geebee Posted December 1, 2009 Share Posted December 1, 2009 Hi I'm new to PHP (also my first programming language) and am following a tutorial on Lynda.com. I'm having problems with an example page and am hoping someone here might have an idea/suggestion. I'm building a very basic CMS. I've created a page that can add new information into a database, but when I added an error check the page it caught something and no longer worked. Important note here: the page was working fine without any php error messages, but once I put in a validator it's caught up on something. It's been two days of searching and researching and I can't figure it out. I believe this is what's catching an error: if (!empty($errors)) { redirect_to("new_subject.php"); } Instead of redirecting I thought maybe I could print the error using the code below, but then the page just ends up working again (or not getting stuck): if (!empty($errors)) { echo($errors); } Below I've included the page and the functions page. Really appreciate the help: PAGE <?php require_once("inc/dbconnection.php"); ?> <?php require_once("inc/functions.php"); ?> <?php $errors = array(); // Form Validation $required_fields = array('menu name', 'position', 'visible'); foreach($required_fields as $fieldname) { if (!isset($_POST[$fieldname]) || empty($_POST[$fieldname])) { $errors[] = $fieldname; } } $fields_with_lengths = array('menu_name' => 30); foreach($fields_with_lengths as $fieldname => $maxlength ) { if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; } } if (!empty($errors)) { redirect_to("new_subject.php"); } ?> <?php $menu_name = mysql_prep($_POST['menu_name']); $position = mysql_prep($_POST['position']); $visible = mysql_prep($_POST['visible']); ?> <?php $query = "INSERT INTO subjects ( menu_name, position, visible ) VALUES ( '{$menu_name}', {$position}, {$visible} )"; $result = mysql_query($query, $connection); if ($result) { // Success header("Location: content.php"); exit; } else { // Display error message. echo "<p>Subject creation failed.</p>"; echo "<p>" . mysql_error() . "</p>"; } ?> <?php mysql_close($connection); ?> FUNCTIONS <?php // This file is the place to store all basic functions function mysql_prep( $value ) { $magic_quotes_active = get_magic_quotes_gpc(); $new_enough_php = function_exists( "mysql_real_escape_string" ); // i.e. PHP >= v4.3.0 if( $new_enough_php ) { // PHP v4.3.0 or higher // undo any magic quote effects so mysql_real_escape_string can do the work if( $magic_quotes_active ) { $value = stripslashes( $value ); } $value = mysql_real_escape_string( $value ); } else { // before PHP v4.3.0 // if magic quotes aren't already on then add slashes manually if( !$magic_quotes_active ) { $value = addslashes( $value ); } // if magic quotes are active, then the slashes already exist } return $value; } function redirect_to( $location = NULL ) { if ($location != NULL) { header("Location: {$location}"); exit; } } function confirm_query($result_set) { if (!$result_set) { die("Database connection failed: " . mysql_error()); } // don't need return unless the statement is true } // Perform database query //subjects function function get_all_subjects() { global $connection; // have to pass in argument (or drop $connection below) $query = "SELECT * FROM subjects ORDER BY position ASC"; $subject_set = mysql_query($query, $connection); // automatically pulling from $connection confirm_query($subject_set); // function return $subject_set; // because it's a function have to return out a value } //pages function function get_pages_for_subject($subject_id) { global $connection; $query = "SELECT * FROM pages WHERE subject_id= {$subject_id} ORDER BY position ASC"; // okay for "query" to be reused because 1st query has already been executed $page_set = mysql_query($query, $connection); //choosing only pages from the respective row confirm_query($page_set); return $page_set; } function get_subject_by_id($subject_id) { global $connection; $query = "SELECT * "; // building query string - allows to comment out for testing during dev, if/then statements, etc $query .= "FROM subjects "; $query .= "WHERE id=" . $subject_id ." "; // need space after each value $query .= "LIMIT 1"; // only want one row $result_set = mysql_query($query, $connection); confirm_query($result_set); if ($subject = mysql_fetch_array($result_set)) { // fetch array only grabbing the one row (the single subject) instead of returning an entire container return $subject; } else { return NULL; // set up if/else because if no rows are returned we want fetch_array to return false (not show anything) } } function get_page_by_id($page_id) { global $connection; $query = "SELECT * "; // building query string - allows to comment out for testing during dev, if/then statements, etc $query .= "FROM pages "; $query .= "WHERE id=" . $page_id; // need space after each value $query .= " LIMIT 1"; // only want one row $result_set = mysql_query($query, $connection); confirm_query($result_set); if ($page = mysql_fetch_array($result_set)) { // fetch array only grabbing the one row (the single subject) instead of returning an entire container return $page; } else { return NULL; // set up if/else because if no rows are returned we want fetch_array to return false (not show anything) } } function find_selected_page() { // Capturing the values that were set to the URL string in the content area global $sel_subject; // passing the values so subject and page are available once exited out of this function global $sel_page; if (isset($_GET['subj'])) { $sel_subject = get_subject_by_id($_GET['subj']); // check within superglobal for value $sel_page = NULL; } elseif (isset($_GET['page'])) { $sel_subject = NULL; $sel_page = get_page_by_id($_GET['page']); } else { // if neither are set $sel_subject = NULL; $sel_page = NULL; } } function navigation($sel_subject, $sel_page) { $output = "<ul class=\"subjects\">"; $subject_set = get_all_subjects(); //subjects while ($subject = mysql_fetch_array($subject_set)) { $output .= "<li"; if ($subject["id"] == $sel_subject['id']) { $output .= " class=\"selected\""; } $output .= "><a href=\"content.php?subj=" . urlencode($subject["id"]) . "\">{$subject["menu_name"]}</a></li>"; //sending values to the URL string //pages $page_set = get_pages_for_subject($subject["id"]); $output .= "<ul class=\"pages\">"; while ($page = mysql_fetch_array($page_set)) { $output .= "<li"; if ($page["id"] == $sel_page['id']) { $output .= " class=\"selected\""; } $output .= "><a href=\"content.php?page=" . urlencode($page["id"]) . "\">{$page["menu_name"]}</a></li>"; } $output .= "</ul>"; } $output .= "</ul>"; return $output; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/183507-basic-cms-script-help/ Share on other sites More sharing options...
mikesta707 Posted December 1, 2009 Share Posted December 1, 2009 I don't see a problem at first glance. You say that when you take out that if statement then it works fine? What do you mean by "caught something"? Is there an error on the page? Blank page? what exactly is happening? try adding error_reporting(E_ALL); ini_set("display_errors", 1); to the beginning of your page. That will display any errors that may be happening One thing to consider, you are using headers, and when using header's you can't have any output on the page. THis means any whitespace, html tags, etc. So make sure there is no output up to that error check line Quote Link to comment https://forums.phpfreaks.com/topic/183507-basic-cms-script-help/#findComment-968641 Share on other sites More sharing options...
geebee Posted December 1, 2009 Author Share Posted December 1, 2009 What's happening exactly is when I try to add data to the database via this page it redirects me to new_subject.php (the page called out in the error redirect_to) instead of posting to the database. I don't understand why it would do this other than the validation code is finding an error somewhere, is that not true? Like I said it's working fine without the validation and I would remove it except that I need to later build upon the validation code in order to prevent users from trying to submit a blank field into the database. Regarding headers/output -- is it possible the functions page which is being called is adding whitespace? I've removed all whitespace from the page I included, but that didn't change anything. Also, I already turned on error reporting in php.ini and that's been functioning fine. Quote Link to comment https://forums.phpfreaks.com/topic/183507-basic-cms-script-help/#findComment-968666 Share on other sites More sharing options...
mikesta707 Posted December 1, 2009 Share Posted December 1, 2009 If you are getting no header errors, than your header usage is fine. If it's redirecting, its not a header issue, so you don't have to worry about that. Didn't know that the page was redirecting, or I wouldn't have even mentioned it. One thing I noticed $required_fields = array('menu name', 'position', 'visible'); in the variable below, you put "menu_name". should the above line be $required_fields = array('menu_name', 'position', 'visible'); ? Quote Link to comment https://forums.phpfreaks.com/topic/183507-basic-cms-script-help/#findComment-968670 Share on other sites More sharing options...
geebee Posted December 1, 2009 Author Share Posted December 1, 2009 WOW. That was it, thanks Mikesta! Can I ask you how you found that? Without the error report I had no idea where to look to find something like that, which forced me to go through every function and every line of code many times over the past couple days, which really sucked. Thanks again! Quote Link to comment https://forums.phpfreaks.com/topic/183507-basic-cms-script-help/#findComment-968679 Share on other sites More sharing options...
mikesta707 Posted December 1, 2009 Share Posted December 1, 2009 well, i figured that if the page was redirecting, then the error lied somewhere in the validation, so I looked there. You also did validation in an interesting way (with arrays) which I don't see much, so that area already stood out Quote Link to comment https://forums.phpfreaks.com/topic/183507-basic-cms-script-help/#findComment-968682 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.