...

View Full Version : Editing existing MySQL entries with php



MnilinM
03-05-2007, 08:39 PM
Heads up, i did search the forums but never found the answer i was looking for.

I built a site for a friend. Got some scraps of php here and there and smashed them all together to get what i wanted.

Now i got it to the point where he can log in and add something to the site.

I (with help from these forums) got it to where he can input info into mysql and upload a file at the same time, even.

Now i want to make pages where he can edit those postings.

I thought i had a good idea of how this would work, but since it's not, i guess i don't.

I can get it to check he is who he is, i can get it to show the form i want shown, i can get the existing information from mysql to display in the correct fields...

What i can't do is get it to actually update the table.

When i hit submit, it refreshes the page back to the pre-existing information, before the changes were made.



<?php

// connect to db
mysql_connect("localhost","root","password");
mysql_select_db("database");

// start auth
if(isset($_COOKIE['ID_my_site'])) //if_00
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{

// if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password']) // if_0
{ header("Location: login.php");
}

// otherwise they are shown the admin area
else
{
// if action shows up in the address

if(!isset($action)) //if_1
{

// show fields to edit

$result = mysql_query("select * from news order by news_id desc") or die(mysql_error());
$self = $_SERVER['PHP_SELF'];

echo "<table width=\"75%\" border=1>";
while($row = mysql_fetch_array($result))
{
echo "<tr><td>{$row['news_title']}</td><td>{$row['news_datee']}</td><td><a href=\"$self?action=edit&{$row['news_id']}\">Edit</a></td></tr>";
}
echo "</table>";
} //end if_1


// if action=edit is in the address

if($_GET['action']=="edit" || $_POST['action']=="edit") //if_2
{

// if the submit button hasnt been pressed, show the form

if (!isset($_POST['submit'])) //if_3
{
$id = $_GET['id'];
$sqlq = "SELECT * from news";
$result = mysql_query($sqlq) or die(mysql_error());
$wor = mysql_fetch_array($result);

?>
Admin Area - News - Edit<br><br>
<form action="n_e.php" method="post" enctype="multipart/form-data">
<input type=hidden name="id" id="id" value="<?php echo "{$wor['news_id']}"; ?>">
<table border="1" cellspacing="1" cellpadding="2">
<tr>
<td>Post Title</td>
<td><input name="title" type="text" size="100" id="title" value="<?php echo "{$wor['news_title']}"; ?>"></td>
</tr>
<tr>
<td>Post Image<br>Comment</td>
<td><input name="thcom" type="text" size="100" id="thcom" value="<?php echo "{$wor['news_th_com']}"; ?>"></td>
</tr>
<tr>
<td>Article Text</td>
<td><textarea name="story" rows="20" cols="100" type="text" id="story"><?php echo "{$wor['news_story']}"; ?></textarea></td>
</tr>
<tr>
<td>Name</td>
<td><input name="poster" type="text" size="100" id="poster" value="<?php echo "{$wor['news_poster']}"; ?>"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>
<input type=hidden name="action" value="edit">
<input type="submit" name="Submit" Value="Submit">
</form>
<?php } // end if_3 ?>


<?php

// when submit is hit, update the post

if ($_POST['submit']) //if_4
{

$id = $_POST['id'];
$title = $_POST['title'];
$thcom = $_POST['thcom'];
$story = $_POST['story'];
$poster = $_POST['poster'];
$sqlqq = "UPDATE news SET news_title='$title', news_th_com='$thcom', news_story='$story', news_poster='$poster' WHERE news_id='$id'";
mysql_query($sqlqq) or die(mysql_error());
mysql_close();
echo "Done";
} //end if_4

} //end_if_2
} //end auth
} //end if_0
} //end if_00
//if the cookie does not exist, they are taken to the login screen
else
{
header("Location: login.php");
}
?>

I threw in a lot of comments to make sure i knew what was going on.
If i have a misunderstanding of any of this, let me know please

Fumigator
03-05-2007, 08:50 PM
It looks like you're using a variable $action in one spot, but the variable $_GET['action'] everywhere else. If register_globals is "on" (it defaults to off in later versions of PHP) then that code will work, because the value of $_GET['action'] will automatically be assigned to $action. You should probably not assume register_globals is on, and use $_GET['action'] exclusively.

MnilinM
03-05-2007, 09:02 PM
So basically, are you saying make:


if($_GET['action']=="edit" || $_POST['action']=="edit")

into


if($_GET['action']=="edit")
?

(basicaly removing the $_POST part in order to comply with the lack of global variables?)

Fumigator
03-05-2007, 09:14 PM
No.... I mean don't use $action, use $_GET['action'] (or $_POST['action'], depending on what action the form uses).

MnilinM
03-05-2007, 09:37 PM
ok, so if in what i have labled as if_1 i replace $action with $_GET['action'] i see the form, if i edit and hit enter, it refreshes, shows me the list of entries (like it only should if action=edit isn't in the address bar) and the form with unchanged data.

If in place of $action i put $_POST['action'] i see the list of entries as well as the edit box, and the changes still don't save.

I verify this with another simple .php that just lists the contents of the table.

I see what you mean, though... the $action was in there completely randomly it seems.

ClubCosmic
03-05-2007, 10:49 PM
I think what fumigator means is.
replace:

if(!isset($action))

with:

if (!isset($_GET[action])) {

MnilinM
03-05-2007, 10:54 PM
no single quotes?
Like i said above, i did end up taking out $action.
When i used $_GET['action'] in it's place, the file still didn't work.
I shaped it up a tad to make it easier to read.



<?php

// connect to db
mysql_connect("localhost","root","password");
mysql_select_db("database");

// start auth
if(isset($_COOKIE['ID_my_site'])) //if_00
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{

// if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password']) // if_0
{ header("Location: login.php");
}

// otherwise they are shown the admin area
else
{

// if action doesnt show up in the address
if(!isset($_GET['action'])) //if_1
{

// show fields to edit
$result = mysql_query("SELECT * FROM news ORDER BY news_id DESC") or die(mysql_error());
$self = $_SERVER['PHP_SELF'];

echo "<table width=\"75%\" border=1>";
while($row = mysql_fetch_array($result))
{
echo "<tr><td>{$row['news_title']}</td><td>{$row['news_datee']}</td><td><a href=\"$self?action=edit&id={$row['news_id']}\">Edit</a></td></tr>";
}
echo "</table>";
} //end if_1


// if action=edit is in the address and post
if($_GET['action']=="edit" || $_POST['action']=="edit") //if_2
{

// if the submit button hasnt been pressed, show the form
if (!isset($_POST['submit'])) //if_3
{
$id = $_GET['id'];
$sqlq = "SELECT * FROM news";
$result = mysql_query($sqlq) or die(mysql_error());
$wor = mysql_fetch_array($result);

?>
Admin Area - News - Edit<br><br>
<form action="n_e.php" method="post" enctype="multipart/form-data">
<input type=hidden name="id" id="id" value="<?php echo "{$wor['news_id']}"; ?>">
<table border="1" cellspacing="1" cellpadding="2">
<tr>
<td>Post Title</td>
<td><input name="title" type="text" size="100" id="title" value="<?php echo "{$wor['news_title']}"; ?>"></td>
</tr>
<tr>
<td>Post Image<br>Comment</td>
<td><input name="thcom" type="text" size="100" id="thcom" value="<?php echo "{$wor['news_th_com']}"; ?>"></td>
</tr>
<tr>
<td>Article Text</td>
<td><textarea name="story" rows="20" cols="100" type="text" id="story"><?php echo "{$wor['news_story']}"; ?></textarea></td>
</tr>
<tr>
<td>Name</td>
<td><input name="poster" type="text" size="100" id="poster" value="<?php echo "{$wor['news_poster']}"; ?>"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
</tr>
</table>
<input type=hidden name="action" value="edit">
<input type="submit" name="Submit" Value="Submit">
</form>
<?php } // end if_3

// when submit is hit, update the post
if ($_POST['submit']) //if_4
{

$id = $_POST['id'];
$title = $_POST['title'];
$thcom = $_POST['thcom'];
$story = $_POST['story'];
$poster = $_POST['poster'];
$sqlqq = "UPDATE news SET news_title='$title', news_th_com='$thcom', news_story='$story', news_poster='$poster' WHERE news_id='$id'";

mysql_query($sqlqq) or die(mysql_error());
mysql_close();

echo "Done";

} //end if_4

} //end_if_2
} //end auth
} //end if_0
} //end if_00

//if the cookie does not exist, they are taken to the login screen
else
{
header("Location: login.php");
}
?>

You can see i added $_GET['action'] which i see why i should use it, i read 4-5 different sites to get a good idea about how it and $_POST work.

I might still have some crappy small error somewhere though because it's not working.
I think the error is in if_4 but i don't know

ClubCosmic
03-05-2007, 11:18 PM
maybe it is this line:

if($_GET['action']=="edit" || $_POST['action']=="edit")

try to verify them one at a time instead of verifing both at the same time.

Inigoesdr
03-05-2007, 11:26 PM
Change the submit name to lowercase to match your variables for one thing:

<input type="submit" name="submit" Value="Submit">
Value doesn't matter.

MnilinM
03-05-2007, 11:36 PM
maybe it is this line:

if($_GET['action']=="edit" || $_POST['action']=="edit")

try to verify them one at a time instead of verifing both at the same time.
Ok, probably a good idea. I have no idea how though. ^^
Like the forum has titled me, "new coder"


Change the submit name to lowercase to match your variables for one thing:

<input type="submit" name="submit" Value="Submit">
Value doesn't matter.
It would be my luck... a friggn' capital letter was what was doing it.

It works now, thanks a ton.

For anyone else looking for an Edit script, what i posted above with the exception of the caps mismatch works.

Inigoesdr
03-05-2007, 11:38 PM
Yep, it happens. It's a good idea to keep all of your variables in lowercase when programming to hopefully prevent any problems with case later. =]

Fumigator
03-05-2007, 11:42 PM
Glad you got it working!

To answer your sidebar question, you should always enclose array element names in quotes (single is fine in most cases). $_POST[action] is invalid but PHP just happens to make it work-- unless "action" is a constant, then it will die. $_POST['action'] will always work the way you intend it to.

Fumigator
03-05-2007, 11:47 PM
Yep, it happens. It's a good idea to keep all of your variables in lowercase when programming to hopefully prevent any problems with case later. =]

It's quite alright to capitalize first letters, you just have to be consistent. I tend toward Java convention, lowercasing the first word in a variable and uppercasing following words (i.e. $totalTax, $blueVelvetSeatCushion, etc.) but whatever you get used to and enjoy using is fine. The important thing is to make sure the variable names are meaningful... $aaa indicates nothing (unless you are programming baby talk) whereas $photoTitle indicates that is the variable that hold the value for the title of the photo.

Inigoesdr
03-06-2007, 12:05 AM
It's quite alright to capitalize first letters, you just have to be consistent.
Right, I meant it's easier to be consistent if you stick to one particular style, and all lowercase is probably easiest for most people. If you code in other languages (Java, C#, or basically any C variant) case is very important and you usually have to use a capitalization style.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum