Jump to content

[SOLVED] problem with code please help

marksie1988

By marksie1988
in PHP Coding Help

 Share

Recommended Posts

marksie1988 Regular Member

marksie1988

Posted
Posted

ok i have a form which when fields on it are eidted it should update a mysql talbe the code is below all i can think is that my part in adminprocess.tcos that has the update mysql in it is incorrect. please advice

 

MySQL Table

TABLE `songs` (
  `id` int(10) unsigned NOT NULL auto_increment,
  `postdate` int(11) default NULL,
  `title` varchar(50) NOT NULL,
  `length` time NOT NULL default '00:00:00',
  `link` varchar(200) NOT NULL,
  `lyrics` text NOT NULL,
  PRIMARY KEY  (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=8 ;

 

there is a form which the user selects the song name to go to the edit page. that form works ok.

 

Form (song_edit.tcos)

<?
/**
* Admin.tcos
*/
include("include/session.tcos");

/**
* User not an administrator, redirect to main page
* automatically.
*/
if(!$session->isAdmin()){
   header("Location: index.tcos");
}
else{
/**
* Administrator is viewing page, so display all
* forms.
*/
?>
<html>
<body>
<h1>Song Actions please do not use yet!!</h1>
<font size="5" color="#ff0000">
<b>::::::::::::::::::::::::::::::::::::::::::::</b></font>
<font size="4">Logged in as <b><? echo $session->username; ?></b></font><br><br>
Back to [<a href="index.tcos">Main Page</a>]<br><br>
<?
if($form->num_errors > 0){
   echo "<font size=\"4\" color=\"#ff0000\">"
       ."!*** Error with request, please fix</font><br><br>";
}
?>
<table align="left" border="0" cellspacing="5" cellpadding="5">
<?php
if(ctype_digit($_GET['id']))
   $song_id = $_GET['id'];
else
   $article_id = 0;
$query = "SELECT * FROM `songs` WHERE `id` = '" . $song_id . "' LIMIT 1;";  
$result = mysql_query($query);

if(mysql_num_rows($result) == 0) {
echo "<h5 class=\"style2\">There are no songs with this id</h5>";
}
else{
while ($row = mysql_fetch_assoc ($result)) {
?>
<h3>Edit Song</h3>
<? echo $form->error("editsong"); ?>
<form action="adminprocess.tcos" method="POST">
Title:<br>
<input type="text" name="title" maxlength="50" value="<?php echo "$row[title]";?>"><br>
Length:<br>
<input type="text" name="length" maxlength="50" value="<?php echo "$row[length]";?>"><br>
Song Link (http://songlocation):<br>
<input type="text" name="link" value="<?php echo "$row[link]";?>"><br>
Lyrics:<br>
<textarea rows="20" cols="90" name="lyrics"><?php echo "$row[lyrics]";?></textarea><br>
<input type="hidden" name="subeditsong" value="1">
<input type="submit" value="Edit Song!">
</form>
<?php
}
}
?>

</table>
</body>
</html>
<?
}
?>

 

process (adminprocess.tcos) this is where the form is directed to update.

<?
/**
* AdminProcess.php
* 
* The AdminProcess class is meant to simplify the task of processing
* admin submitted forms from the admin center, these deal with
* member system adjustments.
*
* Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
* Last Updated: August 15, 2004
*/
include("include/session.tcos");

class AdminProcess
{
   /* Class constructor */
   function AdminProcess(){
      global $session;
      /* Make sure administrator is accessing page */
      if(!$session->isAdmin()){
         header("Location: ../main.php");
         return;
      }
      /* Admin submitted delete user form */
      else if(isset($_POST['subdeluser'])){
         $this->procDeleteUser();
      }
      /* Admin submitted add news form */
      else if(isset($_POST['subaddnews'])){
         $this->procaddnews();
      }
  /* Admin submitted delete news form */
      else if(isset($_POST['subdelnews'])){
         $this->procDeletenews();
      }
      /* Admin submitted add song form */
      else if(isset($_POST['subaddsong'])){
         $this->procaddsong();
      }
      /* Admin submitted edit song form */
      else if(isset($_POST['subeditsong'])){
         $this->proceditsong();
      }
  /* Admin submitted change welcome form */
      else if(isset($_POST['subwelcome'])){
         $this->procwelcome();
      }
      /* Should not get here, redirect to home page */
      else{
         header("Location: ../main.php");
      }
   }

   /**
    * procDeleteUser - If the submitted username is correct,
    * the user is deleted from the database.
    */
   function procDeleteUser(){
      global $session, $database, $form;
      /* Username error checking */
      $subuser = $this->checkUsername("deluser");
      
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      /* Delete user from database */
      else{
         $q = "DELETE FROM ".TBL_USERS." WHERE username = '$subuser'";
         $database->query($q);
         header("Location: ".$session->referrer);
      }
   }
   /**
    * procaddnews 
    */
   function procaddnews(){
      global $session, $database, $form;
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{
         $q = "INSERT INTO ".TBL_NEWS." (id, postdate, title, newstext) VALUES ('null', UNIX_TIMESTAMP() , '$_POST[title]', '$_POST[newstext]')";
         $database->query($q);
         header("Location: ".$session->referrer);
      }
   }
   /**
    * procaddsong 
    */
   function procaddsong(){
      global $session, $database, $form;
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{
         $q = "INSERT INTO ".TBL_SONGS." (id, postdate, title, length, link, lyrics) VALUES ('null', UNIX_TIMESTAMP() , '$_POST[title]', '$_POST[length]', '$_POST[link]', '$_POST[lyrics]')";
         $database->query($q);
         header("Location: ".$session->referrer);
      }
   }
    /**
    * proceditsong 
    */
   function proceditsong(){
$this->time = time();
      global $session, $database, $form;
        if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{if(ctype_digit($_GET['id']))
   $article_id = $_GET['id'];
else
   $article_id = 0;$query = "SELECT * FROM `songs` WHERE `id` = '" . $article_id . "' LIMIT 1;";  
$result = mysql_query($query);


if(mysql_num_rows($result) == 0) {
echo "<h5 class=\"style2\">There is no news with this article id</h5>";
}
else{
while ($row = mysql_fetch_assoc ($result)) {

   mysql_query("UPDATE songs SET title = '$_POST[title]' WHERE id = '" . $article_id . "'  ");
   mysql_query("UPDATE songs SET length = '$_POST[length]' WHERE id = '" . $article_id . "' ");
         header("Location: ".$session->referrer);
}
  }
   }

    /**
    * procwelcome 
    */
   function procwelcome(){
$this->time = time();
      global $session, $database, $form;
        if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{   
   mysql_query("UPDATE welcome SET welcome = '$_POST[welcome]' WHERE title = 'welcome'");
   mysql_query("UPDATE welcome SET timestamp = UNIX_TIMESTAMP() WHERE title = 'welcome'");
         header("Location: ".$session->referrer);
   }
   }
    /**
    * procDeletenews - If the submitted username is correct,
    * the user is deleted from the database.
    */
   function procDeletenews(){
      global $session, $database, $form;
        if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{   
   mysql_query("DELETE FROM news WHERE title = '$_POST[delnews]'");
         header("Location: ".$session->referrer);
   }
   }

  /**
    * checkUsername - Helper function for the above processing,
    * it makes sure the submitted username is valid, if not,
    * it adds the appropritate error to the form.
    */
   function checkUsername($uname, $ban=false){
      global $database, $form;
      /* Username error checking */
      $subuser = $_POST[$uname];
      $field = $uname;  //Use field name for username
      if(!$subuser || strlen($subuser = trim($subuser)) == 0){
         $form->setError($field, "* Username not entered<br>");
      }
      else{
         /* Make sure username is in database */
         $subuser = stripslashes($subuser);
         if(strlen($subuser) < 5 || strlen($subuser) > 30 ||
            !eregi("^([0-9a-z])+$", $subuser) ||
            (!$ban && !$database->usernameTaken($subuser))){
            $form->setError($field, "* Username does not exist<br>");
         }
      }
      return $subuser;
   }
};

/* Initialize process */
$adminprocess = new AdminProcess;

?>

 

this is the code i think is giving me the problem i think ive made a total mess of it. 

    /**
    * proceditsong 
    */
   function proceditsong(){
$this->time = time();
      global $session, $database, $form;
        if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{if(ctype_digit($_GET['id']))
   $article_id = $_GET['id'];
else
   $article_id = 0;$query = "SELECT * FROM `songs` WHERE `id` = '" . $article_id . "' LIMIT 1;";  
$result = mysql_query($query);


if(mysql_num_rows($result) == 0) {
echo "<h5 class=\"style2\">There is no news with this article id</h5>";
}
else{
while ($row = mysql_fetch_assoc ($result)) {

   mysql_query("UPDATE songs SET title = '$_POST[title]' WHERE id = '" . $article_id . "'  ");
   mysql_query("UPDATE songs SET length = '$_POST[length]' WHERE id = '" . $article_id . "' ");
         header("Location: ".$session->referrer);
}
  }
   }

 

please help me out as this is one of the last things i need to do for the website to function fully :)

 

Thanks

Steve

Link to comment
Share on other sites
btherl Member

btherl

Posted
Posted

Can you please fix your indentation?  Otherwise I can't understand your code.  You should never have things looking like this:

 

}
}

 

and NEVER EVER have things looking like this:

 

}
  }

 

:)

 

Instead, it should look like this:

 

if (something) {
  do some blah;
  while (somethingelse) {
    some more blah;
  }
}

Link to comment
Share on other sites
marksie1988 Regular Member

marksie1988

Posted
  • Author
Posted

song_edit.tcos

 

<?
/**
* Admin.tcos
*/
include("include/session.tcos");

/**
* User not an administrator, redirect to main page
* automatically.
*/
if(!$session->isAdmin()){
   header("Location: index.tcos");
}
else{
/**
* Administrator is viewing page, so display all
* forms.
*/
?>
<html>
<body>
<h1>Song Actions please do not use yet!!</h1>
<font size="5" color="#ff0000">
<b>::::::::::::::::::::::::::::::::::::::::::::</b></font>
<font size="4">Logged in as <b><? echo $session->username; ?></b></font><br><br>
Back to [<a href="index.tcos">Main Page</a>]<br><br>
<?
if($form->num_errors > 0){
   echo "<font size=\"4\" color=\"#ff0000\">"
       ."!*** Error with request, please fix</font><br><br>";
}
?>
<table align="left" border="0" cellspacing="5" cellpadding="5">
<?php
if(ctype_digit($_GET['id']))
   $song_id = $_GET['id'];
else
   $article_id = 0;
$query = "SELECT * FROM `songs` WHERE `id` = '" . $song_id . "' LIMIT 1;";  
$result = mysql_query($query);

if(mysql_num_rows($result) == 0) {
echo "<h5 class=\"style2\">There are no songs with this id</h5>";
}
else{
	while ($row = mysql_fetch_assoc ($result)) {
?>
<h3>Edit Song</h3>
<? echo $form->error("editsong"); ?>
<form action="adminprocess.tcos" method="POST">
Title:<br>
<input type="text" name="title" maxlength="50" value="<?php echo "$row[title]";?>"><br>
Length:<br>
<input type="text" name="length" maxlength="50" value="<?php echo "$row[length]";?>"><br>
Song Link (http://songlocation):<br>
<input type="text" name="link" value="<?php echo "$row[link]";?>"><br>
Lyrics:<br>
<textarea rows="20" cols="90" name="lyrics"><?php echo "$row[lyrics]";?></textarea><br>
<input type="hidden" name="subeditsong" value="1">
<input type="submit" value="Edit Song!">
</form>
<?php
}
}
?>

</table>
</body>
</html>
<?
}
?>

 

adminprocess.tcos

 

<?
/**
* AdminProcess.php
* 
* The AdminProcess class is meant to simplify the task of processing
* admin submitted forms from the admin center, these deal with
* member system adjustments.
*
* Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
* Last Updated: August 15, 2004
*/
include("include/session.tcos");

class AdminProcess
{
   /* Class constructor */
   function AdminProcess(){
      global $session;
      /* Make sure administrator is accessing page */
      if(!$session->isAdmin()){
         header("Location: ../main.php");
         return;
      }
      /* Admin submitted delete user form */
      else if(isset($_POST['subdeluser'])){
         $this->procDeleteUser();
      }
      /* Admin submitted add news form */
      else if(isset($_POST['subaddnews'])){
         $this->procaddnews();
      }
  /* Admin submitted delete news form */
      else if(isset($_POST['subdelnews'])){
         $this->procDeletenews();
      }
      /* Admin submitted add song form */
      else if(isset($_POST['subaddsong'])){
         $this->procaddsong();
      }
      /* Admin submitted edit song form */
      else if(isset($_POST['subeditsong'])){
         $this->proceditsong();
      }
  /* Admin submitted change welcome form */
      else if(isset($_POST['subwelcome'])){
         $this->procwelcome();
      }
      /* Should not get here, redirect to home page */
      else{
         header("Location: ../main.php");
      }
   }

   /**
    * procDeleteUser - If the submitted username is correct,
    * the user is deleted from the database.
    */
   function procDeleteUser(){
      global $session, $database, $form;
      /* Username error checking */
      $subuser = $this->checkUsername("deluser");
      
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      /* Delete user from database */
      else{
         $q = "DELETE FROM ".TBL_USERS." WHERE username = '$subuser'";
         $database->query($q);
         header("Location: ".$session->referrer);
      }
   }
   /**
    * procaddnews 
    */
   function procaddnews(){
      global $session, $database, $form;
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{
         $q = "INSERT INTO ".TBL_NEWS." (id, postdate, title, newstext) VALUES ('null', UNIX_TIMESTAMP() , '$_POST[title]', '$_POST[newstext]')";
         $database->query($q);
         header("Location: ".$session->referrer);
      }
   }
   /**
    * procaddsong 
    */
   function procaddsong(){
      global $session, $database, $form;
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{
         $q = "INSERT INTO ".TBL_SONGS." (id, postdate, title, length, link, lyrics) VALUES ('null', UNIX_TIMESTAMP() , '$_POST[title]', '$_POST[length]', '$_POST[link]', '$_POST[lyrics]')";
         $database->query($q);
         header("Location: ".$session->referrer);
      }
   }
    /**
    * proceditsong 
    */
   function proceditsong(){
$this->time = time();
      global $session, $database, $form;
        if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{if(ctype_digit($_GET['id']))
   	$article_id = $_GET['id'];
      else
  	 $article_id = 0;$query = "SELECT * FROM `songs` WHERE `id` = '" . $article_id . "' LIMIT 1;";  
$result = mysql_query($query);

if(mysql_num_rows($result) == 0) {
echo "<h5 class=\"style2\">There is no news with this article id</h5>";
}
else{
while ($row = mysql_fetch_assoc ($result)) {

   mysql_query("UPDATE songs SET title = '$_POST[title]' WHERE id = '" . $article_id . "'  ");
   mysql_query("UPDATE songs SET length = '$_POST[length]' WHERE id = '" . $article_id . "' ");
   header("Location: ".$session->referrer);
}
      }
    }

    /**
    * procwelcome 
    */
   function procwelcome(){
$this->time = time();
      global $session, $database, $form;
        if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{   
   mysql_query("UPDATE welcome SET welcome = '$_POST[welcome]' WHERE title = 'welcome'");
   mysql_query("UPDATE welcome SET timestamp = UNIX_TIMESTAMP() WHERE title = 'welcome'");
         header("Location: ".$session->referrer);
   }
   }
    /**
    * procDeletenews - If the submitted username is correct,
    * the user is deleted from the database.
    */
   function procDeletenews(){
global $session, $database, $form;
        	if($form->num_errors > 0){
        		 	$_SESSION['value_array'] = $_POST;
        		 	$_SESSION['error_array'] = $form->getErrorArray();
         			header("Location: ".$session->referrer);
     		 }
      		else{   
   		mysql_query("DELETE FROM news WHERE title = '$_POST[delnews]'");
        		 header("Location: ".$session->referrer);
 	}
   }

  /**
    * checkUsername - Helper function for the above processing,
    * it makes sure the submitted username is valid, if not,
    * it adds the appropritate error to the form.
    */
   function checkUsername($uname, $ban=false){
      global $database, $form;
      /* Username error checking */
      $subuser = $_POST[$uname];
      $field = $uname;  //Use field name for username
      if(!$subuser || strlen($subuser = trim($subuser)) == 0){
         $form->setError($field, "* Username not entered<br>");
      }
      else{
         /* Make sure username is in database */
         $subuser = stripslashes($subuser);
         if(strlen($subuser) < 5 || strlen($subuser) > 30 ||
            !eregi("^([0-9a-z])+$", $subuser) ||
            (!$ban && !$database->usernameTaken($subuser))){
            $form->setError($field, "* Username does not exist<br>");
         }
      }
      return $subuser;
   }
};

/* Initialize process */
$adminprocess = new AdminProcess;

?>

 

is that ok for you? i did notice that teh code was rather messy

Link to comment
Share on other sites
btherl Member

btherl

Posted
Posted

Thanks, that's much better :)

 

Ok, next is to check for errors on all your mysql queries, especially on the ones you suspect.  Make them look like this:

 

mysql_query("...") or die(mysql_error());

 

Even better is if you store the query in a variable, so you can print out the query along with your error, like this:

 

$sql = "SELECT * FROM foo";
mysql_query($sql) or die("Error in $sql\n" . mysql_error());

Link to comment
Share on other sites
marksie1988 Regular Member

marksie1988

Posted
  • Author
Posted

ok i changed the sql to what you sugested

 

   $sql = "UPDATE songs SET title = '$_POST[title]' WHERE id = '" . $article_id . "'  ";
   mysql_query($sql) or die("Error in $sql\n" . mysql_error());

   $sql1 = "UPDATE songs SET length = '$_POST[length]' WHERE id = '" . $article_id . "'  ";
   mysql_query($sql1) or die("Error in $sql1\n" . mysql_error());

 

 

and i got this error

 

 

Parse error: syntax error, unexpected ';', expecting T_FUNCTION in /home/evildoom/public_html/tcos/admin/adminprocess.tcos on line 203

 

<?
/**
* AdminProcess.php
* 
* The AdminProcess class is meant to simplify the task of processing
* admin submitted forms from the admin center, these deal with
* member system adjustments.
*
* Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
* Last Updated: August 15, 2004
*/
include("include/session.tcos");

class AdminProcess
{
   /* Class constructor */
   function AdminProcess(){
      global $session;
      /* Make sure administrator is accessing page */
      if(!$session->isAdmin()){
         header("Location: ../main.php");
         return;
      }
      /* Admin submitted delete user form */
      else if(isset($_POST['subdeluser'])){
         $this->procDeleteUser();
      }
      /* Admin submitted add news form */
      else if(isset($_POST['subaddnews'])){
         $this->procaddnews();
      }
  /* Admin submitted delete news form */
      else if(isset($_POST['subdelnews'])){
         $this->procDeletenews();
      }
      /* Admin submitted add song form */
      else if(isset($_POST['subaddsong'])){
         $this->procaddsong();
      }
      /* Admin submitted edit song form */
      else if(isset($_POST['subeditsong'])){
         $this->proceditsong();
      }
  /* Admin submitted change welcome form */
      else if(isset($_POST['subwelcome'])){
         $this->procwelcome();
      }
      /* Should not get here, redirect to home page */
      else{
         header("Location: ../main.php");
      }
   }

   /**
    * procDeleteUser - If the submitted username is correct,
    * the user is deleted from the database.
    */
   function procDeleteUser(){
      global $session, $database, $form;
      /* Username error checking */
      $subuser = $this->checkUsername("deluser");
      
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      /* Delete user from database */
      else{
         $q = "DELETE FROM ".TBL_USERS." WHERE username = '$subuser'";
         $database->query($q);
         header("Location: ".$session->referrer);
      }
   }
   /**
    * procaddnews 
    */
   function procaddnews(){
      global $session, $database, $form;
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{
         $q = "INSERT INTO ".TBL_NEWS." (id, postdate, title, newstext) VALUES ('null', UNIX_TIMESTAMP() , '$_POST[title]', '$_POST[newstext]')";
         $database->query($q);
         header("Location: ".$session->referrer);
      }
   }
   /**
    * procaddsong 
    */
   function procaddsong(){
      global $session, $database, $form;
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{
         $q = "INSERT INTO ".TBL_SONGS." (id, postdate, title, length, link, lyrics) VALUES ('null', UNIX_TIMESTAMP() , '$_POST[title]', '$_POST[length]', '$_POST[link]', '$_POST[lyrics]')";
         $database->query($q);
         header("Location: ".$session->referrer);
      }
   }
    /**
    * proceditsong 
    */
   function proceditsong(){
$this->time = time();
      global $session, $database, $form;
        if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{if(ctype_digit($_GET['id']))
   $article_id = $_GET['id'];
else
   $article_id = 0;$query = "SELECT * FROM `songs` WHERE `id` = '" . $article_id . "' LIMIT 1;";  
$result = mysql_query($query);


if(mysql_num_rows($result) == 0) {
echo "<h5 class=\"style2\">There is no news with this article id</h5>";
}
else{
	while ($row = mysql_fetch_assoc ($result)) {

   			$sql = "UPDATE songs SET title = '$_POST[title]' WHERE id = '" . $article_id . "'  ";
   			mysql_query($sql) or die("Error in $sql\n" . mysql_error());

   			$sql1 = "UPDATE songs SET length = '$_POST[length]' WHERE id = '" . $article_id . "'  ";
   			mysql_query($sql1) or die("Error in $sql1\n" . mysql_error());
   
         	header("Location: ".$session->referrer);
	}
    }
  }

    /**
    * procwelcome 
    */
   function procwelcome(){
$this->time = time();
      global $session, $database, $form;
        if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{   
   mysql_query("UPDATE welcome SET welcome = '$_POST[welcome]' WHERE title = 'welcome'");
   mysql_query("UPDATE welcome SET timestamp = UNIX_TIMESTAMP() WHERE title = 'welcome'");
         header("Location: ".$session->referrer);
   }
   }
    /**
    * procDeletenews - If the submitted username is correct,
    * the user is deleted from the database.
    */
   function procDeletenews(){
      global $session, $database, $form;
        if($form->num_errors > 0){
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
      else{   
   mysql_query("DELETE FROM news WHERE title = '$_POST[delnews]'");
         header("Location: ".$session->referrer);
   }
   }

  /**
    * checkUsername - Helper function for the above processing,
    * it makes sure the submitted username is valid, if not,
    * it adds the appropritate error to the form.
    */
   function checkUsername($uname, $ban=false){
      global $database, $form;
      /* Username error checking */
      $subuser = $_POST[$uname];
      $field = $uname;  //Use field name for username
      if(!$subuser || strlen($subuser = trim($subuser)) == 0){
         $form->setError($field, "* Username not entered<br>");
      }
      else{
         /* Make sure username is in database */
         $subuser = stripslashes($subuser);
         if(strlen($subuser) < 5 || strlen($subuser) > 30 ||
            !eregi("^([0-9a-z])+$", $subuser) ||
            (!$ban && !$database->usernameTaken($subuser))){
            $form->setError($field, "* Username does not exist<br>");
         }
      }
      return $subuser;
   }
};

/* Initialize process */
$adminprocess = new AdminProcess;

?>

Link to comment
Share on other sites
btherl Member

btherl

Posted
Posted

Ok, I just saw your edit.  The problem is your INDENTING :)

 

If you indent your code properly, then you will find what you are missing, and the error will go away.  You are missing a closing brace somewhere (the '}' symbol).  It's hard to tell where it is missing, because your indenting is not consistent.

Link to comment
Share on other sites
marksie1988 Regular Member

marksie1988

Posted
  • Author
Posted

ok ive fixed the problem now. i see what you mean about indenting correctly you can see where gaps are too big then :)

 

here is the updated code and now what happens is that it doesnt get the article id to update the fields i can tell as it shows my error there are no songs with this article id

 

<?
/**
* AdminProcess.php
* 
* The AdminProcess class is meant to simplify the task of processing
* admin submitted forms from the admin center, these deal with
* member system adjustments.
*
* Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
* Last Updated: August 15, 2004
*/
include("include/session.tcos");

class AdminProcess
{
/* Class constructor */
function AdminProcess(){
	global $session;
      	/* Make sure administrator is accessing page */
      	if(!$session->isAdmin()){
        	header("Location: ../main.php");
         	return;
      	}
      	/* Admin submitted delete user form */
      	else if(isset($_POST['subdeluser'])){
         	$this->procDeleteUser();
      	}
      	/* Admin submitted add news form */
      	else if(isset($_POST['subaddnews'])){
         	$this->procaddnews();
      	}
  	/* Admin submitted delete news form */
      	else if(isset($_POST['subdelnews'])){
         	$this->procDeletenews();
      	}
      	/* Admin submitted add song form */
      	else if(isset($_POST['subaddsong'])){
         	$this->procaddsong();
      	}
      	/* Admin submitted edit song form */
      	else if(isset($_POST['subeditsong'])){
         	$this->proceditsong();
      	}
  	/* Admin submitted change welcome form */
      	else if(isset($_POST['subwelcome'])){
         	$this->procwelcome();
      	}
      	/* Should not get here, redirect to home page */
      	else{
         	header("Location: ../index.tcos");
      	}
   	}

   	/**
    * procDeleteUser - If the submitted username is correct,
    * the user is deleted from the database.
    */
   	function procDeleteUser(){
      	global $session, $database, $form;
      	/* Username error checking */
      	$subuser = $this->checkUsername("deluser");
      
      	/* Errors exist, have user correct them */
      	if($form->num_errors > 0){
         	$_SESSION['value_array'] = $_POST;
         	$_SESSION['error_array'] = $form->getErrorArray();
         	header("Location: ".$session->referrer);
      	}
      	/* Delete user from database */
      	else{
         	$q = "DELETE FROM ".TBL_USERS." WHERE username = '$subuser'";
         	$database->query($q);
         	header("Location: ".$session->referrer);
      	}
   	}
   	/**
    * procaddnews 
    */
   	function procaddnews(){
      	global $session, $database, $form;
      	/* Errors exist, have user correct them */
      	if($form->num_errors > 0){
         	$_SESSION['value_array'] = $_POST;
         	$_SESSION['error_array'] = $form->getErrorArray();
         	header("Location: ".$session->referrer);
      	}
      	else{
         	$q = "INSERT INTO ".TBL_NEWS." (id, postdate, title, newstext) VALUES ('null', UNIX_TIMESTAMP() , '$_POST[title]', '$_POST[newstext]')";
         	$database->query($q);
         	header("Location: ".$session->referrer);
      	}
   	}
   	/**
    * procaddsong 
    */
   	function procaddsong(){
      	global $session, $database, $form;
      	/* Errors exist, have user correct them */
      	if($form->num_errors > 0){
         	$_SESSION['value_array'] = $_POST;
         	$_SESSION['error_array'] = $form->getErrorArray();
         	header("Location: ".$session->referrer);
      	}
      	else{
         	$q = "INSERT INTO ".TBL_SONGS." (id, postdate, title, length, link, lyrics) VALUES ('null', UNIX_TIMESTAMP() , '$_POST[title]', '$_POST[length]', '$_POST[link]', '$_POST[lyrics]')";
         	$database->query($q);
         	header("Location: ".$session->referrer);
      	}
   	}
    /**
    * proceditsong 
    */
   	function proceditsong(){
	$this->time = time();
      		global $session, $database, $form;
        		if($form->num_errors > 0){
         				$_SESSION['value_array'] = $_POST;
         				$_SESSION['error_array'] = $form->getErrorArray();
         				header("Location: ".$session->referrer);
      		}
      		else{if(ctype_digit($_GET['id']))
       				$article_id = $_GET['id'];
           		else
             		$article_id = 0;$query = "SELECT * FROM `songs` WHERE `id` = '" . $article_id . "' ;";  
             		$result = mysql_query($query);


		if(mysql_num_rows($result) == 0) {
			echo "<h5 class=\"style2\">There are no songs with this article id</h5>";
		}
		else{
			while ($row = mysql_fetch_assoc ($result)) {

   					$sql = "UPDATE songs SET title = '$_POST[title]' WHERE id = '" . $article_id . "'  ";
   					mysql_query($sql) or die("Error in $sql\n" . mysql_error());

   					$sql1 = "UPDATE songs SET length = '$_POST[length]' WHERE id = '" . $article_id . "'  ";
   					mysql_query($sql1) or die("Error in $sql1\n" . mysql_error());
   
         			header("Location: ".$session->referrer);
			}
    		}
	}
  	}

    /**
    * procwelcome 
    */
   	function procwelcome(){
	$this->time = time();
      		global $session, $database, $form;
        	if($form->num_errors > 0){
         			$_SESSION['value_array'] = $_POST;
         			$_SESSION['error_array'] = $form->getErrorArray();
         			header("Location: ".$session->referrer);
      			}
      			else{   
   					mysql_query("UPDATE welcome SET welcome = '$_POST[welcome]' WHERE title = 'welcome'");
   					mysql_query("UPDATE welcome SET timestamp = UNIX_TIMESTAMP() WHERE title = 'welcome'");
         			header("Location: ".$session->referrer);
      			}
   	}
    /**
    * procDeletenews - If the submitted username is correct,
    * the user is deleted from the database.
    */
   	function procDeletenews(){
      	global $session, $database, $form;
        	if($form->num_errors > 0){
         			$_SESSION['value_array'] = $_POST;
         			$_SESSION['error_array'] = $form->getErrorArray();
         			header("Location: ".$session->referrer);
      			}
      			else{   
   					mysql_query("DELETE FROM news WHERE title = '$_POST[delnews]'");
         			header("Location: ".$session->referrer);
      			}
   	}

  	/**
    * checkUsername - Helper function for the above processing,
    * it makes sure the submitted username is valid, if not,
    * it adds the appropritate error to the form.
    */
   	function checkUsername($uname, $ban=false){
      	global $database, $form;
      	/* Username error checking */
      	$subuser = $_POST[$uname];
      	$field = $uname;  //Use field name for username
      	if(!$subuser || strlen($subuser = trim($subuser)) == 0){
         	$form->setError($field, "* Username not entered<br>");
      	}
      	else{
         	/* Make sure username is in database */
         	$subuser = stripslashes($subuser);
         	if(strlen($subuser) < 5 || strlen($subuser) > 30 ||
            	!eregi("^([0-9a-z])+$", $subuser) ||
            	(!$ban && !$database->usernameTaken($subuser))){
            	$form->setError($field, "* Username does not exist<br>");
         	}
      	}
      	return $subuser;
   	}
};

/* Initialize process */
$adminprocess = new AdminProcess;
?>

Link to comment
Share on other sites
btherl Member

btherl

Posted
Posted

Looks much better, thankyou :)

 

Ok, time to work backwards from the error and find out what's wrong.  First, print out your SELECT query to see that it's correct.  If it's not correct, print out $article_id to see if that is correct.  If $article_id is not correct, then print out $_GET['id'] (where $article_id came from).

Link to comment
Share on other sites
btherl Member

btherl

Posted
Posted

Yep, sounds right.  I would do it this way.  Add this to the form:

 

<input name=song_id type=hidden value="<?php echo $song_id;?>">

 

Same as you've done with the other variables.  Then you can access it as $_POST['song_id'] for your SELECT query.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.