Jump to content

Update Code Now Has 'form_Id' Error


justlukeyou

Recommended Posts

Ah hell,

 

I had a code working fine that updates a users profile. I then added the echo function so that someone can see what is currently in their profile. For example if there phone number changes they can see their existing phone number and then change it to their new one.

 

However the update code no longer works. I must have changed it somehow.

 

This is the error it creates. But 'form_id' is not in the field list. Is it reading it twice from the submit function?

 

Any suggestions please. I thought it would be a simple job.

 

UPDATE users SET category = '', aboutcompany = '', firstname = '', surname = '', email = '', website = '', company = '', building = 'g', streetname = '', town = '', state = '', postcode = '', country = '', form_id = 'submit', submit = 'Submit' WHERE id=163An error occurred Unknown column 'form_id' in 'field list'

 


<?php
if(isset($_POST['form_id']))
{
   $values = '';
   foreach ($_POST as $key => $val)
   {

if( isset($_POST['form_id']))
unset($_POST['form_id']);

   {
	    $values .= "{$key} = '" . mysql_real_escape_string(trim($val)) . "', ";
    }
   }
   $values = rtrim($values, ', ');

   $error = "";

   if($error == "")
   {
    $sql = "UPDATE users SET {$values} WHERE id=".$_SESSION['userID'];


    echo $sql;

    $result = mysql_query($sql) or die("An error occurred ".mysql_error());
   }
}
?>





<div class="updateformleft">  
<form class="form_id"  class="appnitro"  method="post" action="">


<?php if($error) echo "<span style=\"color:#ff0000;\">".$error."</span><br /><br />"; ?> 
<ul >


 <div class="updateinputcell">
<li class="li_1" >
 <div class="forminputleft">
Your Job Role:
</div>
 <div id="forminputright">
  <select class="element select medium" name="category" id="category" >
   <option value="" selected="selected">Venue:</option>
   <option value="Brand Marketer" >Brand Marketer</option>
   <option value="Entertainment Promoter" >Entertainment Promoter</option>
   <option value="Event Manager" >Event Manager</option>
   <option value="Event Organiser" >Event Organiser</option>
   <option value="Party Planner" >Party Planner</option>
   <option value="Wedding Organiser" >Wedding Organiser</option>
  </select>   
 </div> 
 </li>
 </div>
   <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['category'];
}
 ?>
</div>

 <div class="updateinputcell">
<li class="li_1" >
 <div class="forminputleft">

About Your Company:  <?php echo $row['category']; ?>
 </div>
<div class="forminputright">
<textarea class="element_2" name="aboutcompany" class="element textarea medium" value="<?php if($_POST['aboutcompany']) echo $_POST['aboutcompany']; ?>"></textarea>
 </div> 
 </li>
 </div>

   <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['aboutcompany'];
}
 ?>
</div>


 <div class="updateinputcell">
<li class="li_1" >
 <div class="forminputleft">
First Name:
 </div>
<div class="forminputright"> 
<input class="element_1" name="firstname" class="registerforminput" type="text" value="<?php if($_POST['firstname']) echo $_POST['firstname']; ?>" />
 </div> 
 </li>
 </div> 
   <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['firstname'];
}
?>
</div>
 <div class="updateinputcell">
<li class="li_1" >
 <div class="forminputleft">
Surname:
</div>


<div class="forminputright">
<input class="element_1" name="surname" class="registerforminput" type="text" value="<?php if($_POST['surname']) echo $_POST['surname']; ?>" />
</div>
</li>
</div>

   <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['surname'];
}
 ?>
</div>
  <div class="updateinputcell">
<li class="li_1" >
 <div class="forminputleft">
Email:
 </div>

<div class="forminputright"> 
<input class="element_1" name="email" class="registerforminput" type="text" value="<?php if($_POST['email']) echo $_POST['email']; ?>" />
</div>

</li>
</div>
   <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['email'];
}
 ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
 <div class="forminputleft">
Company Website:
</div> 
<div class="forminputright"> 
www. <input class="element_1" name="website" class="registerforminput" type="text" value="<?php if($_POST['website']) echo $_POST['website']; ?>" />
</div>
</div>  
</li> 
   <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['website'];
}
 ?>
</div>

 <div class="updateinputcell">
<li class="li_1" >
 <div class="forminputleft">
Company Name:
 </div> 
<div class="forminputright">
<input class="element_1" name="company" type="text" class="registerforminput" value="<?php if($_POST['company']) echo $_POST['company']; ?>" />
</div>
</li>
</div>


	 <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['company'];
}
 ?>
</div>

  <div class="updateinputcell">
<li class="li_1" >
 <div class="forminputleft">
Building Name/Number:
 </div>
<div class="forminputright"> 
<input class="element_1" name="building" class="registerforminput" type="text" width="600" value="<?php if($_POST['building']) echo $_POST['building']; ?>" />
</div>
</li>
</div>  
   <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['building'];
}
 ?>
</div>

<div class="updateinputcell">
 <div class="forminputleft">
Street Name:
</div>
<div class="forminputright">
<input class="element_1" name="streetname" class="registerforminput" type="text" maxlength="600" value="<?php if($_POST['streetname']) echo $_POST['streetname']; ?>" />  
</div> 
</div>
   <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['streetname'];
}
 ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
 <div class="forminputleft">
Town:
</div>
<div class="forminputright">
<input class="element_1" name="town" class="registerforminput" type="text" maxlength="600" value="<?php if($_POST['streetname']) echo $_POST['town']; ?>" />  
</div>
</li>
</div>
   <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['town'];
}
 ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
 <div class="forminputleft"> 
State:
</div>
<div class="forminputright">
<input class="element_1" name="state" class="registerforminput" type="text" maxlength="600" value="<?php if($_POST['state']) echo $_POST['state']; ?>" />

</div>
</li>
</div>
   <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['state'];
}
 ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
 <div class="forminputleft">
Zip Code/Post Code:
</div>
 <div class="forminputright">  
<input class="element_1" name="postcode" class="registerforminput" type="text" maxlength="600" value="<?php if($_POST['postcode']) echo $_POST['postcode']; ?>" />
</div>
</li>
</div>
   <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['postcode'];
}
 ?>
</div>

<div class="updateinputcell">
<li class="li_1" >
 <div class="forminputleft">
Your Country:
</div>
 <div class="forminputright">
<select  class="element select medium" class="country" name="country">   

<option value="" selected="selected">Your Country:</option>
<option value=” selected=’selected’>Select Country</option>
<option value="" selected="selected">Select a Country</option>
<option value="United States">United States</option>
</select>
 </div>
</li>
</div>

   <div class="updatecurrentcell">
	   <?php
$query = mysql_query("SELECT * FROM users WHERE id = " . $_SESSION['userID']);
while($row = mysql_fetch_array($query)) {
echo $row['country'];
}
 ?>
</div>
</div>
</div>




  <div class="forminputright">  
<li class="buttons">

<input type="hidden" name="form_id" value="submit" />


  <div class="user-area">
<input type="submit" name="submit" value="Submit" class="submit-button" />
 </div>

</li>

</ul>

</form>
  </div>
</div>
</div>


 <div class="registerinfobenefitsright">
</div>
 </div>
  <div class="aside">

  </div>


Link to comment
Share on other sites

You shouldn't blindly loop though all the $_POST data and put field names/values into queries. That leaves your code open to sql injection.

 

For what you are doing, you should have a specific list of the expected fields (in an array) you want to put into that specific query, then loop through that array of expected fields and access just the $_POST data you want using the field names from the array of expected fields.

Link to comment
Share on other sites

You shouldn't blindly loop though all the $_POST data and put field names/values into queries. That leaves your code open to sql injection.

 

For what you are doing, you should have a specific list of the expected fields (in an array) you want to put into that specific query, then loop through that array of expected fields and access just the $_POST data you want using the field names from the array of expected fields.

 

I did originally have it so that all update fields were seperated out but someone rewrote it so that it automatically read the fields and updated them.

Link to comment
Share on other sites

UPDATE users SET category = '', aboutcompany = '', firstname = '', surname = '', email = '', website = '', company = '', building = 'g', streetname = '', town = '', state = '', postcode = '', country = '', form_id = 'submit', submit = 'Submit' WHERE id=163

 

Refer to the bolded part. Unknown column error means that column does not exist in the database. The column you are trying to update, thus, does not exist.

Edited by SocialCloud
Link to comment
Share on other sites

UPDATE users SET category = '', aboutcompany = '', firstname = '', surname = '', email = '', website = '', company = '', building = 'g', streetname = '', town = '', state = '', postcode = '', country = '', form_id = 'submit', submit = 'Submit' WHERE id=163

 

Refer to the bolded part. Unknown column error means that column does not exist in the database. The column you are trying to update, thus, does not exist.

 

Thanks,

 

But I cant see where or why it is trying to say that "form_id" is a column. Thats the part I dont get. Can you advise how this is being picked up as a column?

Link to comment
Share on other sites

Thanks,

 

But I cant see where or why it is trying to say that "form_id" is a column. Thats the part I dont get. Can you advise how this is being picked up as a column?

 

Because, as @PFMaBiSmAd said, you are creating your query by looping through your $_POST data. What that is doing is creating a `column` update for every form input you have. Note the ", submit='submit'. 'submit' is the name of your button in your form, and not a column in your table.

 

This is the area in which your problems are being generated, and is also a disaster:

 

foreach ($_POST as $key => $val) {
if (isset($_POST['form_id']))
unset($_POST['form_id']);
{
$values .= "{$key} = '" . mysql_real_escape_string(trim($val)) . "', ";
}
}

Link to comment
Share on other sites

You should already know the answer to that question. Yes.

 

Hi,

 

So this the original code I had. This code successfully updates the field in which someone enters text however it also wipes all the cells that are left empty.

 

For example if someone completes their profile of 10 fields and then a year later wants to change their phone number my current code would swipe nine of the fields. Can anyone advise how I can only update the fields that have text in.

 

Would it be something like this?

 

if ($firstname <> "")

 

 

 


<?php
function mysql_real_escape_array($t)
{
   return array_map("mysql_real_escape_string",$t);
}
function trim_array($ar)
{
   return array_map("trim",$ar);
}
if(isset($_POST['form_id']))
{
   $_POST = mysql_real_escape_array($_POST);
   $_POST = trim_array($_POST);
   $error = "";

   if($error == "")
   {
    $sql = "
    UPDATE
	    users
    SET
	    category = '".$_POST['category']."',
 linkcategory = '".str_replace(' ', '-',strtolower($_POST['category']))."',
	    firstname = '".$_POST['firstname']."',
	    surname = '".$_POST['surname']."',
	    email = '".$_POST['email']."',
	    website = '".$_POST['website']."',
	    company = '".$_POST['company']."',
	    building = '".$_POST['building']."',
	    streetname = '".$_POST['streetname']."',
  town = '".$_POST['town']."',
	    state = '".$_POST['state']."',
	    postcode = '".$_POST['postcode']."',
	    aboutcompany = '".$_POST['aboutcompany']."',
  country = '".$_POST['country']."'";
    $result = mysql_query($sql) or die("An error occurred ".mysql_error());

   }
}
?>

Edited by justlukeyou
Link to comment
Share on other sites

Why aren't you populating the fields with the existing values?

 

How would you be able to tell if someone actually wanted to remove a value by clearing the field?

 

Hi,

 

Lets say someone got married and wanted to change their surname they would enter their new surname but my site currently deletes their first name. Im not sure how to say = "if blank do not update". Would this be the easiest step. Instead of reinserting what isn't changed?

 

The second point is very good. I could have "Delete Content" button next to each field but Im still stuck on how to update the database.

Link to comment
Share on other sites

Auto-populate your forms when editing. That way, if a user wants something deleted (if allowed), all they have to do if clear the field themselves.

 

Pseudo:

 

<form>
   <input type="text" name="last_name" value="<?php echo (!empty($last_name)) ? $last_name : ''; ?>"/>
</form>

 

Now, when they are at the edit stage, all their info will be pre-populated into the form and they can update whichever fields they wish.

Link to comment
Share on other sites

Thats a good idea. What Im currently doing is displaying the current content next to form so they can see the current content:

 

<input class="element_1" name="firstname" class="registerforminput" type="text" value="<?php if($_POST['firstname']) echo $_POST['firstname']; ?>" />

 

When I try to display the firstname with the following code nothing is displayed but it is displayed with the code above so I know their is content in the database. Is that because I am using POST and should be using something else?

 

<form>
    <input type="text" name="firstname" value="<?php echo (!empty($firstname)) ? $firstname : ''; ?>"/>
</form>

Link to comment
Share on other sites

Your form is a mess. You're querying the database many times to simply get a name or whatever for each table row.

 

Query the database one time:

 

<?php
$query = "SELECT * FROM users WHERE id = " . intval($_SESSION['userID']) . " LIMIT 1";
if ($result = mysql_query($query)) {
   if (mysql_num_rows($result) == 1) {
       $row = mysql_fetch_array($result);
       ?>
       <div class="updateinputcell">
           <li class="li_1" >
               <div class="forminputleft">
                   About Your Company:  <?php echo $row['category']; ?>
               </div>
           <div class="forminputright">
               <textarea class="element_2" name="aboutcompany" class="element textarea medium" value="<?php echo (!empty($row['aboutcompany'])) ? $row['aboutcompany'] : ''; ?>"><textarea>
           </div> 
           </li>
       </div>

       <!-- CONTINUE WITH REST OF FORM -->

       <?php
   }
}

 

This simply pre-populates the form based on the user data from the db.  However, depending on whether an application has proper error-handling, and let's assume it does, you will want to check if any $_POST data exists which will trump the user table data.  Imagine editing numerous parts of a form only to have all your changes reset back to how it was when you started all because you accidentally put an integer in a string-only field.  In a case like that, you would want to check if $_POST data is available to retain the user's current form state.  However, that's another thread altogether, I'm sure.

Edited by mrMarcus
Link to comment
Share on other sites

I not something that stops it from being updated.

 

 

<?php
if(empty($postcode)) {
do not update;
}
?>

 

<?php
// You can keep adding if you want but this a very basic way
if(empty($one_variable) || empty($second_variable) || empty($keep_going)) {
echo "You left some blank";
} else {
// update the database
}
?>

Link to comment
Share on other sites

Your right, I should tidy that up.

 

When I try this it echoes the HTML following this part

 

$row['aboutcompany'] : ''; ?>">

 

So this whats being displayed

 

<textarea>

</div>

</li>

</div>

 

 

 

 

 

<!-- CONTINUE TO REST OF FORM -->

 

 

 

 

"><textarea>

</div>

</li>

</div>

 

</div>

</div>

</div>

 

 

<div class="registerinfobenefitsright">

</div>

</div>

<div class="aside">

 

</div>

 

 

 

 

 

 

 

 

 

</body>

</html>

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.