Jakebert Posted October 3, 2009 Share Posted October 3, 2009 Hi. Another problem for all of you smarties So here's list_comments.php, it lists all the user's comments from the DB: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Comments</title> </head> <body> <?php //DB connection mysql_connect("localhost", "jeidinger_jake", "jak20a") or die(mysql_error()); mysql_select_db("jeidinger_site") or die(mysql_error()); include_once ("auth.php"); include_once ("authconfig.php"); include_once ("check.php"); if ($check['level'] > 5) { print "<font face='Arial' size='5' color='#FF0000'>"; print "<b>Illegal Access</b>"; print "</font><br>"; print "<font face='Verdana' size='2' color='#000000'>"; print "<b>You do not have permission to view this page.</b></font>"; exit; // Stop script execution } $username=$_COOKIE['USERNAME']; $return = mysql_query("SELECT * FROM stored_comments WHERE user_id='$username'") or die(mysql_error()); echo'<table width="60%" border="1" cellspacing="0" cellpadding="0" bordercolor="#000000"> <tr> <td height="22" colspan="2" bgcolor="#CCCC00"> <div align="center"><b><font face="Arial, Helvetica, sans-serif" size="3">Comments</font></b></div> </td> </tr>'; while($row = mysql_fetch_array($return)) { echo '<form action="edit_comment.php" method="post">'; echo'<tr valign="top"> <td width="16%" bgcolor="#CCCCCC"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"> '; $student=$row['student_id']; echo $student; echo '<td width="84%"><font face="Verdana, Arial, Helvetica, sans-serif" size="2">'; $comment=$row['stored_comment']; echo $comment; echo '<input type="hidden" name="comment_id" value="'.$row['comment_id'].'" /> <input type="hidden" name="comment" value="'.$row['stored_comment'].'" /> <input type="hidden" name="student" value="'.$row['student_id'].'" />'; echo '</font></td>'; echo '<td><font face="Verdana, Arial, Helvetica, sans-serif" size="2">'; echo '<input type="submit" name="submit" value="Edit" />'; echo '</font></td></tr>'; echo '</form>'; } echo'</table>'; ?> <h5><a href=/members/index.php>Back to Swim Zone</a></h5> </body> </html> When you click the EDIT button next to a comment, it takes you to edit_comment.php, where the user can edit the comment and save it back to the DB. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Comments</title> </head> <body> <?php //DB connection mysql_connect("localhost", "jeidinger_jake", "jak20a") or die(mysql_error()); mysql_select_db("jeidinger_site") or die(mysql_error()); include_once ("auth.php"); include_once ("authconfig.php"); include_once ("check.php"); if ($check['level'] > 5) { print "<font face='Arial' size='5' color='#FF0000'>"; print "<b>Illegal Access</b>"; print "</font><br>"; print "<font face='Verdana' size='2' color='#000000'>"; print "<b>You do not have permission to view this page.</b></font>"; exit; // Stop script execution } $username=$_COOKIE['USERNAME']; if(isset($_POST['submit2'])) { $newcomment=$_POST['new_comment']; $commentid=$_POST['commentid']; $query = mysql_query("UPDATE stored_comments SET stored_comment='$newcomment' WHERE comment_id='$commentid'") or die(mysql_error()); echo '<h2> Comment Edited </h2> <h4><a href=list_comments.php>Return to List Comments</a><br /><br /> <a href=/members/index.php>Return to Swim Zone</a></h4>'; } else { echo '<h2>Comment Editor</h2> <h5>Comment ID:</h5>'; echo $_POST['comment_id']; echo '<br /><br /> <h5>Student Name:</h5>'; echo $_POST['student']; ?> <form action= <?php echo $_SERVER['PHP_SELF']; ?> method="post"> <textarea name="new_comment" cols="100" rows="15"> <?php echo $_POST['comment']; echo'</textarea>'; echo'<input type="hidden" name="commentid" value="$_POST[comment_id]" />'; echo' <br /><br /> <input type="submit" name="submit2" value="Edit!" /> </form>'; } ?> </body> </html> No errors, but when I save it, no changes are made to the DB. Why is this? Quote Link to comment https://forums.phpfreaks.com/topic/176351-solved-weirdnot-updating/ Share on other sites More sharing options...
Amtran Posted October 3, 2009 Share Posted October 3, 2009 <form action= <?php echo $_SERVER['PHP_SELF']; ?> method="post"> <textarea name="new_comment" cols="100" rows="15"> Needs to be... <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <textarea name="new_comment" cols="100" rows="15"> Quote Link to comment https://forums.phpfreaks.com/topic/176351-solved-weirdnot-updating/#findComment-929482 Share on other sites More sharing options...
PFMaBiSmAd Posted October 3, 2009 Share Posted October 3, 2009 Also, if you do a "view source" of the edit form in your browser, you will find that in the following line, $_POST[comment_id] did not get replaced with the actual value because the overall string is using single-quotes and variables are not parsed when in a single-quoted string - echo'<input type="hidden" name="commentid" value="$_POST[comment_id]" />'; Quote Link to comment https://forums.phpfreaks.com/topic/176351-solved-weirdnot-updating/#findComment-929485 Share on other sites More sharing options...
Jakebert Posted October 3, 2009 Author Share Posted October 3, 2009 Hmmm.... pretty such I fixed both of those problems, the comment_id is parsing fine (at least it's echoing on the edit page) but the changes still aren't registering in the DB. The code hasn't changed apart from the two minor changes already noted. Quote Link to comment https://forums.phpfreaks.com/topic/176351-solved-weirdnot-updating/#findComment-929494 Share on other sites More sharing options...
PFMaBiSmAd Posted October 3, 2009 Share Posted October 3, 2009 You need to change your code so that the UPDATE query string is being built in a variable (then just put that variable into the mysql_query() statement) so that you can echo out the actual query after it has been populated with the variables so that you can see exactly what it contains. Your code produced the expected query when I tried it, however I faked the values from the database. It might be that your actual values contain something that is preventing them from working after they have been passed through two different forms... You also need to use mysql_real_escape_string() on each piece of string data being put into every query to prevent any special characters in the data from breaking the syntax of the query and to help prevent sql injection. Quote Link to comment https://forums.phpfreaks.com/topic/176351-solved-weirdnot-updating/#findComment-929499 Share on other sites More sharing options...
Jakebert Posted October 3, 2009 Author Share Posted October 3, 2009 Bingo! It was a problem with the comment_id not carrying through to the SECOND form...aha... Thank you both! Quote Link to comment https://forums.phpfreaks.com/topic/176351-solved-weirdnot-updating/#findComment-929504 Share on other sites More sharing options...
redarrow Posted October 3, 2009 Share Posted October 3, 2009 Try that please...... <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" /> <title>Comments</title> </head> <body> <?php //DB connection $db=mysql_connect("localhost", "jeidinger_jake", "jak20a") or die(mysql_error()); $res=mysql_select_db("jeidinger_site",$db) or die(mysql_error()); include_once ("auth.php"); include_once ("authconfig.php"); include_once ("check.php"); if ($check['level'] > 5) { print "<font face='Arial' size='5' color='#FF0000'>"; print "<b>Illegal Access</b>"; print "</font><br>"; print "<font face='Verdana' size='2' color='#000000'>"; print "<b>You do not have permission to view this page.</b></font>"; exit; // Stop script execution } $username=$_COOKIE['USERNAME']; if(isset($_POST['submit2'])) { $newcomment=mysql_real_escape_string($_POST['new_comment']); $commentid=mysql_real_escape_string($_POST['commentid']); $sql= "UPDATE stored_comments SET stored_comment='$newcomment' WHERE comment_id='$commentid'"; $res1=mysql_query($sql) or die(mysql_error()); echo "<h2> Comment Edited </h2> <h4><a href='list_comments.php'>Return to List Comments</a><br /><br /> <a href=/members/index.php>Return to Swim Zone</a></h4>"; } else { echo "<h2>Comment Editor</h2> <h5>Comment ID:</h5>"; echo $_POST['comment_id']; echo "<br /><br /> <h5>Student Name:</h5>"; echo $_POST['student']; ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST"> <textarea name="new_comment" cols="100" rows="15"> <?php echo $_POST['comment']; echo"</textarea>"; echo"<input type='hidden' name='commentid' value='{$_POST['comment_id']}' />"; echo" <br /><br /> <input type='submit' name='submit2' value='Edit!' /> </form>"; } ?> </body> </html> solved dam i was getting there lol Quote Link to comment https://forums.phpfreaks.com/topic/176351-solved-weirdnot-updating/#findComment-929506 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.