<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><blockquote type="cite"><div>../update.php?id=43&name=bob<br><br>and it will pull up bob's record and allow edit and save.<br><br>All well and good, but I wanted to create an on the fly link during the insert phase but of course at that point you don't know the ID until record created so decided to use<br>email and dob as unique items.<br><br></div></blockquote><div><br></div>My approach would be that if 'id' (or $_POST['id']) is not present, then you'd INSERT into the database, otherwise you'd do an update. So do a query first, and if it exists, do an update.</div><div><br></div><div>Alternatively, you could use <a href="http://dev.mysql.com/doc/refman/5.0/en/insert-on-duplicate.html">http://dev.mysql.com/doc/refman/5.0/en/insert-on-duplicate.html</a> ?</div><div><br></div><div><br><blockquote type="cite"><div>1) or can you get id during the insert/save as a emailable variable - that's probably the easiest cos then other scripts untouched.?<br><br></div></blockquote><div><br></div><div>I don't understand what you mean as 'emailable variable'.</div><div><br></div><div><br></div><div>Assuming 'id' is an auto_increment field, then you can get hold of it after you've done the insert. If you're using the mysql_ api, your code could look like :</div><div><br></div><div>$success = mysql_query("INSERT INTO my_best_table (field, gate, hedge) VALUES ('big', 'one', 'prickly');</div><div>if($success) { </div><div> $id = mysql_insert_id();</div><div> echo "Just added a new record Mum - it was $id !!";</div><div>}</div><br><blockquote type="cite"><div>2) what i have been mostly attempting to do is create a hyperlink containing email address and dob during insert phase eg<br>../update.php?email=xxx&dob=yyyy so changed id to email , update.php receives this post data, opens the right record , got it set to display the correct ID.<br></div></blockquote><div><br></div><div><br></div>OK. You ought to look at having a unique constraint within the database based on email & dob in this case.</div><div><br></div><div>Presumably you now have a query like "SELECT * FROM student WHERE email = '<a href="mailto:blah@blah.com">blah@blah.com</a>' AND dob = 'bl/ah/yyyy'" ?</div><div><br></div><div><br></div><div><blockquote type="cite"><div>so id is set as $id - so update.php is populated with all the info needed as when using id and dob to populate.<br><br></div></blockquote><div><br></div>OK.</div><div><br><blockquote type="cite"><div>Can I get the bugger to save the record to that ID can I hell?<br>The ID seems to be present as it appears in update.php, do I need to do anything special to get it posted to record.php?<br><br>the bits that seem to matter:<br><br>update.php<br>echo "<form method=\"POST\" action=\"updaterecordtest.php\">";<br>echo " <tr>";<br>echo " <td width=\"35%\">Diver ID</td>";<br>echo " <td width=\"65%\"><input type=\"text\" name=\"id\" size=\"35\" value=\"".$row["id"]."\"></td>";<br><br>(shows correct ID)<br><br> record.php are:<br></div></blockquote><div><br></div><div>updaterecordtest.php != record.php.</div><div><br></div>Put a 'var_dump($_POST);' followed by a 'die("grr")' or equivalent within the top of post.php and try submitting the form. </div><div><br></div><div>This is a simple way to tell if the data is arriving as you expect in post.php.</div><div><br><blockquote type="cite"><div>$id = $_POST["id"];<br><br></div></blockquote><div><br></div>You should really start casting your variables to make sure they are actually numbers when they should be.</div><div><br></div><div>Also, you need to look into using mysql_real_escape_string - else you'll find someone with an email address of <a href="mailto:blah.o'reilly@blah.com">blah.o'reilly@blah.com</a> breaks your stuff; let alone the fact that your code is vulnerable to SQL injection.</div><div>When echo'ing stuff out you should make sure you sanitise it with e.g. htmlentities() to avoid Cross Site Scripting issues. (See <a href="http://php.net/htmlentities">http://php.net/htmlentities</a>)</div><div><br></div><div><br><blockquote type="cite"><div>and<br> if (isset($id))<br> {<br> $query = "UPDATE phonelist SET<br> coname = '$coname',<br> address1 = '$address1' ,<br> etc<br><br> WHERE<br> id = '$id'<br> ";<br><br>etc<br><br>(nothing recorded)<br></div></blockquote></div><br><div><br></div><div>Hopefully the above is of some limited use?</div><div><br></div><div>thanks</div><div>David.</div><div><br></div></body></html>