Register

If this is your first visit, please click the Sign Up now button to begin the process of creating your account so you can begin posting on our forums! The Sign Up process will only take up about a minute of two of your time.

Results 1 to 5 of 5

Thread: PHP/mySQL help

  1. #1
    Senior Member [Li] Brad's Avatar
    Join Date
    Oct 2003
    Location
    Saskatoon, Canada
    Posts
    578
    Member #
    3689
    Hello,

    I am just wondering if someone could give me a little bit of help here. The problem I am getting is when I hit the save button it doesn't update anything in the database. I don't get any errors though. I am wondering what the cause for this may be. I checked in phpmyadmin to make sure the sql statements work and they are fine. So what may be wrong? Also at the same time you may want to give me some advice because I wouldn't be surprised if my code is somewhat sloppy. Thanks in advance.

    PHP Code:
    <?php
      $connect 
    mysql_connect('xxxxxx','xxxxxx','xxxxxx');
      
    $db mysql_select_db('xxxxxx');
      
    $query mysql_query("SELECT title,newstext FROM news WHERE id='$id'");

      while(
    $edit mysql_fetch_array($query)) {
        
    $title $edit['title'];
        
    $newstext $edit['newstext'];
        echo 
    "<form action=\"$PHP_SELF\" method=\"POST\" name=\"news\">";
        echo 
    "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr>
    <td bgcolor=\"#eeeeee\" colspan=\"2\">[Li] News :: Edit Article</td></tr>"
    ;
        echo 
    "<tr><td height=\"2\"></td></tr>";
        echo 
    "<tr><td>Title:&nbsp;</td>" "<td><input name=\"title\"
     class=\"text\" type=\"text\" value=\"" 
    $title "\" size=\"40\"></td></tr>";
        echo 
    "<tr><td valign=\"top\">News:&nbsp;</td>" "<td>
    <textarea name=\"newstext\" cols=\"30\" rows=\"7\">" 
    $newstext "</textarea></td></tr>";
        echo 
    "<input name=\"hidden\" type=\"hidden\" value=\"1\">";
        echo 
    "<tr><td colspan=\"2\"><center><input name=\"submit\" class=\"button\" 
    type=\"submit\" value=\"Save\" ></center></td></tr></table></form>"
    ;
       }

      
    $title $_POST['title'];
      
    $newstext $_POST['newstext'];

      if (
    $_POST['hidden'] == '1') { 
        if(!
    $_POST['title'] || !$_POST['newstext']) {
          echo 
    "Errored";
         } else {
          
    mysql_query("UPDATE news SET title = '$title', newstext = '$newstext' WHERE id='$id'"$connect);
          echo 
    "<script language=\"javascript\">location.replace
    ('http://www.lithiumwebdesign.com/scripts/news/index.php');</script>"
    ;
         }
       }

      
    mysql_close();
    ?>
    "Art strives for form, and hopes for beauty." - George Bellows

  2.  

  3. #2
    Member Seraph's Avatar
    Join Date
    Sep 2003
    Posts
    81
    Member #
    3090
    mysql_query("UPDATE news SET title = '$title', newstext = '$newstext' WHERE id='$id'", $connect);

    that line should work but it won't BECAUSE $title, $newstext and $id are not set....

  4. #3
    Senior Member [Li] Brad's Avatar
    Join Date
    Oct 2003
    Location
    Saskatoon, Canada
    Posts
    578
    Member #
    3689
    They are set though... or at least I think they are?
    $title = $_POST['title'];
    $newstext = $_POST['newstext'];
    $id is passed through the URL: http://www.lithiumwebdesign.com/edit.php?id=13 or whichever number article it is.

    Maybe my experience is showing though and I am thinking something different? Thanks for providing some help though... was thinking nobody would. :classic:
    "Art strives for form, and hopes for beauty." - George Bellows

  5. #4
    Senior Member Brak's Avatar
    Join Date
    Apr 2003
    Location
    San Francisco, CA
    Posts
    3,413
    Member #
    1217
    Liked
    2 times
    Set $id = $_GET['id']; safety for one... someone could set in a url that would make id =
    Code:
    1'; DELETE * FROM tablename WHERE '1
    That would wipe out your whole thing.. #1 reason sites get hacked - unvalidated variables.
    Kyle Neath: Rockstar extraordinare
    The blog | The poetry site | The Spore site

  6. #5
    Senior Member rosland's Avatar
    Join Date
    Jul 2003
    Location
    Norway
    Posts
    1,944
    Member #
    2096
    Hi.
    Just a hint, don't know if you're familiar with it.
    If you're selecting only one row, you can extract the array and define all variables by their column name with one command; extract(). This saves a lot of typing if you select a row of a table containing lots of columns, and you of course don't mind using the original column names as variable names.
    Your code:
    PHP Code:
    while($edit mysql_fetch_array($query)) {
        
    $title $edit['title'];
        
    $newstext $edit['newstext'];

    //can be written:

    while($edit mysql_fetch_array($query)) {
        
    extract($edit); 
    Then the content of column "title" will automatically be assigned the variablename $title, and content of column "newstext" in variable $newstext.
    If you have ten or more columns, you can easily imagine how much typing you would save. What ever values were contained in the array, is instantly available throughout your code.

    EDIT:
    If you're in doubt wether your code works, you might try to embed the $id value in the form as a hidden field to make sure it passes through. Otherwise you might move the whole UPDATE code to a separate PHP file to see if it works then. You might add some errorchecking code to be echoed there as well. Makes it easier to pin down the error.
    S. Rosland


Remove Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT -6. The time now is 03:13 AM.
Powered by vBulletin® Version 4.2.3
Copyright © 2019 vBulletin Solutions, Inc. All rights reserved.
vBulletin Skin By: PurevB.com