Jump to content

[SOLVED] Database update not working

soycharliente

By soycharliente
in PHP Coding Help

 Share

Recommended Posts

soycharliente Advanced Member

soycharliente

Posted
Posted
Can anyone see why this code isn't working? No errors generated. The database table just doesn't update. Hostname, username, password, and dbname are all correct as well.

I have a table called 'users' with fields named 'name', 'classes', and 'help'.
Looking at this code makes my eyes hurt. If anyone can provide any help, I'll love you forever. Thanks in advance.

[code]<?php
if ($_GET['action'] == "update") {
$update = TRUE;
}

$current = $_POST['current'];
$help = $_POST['helpwith'];
if ($update) {
//Connect To Database
$hostname = "....";
$username = "...";
$password = "...";
$dbname = "...";

mysql_connect($hostname, $username, $password) OR DIE ("Unable to connect! Please try again.");
mysql_select_db($dbname);

$temp = $HTTP_SESSION_VARS["LoggedInUser"];
$query = "UPDATE users SET classes='" . quote_smart($current) . "', help='" . quote_smart($help) . "' WHERE name='$temp'";
$result = mysql_query($query);
}
?>
<html>
<body>

<form action="classes.php?action=update" method="post">
<?php
echo "<textarea name=\"current\" rows=\"4\" cols=\"20\" maxlength=\"300\">some text</textarea>\n";
echo "<textarea name=\"helpwith\" rows=\"4\" cols=\"40\" maxlength=\"300\">some text</textarea>\n";
echo "<input type=\"submit\" value=\"Update\" /> <a href=\"classes.php\">cancel</a>\n";
?>
</form>

</body>
</html>

<?php
function quote_smart($value) {
  // Stripslashes
  if (get_magic_quotes_gpc()) {
      $value = stripslashes($value);
  }
  // Quote if not a number or a numeric string
  if (!is_numeric($value)) {
      $value = "'" . mysql_real_escape_string($value) . "'";
  }
  return $value;
}
?>[/code]
Link to comment
https://forums.phpfreaks.com/topic/33317-solved-database-update-not-working/
Share on other sites
matto Newbie

matto

Posted
Posted
try changing this line

[code]
if ($_GET['action'] == "update")
[/code]

to this:

[code]
if (isset($_POST['update')) {
[/code]

and remove the ?action= part from your form tag then change the following:
[code]
echo "<input type=\"submit\" value=\"Update\" /> <a href=\"classes.php\">cancel</a>\n"
[/code]
to
[code]
echo "<input type=\"submit\" name=\"update\" value=\"Update\" /> <a href=\"classes.php\">cancel</a>\n"
[/code]
soycharliente Advanced Member

soycharliente

Posted
  • Author
Posted
Nope. Still has the same effect. I think I'm going to just scratch the whole page and start over from the beginning adding things little by little. Funny thing is that the whole page was working for two weeks before today.
soycharliente Advanced Member

soycharliente

Posted
  • Author
Posted
I fixed it. Thanks matto for the help. I stopped using quote_smart and used solely the mysql_real_escape_string function. The only problem with that is that it inserts a \ into whatever the data they tried to post is. If they then clicked edit and then update (or just left the \ in, it would escape the \ with another \ to that it would display the first one thereby displaying a second one. AHHH!!!). But, I don't really care because it's not a site for a company.

I'm will mark this as solved at the end of today, but if anyone knows how to get rid of that problem I just mentioned please let me know.

Would using stripslahes negate the use of mysql_real_escape_string in a bad way?
Say I did something like...
[code]
<?php
$test = "Hello. I don't know your name.";
$safe = mysql_real_escape_string($test); //outputs "Hello. I don\'t know your name." to the screen
$strip = stripslashes($safe); //outputs "Hello. I don't know your name." to the screen
?>
[/code]
It does in fact remove the extra \'s, but does that negate making it a "safe string"?

@matto: What's the diff between $_HTTP_SESSION_VARS and $_SESSION?
matto Newbie

matto

Posted
Posted
This is a very old way of doing things

session_register("LoggedInUser");

There is no need to register session vars anymore, you can simply do the following:

$_SESSION["LoggedInUser"] = whatever;


You may also want to consider using something like the following to fix your slashes problem:
[code]
if (!get_magic_quotes_gpc()) {
  $lastname = addslashes($_POST['lastname']);
} else {
  $lastname = $_POST['lastname'];
}
[/code]
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.