[RESOLVED] Database not getting updated

schwim

Hi there everyone,

I'm attempting to edit submissions, one page passing the values to a submit page, and the submit page alters the db.

Problem is, it's not altering the DB although it states that it is.

Here's the code for submit.php in it's entirity:

include("../config.php");

/*this query will get the needed information for debugging, and it's a placeholder for future variables*/

 $result = mysql_query('SELECT * FROM config') or exit(mysql_error());
while ($row = mysql_fetch_assoc($result)) {

$debug = $row['debug'];

if(debug==1){
error_reporting(E_ALL);
}

}

//session_start();
//if(!session_is_registered(myusername)){
//header("location:login.php");
//}

$id=($_POST['id']);

$author = strip_tags (addslashes ($_POST['author']));
$author_email = strip_tags (addslashes ($_POST['author_email']));
$authorweb = strip_tags (addslashes ($_POST['authorweb']));
$authorwebname = strip_tags (addslashes ($_POST['authorwebname']));
$title = strip_tags (addslashes ($_POST['title']));
$testtext = addslashes ($_POST['testtext']);

function removeEvilAttributes($tagSource)
{
       $stripAttrib = "' (style|class)=\"(.*?)\"'i";
       $tagSource = stripslashes($tagSource);
       $tagSource = preg_replace($stripAttrib, '', $tagSource);
       return $tagSource;
}

function removeEvilTags($source)
{
   $allowedTags='<a><br><b><i>' .
             '<li><ol><p><strong>' .
             '<u><ul>';
   $source = strip_tags($source, $allowedTags);
   return preg_replace('/<(.*?)>/ie', "'<'.removeEvilAttributes('\\1').'>'", $source);
}

$testtext2 = removeEvilTags($testtext);

mysql_query("UPDATE testimonials SET (author, author_email, authorweb, authorwebname, title, testtext) = ('$author', '$author_email', '$authorweb', '$authorwebname', '$title', '$testtext2') WHERE id = ".$id."");

echo $id;
echo "<center>Database Updated.</center>
<a href=\"javascript:window.close()\">Close Window</a>";

All I get is "Database Updated."

I've also tried:

mysql_query("UPDATE testimonials SET (author, author_email, authorweb, authorwebname, title, testtext) = ('$author', '$author_email', '$authorweb', '$authorwebname', '$title', '$testtext2') WHERE id = $id");

to the same result.

Do you guys see any reason why it wouldn't update the record in the db?

thanks,
json

ClarkF1

Have you tried

mysql_query("UPDATE testimonials SET author = '$author', author_email = '$author_email', ... WHERE id = $id");

schwim

Hi there, and thanks very much for your reply.

I changed it to your suggestion:

mysql_query("UPDATE testimonials SET author = '$author', author_email = '$author_email', authorweb = '$author_web', authorwebname = '$authorwebname', title = '$title', testtext = '$testtext2', WHERE id = $id");

and it still does the same thing. It tells me that the db has been updated, but when I refresh the submission, it's not altered.

[EDIT]also, just to take one possibility out of the mix, I'm echoing the id value on the submit page, and it's showing properly, so the id is getting passed to the page.[/EDIT]

thanks,
json

mjax

After executing queries you should alway check the mysql_error() function to see if any errors occurred. I'm 100% sure that your UPDATE SQL is not correct.

'UPDATE (fields) = (values) WHERE' is not valid SQL.

It should look like 'UPDATE tablename SET field1=value1, field2=value2 WHERE ...'

schwim

mjax, thank you very much for your help. With adding the error string, I found my problem. Clark's string was correct, but I neglected to remove a trailing comma in my string. Removing it fixed my problem.

thanks,
json