PDA

View Full Version : UPDATE subject won't work



RDLyTN
01-12-2012, 11:58 AM
Hello,

I'm trying to make a CMS. I already can get the subjects and pages in my navigation, I can add new subjects and delete them. But it won't work to edit them. Does someone knows what the problem is?

CONTENT.PHP



<?php require_once("includes/functions.php"); ?>
<?php require_once("includes/connection.php"); ?>
<?php find_selected_page(); ?>
<?php include("includes/header.php"); ?>
<table id="structure">
<tr>
<td id="navigation">
<?php echo navigation($sel_subject, $sel_page); ?>
<br />
<a href="new_subject.php">+ Add a new subject</a>
</td>
<td id="page">
<?php if(!is_null($sel_subject)) { ?>
<h2><?php echo $sel_subject['menu_name']; ?></h2>
<?php } elseif(!is_null($sel_page)) { ?>
<h2><?php echo $sel_page['menu_name']; ?></h2>
<div class="page-content">
<?php echo $sel_page['content']; ?>
</div>
<?php } else { ?>
<h2>Select a subject or page to edit</h2>
<?php } ?><br />
</td>
</tr>
</table>
<?php include("require/footer.php"); ?>


EDIT_SUBJECT.PHP


<?php require_once("includes/functions.php"); ?>
<?php require_once("includes/connection.php"); ?>
<?php
if(intval($_GET['subj']) == 0) {
redirect_to("content.php");
}

if(isset($_POST['submit'])) {
$errors = array();

$required_fields = array('menu_name', 'position', 'visible');
foreach($required_fields as $fieldname) {
if(!isset($_POST[$fieldname]) || empty($_POST[$fieldname])) {
$errors[] = $fieldname;
}
}

$fields_with_lengths = array('menu_name' => 30);
foreach($fields_with_lengths as $fieldname => $maxlenght) {
if(strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) {
$errors[] = $fieldname;
}
}

if(empty($errors)) {
$id = mysql_prep($_GET['subj']);
$menu_name = mysql_prep($_POST['menu_name']);
$position = mysql_prep($_POST['position']);
$visible = mysql_prep($_POST['visible']);

$query = "UPDATE subjects SET
menu_name = '{$menu_name}',
position = {$position},
visible = {$visible}
WHERE id = {$id}";
$result = mysql_query($query, $connection);
if(mysql_affected_rows() == 1) {
// Succes
$message = "The subject was successfully updated.";
} else {
// Failed
$message = "The subject update failed.";
$message .= "<br />" . mysql_error();
}
} else {
// Errors occurred
$message = "There were " . count($errors) . " errors in the form";
}
}
?>
<?php find_selected_page(); ?>
<?php include("includes/header.php"); ?>
<table id="structure">
<tr>
<td id="navigation">&nbsp;
<?php echo navigation($sel_subject, $sel_page); ?>
</td>
<td id="page">
<h2>Edit Subject: <?php echo $sel_subject['menu_name']; ?></h2>
<?php
if(!empty($message)) {
echo"<p class=\"message\">" . $message . "</p>";
}
?>
<?php
if(!empty($errors)) {
echo "<p class=\"errors\">";
echo "Please review the following fileds:<br />";
foreach($errors as $error) {
echo " - " . $error . "<br />";
}
echo "</p>";
}
?>
<form action="edit_subject.php?subj=<?php echo
urlencode($sel_subject['id']); ?>" method="post">
<p>Subject name:
<input type="text" name="menu_name" value="<?php echo
$sel_subject['menu_name']; ?>" id="menu_name" />
</p>
<p>Position:
<select name="position">
<?php
$subject_set = get_all_subjects();
$subject_count = mysql_num_rows($subject_set);
for($count=1; $count <= $subject_count+1; $count++) {
echo "<option value=\"{$count}\"";
if($sel_subject['position'] == $count) {
echo " selected";
}
echo ">{$count}</option>";
}
?>
</select>
</p>
<p>Visible:
<input type="radio" name="visible" value="0"<?php
if($sel_subject['visible'] == 0) { echo " checked"; }
?> /> No
&nbsp;
<input type="radio" name="visible" value="1"<?php
if($sel_subject['visible'] == 1) { echo " checked"; }
?> /> Yes
</p>
<input type="submit" name="submit" value"Edit Subject" />
&nbsp;&nbsp;
<a href="delete_subject.php?subj=<?php echo
urlencode($sel_subject['id']); ?>" onclick="return confirm('Are you sure?');">Delete Subject</a>
</form>
<br />
<a href="content.php">Cancel</a>
</td>
</tr>
</table>
<?php include("includes/footer.php"); ?>


FUNCTIONS.PHP


<?php
function mysql_prep($value) {
$magic_quotes_active = get_magic_quotes_gpc();
$new_enough_php = function_exists("mysql_reql_escqpe_string");
if($new_enough_php) {
if($magic_quotes_active) { $value = stripslashes($value); }
$value = mysql_real_escape_string($value);
} else {
if(!magic_quotes_active) { $value = addslashes($value); }
}
return $value;
}

function redirect_to($location = NULL) {
if($location != NULL) {
header("Location: {$location}");
exit;
}
}

function confirm_query($result_set) {
if(!$result_set) {
die("Database query failed: " .mysql_error());
}
}

function get_all_subjects() {
global $connection;
$query = "SELECT *
FROM subjects
ORDER BY position ASC";
$subject_set = mysql_query($query, $connection);
confirm_query($subject_set);
return $subject_set;
}

function get_pages_for_subject ($subject_id) {
global $connection;
$query = "SELECT *
FROM pages
WHERE subject_id = {$subject_id}
ORDER BY position ASC";
$page_set = mysql_query($query, $connection);
confirm_query($page_set);
return $page_set;
}

function get_subject_by_id($subject_id) {
global $connection;
$query = "SELECT * ";
$query .= "FROM subjects ";
$query .= "WHERE id=" . $subject_id . " ";
$query .= "LIMIT 1";
$result_set = mysql_query($query, $connection);
confirm_query($result_set);
if($subject = mysql_fetch_array($result_set)) {
return $subject;
} else {
return NULL;
}
}

function get_page_by_id($page_id) {
global $connection;
$query = "SELECT * ";
$query .= "FROM pages ";
$query .= "WHERE id=" . $page_id . " ";
$query .= "LIMIT 1";
$result_set = mysql_query($query, $connection);
confirm_query($result_set);
if($page = mysql_fetch_array($result_set)) {
return $page;
} else {
return NULL;
}
}

function find_selected_page() {
global $sel_subject;
global $sel_page;
if(isset($_GET['subj'])) {
$sel_subject = get_subject_by_id($_GET['subj']);
$sel_page = NULL;
} elseif(isset($_GET['page'])) {
$sel_subject = NULL;
$sel_page = get_page_by_id($_GET['page']);
} else {
$sel_subject = NULL;
$sel_page = NULL;
}
}

function navigation($sel_subject, $sel_page) {
$output = "<ul class=\"subjects\">";
$subject_set = get_all_subjects();

while($subject = mysql_fetch_array($subject_set)) {
$output .= "<li";
if ($subject["id"] == $sel_subject['id']) { $output .= "
class=\"selected\""; }
$output .= "><a href=\"edit_subject.php?subj=" . urlencode($subject["id"]) .
"\">{$subject["menu_name"]}</a></li>";
$page_set = get_pages_for_subject($subject["id"]);
$output .= "<ul class=\"pages\">";

while($page = mysql_fetch_array($page_set)) {
$output .= "<li";
if ($page["id"] == $sel_page['id']) { $output .= " class=\"selected\""; }
$output .= "><a href=\"content.php?page=" . urlencode($page["id"]) .
"\">{$page["menu_name"]}</a></li>";
}
$output .= "</ul>";
}
$output .= "</ul>";
return $output;
}

?>

tangoforce
01-12-2012, 02:23 PM
Have you tried running that SQL update statement manually via phpmyadmin? - That is one of the best ways to test your SQL.

Also some of your values don't have ' either side of them in the SQL. While not strictly necessary for integers it still works and I've often found its better to use them.