[development] Id is not passing
Carl Wiedemann
carl.wiedemann at gmail.com
Tue Jan 11 17:37:05 UTC 2011
First, your update query is not safe from SQL injection. Please learn how to
use db_query properly
http://api.drupal.org/api/drupal/includes--database.pgsql.inc/function/db_query/6
Second, you have a typo -- should be '_doctor' not '_doctors' in your
_submit() function.
Default values are clearly explained here
http://api.drupal.org/api/drupal/developer--topics--forms_api_reference.html/6#default_value
Please *read the documentation* and try to solve your own PHP bugs before
posting to this list in the future.
On Mon, Jan 10, 2011 at 2:26 AM, mahesh gajabar <mahesh143an at gmail.com>wrote:
> Hi
> I have wrote a module for despalying my database table data into html
> format table. I have delete and edit button infront of every button. delete
> function is working fine. Code is as below
>
>
>
> *<?php*
>
> *function doctor_menu() {*
> * $items = array();*
> * *
> * $items['doctor'] = array(*
> * 'title' => t('Doctors'),*
> * 'page callback' => 'doctors_list',*
> * 'access arguments' => array('access doctor'),*
> * 'type' => MENU_NORMAL_ITEM,*
> * );*
> * *
> * $items['doctor/delete/%doctor_user'] = array(*
> * 'title' => t('Delete doctor'),*
> * 'page callback' => 'drupal_get_form',*
> * 'page arguments' => array('doctor_delete_confirm', 2),*
> * 'access arguments' => array('access doctor'),*
> * 'type' => MENU_CALLBACK,*
> * );*
> * *
> * $items['doctor/edit/form'] = array(*
> * 'title' => t('doctor'),*
> * 'page callback' => 'drupal_get_form',*
> * 'page arguments' => array('doctor_page',2),*
> * 'access arguments' => array('access doctor'),*
> * 'type' => MENU_NORMAL_ITEM,*
> * );*
>
> *$items['doctor/edit/%doctor_user'] = array(*
> * 'title' => t('Edit Form'),*
> * 'page callback' => 'drupal_get_form',*
> * 'page arguments' => array('doctor_edit_confirm', 2),*
> * 'access arguments' => array('access doctor'),*
> * 'type' => MENU_NORMAL_ITEM,*
> * );*
> * return $items;*
> *}*
>
> *function doctors_list() {*
> * $header = array(t('Doctor Name'), t('Gender'), t('Status'),
> t('Action'));*
> * *
> * $query = "SELECT * FROM {doctor}";*
> * $rs = db_query($query);*
> * *
> * $row = array();*
> * *
> * if ($rs) {*
> * while ($data = db_fetch_object($rs)) {*
> * $gender = $data->gender;*
> * $status = $data->status ;*
> * $row[] = array(stripslashes(ucwords($data->firstname)) . ' '
> . stripslashes(ucwords($data->lastname)), $gender, $status, *
> * "<a href='doctor/edit/{$data->doctorid}'>" . t('Edit') .
> "</a> | <a href='doctor/delete/{$data->doctorid}'>" . t('Delete') . "</a>");
> *
> * }*
> * }*
> * *
> * $str .= theme_table($header, $row);*
> * *
> * return $str;*
> *}*
> *function doctor_user_load($doctorid) {*
> * $query = "SELECT * FROM {doctor} WHERE doctorid = %d";*
> * $rs = db_query($query, $doctorid);*
> * *
> * if ($rs) {*
> * while ($data = db_fetch_object($rs)) {*
> * return $data;*
> * }*
> * }*
> * *
> * return FALSE;*
> *}*
>
>
> *function doctor_delete_confirm(&$form_state, $doctor) {*
> * $form['_doctor'] = array(*
> * '#type' => 'value',*
> * '#value' => $doctor,*
> * );*
> * *
> * return confirm_form($form,*
> * t('Are you sure you want to delete this doctor?'),*
> * isset($_GET['destination']) ? $_GET['destination'] : "doctor",*
> * t('This action cannot be undone.'),*
> * t('Delete'),*
> * t('Cancel'));*
> *}*
>
> *function doctor_delete_confirm_submit($form, &$form_state) {*
> * $form_values = $form_state['values'];*
> * *
> * if ($form_state['values']['confirm']) {*
> * $doctor = $form_state['values']['_doctor'];*
> * *
> * $query = "DELETE FROM {doctor}
> where doctorid=$doctor->doctorid";*
> * $rs = db_query($query);*
> * *
> * //doctor_delete($form_state['values'], $doctor->doctorid);
> *
> * *
> * drupal_set_message(t('Doctor has been deleted successfully.'));*
> * }*
> * *
> * drupal_goto("doctor");*
> *}*
>
> *function doctor_edit_confirm(&$form_state,$doctor){*
> * $form = array();*
> *$form['_doctor'] = array(*
> * '#type' => 'value',*
> * '#value' => $doctor,*
> * );*
> * $form['firstname']=array(*
> * '#title'=>t('First Name'),*
> * '#type'=>'textfield',*
> * //'#prefix'=>'<table
> class="formtable"><tr><td class="labeltext">First Name</td><td
> class="textbox">',*
> * '#suffix'=>'</td></tr>',*
> * );*
> *$form['lastname']=array(*
> * '#title'=>t('Last Name'),*
> * '#type'=>'textfield',*
> * '#default_value' => $lastname,*
> * );*
> *$form['gender']=array(*
> * '#title'=>t('Gender'),*
> * '#type'=>'radios',*
> * *
> * '#options' => array(t('male'),
> t('female')),*
> * '#default_value' => male,*
> * );*
> *$form['status']=array(*
> * '#title'=>t('Status'),*
> * '#type'=>'radios',*
> * '#default_value' => active,*
> * '#options' => array(t('active'),
> t('inactive')),*
> * *
> * );*
> * *
> *return confirm_form($form,t(''),*
> * isset($_GET['destination']) ? $_GET['destination'] : "doctor",*
> * t(''),*
> * t('Edit'),*
> * t('Cancel'));*
> *}*
>
> *function doctor_edit_confirm_submit($form, &$form_state)*
> *{*
> *if ($form_state['values']['confirm']) {*
> *$doctor = $form_state['values']['_doctors'];*
> * $firstname = $form_state['values']['firstname'];*
> * $lastname = $form_state['values']['lastname'];*
> * $gender1= $form_state['values']['gender'];*
> *$gender = $gender1 ? t('female') : t('male');*
> * $status1 = $form_state['values']['status'];*
> *$status = $status1 ? t('inactive') : t('active');*
>
>
> *$query = "UPDATE {doctor} SET firstname = '$firstname', lastname=
> '$lastname', gender = '$gender', status = '$status' WHERE
> doctorid=$doctor->doctorid";*
> * $rs = db_query($query); *
> * *
> * }*
> *drupal_goto("doctor");*
> *}*
>
>
> when i put hardcoded value infront of doctorid like doctorid=2 then its
> getting edited after i click on edit button but when i paasing it using
> varible and clicking edit button then its showing following error where
> firstname ->anitha,lastname->abc are the values i enetering in form while
> editing.
>
> *user warning: You have an error in your SQL syntax; check the manual that
> corresponds to your MySQL server version for the right syntax to use near ''
> at line 1 query: UPDATE doctor SET firstname = 'anitha', lastname= 'abc',
> gender = 'female', status = 'inactive' WHERE doctorid= in
> D:\FR-Server\Apache2\htdocs\fr\sites\all\Modules\doctor\doctor.module on
> line 157.*
>
> my html table on drupal screen
> Doctor NameGenderStatusAction Mahesh Gajabarmaleinactive Edit<http://localhost/fr/doctor/edit/1>|
> Delete <http://localhost/fr/doctor/delete/1> Anitha PatilfemaleactiveEdit<http://localhost/fr/doctor/edit/2>|
> Delete <http://localhost/fr/doctor/delete/2> Pavithra MfemaleactiveEdit<http://localhost/fr/doctor/edit/3>|
> Delete <http://localhost/fr/doctor/delete/3> Ravi MandayammaleactiveEdit<http://localhost/fr/doctor/edit/4>|
> Delete <http://localhost/fr/doctor/delete/4>
> edit form :
>
> First Name:
>
> Last Name:
>
> Gender:
>
> male
>
> female
>
> Status:
>
> active
>
> inactive
>
> Cancel <http://localhost/fr/doctor>
>
>
>
> Please help me how i can pass that doctorid and also help me for getting
> default values in form when i click edit button in table.
>
>
> *MAHESH GAJABAR
> Software Developer
> FrontalRain Technologies,Bengaluru*
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/development/attachments/20110111/0b60997e/attachment.html
More information about the development
mailing list