Faks Posted October 17, 2010 Share Posted October 17, 2010 Hi Everybody i am working on admin panel but right now i encounter a problem i can't edit i also can't delete news but insert is working maybe somebody can help me find mistake and fix it up . You can visit web and see what is what Admin Panel http://faksx.sytes.net/blogs/?page=cp Admin Panels news management http://faksx.sytes.net/blogs/?page=news_cp user andis |pw andis (don't try hack it won't work) Here is code i . if ($_POST['submit']) { $id = (int)$_POST['id']; $news_title = mysql_real_escape_string($_POST['news_title']); $news_category = mysql_real_escape_string($_POST['news_category']); $news_short_text = mysql_real_escape_string($_POST['news_short_text']); $news_text = mysql_real_escape_string($_POST['news_text']); $news_title = htmlentities($_POST['news_title']); $news_category = htmlentities($_POST['news_category']); $news_short_text = htmlentities($_POST['news_short_text']); $news_text = htmlentities($_POST['news_text']); if (!empty($id)) { $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' "); } else { $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')"; mysql_query($sql) or die (mysql_error()); } } if($_GET['edit'] == 1) { $id = (int)$_GET['id']; $sql = ("DELETE FROM news WHERE id = '$id'"); mysql_query($sql) or die (mysql_error()); } if ($_GET['edit'] == 1) { $id = (int)$_GET['id']; $sql = ("SELECT * FROM news WHERE id = '$id'"); $date = mysql_query($sql) or die (mysql_error()); $row = mysql_fetch_array($date); $edit_title = $row['news_title']; $edit_group = $row['news_category']; $edit_short_text = $row['news_short_text']; $edit_text = $row['news_text']; $edit_id = (int)$row['id']; } mysqlutf8(); $sql = ("SELECT * FROM news"); $date = mysql_query($sql) or die (mysql_error()); echo '<select>'; while($row = mysql_fetch_array($date)) { echo "<option value='$row[id]'>".$row[news_title].'</option>' ; } #" <a href='/blogs/?page=comment&id=".$row['id']."'>Comment</a> " #"<a href='/blogs/?page=news_cp&edit=id=".$row['id']."'>" echo '</select>'."<a href='/blogs/?page=news_cp&edit&id=".$row['id']."'><input type='button' name='edit' id='button2' value='Edit' /></a> <a href='/blogs/?page=news_cp&delete&id=".$row['id']."'><input type='button' name='delete' id='button3' value='Delete' /></a>"; echo "<form id='form1' name='submit' method='post'> <p>Virsrakts <label for='textfield'></label> </p> <p> <input type='text' name='news_title' value='$news_title'> </p> <p>Ziņu Gruppa</p> <p> <label for='select'></label> <select name='news_category' value='$edit_group'> <option>News</option> <option>Bugs</option> </select> </p> <p>Teksts</p> <p> <label for='textfield2'></label> <textarea name='news_short_text' cols='50' rows='10' id='textfield2' value='$edit_short_text_text'></textarea> </p> <p>Pilns Teksts</p> <p> <label for='textfield3'></label> <textarea name='news_text' cols='70' rows='15' id='textfield3' value='$news_text'></textarea> </p> <p> <input type='submit' name='submit' id='button' value='Pievienot' /> <input type='reset' name='reset' id='button4' value='Reset' /> </p> </form>"; } Link to comment https://forums.phpfreaks.com/topic/216076-admin-news-control-panel-issues/ Share on other sites More sharing options...
BlueSkyIS Posted October 17, 2010 Share Posted October 17, 2010 if !empty($id), you create $sql, but never execute it. Link to comment https://forums.phpfreaks.com/topic/216076-admin-news-control-panel-issues/#findComment-1122961 Share on other sites More sharing options...
Faks Posted October 17, 2010 Author Share Posted October 17, 2010 if !empty($id), you create $sql, but never execute it. hmm but it check if not empty then insert if not it updates . Link to comment https://forums.phpfreaks.com/topic/216076-admin-news-control-panel-issues/#findComment-1122962 Share on other sites More sharing options...
BlueSkyIS Posted October 17, 2010 Share Posted October 17, 2010 No. it only inserts. if (!empty($id)) { // $sql is set here, but never sent to mysql_query() $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' "); } else { // $sql is set here, and then... $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')"; // $sql is sent to mysql_query() mysql_query($sql) or die (mysql_error()); } Link to comment https://forums.phpfreaks.com/topic/216076-admin-news-control-panel-issues/#findComment-1122963 Share on other sites More sharing options...
Faks Posted October 17, 2010 Author Share Posted October 17, 2010 No. it only inserts. if (!empty($id)) { // $sql is set here, but never sent to mysql_query() $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' "); } else { // $sql is set here, and then... $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')"; // $sql is sent to mysql_query() mysql_query($sql) or die (mysql_error()); } and how to resolve this ? Link to comment https://forums.phpfreaks.com/topic/216076-admin-news-control-panel-issues/#findComment-1122964 Share on other sites More sharing options...
phpfreak Posted October 17, 2010 Share Posted October 17, 2010 It only inserts because mysql_query($sql) or die (mysql_error()); Is only in the condition that $id is empty... I think maybe this: if (!empty($id)) { // $sql is set here, but never sent to mysql_query() $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' "); mysql_query($sql) or die (mysql_error()); } else { // $sql is set here, and then... $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')"; // $sql is sent to mysql_query() mysql_query($sql) or die (mysql_error()); } Link to comment https://forums.phpfreaks.com/topic/216076-admin-news-control-panel-issues/#findComment-1122998 Share on other sites More sharing options...
BlueSkyIS Posted October 17, 2010 Share Posted October 17, 2010 yes. to execute $sql, you use mysql_query($sql). If you don't use mysql_query($sql), nothing will happen. http://php.net/manual/en/function.mysql-query.php ... and since mysql_query() should be executed in either case, you might as well move it outside the IF: if (!empty($id)) { $sql = "UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' "; } else { $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')"; } // $sql is sent to mysql_query() mysql_query($sql) or die (mysql_error()); Link to comment https://forums.phpfreaks.com/topic/216076-admin-news-control-panel-issues/#findComment-1123002 Share on other sites More sharing options...
Faks Posted October 17, 2010 Author Share Posted October 17, 2010 It only inserts because mysql_query($sql) or die (mysql_error()); Is only in the condition that $id is empty... I think maybe this: if (!empty($id)) { // $sql is set here, but never sent to mysql_query() $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' "); mysql_query($sql) or die (mysql_error()); } else { // $sql is set here, and then... $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')"; // $sql is sent to mysql_query() mysql_query($sql) or die (mysql_error()); } yeah did sow well one mistake less but edit and delete not working ! Link to comment https://forums.phpfreaks.com/topic/216076-admin-news-control-panel-issues/#findComment-1123007 Share on other sites More sharing options...
BlueSkyIS Posted October 17, 2010 Share Posted October 17, 2010 another problem: if ($_GET['edit'] == 1), you delete the record. then a few lines down you search for the record you just deleted: if($_GET['edit'] == 1) { $id = (int)$_GET['id']; $sql = ("DELETE FROM news WHERE id = '$id'"); mysql_query($sql) or die (mysql_error()); // RECORD DELETED } if ($_GET['edit'] == 1) { $id = (int)$_GET['id']; $sql = ("SELECT * FROM news WHERE id = '$id'"); // THIS WILL NEVER BE FOUND, AS IT WAS DELETED ABOVE. I suggest that you try writing down some comments and/or pseudo-code within your PHP so you can work out the logic. Randomly hacking via twenty questions is a real sloooow route. Link to comment https://forums.phpfreaks.com/topic/216076-admin-news-control-panel-issues/#findComment-1123011 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.