I am trying to create a system where a user can enter some text and another user can edit that input and another can edit the input that the second user has entered. This is the code that I have so far; it only works as a reply system to a post at the moment:
<?php
include 'includes/connection.php';
$query = "SELECT * FROM branches";
$result1 = mysql_query($query) or die(mysql_error());
while($person = mysql_fetch_array($result1)) { //As long as there is data, output the data
$id = $person['ID'];
$query2 = "SELECT * FROM branchesedit WHERE (parent_id = '$id' )";
$result2 = mysql_query($query2) or die(mysql_error());
echo "<h3>" . $person['Names'] . "</h3>";
echo "<p>" . $person['Lyrics'] . "</p>";
echo "<a href=\"modify.php?id=" . $person['ID'] . "\">Modify Song</a>";
echo "<span> </span>";
echo "<a href=\"delete.php?id=" . $person['ID'] . "\">Delete Song</a>";
while($row2 = mysql_fetch_array($result2)){
echo "<h3>" . $row2['Name'] . "</h3>";
echo "<p>" . $row2['LyricUpdate'] . "</p>";
}
}
?>
modify.php
<?php
if(isset($_POST['submit'])) {
$query = "SELECT ID FROM branches WHERE ID = $_GET[id]";
mysql_query("INSERT into branchesedit(`IDs`, `Name`, `LyricUpdate`, `parent_id`)
VALUES ('','$_POST[inputName]', '$_POST[ta]', '$_POST[id]')") or die(mysql_error());
echo "Song has been modified";
header("Location: index.php");
}
?>
isset() function on your modify.php where in your first given code (guessing your index.php) does not have a submit button. Only has a link that will redirect users to modify.php.mysqli_* prepared statement rather than the deprecated mysql_* functions to prevent SQL injections.Your modify.php in prepared statement:
<?php
/* INCLUDE HERE YOUR CONNECTION */
if(!empty($_GET['id'])) {
if($stmt = $con->prepare("SELECT IDs, Name, LyricUpdate FROM branchesedit WHERE parent_id = ? ORDER BY IDs DESC")){
$stmt->bind_param("i",$_GET["id"]);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($id,$name,$lyricupdate);
$stmt->fetch();
?>
<h1>Modified by: <?php echo $name; ?></h1>
<form action="modify.php" method="POST">
<input type="hidden" name="id" value="<?php echo $_GET["id"]; ?>">
<input type="text" name="inputName" value="<?php echo $name; ?>"><br>
<textarea name="ta"><?php echo $lyricupdate; ?>"></textarea><br>
<input type="submit" name="submit">
</form>
<?php
$stmt->close();
} /* END OF PREPARED STATEMENT */
} /* END OF NOT EMPTY ID */
if(isset($_POST["submit"])){
if($stmt = $con->prepare("INSERT into branchesedit (`Name`, `LyricUpdate`, `parent_id`)
VALUES (?,?,?)")){
$stmt->bind_param("ssi",$_POST["inputName"],$_POST["ta"],$_POST["id"]);
$stmt->execute();
$stmt->close();
} /* END OF INSERT PREPARED STATEMENT */
echo "Song has been modified";
header("LOCATION: index.php");
} /* END OF ISSET SUBMIT */
?>
Summary:
Modify Song link, user will be redirected to modify.php and then runs a query that will select the latest edit from your table branchesedit based from the ID being passed from the link.Example of your connection to be included in your queries (connection.php):
$con = new mysqli("Yourhost", "Yourusername", "Yourpassword", "Yourdatabase");
/* CHECK CONNECTION */
if (mysqli_connect_errno()) {
printf("Connect failed: %s
", mysqli_connect_error());
exit();
}