Problem with altering MySQL Data by form output

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
dino1510
Forum Newbie
Posts: 2
Joined: Fri Aug 05, 2005 8:02 am
Location: Bochum

Problem with altering MySQL Data by form output

Post by dino1510 »

Hello, I'm Dino and I have a problem with the following php-script. By
putting out MySQL Data into a form, a user should be able to alter the text
in it and save it to the database. There was a problem with the html
-entities that I nearly solved, but while changing the text in the form and
entering quotationmarks, now there aren't made anymore changes.
Quotationmarks do not seem to be accepted by this script and I don't
know why. I would be very thankful to anyone who can give me a hint!


regards, Dino

Script 1: Making changes in the form

Code: Select all

<?php
/*
* Newsbeitrag ändern:
*/
//$auswahl=$HTTP_POST_VARS['auswahl'];
$auswahl=htmlentities($auswahl);
//$auswahl=htmlspecialchars($auswahl);
if ($auswahl)
{

   $db = mysql_connect("localhost", "root", "")
      or die("Verbindung zum Datenbankserver fehlgeschlagen!");
   $sqlab = "SELECT * FROM newseintrag WHERE `headline`='$auswahl'";
   $res=mysql_db_query("news", $sqlab)
   or die("Fehler bei der Datenbankabfrage!"); 
      
   
   $altheadl = mysql_result($res, 0, "headline");
   $alttxt = mysql_result($res, 0, "text");
   
       
   echo "<form action='aendern3.php' method='post' onSubmit='return Form1_Validator(this)' language='JavaScript' name='Form1'>";
   echo "<table cellspacing='2' cellpadding='0'>";

   // Überschrift
   echo "<tr><td align='left' class='headline'>&nbsp;&Uuml;berschrift:</td>";
   echo "<td align='center' class='headline'>Newstext:</td></tr>";
            // Tabellenzeile mit -zellen
   echo "<tr><input type='hidden' name='origheadl' value='$auswahl'>";
   echo " <td class='angebot' valign='top' align='left'><input type='text' name='neuheadl' value='$altheadl' size='35'></td>";
   echo "<td class='angebot' valign='top'><textarea cols='40' rows='4' name='neutxt'>$alttxt</textarea></td></tr>";
   echo "</table>";
   echo "<input type='submit' value='&Auml;ndern'>&nbsp;";
   echo "<input type='reset' value='Reset'>";
   echo "</form>";
 
   mysql_close($db);
}

else {
   print ("<p>Es wurde kein Datensatz ausgewählt, oder es<br>sind keine weiteren Beitr&auml;ge vorhanden.</p>");
   print ("<a href='aendern1.php'>Zur&uuml;ck und Beitrag ausw&auml;hlen!</a>");
   }

?>
Script 2: Saving Changes in the Database

Code: Select all

<?php
//$origheadline=$HTTP_POST_VARS['$origheadl'];
//$neuheadl=$HTTP_POST_VARS['$neuheadl'];
//$neutxt=$HTTP_POST_VARS['neutxt'];
//$origheadl=htmlspecialchars ($origheadl);
//$neuheadl=htmlspecialchars ($neuheadl);
//$neutxt=htmlspecialchars ($neutxt);
$origheadl=htmlentities ($origheadl);
$neuheadl=htmlentities ($neuheadl);
$neutxt=htmlentities ($neutxt);

$db = mysql_connect("localhost", "root", "")
      or die("Verbindung zum Datenbankserver fehlgeschlagen!");
$sql = "UPDATE `newseintrag` SET `headline` ='$neuheadl', `text` = '$neutxt' WHERE `headline` = '$origheadl'";

$res = mysql_db_query("news", $sql, $db) or die("Fehler bei der Datenbankabfrage");

if($res=true){ echo "Verbindung zur Datenbank hergestellt:<p>"; }





$num = mysql_affected_rows();

if ($num>0)
echo "<p><b>Der Beitrag wurde ge&auml;ndert!<p><a href='aendern1.php'>Weiteren Beitrag &auml;ndern!</a></b><p>";

else {
print ("<p><b>Es wurden keine &Auml;nderungen vorgenommen!</b></p>");
print ("<a href='aendern1.php'>Zur&uuml;ck zur Auswahl!</a>");
}

mysql_close($db);
 


?>
[/b]
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

By default, if you don't define a second parameter, htmlentities will only convert double quotes.

To convert single & double quotes use ENT_QUOTES as a second parameter

Code: Select all

htmlentities($data,ENT_QUOTES)
dino1510
Forum Newbie
Posts: 2
Joined: Fri Aug 05, 2005 8:02 am
Location: Bochum

Post by dino1510 »

Thank you,
I've never read anything about that specific kind in my books. I will try it
at once.
Post Reply