Blauv Posted April 14, 2012 Share Posted April 14, 2012 I can't get this darn thing to update correctly. Probly a stupid (.) outa place. HELP! <?php include 'connection.php'; if(!isset($_POST['submit'])) { $query = "SELECT * FROM news WHERE id = $_GET[id]"; $result = mysql_query($query); $news = mysql_fetch_array($result); $title = $_POST['title']; $body = $_POST['body']; } ?> <h1>Edit Article</h1> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> Title:<input type="text" name="title" value="<?php echo $news['title']; ?>" /><br /> Article:<textarea cols="35" rows="6" name="body"><?php echo $news['body']; ?></textarea> <br /> <input type="hidden" name="id" value="<?php echo $_GET['id']; ?>" /> <input type="image" src="/images/news/modify.png" name="submit" /> </form> <a href="admin.php"><img src="/images/news/cancel.png" border="0" /></a> <?php if(isset($_POST['submit'])) { $update = "UPDATE news SET `title`='$_POST[title]',`body`='$_POST[body]' WHERE id='$_POST[id]'" or die(mysql_error()); mysql_query($update) or die(mysql_error()); echo "The news article has been Modified!"; header('Location: /News/admin.php'); } ?> Quote Link to comment Share on other sites More sharing options...
trq Posted April 14, 2012 Share Posted April 14, 2012 You need to escape all user input using mysql_real_escape_string before using it in any query. Quote Link to comment Share on other sites More sharing options...
chriscloyd Posted April 14, 2012 Share Posted April 14, 2012 try this code, run it if there are any errors let us know <?php include 'connection.php'; if(!isset($_POST['submit'])) { $query = "SELECT * FROM news WHERE id = $_GET[id]"; $result = mysql_query($query); $news = mysql_fetch_array($result); $title = $_POST['title']; $body = $_POST['body']; } ?> <h1>Edit Article</h1> <form action="<?=$_SERVER['PHP_SELF'];?>" method="post"> Title:<input type="text" name="title" value="<?=$news['title'];?>" /><br /> Article:<textarea cols="35" rows="6" name="body"><?=$news['body'];?></textarea> <br /> <input type="hidden" name="id" value="<?=$_GET['id'];?>" /> <input type="image" src="/images/news/modify.png" name="submit" /> </form> <a href="admin.php"><img src="/images/news/cancel.png" border="0" /></a> <?php if(isset($_POST['submit'])) { $title = mysql_real_escape_string($_POST[title]); $body = mysql_real_escape_string($_POST[body]); $id = mysql_real_escape_string($_POST[id]); $update = "UPDATE news SET `title`='{$title}',`body`='{$body}' WHERE id='{$id}'" or die(mysql_error()); mysql_query($update) or die(mysql_error()); echo "The news article has been Modified!"; header('Location: /News/admin.php'); } ?> Quote Link to comment Share on other sites More sharing options...
Blauv Posted April 14, 2012 Author Share Posted April 14, 2012 still no update, and the redirect also doesn't work Driving me NUTZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted April 14, 2012 Share Posted April 14, 2012 A) Does the "The news article has been Modified!" message display in the browser? B) Do you have php's error_reporting set to E_ALL and display_errors set to ON in your master php.ini on your development system so that all php detected errors will be reported and displayed? C) What browser are you using, because only a limited few will set $_POST['submit'] when using an image for the submit button. You either need to test for one of the x,y coordinate variables (i.e. $_POST['submit_x']) or use some other method to detect when the form has been submitted to get your code to work in all browsers. Quote Link to comment Share on other sites More sharing options...
batwimp Posted April 14, 2012 Share Posted April 14, 2012 Header redirects won't work after you echo something out to the screen (see the sticky at the top of this forum about headers). It doesn't do you any good anyway to redirect right after you echo something out to the screen, because the screen will clear and reload the new location before the user can read it (but it won't work because of the header thing). You need to remove that echo. Quote Link to comment Share on other sites More sharing options...
Drummin Posted April 14, 2012 Share Posted April 14, 2012 <?php include 'connection.php'; if(isset($_POST['submit'])){ $newtitle=mysql_real_escape_string(trim($_POST['title'])); $newbody=mysql_real_escape_string(trim($_POST['body'])); $updateid=mysql_real_escape_string(trim($_POST['id'])); $update = "UPDATE news SET title='$newtitle', body='$newbody' WHERE id='$updateid'"; mysql_query($update) or die(mysql_error()); //Can't send anything to browser if using headers //echo "The news article has been Modified!"; header('Location: /News/admin.php'); }//if(isset($_POST['submit'])) else{ if (isset($_GET['id'])){ $getid=mysql_real_escape_string(trim($_GET['id'])); $query = "SELECT title,body FROM news WHERE id=$getid"; $result = mysql_query($query); $news = mysql_fetch_array($result); $title = $_POST['title']; $body = $_POST['body']; }//if (isset($_GET['id'])) }//if(isset($_POST['submit'])) ELSE ?> <html> <head> <title></title> <h1>Edit Article</h1> <form action="" method="post"> Title:<input type="text" name="title" value="<?php if (isset($title)){ echo $title;} ?>" /><br /> Article:<textarea cols="35" rows="6" name="body"><?php if (isset($body)){ echo $body;} ?></textarea> <br /> <input type="hidden" name="id" value="<?php if (isset($_GET['id'])){ echo $_GET['id'];} ?>" /> <input type="image" src="/images/news/modify.png" name="submit" /> </form> <a href="admin.php"><img src="/images/news/cancel.png" border="0" /></a> Quote Link to comment Share on other sites More sharing options...
Blauv Posted April 14, 2012 Author Share Posted April 14, 2012 There is a syntax error line 32 ???????????? Sorry I am self taught. and THANKS guys. Quote Link to comment Share on other sites More sharing options...
Drummin Posted April 14, 2012 Share Posted April 14, 2012 As I don't have a table to check the page, I was just winging it. What does the error say? Quote Link to comment Share on other sites More sharing options...
Blauv Posted April 14, 2012 Author Share Posted April 14, 2012 I found the error. It was the Image for the button. Thank you all. Huge thumbs up Quote Link to comment Share on other sites More sharing options...
Blauv Posted April 14, 2012 Author Share Posted April 14, 2012 Here is my updated script fully functional with the image. TY all for your time. <?php include 'connection.php'; if(!isset($_POST['submit'])) { $query = "SELECT * FROM news WHERE id =" . (int)$_GET["id"]; $result = mysql_query($query); $news = mysql_fetch_array($result); $title = $_POST['title']; $body = $_POST['body']; } ?> <html> <head> <link href="../NSNA.css" rel="stylesheet" type="text/css" /> </head> <body> <table width="100%" border="1"> <form action="<?=$_SERVER['SCRIPT_NAME'];?>" method="post"> <tr> <td align="center" colspan="2"><h1>Edit Article</h1></td> </tr> <tr> <td>Title:</td> <td><input type="text" name="title" value="<?php echo htmlentities($news['title']);?>" /></td> </tr> <tr> <td>Article:</td> <td><textarea cols="35" rows="6" name="body"><? echo htmlentities($news['body']);?></textarea></td> </tr> <tr> <td><input type="hidden" name="id" value="<? echo (int)$_GET['id'];?>" /> <input type="image" name="submit" src="../images/admin/editstory.png" /></td> <td><a href="admin.php"><img src="../images/admin/cancel.png" /></a></td> </tr> <tr> <td> </td> <td>Cancel</td> </tr> </form> </table> </body> <?php if (isset($_POST['submit']) || isset($_POST['submit_x']) || isset($_POST['submit_y'])) { $title = mysql_real_escape_string($_POST[title]); $body = mysql_real_escape_string($_POST[body]); $id = mysql_real_escape_string($_POST[id]); $update = "UPDATE news SET `title`='{$title}',`body`='{$body}' WHERE id='{$id}'" or die(mysql_error()); mysql_query($update) or die(mysql_error()); header('Location: /News/admin.php'); die(); } ?> Quote Link to comment Share on other sites More sharing options...
Drummin Posted April 14, 2012 Share Posted April 14, 2012 Hey glad you got it working. As pointed out already, it's a good idea to have processing above (everything else) so query reflects changes made. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.