A
Anonymous
Guest
Can someone explain to me why my code requires that I have the register_global = On... I am told that I should write code that doesn't require them to be on... Can you look at an example of my code here and tell me what I am doing wrong?
Code:
Here's the code for the editdelete.php page.
<center>
<?php
if(!$metode)
{
?>
<form method="post" action="<?php $PHP_SELF ?>">
Search by
<select name="metode">
<option selected value="field1">field1</option>
<option value="field2">field2</option>
<option value="field3">field3</option>
<option value="field4">field4</option>
</select>
<input type="text" name="search" size="25">
<input type="submit" value="Begin Searching!!">
</form>
<?php
}else{
?>
<form method="post" action="<?php $PHP_SELF ?>">
Search by
<select name="metode">
<option selected value="field1">field1</option>
<option value="field2">field2</option>
<option value="field3">field3</option>
<option value="field4">field4</option>
</select>
<input type="text" name="search" size="25">
<input type="submit" value="Begin Searching!!">
</form>
<?
include_once "../../cgi-bin/includes/ez_sql.php";
$query = mysql_query("SELECT * FROM `table` WHERE $metode
LIKE '%$search%' LIMIT 0, 30 ");
while ($row = mysql_fetch_array($query))
{
$field1=$row["field1"];
$field2=$row["field2"];
$field3=$row["field3"];
$field4=$row["field4"];
$field5=$row["field5"];
print ("
<center>
<form method=POST action=\"edit.php\">
<table width=500 cellspacing=0 cellpadding=0 border=1>
<tr>
<td>
<table width=500 cellspacing=0 cellpadding=0 border=0>
<tr>
<td><b>Field1</b></td>
<td><input type=text name=field1 value=\"$field1\"></td>
</tr>
<tr>
<td><b>Field2</b></td>
<td><input type=text name=field2 value=\"$field2\"></td>
</tr>
<tr>
<td><b>Field3</b></td>
<td><input type=text name=field3 value=\"$field3\"></td>
</tr>
<tr>
<td><b>Field4</b></td>
<td><input type=text name=field4 value=\"$field4\"></td>
</tr>
<tr>
<td colspan=2>
<input type=hidden name=field5 value=\"$field5\"></td>
</tr>
<tr>
<td><div align=\"right\">
<input type=\"submit\" name=\"submit\" value=\"Edit\"></div>
</form>
</td>
<td>
<div align=\"left\">
<form method=POST action=\"delete.php\">
<input type=hidden name=field1 value=\"$field1\">
<input type=hidden name=field2 value=\"$field2\">
<input type=hidden name=field3 value=\"$field3\">
<input type=hidden name=field4 value=\"$field4\">
<input type=hidden name=field5 value=\"$field5\">
<input type=\"submit\" name=\"submit\" value=\"Delete\">
</form>
</div>
</td>
</tr>
</table>
</td>
</tr>
</table>
</center>
<br>
");
}
if(!$field5)
{
print "<center>No matches found.</center>";
}
?>
<?php
}
?>
</center>
Here's the code for the edit.php page.
<?php
include_once "../../cgi-bin/includes/ez_sql.php";
mysql_query("UPDATE `table` SET field1='$field1',
field2='$field2',field3='$field3'
,field4='$field4' WHERE field5='$field5'");
mysql_close();
if(!$field5)
{
print"<html>\n";
print"<head>\n";
print"</head>\n";
print"<body>\n";
print"<center>Edit was not successful.</center>\n";
print"</body>\n";
print"</html>\n";
}
else
{
print"<html>\n";
print"<meta http-equiv=\"refresh\" content=\"3;
url=editdelete.php\">\n";
print"<head>\n";
print"</head>\n";
print"<body>\n";
print"<center>Edit was successful.</center>\n";
print"</body>\n";
print"</html>\n";
}
?>
Here's the code for the delete.php page.
<?php
include_once "../../cgi-bin/includes/ez_sql.php";
mysql_query("DELETE FROM `table` WHERE field5='$field5'");
mysql_close();
if(!$field5)
{
print"<html>\n";
print"<head>\n";
print"</head>\n";
print"<body>\n";
print"<center>Delete was not successful.</center>\n";
print"</body>\n";
print"</html>\n";
}
else
{
print"<html>\n";
print"<meta http-equiv=\"refresh\" content=\"3;
url=editdelete.php\">\n";
print"<head>\n";
print"</head>\n";
print"<body>\n";
print"<center>Delete was successful.</center>\n";
print"</body>\n";
print"</html>\n";
}
?>