MySQL Update inserting weird data

romanali

Hi. I hope you are all well. 🙂

I have a question. In my php script I have an array with four values. The array is generated from a string with the explode function. For testing purposes, I know exactly what string is exploded into the array and I have double checked it by echoing it out ... and the values in the array are as expected. However, when I try to update the mysql database with it, the first three array items are inserted into the row correctly, but the last array item is not, instead of "m" being inserted, the word "css" is inserted ... and I have no idea where that's coming from.

// this string is passed in via querystring and can change, but it will always be three numbers and a letter separated by forward slashes
$load="1/1/1/m";

$load = explode("/", $load);

$currentBook = $load[0];
$currentAct = $load[1];
$currentScene = $load[2];
$currentGender = $load[3];

$query = "UPDATE table_name SET current_book='" . mysql_real_escape_string($currentBook) . "', current_act='" . mysql_real_escape_string($currentAct) . "', current_scene='" . mysql_real_escape_string($currentScene) . "', current_gender='" . mysql_real_escape_string($currentGender) . "' WHERE userid=" . mysql_real_escape_string($userID);

mysql_query($query);

Appreciate any help. 🙂

NogDog

Any possibility that $userID is not set or has the wrong value, and thus no DB row is actually being updated? You could stick a mysql_affected_rows() in there after the query to find out how many rows were actually updated.

romanali

NogDog;10956883 wrote:
Any possibility that $userID is not set or has the wrong value, and thus no DB row is actually being updated? You could stick a mysql_affected_rows() in there after the query to find out how many rows were actually updated.

Thank you for the suggestion NogDog. All the variables are indeed set, and the update operation does execute and sets all the values correctly except the last one. Very strange indeed.

NogDog

What is the relevant column's definition in the DB? (I'm grasping at straws.)

romanali

The column is defined as varchar of length 10 (it only needs to store the letters "m" or "f" or "n"). The collation is for unicode, i.e. utf8_general_ci.

I know it's a lot of code, so I don't expect you to study it carefully if you don't have the time. I appreciate the suggestions already given. However, I may as well post it in case there is some obvious mistake I have made that is so obvious that I can't actually see it! 😕

Just to re-iterate, all the querystring data is being successfully passed in. Also, the page loads fine (with default settings for the current book/act/scene/gender) if a "load" querystring value is not given.

Thanks again for the help. An no worries if you don't have the time, or just can't see the solution. I do hope I can fix it by staring at it long enough.

romanali

//function to return querystring values, or default
	function getQString($key, $default = ""){
		return isset($_GET[$key]) && $_GET[$key] != "" ? $_GET[$key] : $default;
	}

include('config.php');

//database connection established in config file, now enable arabic letters
mysql_query("SET NAMES 'cp1256'");
//mysql_query("SET CHARACTER SET 'cp1256'");

//process querystring data
$user		= getQString("user",	"none");
$POI		= getQString("POI",		"none");
$loadString = getQString("load",	"none");

//setup error message to show on page if something fails
$errorMessage = "";

if($user != "none" && $POI != "none"){
	//check if user is a student
	$query = "SELECT * FROM mdl_user INNER JOIN mdl_role_assignments ON mdl_user.id=mdl_role_assignments.userid WHERE mdl_role_assignments.roleid=5 AND mdl_user.username='" . mysql_real_escape_string($user) . "'";
	$resultUser = mysql_query($query);

	if(mysql_num_rows($resultUser) > 0){ //if user is indeed a student
		//get database user ID of the student
		$userID = mysql_result($resultUser, 0, "id");
		mysql_data_seek($resultUser,0);

		/* Set default values for user position data.
		 * These variables will be overwritten below if database contains the data for the user.
		 * Otherwise, a new record will be created in database with these default values.
		 */
		$userBook		= 1;		// the "user..." variables indicate the maximum available book/act/scene to this user
		$userAct		= 1;
		$userScene		= 1;
		$currentBook	= 1;	// the "current..." variables indicate which book/act/scene is being reviewed by the user
		$currentAct		= 1;
		$currentScene	= 1;
		$currentGender	= "m";





		//if load data was passed in via querystring, check if the desired book/act/scene is available to this user
		$loadValid = true;
		if($loadString != "none"){
			$loadArray = explode("/", $loadString);
			if($loadArray[0] > $userBook){
				$loadValid = false;
			}
			else if($loadArray[0] == $userBook){
				if($loadArray[1] > $userAct){
					$loadValid = false;
				}
				else if($loadArray[1] == $userAct){
					if($loadArray[2] > $userScene){
						$loadValid = false;
					}
				}
			}
		}
		else{
			$loadValid = false;
		}

		//if desired book/act/scene is available, save current position data in database (for next time)
		if($loadValid){
			$currentBook	= $loadArray[0];
			$currentAct		= $loadArray[1];
			$currentScene	= $loadArray[2];
			$currentGender	= $loadArray[3];

			mysql_query("SET NAMES 'utf8'");
			$query = "UPDATE mdl_arabixia_user_position SET current_book='" . mysql_real_escape_string($currentBook) . "', current_act='" . mysql_real_escape_string($currentAct) . "', current_scene='" . mysql_real_escape_string($currentScene) . "', current_gender='" . mysql_real_escape_string($currentGender) . "' WHERE userid=" . mysql_real_escape_string($userID);
			mysql_query($query);
			mysql_query("SET NAMES 'cp1256'");

		}
		else if($loadString != "none"){
			//user has tried to load a quiz they are not upto yet
			$errorMessage .= "You need to complete more storylines first. Please choose Book:$userBook Act:$userAct Scene:$userScene to continue as normal";
			if(!($userBook==1 && $userAct==1 && $userScene==1)){
				$errorMessage .= ", or choose a storyline preceding it to review";
			}
			$errorMessage .= ".<br/><br/>";
		}





		//get latest user position data from db, because if user did not provide the load data via querystring, we need to overwrite the default values set above, in order to resume the same quiz session from last time
		if($loadValid || $loadString == "none"){
			$query = "SELECT * FROM mdl_arabixia_user_position WHERE userid=" . mysql_real_escape_string($userID);
			$resultUserPosition = mysql_query($query);
			if(mysql_num_rows($resultUserPosition) > 0){
				while($row = mysql_fetch_array($resultUserPosition, MYSQL_ASSOC)){
					$userBook		= $row['book'];
					$userAct		= $row['act'];
					$userScene		= $row['scene'];
					$currentBook	= $row['current_book'];
					$currentAct		= $row['current_act'];
					$currentScene	= $row['current_scene'];
					$currentGender	= $row['current_gender'];
				}
				unset($row);
			}
			else{ //...but if no position record exists for this user, create a new record with the default values
				mysql_query("SET NAMES 'utf8'");
				$query = "INSERT INTO mdl_arabixia_user_position (userid, book, current_book, act, current_act, scene, current_scene, current_gender) VALUES ('" . mysql_real_escape_string($userID) . "', '1', '1', '1', '1', '1', '1', '" . mysql_real_escape_string($currentGender) . "')";
				mysql_query($query);
				mysql_query("SET NAMES 'cp1256'");
			}





			//create gender selection radio buttons (with the correct one checked) to be displayed in HTML form
			$genderButtons  =	"<div style=\"float: left; margin-left: 25px;\">";
			$genderButtons .=	"<label for=\"genderInputMasculine\">Masculine Context</label><input type=\"radio\" name=\"genderInput\" id=\"genderInputMasculine\" value=\"m\"";
			if($currentGender == "m"){
				$genderButtons .= " checked ";
			}
			$genderButtons .=	"/>&nbsp;&nbsp;&nbsp;&nbsp;<label for=\"genderInputFeminine\">Feminine Context</label><input type=\"radio\" name=\"genderInput\" id=\"genderInputFeminine\" value=\"f\"";
			if($currentGender == "f"){
				$genderButtons .= " checked ";
			}
			$genderButtons .=	"/>&nbsp;&nbsp;&nbsp;&nbsp;</div>";





			//get the quiz id of the current scene
			$currentQuizID = -1;
			$query = "SELECT * FROM mdl_quiz WHERE name LIKE 'BAS/" . mysql_real_escape_string($currentBook) . "/" . mysql_real_escape_string($currentAct) . "/" . mysql_real_escape_string($currentScene) . "/" . mysql_real_escape_string($currentGender) . "/%'";
			$resultCurrentQuiz = mysql_query($query);
			if(mysql_num_rows($resultCurrentQuiz) > 0){
				$currentQuizID = mysql_result($resultCurrentQuiz, 0, "id");
				mysql_data_seek($resultCurrentQuiz,0);





				//now check if this quiz is available at this POI
				$query = "SELECT quiz_id FROM mdl_arabixia_poi_quiz WHERE poi_num=" . mysql_real_escape_string($POI) . " AND quiz_id=" . $currentQuizID;
				$resultPOIQuiz = mysql_query($query);
				if(mysql_num_rows($resultPOIQuiz) > 0){
					//to display the quiz, extract question id numbers and quiz intro first
					$quizIntro;
					$questionIDs;
					while($row = mysql_fetch_array($resultCurrentQuiz, MYSQL_ASSOC)){
						$questionIDs = explode(",", $row['questions']);
						$quizIntro = $row['intro'];
					}
					unset($row);





					//now get the actual questions
					$questionCount = count($questionIDs) - 1; //a question with id 0 is appended by default in moodle db, ignore it
					if($questionCount > 0){
						//set the query to be used
						$query = "SELECT * FROM mdl_question WHERE id=";
						for($i=0; $i<$questionCount; $i++){
							$query .= mysql_real_escape_string($questionIDs[$i]);
							if($questionCount - $i >= 2){
								$query .= " OR id=";
							}
						}
						$resultQuestions = mysql_query($query);





						//set up question-and-answer panels
						$dynamicPanels;
						$idCounter = 0;
						if(mysql_num_rows($resultQuestions) > 0){
							while($row = mysql_fetch_array($resultQuestions, MYSQL_ASSOC)){

								//panel
								$dynamicPanels .= "<div id=\"dynamicPanel_" . $idCounter . "\" class=\"dynamicPanel\">";

									//question
									$dynamicPanels .= "<div class=\"dynamicPanelQuestion\">" . $row['questiontext'] . "</div>";

									//answer
									$dynamicPanels .= "<div class=\"dynamicPanelAnswer\">";
									if($row['qtype']=="shortanswer"){
										//input box
										$dynamicPanels .= "<div class=\"input-box\"><div class=\"input-box-top\"></div><div class=\"input-box-middle\">";
										$dynamicPanels .= "<textarea id=\"text_" . $idCounter . "\" name=\"text_" . $idCounter . "\" class=\"text\" wrap=\"soft\" onfocus=\"VirtualKeyboard.attachInput(this)\"></textarea>";
										$dynamicPanels .= "</div><div class=\"input-box-bottom\"></div></div>";
									}
									$dynamicPanels .= "</div>"; //end of answer

								$dynamicPanels .= "</div>"; //end of panel
								$idCounter++;
							}
							unset($row);
						}
					}
					else{
						$errorMessage .= "Storyline BAS/" . $currentBook . "/" . $currentAct . "/" . $currentScene . "/" . $currentGender . " has no questions.<br/><br/>";
					}
				}
				else{
					//this quiz is not available at this POI, tell the student to come back later
					$errorMessage .= "Your current storyline is for another location on the island.<br/><br/>";
				}
			}
			else{
				//this quiz is not in the system, show error message
				$errorMessage .= "Storyline BAS/" . $currentBook . "/" . $currentAct . "/" . $currentScene . "/" . $currentGender . " appears to be unavailable.<br/><br/>";
			}
		}
	}
	else{
		$errorMessage .= "It appears you are not registered as a student on the system.<br/><br/>";
	}
}
else{
	$errorMessage .= "The dashboard did not successfully pass your name and/or location details to the quiz engine.<br/><br/>";
}

//close db connection and exit
mysql_close($conn);

romanali

I have solved it (after 2 days of staring at the screen)! 😃

The querystring contained four values together, e.g. index.php?load=1/1/1/m

The values referring to book, act, scene, and gender respectively. I know it would have been just as easy to send them as four different values, but I thought I was being efficient sending them like that, then exploding the string into an array.

After exploding, I did manage the echo out the values, so I knew they had arrived successfully, and exploded successfully too ... but it seems the forward slash was the dark knight in there ... because after replacing it with a hyphen (in the query string), now the code works fine!

Thanks again for trying to help. I should never have used the slash. Ah well, at least we know what NOT to do next time! :bemused: