$query UPDATE fails with no error. where to use echo?

[ntroycondo]

I have a script (newadmin.php)  that lists out my DB table rows with links to edit them.

Clicking the edit link takes to editdevice.php script shown below. But when I put edits in and submit the form, no updates are made to the DB.

1- I'm not sure where to try and echo $query to see what is being passed.

2- Also not sure if the formaction is set right, to post back to newadmin.php page.

 

 

<?php 
ob_start();
// Set the page title and include the HTML header.
$page_title = 'Edit a Model';
include ('./header2.inc');
session_start();
?>
<link rel="stylesheet" type="text/css" href="ihear.css" />
<html>
<?php

// This page edits a model.
// Check for a valid user ID, through GET or POST.
if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { 
$id = $_GET['id'];
} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form has been submitted.
$id = $_POST['id'];
} else { // No valid ID, kill the script.
echo '<h1 id="mainhead">Page Error</h1>
<p class="error">This page has been accessed in error.</p><p><br /><br /></p>';
exit();
}

require_once ('../ihear/admin_db_inc.php'); // Connect to the db.

// Check if the form has been submitted.
if (isset($_POST['submitted'])) {

$errors = array(); // Initialize error array.

// Check for a name.
if (empty($_POST['name'])) {
	$errors[] = 'You forgot to enter model name.';
} else {
	$fn = escape_data($_POST['name']);
}

// Check for a size.
if (empty($_POST['size'])) {
	$errors[] = 'You forgot to enter size.';
} else {
	$ln = escape_data($_POST['size']);
}

// Check for a cost.
if (empty($_POST['cost'])) {
	$errors[] = 'You forgot to enter your cost.';
} else {
	$e = escape_data($_POST['cost']);
}

#	if (empty($errors)) { // If everything's OK.

	//  Test for unique id.
	$query = "SELECT id FROM ihear_models WHERE id != $id";
	$result = mysql_query($query);
	if (mysql_num_rows($result) == 0){

		// Make the query.
		$query = "UPDATE ihear_models SET name='$fn',size='$ln', cost='$e' WHERE id=$id";
		$result = @mysql_query ($query); // Run the query.
		if (mysql_affected_rows() == 1) { // If it ran OK.

			// Print a message.
			echo '<h1 id="mainhead">Edit a Model</h1>
			<p>The model has been edited.</p><p><br /><br /></p>';	

		} else { // If it did not run OK.
			echo '<h1 id="mainhead">System Error</h1>
			<p class="error">The model could not be edited due to a system error. We apologize for any inconvenience.</p>'; // Public message.
			echo '<p>' . mysql_error() . '<br /><br />Query: ' . $query . '</p>'; // Debugging message.
			exit();
		}

	} else { // Already registered. REMOVING }
		echo '<h1 id="mainhead">Error!</h1>
		<p class="error">The model has already been registered.</p>';
	}

} 

// Always show the form.

// Retrieve the user's information.
$query = "SELECT name, size, cost FROM ihear_models WHERE id=$id";		
$result = @mysql_query ($query); // Run the query.

if (mysql_num_rows($result) == 1) { // Valid user ID, show the form.

// Get the user's information.
$row = mysql_fetch_array ($result, MYSQL_NUM);

// Create the form.
echo '<h2>Edit a User</h2>
<form action="newadmin.php" method="post">
<p>Name: <input type="text" name="name" size="15" maxlength="15" value="' . $row[0] . '" /></p>
<p>Size: <input type="text" name="size" size="15" maxlength="30" value="' . $row[1] . '" /></p>
<p>Cost: <input type="text" name="cost" size="20" maxlength="40" value="' . $row[2] . '"  /> </p>
<p><input type="submit" name="submit" value="Submit" /></p>
<input type="hidden" name="submitted" value="TRUE" />
<input type="hidden" name="id" value="' . $id . '" />
</form>';

} else { // Not a valid user ID.
echo '<h1 id="mainhead">Page Error</h1>
<p class="error">This page has been accessed in error.</p><p><br /><br /></p>';
}

mysql_close(); // Close the database connection.
?>

[ChrisA]

This bit of your code doesn't seem to make sense:

 

//  Test for unique id.
$query = "SELECT id FROM ihear_models WHERE id != $id";

$result = mysql_query($query);
if (mysql_num_rows($result) == 0){
	.....
} else { // Already registered. REMOVING }
	echo '<h1 id="mainhead">Error!</h1>
	<p class="error">The model has already been registered.</p>';
}

 

You search for rows where the id field is NOT equal to the id you received, then check if you found 0 rows...

 

If you're trying to update a row, I would think you're more likely to want to search for the row where the id's are equal, then check you found one row?:

 

 

//  Test for unique id.
$query = "SELECT id FROM ihear_models WHERE id = $id";

$result = mysql_query($query);
if (mysql_num_rows($result) == 1){
	.....
} else { 0 or 2+ found
	echo '<h1 id="mainhead">Error!</h1>
	<p class="error">Not found, or multiple found...</p>';
}

[ntroycondo]

Tried switching to that ' id = $id '

but doesn't change the behavior and doesn't update the rows.

[Pikachu2000]

In your query, you're checking to see if there is a record in the database already that DOESN'T match, then only updating the DB if there are NO matching records.

 

//  Test for unique id.
	$query = "SELECT id FROM ihear_models WHERE id != $id";  // this should query for matching records. As written, it queries for NON-matching records.
	$result = mysql_query($query);
	if (mysql_num_rows($result) == 0){ // This line should verify exactly ONE record was returned, not zero

[ntroycondo]

Yeah, i left it to id = $id as suggested. Because that makes sense.

 

Problem was because form action wasn't pointing back at itself.