Incorporating Two Buttons for PHP Form. Submit succeed but Update button prompt error

Question

I have two buttons that served my PHP form which is the Update and the Submit button. Right now, the problem is on the Update Button. Sorry for asking something that might feels like a silly question but I have problem with making my update button worked. When I clicked on the update button it will return error like this

Notice: Undefined index: id in C:\xampp\htdocs\dataentry\user\edit_draft.php on line 241

Line 241 is

$sql ="SELECT *FROM iir_incidentmain_draft WHERE incident_id='$_GET[id]'";

I didn't know what is wrong since the code I made is actually the same as the submit report but not working for updating. Below is the three related pages of my codes.

draft.php

<div class="col-md-9 bg-white padding-2">

  <h3>Reports in Draft</h3>
  <div class="row margin-top-20">
    <div class="col-md-12">
      <div class="box-body table-responsive no-padding">
        <table id="example" class="table table-striped table-bordered" style="width:100%">
          <thead>
            <th>Incident Date</th>
            <th>OPU Region Or Country</th>
            <th>Incident Title</th>
            <th>Incident Category</th>
            <th>Status</th>
            <th>Draft IIR</th>
            <th>Edit</th>
          </thead>
          <tbody>
<?php
    $sql = "SELECT * FROM iir_incidentmain_draft WHERE username='" . $_SESSION['user']['username'] . "'";

    $result = $conn->query($sql);

    //If Job Post exists then display details of post
    if($result->num_rows > 0) {
        while($row = $result->fetch_assoc()) {
?>
              <tr>
                <td>
                  <?php echo date("y-m-d", strtotime($row['incident_date'])); ?>
                </td>
                <td>
                  <?php echo $row['opus']; ?>
                </td>
                <td>
                  <?php echo $row['incident_title']; ?>
                </td>
                <td>
                  <?php echo $row['incident_category']; ?>
                </td>
                <td>
                  <?php echo $row['status']; ?>
                </td>
                <td><a href="iir_draft.php?id=<?php echo $row['incident_id']; ?>">&nbsp; &nbsp; <i class="fa fa-files-o"></i></a></td>
                <td><a href="edit_draft.php?id=<?php echo $row['incident_id']; ?>">&nbsp; &nbsp; <i class="fa fa-edit"></i></a></td>
<?php
        }
    }
?>
          </tbody>
        </table>
      </div>
    </div>
  </div>

</div>

and this one the edit_draft.php (long form containing two buttons. I already shortened it)

<form action="submit.php" method="POST">
<?php
    $sql ="SELECT *FROM iir_incidentmain_draft WHERE incident_id='$_GET[id]'";
    $result = $conn->query($sql);
    if($result->num_rows > 0) {
        while($row = $result->fetch_assoc()) { 
?>

    <div class="col-md-12">
      <div class="form-group row">
        <label for="incident_title" class="col-md-2 col-form-label">Incident Title : <font color="red">*</font></label>
        <div class="col-md-10">
          <input type="text" id="incident_title" name="incident_title" class="form-control" value="<?php echo $row1['incident_title']; ?>">
        </div>
      </div>


      <div class="form-group row">
        <label for="incident_description" class="col-md-2 col-form-label">Incident Description : <font color="red">*</font></label>
        <div class="col-md-10">
          <textarea rows="4" cols="50" id="incident_description" name="incident_description" class="form-control" placeholder="(What, When, Where, Why, How?) (Explain in full including dates, location, cause and action)"><?php echo $row1['incident_description']; ?></textarea>
        </div>
      </div>

      <div class="form-group row">
        <label for="incident_description" class="col-md-2 col-form-label">Witness : </label>
        <div class="col-md-10">
          <textarea rows="2" cols="50" id="witness" name="witness" class="form-control"><?php echo $row1['witness']; ?></textarea>
        </div>
      </div>

      <--some more details->

        <div align="right" class="bottom">
          <button type="update" class="btn btn-dark" id="update" formaction="update_draft.php">Update Draft</button>
          <button type="submit" class="btn btn-dark">Submit Report</button>
        </div>
<?php
        }
    }
?>
</form>

and here the update_draft.php

<?php
session_start();

if (empty($_SESSION['user'])) {
    header ("Location:../index.php");
    exit();
}

require_once("db.php");

if (isset($_GET['idpost']) && is_numeric($_GET['idpost'])) {

    $incident_id = $_POST['idpost'];
    $username= $_SESSION['user']['username'];
    $incident_title = mysqli_real_escape_string($conn, $_POST['incident_title']);
    $incident_description = mysqli_real_escape_string($conn, $_POST['incident_description']);
    $witness = mysqli_real_escape_string($conn, $_POST['witness']);
    $incident_date = mysqli_real_escape_string($conn, $_POST['incident_date']);
    $incident_year =  mysqli_real_escape_string($conn, $_POST['incident_year']);
    $incident_month = mysqli_real_escape_string($conn, $_POST['incident_month']);
    $monsoon = mysqli_real_escape_string($conn, $_POST['monsoon']);
    $holiday = mysqli_real_escape_string($conn, $_POST['holiday']);
    $incident_time = mysqli_real_escape_string($conn, $_POST['incident_time']);
    $time_hourly = mysqli_real_escape_string($conn, $_POST['time_hourly']);
    $time_category = mysqli_real_escape_string($conn, $_POST['time_category']);
    $incident_location = mysqli_real_escape_string($conn, $_POST['incident_location']);
    $latitude = mysqli_real_escape_string($conn, $_POST['latitude']);
    $longitude = mysqli_real_escape_string($conn, $_POST['longitude']);
    $incident_worksite = mysqli_real_escape_string($conn, $_POST['incident_worksite']);
    $country = mysqli_real_escape_string($conn, $_POST['country']);
    $state = mysqli_real_escape_string($conn, $_POST['state']);  
    $onshoreoffshore = mysqli_real_escape_string($conn, $_POST['onshoreoffshore']);
    $vessel = mysqli_real_escape_string($conn, $_POST['vessel']);
    $incident_type = mysqli_real_escape_string($conn, $_POST['incident_type']);
    $incident_category = mysqli_real_escape_string($conn, $_POST['incident_category']);
    $accident_type = mysqli_real_escape_string($conn, $_POST['accident_type']);
    $day_lost_time = mysqli_real_escape_string($conn, $_POST['daylosttime']);
    $estimated_cost = mysqli_real_escape_string($conn, $_POST['estimatedcost']);
    $actual_cost = mysqli_real_escape_string($conn, $_POST['actualcost']);
    $spill_voll = mysqli_real_escape_string($conn, $_POST['spillvolume']);
    $production_loss = mysqli_real_escape_string($conn, $_POST['productionloss']);
    if($_POST['productionunit']=="OTHER") {
        $production_unit = mysqli_real_escape_string($conn, $_POST['productionunit2a']);
    } else {
        $production_unit = mysqli_real_escape_string($conn, $_POST['productionunit']);
    }
    $downtime = mysqli_real_escape_string($conn, $_POST['downtime']);
    $impact_to = mysqli_real_escape_string($conn, $_POST['impactto']);
    $sector = mysqli_real_escape_string($conn, $_POST['sector']);
    $department = mysqli_real_escape_string($conn, $_POST['department']);
    $business_group = mysqli_real_escape_string($conn, $_POST['business_group']);  
    $business_section = mysqli_real_escape_string($conn, $_POST['business_section']);
    $opus = mysqli_real_escape_string($conn, $_POST['opus']);  
    $domestic_international = mysqli_real_escape_string($conn, $_POST['project_name']);
    $project_name = mysqli_real_escape_string($conn, $_POST['project_name']);
    $project_phase = mysqli_real_escape_string($conn, $_POST['project_phase']);
    $project_start_date = mysqli_real_escape_string($conn, $_POST['project_start_date']);
    $project_end_date= mysqli_real_escape_string($conn, $_POST['project_end_date']);
    $project_type = mysqli_real_escape_string($conn, $_POST['project_type']);

    if($_POST['contractor']=="ifothers") {
        $contractor = mysqli_real_escape_string($conn, $_POST['contractor2']);
    } else {
        $contractor = mysqli_real_escape_string($conn, $_POST['contractor']);
    }

    $sub_contractor = mysqli_real_escape_string($conn, $_POST['sub_contractor']);
    $name = mysqli_real_escape_string($conn, $_POST['injuriousname']);
    $staff_no = mysqli_real_escape_string($conn, $_POST['staff_no']);
    $staff_department = mysqli_real_escape_string ($conn, $_POST['staff_department']);
    $nationality = mysqli_real_escape_string($conn, $_POST['nationality']);
    $age_number = mysqli_real_escape_string($conn, $_POST['age']);
    $age_range = mysqli_real_escape_string($conn, $_POST['agerange']);
    $gender = mysqli_real_escape_string($conn, $_POST['gender']);
    $work_trade = mysqli_real_escape_string($conn, $_POST['worktrades']);
    $years_of_experience = mysqli_real_escape_string($conn, $_POST['yearsexp']);
    $imm_supervisor_name = mysqli_real_escape_string($conn, $_POST['supervisor']);
    $desc_of_injury = mysqli_real_escape_string($conn, $_POST['injuries_description']);
    $body_part = mysqli_real_escape_string($conn, $_POST['bodypart']);
    $body_part_group = mysqli_real_escape_string($conn, $_POST['bodypartgroup']);
    $hours_in_shift = mysqli_real_escape_string($conn, $_POST['hoursinshift']);
    $days_in_tour = mysqli_real_escape_string($conn, $_POST['daysintour']);
    $hse_risk = mysqli_real_escape_string($conn, $_POST['hserisks']);
    $critical_activity = mysqli_real_escape_string($conn, $_POST['critical_activity']);
    $sub_critical = mysqli_real_escape_string($conn, $_POST['sub_activity']);
    $hazard = mysqli_real_escape_string($conn, $_POST['hazard']);
    $hazard_number = mysqli_real_escape_string($conn, $_POST['hazardnumber']);
    $sub_hazard = mysqli_real_escape_string($conn, $_POST['subhazard']);
    $sub_hazard_no = mysqli_real_escape_string($conn, $_POST['subhazardnumber']);
    $failed_missing_barrier = mysqli_real_escape_string($conn, $_POST['barrier']);
    $ic_description1 = mysqli_real_escape_string($conn, $_POST['ic_description1']);
    $precondition1 = mysqli_real_escape_string($conn, $_POST['precondition1']);
    $uauc1 = mysqli_real_escape_string($conn, $_POST['uauc1']);
    $root_cause_latern_failure1 = mysqli_real_escape_string($conn, $_POST['ic_description1']);
    $brf1 = mysqli_real_escape_string($conn, $_POST['riskfactor1']);
    $ic_description2 = mysqli_real_escape_string($conn, $_POST['ic_description2']);
    $precondition2 = mysqli_real_escape_string($conn, $_POST['precondition2']);
    $uauc2 = mysqli_real_escape_string($conn, $_POST['uauc2']);
    $root_cause_latern_failure2 = mysqli_real_escape_string($conn, $_POST['ic_description2']);
    $brf2 = mysqli_real_escape_string($conn, $_POST['riskfactor2']);
    $ic_description3 = mysqli_real_escape_string($conn, $_POST['ic_description3']);
    $precondition3 = mysqli_real_escape_string($conn, $_POST['precondition3']);
    $uauc3 = mysqli_real_escape_string($conn, $_POST['uauc3']);
    $root_cause_latern_failure3 = mysqli_real_escape_string($conn, $_POST['ic_description3']);
    $brf3 = mysqli_real_escape_string($conn, $_POST['riskfactor3']);
    $ic_description4 = mysqli_real_escape_string($conn, $_POST['ic_description4']);
    $precondition4 = mysqli_real_escape_string($conn, $_POST['precondition4']);
    $uauc4 = mysqli_real_escape_string($conn, $_POST['uauc4']);
    $root_cause_latern_failure4 = mysqli_real_escape_string($conn, $_POST['ic_description4']);
    $brf4 = mysqli_real_escape_string($conn, $_POST['riskfactor4']);
    $immediateaction = mysqli_real_escape_string($conn, $_POST['immediateaction']);
    $person_responsible = mysqli_real_escape_string($conn, $_POST['person_responsible']);
    $completion_date = mysqli_real_escape_string($conn, $_POST['completion_date']);
    $permanentaction = mysqli_real_escape_string($conn, $_POST['permanentaction']);
    $person_responsible1 = mysqli_real_escape_string($conn, $_POST['person_responsible1']);
    $completion_date1 = mysqli_real_escape_string($conn, $_POST['completion_date1']);
    $managementaction = mysqli_real_escape_string($conn, $_POST['managementaction']);
    $person_responsible2 = mysqli_real_escape_string($conn, $_POST['person_responsible2']);
    $completion_date2 = mysqli_real_escape_string($conn, $_POST['completion_date2']);
    $ratingperson = mysqli_real_escape_string($conn, $_POST['ratingperson']);
    $ratingenvironment = mysqli_real_escape_string($conn, $_POST['ratingenvironment']);
    $ratingasset = mysqli_real_escape_string($conn, $_POST['ratingasset']);
    $ratingreputation = mysqli_real_escape_string($conn, $_POST['ratingreputation']);
    $ratingsecurity = mysqli_real_escape_string($conn, $_POST['ratingsecurity']);
    $report_status = mysqli_real_escape_string($conn, $_POST['report_status']);

    $file = count($_FILES['file']['name']);

    for( $i=0 ; $i < $file ; $i++ ){
        $tmpFilePath = $_FILES['file']['tmp_name'][$i];

        if ($tmpFilePath != ""){
            $newFilePath = "../uploads/attachment/report" . $_FILES['file']['name'][$i];

            //Upload the file into the temp dir
            if(move_uploaded_file($tmpFilePath, $newFilePath)) {
                echo "Uploads success";
            }   else {
                echo "Failed to upload";
                //header ("Location: newentry.php");
                exit();
            } 
        }
    }

    $sql = "UPDATE iir_incidentmain_draft 
            SET incident_title = '".$incident_title."', 
                incident_description = '".$incident_description."', 
                witness = '".$witness."', 
                incident_date = '".$incident_date."', 
                incident_year ='".$incident_year."', 
                incident_month = '".$incident_month."', 
                monsoon ='".$monsoon."', 
                holiday = '".$holiday."', 
                incident_time = '".$incident_time."', 
                time_hourly = '".$time_hourly."', 
                time_category = '".$time_category."', 
                incident_location = '".$incident_location."', 
                latitude = '".$latitude."', 
                longitude = '".$longitude."', 
                incident_worksite = '".$incident_worksite."', 
                country = '".$country."', 
                state = '".$state."', 
                onshoreoffshore = '".$onshoreoffshore."', 
                vessel = '".$vessel."', 
                incident_type = '".$incident_type."', 
                incident_category = '".$incident_category."', 
                accident_type = '".$accident_type."', 
                day_lost_time = '".$day_lost_time."', 
                estimated_cost'".$estimated_cost."', 
                actual_cost='".$actual_cost."', 
                spill_voll='".$spill_voll."', 
                production_loss='".$production_loss."', 
                production_unit='".$production_unit."', 
                downtime='".$downtime."', 
                impact_to='".$impact_to."', 
                sector='".$sector."', 
                department='".$department."', 
                business_group='".$business_group."', 
                business_section='".$business_section."', 
                opus='".$opus."', 
                domestic_international = '".$domestic_international."', 
                project_name = '".$project_name."', 
                project_phase = '".$project_phase."', 
                project_start_date = '".$project_start_date."', 
                project_end_date = '".$project_end_date."', 
                project_type = '".$project_type."', 
                contractor = '".$contractor."', 
                sub_contractor = '".$sub_contractor."', 
                name = '".$name."', 
                staff_no = '".$staff_no."', 
                staff_department = '".$staff_department."', 
                nationality = '".$nationality."', 
                age_number = '".$age_number."', 
                age_range = '".$age_range."', 
                gender = '".$gender."', 
                work_trade = '".$work_trade."', 
                years_of_experience = '".$years_of_experience."', 
                imm_supervisor_name = '".$imm_supervisor_name."', 
                desc_of_injury = '".$desc_of_injury."', 
                body_part = '".$body_part."', 
                body_part_group = '".$body_part_group."', 
                hours_in_shift = '".$hours_in_shift."', 
                days_in_tour = '".$days_in_tour."', 
                hse_risk = '".$hse_risk."', 
                critical_activity = '".$critical_activity."', 
                sub_critical = '".$sub_critical."', 
                hazard = '".$hazard."', 
                hazard_number = '".$hazard_number."', 
                sub_hazard = '".$sub_hazard."', 
                sub_hazard_no = '".$sub_hazard_no."', 
                failed_missing_barrier = '".$failed_missing_barrier."', 
                ic_description1 = '".$ic_description1."',
                precondition1 = '".$precondition1."', 
                uauc1='".$uauc1."', root_cause_latern_failure1 = '".$root_cause_latern_failure1."', 
                brf1 = '".$brf1."', 
                ic_description2 = '".$ic_description2."', 
                precondition2 = '".$precondition2."', 
                uauc2 = '".$uauc2."', 
                root_cause_latern_failure2 = '".$root_cause_latern_failure2."', 
                brf2 = '".$brf2."', 
                ic_description3 = '".$ic_description3."',  
                precondition3 = '".$precondition3."', 
                uauc3 = '".$uauc3."', 
                root_cause_latern_failure3 = '".$root_cause_latern_failure3."', 
                brf3 = '".$brf3."', 
                ic_description4 = '".$ic_description4."', 
                precondition4 = '".$precondition4."', 
                uauc4 = '".$uauc4."', 
                root_cause_latern_failure4 = '".$root_cause_latern_failure4."', 
                brf4 = '".$brf4."', 
                immediateaction = '".$immediateaction."', 
                person_responsible = '".$person_responsible."', 
                completion_date = '".$completion_date."', 
                permanentaction = '".$permanentaction."', 
                person_responsible1 ='".$person_responsible1."', 
                completion_date1 = '".$completion_date1."', 
                managementaction = '".$managementaction."', 
                person_responsible2 = '".$person_responsible2."', 
                completion_date2 = '".$completion_date2."', 
                ratingperson = '".$ratingperson."', 
                ratingenvironment = '".$ratingenvironment."', 
                ratingasset = '".$ratingasset."', 
                ratingreputation = '".$ratingreputation."', 
                ratingsecurity = '".$ratingsecurity."', 
                report_status = '".$report_status."', 
                file = '".$file."' 
        WHERE incident_id = '".$id."'"; 

    $result = mysqli_query($conn, $sql) or die (mysqli_error($conn)); 

    if(!$result)    { 
        die('Could not update data: '.  mysqli_error()); 
        header("Location: edit_draft.php");
        exit();
    } else { 
        $_SESSION['DraftEditSuccess'] = true;
        header("Location: draft.php");
        exit();
    } 
} else {
    header("Location:edit_draft.php");
    exit();
}


?>

I have tried multiple solution as suggested by One form two buttons Two Submits Button and many more but it's not working. I hope there's someone that can guide me on this and I'm sorry for I'm still learning.

Answer 1

In the update_draft.php you redirect to edit_draft.php on updated failure, but when you do

header("Location: edit_draft.php");

you do not add an id=something parameter. Hence you get an error saying

Notice: Undefined index: id in C:\xampp\htdocs\dataentry\user\edit_draft.php on line 241

You dont show enough code for me to be sure what you should do, but either add an appropriate value to the redirect like

header("Location: edit_draft.php?id=$someRelevantValue");

Or you will have to modify the control code in edit_draft.php to be able to cope with the page being called Without an id present.

To be honest I am not sure that going back to edit_update.php when the UPDATE of the database has failed is the best thing to do anyway

Answer 2

Change this code:

$sql ="SELECT * FROM iir_incidentmain_draft WHERE incident_id='$_GET[id]'";

to this:

$get=$_GET['idpost'];
$sql ="SELECT * FROM iir_incidentmain_draft WHERE incident_id='$get'";

As you can see, you wrong on $_GET[id] to $_GET['idpost']

Answer 3

Change this

if (isset($_GET['idpost']) && is_numeric($_GET['idpost']))
{

To

if (isset($_GET['idpost']) && is_numeric($_GET['idpost']))
{ $id = $_GET['idpost'];

This $id variable is not set in your whole codes WHERE incident_id = '".$id."'";

UPDATE:

I didnt see $incident_id = $_POST['idpost']; in your post.

Just change this

$incident_id = $_POST['idpost']; 

To

$incident_id = $_GET['idpost']; 

and this line in

WHERE incident_id = '".$id."'";` 

to

WHERE incident_id = '$incident_id'";

Note : My first example will work fine is well.

You need to see this post for error reporting for mysqli mysqli_fetch_assoc() expects parameter / Call to a member function bind_param() errors. How to get the actual mysql error and fix it?