Jump to content

Admin News Control Panel | Issues

Faks

By Faks
in PHP Coding Help

 Share

Recommended Posts

Faks Member

Faks

Posted
Posted

Hi Everybody i am working on admin panel but right now i encounter a problem i can't edit i also can't delete news but insert is working maybe somebody can help me find mistake and fix it up .

 

You can visit web and see what is what

Admin Panel http://faksx.sytes.net/blogs/?page=cp

Admin Panels news management http://faksx.sytes.net/blogs/?page=news_cp

user andis |pw andis

(don't try hack it won't work)

 

Here is code  i .

if ($_POST['submit'])
{
        $id          = (int)$_POST['id'];
        $news_title      = mysql_real_escape_string($_POST['news_title']);
        $news_category      = mysql_real_escape_string($_POST['news_category']);
        $news_short_text = mysql_real_escape_string($_POST['news_short_text']);
        $news_text       = mysql_real_escape_string($_POST['news_text']);
        $news_title      = htmlentities($_POST['news_title']);
        $news_category      = htmlentities($_POST['news_category']);
        $news_short_text = htmlentities($_POST['news_short_text']);
        $news_text          = htmlentities($_POST['news_text']);
            
        
    if (!empty($id))
    {
        $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' ");
    }
else 
    {
        $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')";
        mysql_query($sql) or die (mysql_error());
    }
}        
    if($_GET['edit'] == 1)    
    {
        $id = (int)$_GET['id'];
        $sql = ("DELETE FROM news WHERE id = '$id'");
        mysql_query($sql) or die (mysql_error());
    }
    
    if ($_GET['edit'] == 1)
    {
        $id = (int)$_GET['id'];
        $sql = ("SELECT * FROM news WHERE id = '$id'");
        $date = mysql_query($sql) or die (mysql_error());
        $row = mysql_fetch_array($date);
        $edit_title = $row['news_title'];
        $edit_group = $row['news_category'];
        $edit_short_text = $row['news_short_text'];
        $edit_text = $row['news_text'];
        $edit_id = (int)$row['id'];                
    }    
        
mysqlutf8();
$sql = ("SELECT * FROM news");
$date = mysql_query($sql) or die (mysql_error());
echo '<select>';
while($row = mysql_fetch_array($date))
{
echo "<option value='$row[id]'>".$row[news_title].'</option>'
    ;
}
#" <a href='/blogs/?page=comment&id=".$row['id']."'>Comment</a> "
#"<a href='/blogs/?page=news_cp&edit=id=".$row['id']."'>"
echo '</select>'."<a href='/blogs/?page=news_cp&edit&id=".$row['id']."'><input type='button' name='edit' id='button2' value='Edit' /></a>
  <a href='/blogs/?page=news_cp&delete&id=".$row['id']."'><input type='button' name='delete' id='button3' value='Delete' /></a>";


    echo "<form id='form1' name='submit' method='post'>
  <p>Virsrakts
    <label for='textfield'></label>
  </p>
  <p>
  <input type='text' name='news_title' value='$news_title'>
  </p>
  <p>Ziņu Gruppa</p>
  <p>
    <label for='select'></label>
  <select name='news_category' value='$edit_group'>
    <option>News</option>
    <option>Bugs</option>
  </select>

  </p>
  <p>Teksts</p>
  <p>
    <label for='textfield2'></label>
    <textarea name='news_short_text' cols='50' rows='10' id='textfield2' value='$edit_short_text_text'></textarea>
  </p>
  <p>Pilns Teksts</p>
  <p>
    <label for='textfield3'></label>
    <textarea name='news_text' cols='70' rows='15' id='textfield3' value='$news_text'></textarea>
  </p>
  <p>
    <input type='submit' name='submit' id='button' value='Pievienot' />
    <input type='reset' name='reset' id='button4' value='Reset' />
  </p>
</form>";    
    }

Link to comment
Share on other sites
BlueSkyIS Newbie

BlueSkyIS

Posted
Posted

No. it only inserts.

 

if (!empty($id)) {
        // $sql is set here, but never sent to mysql_query()
        $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' ");
} else {
        // $sql is set here, and then...
        $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')";
        
        // $sql is sent to mysql_query()
        mysql_query($sql) or die (mysql_error());
}

Link to comment
Share on other sites
Faks Member

Faks

Posted
  • Author
Posted

No. it only inserts.

 

if (!empty($id)) {
        // $sql is set here, but never sent to mysql_query()
        $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' ");
} else {
        // $sql is set here, and then...
        $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')";
        
        // $sql is sent to mysql_query()
        mysql_query($sql) or die (mysql_error());
}

and how to resolve this ?

Link to comment
Share on other sites
phpfreak Regular Member

phpfreak

Posted
Posted

It only inserts because 

 mysql_query($sql) or die (mysql_error());

 

Is only in the condition that $id is empty...  I think maybe this:

 

if (!empty($id)) {
        // $sql is set here, but never sent to mysql_query()
        $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' ");
        mysql_query($sql) or die (mysql_error());
} else {
        // $sql is set here, and then...
        $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')";
       
        // $sql is sent to mysql_query()
        mysql_query($sql) or die (mysql_error());
}

Link to comment
Share on other sites
BlueSkyIS Newbie

BlueSkyIS

Posted
Posted

yes. to execute $sql, you use mysql_query($sql). If you don't use mysql_query($sql), nothing will happen.

 

http://php.net/manual/en/function.mysql-query.php

 

... and since mysql_query() should be executed in either case, you might as well move it outside the IF:

 

if (!empty($id)) {
        $sql = "UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' ";
} else {
        $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')";
}

// $sql is sent to mysql_query()
mysql_query($sql) or die (mysql_error());

Link to comment
Share on other sites
Faks Member

Faks

Posted
  • Author
Posted

It only inserts because 

 mysql_query($sql) or die (mysql_error());

 

Is only in the condition that $id is empty...  I think maybe this:

 

if (!empty($id)) {
        // $sql is set here, but never sent to mysql_query()
        $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' ");
        mysql_query($sql) or die (mysql_error());
} else {
        // $sql is set here, and then...
        $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')";
       
        // $sql is sent to mysql_query()
        mysql_query($sql) or die (mysql_error());
}

yeah did sow well one mistake less but edit and delete not working :( !

Link to comment
Share on other sites
BlueSkyIS Newbie

BlueSkyIS

Posted
Posted

another problem: if ($_GET['edit'] == 1), you delete the record. then a few lines down you search for the record you just deleted:

 

if($_GET['edit'] == 1) {
        $id = (int)$_GET['id'];

        $sql = ("DELETE FROM news WHERE id = '$id'");
        mysql_query($sql) or die (mysql_error()); // RECORD DELETED

}
    
if ($_GET['edit'] == 1) {
        $id = (int)$_GET['id'];
        $sql = ("SELECT * FROM news WHERE id = '$id'"); // THIS WILL NEVER BE FOUND, AS IT WAS DELETED ABOVE.

 

I suggest that you try writing down some comments and/or pseudo-code within your PHP so you can work out the logic. Randomly hacking via twenty questions is a real sloooow route.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.