the data would first be stored somewhere, either in the db or session. you'd then just reload the form template and fill in the inputs with the values stored.

Well, yeah, for self population. What about adding an edit/updates statement to the form for the user to re-enter data?

Would look something like this: after the variables were listed:

<?php

$customer =$_POST['customer_id']
$jobnum=$_POST['']
...
mysql_query("UPDATE TABLE SET('$customer', '$jobnum', '$partdes')");
Print "Your information has been successfully added to the database.";

php?>

I just want to be sure that is right.

It would be more something like this:

$customer =$_POST['customer_id']
$jobnum=$_POST['']
...
$result = mysql_query("UPDATE `table_name` SET `customer` = '$customer', `jobnum` = '$jobnum', `partdes` = $partdes' WHERE `company_id` = '$company_id' AND `job_num_id` = '$job_num_id'");
if($result)
echo "Your information has been successfully added to the database.";
else
echo "Failed";

Just make sure that you escape the variables that are going into the query using mysql_real_escape_string [php.net]. I excluded this in my example code above to keep it simpler, but it is a necessary part that cannot be left out.

Can you give an example?

Your variables should be escaped like this:

$customer = mysql_real_escape_string($_POST['customer_id']);

Make sure to do it for each, however.

And that is used instead or the regular statement of :

$customer =$_POST['customer_id']

or used later in the code? I'm trying to understand the placement for it. I'm still a php4 programmer and using 5 on a normal basis for about a month.

Been in a bubble, what can I say?..heh

Yeah it's used just like he typed it there. Just add the mysql_escape_string() around your post var. I persoanly take that a step further and use this:

$tcg = mysql_real_escape_string(trim(stripslashes($_POST['tcg'])));

Not sure how much of a difference it makes,.. but never hurst to be careful :)