Jump to content

Simple Mysql Edit Script. (N00B)


doofy

Recommended Posts

I'm not receiving any errors, it's simply reverting back to the same page without updating the database, and erasing (re-pulling the data from MySQL I suppose from below).

 

Can you point out where I buggered up please? Any assistance would be greatly appreciated.

 

<?php
// creates the edit record form
// since this form is used multiple times in this file, I have made it a function that is easily reusable
function renderForm($id, $ArticleID, $Category, $Title, $Summary, $BlogEntry, $Image, $Link, $DateStamp, $error)
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Edit Commentary Blog</title>
</head>
<body>
<?php
// if there are any errors, display them
if ($error != '')
{
echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
}
?>

<table width="100%" border="0" cellspacing="2" cellpadding="2">
 <tr>
   <td colspan="2"><h3>Edit and Submit</h3>
<form action="" method="post">
<input type="hidden" name="id" value="<? echo "$id" ?>">
</td>
 </tr>
 <tr>
   <td valign="top">Blog Title: </td>
   <td><input type="text" name="Title" size="100" value="<? echo "$Title"?>"></td>
 </tr>
 <tr>
   <td valign="top">Blog Category: </td>
   <td>
 <select name="Category">
 <option value="Entertainment" <?php if($Category=="Entertainment") { echo "selected"; }?>>Entertainment</option>
 <option value="Humourous" <?php if($Category=="Humourous") { echo "selected"; }?>>Humourous</option>
 <option value="Other" <?php if($Category=="Other") { echo "selected"; }?>>Other</option>
 <option value="Politics" <?php if($Category=="Politics") { echo "selected"; }?>>Politics</option>
 <option value="Sports" <?php if($Category=="Sports") { echo "selected"; }?>>Sports</option>
 <option value="Technology" <?php if($Category=="Technology") { echo "selected"; }?>>Technology</option>	   
 </select></td>
 </tr>
 <tr>
   <td valign="top">Blog Summary: </td>
   <td><textarea name="Summary" rows="5" cols="76"><? echo "$Summary"?></textarea></td>
 </tr>
 <tr>
   <td>Blog Entry:</td>
   <td><textarea name="BlogEntry" rows="5" cols="76"><? echo "$BlogEntry"?></textarea></td>
 </tr>
 <tr>
   <td>Image URL:</td>
   <td><input type="text" name="Image" size="100" value="<? echo "$Image"?>"></td>
 </tr>
 <tr>
   <td colspan="2" align="center"><input type="Submit" value="Update"></form></td>
 </tr>
</table>
</div>
</body>
</html>
<?php
}
// connect to the database
include('connect-cb.php');

// check if the form has been submitted. If it has, process the form and save it to the database
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (is_numeric($_POST['id']))
{
// get form data, making sure it is valid
$id = $_POST['id'];
$ArticleID = mysql_real_escape_string(htmlspecialchars($_POST['ArticleID']));
$Title = mysql_real_escape_string(htmlspecialchars($_POST['Title']));
$Category = mysql_real_escape_string(htmlspecialchars($_POST['Category']));
$Summary = mysql_real_escape_string(htmlspecialchars($_POST['Summary']));
$BlogEntry = mysql_real_escape_string(htmlspecialchars($_POST['BlogEntry']));
$Image = mysql_real_escape_string(htmlspecialchars($_POST['Image']));
$Link = mysql_real_escape_string(htmlspecialchars($_POST['Link']));;
$DateStamp = mysql_real_escape_string(htmlspecialchars($_POST['DateStamp']));;

// check that requireds fields are filled in
if ($Title == '' || $Category == '' || $Summary == '' || $BlogEntry == '')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';

//error, display form
renderForm($id, $ArticleID, $Category, $Title, $Summary, $BlogEntry, $Image, $Link, $DateStamp, $error);
}
else
{
// save the data to the database
mysql_query(" UPDATE TestCommentaryBlog SET Title='$Title', Category='$Category', Summary='$Summary', BlogEntry='$BlogEntry', Image='$Image', Link='$Link', DateStamp='$DateStamp' WHERE ID='$id' ") or die(mysql_error());

// once saved, redirect back to the view page
header("Location: view.php");
}
}
else
{
// if the 'id' isn't valid, display an error
echo 'Error!';
}
}
else
// if the form hasn't been submitted, get the data from the db and display the form
{

// get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0)
{
// query db
$id = $_GET['id'];
$result = mysql_query("SELECT * FROM TestCommentaryBlog WHERE id=$id")
or die(mysql_error());
$row = mysql_fetch_array($result);

// check that the 'id' matches up with a row in the databse
if($row)
{

// get data from db
$ArticleID = $row['ArticleID'];
$Title = $row['Title'];
$Category = $row['Category'];
$Summary = $row['Summary'];
$BlogEntry = $row['BlogEntry'];
$Image = $row['Image'];
$Link = $row['ArticleID'];
$DateStamp = $row['DateStamp'];

// show form
renderForm($id, $ArticleID, $Category, $Title, $Summary, $BlogEntry, $Image, $Link, $DateStamp, '');
}
else
// if no match, display result
{
echo "No results!";
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
{
echo 'Error!';
}
}
?>

Link to comment
Share on other sites

Thank you, I've changed it from Update to submit but it still has the same outcome.

 

You change the VALUE of the button. The button doesn't have a NAME. But, I wouldn't use the submit button as a check anyway. Just use

if ($_SERVER['REQUEST_METHOD']=="POST") 

 

I think I got the names right

Link to comment
Share on other sites

Ok, I've tried changing it as you've suggested, and also simply by naming the button but neither are functioning.

 

Here is the code I have. Sorry for being terribly lame at this, it's a site for my brother otherwise I'd be too pissed off to work on it:

 

<?php
include('connect-cb.php');
// Get the user id
$id = $_GET['id'];
// Get data from user with the specified id
$result = mysql_query("SELECT * FROM TestCommentaryBlog WHERE id='$id'") or die ('Error Getting User Data! <br />' .mysql_error());
$numrows = mysql_num_rows($result);
$row = mysql_fetch_array($result);
// If edit not hit
if ($_SERVER['REQUEST_METHOD']!="POST")
{
   // If user id returns no results
   if ($numrows < 1)
 {
	 echo 'ID: <b>'.$id.'</b> does not exist!';
 }
 else
 {

 // Edit Form
 $result = mysql_query("SELECT * FROM TestCommentaryBlog WHERE id=$id") or die(mysql_error());
 while($row = mysql_fetch_array($result))
  {
  $Title=$row['Title'];
  $Title=str_replace('"','"',$Title);
  $Category=$row['Category'];
  $Summary=$row['Summary'];
  $Summary=str_replace('"','"',$Summary);
  $BlogEntry=$row['BlogEntry'];
  $BlogEntry=str_replace('"','"',$BlogEntry);
  $Image=$row['Image'];
  }
 }
?>

<!-- Edit Form -->
<form method="post" action="">
<table width="100%" border="0" cellspacing="2" cellpadding="2">
 <tr>
   <td colspan="2"><h3>Edit and Submit</h3>
<form action="" method="post" onsubmit="return validateForm();>
<input type="hidden" name="id" value="<? echo "$id" ?>">
</td>
 </tr>
 <tr>
   <td valign="top">Blog Title: </td>
   <td><input type="text" name="Title" size="100" value="<? echo "$Title"?>"></td>
 </tr>
 <tr>
   <td valign="top">Blog Category: </td>
   <td>
 <select name="Category">
 <option value="Entertainment" <?php if($Category=="Entertainment") { echo "selected"; }?>>Entertainment</option>
 <option value="Humourous" <?php if($Category=="Humourous") { echo "selected"; }?>>Humourous</option>
 <option value="Other" <?php if($Category=="Other") { echo "selected"; }?>>Other</option>
 <option value="Politics" <?php if($Category=="Politics") { echo "selected"; }?>>Politics</option>
 <option value="Sports" <?php if($Category=="Sports") { echo "selected"; }?>>Sports</option>
 <option value="Technology" <?php if($Category=="Technology") { echo "selected"; }?>>Technology</option>	   
 </select></td>
 </tr>
 <tr>
   <td valign="top">Blog Summary: </td>
   <td><textarea name="Summary" rows="5" cols="76"><? echo "$Summary"?></textarea></td>
 </tr>
 <tr>
   <td>Blog Entry:</td>
   <td><textarea name="BlogEntry" rows="5" cols="76"><? echo "$BlogEntry"?></textarea></td>
 </tr>
 <tr>
   <td>Image URL:</td>
   <td><input type="text" name="Image" size="100" value="<? echo "$Image"?>"></td>
 </tr>
 <tr>
   <td colspan="2" align="center"><input type="Submit" name="Update" value="Update"></form></td>
 </tr>
</table>
<!-- /Edit Form -->
<?
// If edit was hit
if ($_SERVER['REQUEST_METHOD']=="POST")
//if ($_POST['Update'])
{
$Title=mysql_real_escape_string(mb_convert_encoding($_POST['Title']));
$Category=mysql_real_escape_string(mb_convert_encoding($_POST['Category']));
$Summary=mysql_real_escape_string(mb_convert_encoding($_POST['Summary']));
$BlogEntry=mysql_real_escape_string(htmlspecialchars($_POST['BlogEntry']));
$Image=mysql_real_escape_string(htmlspecialchars($_POST['Image']));

mysql_query(" UPDATE TestCommentaryBlog SET Title='$Title', Category='$Category', Summary='$Summary', BlogEntry='$BlogEntry', Image='$Image' WHERE id='$id' ") or die ('Error Updating Data! <br />' .mysql_error());
// once saved, redirect back to the view page
header("Location: view.php");
}
}
?>

Link to comment
Share on other sites

With your guys' help I've got it to update, but now I'm royally confused as to make it header redirect because of the current output. Any suggestions on this coding?

 

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<script type="text/javascript" src="js/jquery-1.3.1.min.js"></script>
<script type="text/javascript" language="javascript" src="js/jquery.dropdownPlain.js"></script>
<script>
function validateForm()
{
var x=document.forms["ArticleSubmitter"]["Title"].value
if (x==null || x=="")
 {
 alert("You must fill out the Blog Title.");
 return false;
 }
var x=document.forms["ArticleSubmitter"]["Summary"].value
if (x==null || x=="")
 {
 alert("You must fill out the Blog Summary.");
 return false;
 }
var x=document.forms["ArticleSubmitter"]["BlogEntry"].value
if (x==null || x=="")
 {
 alert("You must fill out the Blog Entry.");
 return false;
 }

}
</script>
<title>Update Commentary Blog</title>
</head>
<body>
<?php
include('connect-cb.php');
// Get the user id
if (is_numeric($_GET['ID']))
{
$ID=$_GET['ID'];
}
// Get data from user with the specified id
$result = mysql_query("SELECT * FROM TestCommentaryBlog WHERE ID='$ID'") or die ('Error Getting User Data! <br />' .mysql_error());
$numrows = mysql_num_rows($result);
$row = mysql_fetch_array($result);
// If user id returns no results
   if ($numrows != 1)
 {
	 echo 'ID: <b>'.$ID.'</b> does not exist!';
  return false;
 }
 else
 {

 // Edit Form
 $result = mysql_query("SELECT * FROM TestCommentaryBlog WHERE ID=$ID") or die(mysql_error());
 while($row = mysql_fetch_array($result))
  {
  $Title=$row['Title'];
  $Title=str_replace('"','"',$Title);
  $Category=$row['Category'];
  $Summary=$row['Summary'];
  $Summary=str_replace('"','"',$Summary);
  $BlogEntry=$row['BlogEntry'];
  $BlogEntry=str_replace('"','"',$BlogEntry);
  $Image=$row['Image'];
  }
 }
?>

<!-- Edit Form -->
<form method="post" action="">
<table width="100%" border="0" cellspacing="2" cellpadding="2">
 <tr>
   <td colspan="2"><h3>Edit and Submit</h3>
<form action="view.php" method="post" onsubmit="return validateForm();>
<input type="hidden" name="ID" value="<? echo "$ID" ?>">
</td>
 </tr>
 <tr>
   <td valign="top">Blog Title: </td>
   <td><input type="text" name="Title" size="100" value="<? echo "$Title"?>"></td>
 </tr>
 <tr>
   <td valign="top">Blog Category: </td>
   <td>
 <select name="Category">
 <option value="Entertainment" <?php if($Category=="Entertainment") { echo "selected"; }?>>Entertainment</option>
 <option value="Humourous" <?php if($Category=="Humourous") { echo "selected"; }?>>Humourous</option>
 <option value="Other" <?php if($Category=="Other") { echo "selected"; }?>>Other</option>
 <option value="Politics" <?php if($Category=="Politics") { echo "selected"; }?>>Politics</option>
 <option value="Sports" <?php if($Category=="Sports") { echo "selected"; }?>>Sports</option>
 <option value="Technology" <?php if($Category=="Technology") { echo "selected"; }?>>Technology</option>	   
 </select></td>
 </tr>
 <tr>
   <td valign="top">Blog Summary: </td>
   <td><textarea name="Summary" rows="5" cols="76"><? echo "$Summary"?></textarea></td>
 </tr>
 <tr>
   <td>Blog Entry:</td>
   <td><textarea name="BlogEntry" rows="5" cols="76"><? echo "$BlogEntry"?></textarea></td>
 </tr>
 <tr>
   <td>Image URL:</td>
   <td><input type="text" name="Image" size="100" value="<? echo "$Image"?>"></td>
 </tr>
 <tr>
   <td colspan="2" align="center"><input type="Submit" name="Update" value="Update"></form></td>
 </tr>
</table>
<!-- /Edit Form -->
<?
// If edit was hit
if ($_SERVER['REQUEST_METHOD']=="POST")
{
$Title=mysql_real_escape_string(htmlspecialchars($_POST['Title']));
$Category=mysql_real_escape_string(htmlspecialchars($_POST['Category']));
$Summary=mysql_real_escape_string(htmlspecialchars($_POST['Summary']));
$BlogEntry=mysql_real_escape_string(htmlspecialchars($_POST['BlogEntry']));
$Image=mysql_real_escape_string(htmlspecialchars($_POST['Image']));

mysql_query(" UPDATE TestCommentaryBlog SET Title='$Title', Category='$Category', Summary='$Summary', BlogEntry='$BlogEntry', Image='$Image' WHERE ID='$ID' ") or die ('Error Updating Data! <br />' .mysql_error());
// once saved, redirect back to the view page
header("Location: view.php");
}
?>

</body>
</html>

Link to comment
Share on other sites

but now I'm royally confused as to make it header redirect because of the current output. Any suggestions on this coding?

 

You put the main php logic first on the page, then you produce any output for the page, then you output that content as a html document.

 

You would first put any security check logic - what can the current visitor do when he requests this page? Then put any form processing logic on the page - your current form processing code. At this point you would redirect if needed and since you haven't produced or output any content on the page, the redirect will have no problem working.

 

Next handle any get request logic that determines what the page should display, produce the requested content, and finally output a valid html document with any css/javascript and content that you want.

 

Lastly, you always need to perform server-side validation of all submitted external data. Your javascript validation will alert a legitimate visitor, that has javascript enabled, but won't do anything for the few visitors with javascript disabled or bot scripts that don't have javascript at all and submit data directly to the form processing logic and could care less about any client-side validation you have.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.