Jump to content

Recommended Posts

Hello, I have worked many hours to troubleshoot why this won't work. I have read at least 15 post on UPDATE. I still can't get this to work. When I submit the form. It says that the udate took place, however it did not. I will put the form below, this is the section that is supposed to update the DB. I will also put the form below this one that feeds the info. Any help would be greatly appreciated.

 

//UPDATE FORM/////////
if ($title && $description && $main_page) {
$news_id = $_POST['id'];
$title = $_POST['title'];
$description = $_POST['description'];
$author = $_POST['author'];
$main_page_display = $_POST['main_page'];

include '../connections/mysql_connect.php';
$query = "UPDATE `news` SET `title` = '".$_POST['title']."', `description` ='".$_POST['description']."', `author` ='".$_POST['author']."' , `main_page` ='".$_POST['main_page_display']."' WHERE `id` ='".$_POST['id']."';" ;
$result = mysql_query($query);

if ($result) {
if ($main_page_display == "yes") {
$mpd = "This article will be displayed on the Main Page";
}else{
$mpd = "This article will not be displayed on the Main Page";
}
echo "<span class='default'><strong>The following information has been changed in the database!</strong><br><br>
<strong>Title:</strong> ".$title. "<br><strong>By:</strong> ".$author."<br><br>
<strong>" .$mpd. "</strong><br><br>
<strong>Description:</strong><br>".$description."<br><br>
<a href='edit_news.php'>Click here to edit another article</a>    <a href='index.php'>Click here to go to the main page</a>     <a href='logout.php'>Click here to Logout</a>";
}else{
echo "No results where edited in the Database";
}

}
echo "<span class='default'><a href='javascript:history.back()'>Back</a></span>";
include 'footer.inc';
exit;
}
////////// END OF TOP FORM //////////////////////



//////////THIS IS THE FORM THAT FEEDS THE TOP FORM THE INFO///////
if (isset($_GET['submit'])) {
$article_id == $_GET['article_id'];
if ($article_id < 1 ){
echo "<span class='nav_default'>You did not select an article.</span><br><br>";
echo "<span class='default'><a href='javascript:history.back()'><strong>Back</strong></a></span>";
include 'footer.inc';
exit();
}else{
include '../connections/mysql_connect.php';
$query = "SELECT * FROM news WHERE id ='".$article_id."';" ;
$result = mysql_query($query); 
$record = mysql_fetch_assoc($result);

echo "<form action='edit_news.php' method='post' name='article_select'>
<p class='default'><strong>News Headline/Title: </strong><br>
<input name='title' type='text' size='50' maxlength='120' value='".$record['title']."'>
<br>
<br>
<strong>Author:</strong> <br>
<input name='author' type='text' size='50' maxlength='120' value='".$record['author']."'>
<br>
<br>
<strong>Do You want this article to appear on the Main Page?</strong> <br>
<input name='main_page' type='checkbox' value='yes'>Yes   <input name='main_page' type='checkbox' value='no'>No<br><br>
<strong>Article Text:</strong><br>
<textarea name='description' cols='50' rows='6'>".$record['description']."</textarea>
<br>
<br>
</p>
<p>
<input name='submit' type='submit' value='Submit'>   <input name='reset' type='reset'>
</p>
</form>
<p style='width:480px; '><span class='nav_default'><strong>* </strong>If you would like to add an image to this article. You will need to use the 'Add Image to News Article' link in the Image section of the Main admin page. After you submit this article.</span></p>";
include 'footer.inc';
exit();
}
}

Link to comment
https://forums.phpfreaks.com/topic/85290-update-phpmysql/
Share on other sites

Change

$result = mysql_query($query);

 

to

 

$result = mysql_query($query) or die ("Error in: $query" mysql_error());

 

Also, you set variables from the POST data but don't use them.  You also don't even check to see if they contain what they should

Link to comment
https://forums.phpfreaks.com/topic/85290-update-phpmysql/#findComment-435170
Share on other sites

1. Use


tag when posting codes. It's very messy, hard to read and people don't usually give topics like these too much of a glance and just skip it because of that. So please just use the tag.

 

2. First line: if ($title && $description && $main_page)

 

Where are all those variables defined?

Link to comment
https://forums.phpfreaks.com/topic/85290-update-phpmysql/#findComment-435202
Share on other sites

because your error reporting is off this line has an error that is why get that blank page

 

$result = mysql_query($query) or die ("Error in: $query" mysql_error());<---- should have a dot

$result = mysql_query($query) or die ("Error in: $query" .mysql_error());

Link to comment
https://forums.phpfreaks.com/topic/85290-update-phpmysql/#findComment-435210
Share on other sites

I have looked in the php.ini file and error reporting is ON. I still don't have any idea why this won't work. The following line of code was added.

$result = mysql_query($query) or die ("Error in: $query" .mysql_error());

Not only did I get no errors, the script continued and did not die???

I am answering one of the above questions with the code below,

Any thoughts?

_____________________________

 

The variables are defined in this table.

//////////THIS IS THE FORM THAT FEEDS THE TOP FORM THE INFO///////
if (isset($_GET['submit'])) {
$article_id == $_GET['article_id'];
if ($article_id < 1 ){
echo "<span class='nav_default'>You did not select an article.</span><br><br>";
echo "<span class='default'><a href='javascript:history.back()'><strong>Back</strong></a></span>";
include 'footer.inc';
exit();
}else{
include '../connections/mysql_connect.php';
$query = "SELECT * FROM news WHERE id ='".$article_id."';" ;
$result = mysql_query($query); 
$record = mysql_fetch_assoc($result);

echo "<form action='edit_news.php' method='post' name='article_select'>
<p class='default'><strong>News Headline/Title: </strong><br>
<input name='title' type='text' size='50' maxlength='120' value='".$record['title']."'>
<br>
<br>
<strong>Author:</strong> <br>
<input name='author' type='text' size='50' maxlength='120' value='".$record['author']."'>
<br>
<br>
<strong>Do You want this article to appear on the Main Page?</strong> <br>
<input name='main_page' type='checkbox' value='yes'>Yes   <input name='main_page' type='checkbox' value='no'>No<br><br>
<strong>Article Text:</strong><br>
<textarea name='description' cols='50' rows='6'>".$record['description']."</textarea>
<br>
<br>
</p>
<p>
<input name='submit' type='submit' value='Submit'>   <input name='reset' type='reset'>
</p>
</form>
<p style='width:480px; '><span class='nav_default'><strong>* </strong>If you would like to add an image to this article. You will need to use the 'Add Image to News Article' link in the Image section of the Main admin page. After you submit this article.</span></p>";
include 'footer.inc';
exit();
}
}

Link to comment
https://forums.phpfreaks.com/topic/85290-update-phpmysql/#findComment-435541
Share on other sites

Sql Injections!!!

???

$query = "UPDATE `news` SET `title` = '".$_POST['title']."', `description` ='".$_POST['description']."', `author` ='".$_POST['author']."' , `main_page` ='".$_POST['main_page_display']."' WHERE `id` ='".$_POST['id']."';" ;

 

 

If it wasn't for magic_quotes_gpc, then that would mean bad news...

Link to comment
https://forums.phpfreaks.com/topic/85290-update-phpmysql/#findComment-438603
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.