Jump to content


Photo

Update Code Now Has 'form_Id' Error


  • Please log in to reply
28 replies to this topic

#1 justlukeyou

justlukeyou

    Advanced Member

  • Members
  • PipPipPip
  • 966 posts

Posted 25 November 2012 - 11:34 AM

Ah hell,

I had a code working fine that updates a users profile. I then added the echo function so that someone can see what is currently in their profile. For example if there phone number changes they can see their existing phone number and then change it to their new one.

However the update code no longer works. I must have changed it somehow.

This is the error it creates. But 'form_id' is not in the field list. Is it reading it twice from the submit function?

Any suggestions please. I thought it would be a simple job.

UPDATE users SET category = '', aboutcompany = '', firstname = '', surname = '', email = '', website = '', company = '', building = 'g', streetname = '', town = '', state = '', postcode = '', country = '', form_id = 'submit', submit = 'Submit' WHERE id=163An error occurred Unknown column 'form_id' in 'field list'

  
<?php
if(isset($_POST['form_id']))
{
    $values = '';
    foreach ($_POST as $key => $val)
    {
	  
if( isset($_POST['form_id']))
unset($_POST['form_id']);
   
    {
		    $values .= "{$key} = '" . mysql_real_escape_string(trim($val)) . "', ";
	    }
    }
    $values = rtrim($values, ', ');
   
    $error = "";
   
    if($error == "")
    {
	    $sql = "UPDATE users SET {$values} WHERE id=".$_SESSION['userID'];
	   
	   
	    echo $sql;
	   
	    $result = mysql_query($sql) or die("An error occurred ".mysql_error());
    }
}
?>


   
   
   
<div class="updateformleft">  
<form class="form_id"  class="appnitro"  method="post" action="">
		 
	
<?php if($error) echo "<span style=\"color:#ff0000;\">".$error."</span><br /><br />"; ?> 
<ul >
  
	
  <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Your Job Role:
</div>
  <div id="forminputright">
	  <select class="element select medium" name="category" id="category" >
	   <option value="" selected="selected">Venue:</option>
	   <option value="Brand Marketer" >Brand Marketer</option>
	   <option value="Entertainment Promoter" >Entertainment Promoter</option>
	   <option value="Event Manager" >Event Manager</option>
	   <option value="Event Organiser" >Event Organiser</option>
	   <option value="Party Planner" >Party Planner</option>
	   <option value="Wedding Organiser" >Wedding Organiser</option>
	  </select>   
	 </div> 
  </li>
  </div>
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['category'];
}
  ?>
</div>

  <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
 
About Your Company:  <?php echo $row['category']; ?>
  </div>
<div class="forminputright">
<textarea class="element_2" name="aboutcompany" class="element textarea medium" value="<?php if($_POST['aboutcompany']) echo $_POST['aboutcompany']; ?>"></textarea>
	 </div> 
  </li>
  </div>

	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['aboutcompany'];
}
  ?>
</div>
 
 
  <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
First Name:
  </div>
<div class="forminputright"> 
<input class="element_1" name="firstname" class="registerforminput" type="text" value="<?php if($_POST['firstname']) echo $_POST['firstname']; ?>" />
	 </div> 
  </li>
  </div> 
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['firstname'];
}
?>
</div>
  <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Surname:
</div>


<div class="forminputright">
<input class="element_1" name="surname" class="registerforminput" type="text" value="<?php if($_POST['surname']) echo $_POST['surname']; ?>" />
</div>
</li>
</div>
 
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['surname'];
}
  ?>
</div>
   <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Email:
  </div>
 
<div class="forminputright"> 
<input class="element_1" name="email" class="registerforminput" type="text" value="<?php if($_POST['email']) echo $_POST['email']; ?>" />
</div>
 
</li>
</div>
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['email'];
}
  ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Company Website:
</div> 
<div class="forminputright"> 
www. <input class="element_1" name="website" class="registerforminput" type="text" value="<?php if($_POST['website']) echo $_POST['website']; ?>" />
</div>
</div>  
</li> 
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['website'];
}
  ?>
</div>

  <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Company Name:
  </div> 
<div class="forminputright">
<input class="element_1" name="company" type="text" class="registerforminput" value="<?php if($_POST['company']) echo $_POST['company']; ?>" />
</div>
</li>
</div>
 
 
		 <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['company'];
}
  ?>
</div>

   <div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Building Name/Number:
  </div>
<div class="forminputright"> 
<input class="element_1" name="building" class="registerforminput" type="text" width="600" value="<?php if($_POST['building']) echo $_POST['building']; ?>" />
</div>
</li>
</div>  
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['building'];
}
  ?>
</div>

<div class="updateinputcell">
  <div class="forminputleft">
Street Name:
</div>
<div class="forminputright">
<input class="element_1" name="streetname" class="registerforminput" type="text" maxlength="600" value="<?php if($_POST['streetname']) echo $_POST['streetname']; ?>" />  
</div> 
</div>
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['streetname'];
}
  ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Town:
</div>
<div class="forminputright">
<input class="element_1" name="town" class="registerforminput" type="text" maxlength="600" value="<?php if($_POST['streetname']) echo $_POST['town']; ?>" />  
</div>
</li>
</div>
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['town'];
}
  ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft"> 
State:
</div>
<div class="forminputright">
<input class="element_1" name="state" class="registerforminput" type="text" maxlength="600" value="<?php if($_POST['state']) echo $_POST['state']; ?>" />

</div>
</li>
</div>
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['state'];
}
  ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Zip Code/Post Code:
</div>
  <div class="forminputright">  
<input class="element_1" name="postcode" class="registerforminput" type="text" maxlength="600" value="<?php if($_POST['postcode']) echo $_POST['postcode']; ?>" />
</div>
</li>
</div>
	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['postcode'];
}
  ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
  <div class="forminputleft">
Your Country:
</div>
  <div class="forminputright">
<select  class="element select medium" class="country" name="country">   
  
<option value="" selected="selected">Your Country:</option>
<option value=” selected=’selected’>Select Country</option>
<option value="" selected="selected">Select a Country</option>
<option value="United States">United States</option>
</select>
  </div>
</li>
</div>

	   <div class="updatecurrentcell">
		   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['country'];
}
  ?>
</div>
</div>
</div>


 
 
   <div class="forminputright">  
<li class="buttons">
	  
<input type="hidden" name="form_id" value="submit" />
	  
   
	  <div class="user-area">
<input type="submit" name="submit" value="Submit" class="submit-button" />
  </div>
 
</li>
  
</ul>
 
</form>
   </div>
</div>
</div>
  
  
  <div class="registerinfobenefitsright">
</div>
  </div>
   <div class="aside">
   
   </div>




#2 Pikachu2000

Pikachu2000

    I hate everything.

  • Staff Alumni
  • 11,378 posts
  • LocationFuture Independent Republic of Texas
  • Age:106

Posted 25 November 2012 - 12:15 PM

The error is quite self explanatory. There is no field named `form_id` in your `users` table.
"Java" is to "Javascript" about the same as "fun" is to "funeral".

Why $_SERVER['PHP_SELF'] is bad. || Why ORDER BY RAND() is bad || Every problem can be solved with rm -rf *

Random Quote: "

#3 doddsey_65

doddsey_65

    Advanced Member

  • Members
  • PipPipPip
  • 904 posts
  • LocationNorth East UK
  • Age:26

Posted 25 November 2012 - 12:36 PM

@Pikachu2000 I think the issue is the fact that form_id shouldnt be in the query since it's being unset in the foreach loop before the query is ran.
Test and help out with a new
100% open source forum package: A Simple Forum
Check the A Simple forum Github Page
Visit my Github profile to see what I work on.

#4 PFMaBiSmAd

PFMaBiSmAd

    Advanced Member

  • Staff Alumni
  • 16,767 posts
  • LocationColorado, U.S.A.

Posted 25 November 2012 - 12:46 PM

You shouldn't blindly loop though all the $_POST data and put field names/values into queries. That leaves your code open to sql injection.

For what you are doing, you should have a specific list of the expected fields (in an array) you want to put into that specific query, then loop through that array of expected fields and access just the $_POST data you want using the field names from the array of expected fields.
Signature: (not a comment about anything you posted unless specifically indicated)
Debugging step #1: To get past the garbage-out equals garbage-in stage in your code, you must check that the inputs to your code are what you expect.

Programming is just problem solving, but it is done in another language. You must learn enough of the programming language you are using to be able to read and write code.

#5 justlukeyou

justlukeyou

    Advanced Member

  • Members
  • PipPipPip
  • 966 posts

Posted 25 November 2012 - 04:00 PM

@Pikachu2000 I think the issue is the fact that form_id shouldnt be in the query since it's being unset in the foreach loop before the query is ran.


Hi,

The form_id isn't in the query though is it?

#6 justlukeyou

justlukeyou

    Advanced Member

  • Members
  • PipPipPip
  • 966 posts

Posted 25 November 2012 - 04:01 PM

You shouldn't blindly loop though all the $_POST data and put field names/values into queries. That leaves your code open to sql injection.

For what you are doing, you should have a specific list of the expected fields (in an array) you want to put into that specific query, then loop through that array of expected fields and access just the $_POST data you want using the field names from the array of expected fields.


I did originally have it so that all update fields were seperated out but someone rewrote it so that it automatically read the fields and updated them.

#7 Pikachu2000

Pikachu2000

    I hate everything.

  • Staff Alumni
  • 11,378 posts
  • LocationFuture Independent Republic of Texas
  • Age:106

Posted 25 November 2012 - 05:01 PM

Hi,

The form_id isn't in the query though is it?


If you aren't going to bother reading the error message, why should anyone bother helping you?
"Java" is to "Javascript" about the same as "fun" is to "funeral".

Why $_SERVER['PHP_SELF'] is bad. || Why ORDER BY RAND() is bad || Every problem can be solved with rm -rf *

Random Quote: "

#8 justlukeyou

justlukeyou

    Advanced Member

  • Members
  • PipPipPip
  • 966 posts

Posted 25 November 2012 - 05:07 PM

Huh, I dont understand the error message.

I dont understand this bit: "Unknown column 'form_id' in 'field list'"

#9 SocialCloud

SocialCloud

    Advanced Member

  • Members
  • PipPipPip
  • 607 posts

Posted 25 November 2012 - 05:23 PM

UPDATE users SET category = '', aboutcompany = '', firstname = '', surname = '', email = '', website = '', company = '', building = 'g', streetname = '', town = '', state = '', postcode = '', country = '', form_id = 'submit', submit = 'Submit' WHERE id=163

Refer to the bolded part. Unknown column error means that column does not exist in the database. The column you are trying to update, thus, does not exist.

Edited by SocialCloud, 25 November 2012 - 05:24 PM.


#10 justlukeyou

justlukeyou

    Advanced Member

  • Members
  • PipPipPip
  • 966 posts

Posted 26 November 2012 - 12:50 PM

UPDATE users SET category = '', aboutcompany = '', firstname = '', surname = '', email = '', website = '', company = '', building = 'g', streetname = '', town = '', state = '', postcode = '', country = '', form_id = 'submit', submit = 'Submit' WHERE id=163

Refer to the bolded part. Unknown column error means that column does not exist in the database. The column you are trying to update, thus, does not exist.


Thanks,

But I cant see where or why it is trying to say that "form_id" is a column. Thats the part I dont get. Can you advise how this is being picked up as a column?

#11 mrMarcus

mrMarcus

    I'm a beleafer.

  • Members
  • PipPipPip
  • 1,903 posts
  • LocationCanada

Posted 26 November 2012 - 12:59 PM

Thanks,

But I cant see where or why it is trying to say that "form_id" is a column. Thats the part I dont get. Can you advise how this is being picked up as a column?


Because, as @PFMaBiSmAd said, you are creating your query by looping through your $_POST data. What that is doing is creating a `column` update for every form input you have. Note the ", submit='submit'. 'submit' is the name of your button in your form, and not a column in your table.

This is the area in which your problems are being generated, and is also a disaster:

foreach ($_POST as $key => $val) {
if (isset($_POST['form_id']))
unset($_POST['form_id']);
{
$values .= "{$key} = '" . mysql_real_escape_string(trim($val)) . "', ";
}
}


#12 justlukeyou

justlukeyou

    Advanced Member

  • Members
  • PipPipPip
  • 966 posts

Posted 26 November 2012 - 01:10 PM

Thanks,

So is it best just to list the fields I want to update?

$values .= "$emailaddress, $firstname" 

. mysql_real_escape_string(trim($val)) . "', ";


#13 mrMarcus

mrMarcus

    I'm a beleafer.

  • Members
  • PipPipPip
  • 1,903 posts
  • LocationCanada

Posted 26 November 2012 - 01:13 PM

Thanks,

So is it best just to list the fields I want to update?

$values .= "$emailaddress, $firstname"

. mysql_real_escape_string(trim($val)) . "', ";


You should already know the answer to that question. Yes.

#14 justlukeyou

justlukeyou

    Advanced Member

  • Members
  • PipPipPip
  • 966 posts

Posted 26 November 2012 - 01:41 PM

You should already know the answer to that question. Yes.


Hi,

So this the original code I had. This code successfully updates the field in which someone enters text however it also wipes all the cells that are left empty.

For example if someone completes their profile of 10 fields and then a year later wants to change their phone number my current code would swipe nine of the fields. Can anyone advise how I can only update the fields that have text in.

Would it be something like this?

if ($firstname <> "")



  
<?php
function mysql_real_escape_array($t)
{
    return array_map("mysql_real_escape_string",$t);
}
function trim_array($ar)
{
    return array_map("trim",$ar);
}
if(isset($_POST['form_id']))
{
    $_POST = mysql_real_escape_array($_POST);
    $_POST = trim_array($_POST);
    $error = "";

    if($error == "")
    {
	    $sql = "
	    UPDATE
		    users
	    SET
		    category = '".$_POST['category']."',
  linkcategory = '".str_replace(' ', '-',strtolower($_POST['category']))."',
		    firstname = '".$_POST['firstname']."',
		    surname = '".$_POST['surname']."',
		    email = '".$_POST['email']."',
		    website = '".$_POST['website']."',
		    company = '".$_POST['company']."',
		    building = '".$_POST['building']."',
		    streetname = '".$_POST['streetname']."',
   town = '".$_POST['town']."',
		    state = '".$_POST['state']."',
		    postcode = '".$_POST['postcode']."',
		    aboutcompany = '".$_POST['aboutcompany']."',
   country = '".$_POST['country']."'";
	    $result = mysql_query($sql) or die("An error occurred ".mysql_error());
	  
    }
}
?>

Edited by justlukeyou, 26 November 2012 - 01:56 PM.


#15 SocialCloud

SocialCloud

    Advanced Member

  • Members
  • PipPipPip
  • 607 posts

Posted 26 November 2012 - 08:25 PM


<?php

if(empty($whatever_variable_to_check)) {

echo "You left it blank oh noses!";

}

?>



#16 PFMaBiSmAd

PFMaBiSmAd

    Advanced Member

  • Staff Alumni
  • 16,767 posts
  • LocationColorado, U.S.A.

Posted 27 November 2012 - 07:23 AM

it also wipes all the cells that are left empty.


Why aren't you populating the fields with the existing values?

How would you be able to tell if someone actually wanted to remove a value by clearing the field?
Signature: (not a comment about anything you posted unless specifically indicated)
Debugging step #1: To get past the garbage-out equals garbage-in stage in your code, you must check that the inputs to your code are what you expect.

Programming is just problem solving, but it is done in another language. You must learn enough of the programming language you are using to be able to read and write code.

#17 justlukeyou

justlukeyou

    Advanced Member

  • Members
  • PipPipPip
  • 966 posts

Posted 27 November 2012 - 09:31 AM

Why aren't you populating the fields with the existing values?

How would you be able to tell if someone actually wanted to remove a value by clearing the field?


Hi,

Lets say someone got married and wanted to change their surname they would enter their new surname but my site currently deletes their first name. Im not sure how to say = "if blank do not update". Would this be the easiest step. Instead of reinserting what isn't changed?

The second point is very good. I could have "Delete Content" button next to each field but Im still stuck on how to update the database.

#18 justlukeyou

justlukeyou

    Advanced Member

  • Members
  • PipPipPip
  • 966 posts

Posted 27 November 2012 - 09:34 AM

I not something that stops it from being updated.


<?php
if(empty($postcode)) {
do not update;
}
?>


#19 mrMarcus

mrMarcus

    I'm a beleafer.

  • Members
  • PipPipPip
  • 1,903 posts
  • LocationCanada

Posted 27 November 2012 - 09:36 AM

Auto-populate your forms when editing. That way, if a user wants something deleted (if allowed), all they have to do if clear the field themselves.

Pseudo:

<form>
    <input type="text" name="last_name" value="<?php echo (!empty($last_name)) ? $last_name : ''; ?>"/>
</form>

Now, when they are at the edit stage, all their info will be pre-populated into the form and they can update whichever fields they wish.

#20 justlukeyou

justlukeyou

    Advanced Member

  • Members
  • PipPipPip
  • 966 posts

Posted 27 November 2012 - 09:44 AM

Thats a good idea. What Im currently doing is displaying the current content next to form so they can see the current content:

<input class="element_1" name="firstname" class="registerforminput" type="text" value="<?php if($_POST['firstname']) echo $_POST['firstname']; ?>" />

When I try to display the firstname with the following code nothing is displayed but it is displayed with the code above so I know their is content in the database. Is that because I am using POST and should be using something else?

<form>
	    <input type="text" name="firstname" value="<?php echo (!empty($firstname)) ? $firstname : ''; ?>"/>
</form>





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Cheap Linux VPS from $5
SSD Storage, 30 day Guarantee
1 TB of BW, 100% Network Uptime

AlphaBit.com