$_POST problem (I think)

[stevet70]

I'm attempting to develop a series of pages which display text from a database and have an edit button. When you click on the edit button the text becomes editable (using TinyMCE).

 

The code for editing / updating the text works when used in isolation. The code for including the edit button and switching to an editable version of the page also works.

 

The problem is, used together, when you click on edit and update the text it isn't actually updating the text in the database - it just gives you what was there originally.

 

Here's what I have above the doctype to set up the edit / preview button

 

<?php

// process the script only if the form has been submitted

if (array_key_exists('edit', $_POST)) {

// start the session

session_start();

$_SESSION['authenticated'] = 'Edit';

}

// if the session variable has been set, show editable content

if (isset($_SESSION['authenticated'])) {

$view = 'Editable';

}

// if the session variable hasn't been set, leave as preview

else {

$view = 'Preview';

}

?>

 

Then in the body I first include the edit button

 

<?php

if ($view == 'Preview') {

include('edit_button.php');

}

?>

 

followed by the database connection and the options for regular or editable versions of the text

 

<?php include('db_connect.php'); ?>

 

<?php

if ($view == 'Preview') {

include('db_preview.php');

}

else {

include('db_edit.php');

}

?>

 

the code in db_edit.php is as follows:

 

<?php

if (isset($_POST['text'])):

// The text have been updated.

$text = $_POST['text'];

$sql = "UPDATE page_text SET text='$text' WHERE id='$id'";

if (@mysql_query($sql)) {

echo $text;

mysql_close();

} else {

echo '<p>Error updating text: ' .

mysql_error() . '</p>';

}

else: // Allow the user to edit text

$page_text = @mysql_query(

"SELECT text FROM page_text WHERE id=\"$id\"");

if (!$page_text) {

exit('<p>Error fetching text: ' .

mysql_error() . '</p>');

}

$page_text = mysql_fetch_array($page_text);

$text = $page_text['text'];

 

// Convert special characters for safe use

// as HTML attributes.

$text = htmlspecialchars($text);

?>

 

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

<label>

<textarea id="elm1" name="text" cols="50" rows="10"><?php echo $text; ?></textarea>

</label><br />

<input type="submit" value="SUBMIT" />

</form>

<?php endif; ?>

 

 

Strangely, if I remove the if / else statement for which version of the text to display and just include db_edit.php, I can update the text and click on submit - which then displays the updated text along with the edit button. I can then click on edit to go back to the editable version and make further changes. I do however suspect that what's happening here is that the edit button is just reloading the page rather than doing anything more interesting!

 

My guess is that by having 2 bits of code that rely on different $_POST statements (for two different form buttons) there's a clash and they aren't being differentiated between?

But if that is the case I don't know how to get around it

 

Any ideas?

 

many thanks

[farkewie]

Hi,

 

Firstly please use the code tags to post code.. its the "#" button at the top.

 

Ok now thats out of the way.. Firstly dont use the @ to supress errors on your mysql querys. if something is wrong you need to see it. you can use catch yor errors with "if" statments to make them look "clean" if something goes wrong.

 

now this is you updating SQL query

 

<?php $sql = "UPDATE page_text SET text='$text' WHERE id='$id'"; ?>  

 

From what i can see $id has not been defined anywhere. Maybe you should have someting like

 

<?php $sql = "UPDATE page_text SET text='$text' WHERE id=' " . $_POST['id'] . " '"; ?>

This will only work if you pass the id through the form.

 

Hope this helps.

[stevet70]

thanks for the tips

 

I've removed the @ symbols and tried it again, still not getting any errors, but also still not doing what I want it to.

 

Although I didn't include it, as I've only shown the main chunks of code, $id is defined and is working as expected to display the correct chunk of text from the database.

 

What seems to be happening is that because I set up a session above the doctype (as you have to?) which includes a $_POST, both the Edit button it was designed to work with and the Submit button that it wasn't are both doing the same thing.

 

So my problem seems to be, how can I have a button on the page which switches the text displayed from being not editable to editable as well as there then being a Submit button that submits the edited text to the database?