Faks Posted October 17, 2010 Share Posted October 17, 2010 Hi Everybody i am working on admin panel but right now i encounter a problem i can't edit i also can't delete news but insert is working maybe somebody can help me find mistake and fix it up . You can visit web and see what is what Admin Panel http://faksx.sytes.net/blogs/?page=cp Admin Panels news management http://faksx.sytes.net/blogs/?page=news_cp user andis |pw andis (don't try hack it won't work) Here is code i . if ($_POST['submit']) { $id = (int)$_POST['id']; $news_title = mysql_real_escape_string($_POST['news_title']); $news_category = mysql_real_escape_string($_POST['news_category']); $news_short_text = mysql_real_escape_string($_POST['news_short_text']); $news_text = mysql_real_escape_string($_POST['news_text']); $news_title = htmlentities($_POST['news_title']); $news_category = htmlentities($_POST['news_category']); $news_short_text = htmlentities($_POST['news_short_text']); $news_text = htmlentities($_POST['news_text']); if (!empty($id)) { $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' "); } else { $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')"; mysql_query($sql) or die (mysql_error()); } } if($_GET['edit'] == 1) { $id = (int)$_GET['id']; $sql = ("DELETE FROM news WHERE id = '$id'"); mysql_query($sql) or die (mysql_error()); } if ($_GET['edit'] == 1) { $id = (int)$_GET['id']; $sql = ("SELECT * FROM news WHERE id = '$id'"); $date = mysql_query($sql) or die (mysql_error()); $row = mysql_fetch_array($date); $edit_title = $row['news_title']; $edit_group = $row['news_category']; $edit_short_text = $row['news_short_text']; $edit_text = $row['news_text']; $edit_id = (int)$row['id']; } mysqlutf8(); $sql = ("SELECT * FROM news"); $date = mysql_query($sql) or die (mysql_error()); echo '<select>'; while($row = mysql_fetch_array($date)) { echo "<option value='$row[id]'>".$row[news_title].'</option>' ; } #" <a href='/blogs/?page=comment&id=".$row['id']."'>Comment</a> " #"<a href='/blogs/?page=news_cp&edit=id=".$row['id']."'>" echo '</select>'."<a href='/blogs/?page=news_cp&edit&id=".$row['id']."'><input type='button' name='edit' id='button2' value='Edit' /></a> <a href='/blogs/?page=news_cp&delete&id=".$row['id']."'><input type='button' name='delete' id='button3' value='Delete' /></a>"; echo "<form id='form1' name='submit' method='post'> <p>Virsrakts <label for='textfield'></label> </p> <p> <input type='text' name='news_title' value='$news_title'> </p> <p>Ziņu Gruppa</p> <p> <label for='select'></label> <select name='news_category' value='$edit_group'> <option>News</option> <option>Bugs</option> </select> </p> <p>Teksts</p> <p> <label for='textfield2'></label> <textarea name='news_short_text' cols='50' rows='10' id='textfield2' value='$edit_short_text_text'></textarea> </p> <p>Pilns Teksts</p> <p> <label for='textfield3'></label> <textarea name='news_text' cols='70' rows='15' id='textfield3' value='$news_text'></textarea> </p> <p> <input type='submit' name='submit' id='button' value='Pievienot' /> <input type='reset' name='reset' id='button4' value='Reset' /> </p> </form>"; } Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted October 17, 2010 Share Posted October 17, 2010 if !empty($id), you create $sql, but never execute it. Quote Link to comment Share on other sites More sharing options...
Faks Posted October 17, 2010 Author Share Posted October 17, 2010 if !empty($id), you create $sql, but never execute it. hmm but it check if not empty then insert if not it updates . Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted October 17, 2010 Share Posted October 17, 2010 No. it only inserts. if (!empty($id)) { // $sql is set here, but never sent to mysql_query() $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' "); } else { // $sql is set here, and then... $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')"; // $sql is sent to mysql_query() mysql_query($sql) or die (mysql_error()); } Quote Link to comment Share on other sites More sharing options...
Faks Posted October 17, 2010 Author Share Posted October 17, 2010 No. it only inserts. if (!empty($id)) { // $sql is set here, but never sent to mysql_query() $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' "); } else { // $sql is set here, and then... $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')"; // $sql is sent to mysql_query() mysql_query($sql) or die (mysql_error()); } and how to resolve this ? Quote Link to comment Share on other sites More sharing options...
phpfreak Posted October 17, 2010 Share Posted October 17, 2010 It only inserts because mysql_query($sql) or die (mysql_error()); Is only in the condition that $id is empty... I think maybe this: if (!empty($id)) { // $sql is set here, but never sent to mysql_query() $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' "); mysql_query($sql) or die (mysql_error()); } else { // $sql is set here, and then... $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')"; // $sql is sent to mysql_query() mysql_query($sql) or die (mysql_error()); } Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted October 17, 2010 Share Posted October 17, 2010 yes. to execute $sql, you use mysql_query($sql). If you don't use mysql_query($sql), nothing will happen. http://php.net/manual/en/function.mysql-query.php ... and since mysql_query() should be executed in either case, you might as well move it outside the IF: if (!empty($id)) { $sql = "UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' "; } else { $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')"; } // $sql is sent to mysql_query() mysql_query($sql) or die (mysql_error()); Quote Link to comment Share on other sites More sharing options...
Faks Posted October 17, 2010 Author Share Posted October 17, 2010 It only inserts because mysql_query($sql) or die (mysql_error()); Is only in the condition that $id is empty... I think maybe this: if (!empty($id)) { // $sql is set here, but never sent to mysql_query() $sql = ("UPDATE news SET news_title = '$news_title', news_category = '$news_category', news_short_text = '$news_short_text', news_text = '$news_text' WHERE id = '$id' "); mysql_query($sql) or die (mysql_error()); } else { // $sql is set here, and then... $sql = "INSERT INTO news (news_title,news_category,news_short_text,news_text,news_author,news_date) VALUES ('".$news_title."','".$news_category."','".$news_short_text."','".$news_text."','".$_SESSION[u_nick]."','".$last_time_seen."')"; // $sql is sent to mysql_query() mysql_query($sql) or die (mysql_error()); } yeah did sow well one mistake less but edit and delete not working ! Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted October 17, 2010 Share Posted October 17, 2010 another problem: if ($_GET['edit'] == 1), you delete the record. then a few lines down you search for the record you just deleted: if($_GET['edit'] == 1) { $id = (int)$_GET['id']; $sql = ("DELETE FROM news WHERE id = '$id'"); mysql_query($sql) or die (mysql_error()); // RECORD DELETED } if ($_GET['edit'] == 1) { $id = (int)$_GET['id']; $sql = ("SELECT * FROM news WHERE id = '$id'"); // THIS WILL NEVER BE FOUND, AS IT WAS DELETED ABOVE. I suggest that you try writing down some comments and/or pseudo-code within your PHP so you can work out the logic. Randomly hacking via twenty questions is a real sloooow route. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.