I’m very new to this and I’m following the examples in the book “Build you own database driven website using php and mysql” and I’m working on the content management system, I’m trying to add and edit users in the database; the form comes up alright and it doesn’t bring up any error messages but when editing nothing comes up in the boxes to edit and when you type the information in it doesn’t change anything and when you go to add a new user nothing happens I’m wondering if I’ve missed something out at some point this is the code for the index.php:
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd”>
<html xmlns=“http://www.w3.org/1999/xhtml”>
<head>
<meta http-equiv=“Content-Type” content=“text/html; charset=utf-8” />
<title>Untitled Document</title>
</head>
<body>
<?php
include $_SERVER[‘DOCUMENT_ROOT’] . ‘/includes/db.inc.php’;
$result = mysqli_query($link, ‘SELECT id, firstname, surname, email, pword, address, telno FROM cakeuser’);
if (!$result)
{
$error = ‘Error fetching users from database!’;
include ‘error.html.php’;
exit();
}
while ($row = mysqli_fetch_array($result))
{
$users = array(‘id’ => $row[‘id’], ‘firstname’ => $row[‘firstname’], ‘surname’ => $row[‘surname’], ‘email’ => $row[‘email’], ‘pword’ => $row[‘pword’], ‘address’ => $row[‘address’], ‘telno’ => $row[‘telno’]);
}
include ‘users.html.php’;
if (isset($_POST[‘action’]) and $_POST[‘action’] == ‘Delete’)
{
include $_SERVER[‘DOCUMENT_ROOT’] . ‘/includes/db.inc.php’;
$id = mysqli_real_escape_string($link, $_POST[‘id’]);
// Delete the author
$sql = "DELETE FROM cakeuser WHERE id='$id'";
if (!mysqli_query($link, $sql))
{
$error = 'Error deleting user.';
include 'error.html.php';
exit();
}
header('Location: .');
exit();
}
include_once $_SERVER[‘DOCUMENT_ROOT’] .
‘/includes/magicquotes.inc.php’;
if (isset($_GET[‘add’]))
{
$pagetitle = ‘New User’;
$action = ‘addform’;
$firstname = ‘’;
$surname = ‘’;
$email = ‘’;
$pword = ‘’;
$address = ‘’;
$telno = ‘’;
$id = ‘’;
$button = ‘Add user’;
include 'form.html.php';
exit();
}
if (isset($_GET[‘addform’]))
{
include $_SERVER[‘DOCUMENT_ROOT’] . ‘/includes/db.inc.php’;
$firstname = mysqli_real_escape_string($link, $_POST['firstname']);
$surname = mysqli_real_escape_string($link, $_POST['surname']);
$email = mysqli_real_escape_string($link, $_POST['email']);
$pword = mysqli_real_escape_string($link, $_POST['pword']);
$address = mysqli_real_escape_string($link, $_POST['address']);
$telno = mysqli_real_escape_string($link, $_POST['telno']);
$sql = "INSERT INTO cakeuser SET
firstname='$firstname',
surname='$surname',
email='$email'
pword='$pword',
address='$address',
telno='$telno'";
if (!mysqli_query($link, $sql))
{
$error = 'Error adding submitted user.';
include 'error.html.php';
exit();
}
header('Location: .');
exit();
}
if (isset($_POST[‘action’]) and $_POST[‘action’] == ‘Edit’)
{
include $_SERVER[‘DOCUMENT_ROOT’] . ‘/includes/db.inc.php’;
$id = mysqli_real_escape_string($link, $_POST['id']);
$sql = "SELECT id, firstname, surname, email, pword, address, telno FROM cakeuser WHERE id='$id'";
$result = mysqli_query($link, $sql);
if (!$result)
{
$error = 'Error fetching user details.';
include 'error.html.php';
exit();
}
$row = mysqli_fetch_array($result);
$pagetitle = 'Edit User';
$action = 'editform';
$name = $row['firstname'];
$name = $row['surname'];
$email = $row['email'];
$name = $row['pword'];
$name = $row['address'];
$name = $row['telno'];
$id = $row['id'];
$button = 'Update user';
include 'form.html.php';
exit();
}
if (isset($_GET[‘editform’]))
{
include $_SERVER[‘DOCUMENT_ROOT’] . ‘/includes/db.inc.php’;
$id = mysqli_real_escape_string($link, $_POST['id']);
$firstname = mysqli_real_escape_string($link, $_POST['firstname']);
$surname = mysqli_real_escape_string($link, $_POST['surname']);
$email = mysqli_real_escape_string($link, $_POST['email']);
$pword = mysqli_real_escape_string($link, $_POST['pword']);
$address = mysqli_real_escape_string($link, $_POST['address']);
$telno = mysqli_real_escape_string($link, $_POST['telno']);
$sql = "UPDATE cakeuser SET
firstname='$firstname',
surname='$surname',
email='$email'
pword='$pword',
address='$address',
telno='$telno'
WHERE id='$id'";
if (!mysqli_query($link, $sql))
{
$error = 'Error updating submitted user.';
include 'error.html.php';
exit();
}
header('Location: .');
exit();
}
?>
</body>
</html>
Thankyou for any help