Momenteel heb ik een formulier waarmee ik gegevens inlaad om vervolgens ze weer aan te passen.
En dit werkt zonder problemen, alleen ik zou het validatie proces ook in het formulier willen laten zien. En tot nu toe heb ik geen idee hoe ik dat kan doen, want het proces gaat als volgt:
Gegevens worden opgehaald
Gegevens worden in het formulier weergegeven
Validatie wordt uitgevoerd
Nieuwe gegevens worden ingevoerd
Onderstaande code gebruik ik:
<?php
require('includes/config.inc.php');
$page_title = 'Overview of all medicines saved to the database';
include('includes/header.php');
// If no user_id session variable exists, redirect the user:
if (!isset($_SESSION['user_id'])) {
$url = BASE_URL . 'index.php'; // Define the URL.
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
}
// Need the database connection:
require(MYSQL);
// op basis van een id worden gegevens van de vorige pagina geselecteerd en hieronder in het form weergegeven
if (isset($_GET['id']) && !empty($_GET['id']) && is_numeric($_GET['id'])) {
// Define the query.
$query = "SELECT id, medicinename, genericname, expiredate, quantity, sellingprice, purchaseprice FROM medicines WHERE id='" . mysqli_real_escape_string($dbc, $_GET['id']) . "'";
if ($result = mysqli_query($dbc, $query)) { // Run the query.
$row = mysqli_fetch_array($result);// Retrieve the information.
?>
<form action="med_edit.php" method="post">
<h2>Medicine Edit Form</h2>
<table>
<input type="hidden" name="id" value="<?php echo htmlentities($row['id']);?>">
<tr>
<td><label for="medicinename"><b>Medicine Name:</b></label></td>
<td><input type="text" name="medicinename" id="medicinename" value="<?php echo htmlentities($row['medicinename']); ?>" /></td>
<td>error gedeelte</td>
</tr>
<tr>
<td><label for="genericname"><b>Generic Name:</b></label></td>
<td><input type="text" name="genericname" id="genericname" value="<?php echo htmlentities($row['genericname']); ?>" /></td>
<td>error gedeelte</td>
</tr>
<tr>
<td><label for="expiredate"><b>ExpireDate:</b></label></td>
<td><input type="text" name="expiredate" id="expiredate" value="<?php echo htmlentities($row['expiredate']); ?>" /></td>
<td>error gedeelte</td>
</tr>
<tr>
<td><label for="quantity"><b>Quantity:</b></label></td>
<td><input type="text" name="quantity" id="quantity" value="<?php echo htmlentities($row['quantity']); ?>" /></td>
<td>error gedeelte</td>
</tr>
<tr>
<td><label for="sellingprice"><b>SellingPrice:</b></label></td>
<td><input type="text" name="sellingprice" id="sellingprice" value="<?php echo htmlentities($row['sellingprice']); ?>" /></td>
<td>error gedeelte</td>
</tr>
<tr>
<td><label for="purchaseprice"><b>PurchasePrice:</b></label></td>
<td><input type="text" name="purchaseprice" id="purchaseprice" value="<?php echo htmlentities($row['purchaseprice']); ?>" /></td>
<td>error gedeelte</td>
</tr>
<tr>
<td></td>
<td colspan="2"><input type="submit" name="submit" value="Update Medicine" class="btn"></td>
</tr>
</table>
</form>
<?php
} else { // Couldn't get the information.
echo '<p style="color: red;">Could not retrieve the medicine ID</p>';
}
} elseif (isset($_POST['id']) && is_numeric($_POST['id'])) { // Handle the form.
// Validate and secure the form data:
$problem = FALSE;
if (!empty($_POST['medicinename']) && !empty($_POST['genericname']) && !empty($_POST['expiredate']) && !empty($_POST['quantity']) && !empty($_POST['sellingprice']) && !empty($_POST['purchaseprice'])) {
$medicinename = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['medicinename'])));
$genericname = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['genericname'])));
$expiredate = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['expiredate'])));
$quantity = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['quantity'])));
$sellingprice = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['sellingprice'])));
$purchaseprice = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['purchaseprice'])));
} else {
print '<p style="color: red;">Please fill in all fields</p>';
$problem = TRUE;
}
if (!$problem) {
// Define the query.
$query = "UPDATE medicines SET medicinename='$medicinename', genericname='$genericname', expiredate='$expiredate', quantity='$quantity', sellingprice='$sellingprice', purchaseprice='$purchaseprice' WHERE id={$_POST['id']}";
$r = mysqli_query($dbc, $query); // Execute the query.
// Report on the result:
if (mysqli_affected_rows($dbc) == 1) {
header ('Refresh:3; url=medicines.php');
echo '<p class="addmedtext">This medicine has been updated.</br><br>
Within 3 seconds you will redirected to Medicines page...
</p>';
include ('includes/footer.php'); // Include the HTML footer.
exit(); // Stop the page.
} else {
echo '<p style="color: red;">Could not update this medicine</p>';
}
} // No problem!
} else { // No ID set.
print '<p style="color: red;">This page has been accessed in error.</p>';
} // End of main IF.
mysqli_close($dbc); // Close the connection.
?>
<?php
include "includes/footer.php";
?>
