SitePoint Sponsor

User Tag List

Results 1 to 11 of 11
  1. #1
    SitePoint Addict
    Join Date
    Apr 2010
    Posts
    390
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    simple Update form not update field on database help

    Hi i have this simple update form and scrip but somehow it doesnt seem to be update the field on the database can someone help out please.

    The html form is the second form bellow where the action send to status_update.php
    PHP Code:
    <?php                include("../header.html");            ?>
    <?php                
    include("header_news.html");            
    extract($_REQUEST,EXTR_SKIP);
    ?><?php            
    /*                print("sfilm_refnum = $sfilm_refnum<BR>");                
    print("sfilm_addr01 = $sfilm_addr01<BR>");                
    print("sfilm_postcode = $sfilm_postcode<BR>");                
    print("Film Client = $fclient<BR>");            */             
    ?>            
    <form id="search" action="list.php" method="post" name="search">                
    <table width="780" border="0" cellspacing="0" cellpadding="4" bgcolor="#eeeeee">                    
    <tr>                        
    <td align="right" width="140"></td>                        
    <td width="320"><span class="hofblack10">                            
    </span>                            
    </td>                        
    <td align="center" width="100"><input type="hidden" name="lstart" value="<?php print("$lstart"); ?>" /><input type="hidden" name="lend" value="<?php print("$lend"); ?>" /><input type="hidden" name="lamount" value="<?php print("$lamount"); ?>" /></td>                        <td align="center" width="100"></td>                        
    <td align="right"></td>                    
    </tr>                
    </table>            
    </form>            
    <table width="780" border="0" cellspacing="0" cellpadding="4" bgcolor="#4050c4">                
    <tr>                  
    <td width="60" class="hofwhite10">action</td>                    
    <td width="140"><span class="hofwhite14">DATE</span></td>                    
    <td width="80"><span class="hofwhite14">ID</span></td>                    
    <td><span class="hofwhite14">News Titile</span></td>                    
    <td width="100"><span class="hofwhite14">Status</span></td>                
    </tr>                
    <tr height="0">                  
    <td bgcolor="white" width="60"></td>                    
    <td bgcolor="white" width="140" height="0"></td>                    
    <td bgcolor="white" width="80" height="0"></td>                    
    <td bgcolor="white" height="0"></td>                    
    <td bgcolor="white" width="100" height="0"></td>                
    </tr>            
    </table><table width="780" border="0" cellspacing="0" cellpadding="4"><tr>                    
    <td width="60"></td>                  
    <td width="80"></td>                    
    <td><a class="blueullrg" href="add.php">Add News</a></td>                    
    <td align="right" width="120"></td>                
    </tr>                
    <tr height="0">                    
    <td width="60" height="0"></td>                  
    <td width="80" height="0"></td>                    
    <td height="0"></td>                    
    <td align="right" width="120" height="0"></td>                
    </tr>            
    </table>  <?php          
    //get the DB connection variables    
    include("../../../includes/config.php");        
    //connect to DB        
    $connection = @mysql_connect($db_address,$db_username,$db_password) or die("Couldn't CONNECT.");        
    $db = @mysql_select_db($db_name$connection) or die("Couldn't select DATABASE.");                
    $query2="SELECT * FROM news WHERE !(news_status='deleted')";        
    $result2 mysql_query($query2) or die("Couldn't execute QUERY - Select NEWS Qty");        
    $fqty mysql_num_rows($result2);            
    //SELECT or FIND the same USERNAME        
    $query3="SELECT * FROM news WHERE !(news_status='deleted') ORDER BY news_id DESC";        
    $result3 mysql_query($query3) or die("Couldn't execute QUERY - Select NEWS");        
    while (
    $row mysql_fetch_array($result3))            
    {                
    $news_id                 $row['news_id'];                
    $news_title                $row['news_title'];                
    $news_story                $row['news_story'];                
    $news_image                $row['news_image'];                
    $news_image_caption        $row['news_image_caption'];                
    $news_image_link        $row['news_image_link'];                
    $news_date_day            $row['news_date_day'];                
    $news_date_month        $row['news_date_month'];                
    $news_date_year            $row['news_date_year'];                
    $news_status            $row['news_status'];                
    $news_website            $row['news_website'];                
    $news_date_created        $row['news_date_created'];        
            
    $news_date_modified        $row['news_date_modified'];    ?>            
            <table width="780" border="0" cellspacing="0" cellpadding="4" bgcolor="#eeeeee">                
            <tr>                  
            <td width="60"><span class="hofblack10">                   
             <?php                    
             
    if($news_status=="deleted"){                        
             print(
    "<a class='hifblack10'>deleted</span>");                    
             }ELSE{                        
             print(
    "<a class='blueul' href='edit.php?id=$news_id'>edit</a>");                    
             }                    
             
    ?>                 
              </span></td>                    
              <td width="140"><span class="titlegrey12">                      
              <?php                      
              
    if(!$news_date_day
              { echo 
    "00"; }
              else{ echo 
    $news_date_day; }                      
              echo 
    "/";                     
               if(!
    $news_date_month) { echo "00"; }else{ echo $news_date_month; }                      
               echo 
    "/";                      
               if(!
    $news_date_year) { echo "0000"; }else{ echo $news_date_year; }                    
               
    ?>                    
               </span></td>                    
               <td width="80"><span class="titlegrey12"><?php                    print("$news_id");                    ?></span>
               </td>                    
               <td><?php                    
               
    if($news_status=="deleted")
               {                        
               print(
    "<class='hofblack10'>$news_title</span>");                    
               }ELSE{                        
               print(
    "<a class='blueul' href='edit.php?id=$news_id'>$news_title</a>");                    
               }                    
               
    ?></td>                    
               <td width="100">                        
               <form id="list_update" action="status_update.php" method="post" name="list_update">                            
            <select name="newnstatus" size="1">                                
               <option  <?php if($row['news_status'] == ""
               {
                print(
    "selected");
               } 
    ?> 
               selected="selected" value="">Status...</option>                                
               <option  <?php if($row['news_status'] == "on")
               {
                print(
    "selected");
               } 
    ?> value="on">On</option>
                   <option  <?php if($row['news_status'] == "off")
               {
                print(
    "selected");
               } 
    ?> value="off">Off</option>
                <option  <?php if($row['news_status'] == "deleted")
               {
                print(
    "selected");
               } 
    ?> value="deleted">Delete</option>
            </select>
             <input type="hidden" name="nstatus" value="<?php echo $row[news_status]; ?>" />                            
               <input type="hidden" name="id" value="<?php echo $row[news_id]; ?>" />                        
               <input type="submit" name="update" value="update" />                        
               </form>                     
                </td>                
                </tr>                
                <tr height="0">                  
                <td bgcolor="white" width="60"></td>                    
                <td bgcolor="white" width="140" height="0"></td>                    
                <td bgcolor="white" width="80" height="0"></td>                    
                <td bgcolor="white" height="0"></td>                    
                <td bgcolor="white" width="100" height="0"></td>                
                </tr>            
                </table>
                <?php            }        mysql_close($connection);//}?>            
                <table width="780" border="0" cellspacing="0" cellpadding="4">          
                <tr>                    
                <td width="60"></td>                  
                <td width="80"></td>                    
                <td><a class="blueullrg" href="add.php">Add News</a></td>                    
                <td align="right" width="120"></td>                
                </tr>            
                </table><?php                // include("list_navigation.html");            ?>
                <?php                include("../footer.html");            ?>
                </div></body></html>
    and the update file name (status_update.php)
    PHP Code:
    <?php
    /*    echo "fstatus: ".$fstatus."<BR>";    
    echo "id: ".$id."<BR>";    
    echo "fclient: ".$fclient."<BR>";    
    echo "newfstatus: ".$newfstatus."<BR>";*/    
    //set the date of agreement        
    $timestamp date('l jS \of F Y h:i:s A');    
    //get the DB connection variables        
    include("../../../includes/config.php");
    //connect to DB        
    $connection = @mysql_connect($db_address,$db_username,$db_password) or die("Couldn't CONNECT.");        
    $db = @mysql_select_db($db_name$connection) or die("Couldn't select FILMS DATABASE.");    
    // All appears well, so enter into database                
    $query"UPDATE news SET news_status = '$newnstatus' WHERE news_id='$id'";

    $result mysql_query($query) or die("could not execute query - Update FILMS Record to DB");    
    //setup an email to the Admin @ hof, w/o attachment            
    $emailto="xx@xxx.co.uk";        
    $emailfrom="no-reply@xxxx.co.uk";        
    $emailsubject="xx Record Updated";        
    $emailmessage="Hello Registrar\n\n";        
    $emailmessage.="News ID: ".$id."\n";        
    $emailmessage.="Updated on: ".$timestamp."\n\n";        
    $emailmessage.="Status was: ".$nstatus."\n";        
    $emailmessage.="Status now: ".$newfnstatus."\n";        
    $emailmessage.="Thank you,\n\n";        
    $emailmessage.="Web Site ROBOT\n";        
    $emailmessage.="(Administrator)\n";        
    $emailmessage.="xxx.co.uk | xxx.biz\n";        
    $emailmessage.="----------------------------------------------\n";        
    $emailmessage.="e. http://www.xxx.co.uk/contact.php\n";        
    $emailmessage.="w. http://www.xxx.co.uk\n";        
    $emailheader="From: xxx.co.uk<$emailfrom>";
    $emailheader  .= 'Cc: xxx@xxx.co.uk'."\r\n";
    $emailheader  .= 'Bcc: xxx@xxxxx.co.uk'."\r\n";        
    $ok=mail($emailto,$emailsubject,$emailmessage,$emailheader);        
    mysql_close($connection);            
    if (
    $ok)
     {        
     
    header("Location: list.php"); 
     
    /* Redirect browser */        
     
    exit;    
     } else {        
     
    $errmsg="There was a problem, please try later or telephone us direct.";        
     
    $errsta="1";        
     include(
    "edit_error.html");        
     
    //echo "<p>Mail could not be sent. Sorry!</p>";        
     
    exit;    
     }        
     
    ?>
    Thanks in advance

  2. #2
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,496
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Where do you set the values for $id, $nstatus etc in status_update.php ?

  3. #3
    SitePoint Addict
    Join Date
    Apr 2010
    Posts
    390
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok it seems like my issue
    PHP Code:
    if ($ok)
     {        
     
    header("Location: list.php"); 
     
    /* Redirect browser */        
     
    exit; 
    when it redirects to a valid page it doesnt update but if i redirect to page that doesnt exist on my server the update works even
    how can i fix so it redirects to a page that exist and update??

  4. #4
    SitePoint Addict
    Join Date
    Apr 2010
    Posts
    390
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok i found another problem whenever i refresh the form page it resets the value to to old status example when i set status off takes i redirect to page that doesnt exist give me the non exist page error when i use the brwoser to go back the status stays changed but as soon i refresh the page the statust goes back resets itself.

    seems like something wrong on this form page help please?

  5. #5
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,496
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Quote Originally Posted by guido2004 View Post
    Where do you set the values for $id, $nstatus etc in status_update.php ?
    Could you answer this question please? Just to rule out a first possible cause of your problems.

  6. #6
    SitePoint Addict
    Join Date
    Apr 2010
    Posts
    390
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by guido2004 View Post
    Could you answer this question please? Just to rule out a first possible cause of your problems.
    Hi i think its doen on the form i have posted the first part here
    <input type="hidden" name="nstatus" value="<?php echo $row[news_status]; ?>" />
    but i am guessing thats not what you mean so probably your assumption already right. do you think that is the reason why is not working and if so how can i fix it please??

  7. #7
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,496
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    I think that script depends on register_globals being ON. But (and I quote the php manual)
    This feature has been DEPRECATED as of PHP 5.3.0. Relying on this feature is highly discouraged.
    And it seems that it's OFF on your server, as it should be.

    So you can find the form field values in the $_POST array. At the top of the script, put the value in the variables you use in the rest of the script. You should also add some validation of the user input, and use mysql_real_escape_string() on the values before using them in a query.

    For example:
    PHP Code:
    $id '';
    if (isset(
    $_POST['id'])) $id $_POST['id']; 
    And then in the query:
    PHP Code:
    $id '';
    $query"UPDATE news SET news_status = '$newnstatus' WHERE news_id='" mysql_real_escape_string($id) . "'"
    I'm using mysql_real_escape_string on $id because from your query it seems it's a string (it's put between quotes). If it's a number, then you could sanitize it casting it as an (int).

  8. #8
    SitePoint Addict
    Join Date
    Apr 2010
    Posts
    390
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Anyone any idead where i am going wrong with this code that is not updating??
    PHP Code:
    <?php
    /*    echo "fstatus: ".$fstatus."<BR>";    
    echo "id: ".$id."<BR>";    
    echo "fclient: ".$fclient."<BR>";    
    echo "newfstatus: ".$newfstatus."<BR>";*/    
    //set the date of agreement        
    $timestamp date('l jS \of F Y h:i:s A');    
    //get the DB connection variables        
    include("../../../includes/config.php");
    //connect to DB        
    $connection = @mysql_connect($db_address,$db_username,$db_password) or die("Couldn't CONNECT.");        
    $db = @mysql_select_db($db_name$connection) or die("Couldn't select FILMS DATABASE.");    
    // All appears well, so enter into database                
    $query"UPDATE news SET news_status = '$newnstatus' WHERE news_id='$id'";

    $result mysql_query($query) or die("could not execute query - Update FILMS Record to DB");    
    //setup an email to the Admin @ hof, w/o attachment            
    $emailto="xx@xxx.co.uk";        
    $emailfrom="no-reply@xxxx.co.uk";        
    $emailsubject="xx Record Updated";        
    $emailmessage="Hello Registrar\n\n";        
    $emailmessage.="News ID: ".$id."\n";        
    $emailmessage.="Updated on: ".$timestamp."\n\n";        
    $emailmessage.="Status was: ".$nstatus."\n";        
    $emailmessage.="Status now: ".$newfnstatus."\n";        
    $emailmessage.="Thank you,\n\n";        
    $emailmessage.="Web Site ROBOT\n";        
    $emailmessage.="(Administrator)\n";        
    $emailmessage.="xxx.co.uk | xxx.biz\n";        
    $emailmessage.="----------------------------------------------\n";        
    $emailmessage.="e. http://www.xxx.co.uk/contact.php\n";        
    $emailmessage.="w. http://www.xxx.co.uk\n";        
    $emailheader="From: xxx.co.uk<$emailfrom>";
    $emailheader  .= 'Cc: xxx@xxx.co.uk'."\r\n";
    $emailheader  .= 'Bcc: xxx@xxxxx.co.uk'."\r\n";        
    $ok=mail($emailto,$emailsubject,$emailmessage,$emailheader);        
    mysql_close($connection);            
    if (
    $ok)
     {        
     
    header("Location: list.php");
     
    /* Redirect browser */        
     
    exit;    
     } else {        
     
    $errmsg="There was a problem, please try later or telephone us direct.";        
     
    $errsta="1";        
     include(
    "edit_error.html");        
     
    //echo "<p>Mail could not be sent. Sorry!</p>";        
     
    exit;    
     }        
     
    ?>
    Parsed in 0.319 seconds, using GeSHi 1.0.8.4

  9. #9
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,496
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Quote Originally Posted by macaela View Post
    Anyone any idead where i am going wrong with this code that is not updating??

    Weren't we already talking about that? Did you read my post? Did you try to modify your code?
    If you don't understand what I tried to explain, just say so, instead of ignoring my post and repost your question and code again.

  10. #10
    SitePoint Addict
    Join Date
    Apr 2010
    Posts
    390
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by guido2004 View Post

    Weren't we already talking about that? Did you read my post? Did you try to modify your code?
    If you don't understand what I tried to explain, just say so, instead of ignoring my post and repost your question and code again.
    Hi sorry i dont think i had refreshed this page but the time i send my last post i didnt see your last post.
    ok i have modified like you sugested me but still didnt work
    this how have done.

    PHP Code:
    <?php
    /*    echo "fstatus: ".$fstatus."<BR>";    
    echo "id: ".$id."<BR>";    
    echo "fclient: ".$fclient."<BR>";    
    echo "newfstatus: ".$newfstatus."<BR>";*/    
    //set the date of agreement        
    $id '';
    if (isset(
    $_POST['id'])) $id $_POST['id'];  
    $timestamp date('l jS \of F Y h:i:s A');    
    //get the DB connection variables        
    include("../../../includes/config.php");    
    //connect to DB        
    $connection = @mysql_connect($db_address,$db_username,$db_password) or die("Couldn't CONNECT.");        
    $db = @mysql_select_db($db_name$connection) or die("Couldn't select FILMS DATABASE.");    
    // All appears well, so enter into database                
    $id '';
    $query"UPDATE news SET news_status = '$newnstatus' WHERE news_id='" mysql_real_escape_string($id) . "'";  
    $result mysql_query($query) or die("could not execute query - Update FILMS Record to DB");    
    //setup an email to the Admin @ hof, w/o attachment            
    $emailto="xxxx@xxxx.co.uk";        
    $emailfrom="no-reply@xxxx.co.uk";        
    $emailsubject="xxxxxRecord Updated";        
    $emailmessage="Hello Registrar\n\n";        
    $emailmessage.="News ID: ".$id."\n";        
    $emailmessage.="Updated on: ".$timestamp."\n\n";        
    $emailmessage.="Status was: ".$nstatus."\n";        
    $emailmessage.="Status now: ".$newfnstatus."\n";        
    $emailmessage.="Thank you,\n\n";        
    $emailmessage.="Web Site ROBOT\n";        
    $emailmessage.="(Administrator)\n";        
    $emailmessage.="xxxx.co.uk | xxxx.biz\n";        
    $emailmessage.="----------------------------------------------\n";        
    $emailmessage.="e. http://www.xxxx.co.uk/contact.php\n";        
    $emailmessage.="w. http://www.xxxxx.co.uk\n";        
    $emailheader="From: xxxxx.co.uk<$emailfrom>";
    $emailheader  .= 'Cc: xxx@xxxx.co.uk'."\r\n";
    $emailheader  .= 'Bcc: xxxx@xxxx.co.uk'."\r\n";        
    $ok=mail($emailto,$emailsubject,$emailmessage,$emailheader);        
    mysql_close($connection);            
    if (
    $ok)
     {        
     
    header("Location: list.php"); 
     
    /* Redirect browser */        
     
    exit;    
     } else {        
     
    $errmsg="There was a problem, please try later or telephone us direct.";        
     
    $errsta="1";        
     include(
    "edit_error.html");        
     
    //echo "<p>Mail could not be sent. Sorry!</p>";        
     
    exit;    
     }        
     
    ?>

  11. #11
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,496
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    You have to do this with all the variables you use in your script and that should contain a value that comes from the form.
    Not just $id, all of them. I took $id as an example.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •