Editing a mysql database

[iJoseph]

---

I have this code but it just retruns as the 'or die()' It's not the included connection, that all works for other scripts. But for some reason nothing happenes. Any help?

 

<?php
include "../includes/mysql_connect.php";
include "../includes/info_files.php";

if(isset($_POST['submitted'])) {
mysql_query("UPDATE `pages` SET name='$_POST[name]' AND SET content='$_POST[content]' AND SET catt='$_POST[catt]' AND SET page='$_POST

---

' WHERE id='$_POST[id]'") or die('Edit failed');
echo "Page made.<br /><br />";
}else{

$result = mysql_query("SELECT * FROM pages WHERE id='$_GET

---

'");
while($row = mysql_fetch_array($result))
  {
echo '<form action="" method="post">';
echo '<input type="hidden" name="id" value="' . $row['id'] . '" /><br />';
echo '<strong>Edit: ' . $row['name'] . '</strong><br />';
echo 'Name: <input type="text" name="name" value="' . $row['name'] . '" /><br />';
echo 'Category: <input type="text" name="catt" value="' . $row['catt'] . '" /><br />';
echo 'Page: <input type="text" name="page" value="' . $row['page'] . '" /><br />';
echo '<textarea rows="25" cols="60" name="content">' . $row['content'] . '</textarea><br />';
echo '<input type="submit" name="submitted" value="Edit" />';
echo '</form>';
  }
}
?>

[Pikachu2000]

---

The syntax is wrong, and should be SET col = val, col2 = val2, rather than AND SET, but since you've no way to echo the query string for debugging, change this:

mysql_query("UPDATE `pages` SET name='$_POST[name]' AND SET content='$_POST[content]' AND SET catt='$_POST[catt]' AND SET page='$_POST

---

' WHERE id='$_POST[id]'") or die('Edit failed');

 

To this:

$query = "UPDATE `pages` SET name='$_POST[name]', content='$_POST[content]', catt='$_POST[catt]', page='$_POST

---

' WHERE id='$_POST[id]'"; // if id is an integer, get rid of the quotes around '$_POST['id']'
$result = mysql_query( $query ) or die( '<br />Query String: ' . $query . '<br />Produced Error: ' . mysql_error() . '<br />');

 

And post the errors here, if that doesn't fix it.

[Pikachu2000]

Also, you should really, really, really, never put user supplied data, such as that which comes from a web form, directly into a DB query. It should be validated and sanitized first, as a protection against SQL injection attacks.

[iJoseph]

Yay! it worked! Cheers. Sorry for the late reply. I went off to do somthing else.

[mac.happer]

edit page.

Create a new page, hit Ctrl+S and save your site as edit.php. You will need to read the previous tutorial on how to "Display PHP MySQL Data" because after editing your information you have to view it, and I explain how to do this in the previous tutorial.

 

After doing that, In your application window click on Bindings and create a new Recordset

 

Click, ok to apply setting. Now click on Insert Application Objects Update Record Record Update form wizard. With that you will see the window below.

 

Click ok, and you should see the form below.

 

Open, the index page and edit the table as shown below.

 

Double click on Edit, in the properities window click on the yellow folder next to the Link box.

 

Next click parameter, type in id in the Name box and click on the lightning bolt in the value box, with that the window below will come up.

 

Click to select, field1_id. Click ok twice, and will should be at the select file window. Select the edit.php file and click ok. This is the link that I have on the edit text

 

edit.php?id=<?php echo $row_rs1['field1_id']; ?>

 

Just hit F+12 to preview your page, click on edit and edit your information it should work with out a problem.