Can't figure out what's wrong

deathseeker25

02-04-2007, 01:14 AM

I've been writing some functions for an admin panel i want to have in my website, but i guess i'm not doing things right. In this script i will show here, you can see some admin options to add, modify or delete news of my website. But this isn't working and i don't know how can i put it working:

<?php
error_reporting(E_ALL);

session_start();
ob_start();
if (isset($_SESSION["username"]) AND isset($_SESSION["password"]) AND isset($_SESSION["permissao"]))
{
$username = $_SESSION["username"];
$password = $_SESSION["password"];
$permissao = $_SESSION["permissao"];
$_SESSION["data"] = date("d/m/Y g:i a");

$script_base = dirname($_SERVER['SCRIPT_FILENAME']); //define o root do ficheiro...
define('SCRIPT_BASE', $script_base);

include SCRIPT_BASE.'/includes/mysql.class.php';
include 'config.php'; //inclui o ficheiro de instalacao
$error = array(); //array que vai armazenar os erros...

function select_action($action)
{
if(!isset($action))
{
$action = $_GET["select_action"];
}
else
{
switch($action)
{
case "addNoticia":
$html ='<div id="form">
<form method = "POST" id = "addNoticia" value = "addNoticia" action="'modNoticia();'">
<div id = "Titulo">
<input type = "text" name = "titulo" id = "titulo">Titulo:
</div>
<div id = "texto">Texto:
<input type = "text" name = "texto" id = "texto">
</div>
</form>
</div>';
$titulo = $_POST["titulo"];
$texto = $_POST["texto"];
$utilizador = $_SESSION["username"];
$data = date("Y-m-d");
break;

case "modNoticia":
$html = '<div id = "lista">';
$BD = new MySQL_DB_CONNECTOR;
$conn = $BD->connect($host, $username, $password);

mysql_select_db($database) or die("Erro ao ligar à base de dados: ".mysql_error());
$query = 'SELECT * FROM noticias';
$resultado = mysql_query($query);

$num_resultados = mysql_num_rows($resultado);

if($num_resultados != 0)
{
$html .= '<form method="post" id="escolhe_registo" name="escolhe_registo" action="'modNoticia();'">';
for($i=1; $i<=$num_resultados; $i++)
{
$arr = mysql_fetch_array($resultado, MYSQL_ASSOC);
$html .= '<div id="noticia'.$arr["id"]'">
<a href="../noticias.php?modNoticia&id='.$arr["id"].'>'.$arr["id"].'</a>
</div>
<div id="titulo'.$arr["id"]'">'.$arr["titulo"].'</div>
<div id="data'.$arr["data"]'">'.$arr["data"].'</div>';
$html .= '<br />';
}
$html .= '</form></div>';

}
else
{
$error[] = "A consulta não devolveu resultados ...";
return $error;
}
break;

case "delNoticia":
$html = '<div id = "lista">';
$BD = new MySQL_DB_CONNECTOR;
$conn = $BD->connect($host, $username, $password);

mysql_select_db($database) or die("Erro ao ligar à base de dados: ".mysql_error());
$query = 'SELECT * FROM noticias';
$resultado = mysql_query($query);

$num_resultados = mysql_num_rows($resultado);

if($num_resultados != 0)
{
$html .= '<form method="post" id="escolhe_registo" name="escolhe_registo" action="'delNoticia();'">';
for($i=1; $i<=$num_resultados; $i++)
{
$arr = mysql_fetch_array($resultado, MYSQL_ASSOC);
$html .= '<div id="noticia'.$arr["id"]'">
<a href="../noticias.php?modNoticia&id='.$arr["id"].'>'.$arr["id"].'</a>
</div>
<div id="titulo'.$arr["id"]'">'.$arr["titulo"].'</div>
<div id="data'.$arr["data"]'">'.$arr["data"].'</div>';
$html .= '<br />';
}
$html .= '</form></div>';

}
else
{
$error[] = "A consulta não devolveu resultados ...";
return $error;
}
break;
}
}
}

function addNoticia()
{
$query = "INSERT INTO noticias(titulo, texto, utilizador, data) VALUES('$titulo', '$texto', '$utilizador', '$data')";

$ligacao = new MySQL_DB_CONNECTOR;
$conn = $ligacao->connect($host,$username,$password);

if(!mysql_select_db($database,$conn))
{
$error[] = "Impossivel ligar à base de dados. Erro: ".mysql_error();
return $error;
}
else
{
mysql_query($query,$conn);
print "Registo inserido com sucesso !<br />";
}
}
function modNoticia()
{
$id = $_POST["id"];
$query = "SELECT * FROM noticias WHERE id='$id'";

$ligacao = new MySQL_DB_CONNECTOR;
$conn = $ligacao->connect($host, $username, $password);

if(!mysql_select_db($database, $conn))
{
$error = "Impossivel ligar à base de dados. Erro: ".mysql_error();
return $error;
}
else
{
$resultado = mysql_query($query, $conn);
$arr = mysql_fetch_array($resultado, MYSQL_ASSOC);

printf("<div id=\"form\">
<div id = \"Titulo\">
<form name=\"alterar\" id = \"alterar\" method = \"POST\" action = \""altera();"\">
<input type = \"text\" name = \"titulo\" id = \"titulo\" value=\"".$arr["titulo"]."\">Titulo:
</div>
<div id = \"texto\">Texto:
<input type = \"text\" name = \"texto\" id = \"texto\" value =\"".$arr["texto"]."\">
</div>
<div id=\"Update\">
<input type = \"submit\" name = \"alterar\" value = \"Alterar\">
</div>
</form>
</div>");
}
}

function altera()
{
$titulo = $_POST["titulo"];
$texto = $_POST["texto"];
$utilizador = $_SESSION["username"];
$data = date("Y-m-d");

$query = "UPDATE noticias SET titulo = '$titulo', texto = '$texto', utilizador = '$utilizador', data = '$data' WHERE id='".$arr["id"]."'";

if(!mysql_select_db($database, $conn))
{
$error = "Impossivel ligar à base de dados. Erro: ".mysql_error();
return $error;
}
else
{
$resultado = mysql_query($query, $conn);

if($resultado)
{
print "Registo alterado com sucesso !<br />";
}
else
{
$error[] = "Não foi possível alterar o registo. Contacte o administrador ou verifique as configurações. <br />";
return $error;
}
}
}

function delNoticia()
{
$id = $_POST["id"];
$query = "DELETE * FROM noticias WHERE id='$id'";

$ligacao = new MySQL_DB_CONNECTOR;
$conn = $ligacao->connect($host, $username, $password);

if(!mysql_select_db($database, $conn))
{
$error[] = "Impossivel ligar à base de dados. Erro: ".mysql_error();
return $error;
}
else
{
mysql_query($query);
print "Registo apagado com sucesso !<br />";
}
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
<style type="text/css">

</style>
</head>
<body>

<?php
if($permissao == 1)
{
?>
<div id="header"></div>
<div id="left">
<div class="nav-box">
<div class="nav-header">Admin Panel</div>
<div class="nav-menu"><a href="../admin/noticias.php">Notícias</a></div>
<div class="nav-menu"><a href="../admin/users.php">Utilizadores</a></div>
<div class="nav-menu"><a href="../admin/torneios.php">Torneios</a></div>
<div class="nav-menu"><a href="../admin/concursos.php">Concursos</a></div>
<div class="nav-menu"><a href="../admin/sugestoes.php">Sugestões</a></div>
</div>
</div>

<div class="admin-title" id="center">Admin Panel
<div class="center-body">
<form action="<?php select_action(); ?>" id="select_action" name="select_action" method="GET">
<a href="?addNoticia"><img src="/images/adicionar_noticia.png" width="75" height="70" value="addNoticia"></a>
<a href="?modNoticia"><img src="/images/modificar_noticia.png" width="75" height="70" value="modNoticia"></a>
<a href="?delNoticia"><img src="/images/apagar_noticia.png" width="75" height="70" value="delNoticia"></a>
</form>
</div>
</div>

<div id="right">
<div class="nav-box">
<div class="nav-header">Sessão</div>
<div class="nav-body-login">
Bem-vindo, <?php $username ?>! <br />
</div>
</div>
</div>
</div>

<?php
}

if($permissao == 2)
{
?>
<script language="javascript">
window.location = "../index.php";
</script>
<?php
}
else
{
$permissao == 2;
}
}
}
else //se nao estiverem definidas as sessoes...
{
?>
<script language="javascript">
window.location = "../index.php";
</script>
<?php
}
?>

</body>
</html>

I would appreciate some help.

Brandoe85

02-04-2007, 01:38 AM

Well...could you break that down a little bit? What specifically isn't working? You will get much higher responses if you break it down and explain the problem specifics.

Good luck;

deathseeker25

02-04-2007, 11:23 AM

Well...could you break that down a little bit? What specifically isn't working? You will get much higher responses if you break it down and explain the problem specifics.

Good luck;

The problem is that i don't know what isn't functioning. When i upload this page to the server, the outputed page is all blank so i assume there's something wrong in the php code, but i don't know exactly what it is.

I think i will do this script all again, organize it better and try to discover what was my mistake.

Anyway, thanks for the help. :thumbsup:

deathseeker25

02-04-2007, 12:03 PM

I've been doing some debugging and i think i found something. I tried to run my code piece by piece, function by function, and i found the part where the mistake might be:

session_start();
error_reporting(E_ALL);

if (isset($_SESSION["username"]) AND isset($_SESSION["password"]) AND isset($_SESSION["permissao"]))
{
$username = $_SESSION["username"];
$password = $_SESSION["password"];
$permissao = $_SESSION["permissao"];
$_SESSION["data"] = date("d/m/Y g:i a");

include '../includes/mysql.class.php';
include '../config.php'; //inclui o ficheiro de instalacao
$error = array(); //array que vai armazenar os erros...

function select_action($action)
{
if(!isset($action))
{
$action = $_GET["select_action"];
}
else
{
switch($action)
{
case "addNoticia":
$html ='<div id="form">
<form method = "POST" id = "addNoticia" value = "addNoticia" action="addNoticia()">
<div id = "Titulo">
<input type = "text" name = "titulo" id = "titulo">Titulo:
</div>
<div id = "texto">Texto:
<input type = "text" name = "texto" id = "texto">
</div>
</form>
</div>';
$titulo = $_POST["titulo"];
$texto = $_POST["texto"];
$utilizador = $_SESSION["username"];
$data = date("Y-m-d");
break;
case "modNoticia":
$html = '<div id = "lista">';
$BD = new MySQL_DB_CONNECTOR;
$BD->connect($host, $username, $password);

mysql_select_db($database) or die("Erro ao ligar à base de dados: ".mysql_error());
$query = 'SELECT * FROM noticias';
$resultado = mysql_query($query);

$num_resultados = mysql_num_rows($resultado);

if($num_resultados != 0)
{
$html .= '<form method="post" id="escolhe_registo" name="escolhe_registo" action="">';
for($i=1; $i<=$num_resultados; $i++)
{
$arr = mysql_fetch_array($resultado, MYSQL_ASSOC);
$html .= '<div id="noticia'.$arr["id"]'">
<a href="../admin/noticias.php?modNoticia&id='.$arr["id"].'>'.$arr["id"].'</a>
</div>
<div id="titulo'.$arr["id"]'">'.$arr["titulo"].'</div>
<div id="data'.$arr["data"]'">'.$arr["data"].'</div>';
$html .= '<br />';
}
$html .= '</form></div>';
return $html;
}
else
{
$error[] = "A consulta não devolveu resultados ...";
return $error;
}
break;
}
}
}
}

I think that the problem is within the "modNoticia" case but i'm not sure about it and the error_reporting isn't reporting nothing. And the page is all blank when i run the code in my server...

Can you give me more specific help this time? :thumbsup:

Mhtml

02-04-2007, 12:51 PM

deathseeker25

02-04-2007, 01:56 PM

Well, try debugging that specific function. dump the $html variable before you return..

Is it even returning? Is it hanging somewhere in there? If so, try to isolate the line by placing output statements throughout and find where it doesn't execute up to.

Thank you for your help. I've already detected the problem:

$html .= '<div id="noticia'.$arr["id"].'">

In this line there was no '.' in arr["id"], so the output of the page was blank.

A small mistake that cost me lots of development hours...:)

CFMaBiSmAd

02-04-2007, 02:08 PM

deathseeker25

02-04-2007, 02:28 PM

I read through the code in your first post and I assume that you have not changed the basic scheme that you are using. The following is not how forms work -
<form action="<?php select_action(); ?>"Setting the action="..." parameter of a form to be a PHP function does not work. The action="..." parameter must be a URL that the browser submits the form data to.

If the action ="..." parameter has to be a URL that the browser submits the form data to, then i have to place the functions in different files and call the files in the action = "..." parameter, right?

Is there any other possibility ? :rolleyes:

Mhtml

02-04-2007, 02:56 PM

The typical way to do this is basically what's called a state machine:

//process.php
switch($_GET['action']){
case 'new_post':{
return processNewPost();//or include a file or whatever you're doing
}
case 'whatever':{//etc
...
}
}
...
<form action="process.php?action=new_post" method="post">
...

I try to keep the URI clean though and use hidden form elements to specify the action. You can keep all processing clean and structured this way.

CFMaBiSmAd

02-04-2007, 03:08 PM

If the following form is simply three clickable links and you are not enterning any data, there is no need to use a form -
<form action="<?php select_action(); ?>" id="select_action" name="select_action" method="GET">
<a href="?addNoticia"><img src="/images/adicionar_noticia.png" width="75" height="70" value="addNoticia"></a>
<a href="?modNoticia"><img src="/images/modificar_noticia.png" width="75" height="70" value="modNoticia"></a>
<a href="?delNoticia"><img src="/images/apagar_noticia.png" width="75" height="70" value="delNoticia"></a>
</form>If this code submits to itself, this could be changed to -
<?php
if(isset($_GET['action'])){
// one of the links was clicked
// your code to test and process - addNoticia, modNoticia, delNoticia
echo $_GET['action'];
} else {
?>
<a href="<?php echo $_SERVER['PHP_SELF'] ?>?action=addNoticia"><img src="/images/adicionar_noticia.png" width="75" height="70" value="addNoticia"></a>
<a href="<?php echo $_SERVER['PHP_SELF'] ?>?action=modNoticia"><img src="/images/modificar_noticia.png" width="75" height="70" value="modNoticia"></a>
<a href="<?php echo $_SERVER['PHP_SELF'] ?>?action=delNoticia"><img src="/images/apagar_noticia.png" width="75" height="70" value="delNoticia"></a>
<?php
}
?>