Nexy Posted June 3, 2008 Share Posted June 3, 2008 Why Hello There! This isn't a mysql problem as I see it. But with this code: <?php $title = $_POST['title']; $news = $_POST['idedit']; $id = $_GET['id']; if($_POST['editnews']) { if(!empty($title) && !empty($news)) { mysql_query("UPDATE news SET subject='$title', news='$news' WHERE id='$id'"); } } echo "<form action='#' method='post'> <fieldset id='account'> <legend>You can edit news in here:</legend>"; if($_SESSION['id'] == 3 && $_SESSION['username']) { $nsql = "SELECT id, user, subject FROM news WHERE user = '".$_SESSION['username']."'"; } else if($_SESSION['id'] == 3 && $_COOKIE['user']) { $nsql = "SELECT id, user, subject FROM news WHERE user = '".$_COOKIE['user']."'"; } if($_SESSION['id'] == 5 && $_SESSION['username']) { $nsql = "SELECT id, user, subject FROM news WHERE id > 0"; } else if($_SESSION['id'] == 5 && $_COOKIE['user']) { $nsql = "SELECT id, user, subject FROM news WHERE id > 0"; } $nres = mysql_query($nsql) OR die(mysql_error()); while($edit = mysql_fetch_array($nres)) { echo "<div id='edit'>"; echo $edit['id'] . ". "; echo "[" . $edit['user'] . "] "; echo "<a href='index.php?page=Account&do=editnews&id="; echo $edit['id']; echo "'>"; echo $edit['subject'] . "</a>"; echo "</div>"; } $esql = "SELECT news, subject FROM news WHERE id = '$id'"; $eres = mysql_query($esql) OR die(mysql_error()); echo "<p style='color: white'>While editing, you must insert "<br />" for it show as a new line.</p>"; while($editid = mysql_fetch_array($eres)) { echo "<label for='title'>Title:</label> <input type='text' id='title' name='title' tabindex='6' value='"; echo $editid['subject']; echo "' style='width: 200px' /><br /><br />"; echo "<label for='idedit'>Edit News:</label><br />"; echo "<textarea id='idedit' name='idedit' rows='15' cols='60' tabindex='7'>"; echo $editid['news']; echo "</textarea><br /><br />"; echo "<input type='submit' id='editnews' name='editnews' value='Edit News' tabindex='8' /> <input type='reset' value='Clear News' tabindex='9' />"; } echo "</fieldset> </form>"; ?> The form buttons, Reset and Submit don't seem to work. If there is any problem with the php, I'm guessing it would be the while statement? Everything comes up correctly, the links work fine and the values are outputted perfectly. Just reset and submit are giving me problems. Hope someone can help. Thank You! Quote Link to comment https://forums.phpfreaks.com/topic/108559-update-fields-in-mysql/ Share on other sites More sharing options...
.josh Posted June 3, 2008 Share Posted June 3, 2008 what exactly do you mean by "it doesn't work?" You say that all your variables are being populated, so I don't really understand how your submit button isn't working... but, some potential problem areas I see are: - your very first update in that script (the one inside the nested condition) uses $id in the where clause. But your condition doesn't check if it exists. But you say that all of your variables are being populated...right...? Also I see you using $id later on in your script. Seems a lot of your script hinges on the fact that $_GET['id'] exists, for selecting info to be displayed..well if no info is being displayed, then are you SURE that it exists? - I see you using session variables but no session_start() you need that at the top of your script if you expect to make use of them...unless this file is being included in some other file that has it? Also you need to sanitize your variables. You're just taking them and throwing them right into your queries like that; that's a huge sql injection vulnerability. Quote Link to comment https://forums.phpfreaks.com/topic/108559-update-fields-in-mysql/#findComment-556669 Share on other sites More sharing options...
Nexy Posted June 3, 2008 Author Share Posted June 3, 2008 Hello, when I say it doesn't work, I mean when I click Submit, it doesn't update, when I click Clear, it doesn't clear the input or the textarea fields. Yes, all of the variables are being populated. Also, I know I didn't check if $id exists, I was just testing this to see if it would update, since right now, after you click the link generated on this line: echo "<a href='index.php?page=Account&do=editnews&id="; echo $edit['id']; It will show the text field, textarea, and form buttons, since id will exists then. If id does not exists then it will not show those input fields. Yes, this script is being included. So the session_start() is before <html> as it should be. Thank you for reminding me about sanitizing my variables, I totally forgot about that. Hope my explanation helps a bit more. Thank You! Quote Link to comment https://forums.phpfreaks.com/topic/108559-update-fields-in-mysql/#findComment-556673 Share on other sites More sharing options...
Nexy Posted June 3, 2008 Author Share Posted June 3, 2008 It wouldn't let me edit the above post, but I was messing around with it and found out that: - If I edit the textarea and title values then click clear, it goes back to the original value, when it should go blank. So I'm guessing Submit is working, but the original value is just being sent back to the fields in mysql, not what you changed. Any ideas from this? Thank You! Quote Link to comment https://forums.phpfreaks.com/topic/108559-update-fields-in-mysql/#findComment-556682 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.