Go Back   Computer Forums > General Computing > Programming
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 08-30-2015, 12:29 AM   #1
Baseband Member
 
Join Date: Jul 2014
Location: USA
Posts: 29
Default PHP Code to Edit MySQL Database

I've been working on some code to update a MySQL and am running into some problems involving the actual updating and deleting of said data. From everything that I have seen and looked up on this, it should be working but it is not. Through my troubleshooting of it, the update/delete works if I manually put in the ID of the row of data i.e. mysql_query("DELETE FROM Words WHERE ID='$86'"); that I want to delete in the database and it also will work if I input another column name in this i.e. mysql_query("DELETE FROM Words WHERE Title='$Title'"); Of course if I attempt the latter it won't be able to update the title if someone would want to do that.

Here is the Edit Code:
<?php
include("../dbconfig.php");
include("../../inc/menucode.php");
$ID = $_GET["ID"];
$order = "SELECT * FROM Words WHERE ID = '$ID'";
$result = mysql_query($order);
$row = mysql_fetch_array($result);
?>

<script language="javaScript" src="http://www.site.com/inc/subscribevalidate.js" type="text/javascript"></script>
<script src="../../inc/AC_RunActiveContent.js" type="text/javascript"></script>

<SCRIPT TYPE="text/javascript" LANGUAGE="JavaScript">
<!--
function GetForm(myForm) {
if (myForm.category.options[myForm.category.selectedIndex].value == "") {
alert("Please choose a Category from the list!");
myForm.category.focus();
return false;
}
return true;
} // function GetForm
// -->
</SCRIPT>

</head>

<body>

<?php
include("../../inc/tooltipcode.inc");
include("../../inc/googleanalyticscode.php");
?>

<div id="container">
<table width="1000" border="0" cellspacing="0" cellpadding="0">
<tr>
<td id="top">

<?php
include ("../../inc/subscribeboxes.inc");
include ("../../inc/navbar_menu.inc");
?>

</td>
</tr>
<tr>
<td>
<table width="980" border="0" cellspacing="0" cellpadding="0">
<tr>
<td id="main">


<h1>Content Management System - Edit Word</h1>

<form method="post" action="words_update.php">
<fieldset>
<legend>Edit A Article</legend>
<ol>
<li><label>Title:</label>
<input type="text" name="Title" size="50" value="<?php echo htmlspecialchars($row['Title']) ?>" /></li>
<li><label>Author:</label>
<input type="text" name="Author" size="50" value="<?php echo htmlspecialchars($row['Author']) ?>" /></li>
<li><label>Email Address:</label>
<input type="text" name="Email" size="50" value="<?php echo htmlspecialchars($row['Email']) ?>" /></li>
<li><label>"From" Name</label>
<input type="text" name="From" size="50" value="<?php echo htmlspecialchars($row['Source']) ?>" /></li>
<li><label>"From" URL</label>
<input type="text" name="URL" size="50" value="<?php echo htmlspecialchars($row['URL']) ?>" /></li>
<li><label>FB Image URL:</label>
<input type="text" name="image" size="50" value="<?php echo htmlspecialchars($row['image']) ?>" /> <a target="_blank" href="<?php echo htmlspecialchars($row['image']) ?>">Open Photo URL</a></li>


<li><label>Category</label>
<select name="category">
<option value="<?php echo htmlspecialchars($row[category]) ?>"><?php echo htmlspecialchars($row[category]) ?></option>
<option value="word">Word</option>
<option value="conference">Conference</option>
<option value="advertizing">Advertizing</option>
<option value="gmw">God's Mysterious Ways</option>
</select>
</li>

<li><label>Display Date</label>
<input type="text" name="Display_Date" value="<?php echo htmlspecialchars($row['Display_Date']) ?>" /></li>
<li><label>Listing Date</label>
<input type="text" name="Date_Created" value="<?php echo htmlspecialchars($row['Date_Created']) ?>" /></li>
<li><label>Active?</label>
<input type="checkbox" value="on" name="active" <?php if($row['active']) {echo "checked";} ?> /></li>
<li><label>Word</label>
<textarea name="Word" rows="15" cols="55"><?php echo $row['Word']?></textarea></li>
</ol>
</fieldset>
<fieldset class="submit">
<input type="submit" value="Submit" />
<input type="submit" name="cancel" value="Cancel" />
<!--<form method="post"><input type="submit" name="delete" value="Delete"/>
<input type="hidden" name="ID" value="'.$row['ID'].'"/>-->

<input type="submit" value="Delete" name="delete" />
</fieldset>
</form>

Here is the Update Code:
<?php
include("../dbconfig.php");
include("../../inc/menucode.php");
$result = mysql_query("SELECT * FROM Words WHERE ID = '$ID'");
$row = mysql_fetch_array($result);

?>

<script language="javaScript" src="http://www.site.com/inc/subscribevalidate.js" type="text/javascript"></script>
<script src="../../inc/AC_RunActiveContent.js" type="text/javascript"></script>

</head>

<body>

<?php
include("../../inc/googleanalyticscode.php");
?>

<div id="container">
<table width="1000" border="0" cellspacing="0" cellpadding="0">
<tr>
<td id="top">

<?php
include ("../../inc/subscribeboxes.inc");
include ("../../inc/navbar_menu.inc");
?>


</td>
</tr>
<tr>
<td>
<table width="1000" border="0" cellspacing="0" cellpadding="0">
<tr>
<td id="main">

<div align="center" style="font-family: verdana; margin: 20px;">
<?php
$ID = ($_POST['ID']);
$Title = mysql_escape_string($_POST['Title']);
$Author = mysql_escape_string($_POST['Author']);
$Display_Date = mysql_escape_string($_POST['Display_Date']);
$Word = mysql_escape_string($_POST['Word']);
$Date_Created = mysql_escape_string($_POST['Date_Created']);
$Email = mysql_escape_string($_POST['Email']);
$From = mysql_escape_string($_POST['From']);
$image = mysql_escape_string($_POST['image']);
$URL = mysql_escape_string($_POST['URL']);
$category = mysql_escape_string($_POST['category']);

if(isset($_REQUEST["delete"])) {
mysql_query("DELETE FROM Words WHERE ID='$ID'");
echo mysql_error();
echo 'The Word has been successfully removed from the database.<br><br>';
echo '<a href=index.html>Return to the Words Page</a><P>';
echo '<a href=words_list.php>Return to the Words List</a>';
exit;
}

if($_REQUEST["Title"] == "")
{
$EString = 'You must include a Title.';
}

if($_REQUEST["Author"] == "")
{
$EString .= '<br>You must include an Author.';
}

if($_REQUEST["Word"] == "")
{
$EString .= '<Br>You must include a Word';
}

if(isset($EString))
{
echo $EString;
echo '<br><br>Please use your browsers back button to correct the above errors.';
exit;
}

$result = mysql_query("SELECT * FROM Words where ID = '$ID'");
$row = mysql_fetch_array($result);

$qry_string = "UPDATE Words SET";
if($row['Title'] != $Title)
{
$end_string .= " Title = '$Title'";
}

if($row['Author'] != $Author)
{
if(isset($end_string))
{
$end_string .= ", Author = '$Author'";
}
else
{
$end_string = " Author = '$Author'";
}
}

if($row['Display_Date'] != $Display_Date)
{
if(isset($end_string))
{
$end_string .= ", Display_date = '$Display_Date'";
}
else
{
$end_string = " Display_date = '$Display_Date'";
}
}

if($row['Word'] != $Word)
{
echo 'Alter Word<br>';
if(isset($end_string))
{
$end_string .= ", Word = '$Word'";
}
else
{
$end_string = " Word = '$Word'";
}
}

if($row['Date_Created'] != $Date_Created)
{
if(isset($end_string))
{
$end_string .= ", Date_Created = '$Date_Created'";
}
else
{
$end_string = " Date_Created = '$Date_Created'";
}
}

if($row['Email'] != $Email)
{
if(isset($end_string))
{
$end_string .= ", Email = '$Email'";
}
else
{
$end_string = " Email = '$Email'";
}
}

if($row['Source'] != $From)
{
if(isset($end_string))
{
$end_string .= ", Source = '$From'";
}
else
{
$end_string = " Source = '$From'";
}
}

if($row['URL'] != $URL)
{
if(isset($end_string))
{
$end_string .= ", URL = '$URL'";
}
else
{
$end_string = " URL = '$URL'";
}
}

if($row['image'] != $image)
{
if(isset($end_string))
{
$end_string .= ", image = '$image'";
}
else
{
$end_string = " image = '$image'";
}
}


if($row['category'] != $category)
{
if(isset($end_string))
{
$end_string .= ", category = '$category'";
}
else
{
$end_string = " category = '$category'";
}
}

$_REQUEST["active"] == "on"?$active=1:$active=0;

if($row["active"] != $active)
{
if(isset($end_string)) $end_string .= ", ";
$end_string .= "active = " . $active;
}

if(!isset($end_string))
{
echo 'There was no information to be updated.<br><br>';
echo '<a href=index.html>Return to the Words Page';
exit;
}

$qry_string = $qry_string.$end_string." WHERE ID = '$ID'";

if(mysql_query($qry_string) == FALSE)
echo mysql_error();
{
echo 'There was an error attempting to update the database.<br>';
echo 'Please contact the system administrator with the following information:';
echo "<br><br>Query String -> $qry_string";
echo "<br/><br/>mysql_error();";
exit;
}

echo 'The database has been successfully updated<br><br>';
echo '<a href=index.html>Return to the Words Page</a><P>';
echo '<a href=words_list.php>Return to the Words List</a>';


?>


I am hoping someone can see something that I am missing with this, any help would be greatly appreciated! Thank you
__________________

megan1989 is offline   Reply With Quote
Old 08-30-2015, 06:07 AM   #2
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 7,999
Default Re: PHP Code to Edit MySQL Database

I think that you might need the escape yourquotes.
eg.
where title=\'$title\'
__________________

__________________
I didn’t fight my way to the top of the food chain to be a vegetarian…
Im sick of people saying 'dont waste paper'. If trees wanted to live, they'd all carry guns.
"The inherent vice of capitalism is the unequal sharing of blessings; The inherent vice of socialism is the equal sharing of miseries."
root is offline   Reply With Quote
Old 08-30-2015, 04:13 PM   #3
Baseband Member
 
Join Date: Jul 2014
Location: USA
Posts: 29
Default Re: PHP Code to Edit MySQL Database

From what I tried with adding the escape yourquotes where title=\'$title\', it did not look like it accomplished anything different. But in a echo statement of the query this is what it spit out to me:

Query String -> UPDATE Words SET Title = 'Testing', Author = 'Jane Doe', Display_date = 'Aug 30, 2015', Word = 'Testing Testing Testing Testing Testing Testing', Date_Created = '2015-08-30', Email = 'someone@yahoo.com', Source = 'Testing', URL = 'Testing', image = 'Testing', category = 'word' WHERE ID = ''

And just by looking at this it appears that the ID is empty as WHERE ID='', as when I run it for instance using Title i.e. WHERE Title = '$Title'" it would return a value for that. For instance WHERE Title = 'Title of Article'. Why it is empty I have no idea, do you have any thoughts on this?
megan1989 is offline   Reply With Quote
Old 09-10-2015, 04:05 AM   #4
Site Team
 
root's Avatar
 
Join Date: Mar 2004
Posts: 7,999
Default Re: PHP Code to Edit MySQL Database

if you just have echo '$ID' what do you get?

(having looked properly)
I suspect that this is related to <form method=post> and $ID=$_GET['ID'];

(i.e you should be using $_POST['ID']; to retrieve posted variables.)

(though you see to call the ID variable again later in the script using the _POST variables, I can't quite understand if this is a different file that is working.)
__________________
I didn’t fight my way to the top of the food chain to be a vegetarian…
Im sick of people saying 'dont waste paper'. If trees wanted to live, they'd all carry guns.
"The inherent vice of capitalism is the unequal sharing of blessings; The inherent vice of socialism is the equal sharing of miseries."
root is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 03:01 PM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0