Jump to content

what am i doring wrong?


yobo

Recommended Posts

hey all,

 

i have a script that updates hacks so for example lets say a user wanted to change the name of a hack then they would contact the site admin where he/she would use the serach form and find that hacks name click the link that says edit now when i click update it replaces the current values in the database with blank values (in other words it deletes them)

 

here is my codeing for this page

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Joke CMS: Edit Author</title>
<meta http-equiv="content-type"
    content="text/html; charset=iso-8859-1" />
</head>
<body>
<?php
include("config.php");

// connect to the mysql server
$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());

// select the database
mysql_select_db($database)
or die ("Could not select database because ".mysql_error());

if (isset($_POST['name'])):
  // The author's details have been updated.

  $hackname = $_POST['hackname'];
   $description = $_POST['description'];
    $version = $_POST['version'];
  $hacksid = $_POST['hacksid'];
  $sql = ("UPDATE hacks SET
          hackname='$hackname',
	  description='$description',
	  version='$version'
          WHERE hacksid='$hacksid'");
  if (@mysql_query($sql)) {
    echo '<p>hack details updated.</p>';
  } else {
    echo '<p>Error updating hack details: ' .
        mysql_error() . '</p>';
  }

?>

<p><a href="index.php">Return admin page</a></p>

<?php
else: // Allow the user to edit the author

  $hacksid = $_GET['hacksid'];
  $hack = @mysql_query(
      "SELECT * FROM hacks WHERE hacksid='$hacksid'");
  if (!$hack) {
    exit('<p>Error fetching hack details: ' .
        mysql_error() . '</p>');
  }

  $hack= mysql_fetch_array($hack);

  $hackname = $hack['hackname'];
  $description = $hack['description'];
  $version = $hack['version'];
  

  // Convert special characters for safe use
  // as HTML attributes.
  $hackname = htmlspecialchars($hackname);
  $description = htmlspecialchars($description);
  $version = htmlspecialchars($version);
  

?>

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<p>Edit Hack:</p>
<label>Hackname: <input type="text" name="name" value="<?php echo $hackname; ?>" /></label><br />
<label>Description: <input type="text" name="name" value="<?php echo $description; ?>" /></label><br />
<label>Version: <input type="text" name="name" value="<?php echo $version; ?>" /></label><br />

<input type="hidden" name="hacksid" value="<?php echo $hacksid; ?>" />
<input type="submit" value="SUBMIT" /></p>
</form>

<?php endif; ?>

</body>
</html>

Link to comment
https://forums.phpfreaks.com/topic/44140-what-am-i-doring-wrong/
Share on other sites

Ah, it has to do with your form. Check this

 

<label>Hackname: <input type="text" name="name" value="<?php echo $hackname; ?>" /></label><br />
<label>Description: <input type="text" name="name" value="<?php echo $description; ?>" /></label><br />
<label>Version: <input type="text" name="name" value="<?php echo $version; ?>" /></label><br />

 

See, you have each of those set to a name "name". Basically, you're setting $_POST['name'] three times over. Your variables are set up like this:

 

  $hackname = $_POST['hackname'];
   $description = $_POST['description'];
    $version = $_POST['version'];
  $hacksid = $_POST['hacksid'];

 

So what you want to do is change those names in the form to match the variables. It'd be like this:

<label>Hackname: <input type="text" name="hackname" value="<?php echo $hackname; ?>" /></label><br />
<label>Description: <input type="text" name="description" value="<?php echo $description; ?>" /></label><br />
<label>Version: <input type="text" name="version" value="<?php echo $version; ?>" /></label><br />

 

You did get the hidden value set right though for the hackid. I believe that should do it, however. Before you try that though, make sure those variables are outputting the appropriate data (so try and echo $hackname and such).

 

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.