Another pair of eyes

[MartynLearnsPHP]

Hi. I am trying to write an "update" form and I'm sure that I have done it correctly, but it's just not working. I've spent days staring at the code and trying to tweak it. Can anyone else see what I have missed?

 

The form is:

<form action='membertableguests.php' method='post'>
	<input type='hidden' name='admin' value='{$admin}'>
	<input type='hidden' name='adminid' value='{$adminid}'>
	<input type='hidden' name='tableposition1' value='{$q}'>
	<input type='hidden' name='seat1' value='1'>
	<input type='hidden' name='token' value='" .Token::generate(). "'>
	<input type='submit' value='Submit Seating Update' name='position-guests'>
		
	<select name='id1'>
		<option value=''>-Please Select a Guest-</option>";
		$guest = "SELECT id, firstname, lastname FROM guests WHERE adminid='{$adminid}' && invite='Yes' && attend!='No' ORDER BY lastname, firstname";
		$guestquery = DB::getInstance()->query($guest);
		foreach ($guestquery->results() as $guestresults) 
		{
		echo "<option value='" . $guestresults->id . "'>" . $guestresults->firstname . " " . $guestresults->lastname . "</option>";
		}
	</select>
</form>

And the Update php code is:

if (!empty($_POST['position-guests'])) {
	if(Input::exists()) {
		if(Token::check(Input::get('token'))) {
			$db = DB::getInstance();
    
			$sql = "UPDATE `guests`
				SET `admin` = ?,
					'adminid' = ?,
					`tableposition` = ?,
					`seat` = ?
				WHERE `id` = ?
				";
			$guestUpdate = $db->query($sql, array(
				$_POST['admin'],
				$_POST['adminid'],
				$_POST['tableposition1'],
				$_POST['seat1'],
				$_POST['id1']
			));
		Redirect::to('membertableguests.php');
		}
	}
}

I've tried echoing out $admin, $adminid and $q and they are all correct.

 

I'm simply asking here if anyone can spot an obvious mistake or typo that I have made in my code.

[Psycho]

What, specifically, is not working? Are you getting errors? Are you providing specific values that are returning results you don't expect? If so, what values are being provided, what are the expected results and what are the actual results?

 

EDIT: I see you have multiple if() conditions to determine when to execute the functionality. However, you have no else conditions. Never assume you will get the requisite data. Including else conditions will provide error/debug handling to help identify errors. E.g.

if (empty($_POST['position-guests'])) {

    echo "No post value provided."; 
 
} else {
    // Code to run goes here
}

Edited December 17, 2015 by Psycho

[Psycho]

Here's a revision that adds some debugging:

 

<?php
 
if (!$_SERVER['REQUEST_METHOD']=="POST")
{
    echo "Error: No POST data provided";
}
elseif(!Input::exists())
{
   echo "Error: Input does not exist."; 
}
elseif(!Token::check(Input::get('token')))
{
   echo "Error: Token check failed."; 
}
else
{
    $db = DB::getInstance();
 
    $sql = "UPDATE `guests`
            SET `admin` = ?,
                'adminid' = ?,
                `tableposition` = ?,
                `seat` = ?
            WHERE `id` = ?";
    $guestUpdate = $db->query($sql, array(
                        $_POST['admin'],
                        $_POST['adminid'],
                        $_POST['tableposition1'],
                        $_POST['seat1'],
                        $_POST['id1']
                    ));
    if(!$guestUpdate)
    {
        echo "Error: Guest update failed."; 
    }
    else
    {
        Redirect::to('membertableguests.php');
    }
}
 
?>
 

[maxxd]

In addition, you switch from HTML to php in your form without opening or closing php tags. Without knowing what "it's just not working" specifically means, it's hard to tell if that's a by-product of cutting and pasting bits of code or if it's an actual error.

[MartynLearnsPHP]

Sorry. The html/php flipping is just cutting the form down to the relevant elements to post here.

 

Using Psycho's debugging code (sligthty adapted to suit my form as follows:

if (!empty($_POST['position-guests'])) {
    if(!Input::exists()) {
        echo "Error: Input does not exist.";
        } else {
        if(!Token::check(Input::get('token'))) {
        echo "Error: Token check failed.";
        } else {
        $db = DB::getInstance();
    
        $sql = "UPDATE `guests`
                SET `admin` = ?,
                    'adminid' = ?,
                    `tableposition` = ?,
                    `seat` = ?
                WHERE `id` = ?";
        $guestUpdate = $db->query($sql, array(
                            $_POST['admin'],
                            $_POST['adminid'],
                            $_POST['tableposition1'],
                            $_POST['seat1'],
                            $_POST['id1']
                        ));
            if(!$guestUpdate)
            {
                echo "Error: Guest update failed.";
            }
            else
            {
                Redirect::to('membertableguests.php');
            }
        }
    }
} else {
echo "Error: No POST data provided";
}

It appears that my form just isn't submitting because I am getting the following: "Error: No POST data provided validate"

 

I'm completely at a loss as to why the form isn't submitting the information. If I echo out
                           $_POST['admin'],
                           $_POST['adminid'],
                           $_POST['tableposition1'],
                           $_POST['seat1'],
                           $_POST['id1']

it does give me the right information that was submitted in the form.

[Muddy_Funster]

and what about the post field that you are checking with the empty() conditional?

 

!empty($_POST['position-guests']

did you double check what's in that one?  

As it's a button rather than an input I personally would be inclined to check against !isset() rather than !empty() - that's not to say that !empty() shouldn't work, it should, I just prefer to do it that way because I'm not interested in the contents, just if it's there or not.

[MartynLearnsPHP]

Aha! I've found it!

 

I knew it was going to be a schoolboy error but it's taken me about 3 weeks to find it! I've used normal apostrophes for the SET adminid instead of using the backward tick.

[Muddy_Funster]

Glad it's working, but that doesn't match the error you mentioned in your last post...  :-)

[Psycho]

You should check the REQUEST_METHOD to determine if a POST was made instead of some arbitrary field. You would still need to validate that all required fields have data anyway. I know that in some older browser an input submit button would only be included in the POST data if the user actually clicked on the button (as opposed to pressing the enter key on the keyboard which would also submit the form).

 

Also, I would highly suggest changing the conditions to check for the negative conditions so you can put the error message next to the condition that checks for it. Otherwise, you create all these nested conditions making it difficult to "see" which message goes with which condition.

 

This is the structure you have now

 

if(condition1) {
{
    //Do something
 
    if(condition2) {
 
        //Do something
 
        if(condition3) {
 
            //All conditions passed
 
        } else {
 
            echo "Error condition 3";
 
        }
 
    } else {
 
        echo "Error condition 2";
 
    }
 
} else {
 
    echo "Error condition 1";
 
}

 

This is much cleaner:

 

if(!condition1) {
{
 
    echo "Error condition 1";
 
} else {
 
    //Do something
 
    if(!condition2) {
 
        echo "Error condition 2";
 
    } else {
 
        //Do something
 
        if(!condition3) {
 
            echo "Error condition 3";
 
        } else {
 
            //All conditions passed
 
 
        }
 
    }    
 
}