Hattemageren Posted January 19, 2011 Share Posted January 19, 2011 Alright, I've spent over a week trying to fix this now - And Im getting frustrated! I asked at other forums, I asked co-workers and I asked friends-of-friends, and nobody can explain what happens. Let's take a look at this first: $name = mysql_real_escape_string($_POST['name']); mysql_query(sprintf("UPDATE em_users SET name='%s' WHERE id='" . $in_user['id'] . "'", $name)); This will insert NO data on the Name field in the database. Obviously, I thought the $_POST variable wasn't passed correctly, but echo'ing it just before the query WILL show data. And as I said, I tried everything possible for the last week. Switching variables, adding static text on the $name variable instead of using the $_POST content (this does work). I used very very simple test data on the form, such as my name "Mark" or "test" and "hey". The query is correctly executed everytime. The truely WEIRD thing is, if I ensure there is content in $name before executing the query it will work as expected everytime. Like this: $name = mysql_real_escape_string($_POST['name']); $name && mysql_query(sprintf("UPDATE em_users SET name='%s' WHERE id='" . $in_user['id'] . "'", $name)); Of course I could do this, but I want to know why my code does or doesn't work + it's a lot of work to do for something that worked fine a week ago. It has spread to a lot of forms on my website that $_POST variables aren't processed correctly - and it happened out of nowhere. Even on codes that havnt changed in months. I really need help on fixing this! This project has been in development for nearly two years, and without a fix it's pretty much lost Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted January 19, 2011 Share Posted January 19, 2011 Separate the query string from the query execution, form it in a variable, and echo it, along with any errors that occur when the query is executed. Quote Link to comment Share on other sites More sharing options...
Muddy_Funster Posted January 19, 2011 Share Posted January 19, 2011 Why are you using sprintf to format the name and not the id part of the query string? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 19, 2011 Share Posted January 19, 2011 A) Posting all the code (form and form processing) that reproduces the symptom would be the quickest way of starting the process of getting help. That would allow someone to reproduce the problem and/or see what the relevant code is doing to either confirm or eliminate the code as the cause of the problem. B) You are apparently NOT validating the form data in your php code or possibly not even checking that a form was submitted. C) If the symptom just started and it is not due to A) or B), then it is likely that your browser is requesting the page twice and doing B) would detect that and prevent the query from being executed when the page is requested without any form submission or form data values. Quote Link to comment Share on other sites More sharing options...
Hattemageren Posted January 19, 2011 Author Share Posted January 19, 2011 Thanks for the replies - I've implemented and tried what you suggested. The reason the code is not validated is because I wrote it from scratch to try and isolate the error which occured in more complex codes too. But I figured it would be easier to isolate the symptom if the code was obviously more simple. As said, I'm 100% certain $_POST data is sent and received by the php code. I can echo the result and execute the query right after, and the echo will contain the $_POSTs and the query will lose them. Reversing the order doesn't change anything. I also tried submitting the content again and again, and sometimes it succesfully keeps the data in the query - other times it doesn't. Here's the revised code: if ($_GET['action'] == "updatecontent") { $name = mysql_real_escape_string($_POST['name']); $sql = sprintf("UPDATE em_users SET name='%s' WHERE id='%s'", $name, $in_user['id']); mysql_query($sql); } And the form: <form method="post" action="?action=updatecontent"> <input tabindex="2" type="text" id="name" value="" name="name"> <input type="submit" value="OK"> </form> Quote Link to comment Share on other sites More sharing options...
Hattemageren Posted January 19, 2011 Author Share Posted January 19, 2011 I'm fairly certain it's not a programming error - What I need is ideas what I can check for that may cause this kind of behaviour. Server configuration, database configuration, handling of superglobals, etc. I'm 100% sure it's not an error in the code Im showing since it worked before, and wasnt changed meanwhile. So I also understand that it's hard to isolate errors for others, but if anybody has experienced similar problems because of a change in some kind of config - that's really what Im looking for in here. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 19, 2011 Share Posted January 19, 2011 So, you have code that reproduces the problem, but you aren't, can't, or won't post it? Just exactly what were you expecting a programming help forum to be able to do for you? Edit to your edit and added post: Someone already suggested a likely cause - C) If the symptom just started and it is not due to A) or B), then it is likely that your browser is requesting the page twice and doing B) would detect that and prevent the query from being executed when the page is requested without any form submission or form data values. Does your FULL actual code check that the form was submitted and that the $_POST['name'] is not empty, or does it blindly form and execute the query every time the page is requested? I recommend logging the $sql string to a file on every page request so that you can see what it really is. That would help you determine if the page is being requested more than once. Quote Link to comment Share on other sites More sharing options...
mikosiko Posted January 19, 2011 Share Posted January 19, 2011 if you have tested/debug your code already as you said and everything has not been changed on it to produce the behavior... then, this part in your post could point to that something was done in the server configuration: ....it's a lot of work to do for something that worked fine a week ago. It has spread to a lot of forms on my website that $_POST variables aren't processed correctly - and it happened out of nowhere.... If the code WAS working before, and nothing on it has been changed and all the sudden started acting then maybe the answer is not in the code... " happened out of nowhere" is just no possible. Agree with what others said... post you whole relevant code, otherwise is very difficult to help... and also look for changes in your configuration. Quote Link to comment Share on other sites More sharing options...
Hattemageren Posted January 19, 2011 Author Share Posted January 19, 2011 I'm not gonna post everything in here, because the entire code is several thousand lines. I've spent a week isolating the error - and come down to that: $name && mysql_query($sql); Runs perfectly while mysql_query($sql); Seemlingly "randomly" loses information from the $_POST variables. I dont understand how this has happened when nothing changed to the code meanwhile. So is there anything related to server/database/whatever configuration that could cause this kind of behaviour? Obviously, I dont expect anyone who can't relate to the error to do anything - and I would've been able to fix programming related error on my own.. - What I hoped is that somebody had an idea, in terms of config, which I dont happen to know a lot about, that would provoke this behaviour/error. Quote Link to comment Share on other sites More sharing options...
mikosiko Posted January 19, 2011 Share Posted January 19, 2011 what is the output of this? (placed before the mysql_query): echo file_get_contents("php://input"); also is out there few people reporting that removing enctype from the form fix data lost in $_POST (reason apparently is because the wrong enctype is used) .... no tested/proved in my side... maybe worth a try Quote Link to comment Share on other sites More sharing options...
Hattemageren Posted January 19, 2011 Author Share Posted January 19, 2011 When I first tried your code it put out name=test After several reposts it put out nothing. Simple strings like "test", "hello", etc. Quote Link to comment Share on other sites More sharing options...
mikosiko Posted January 19, 2011 Share Posted January 19, 2011 that is the whole output? and did you tried removing the enctype? Quote Link to comment Share on other sites More sharing options...
Hattemageren Posted January 19, 2011 Author Share Posted January 19, 2011 If there was supposed to be more output than what I showed above it did not appear :-/ And yes, I tried removing the enctype - Unfortunately that didn't solve it, but it's exactly the "line of thought" Im looking for. Quote Link to comment Share on other sites More sharing options...
Hattemageren Posted January 19, 2011 Author Share Posted January 19, 2011 I tried to make the script email me, and it turns out it does submit the form twice (since I got two emails every ONE time I pressed the submit button) - So it submits once WITH content and then another time without. So this explains the weird behaviour - that I would see data, but then the run after it would overwrite the data I had seen in the actual database - and the times it didn't lose its data was obviously because it only submitted once. Now, the problem is located - But why does it happen and how do I fix it? Quote Link to comment Share on other sites More sharing options...
mikosiko Posted January 19, 2011 Share Posted January 19, 2011 Good... so the answer was (and is) in Reply #3. Quote Link to comment Share on other sites More sharing options...
Hattemageren Posted January 19, 2011 Author Share Posted January 19, 2011 Exactly - what a relief! But what is the correct way to check for form data? Now I do this: if ($action == "updatecontent" && $_POST){ // bla bla } But is this sufficient and/or the correct way to see if submitted values exist? Quote Link to comment Share on other sites More sharing options...
mikosiko Posted January 19, 2011 Share Posted January 19, 2011 you can use: isset() and/or empty() lot of examples around Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.