Posting data into MySql

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
lauberge
Forum Newbie
Posts: 2
Joined: Tue Jan 09, 2007 5:17 pm

Posting data into MySql

Post by lauberge »

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Hi,

Can anyone tell me why the following 'gets' the data fine from the database but wont post back in when clicking on the submit within the form (named as 'save'):

Code: Select all

<?php
require("inc/conn.php");
if(! isset($_COOKIE['admin'] )) {
header("Location: admin.php");
}
if(isset($_POST['save'])) {
$itemTitle = $_POST['itemTitle'];
$content = $_POST['content'];
$category = $_POST['category'];
$link = $_POST['link'];
if(isset($_POST['itemID'])) {
$itemID = $_POST['itemID'];
$sql = "UPDATE items SET itemTitle = '" . $itemTitle . "', content = '" . $content . "', category = '" . $category . "', link = '" . $link. "' WHERE itemID = " . $itemID;
if ($result = mysql_query($sql)) {
header("Location: controlpanel.php");
}
}

}
if(isset($_GET['itemID']) ) {
$itemID = $_GET['itemID'];
$sql = "SELECT * FROM items WHERE itemID = " . $_GET['itemID'];
if ($result = mysql_query($sql)) {
$row = mysql_fetch_array($result);
$itemTitle = $row['itemTitle'];
$content = $row['content'];
$category = $row['category'];
$link = $row['link'];

}
}else{
$name = 'new item';
}
?>

Cheers for the help.


feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
User avatar
aaronhall
DevNet Resident
Posts: 1040
Joined: Tue Aug 13, 2002 5:10 pm
Location: Back in Phoenix, missing the microbrews
Contact:

Post by aaronhall »

Read the posting guidelines...

Never place $_GET or $_POST values directly into queries -- it leaves you open to MySQL injection attacks. Run each through mysql_real_escape_string() first.

Check the values of $_POST['save'] and $_POST['itemID'] -- it's likely that one or both of these isn't being set.
lauberge
Forum Newbie
Posts: 2
Joined: Tue Jan 09, 2007 5:17 pm

Post by lauberge »

Hi,

Thanks for the reply, this will probably sound daft but how do check the values of $_POST['save'] and $_POST['itemID']?

Cheers,
jonathant
Forum Commoner
Posts: 32
Joined: Sat Jan 07, 2006 3:13 pm

Post by jonathant »

When debugging, like in this situation, I like to do something like this:

Code: Select all

<?php 
echo "POST DATA<br>";
print_f($_POST);
echo "GET DATA<br>";
print_f($_GET);
?>
impulse()
Forum Regular
Posts: 748
Joined: Wed Aug 09, 2006 8:36 am
Location: Staffordshire, UK
Contact:

Post by impulse() »

lauberge wrote:Hi,

Thanks for the reply, this will probably sound daft but how do check the values of $_POST['save'] and $_POST['itemID']?

Cheers,

Code: Select all

echo $_POST['save'], $_POST['itemID'];
Post Reply