Professional Qualification",
        
    "Trade Qualification"
      ); 
      foreach(
    $educationallevel_opts as $opt){
        
    $selected $account['educationallevel'] == $opt " selected=true":"";
        print 
    "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
        </select>
        <span class="redboldtxt"><?php echo "$educationallevel_message";?><?php echo $error['educationallevel']; ?></span>
        </fieldset>
        <hr class="hr_blue"/>
        <fieldset>
        Job Description -<br />
        </fieldset>
        <fieldset>
        <textarea rows="2" name="description" cols="20"><?php echo $account["description"]; ?></textarea>
        <p></p>
        <span class="redboldtxt"><?php echo "$description_message";?></span>
        </fieldset>
        Upload Application Form
        </label>
        <input type="hidden" name="MAX_FILE_SIZE" value="2000000">
        <input name="userfile" type="file" class="box" id="userfile">
        <span class="redboldtxt"><?php echo "$filesize_message";?></span> <span class="redboldtxt"><?php echo "$filetype_message";?></span>
        </fieldset>
        <p></p>
        <fieldset>
        <p class="submit">
            <input type="submit" name="submit" value="Add Job" />
        </fieldset>
    </form>
    I just noticed you posted what you get for the edit record link. Notice how username isn't even there? Where are you passing that value into the url? Remember if you want to use sessions you need to use session_start(); at the top of EVERY page that you need sessions before any output to the browser. Also I noticed in some of your queries you use $_POST['name'] but you don't use mysql_real_escape_string. If some how someone got into this area of the site they could run sql injections because you are queries don't prevent it. I suggest you read http://www.ilovejackdaniels.com/php/writing-secure-php/
    all parts. Parts 2 and 3 are linked just after the start of the article. You will learn a lot about writing secure php.
    Last edited by _Aerospace_Eng_; 03-05-2008 at 10:27 PM.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #8
    Regular Coder
    Join Date
    Jan 2008
    Posts
    216
    Thanks
    10
    Thanked 1 Time in 1 Post
    Quote Originally Posted by _Aerospace_Eng_ View Post
    Try this, I added session_start(); at the top which you didn't have so sessions weren't being read. I also formatted the php a little better so its easier to read.
    PHP Code:
    <?php
    session_start
    ();
    $username '';
    $id '';

    $username = (isset($_GET['username']) ? mysql_real_escape_string($_GET['username']) : NULL;
    $id = (isset($_GET['id']) ? intval($_GET['id']) : 1;

    if (isset(
    $_POST['submit']))

        
    $error_stat 0;  
        
    $jobtitle_message ''
        
    $jobcatergory_message ''
        
    $joblocation_message ''
        
    $employmenttype_message ''
        
    $salary_message ''
        
    $date_message ''
        
    $educationallevel_message ''
        
    $description_message ''
        
    $filesize_message '';
        
    $filetype_message '';
        
        
    $jobtitle trim($_POST['jobtitle']);
        
    $jobcatergory trim($_POST['jobcatergory']);
        
    $joblocation trim($_POST['joblocation']);
        
    $employmenttype trim($_POST['employmenttype']);
        
    $salary trim($_POST['salary']);
        
    $date trim($_POST['date']);
        
    $educationallevel trim($_POST['educationallevel']);
        
    $description trim($_POST['description']);
        
        
    //Error checking  



        // Job Title check)  
        
    if (!$jobtitle)
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
        
        
    //Set the message to tell the user to enter a username 
            
    $jobtitle_message '*Please enter a job title*'
        } 
        else if (
    ctype_digit($jobtitle))
        {  
           
    $error_stat 1;  
           
    $jobtitle_message .= '*Invalid Job Title*';  
        }  
        else if ( 
    preg_match'/\W/'$jobtitle))
        { 
             
    $error_stat 1;  
            
    $jobtitle_message '*Invalid jobtitle, letters only, no spaces*';      
        }  

        
    $jobtitle $_POST['jobtitle'];  
        
    $jobtitle trim($jobtitle);  

        if (
    strlen($jobtitle) > 30)
        {  
            
    $error_stat 1;  
            
    $jobtitle_message '*Job Title must be 20 characters or less*';
        }  
        
    //  Job Catergory Check)   
        
    if ($jobcatergory == 'Please Select')
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
            
    $jobcatergory_message '*Please select a Job Catergory*'
        } 

        
    //    Job Location Check)   
        
    if ($joblocation == 'Please Select')
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
            
    $joblocation_message '*Please select a Job location*'
        } 

        
    // Employment Type Check)   
        
    if ($employmenttype == 'Please Select')
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
            
    $employmenttype_message '*Please select Employment type*'
        } 
        
        
    // Salary check)  
        
    if (!$salary)
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
        
        
    //Set the message to tell the user to enter a username 
            
    $salary_message '*Please enter job salary*'
        } 
        else if (!
    ctype_digit($salary))
        {  
           
    $error_stat 1;  
           
    $salary_message .= '*Invalid salary*';  
        } 
        
        
    //Date check)  
        
    if (empty($date))
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
        
        
    //Set the message to tell the user to enter a dob 
        
    $date_message '*Please enter job closing date*'
        } 
        
    //Check the format and explode into $parts 
        
    elseif (!ereg("^([0-9]{2})/([0-9]{2})/([0-9]{4})$",$date$parts))
        { 
            
    $error_stat 1;      
        
        
    //Set the message to tell the user the date is invalid 
            
    $date_message '*Invalid date, must be DD/MM/YYYY format*'
        } 
         
        elseif (!
    checkdate($parts[2],$parts[1],$parts[3])) 
        { 
            
    $error_stat 1;  
               
            
    //Set the message to tell the date is invalid for the month entered 
            
    $date_message '*Invalid date, month must be between 1-12*'
        } 
        
        
    // Job Description check)  
        
    if (!$description)
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
        
        
    //Set the message to tell the user to enter a username 
            
    $description_message '*Please enter a job description*'
        } 

        
    $description $_POST['description'];  
        
    $description trim($description);  

        if (
    strlen($description) > 150)
        {  
            
    $error_stat 1;  
            
    $description_message '*Job Title must be 150 characters or less*';  
        }  

        
    //    Educational Level Check)   
        
    if ($educationallevel == 'Please Select')
        { 
        
    //Set the error_stat to 1, which means that an error has occurred 
            
    $error_stat 1
            
    $educationallevel_message '*Please select Educational level required*'
        } 

        if( 
    $_FILES['userfile']['size'] > 2000000 )
        {
            
    //Set the error_stat to 1, which means that an error has occurred
            
    $error_stat 1;
            
    $filesize_message '*Filesize too large *';
        
        }
        
        
    $fileTypes = array("application/pdf""application/msword");

        if( !
    in_array("{$_FILES['userfile']['type']}"$fileTypes) )
        {
            
    $error_stat 1;
            
    $filetype_message '*Filetype not allowed *';
        }
        
        
    $uploadDir 'applicationforms/';  
        if (isset(
    $_POST['submit']) && $error_stat == 0)
        { 
        
        
            
    $fileName $_FILES['userfile']['name']; 
            
    $tmpName  $_FILES['userfile']['tmp_name']; 
            
    $fileSize $_FILES['userfile']['size']; 
            
    $fileType $_FILES['userfile']['type']; 
        
            
    // the files will be saved in filePath  
            
    $filePath $uploadDir $fileName
        
            
    // move the files to the specified directory 
            // if the upload directory is not writable or 
            // something else went wrong $result will be false 
            
    $result    move_uploaded_file($tmpName$filePath); 
             
             
            include(
    "database.php"); 
        
            if(!
    get_magic_quotes_gpc()) 
            { 
                
    $fileName  addslashes($fileName); 
                
    $filePath  addslashes($filePath); 
            }  
             
            
           
    $update mysql_query("UPDATE job SET jobtitle='" $_POST["jobtitle"] . "',jobcatergory='" $_POST["jobcatergory"] . "',joblocation='" $_POST["joblocation"] . "',employmenttype='" $_POST["employmenttype"] . "',salary='" $_POST["salary"] . "',date='" $_POST["date"] . "',educationallevel='" $_POST["educationallevel"] . "',description='" $_POST["description"] . "', name='$fileName', type='$fileType', size='$fileSize', path='$filePath' WHERE username='$username' AND id='$id'"); 


    ?>

    <br />
    <a href="index.php">Back to main page</a> <br />
    <br />
    <br />
    The Job record has been successfully updated.
    <?php  
        
    }
        else  
        {  
        
            
    $sql "SELECT * FROM job WHERE username='$username' AND id='$id'"
            
    $result mysql_query($sql) or die(mysql_error()); 
            
    $account mysql_fetch_array($result); 
        }
    }

    ?>
    <form method="post" class="addform" action="" enctype="multipart/fom-data">
        <fieldset>
        <label for="cvtitle">Edit Job</label>
        <fieldset>
        <p align="right">&nbsp;</p>
        </fieldset>
        <label for="username">Username:</label>
        <input readonly name="username" type="text" id="username" value="<?php echo $_SESSION["username"]; ?>" />
        <br />
        </fieldset>
        <hr class="hr_blue"/>
        <fieldset>
        <label for="jobtitle">Job Title:</label>
        <input name="jobtitle" type="text" id="jobtitle" value="<?php echo $account['jobtitle']; ?>"/>
        <span class="redboldtxt"><?php echo "$jobtitle_message";?>
        </fieldset>
        </span>
        <fieldset>
        <label for="jobcatergory">Job Catergory:</label>
        <p></p>
        <select name="jobcatergory">
            <option value="Please Select">Please Select</option>
            <?php 
      $jobcatergory_opts 
    = array( 
        
    "Accountancy and Finance"
        
    "Banking and Insurance"
        
    "Construction"
        
    "Customer Service"
        
    "Engineering"
        
    "Management",
        
    "Hotel and Catering"
        
    "Information Technology",
        
    "Legal",
        
    "Marketing"
        
    "Medical",
        
    "Retail",
        
    "Sales",
        
    "Secretarial",
        
    "Transport and Distribution",
        
    "Working from home",        
      ); 
      foreach(
    $jobcatergory_opts as $opt){
        
    $selected $account['jobcatergory'] == $opt " selected='selected'":"";
        print 
    "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
        </select>
        <span class="redboldtxt"><?php echo "$jobcatergory_message";?><?php echo $error['jobcatergory']; ?></span>
        </fieldset>
        <fieldset>
        <label for="joblocation">Location:</label>
        <p></p>
        <select name="joblocation">
            <option value="Please Select">Please Select</option>
            <?php
      $joblocation_opts 
    = array(
        
    "Co.Antrim",
        
    "Co.Armagh",
        
    "Co.Down",
        
    "Co.Fermanagh",
        
    "Co.Londonderry",
        
    "Co.Tyrone",
      );
      foreach(
    $joblocation_opts as $opt){
        
    $selected $account['joblocation'] == $opt " selected=true":"";
        print 
    "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
        </select>
        <span class="redboldtxt"><?php echo "$joblocation_message";?><?php echo $error['joblocation']; ?></span>
        </fieldset>
        <fieldset>
        <label for="employmenttype">Job Type:</label>
        <p></p>
        <select name="employmenttype">
            <option value="Please Select">Please Select</option>
            <?php 
      $employmenttype_opts 
    = array( 
        
    "permanent fulltime"
        
    "permanent parttime"
        
    "temporary fulltime"
        
    "temporary parttime"
      ); 
      foreach(
    $employmenttype_opts as $opt){
        
    $selected $account['employmenttype'] == $opt " selected=true":"";
        print 
    "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
        </select>
        <span class="redboldtxt"><?php echo "$employmenttype_message";?><?php echo $error['employmenttype']; ?></span>
        </fieldset>
        <fieldset>
        <label for="salary">Salary:</label>
        <input name="salary" type="text" id="salary" value="<?php echo $account['salary']; ?>"/>
        <span class="redboldtxt"><?php echo "$salary_message";?></span>
        </fieldset>
        <fieldset>
        <label for="date">Closing Date:</label>
        <input name="date" type="text" id="date" value="<?php echo $account['date']; ?>"/>
        <span class="redboldtxt"><?php echo "$date_message";?></span>
        </fieldset>
        <fieldset>
        <label for="educationallevel">Qualification Level Required:</label>
        <p></p>
        <select name="educationallevel">
            <option value="Please Select">Please Select</option>
            <?php 
      $educationallevel_opts 
    = array( 
        
    "GCSE"
        
    "A-Level"
        
    "Third Level Certification"
        
    "Third Level Diploma"
        
    "Third Level Degree"
        
    "Post Graduate Qualification",
        
    "Masters",
        
    "PHD",
        
    "Professional Qualification",
        
    "Part Professional Qualification",
        
    "Trade Qualification"
      ); 
      foreach(
    $educationallevel_opts as $opt){
        
    $selected $account['educationallevel'] == $opt " selected=true":"";
        print 
    "<option value=\"{$opt}\"{$selected}>{$opt}</option>";
      }
    ?>
        </select>
        <span class="redboldtxt"><?php echo "$educationallevel_message";?><?php echo $error['educationallevel']; ?></span>
        </fieldset>
        <hr class="hr_blue"/>
        <fieldset>
        Job Description -<br />
        </fieldset>
        <fieldset>
        <textarea rows="2" name="description" cols="20"><?php echo $account["description"]; ?></textarea>
        <p></p>
        <span class="redboldtxt"><?php echo "$description_message";?></span>
        </fieldset>
        Upload Application Form
        </label>
        <input type="hidden" name="MAX_FILE_SIZE" value="2000000">
        <input name="userfile" type="file" class="box" id="userfile">
        <span class="redboldtxt"><?php echo "$filesize_message";?></span> <span class="redboldtxt"><?php echo "$filetype_message";?></span>
        </fieldset>
        <p></p>
        <fieldset>
        <p class="submit">
            <input type="submit" name="submit" value="Add Job" />
        </fieldset>
    </form>
    I just noticed you posted what you get for the edit record link. Notice how username isn't even there? Where are you passing that value into the url? Remember if you want to use sessions you need to use session_start(); at the top of EVERY page that you need sessions before any output to the browser.
    Aerospace, i tried the code, im getting error on line 69, "Parse error: syntax error, unexpected ';'"

    I have session start at the very top of script:

    PHP Code:
    <?php 
    session_start
    ();  
    if(!isset(
    $_SESSION['username'])){  
    header("Location: index2.php");  
    }   
    include(
    "database.php"); 
    include(
    "loginemployer.php"); 
    ?>
    I am passing the value into the url from a view record page which includes the link to the edit page, the link passes the username and id.

    The code for the view records is:

    PHP Code:
    <?php   

    $sessid 
    $_SESSION["username"] ;

    $query "SELECT * FROM job WHERE username='" $sessid"'";


    $result mysql_query($query);
    if(!
    $result){
       
    // check if is something wrong
       
    print "Error";
    }else{
     if(
    mysql_num_rows($result) == 0){  
         print 
    "No Jobs Exist";
     }else{
     while (
    $account = @mysql_fetch_array($result)) { 
        
    $id=$account["id"]; 
        
    $jobtitle=$account["jobtitle"]; 
        
    $jobcatergory=$account["jobcatergory"]; 
       
    ?>
       <form class="jobform" action="">  
    <fieldset>  
    <p class="edit"> 
    </fieldset> 
    <fieldset>  
    <label for="jobtitle">Job Title:</label>  
    <input readonly name="jobtitle" type="text" id="jobtitle" value="<?php echo $account["jobtitle"]; ?>" /><br />  
    </fieldset>
    <fieldset style="width: 602; height: 58">  
    <label for="jobcatergory">Job Catergory:</label>  
    <input readonly name="jobcatergory" type="text" id="jobcatergory" value="<?php echo $account["jobcatergory"]; ?>" />  
    </fieldset> 
    <fieldset>  
    <table border="0" align=right width="40%" id="table14">
        <tr>
            <td align="right"><span class="navyboldtxt"><p align="right"><?php echo "<a href='editjob.php?username=$username&id=$id'>Edit/Update Job</a>"?></p></td>
            <td align="right"><span class="navyboldtxt"><p align="right"><?php echo "<a href='editjob.php?username=$username&id=$id'>Delete Job</a>"?></p></td>
    </td>
        </tr>
    </table>
    </fieldset> 
    </form
    Thanks for the link about the sql injection, im know my code is unsecure at the minute, i intend to look into the security issues, i appreciate you advice on this.
    Last edited by PRodgers4284; 03-05-2008 at 10:41 PM.

  • #9
    Supreme Master coder! _Aerospace_Eng_'s Avatar
    Join Date
    Dec 2004
    Location
    In a place far, far away...
    Posts
    19,291
    Thanks
    2
    Thanked 1,043 Times in 1,019 Posts
    You don't have session_start(); on view records. Again the EXACT error you are getting would be useful because it tells you where the error is. I didn't change much other than the two lines on the top.
    ||||If you are getting paid to do a job, don't ask for help on it!||||

  • #10
    Regular Coder
    Join Date
    Jan 2008
    Posts
    216
    Thanks
    10
    Thanked 1 Time in 1 Post
    Quote Originally Posted by _Aerospace_Eng_ View Post
    You don't have session_start(); on view records. Again the EXACT error you are getting would be useful because it tells you where the error is. I didn't change much other than the two lines on the top.
    Aerospace i managed to get this workin, the problem was on the viewjob page, I have session start on the viewjob page, didnt think i needed to post it up, sorryy for the confusion. I was missing "$username=$account["username"];" in the while statement on the viewjob page, thats why the username was not being sent. Thanks for your help, really appreciate it.

    Thank again
    Last edited by PRodgers4284; 03-06-2008 at 11:00 AM.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •