PHP MYSQL editing

system5

Hi guys

Was trying to find a way of editing MYSQL with PHP so regular users could editing certain things about them.

The only tutorial I could find on this was from this site[/site].

The tutorial is pretty straight forward however I keep getting an error when trying it

The error, is that it does not actually update the rows. It displays the data perfectly fine in each text box, so it can see the database. However whenever I click submit, it just takes me back to the edit list with all changes ignored (no thank you message displayed).

<? 
//connect to mysql
//change user and password to your mySQL name and password
mysql_connect("localhost","user","password"); 

//select which database you want to edit
mysql_select_db("spoono_sections"); 

//If cmd has not been initialized
if(!isset($cmd)) 
{
   //display all the news
   $result = mysql_query("select * from news order by id"); 

   //run the while loop that grabs all the news scripts
   while($r=mysql_fetch_array($result)) 
   { 
      //grab the title and the ID of the news
      $title=$r["title"];//take out the title
      $id=$r["id"];//take out the id

 //make the title a link
  echo "<a href='edit.php?cmd=edit&id=$id'>$title - Edit</a>";
  echo "<br>";
}
}
?>
<?
if($_GET["cmd"]=="edit" || $_POST["cmd"]=="edit")
{
   if (!isset($_POST["submit"]))
   {
      $id = $_GET["id"];
      $sql = "SELECT * FROM news WHERE id=$id";
      $result = mysql_query($sql);        

      $myrow = mysql_fetch_array($result);
      ?>

  <form action="edit.php" method="post">
  <input type=hidden name="id" value="<?php echo $myrow["id"] ?>">

  Title:<INPUT TYPE="TEXT" NAME="title" VALUE="<?php echo $myrow["title"] ?>" SIZE=30><br>
  Message:<TEXTAREA NAME="message" ROWS=10 COLS=30><? echo $myrow["message"] ?></TEXTAREA><br>
  Who:<INPUT TYPE="TEXT" NAME="who" VALUE="<?php echo $myrow["who"] ?>" SIZE=30><br>

  <input type="hidden" name="cmd" value="edit">

  <input type="submit" name="submit" value="submit">

  </form>

<? } ?>
<?
   if ($_POST["$submit"])
   {
      $title = $_POST["title"];
	  $message = $_POST["message"];
	  $who = $_POST["who"];

  $sql = "UPDATE news SET title='$title',message='$message',who='$who' WHERE id=$id";
  //replace news with your table name above
  $result = mysql_query($sql);
  echo "Thank you! Information updated.";
}
}
?>

Alternativly any suggestions for other methods for me to try are just as good.

djjjozsi

to the update query the $id could not passed.
tathe content ID to a hidden field in your form, and if you click on the update button,

add value to $id variable: $id=$_POST["id"]

And in this IF condion: ($_POST["$submit"])

do not use that $submit variable, just use $_POST["submit"]

//If cmd has not been initialized
if(!isset($cmd))

If this cmd variable got a value from a link or form, use $POST os $GET superglobal in this condition. This line remindes me the REGISTER globals directive problem.

system5

djjjozsi;10905331 wrote:
to the update query the $id could not passed.
tathe content ID to a hidden field in your form, and if you click on the update button,

add value to $id variable: $id=$_POST["id"]

And in this IF condion: ($_POST["$submit"])

do not use that $submit variable, just use $_POST["submit"]

If this cmd variable got a value from a link or form, use $POST os $GET superglobal in this condition. This line remindes me the REGISTER globals directive problem.

Ah thats awesome. Been bugging me all day.... should had come here first 🙂

As a quick follow up question, this app will just display all the rows in one big splurge. What would you sugest for displaying it in smaller bunches?

djjjozsi

you should make a simple pager to this application first.

lets have a look at the stripslashes function, if in your system the magic quotes gps apache settings is enabled then you should use this.

system5

Just did a quick test. Looks Magic Quotes are enabled on my server.

Not used this before however.