bugmero Posted May 9, 2010 Share Posted May 9, 2010 I don't get it a get a lot of errors with what i am doing <?php session_start(); require_once('include/connect.php'); include('include/header.php'); include('include/rollover.php'); require_once('include/functions.php'); include('include/toptemplate.php'); connecttodb($hostname_connSquash,$database_connSquash,$username_connSquash,$password_connSquash); function connecttodb($hostname_connSquash,$database_connSquash,$username_connSquash,$password_connSquash) { global $link; $link=mysql_connect ("$hostname_connSquash","$username_connSquash","$password_connSquash"); if(!$link){die("Could not connect to MySQL");} mysql_select_db("$database_connSquash",$link) or die ("could not open db".mysql_error()); } $qsql="UPDATE `$clubprefix"."_player` SET FB='$FB', FM='$FM', SR='$SR' Vol='$Vol' SS='$SS' PS='$PS' TE='$TE' WHERE id='$id'"; $result=mysql_query($qsql) or die("Problem with the query: $qres<br>" . mysql_error()); if($result){ echo "Successful"; } ?> This is the update script that i am using to send to the data base , used the "or die " statement and i get this error : Problem with the query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Vol='' SS='' PS='' TE='' WHERE id=''' at line 1 I don't get was is wrong Quote Link to comment Share on other sites More sharing options...
bugmero Posted May 9, 2010 Author Share Posted May 9, 2010 I have added echo qsql; and i received this information : UPDATE `worldclass_player` SET FB='', FM='', SR='' Vol='' SS='' PS='' TE='' WHERE id=''Problem with the query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Vol='' SS='' PS='' TE='' WHERE id=''' at line 1 I think i'm not getting the data from the submit script , but i don't understand why Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted May 9, 2010 Share Posted May 9, 2010 Where is the form, and where do you define the variables in the UPDATE query? Quote Link to comment Share on other sites More sharing options...
JAY6390 Posted May 9, 2010 Share Posted May 9, 2010 Me thinks someone has code written for php where register globals is allowed Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted May 9, 2010 Share Posted May 9, 2010 You need commas between all of the values being set: You have: <?php $qsql="UPDATE `$clubprefix"."_player` SET FB='$FB', FM='$FM', SR='$SR' Vol='$Vol' SS='$SS' PS='$PS' TE='$TE' WHERE id='$id'"; ?> It should be: <?php $qsql="UPDATE `$clubprefix"."_player` SET FB='$FB', FM='$FM', SR='$SR', Vol='$Vol', SS='$SS', PS='$PS', TE='$TE' WHERE id='$id'"; ?> Ken Quote Link to comment Share on other sites More sharing options...
bugmero Posted May 9, 2010 Author Share Posted May 9, 2010 Thanks kenrbnsn, i get no errors now in the script , but still no update in the database, maybe is something wrong with the id , i defined <td><input name="id" type="hidden" id="id" value="<? echo $rows['id']; ?>"></td> in the input form , maybe is not getting the id correctly , any ideas ? Quote Link to comment Share on other sites More sharing options...
bugmero Posted May 9, 2010 Author Share Posted May 9, 2010 When i echo results i get this : UPDATE `worldclass_player` SET FB='', FM='', SR='', Vol='', SS='', PS='', TE='' WHERE id=''Successful I don't get a value for each variable Quote Link to comment Share on other sites More sharing options...
bugmero Posted May 9, 2010 Author Share Posted May 9, 2010 I found out that the problem is that is not getting the id the code are as follow : imput script is : <?php session_start(); require_once('include/connect.php'); include('include/header.php'); include('include/rollover.php'); require_once('include/functions.php'); include('include/toptemplate.php'); connecttodb($hostname_connSquash,$database_connSquash,$username_connSquash,$password_connSquash); function connecttodb($hostname_connSquash,$database_connSquash,$username_connSquash,$password_connSquash) { global $link; $link=mysql_connect ("$hostname_connSquash","$username_connSquash","$password_connSquash"); if(!$link){die("Could not connect to MySQL");} mysql_select_db("$database_connSquash",$link) or die ("could not open db".mysql_error()); } $id=$_GET['id']; $qres="SELECT * FROM `$clubprefix"."_player` WHERE id=". $row['ID'].""; $result=mysql_query($qres) or die("Problem with the query: $qres<br>" . mysql_error()); $rows = mysql_fetch_array ($result); ?> <table width="400" border="0" cellspacing="1" cellpadding="0"> <tr> <form name="form1" method="post" action="update_skill.php?id='$id'"> <td> <table width="100%" border="0" cellspacing="1" cellpadding="0"> <tr> <td> </td> <td align="center" colspan="3"><strong>Update skill level</strong> </td> </tr> <tr> <td align="center"> </td> <td align="center"> </td> <td align="center"> </td> <td align="center"> </td> </tr> <tr> <td align="center"> </td> <td align="center"><strong>Forehand/Backhand</strong></td> <td align="center"><strong>Fitness/Movement</strong></td> <td align="center"><strong>Serve/Return</strong></td> <td align="center"><strong>Volley</strong></td> <td align="center"><strong>Special Shots</strong></td> <td align="center"><strong>Playing Style</strong></td> <td align="center"><strong>Tournament Experience</strong></td> </tr> <tr> <td> </td> <td align="center"><input name="FB" type="text" id="FB" value="<? echo $rows['FB']; ?>"></td> <td align="center"><input name="FM" type="text" id="FM" value="<? echo $rows['FM']; ?>" size="15"></td> <td><input name="SR" type="text" id="SR" value="<? echo $rows['SR']; ?>" size="15"></td> <td align="center"><input name="Vol" type="text" id="Vol" value="<? echo $rows['Vol']; ?>"></td> <td align="center"><input name="SS" type="text" id="SS" value="<? echo $rows['SS']; ?>"></td> <td align="center"><input name="PS" type="text" id="PS" value="<? echo $rows['PS']; ?>"></td> <td align="center"><input name="TE" type="text" id="TE" value="<? echo $rows['TE']; ?>"></td> </tr> <tr> <td> </td> <td><input name="id" type="hidden" id="id" value="<? echo $rows['id']; ?>"></td> <td align="center"><input type="submit" name="Submit" value="Submit"></td> <td> </td> </tr> </table> </td> </form> </tr> </table> <? // close connection mysql_close(); ?> and the update script is : <?php session_start(); require_once('include/connect.php'); include('include/header.php'); include('include/rollover.php'); require_once('include/functions.php'); include('include/toptemplate.php'); connecttodb($hostname_connSquash,$database_connSquash,$username_connSquash,$password_connSquash); function connecttodb($hostname_connSquash,$database_connSquash,$username_connSquash,$password_connSquash) { $link=mysql_connect ("$hostname_connSquash","$username_connSquash","$password_connSquash"); if(!$link){die("Could not connect to MySQL");} mysql_select_db("$database_connSquash",$link) or die ("could not open db".mysql_error()); } $id=$_GET['id']; $qsql="UPDATE `$clubprefix"."_player` SET FB='$FB', FM='$FM', SR='$SR', Vol='$Vol', SS='$SS', PS='$PS', TE='$TE' WHERE id='$id'"; echo $qsql; $result=mysql_query($qsql) or die("Problem with the query: $qres<br>" . mysql_error()); if($result){ echo "Successful"; } ?> The id is not send to the update script .I tried a lot of ways , but no success Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted May 9, 2010 Share Posted May 9, 2010 You haven't defined the variables in the database query. The script relies on register_globals = On, which for reasons that should now be obvious, is a bad idea. You need to define each variable you receive from the form explicitly. Quote Link to comment Share on other sites More sharing options...
bugmero Posted May 9, 2010 Author Share Posted May 9, 2010 How do i define them from the form ? Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted May 9, 2010 Share Posted May 9, 2010 Read http://us3.php.net/manual/en/security.globals.php In your particular case, the value of $id is passed on the URL, so it will be in $_GET['id']. The rest of the values will be in the $_POST super global array. Ken Quote Link to comment Share on other sites More sharing options...
bugmero Posted May 9, 2010 Author Share Posted May 9, 2010 when i send the data i get in the url update_skill.php?='$id' , not the id number , the post code is : <form name="form1" method="post" action="update_skill.php?='$id'"> i have defined the variables in the update code : $id=$_GET['id']; $FB=$_POST['FB']; $FM=$_POST['FM']; $SR=$_POST['SR']; $Vol=$_POST['Vol']; $SS=$_POST['SS']; $PS=$_POST['PS']; $TE=$_POST['TE']; $qsql="UPDATE `$clubprefix"."_player` SET FB='$FB', FM='$FM', SR='$SR', Vol='$Vol', SS='$SS', PS='$PS', TE='$TE' WHERE id='$id'"; echo $qsql; $result=mysql_query($qsql) or die("Problem with the query: $qres<br>" . mysql_error()); i get the data from the variables , but not the id Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted May 9, 2010 Share Posted May 9, 2010 The <form> statement needs to be <form name="form1" method="post" action="update_skill.php?id='$id'"> Ken Quote Link to comment Share on other sites More sharing options...
JAY6390 Posted May 9, 2010 Share Posted May 9, 2010 change it to <form name="form1" method="post" action="update_skill.php?id=<?php echo $id; ?>"> Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted May 9, 2010 Share Posted May 9, 2010 Oops -- missed that one... Ken Quote Link to comment Share on other sites More sharing options...
bugmero Posted May 9, 2010 Author Share Posted May 9, 2010 Thanks JAY6390 , that did it , i will try to rewrite the code without global on . Quote Link to comment Share on other sites More sharing options...
JAY6390 Posted May 9, 2010 Share Posted May 9, 2010 I also recommend that you actually remove the get url in the form submission completely, and go with a hidden input instead <form name="form1" method="post" action="update_skill.php'"> <input name="id" id="id" value="<?php echo $id; ?>" /> Then in your php use $_POST['id'] rather than $_GET['id'] Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted May 10, 2010 Share Posted May 10, 2010 cahnge to <input name="id" id="id" type="hidden" value="<?php echo $id; ?>" /> Quote Link to comment Share on other sites More sharing options...
JAY6390 Posted May 10, 2010 Share Posted May 10, 2010 ah yes I forgot the vital part Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.