halfpint Posted April 22, 2008 Share Posted April 22, 2008 Hi I am not a php coder and only know bits and bobs which I have picked up I have a problem with isset($_POST I have edited this <? include 'header.php'; if (isset($_POST['submit'])) { $avatar = $_POST["avatar"]; $quote = $_POST["quote"]; $banner = $_POST["banner"]; $sig = $_POST["sig"]; //insert the values if (!isset($message)){ $result= mysql_query("UPDATE `grpgusers` SET `avatar`='".$avatar."', `quote`='".$quote."' WHERE `id`='".$user_class->id."'"); $result= mysql_query("UPDATE `grpgusers` SET `banner`='".$banner."', `sig`='".$sig."' WHERE `id`='".$user_class->id."'"); echo Message('Your preferences have been saved.'); die(); } } to this so that they do not update all at the same time when a user sumbmits <? include 'header.php'; if (isset($_POST['submit'])) { if (isset($_POST['avatar'])){ $result = mysql_query("UPDATE `grpgusers` SET `avatar`='".$avatar."', WHERE `id`='".$user_class->id."'"); } if (isset($_POST['quote'])){ $result = mysql_query("UPDATE `grpgusers` SET `quote`='".$quote."', WHERE `id`='".$user_class->id."'"); } if (isset($_POST['banner'])){ $result = mysql_query("UPDATE `grpgusers` SET `banner`='".$banner."', WHERE `id`='".$user_class->id."'"); } if (isset($_POST['sig'])){ $result = mysql_query("UPDATE `grpgusers` SET `sig`='".$sig."', WHERE `id`='".$user_class->id."'"); } //insert the values echo Message('Your preferences have been saved.'); die(); } ?> but now the users can not use the forms to submit anything Does anybody know if this will work or why it is not working as I want the forms to be independant of each other so they do not update at the same time Thanks Quote Link to comment Share on other sites More sharing options...
hitman6003 Posted April 22, 2008 Share Posted April 22, 2008 What is the name of the "submit" button on the form? For example: <input type="submit" name="this_is_what_I_want" value="Submit" /> That value is what shoule be in your if statement...in this example: if (isset($_POST['this_is_what_I_want'])) { ... } Quote Link to comment Share on other sites More sharing options...
dptr1988 Posted April 22, 2008 Share Posted April 22, 2008 Your need code does does not take the values from the $_POST variable like they should Example: // BAD "UPDATE `grpgusers` SET `avatar`='".$avatar."', WHERE `id`='".$user_class->id."'" // GOOD "UPDATE `grpgusers` SET `avatar`='".$_POST['avatar']."', WHERE `id`='".$user_class->id."'" Quote Link to comment Share on other sites More sharing options...
halfpint Posted April 22, 2008 Author Share Posted April 22, 2008 What is the name of the "submit" button on the form? For example: <input type="submit" name="this_is_what_I_want" value="Submit" /> That value is what shoule be in your if statement...in this example: if (isset($_POST['this_is_what_I_want'])) { ... } Thanks is this what you are asking for tr><td class="contentcontent"> <form name='login' method='post'> <table width='100%' border='0' align='center' cellpadding='0' cellspacing='0'> <tr> <td height='28'><font size='2' face='verdana'>Banner Image Location </font></td> <td><font size='2' face='verdana'> <input type='text' name='banner' value='<?= $user_class->banner ?>'> </font></td> </tr> <tr> <tr> <td height='28' align="right"><font size='2' face='verdana'>Quote </font></td> <td><font size='2' face='verdana'> <input type='text' name='sig' value='<?= $user_class->sig ?>'> </font></td> </tr> <td> </td> <td><font size='2' face='verdana'> <input type='submit' name='submit' value='Save Preferences'> Quote Link to comment Share on other sites More sharing options...
halfpint Posted April 22, 2008 Author Share Posted April 22, 2008 Your need code does does not take the values from the $_POST variable like they should Example: // BAD "UPDATE `grpgusers` SET `avatar`='".$avatar."', WHERE `id`='".$user_class->id."'" // GOOD "UPDATE `grpgusers` SET `avatar`='".$_POST['avatar']."', WHERE `id`='".$user_class->id."'" If I change them to the above "good" will it work? Quote Link to comment Share on other sites More sharing options...
dptr1988 Posted April 22, 2008 Share Posted April 22, 2008 Yes, that was the only error I found in the code, and that is why I think it was not working. Quote Link to comment Share on other sites More sharing options...
halfpint Posted April 22, 2008 Author Share Posted April 22, 2008 Yes, that was the only error I found in the code, and that is why I think it was not working. thank you so it should look like this if (isset($_POST['avatar'])){ $result = mysql_query("UPDATE `grpgusers` SET `avatar`='".$_POST['avatar']."', WHERE `id`='".$user_class->id."'"); Quote Link to comment Share on other sites More sharing options...
dptr1988 Posted April 22, 2008 Share Posted April 22, 2008 Yes, that looks correct. Quote Link to comment Share on other sites More sharing options...
halfpint Posted April 22, 2008 Author Share Posted April 22, 2008 Yes, that looks correct. Thank you very much for your help I really appreciate it Wish I had found this forum earlier Quote Link to comment Share on other sites More sharing options...
halfpint Posted April 22, 2008 Author Share Posted April 22, 2008 Gave it a go but unfortunately it still wont work I am wondering if has anything to do with this in the classes.php and this code $this->quote = $worked['quote']; $this->avatar = $worked['avatar']; $this->banner = $worked['banner']; $this->sig = $worked['sig']; I dont understand why it wont work if I try and seperate the submit forms Im really stumped now Quote Link to comment Share on other sites More sharing options...
DyslexicDog Posted April 22, 2008 Share Posted April 22, 2008 thank you so it should look like this if (isset($_POST['avatar'])){ $result = mysql_query("UPDATE `grpgusers` SET `avatar`='".$_POST['avatar']."', WHERE `id`='".$user_class->id."'"); REMEMBER TO SANITIZE YOUR INCOMING VARIABLES! Please read about mysql_real_escape_string http://us2.php.net/mysql_real_escape_string Quote Link to comment Share on other sites More sharing options...
halfpint Posted April 22, 2008 Author Share Posted April 22, 2008 thank you so it should look like this if (isset($_POST['avatar'])){ $result = mysql_query("UPDATE `grpgusers` SET `avatar`='".$_POST['avatar']."', WHERE `id`='".$user_class->id."'"); REMEMBER TO SANITIZE YOUR INCOMING VARIABLES! Please read about mysql_real_escape_string http://us2.php.net/mysql_real_escape_string Hi thanks I have now got it working with the help of some other webmasters The code that worked was this <? include 'header.php'; if($_POST['form_type'] == 'avatarquote') { $avatar = $_POST["avatar"]; $quote = $_POST["quote"]; $result= mysql_query("UPDATE `grpgusers` SET `avatar`='".$avatar."', `quote`='".$quote."' WHERE `id`='".$user_class->id."'"); echo 'Your preferences have been saved.'; die(); } elseif($_POST['form_type'] == 'bannersig') { $banner = $_POST["banner"]; $sig = $_POST["sig"]; $result= mysql_query("UPDATE `grpgusers` SET `banner`='".$banner."', `sig`='".$sig."' WHERE `id`='".$user_class->id."'"); echo 'Your preferences have been saved.'; die(); } I have also been talking to another guy who is helping me to stop users from injecting code in to mysql Thanks for all your help Im a happy bunny now..lol Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.