Edit Customer Records PHP Script

The scripts in the two link groups below are Customer Apps for Dealing with Product Keys and Email Addresses, and Administrator Apps for Dealing with Customer Records.

In our ecommerce world, products are sold by many different methods. Amongst these are getting out demos in various ways and when people try them, some of them are very pleased and they buy what's called a key. This unlocks the full feature set of the product when they enter it. There is a need to give the product users limited access to perform a few functions such as changing their emails, retrieving their keys from our database when they misplace them, etc. There is also a need for administrative functions to manage customer records. One needs to sort them, edit them, delete them, add them, view them, search them, register to be an administrator, login as administrator, etc.

If an ecommerce company does not have any of the applications below, it is forced to perform them the 20th century ways—by hand. This means paying for people to answer phones, write emails, keep paper files of customers, etc. The 21st century way is to let software perform these tasks, let websites and videos explain the product features, and let ecommerce close the sale and send the product.

Feel free to use these free Customer Records Management scripts in your business. Note: we know they work well for us (they are well tested), but we assume no liability for how they work in your situation. Similarly, we added lots of security measures such as extensive input filtering, but we make no claims and assume no liability for how securely they work in your situation.

The best security measure to take when using the administrative part of a system like this (meaning the Administrator Apps for Dealing with Customer Records in which category the script below resides, not the Customer Apps for Dealing with Product Keys and Email Addresses) is do not have any links ANYWHERE that link to the URLs of any of the admin files on the server, so neither hackers nor Google finds them. Then use the admin CMS yourself but do not even let your momma use it. Don't even save the link to the admin login as a Favorite, just to be secure. Just stick the login username and password in Roboform and make them impossible to guess. Then use Roboform to logon. The Customer Apps are included online and linked to as part of the product web pages that make life easier for everyone. Their security is mainly handled via extreme input filtering. The Admin Apps like the one below are hidden, unlinked to, and well protected with security measures, password hashes and salts, etc.

This script is called edit-customer-records.php

Customer Apps for Dealing with Product Keys and Email Addresses

Administrator Apps for Dealing with Customer Records

The script edit-customer-records.php processes both input data from edited records, and also session data, which it merely checks out to ensure that the administrator using the script started a session in the login script and defined the proper session variables. The PHP script below gives the administrator a chance to edit the records in the db table we're calling "product".

The script begins with checking that the session id is set, sending users to register-with-captcha-for-customer-records-management.php from checkid-in-customer-records-management.php if it is not, but not before unsetting session variables and destroying the session. The session variable $_SESSION['username'] must be set and 6 characters or more, and the session variables $_SESSION['sessionid'] and $_SESSION['userid'] must also be set or the administrator gets a message "Please login." and is sent to the login script login-to-customer-records-management.php which is where the session variables get loaded. The config.php file is included after the defined constant _NODIRECTACCESS gets defined. This gets checked on in the configuration file, and if it is not defined in that file, access to the file is denied. The config.php file uses the defined() function to check whether a given named constant exists. The various scripts that use config.php all use the define() function to define a named constant named '_NODIRECTACCESS' just prior to including config.php. This protects against anyone using the config.php file without first naming that constant with the define() function—a wise security precaution.

Now comes the JavaScript function validate(), which validates the data, even though the script will do PHP validation as well. Why both? For user convenience! Bad data gets a message and sending the cursor to the input box where the goof is, to await your fix. If all validating was PHP only, you'd have to restart the form if there were any goofs, which would elicit crocodile tears from your users—in this case, the administrators.

Then the JavaScript search() method is used in a lot of input validation functions which use regular expression searches that limit both the size of the input string and the characters it contains. Note that is input is bad, after the alert message to warn the user, the focus() method is used before the return false so the cursor goes to the element with the goof. Returning false halts the submitting.

We use both JavaScript and PHP validation to filter input from the user since the cardinal rule for user input is: NEVER TRUST IT. If you want to trust it, simply ensure that it will be safe for putting into your MySQL tables as well as displaying on your web pages. By far the best method here is to use the JavaScript for the users' (the administrator) benefit and the PHP for security. If JavaScript is turned off (in which case our scripts won't even work), the PHP validation scripts are your last line of defense to keep things safe. On the other hand, the JavaScript allows the user to get a user-friendly response to unacceptable or wrong input in fields. Rather than making the user restart the form when he goofs, good JavaScript validation scripts use the focus() method to put the cursor back on the field where the goof occured as well as alerting the user to his error. PHP-only validation forces form restart, which is maddening to users.

We use /^[A-Za-z0-9\-\_\@\.\,]{6,255}$/ types of regular expressions to force the data to conform to the needs of the data fields, with the first part showing the acceptable characters and the second part forcing the length—in this case—to be 6 to 255 characters. Note that for product keys, if no input happens, that is okay, since only one key needs data for sure, and the PHP validating will detect no data for either—which will not be accepted.

Next we have the PHP. The overall structure here is:

if (record edited) then {update MySQL table}
elseif (it was not edited but a record's id was selected) then {show record editing form}
else {show all records with id number as edit link}

The flags are answer, edited, id, answer2, edited2, and id2. The latter 3 are from the id link's query string. The former 3 are from the record editing form.

There are three URL query string flags in each link in each of the displayed record's id fields when the administrator first arrives at the Edit Customer Records application. The flags are named "answer2" which has a 1 as its value, "edited2" which has a 0 as its value, and "id2" which has that record's id number as its value. Since the info is sent to the script as a URL query string, we use the PHP GET superglobal to get the data once the link is clicked and the page reloads. Superglobal means you need no global statement to access it in functions and methods in your PHP script, like you do with other types of PHP variables. When the id link was just clicked, the GETed value of $A will end up being this 1, proving the id number was just sent. There is a hidden field named "answer" in the record editing form with a 2 as its value, and a hidden field named "edited" in the record editing form with a 1 as its value, so if this form gets submitted, the POSTed value of answer will be this 2, and the POSTed value of edited will be this 1, proving the record editing form was just sent and it's time to update the database.

The esoteric way we accomplish the POST/GET combo is to check if answer is set after getting its POSTed value into $A. If not, we GET answer2 into $A. Then we check if edited is set after getting its POSTed value into $edited. If not, we GET edited2 into $edited. Finally we check if id is set after getting its POSTed value into $id. If not, we GET id2 into $id. These flag values are what tell us if:

nothing has been sent, in which case we show all records so the administrator can click the id of the one to edit
the flags to SHOW the record editing form have been sent, since the id of the record to edit was just selected, so we show this form
the flags to update the MySQL table (which we're calling "product") have been sent, because the completed record editing form was just SENT (submitted) along with the record id

Next, 7 values get POSTed from the form that are the data entries. We trim these off to their allowable length. If you think 255 is a lot for email and product key fields and 99 is too much for a name field, remember that there can be more than one of these, separated by commas—which explains the commas in the white list part of the regular expression patterns. (Only the administrator can use the record editing and record adding apps and insert several email addresses or names or keys.) We use the PHP substr() function for the trimming of data to the proper length. We use the trim() function to trim whitespace before and after the entered name. We don't need it on the other data since spaces are disallowed both in the JavaScript validation and in the PHP filters except for name, since people must have allowed spaces in the name entries. The trim() function does not touch the internal ones—it just dumps the leading and trailing spaces which are obviously unwanted. We use the strlen() function to get the length of data and send the administrator back to the form if the length is too short. JavaScript validation scripts have already pushed the administrator to give long enough entries, so a restart means JavaScript was turned off.

The editing cannot be completed if neither product key field has data in it, since we do not allow keyless records.

After defining some regular expression patterns, we use the strip_tags() function to dump any tags. Next we use the preg_replace() function to filter the input using the regular expression patterns. Note that we stick an empty string into either product key data that is unset or has a length of 0. This is to avoid any chance of NULL values being stuck in the MySQL database table. Finally, we use the PHP function mysql_real_escape_string() to escape any iffy input data like quotes, etc.—even though no such thing is ever allowed through the filters. Best to be safe.

Now let us get all this well-filtered data into the db table with the UPDATE statement.

Then we use mysql_affected_rows() to see if our update worked. The mysql_affected_rows() function works on INSERT, UPDATE, REPLACE or DELETE, but not SELECT.

The reason you see:
}}}}}}}
}elseif($A=="1" && $id>0 && $edited=="0"){
is because of all those else conditionals in the input filtering. Later there is an
}else{. If our script gets as far as the later }else{, then the db was not edited, and no form has been submitted. So we want this next section to be run now since it is the record display section where id numbers are live links.

Notice that before the record editing form we first display the currently selected MySQL record's field values and their field names at the top of the screen, after sticking the values found from a SELECT * FROM product WHERE id='$id' statement in variables $a1 through $a7.

The edit-customer-records.php file is this file on this page—so the form action is to reload the page. We use the JavaScript validate() function as the onsubmit event. We keep the input lengths under the limit by use of the maxlength attribute. There's a link to the navigation page with the anchor text: Return to Customer Records Management.

Notice that in the record editing form we display the current record values (variables $a1 through $a7) in the actual input form itself so when the administrator edits the record, all data will stay the same except the field(s) he edits.

Note the JavaScript Object Notation (JSON) use. There is a hidden field in the formpw form named id. When the record editing form is submitted, it has this field value already loaded with the id that was selected (in the record display area with the live id links) because of the document.formpw.id.value = id in the short JavaScript script with the json_encode() function in it. Technically, sticking PHP numbers into JavaScript variables works within limits as long as you do not need to convert number arrays, but strings and string arrays both are very hard to convert between these languages without JSON, but simple to convert with JSON. It's a good habit to get into to use JSON (which is part of PHP 5.2) so all conversions—including arrays—work seamlessly. Note: often you don't need conversions, such as when you display PHP-based values (often from MySQL tables) in an HTML table, which we do in the script on this page. In this case we use PHP and simply echo the HTML form to the screen, inserting PHP variables as needed. But we could just as easily be using a plain old HTML table that's not echoed, and insert the values by creating tiny PHP blocks with these PHP values in them:
<table><tr><td><?php echo $a; ?></td></tr></table>

Finally, we come to the record display area with the live id links. For record editing you do not need to find records' id numbers first (you just click the live id link of the record to edit), but with record deleting you do need to determine the id of the record to delete. This record id number is found by first going to the search page (which is this page View Customer Records PHP Script with Ctrl F instructions) and locating the record you wish to delete by any of the methods below, after which you are ready for the Delete page. For editing or deleting purposes, you almost always know some data about the person but if you are hazy about this data you may find that the View or Edit pages will both work to peruse records since both apps list newest customers first. It's very convenient to be on the Edit page since clicking the id of a record gives you the editing screen for that record.

since records needing editing or deleting are usually fairly recent customers, they will be at or near the top of the page because the View and Edit pages both list records with highest—most recent—id numbers first, so a quick perusal works
you will likely know one of the customer's email addresses; use Ctrl F and search for that and use F3 to ascertain there are no other records with that email address
you will likely know the customer's last name; use Ctrl F and search for that and use F3 to ascertain there are no other records with that last name
you will likely know one of the customer's product key numbers; use Ctrl F and search for that and use F3 to ascertain there are no other records with that product key number
scroll through looking—not as much fun as Ctrl F!

You will want to tweak the table name "product" and the field names product4key and product5key and product6key to appropriate values for your particular situation, so search for the word product and replace it with your own name—unless you like the name "product". By the way, if the reason for the bounced and optout fields is not apparent, we'll enlighten: They are for the administrator only, to keep track of optout and bounced email responses. He enters 1 in those fields when he gets optout and bounced email responses. Then, in phpMyAdmin, he can use the Export feature and the CSV setting to get the table stuck into Excel where he can sort on those fields and do emailings only to users with 0 in those fields.

You might notice that we do browser sniffing to deal with display quirks. And we also have several JavaScript calculation functions that are part of the algorithm for dealing with fixed positioning. Much as we'd like to claim credit for it, in truth it's actually JDenny who is the CSS and JavaScript genius who came up with this brilliant CSS and JavaScript fixed positioning code and put it on the Web to help those of us that were stumped trying to figure out good fixed positioning codes. Thanks a million JDenny! This has to be the most ingenious DHTML using CSS and JavaScript we've ever seen! (Note: The b.gif URL should be left as is, but you do NOT need a b.gif file: it is a dummy name just to keep the code working.) The CSS for BODY, the mytable id, and the menu id in the CSS styling section are part of this algorithm for fixed positioning as well. The BODY tag's CSS that uses t.gif for the background is using a real file. Make it yourself: it's simply an invisible 1-pixel gif, and this goes a long way to prevent any shimmering of the fixed-position side menu. If you are feeling lazy type in http://www.css-resources.com/t.gif and do Save As from the browser's File menu, since right clicking is dumb—right click WHAT?

This script is called edit-customer-records.php

<?php
include_once"checkid-in-customer-records-management.php";
$U=$_SESSION['username'];
define('_NODIRECTACCESS', TRUE);
include_once"includes/config.php";
if (!isset($_SESSION['userid']) || !isset($_SESSION['username']) || $_SESSION['username']<>$U || !isset($U) || $U=="" || strlen($U)<6 || !isset($_SESSION['sessionid'])){echo '<script language="javascript">alert("Please login."); window.location = "login-to-customer-records-management.php";</script>';}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
<TITLE>Edit Customer Records</TITLE>
<meta name="description" content="Edit Customer Records">
<meta name="keywords" content="Edit Customer Records,Customer Records,edit record,change record,javascript, dhtml, DHTML">
<STYLE TYPE="text/css">
BODY {margin-left:0; margin-right:0; margin-top:0;text-align:left;background-image:url(t.gif);background-attachment:fixed;background-color:#ccc;}
p, li, td {font:13px Verdana; color:black;text-align:left}
h1 {font:bold 28px Verdana; color:black;text-align:center}
h2 {font:bold 24px Verdana;text-align:center}
h3 {font:bold 15px Verdana;}
#mytable {margin:26px 0 0 138px;width:1150px;padding:10px;border:2px solid blue;background: url('b.gif');background-attachment: fixed;background-position: expression((calculateBgX(this))+"px "+(calculateBgY(this))+"px");background-color:#eee;}
#table1 {width:100%;border:1px solid blue;text-align:center}
#menu {background-color:#eee;position:fixed;left:2px;width:106px;padding:5px;border:2px solid blue;position: expression("absolute");top: expression(eval(document.body.scrollTop)+60);}
.ie1 {width:213px;max-width:213px;min-width:213px;word-wrap:break-word;text-align:center}
.ie2 {width:100px;max-width:100px;min-width:100px;word-wrap:break-word;text-align:center}
.ie3 {width:165px;max-width:165px;min-width:165px;word-wrap:break-word;text-align:left}
</STYLE>
</head>

<script type="text/javascript">

function calculateBgX(oElement) {return document.body.scrollLeft - getOffsetLeft(oElement);}

function calculateBgY(oElement) {return document.body.scrollTop - getOffsetTop(oElement);}

function getOffsetTop(oElement) {var iResult= oElement.offsetTop;
while (oElement.offsetParent) {oElement = oElement.offsetParent;iResult += oElement.offsetTop;}
return iResult;}

function getOffsetLeft(oElement) {var iResult= oElement.offsetLeft;
while (oElement.offsetParent) {oElement = oElement.offsetParent;iResult += oElement.offsetLeft;}
return iResult;}

function fix(){if(Netscape||is_opera){e=document.getElementById("mytable");e.style.position="absolute";e.style.marginTop=0+"px";
e=document.getElementById("j");e.style.top=p+"px";}}

function validate(){

var ck_email = /^[A-Za-z0-9\-\_\@\.\,]{6,255}$/;
if (document.formpw.email.value.search(ck_email)==-1)
{alert("Please enter 6 to 255 letters, numbers, at signs, hyphens, periods, underscores, and commas for email.");document.formpw.email.focus();return false;}

var ck_name = /^[A-Za-z0-9 \-\,\_\.]{6,99}$/;
if (document.formpw.name.value.search(ck_name)==-1)
{alert("Please enter 6 to 99 letters, spaces, numbers, hyphens, periods, underscores, and commas for name.");document.formpw.name.focus();return false;}

var ck_versions = /^[4-6\,]{1,5}$/;
if (document.formpw.versions.value.search(ck_versions)==-1)
{alert("Please only enter 1 to 5 numbers or commas for versions.");document.formpw.versions.focus();return false;}

var ck_product6key = /^[0-9\,\-]{19,800}$/;var z=document.formpw.product6key.value.toString();
if (document.formpw.product6key.value.search(ck_product6key)==-1 && z.length>0)
{alert("Please only enter 19 to 800 numbers, hyphens, and commas for keys.");document.formpw.product6key.focus();return false;}

var ck_product5key = /^[0-9\,\-]{19,800}$/;var z=document.formpw.product5key.value.toString();
if (document.formpw.product5key.value.search(ck_product5key)==-1 && z.length>0)
{alert("Please only enter 19 to 800 numbers, hyphens, and commas for keys.");document.formpw.product5key.focus();return false;}

var ck_product4key = /^[0-9\,\-]{19,800}$/;var z=document.formpw.product4key.value.toString();
if (document.formpw.product4key.value.search(ck_product4key)==-1 && z.length>0)
{alert("Please only enter 19 to 800 numbers, hyphens, and commas for keys.");document.formpw.product4key.focus();return false;}

var ck_bounced = /^[0-1]{1,1}$/;
if (document.formpw.bounced.value.search(ck_bounced)==-1)
{alert("Please only enter 0 or 1 for bounced.");document.formpw.bounced.focus();return false;}

var ck_optout = /^[0-1]{1,1}$/;
if (document.formpw.optout.value.search(ck_optout)==-1)
{alert("Please only enter 0 or 1 for optout.");document.formpw.optout.focus();return false;}

return true;}

var id=0;

mactest=(navigator.userAgent.indexOf("Mac")!=-1) //My browser sniffers
is_chrome = navigator.userAgent.toLowerCase().indexOf('chrome') > -1
Netscape=(navigator.appName.indexOf("Netscape") != -1)
msafari=(navigator.userAgent.indexOf("Safari")!= -1)
wsafari=0; if(!mactest&&msafari){wsafari=1;msafari=0}
is_opera = 0; if(window.opera){is_opera=1}
is_ie_mac = 0; is_ie=0;if(document.all){is_ie=1}
if(is_ie&&mactest){is_ie_mac=1}

function fix(){if(Netscape||is_opera){e=document.getElementById("mytable");e.style.position="absolute";e.style.marginTop=0+"px";
e=document.getElementById("j");e.style.top=p+"px";}}
</script>
</head>
<body bgcolor="white" onload="fix()">

<?php

$A=$_POST['answer'];if(!isset($A)){$A=$_GET['answer2'];}
$edited=$_POST['edited'];if(!isset($edited)){$edited=$_GET['edited2'];}
$id=$_POST['id'];if(!isset($id)){$id=$_GET['id2'];}

if($A=="2" && $id>0 && $edited=="1"){

$E=$_POST['email'];
$N=$_POST['name'];
$N=trim($N);
$V=$_POST['versions'];
$E6=$_POST['product6key'];
$E5=$_POST['product5key'];
$E4=$_POST['product4key'];
$B=$_POST['bounced'];
$O=$_POST['optout'];

$E=substr($E,0,255);
$N=substr($N,0,99);
$V=substr($V,0,5);
$E6=substr($E6,0,800);
$E5=substr($E5,0,800);
$E4=substr($E4,0,800);
$B=substr($B,0,1);
$O=substr($O,0,1);

if (strlen($E)<6) {echo '<script language="javascript">alert("Please enter 6 to 255 characters for email."); window.location = "edit-customer-records.php";</script>';
}else{
if (strlen($N)<6) {echo '<script language="javascript">alert("Please enter 6 to 99 characters for name."); window.location = "edit-customer-records.php";</script>';
}else{
if (strlen($V)<1) {echo '<script language="javascript">alert("Please enter 1 to 5 characters for versions."); window.location = "edit-customer-records.php";</script>';
}else{
if (strlen($E6)<19 && strlen($E5)<19 && strlen($E4)<19) {echo '<script language="javascript">alert("Please enter 19 to 800 characters for product6key."); window.location = "add-customer-records.php";</script>';
}else{
if (strlen($E5)<19 && strlen($E6)<19 && strlen($E4)<19) {echo '<script language="javascript">alert("Please enter 19 to 800 characters for product5key."); window.location = "add-customer-records.php";</script>';
}else{
if (strlen($E4)<19 && strlen($E6)<19 && strlen($E5)<19) {echo '<script language="javascript">alert("Please enter 19 to 800 characters for product4key."); window.location = "add-customer-records.php";</script>';
}else{
if (strlen($B)<1) {echo '<script language="javascript">alert("Please enter 0 or 1 for bounced."); window.location = "edit-customer-records.php";</script>';
}else{
if (strlen($O)<1) {echo '<script language="javascript">alert("Please enter 0 or 1 for optout."); window.location = "edit-customer-records.php";</script>';
}else{
$pattern1 = '/[^A-Za-z0-9\\-\\_\\@\\.\\,]/i';
$pattern2 = '/[^4-6\\,]/i';
$pattern3 = '/[^A-Za-z0-9 \\-\\,\\_\\.]/i';
$pattern4 = '/[^0-9\\,\\-]/i';
$pattern5 = '/[^0-1]/';
$replacement = '';
$E=strip_tags($E);
$N=strip_tags($N);
$V=strip_tags($V);
$E6=strip_tags($E6);
$E5=strip_tags($E5);
$E4=strip_tags($E4);
$B=strip_tags($B);
$O=strip_tags($O);
$E=preg_replace($pattern1, $replacement, $E);
$N=preg_replace($pattern3, $replacement, $N);
$V=preg_replace($pattern2, $replacement, $V);
$E6=preg_replace($pattern4, $replacement, $E6);
if(!isset($E6)||strlen($E6)==0){$E6="";}
$E5=preg_replace($pattern4, $replacement, $E5);
if(!isset($E5)||strlen($E5)==0){$E5="";}
$E4=preg_replace($pattern4, $replacement, $E4);
if(!isset($E4)||strlen($E4)==0){$E4="";}
$B=preg_replace($pattern5, $replacement, $B);
$O=preg_replace($pattern5, $replacement, $O);
$E=mysql_real_escape_string($E);
$N=mysql_real_escape_string($N);
$V=mysql_real_escape_string($V);
$E6=mysql_real_escape_string($E6);
$E5=mysql_real_escape_string($E5);
$E4=mysql_real_escape_string($E4);
$B=mysql_real_escape_string($B);
$O=mysql_real_escape_string($O);
$sql="UPDATE product SET email='$E',name='$N',versions='$V',product6key='$E6',product5key='$E5',
product4key='$E4',bounced='$B',optout='$O' WHERE id = '$id'";
$result=mysql_query($sql) or die('Error ,editing failed');

$rc = mysql_affected_rows();

if ($rc>0){echo '<script language="javascript">var answer = confirm ("The record editing was successful. If you want to edit another record, click OK. If you want to return to the administrator menu, click Cancel.");if (answer){window.location = "edit-customer-records.php";}else{window.location = "customer-records-management.php";} </script>';}else{echo '<script language="javascript">alert("The record editing failed.");window.location = "edit-customer-records.php";</script>';}
mysql_close();
}}}}}}}}

}elseif($A=="1" && $id>0 && $edited=="0"){

echo "<center><h1>Edit Customer Records</h1></center>";

$sql=mysql_query("SELECT * FROM product WHERE id='$id'");
while($row = mysql_fetch_array($sql)){
$a1=$row['email'];$a2=$row['name'];$a3=$row['versions'];$a4=$row['product6key'];$a5=$row['product5key'];$a6=$row['product4key'];$a7=$row['bounced'];$a8=$row['optout'];}
echo "<div id='mytable'><center><table id='table1' border='1'><col width='35'><col width='213'><col width='100'><col width='50'><col width='165'><col width='165'><col width='165'><col width='57'><col width='47'><tr><th width='35' align='center'>id</th><th class='ie1'>email</th><th class='ie2'>name</th><th width='50' align='center'>ver.</th><th class='ie3'>product6key</th><th class='ie3'>product5key</th><th class='ie3'>product4key</th><th width='57' align='center'>bounced</th><th width='47' align='center'>optout</th></tr>";
echo "<tr><td>".$id."</td>";
echo "<td class='ie1'>".$a1."</td>";
echo "<td class='ie2'>".$a2."</td>";
echo "<td>".$a3."</td>";
echo "<td class='ie3'>".$a4."</td>";
echo "<td class='ie3'>".$a5."</td>";
echo "<td class='ie3'>".$a6."</td>";
echo "<td>".$a7."</td>";
echo "<td>".$a8."</td></tr></table><BR>";

echo "<form id='form2' name='formpw' method='post' action='edit-customer-records.php' onsubmit='return validate()'>
<table style='padding:10px;margin-left:20px;background-color:#eee' width='600' border='1' align='center' cellpadding='0' cellspacing='1'>
<tr><td><input type='hidden' name='id' value=''><input type='hidden' name='answer' value='2'><input type='hidden' name='edited' value='1'></td>
</tr>
<tr><td class='k'><label for='Email'><b>Email: </b></td><td><input type='text' name='email' size='99' maxlength='255' value='".$a1."'></label></td></tr>
<tr><td class='k'><label for='Name'><b>Name: </b></td><td><input type='text' name='name' size='99' maxlength='99' value='".$a2."'></label></td></tr>
<tr><td class='k'><label for='User Versions'><b>Versions: </b></td><td><input type='text' name='versions' size='5' maxlength='5' value='".$a3."'></label></td></tr>
<tr><td class='k'><label for='product6key'><b>product6key: </b></td><td><input type='text' name='product6key' size='99' maxlength='800' value='".$a4."'></label></td></tr>
<tr><td class='k'><label for='product5key'><b>product5key: </b></td><td><input type='text' name='product5key' size='99' maxlength='800' value='".$a5."'></label></td></tr>
<tr><td class='k'><label for='product4key'><b>product4key: </b></td><td><input type='text' name='product4key' size='99' maxlength='800' value='".$a6."'></label></td></tr>
<tr><td class='k'><label for='Bounced'><b>Bounced: </b></td><td><input type='text' name='bounced' size='1' maxlength='1' value='".$a7."'></label></td></tr>
<tr><td class='k'><label for='Optout'><b>Optout: </b></td><td><input type='text' name='optout' size='1' maxlength='1' value='".$a8."'></label></td></tr>
<tr>
<td align='center' colspan='2'><input type='submit' name='Submit2' value='Edit Record'></td>
</tr>
</table></form></center>

</div>";

mysql_close();
?>

<script language="javascript">
var id = <?php echo json_encode($id); ?>;
document.formpw.id.value = id;
</script>

<?php
}else{

echo "<center><h1>Edit Customer Records</h1></center>";
echo "<div id='mytable'><a name='form1'></a>";
echo "<table id='table1' border='1' width='820' style='table-layout:fixed'><col width='35'><col width='213'><col width='100'><col width='50'><col width='165'><col width='165'><col width='165'><col width='57'><col width='47'>";
echo "<tr><th width='35' align='center'>id</th><th class='ie1'>email</th><th class='ie2'>name</th><th width='50' align='center'>ver.</th><th class='ie3'>product6key</th><th class='ie3'>product5key</th><th class='ie3'>product4key</th><th width='57' align='center'>bounced</th><th width='47' align='center'>optout</th></tr>";
$sql=mysql_query("SELECT * FROM product ORDER BY id DESC");
while($row = mysql_fetch_array($sql)){

echo "<tr><td><a HREF='edit-customer-records.php?answer2=1&edited2=0&id2=".htmlentities(stripslashes($row['id']), ENT_QUOTES)."'>".htmlentities(stripslashes($row['id']), ENT_QUOTES)."</a></td>";

echo "<td class='ie1'>".htmlentities(stripslashes($row['email']), ENT_QUOTES)."</td>";
echo "<td class='ie2'>".htmlentities(stripslashes($row['name']), ENT_QUOTES)."</td>";
echo "<td>".htmlentities(stripslashes($row['versions']), ENT_QUOTES)."</td>";
echo "<td class='ie3'>".htmlentities(stripslashes($row['product6key']), ENT_QUOTES)."</td>";
echo "<td class='ie3'>".htmlentities(stripslashes($row['product5key']), ENT_QUOTES)."</td>";
echo "<td class='ie3'>".htmlentities(stripslashes($row['product4key']), ENT_QUOTES)."</td>";
echo "<td>".htmlentities(stripslashes($row['bounced']), ENT_QUOTES)."</td>";
echo "<td>".htmlentities(stripslashes($row['optout']), ENT_QUOTES)."</td></tr>";
}
echo "</table><center><BR></center></div>";
mysql_close();
}
?>

<div id='menu'>
<b><a HREF="customer-records-management.php">Return to Customer Records Management</a><BR><hr><span style='font-size:9;text-align:left'>Click id to edit record.</span></b><BR><span style='font-size:9;text-align:left'>
<b>Email:</b> If multiple email address, separate with commas, no spaces.<BR>
<b>Name:</b> First Last (one space between). If three names one space between each First Middle Last).
Do not enter Mr., Ms., Jr., Sr., Dr., III, or any pre-name or post-name identifiers. If additional names, separate with a comma, no spaces.<BR>
<b>Versions:</b> separate with comma, no spaces (e.g. 4,5).<BR>
<b>product6key:</b> If more than one key, separate with commas, no spaces.<BR>
<b>product5key:</b> If more than one key, separate with commas, no spaces.<BR>
<b>product4key:</b> If more than one key, separate with commas, no spaces.<BR>
<b>Bounced:</b> default is 0 (zero), if bounced, change to 1 (one).<BR>
<b>Optout:</b> default is 0 (zero), if bounced, change to 1 (one).</span>
</div>

</body>
</html>

Free Personal Status Boards (PSB™)

Edit Customer Records PHP Script