11 replies to this topic

[beginPHP]

Noob here learning PHP with a MySQL database. I know that this isn't the best way to connect to a database and I should probably be using variables as well as stored procedures. I just want to make this functional then I will go back and learn how to make it more secure.

I've put a database together with 5 fields, id, author, title, date, body. id is the primary key set as autoincrement.

Currently I have a page that displays each row in the database and has an option at the bottom to add a new entry. I want to add the option to edit a current entry. I've spent the last 2 hours doing trial/error and reading forums and I don't really feel like I've made any headway.

My Main page

<?php
$con = mysql_connect("XXXXX","XXXXX","XXXXX");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("XXXXX", $con);
$result = mysql_query("SELECT * FROM news");
echo "<table border='1'>
<tr>
<th>ID</th>
<th>Author</th>
<th>Title</th>
<th>Date</th>
<th>Body</th>
</tr>";
while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['id'] . "</td>";
echo "<td>" . $row['author'] . "</td>";
echo "<td>" . $row['title'] . "</td>";
echo "<td>" . $row['date'] . "</td>";
echo "<td>" . $row['body'] . "</td>";
echo "<td><a href='file133.php?id=" . $row['id'] . "'>edit</a></td>";
echo "</tr>";
}
echo "</table>";

echo "<form action='file132.php' method='post'>
<table>
<tr><td>Author:</td><td> <input type='text' name='author'></td></tr>
<tr><td>Title:</td><td> <input type='text' name='title'></td></tr>
<tr><td>Body:</td><td> <input type='text' name='body' size='75'></td></tr>
<tr><td></td><td><input type='submit' value='Submit'></td></tr>
</table>
</form>";
mysql_close($con);
?>

Clicking Edit takes you to this page where you can enter in the new data

<?php
$con = mysql_connect("XXXXX","XXXXX","XXXXX");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

if (isset($_GET['id']) AND $_GET['id'] > 0)
{
mysql_select_db("XXXXX", $con);

echo "<form action='file134.php' method='post'>
<table>
<tr><td>Author:</td><td> <input type='text' name='author'></td></tr>
<tr><td>Title:</td><td> <input type='text' name='title'></td></tr>
<tr><td>Body:</td><td> <input type='text' name='body' size='75'></td></tr>
<tr><td></td><td><input type='submit' value='Submit'></td></tr>
</table>
</form>";
}
mysql_close($con);
?>

When you click submit it goes to this page. I know this code below is all wrong because it just displays the actual code from the 0) to the end. I just need some direction on how to make this functional.

<?php
$con = mysql_connect("XXXXX","XXXXX","XXXXX");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
if (isset($_GET['id']) AND $_GET['id'] > 0)
{
mysql_select_db("XXXXX", $con);

$mysql_query = "UPDATE news SET Author = '$_POST[author]', title = '$_POST[title]', date = NOW(),body = '$_POST[body]' WHERE id= $row['id'] ";
}
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "Record updated, click <a href='file130.php'>here</a> to return to the list of records.";
mysql_close($con);
?>

[Jessica]

PHP uses && for and.

However it sounds like your file may have gotten corrupt, it's weird to only have some of the PHP unless you're using short tags at some point. Is that the actual file or did you fix a typo when changing your credentials?

[DavidAM]

PHP uses && for and.

Actually, php has two operators for a logical "and". They are && and AND (not case sensitive). They do have different precedences, though. I always use "AND" because I like the way it looks. (I never did like the "&&" look in C and other languages). Since they have different precedences, and since I'm too lazy to remember the precedences, I always use parenthesis to group the exp<b></b>ressions:

if ( (isset($_GET['id'])) AND ($_GET['id'] > 0) )

Parenthesis are pretty cheap (I get them in bulk) so I don't worry about using too many.

I think the problem is that you are not passing the ID value from the edit form. You can either include it in the FORM ACTION

<form action='file134.php?id={$_GET[id]}' method='post'>

or add a hidden field to the form:

<input type=hidden value={$_GET[id]}>

(which will put it in $_POST instead of $_GET)

or (best practice) store it in a SESSION.

[Christian F.]

I don't agree with storing the ID in the session, as that will cause problems if you open up two (or more) forms at the same time. At the very least, you'd have to write extra logic to prevent that from happening, when you could simply fetch it along with the rest of the data. (Preferably the URL, as this is a unique resource on the server. Semantically speaking. )

As for the operator precedence: AND is the fourth last operator to be evaluated, before XOR, OR and , (in that order). While && and || comes before the assignment operators.
Which means: While you may need parenthesis around the different statements with the other two comparison operators, you will not need them when using the "worded" operators.

Anyway, enough with my digression for the day, and let's get back to the question at hand.

beginPHP: If you view the source code for the resulting page, I can guarantee you that you'll see the rest of the PHP code there. Reason you're not seeing it in the page, is that that browser thinks that it's all inside a HTML element, and thus tries to parse it (since it can't parse it, it just hides whatever is between the two < and > characters.
That tells me that your PHP file is not being parsed as PHP at all, but rather just read by the server (and sent to the client) as pure text.

So the questions becomes: What is the content of "file134.php", and how do you have your code read the contents of the PHP file you posted last? You'll find that the true problem lies there.

[Jessica]

beginPHP: If you view the source code for the resulting page, I can guarantee you that you'll see the rest of the PHP code there. Reason you're not seeing it in the page, is that that browser thinks that it's all inside a HTML element, and thus tries to parse it (since it can't parse it, it just hides whatever is between the two < and > characters.
That tells me that your PHP file is not being parsed as PHP at all, but rather just read by the server (and sent to the client) as pure text.

Duh. I can't believe I didn't see that.

Thanks to you and David for the lesson on AND. I always forget about it.

[beginPHP]

I haven't gotten into SESSIONs yet, I just wanted to get this functional then I planned on reading up and making it more secure later. 

 

 

beginPHP: If you view the source code for the resulting page, I can guarantee you that you'll see the rest of the PHP code there. Reason you're not seeing it in the page, is that that browser thinks that it's all inside a HTML element, and thus tries to parse it (since it can't parse it, it just hides whatever is between the two < and > characters.
That tells me that your PHP file is not being parsed as PHP at all, but rather just read by the server (and sent to the client) as pure text.

So the questions becomes: What is the content of "file134.php", and how do you have your code read the contents of the PHP file you posted last? You'll find that the true problem lies there.

 

 

 

 

Sorry for the delayed response, I'm not getting email updates for replies... I must have changed it and forgot. 

 

file134.php content

<?php
$con = mysql_connect("XXXXX","XXXXX","XXXXX");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
if (isset($_GET['id']) AND $_GET['id'] > 0)
{
mysql_select_db("XXXXX", $con);

$mysql_query = "UPDATE news SET Author = '$_POST[author]', title = '$_POST[title]', date = NOW(),body = '$_POST[body]' WHERE id= $row['id'] ";
}
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "Record updated, click <a href='file130.php'>here</a> to return to the list of records.";
mysql_close($con);
?>

 

I'm not sure how I have the code read the previous PHP file... 

[beginPHP]

I think I found the issue but not sure how to solve it... and frankly I think it's best I just start over. lol

 

The greater than sign in this bit of code

if ( (isset($_GET['id'])) AND ($_GET['id'] > 0) )

is beign recognized as the closing of <?php.  What would cause that?  I am using IE9 and Chrome.  Chrome displays the entire page as text. 

[Christian F.]

No, the problem is, as I've mentioned above, that the PHP file does not get parsed as a PHP file by the server. The browser should never be sent PHP code, as it is the server's responsibility to handle it.
You need to figure out why the file isn't being parsed as PHP. Talking with your host might be a good start, if you don't know how to do this on your own.

[haku]

That's right. It's not seeing the closing > as a closing PHP tag, it's seeing it as a closing HTML tag (with the opening < being in the opening php tag)

[beginPHP]

If it were an issue with my hosting wouldn't all .php files have this issue? All the other files work fine

[Christian F.]

*Sigh* I did not say that your hosting is the issue. I said that talking to your host might be good idea, to find out why that one file isn't parsed as PHP, if you do not know how to do this on your own.

Please take the time to actually read what we're writing, and make sure you've read it correctly. Skipping stuff and jumping to conclusions is not conductive to proper programming, as that's a nice way to create misunderstandings and thus bugs.
Sometimes spending a little bit more time in advance, can save you a whole of time later down the road.

[beginPHP]

Wow... sorry I misunderstood your post O'mighty genius... No reason to be a douche bag.  *Sigh* Maybe you need to rethink how you try to explain things to a noob trying to learn a new language so you don't sound like such a prick.  I can see this is getting nowhere, I'll just find a better forum to get an answer... thank you for your input everyone

Edited by beginPHP, 04 March 2013 - 01:49 PM.