Jump to content

Recommended Posts

Hi

I'm new to PHP (also my first programming language) and am following a tutorial on Lynda.com. I'm having problems with an example page and am hoping someone here might have an idea/suggestion.

 

I'm building a very basic CMS. I've created a page that can add new information into a database, but when I added an error check the page it caught something and no longer worked. Important note here: the page was working fine without any php error messages, but once I put in a validator it's caught up on something. It's been two days of searching and researching and I can't figure it out.

 

I believe this is what's catching an error:

 

if (!empty($errors)) {
	redirect_to("new_subject.php");
}

 

Instead of redirecting I thought maybe I could print the error using the code below, but then the page just ends up working again (or not getting stuck):

if (!empty($errors)) {
	echo($errors);
}

 

Below I've included the page and the functions page. Really appreciate the help:

 

PAGE

<?php require_once("inc/dbconnection.php"); ?>
<?php require_once("inc/functions.php"); ?>
<?php 
$errors = array();

// Form Validation
$required_fields = array('menu name', 'position', 'visible');
foreach($required_fields as $fieldname) {
	if (!isset($_POST[$fieldname]) || empty($_POST[$fieldname])) {
		$errors[] = $fieldname;	
	}
}

$fields_with_lengths = array('menu_name' => 30);
foreach($fields_with_lengths as $fieldname => $maxlength ) {
	if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { 
	$errors[] = $fieldname; }
}

if (!empty($errors)) {
	redirect_to("new_subject.php");
}
?>
<?php 
$menu_name = mysql_prep($_POST['menu_name']);
$position = mysql_prep($_POST['position']);
$visible = mysql_prep($_POST['visible']);
?>

<?php 
$query = "INSERT INTO subjects (
	menu_name, position, visible
	) VALUES (
		'{$menu_name}', {$position}, {$visible} 
	)";
$result = mysql_query($query, $connection);
if ($result) {
	// Success
	header("Location: content.php");
	exit;
} else {
	// Display error message.
	echo "<p>Subject creation failed.</p>";
	echo "<p>" . mysql_error() . "</p>";
}


?>

<?php mysql_close($connection); ?>

 

FUNCTIONS

<?php 

// This file is the place to store all basic functions

function mysql_prep( $value ) {
         $magic_quotes_active = get_magic_quotes_gpc();
         $new_enough_php = function_exists( "mysql_real_escape_string" ); // i.e. PHP >= v4.3.0
        if( $new_enough_php ) { // PHP v4.3.0 or higher
             // undo any magic quote effects so mysql_real_escape_string can do the work
             if( $magic_quotes_active ) { $value = stripslashes( $value ); }
             $value = mysql_real_escape_string( $value );
         } else { // before PHP v4.3.0
             // if magic quotes aren't already on then add slashes manually
             if( !$magic_quotes_active ) { $value = addslashes( $value ); }
             // if magic quotes are active, then the slashes already exist
         }
         return $value;
     }

function redirect_to( $location = NULL ) {
if ($location != NULL) {
	header("Location: {$location}");
	exit;
}
}


function confirm_query($result_set) {
if (!$result_set) {
	die("Database connection failed: " . mysql_error());
	}
// don't need return unless the statement is true
}

// Perform database query
//subjects function	
function get_all_subjects() {
global $connection; // have to pass in argument (or drop $connection below)
$query = "SELECT * 
		FROM subjects 
		ORDER BY position ASC";
$subject_set = mysql_query($query, $connection);  // automatically pulling from $connection
confirm_query($subject_set); // function
return $subject_set; 	// because it's a function have to return out a value
}

//pages function
function get_pages_for_subject($subject_id) {
global $connection;
$query = "SELECT * 
			FROM pages 
			WHERE subject_id= {$subject_id} 
			ORDER BY position ASC"; // okay for "query" to be reused because 1st query has already been executed

$page_set = mysql_query($query, $connection); //choosing only pages from the respective row
confirm_query($page_set);
return $page_set;
}

function get_subject_by_id($subject_id) {
global $connection;
$query = "SELECT * "; 	// building query string - allows to comment out for testing during dev, if/then statements, etc
$query .= "FROM subjects "; 
$query .= "WHERE id=" . $subject_id ." "; // need space after each value
$query .= "LIMIT 1"; // only want one row
$result_set = mysql_query($query, $connection);
confirm_query($result_set);
if ($subject = mysql_fetch_array($result_set)) { // fetch array only grabbing the one row (the single subject) instead of returning an entire container
return $subject;
} else {
	return NULL; // set up if/else because if no rows are returned we want fetch_array to return false (not show anything)
	}
}

function get_page_by_id($page_id) {
global $connection;
$query = "SELECT * "; 	// building query string - allows to comment out for testing during dev, if/then statements, etc
$query .= "FROM pages "; 
$query .= "WHERE id=" . $page_id; // need space after each value
$query .= " LIMIT 1"; // only want one row
$result_set = mysql_query($query, $connection);
confirm_query($result_set);
if ($page = mysql_fetch_array($result_set)) { // fetch array only grabbing the one row (the single subject) instead of returning an entire container
return $page;
} else {
	return NULL; // set up if/else because if no rows are returned we want fetch_array to return false (not show anything)
	}
}

function find_selected_page() {
// Capturing the values that were set to the URL string in the content area
	global $sel_subject; // passing the values so subject and page are available once exited out of this function
	global $sel_page;
	if (isset($_GET['subj'])) {	
		$sel_subject = get_subject_by_id($_GET['subj']); // check within superglobal for value
		$sel_page = NULL; 
	} elseif (isset($_GET['page'])) {
		$sel_subject = NULL;
		$sel_page = get_page_by_id($_GET['page']);
	} else { // if neither are set
		$sel_subject = NULL;
		$sel_page = NULL; 
	}
}

function navigation($sel_subject, $sel_page) {
$output = "<ul class=\"subjects\">";
$subject_set = get_all_subjects(); 
//subjects
while ($subject = mysql_fetch_array($subject_set)) {
	$output .= "<li"; 
		if ($subject["id"] == $sel_subject['id']) { $output .= " class=\"selected\""; }
	$output .= "><a href=\"content.php?subj=" . urlencode($subject["id"]) . "\">{$subject["menu_name"]}</a></li>"; //sending values to the URL string

	//pages
	$page_set = get_pages_for_subject($subject["id"]);	
	$output .= "<ul class=\"pages\">";
	while ($page = mysql_fetch_array($page_set)) {
		$output .= "<li";
		if ($page["id"] == $sel_page['id']) { $output .= " class=\"selected\""; }
		$output .= "><a href=\"content.php?page=" . urlencode($page["id"]) . "\">{$page["menu_name"]}</a></li>";
	}	
	$output .= "</ul>";
}	
	$output .= "</ul>";
return $output;
}	

?>

 

Link to comment
https://forums.phpfreaks.com/topic/183507-basic-cms-script-help/
Share on other sites

I don't see a problem at first glance. You say that when you take out that if statement then it works fine? What do you mean by "caught something"? Is there an error on the page? Blank page? what exactly is happening?

 

try adding

error_reporting(E_ALL);
ini_set("display_errors", 1);

to the beginning of your page. That will display any errors that may be happening

 

One thing to consider, you are using headers, and when using header's you can't have any output on the page. THis means any whitespace, html tags, etc. So make sure there is no output up to that error check line

What's happening exactly is when I try to add data to the database via this page it redirects me to new_subject.php (the page called out in the error redirect_to) instead of posting to the database. I don't understand why it would do this other than the validation code is finding an error somewhere, is that not true? Like I said it's working fine without the validation and I would remove it except that I need to later build upon the validation code in order to prevent users from trying to submit a blank field into the database.

 

Regarding headers/output -- is it possible the functions page which is being called is adding whitespace? I've removed all whitespace from the page I included, but that didn't change anything. Also, I already turned on error reporting in php.ini and that's been functioning fine.

If you are getting no header errors, than your header usage is fine. If it's redirecting, its not a header issue, so you don't have to worry about that. Didn't know that the page was redirecting, or I wouldn't have even mentioned it.

 

One thing I noticed

$required_fields = array('menu name', 'position', 'visible');

in the variable below, you put "menu_name". should the above line be

$required_fields = array('menu_name', 'position', 'visible');

?

 

 

 

WOW.

That was it, thanks Mikesta!

Can I ask you how you found that? Without the error report I had no idea where to look to find something like that, which forced me to go through every function and every line of code many times over the past couple days, which really sucked.

Thanks again!

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.