28 replies to this topic

[justlukeyou]

Ah hell,

I had a code working fine that updates a users profile. I then added the echo function so that someone can see what is currently in their profile. For example if there phone number changes they can see their existing phone number and then change it to their new one.

However the update code no longer works. I must have changed it somehow.

This is the error it creates. But 'form_id' is not in the field list. Is it reading it twice from the submit function?

Any suggestions please. I thought it would be a simple job.

UPDATE users SET category = '', aboutcompany = '', firstname = '', surname = '', email = '', website = '', company = '', building = 'g', streetname = '', town = '', state = '', postcode = '', country = '', form_id = 'submit', submit = 'Submit' WHERE id=163An error occurred Unknown column 'form_id' in 'field list'

  
<?php
if(isset($_POST['form_id']))
{
    $values = '';
    foreach ($_POST as $key => $val)
    {
	  
if( isset($_POST['form_id']))
unset($_POST['form_id']);
   
    {
		    $values .= "{$key} = '" . mysql_real_escape_string(trim($val)) . "', ";
	    }
    }
    $values = rtrim($values, ', ');
   
    $error = "";
   
    if($error == "")
    {
	    $sql = "UPDATE users SET {$values} WHERE id=".$_SESSION['userID'];
	   
	   
	    echo $sql;
	   
	    $result = mysql_query($sql) or die("An error occurred ".mysql_error());
    }
}
?>


   
   
   
<div class="updateformleft">  
<form class="form_id"  class="appnitro"  method="post" action="">
		 
	
<?php if($error) echo "<span style=\"color:#ff0000;\">".$error."</span><br /><br />"; ?> 
<ul >
  
	
  <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Your Job Role:
</div>
  <div id="forminputright">
	  <select class="element select medium" name="category" id="category" >
	   <option value="" selected="selected">Venue:</option>
	   <option value="Brand Marketer" >Brand Marketer</option>
	   <option value="Entertainment Promoter" >Entertainment Promoter</option>
	   <option value="Event Manager" >Event Manager</option>
	   <option value="Event Organiser" >Event Organiser</option>
	   <option value="Party Planner" >Party Planner</option>
	   <option value="Wedding Organiser" >Wedding Organiser</option>
	  </select>   
	 </div> 
  </li>
  </div>
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['category'];
}
  ?>
</div>

  <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
 
About Your Company:  <?php echo $row['category']; ?>
  </div>
<div class="forminputright">
<textarea class="element_2" name="aboutcompany" class="element textarea medium" value="<?php if($_POST['aboutcompany']) echo $_POST['aboutcompany']; ?>"></textarea>
	 </div> 
  </li>
  </div>

	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['aboutcompany'];
}
  ?>
</div>
 
 
  <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
First Name:
  </div>
<div class="forminputright"> 
<input class="element_1" name="firstname" class="registerforminput" type="text" value="<?php if($_POST['firstname']) echo $_POST['firstname']; ?>" />
	 </div> 
  </li>
  </div> 
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['firstname'];
}
?>
</div>
  <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Surname:
</div>


<div class="forminputright">
<input class="element_1" name="surname" class="registerforminput" type="text" value="<?php if($_POST['surname']) echo $_POST['surname']; ?>" />
</div>
</li>
</div>
 
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['surname'];
}
  ?>
</div>
   <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Email:
  </div>
 
<div class="forminputright"> 
<input class="element_1" name="email" class="registerforminput" type="text" value="<?php if($_POST['email']) echo $_POST['email']; ?>" />
</div>
 
</li>
</div>
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['email'];
}
  ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Company Website:
</div> 
<div class="forminputright"> 
www. <input class="element_1" name="website" class="registerforminput" type="text" value="<?php if($_POST['website']) echo $_POST['website']; ?>" />
</div>
</div>  
</li> 
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['website'];
}
  ?>
</div>

  <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Company Name:
  </div> 
<div class="forminputright">
<input class="element_1" name="company" type="text" class="registerforminput" value="<?php if($_POST['company']) echo $_POST['company']; ?>" />
</div>
</li>
</div>
 
 
		 <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['company'];
}
  ?>
</div>

   <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Building Name/Number:
  </div>
<div class="forminputright"> 
<input class="element_1" name="building" class="registerforminput" type="text" width="600" value="<?php if($_POST['building']) echo $_POST['building']; ?>" />
</div>
</li>
</div>  
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['building'];
}
  ?>
</div>

<div class="updateinputcell">
  <div class="forminputleft">
Street Name:
</div>
<div class="forminputright">
<input class="element_1" name="streetname" class="registerforminput" type="text" maxlength="600" value="<?php if($_POST['streetname']) echo $_POST['streetname']; ?>" />  
</div> 
</div>
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['streetname'];
}
  ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Town:
</div>
<div class="forminputright">
<input class="element_1" name="town" class="registerforminput" type="text" maxlength="600" value="<?php if($_POST['streetname']) echo $_POST['town']; ?>" />  
</div>
</li>
</div>
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['town'];
}
  ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft"> 
State:
</div>
<div class="forminputright">
<input class="element_1" name="state" class="registerforminput" type="text" maxlength="600" value="<?php if($_POST['state']) echo $_POST['state']; ?>" />

</div>
</li>
</div>
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['state'];
}
  ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Zip Code/Post Code:
</div>
  <div class="forminputright">  
<input class="element_1" name="postcode" class="registerforminput" type="text" maxlength="600" value="<?php if($_POST['postcode']) echo $_POST['postcode']; ?>" />
</div>
</li>
</div>
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['postcode'];
}
  ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Your Country:
</div>
  <div class="forminputright">
<select  class="element select medium" class="country" name="country">   
  
<option value="" selected="selected">Your Country:</option>
<option value=” selected=’selected’>Select Country</option>
<option value="" selected="selected">Select a Country</option>
<option value="United States">United States</option>
</select>
  </div>
</li>
</div>

	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['country'];
}
  ?>
</div>
</div>
</div>


 
 
   <div class="forminputright">  
<li class="buttons">
	  
<input type="hidden" name="form_id" value="submit" />
	  
   
	  <div class="user-area">
<input type="submit" name="submit" value="Submit" class="submit-button" />
  </div>
 
</li>
  
</ul>
 
</form>
   </div>
</div>
</div>
  
  
  <div class="registerinfobenefitsright">
</div>
  </div>
   <div class="aside">
   
   </div>

[Pikachu2000]

The error is quite self explanatory. There is no field named `form_id` in your `users` table.

[doddsey_65]

@Pikachu2000 I think the issue is the fact that form_id shouldnt be in the query since it's being unset in the foreach loop before the query is ran.

[PFMaBiSmAd]

You shouldn't blindly loop though all the $_POST data and put field names/values into queries. That leaves your code open to sql injection.

For what you are doing, you should have a specific list of the expected fields (in an array) you want to put into that specific query, then loop through that array of expected fields and access just the $_POST data you want using the field names from the array of expected fields.

[justlukeyou]

@Pikachu2000 I think the issue is the fact that form_id shouldnt be in the query since it's being unset in the foreach loop before the query is ran.

Hi,

The form_id isn't in the query though is it?

[justlukeyou]

You shouldn't blindly loop though all the $_POST data and put field names/values into queries. That leaves your code open to sql injection.

For what you are doing, you should have a specific list of the expected fields (in an array) you want to put into that specific query, then loop through that array of expected fields and access just the $_POST data you want using the field names from the array of expected fields.

I did originally have it so that all update fields were seperated out but someone rewrote it so that it automatically read the fields and updated them.

[Pikachu2000]

Hi,

The form_id isn't in the query though is it?

If you aren't going to bother reading the error message, why should anyone bother helping you?

[justlukeyou]

Huh, I dont understand the error message.

I dont understand this bit: "Unknown column 'form_id' in 'field list'"

[SocialCloud]

UPDATE users SET category = '', aboutcompany = '', firstname = '', surname = '', email = '', website = '', company = '', building = 'g', streetname = '', town = '', state = '', postcode = '', country = '', form_id = 'submit', submit = 'Submit' WHERE id=163

Refer to the bolded part. Unknown column error means that column does not exist in the database. The column you are trying to update, thus, does not exist.

Edited by SocialCloud, 25 November 2012 - 05:24 PM.

[justlukeyou]

UPDATE users SET category = '', aboutcompany = '', firstname = '', surname = '', email = '', website = '', company = '', building = 'g', streetname = '', town = '', state = '', postcode = '', country = '', form_id = 'submit', submit = 'Submit' WHERE id=163

Refer to the bolded part. Unknown column error means that column does not exist in the database. The column you are trying to update, thus, does not exist.

Thanks,

But I cant see where or why it is trying to say that "form_id" is a column. Thats the part I dont get. Can you advise how this is being picked up as a column?

[mrMarcus]

Thanks,

But I cant see where or why it is trying to say that "form_id" is a column. Thats the part I dont get. Can you advise how this is being picked up as a column?

Because, as @PFMaBiSmAd said, you are creating your query by looping through your $_POST data. What that is doing is creating a `column` update for every form input you have. Note the ", submit='submit'. 'submit' is the name of your button in your form, and not a column in your table.

This is the area in which your problems are being generated, and is also a disaster:

foreach ($_POST as $key => $val) {
if (isset($_POST['form_id']))
unset($_POST['form_id']);
{
$values .= "{$key} = '" . mysql_real_escape_string(trim($val)) . "', ";
}
}

[justlukeyou]

Thanks,

So is it best just to list the fields I want to update?

$values .= "$emailaddress, $firstname" 

. mysql_real_escape_string(trim($val)) . "', ";

[mrMarcus]

Thanks,

So is it best just to list the fields I want to update?

$values .= "$emailaddress, $firstname"

. mysql_real_escape_string(trim($val)) . "', ";

You should already know the answer to that question. Yes.

[justlukeyou]

You should already know the answer to that question. Yes.

Hi,

So this the original code I had. This code successfully updates the field in which someone enters text however it also wipes all the cells that are left empty.

For example if someone completes their profile of 10 fields and then a year later wants to change their phone number my current code would swipe nine of the fields. Can anyone advise how I can only update the fields that have text in.

Would it be something like this?

if ($firstname <> "")

  
<?php
function mysql_real_escape_array($t)
{
    return array_map("mysql_real_escape_string",$t);
}
function trim_array($ar)
{
    return array_map("trim",$ar);
}
if(isset($_POST['form_id']))
{
    $_POST = mysql_real_escape_array($_POST);
    $_POST = trim_array($_POST);
    $error = "";

    if($error == "")
    {
	    $sql = "
	    UPDATE
		    users
	    SET
		    category = '".$_POST['category']."',
  linkcategory = '".str_replace(' ', '-',strtolower($_POST['category']))."',
		    firstname = '".$_POST['firstname']."',
		    surname = '".$_POST['surname']."',
		    email = '".$_POST['email']."',
		    website = '".$_POST['website']."',
		    company = '".$_POST['company']."',
		    building = '".$_POST['building']."',
		    streetname = '".$_POST['streetname']."',
   town = '".$_POST['town']."',
		    state = '".$_POST['state']."',
		    postcode = '".$_POST['postcode']."',
		    aboutcompany = '".$_POST['aboutcompany']."',
   country = '".$_POST['country']."'";
	    $result = mysql_query($sql) or die("An error occurred ".mysql_error());
	  
    }
}
?>

Edited by justlukeyou, 26 November 2012 - 01:56 PM.

[SocialCloud]

<?php

if(empty($whatever_variable_to_check)) {

echo "You left it blank oh noses!";

}

?>

[PFMaBiSmAd]

it also wipes all the cells that are left empty.

Why aren't you populating the fields with the existing values?

How would you be able to tell if someone actually wanted to remove a value by clearing the field?

[justlukeyou]

Why aren't you populating the fields with the existing values?

How would you be able to tell if someone actually wanted to remove a value by clearing the field?

Hi,

Lets say someone got married and wanted to change their surname they would enter their new surname but my site currently deletes their first name. Im not sure how to say = "if blank do not update". Would this be the easiest step. Instead of reinserting what isn't changed?

The second point is very good. I could have "Delete Content" button next to each field but Im still stuck on how to update the database.

[justlukeyou]

I not something that stops it from being updated.

<?php
if(empty($postcode)) {
do not update;
}
?>

[mrMarcus]

Auto-populate your forms when editing. That way, if a user wants something deleted (if allowed), all they have to do if clear the field themselves.

Pseudo:

<form>
    <input type="text" name="last_name" value="<?php echo (!empty($last_name)) ? $last_name : ''; ?>"/>
</form>

Now, when they are at the edit stage, all their info will be pre-populated into the form and they can update whichever fields they wish.

[justlukeyou]

Thats a good idea. What Im currently doing is displaying the current content next to form so they can see the current content:

<input class="element_1" name="firstname" class="registerforminput" type="text" value="<?php if($_POST['firstname']) echo $_POST['firstname']; ?>" />

When I try to display the firstname with the following code nothing is displayed but it is displayed with the code above so I know their is content in the database. Is that because I am using POST and should be using something else?

<form>
	    <input type="text" name="firstname" value="<?php echo (!empty($firstname)) ? $firstname : ''; ?>"/>
</form>