achilles1971 Posted March 11, 2013 Share Posted March 11, 2013 I am working through a Create a CMS tutorial and I am on the very last step, but I am hung up. My code is below. It is supposed to pull up a blank form when you want to add a new blog post and it is supposed to populate the field when you want to edit a previous blog post. That all works fine. The edit a blog post functionality works as it should. My problem is when I submit a new blog post, the data does not get sent to the database. Any ideas where I may have gone wrong? Aaron <?php ## Blog Manager?> <?php if (isset($_POST['submitted']) == 1) { if ($_GET['id'] == '') { $q = "INSERT INTO blog (title, date, body) VALUES ('$_POST[title]', '$_POST[date]', '$_POST[body]'"; }else { $q = "UPDATE blog SET title = '$_POST[title]', date = '$_POST[date]', body = '$_POST[body]' WHERE id = '$_POST[id]'"; } $r = mysqli_query($dbc, $q); }?><h2>ATOM.CMS Blog Manager</h2> <div class="col sidebar"> <ul class="nav_side"> <li><a href="?page=blog">+ Add Post</a></li> <?php $q = "SELECT * FROM blog ORDER BY date ASC"; $r = mysqli_query($dbc, $q); if ($r) { while ($link = mysqli_fetch_assoc($r)) { echo '<li><a href="?page=blog&id='.$link['id'].'">'.$link['title'].'</a></li>'; } } ?> </ul> </div><div class="col editor"><h1> <?php if (isset($_GET['id'])) { $q = "SELECT * FROM blog WHERE id = '$_GET[id]' LIMIT 1"; $r = mysqli_query($dbc, $q); $opened = mysqli_fetch_assoc($r); echo 'Editing: '.$opened['title']; } else { echo 'Add a New Blog Post'; } ?></h1> <form action="?page=blog&id=<?php if (isset($_GET['id'])){echo $opened['id'];} ?>" method="post"> <table class="gen_form"> <tr> <td class="gen_label"><label>Blog title: </label></td> <td><input class="gen_input" type="text" size="30" name="title" value="<?php if (isset($_GET['id'])){echo $opened['title'];} ?>" /></td> </tr> <tr> <td class="gen_label"><label>Blog date: </label></td> <td><input class="gen_input" type="text" size="30" name="date" value="<?php if (isset($_GET['id'])){echo $opened['date'];} ?>"/></td> </tr> <tr> <td class="gen_label"></td> </tr> <tr> <td colspan="2" class="gen_label"><label>Blog body: </label></td> </tr> <tr> <td colspan="2"><textarea id="page_body" name="body" cols="90" rows="24"><?php if (isset($_GET['id'])){echo $opened['body'];} ?></textarea></td> </tr> <tr> <td colspan="2"><input class="gen_submit" type="submit" name="submit" value="Save Changes" /></td> </tr> <input type="hidden" name="submitted" value="1" /> <input type="hidden" name="id" value="<?php if (isset($_GET['id'])){echo $opened['id'];} ?>" /> </table> </form> </div> Quote Link to comment Share on other sites More sharing options...
computermax2328 Posted March 11, 2013 Share Posted March 11, 2013 At the top where it says: <?php if (isset($_POST['submitted']) == 1) { if ($_GET['id'] == '') { $q = "INSERT INTO blog (title, date, body) VALUES ('$_POST[title]', '$_POST[date]', '$_POST[body]'"; }else { $q = "UPDATE blog SET title = '$_POST[title]', date = '$_POST[date]', body = '$_POST[body]' WHERE id = '$_POST[id]'"; } $r = mysqli_query($dbc, $q); } ?> I would try !$_GET['id'] in your first if statement. Turn on error reporting while you are still in the developing stage as well. Quote Link to comment Share on other sites More sharing options...
gmaestroo Posted March 11, 2013 Share Posted March 11, 2013 This will work 100% $title = $_POST[title]; $date = $_POST[date]; $body = $_POST[body]; $q = "INSERT INTO blog (title, date, body) VALUES ('$title', $date', '$body')"; Quote Link to comment Share on other sites More sharing options...
Barand Posted March 11, 2013 Share Posted March 11, 2013 This will work 100% $title = $_POST[title]; $date = $_POST[date]; $body = $_POST[body]; $q = "INSERT INTO blog (title, date, body) VALUES ('$title', $date', '$body')"; except the array keys (title, date and body) should be in quotes and you should sanitize user-inputs with mysqli_real_escape_string before using in a query Quote Link to comment Share on other sites More sharing options...
Spraban9 Posted March 11, 2013 Share Posted March 11, 2013 $title = $_POST[title]; $date = $_POST[date]; $body = $_POST[body]; $con = mysql_connect("localhost","root",""); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("real", $con); $sql = "INSERT INTO blog (title, date, body) VALUES ('.$title.','. $date.', '.$body.')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "1 record added"; mysql_close($con) Quote Link to comment Share on other sites More sharing options...
Barand Posted March 11, 2013 Share Posted March 11, 2013 (edited) Spraban9, why would anyone want a query that looks like this INSERT INTO blog (title, date, body) VALUES ('.titledata.','. datedata.', '.bodydata.') with periods added to the start and end of all the string values? Not to mention the lack of any sanitization of inputs Edited March 11, 2013 by Barand Quote Link to comment Share on other sites More sharing options...
Solution achilles1971 Posted March 13, 2013 Author Solution Share Posted March 13, 2013 Okay...here is the solution: <?php ## Blog Manager?> <?php if (isset($_POST['submitted']) == 1) { if ($_GET['id'] == '') { if ($_POST['title'] =='' || $_POST['body'] == '') { header('Location: index.php?page=blog'); } else { $title = $_POST['title']; $date = $_POST['date']; $body = $_POST['body']; $q = "INSERT INTO blog (title, date, body) VALUES ('$title', '$date', '$body')"; } }else { $q = "UPDATE blog SET title = '$_POST[title]', date = '$_POST[date]', body = '$_POST[body]' WHERE id = '$_POST[id]'"; } $r = mysqli_query($dbc, $q); } ?><h2>ATOM.CMS Blog Manager</h2> <div class="col sidebar"> <ul class="nav_side"> <li><a href="?page=blog">+ Add Post</a></li> <?php $q = "SELECT * FROM blog ORDER BY date ASC"; $r = mysqli_query($dbc, $q); if ($r) { while ($link = mysqli_fetch_assoc($r)) { echo '<li><a href="?page=blog&id='.$link['id'].'">'.$link['title'].'</a></li>'; } } ?> </ul> </div><div class="col editor"><h1> <?php if (isset($_GET['id'])) { $q = "SELECT * FROM blog WHERE id = '$_GET[id]' LIMIT 1"; $r = mysqli_query($dbc, $q); $opened = mysqli_fetch_assoc($r); echo 'Editing: '.$opened['title']; } else { echo 'Add a New Blog Post'; } ?></h1> <form action="?page=blog&id=<?php if (isset($_GET['id'])){echo $opened['id'];} ?>" method="post"> <table class="gen_form"> <tr> <td class="gen_label"><label>Blog title: </label></td> <td><input class="gen_input" type="text" size="30" name="title" value="<?php if (isset($_GET['id'])){echo $opened['title'];} ?>" /></td> </tr> <tr> <td class="gen_label"><label>Blog date: </label></td> <td><input class="gen_input" type="text" size="30" name="date" value="<?php if (isset($_GET['id'])){echo $opened['date'];} ?>"/></td> </tr> <tr> <td class="gen_label"></td> </tr> <tr> <td colspan="2" class="gen_label"><label>Blog body: </label></td> </tr> <tr> <td colspan="2"><textarea id="page_body" name="body" cols="90" rows="24"><?php if (isset($_GET['id'])){echo $opened['body'];} ?></textarea></td> </tr> <tr> <td colspan="2"><input class="gen_submit" type="submit" name="submit" value="Save Changes" /></td> </tr> <input type="hidden" name="submitted" value="1" /> <input type="hidden" name="id" value="<?php if (isset($_GET['id'])){echo $opened['id'];} ?>" /> </table> </form> <?php ?> </div> Two problems: 1. The timestamp being inserted into the database is 0000-00-00 00:00:00 2. The body content is being inserted into the database with paragraph tags around it (I am using Redactor WYSIWYG for the body field). What could be causing these two issues? Quote Link to comment Share on other sites More sharing options...
NiTx Posted March 13, 2013 Share Posted March 13, 2013 Achillies - please post your code properly by using the <> icon rather than just pasting it in the comments. No biggie, just make everyones life a lot easier. <?php $reason = "It's far more readable"; echo $reason; ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.