#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2018
    Posts
    4
    Rep Power
    0

    PHP $_Get method only returns partial value


    Good evening,

    I have an assignment due that involves taking input from a form and being able to update products in a backend mysql database.

    The only problem is that for some reason my app only allows me to update and delete products that are one word long. The items I want to delete have two words. It's almost like there's something I need to do to deal with spaces. I notice the product name in the url cuts off the second word of the product like urls below should both say "Jasmine Oil" not just "Jasmine". See below for an example:

    301 Moved Permanently

    301 Moved Permanently

    When I did an echo on $_GET["ProductName"] for testing purposes, I noticed that it only returns the first word in the Product Name and not the rest of the Product Name. Here's the specific $_Get code below:

    if (isset($_GET["ProductName"])) {
    $toDelete = $_GET["ProductName"];

    Does anyone know how I can address this?

    Here's my entire code below:


    PHP Code:
    <html>
    <head>
     <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
     <title>Update Product </title>
    </head>
    <body >
    <?php

    // Retrieve Post Data
    $username $_POST["username"];
    $email $_POST["email"];
    $password $_POST["password"];
    echo 
    $password;


    // Set the session information
    session_start();
    $_SESSION['appusername'] = $username;
    $_SESSION['appemail'] = $email;
    $_SESSION['apppassword'] = $password;


    // Check to see if Delete name is provided

    if (isset($_GET["ProductName"])) {
     
    $toUpdate $_GET["ProductName"];
     
    // A bit dangerous without checks and use of getMethod
     
    updateIt($toUpdate);

     echo 
    "<p></p>";

     echo 
    "<a href=InsertApp.php> Insert Another Product </a>";
     echo 
    "<p></p>";
     echo 
    "<a href=SelectApp.php> Select Products </a>";
     echo 
    "<p></p>";
     echo 
    "<a href=DeleteApp.php> Delete Products </a>";
     echo 
    "<p></p>";
     echo 
    "<a href=UpdateApp.php> Update Products </a>";
    }
    else if (isset(
    $_POST["UpdateMe"])) {
    // Assign values
     
    $productname $_POST["productname"];
     
    $price $_POST["price"];
     
    $qty $_POST["qty"];
     

     
    $product = new ProductClass($productname,$price,$qty);
     
    // Update the database
     
    FinalUpdate($product);
    echo 
    "<p></p>";
     echo 
    "<a href=InsertApp.php> Insert Another Product </a>";
     echo 
    "<p></p>";
     echo 
    "<a href=SelectApp.php> Select Products </a>";
     echo 
    "<p></p>";
     echo 
    "<a href=DeleteApp.php> Delete Products </a>";
     echo 
    "<p></p>";
     echo 
    "<a href=UpdateApp.php> Update Products </a>";
    }
    else {
     
    show_form();

     
    // Provide option for inserting another product
     
    echo "<p></p>";
     echo 
    "<a href=InsertApp.php> Insert Another Product </a>";
     echo 
    "<p></p>";
     echo 
    "<a href=SelectApp.php> Select Products </a>"; }

    ?>

    <?php
    function show_form() {

    echo 
    "<p></p>";
    echo 
    "<h2> Select the Product to Update</h2>";
    echo 
    "<p></p>";
    // Retrieve the products
    $products selectProducts();
    echo 
    "<h3> " "Number of Products in Database is: " .
    sizeof($products) . "</h3>";
    // Loop through table and display
    echo "<table border='1'>";
    foreach (
    $products as $data) {
    echo 
    "<tr>";
    // Provide Hyperlink for Selection
    // Could also use Form with Post method
    echo "<td> <a href=UpdateApp.php?ProductName=" $data->getProductName() .
    ">" "Update" "</a></td>";

    echo 
    "<td>" $data->getProductName() . "</td>";
    echo 
    "<td>" $data->getPrice() . "</td>";
    echo 
    "<td>" $data->getQty() . "</td>";
    echo 
    "</tr>";
    }
    echo 
    "</table>";
    // End Show form
    ?>


    <?php
    function getProduct ($productD) {
     
    // Connect to the database
     
    $mysqli connectdb();


     
    // Add Prepared Statement
    $Query "Select Price, StockQty, ProductName from
    Products where ProductName = ?"
    ;

    $stmt $mysqli->prepare($Query);
    // Bind and Execute
    $stmt->bind_param("s"$productD);
    $result $stmt->execute();
    $stmt->bind_result($productname,$price,$qty);
     
    /* fetch values */
     
    $stmt->fetch();
     
    $productData = new ProductClass($productname,$price,$qty);
    // Clean-up
    $stmt->close();
     
    $mysqli->close();
     return 
    $productData;
     }


    function 
    updateIt($productD) {
    $product getProduct($productD);
    // Extract data
    $productname $product->getProductName();
    $price $product->getPrice();
    $qty $product->getQty();
    // Show the data in the Form for update
    ?>

    <p></p>
    <form name="updateProduct" method="POST" action="UpdateApp.php">
    <table border="1" width="75%" cellpadding="0">
    <tr>
    <td width="157">Product Name:</td>

    <td><input type="text" name="ProductName" value='<?php
    echo $productname ?>' size="30"></td>
    </tr>
    <tr>
    <td width="157">Price:</td>
    <td><input type="text" name="Price" value='<?php
    echo $price ?>' size="30"></td>
    </tr>
    <tr>
    <td width="157">Stock Quantity:</td>
    <td><input type="text" name="StockQty" value='<?php
    echo $qty ?>' size="30"></td>
    </tr>
    <tr>
    <td width="157"><input type="submit" value="Update"
    name="UpdateMe"></td>
    <td>&nbsp;</td>
    </tr>
    </table>
    </form>

     <?php
     
    }
     function 
    selectProducts ()
     {
    // Connect to the database
     
    $mysqli connectdb();
    // Add Prepared Statement

    $Query "Select ProductName, Price, StockQty from
    Products"
    ;


    $result $mysqli->query($Query);
    $myProducts = array();
    if (
    $result->num_rows 0) {
     while(
    $row $result->fetch_assoc()) {
     
    // Assign values
     
    $productname $row["ProductName"];
     
    $price $row["Price"];
     
    $qty $row["StockQty"];

     
    // Create a Student instance
     
    $productData = new
    ProductClass($productname,$price,$qty);
     
    $myProducts[] = $productData;
     }
    }
    $mysqli->close();

    return 
    $myProducts;
    }

     function 
    getDbparms()
    {
    $trimmed file('parms/dbparms.txt'FILE_IGNORE_NEW_LINES |
    FILE_SKIP_EMPTY_LINES);
    $key = array();
    $vals = array();
    foreach(
    $trimmed as $line)
    {
     
    $pairs explode("=",$line);
     
    $key[] = $pairs[0];
     
    $vals[] = $pairs[1];
    }
    // Combine Key and values into an array
    $mypairs array_combine($key,$vals);
    // Assign values to ParametersClass
    $myDbparms = new
    DbparmsClass($mypairs['username'],$mypairs['password'],
     
    $mypairs['host'],$mypairs['db']);
    // Display the Paramters values
    return $myDbparms;
    }
     function 
    connectdb() {
    // Get the DBParameters
     
    $mydbparms getDbparms();

     
    // Try to connect
     
    $mysqli = new mysqli($mydbparms->getHost(), $mydbparms->getUsername(),

     
    $mydbparms->getPassword(),$mydbparms->getDb());
     if (
    $mysqli->connect_error) {
     die(
    'Connect Error (' $mysqli->connect_errno ') '
     
    $mysqli->connect_error);
     }
     return 
    $mysqli;
    }
    class 
    DBparmsClass
    {
     
    // property declaration
     
    private $username="";
     private 
    $password="";
     private 
    $host="";
     private 
    $db="";

     
    // Constructor
     
    public function __construct($myusername,$mypassword,$myhost,$mydb)
     {
     
    $this->username $myusername;

     
    $this->password $mypassword;
     
    $this->host $myhost;
    $this->db $mydb;
     }

     
    // Get methods
     
    public function getUsername ()
     {
     return 
    $this->username;
     }
     public function 
    getPassword ()
     {
     return 
    $this->password;
     }
     public function 
    getHost ()
     {
     return 
    $this->host;
     }
     public function 
    getDb ()
     {
     return 
    $this->db;
     }
     
    // Set methods
     
    public function setUsername ($myusername)
     {
     
    $this->username $myusername;
     }
     public function 
    setPassword ($mypassword)
     {
     
    $this->password $mypassword;
     }
     public function 
    setHost ($myhost)
     {
     
    $this->host $myhost;
     }
     public function 
    setDb ($mydb)
     {
     
    $this->db $mydb;
     }

    // End DBparms class


    // Class to construct Products with getters/setter

    class ProductClass
    {
     
    // property declaration
     
    private $productname="";
     private 
    $price="";
     private 
    $qty="";

     
    // Constructor
     
    public function __construct($productname,$price,$qty)
     {
     
    $this->productname $productname;
     
    $this->price $price;
     
    $this->qty $qty;

     }

     
    // Get methods
     
    public function getProductName ()

     {
     return 
    $this->productname;

     }

     public function 
    getPrice ()
     {

     return 
    $this->price;
     }

     public function 
    getQty ()
     {

     return 
    $this->qty;
     }


     
    // Set methods
     
    public function setProductName ($value)
     {

     
    $this->productname $value;
     }

     public function 
    setPrice ($value)
     {
     
    $this->price $value;
     }

     public function 
    setQty ($value)
     {
     
    $this->qty $value;
     }

    // End Productclass

    // Final Update
    function FinalUpdate($product) {
    // Assign values
     
    $productname $product->getProductName();
     
    $price $product->getPrice();
     
    $qty $product->getQty();

     
    // update
     // Connect to the database
     
    $mysqli connectdb();
    // Add Prepared Statement
    $Query "Update Products set ProductName = ?, Price = ?, StockQty = ?
     where ProductName = ?"
    ;
    $stmt $mysqli->prepare($Query);
    $stmt->bind_param("ssss"$price,
    $qty,$productname,$productname);
    $stmt->execute();
    //Clean-up
    $stmt->close();
     
    $mysqli->close();
    }

    ?>
    </body>
    </html>
    Last edited by requinix; February 25th, 2018 at 07:58 PM. Reason: use [php] tags when posting PHP code
  2. #2
  3. Impoverished Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,796
    Rep Power
    9646
    Always use quotes for HTML attributes. Always. Of either type.
    PHP Code:
    echo "<a href='InsertApp.php'> Insert Another Product </a>"
    Also, when you put values into HTML you need to use htmlspecialchars(). If the value is in a URL then urlencode() it first.
    If you use single quotes for the attributes then you need ENT_QUOTES for htmlspecialchars() so using double quotes is easier.
    PHP Code:
    echo "<td> <a href=\"UpdateApp.php?ProductName=" htmlspecialchars(urlencode($data->getProductName())) . "\"" 
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2018
    Posts
    4
    Rep Power
    0
    Thanks! Is this a tip or will this fix the problem I'm having?
  6. #4
  7. Impoverished Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,796
    Rep Power
    9646
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2018
    Posts
    4
    Rep Power
    0
    Yep that took care of it.
  10. #6
  11. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2018
    Posts
    4
    Rep Power
    0
    Thanks alot!

IMN logo majestic logo threadwatch logo seochat tools logo