Page 1 of 1

Editing MySQL Data problems

Posted: Sun Jan 28, 2007 10:26 pm
by tail
I've been working on this code for the content management system of my site.

Code: Select all

<?php
include("admins.php");
$time = date("g:ia");
$date = date("l, F j, Y");
$user = $_POST["user"];
$pass = $_POST["pass"];
$action = $_POST["action"];
$db_user="**";
$db_pass="**";
$db_host="**";
$db="**";
$auth = "<br><br><center><h2>Error!</h2><br>You are not authorized to view this page. You must <a href='index.php?id=admin&page=login'>login</a> first.</center>";

if (!$_POST["user"] || $_POST["user"] == "") {
echo $auth;
} elseif ($admins[$_POST["user"]] == $_POST["pass"] && $action == "") {
echo '<br><br><center><h2>News</h2>';
echo 'What would you like to do?<br><br>';
echo '<table align="center"><tr><td>';
echo '<form action="index.php">';
echo '<input type="submit" value="View News" class="input2" />';
echo '</form></td>';
echo '<td><form action="index.php?id=admin&page=news" method="post">';
echo '<input type="hidden" name="user" value="';
echo $user;
echo '" />';
echo '<input type="hidden" name="pass" value="';
echo $pass;
echo '" />';
echo '<input type="hidden" name="action" value="add" />';
echo '<input type="submit" value="Add News" class="input2" />';
echo '</form></td>';
echo '<td><form action="index.php?id=admin&page=news" method="post">';
echo '<input type="hidden" name="user" value="';
echo $user;
echo '" />';
echo '<input type="hidden" name="pass" value="';
echo $pass;
echo '" />';
echo '<input type="hidden" name="action" value="edit" />';
echo '<input type="submit" value="Edit News" class="input2" />';
echo '</form></td>';
echo '<td><form action="index.php?id=admin&page=news" method="post">';
echo '<input type="hidden" name="user" value="';
echo $user;
echo '" />';
echo '<input type="hidden" name="pass" value="';
echo $pass;
echo '" />';
echo '<input type="hidden" name="action" value="delete" />';
echo '<input type="submit" value="Delete News" class="input2" />';
echo '</form></td></tr></table></center>';
} elseif ($admins[$_POST["user"]] == $_POST["pass"] && $action == "add") {
echo "<br><br><center><h2>Add News</h2><br>";
echo '<form action="index.php?id=admin&page=news" method="post">
Title: <input type="text" name="title" class="input" /><br>
Body:<br> <textarea name="body" class="input" cols="30" rows="10">Put news in here</textarea><br>';
echo '<input type="hidden" name="user" value="';
echo $user;
echo '" />';
echo '<input type="hidden" name="pass" value="';
echo $pass;
echo '" />';
echo '<input type="hidden" name="action" value="addit" />';
echo '<input type="submit" value="Post News" class="input" /></form>';
echo '</center>';
} elseif ($admins[$_POST["user"]] == $_POST["pass"] && $action == "addit") {
mysql_connect($db_host,$db_user,$db_pass);
@mysql_select_db($db) or die( "Unable to select database");
$query = "INSERT INTO news VALUES ('','$title','$body','$time','$date','$user')";
mysql_query($query);
mysql_close();
echo '<center><br><br><h2>Success!</h2><br>Your news has been added successfully!<br><a href="index.php">Go home</a></center>';
} elseif ($admins[$_POST["user"]] == $_POST["pass"] && $action == "edit") {
echo "<br><br><center><h2>Edit News</h2><br>";

mysql_connect($db_host,$db_user,$db_pass);
@mysql_select_db($db) or die( "Unable to select database");
$query="SELECT * FROM news order by id desc";
$result=mysql_query($query);

$num=mysql_numrows($result);

mysql_close();

$i=0;
while ($i < $num) {

$id=mysql_result($result,$i,"id");
$title=mysql_result($result,$i,"title");
$body=mysql_result($result,$i,"newsbody");
$time=mysql_result($result,$i,"time");
$date=mysql_result($result,$i,"date");
$user=mysql_result($result,$i,"username");
echo '<table align="center" style="width:350px"><tr><td><span class="shouth"><b>Subject:</b> ';
echo $title;
echo '</span></td></tr><tr><td><span class="shout">';
echo $body;
echo '</span></td></tr><tr><td><span class="shouth">Posted by <b>';
echo $user;
echo '</b> on ';
echo $date;
echo ' at ';
echo $time;
echo '</span></td></tr><tr><td>';
echo '<form action="index.php?id=admin&page=news&newsid=';
echo $id;
echo '" method="post">';
echo '<input type="hidden" name="user" value="';
echo $user;
echo '" />';
echo '<input type="hidden" name="pass" value="';
echo $pass;
echo '" />';
echo '<input type="hidden" name="action" value="editit" />';
echo '<input type="submit" value="Edit News" class="input2" />';
echo '</form>';
echo '</td></tr></table><br><br>';
$i++;
}
} elseif ($admins[$_POST["user"]] == $_POST["pass"] && $action == "editit") {
echo '<center><br><br><h2>Edit News</h2>';
$id=$_GET['newsid'];

mysql_connect($db_host,$db_user,$db_pass);

$result=mysql_query("SELECT * FROM news WHERE id='$id'");
$num=mysql_num_rows($result);
mysql_close();

$i=0;
while ($i < $num) {
$title2=mysql_result($result,$i,"first");
$newsbody=mysql_result($result,$i,"last");

echo '<form action="index.php?id=pages&page=news" method="post">
<input type="hidden" name="ud_id" value="';
echo $id;
echo '">Title: <input type="text" name="title" class="input" value="';
echo $title2;
echo ' /><br>Body:<br> <textarea name="body" class="input" cols="30" rows="10">';
echo $newsbody;
echo '</textarea><br>';
echo '<input type="hidden" name="user" value="';
echo $user;
echo '" />';
echo '<input type="hidden" name="pass" value="';
echo $pass;
echo '" />';
echo '<input type="hidden" name="action" value="edit_it" />';
echo '<input type="submit" value="Edit News" class="input" /></form>';
echo '</center>';
++$i;
}
} else {
echo $auth;
}
?>
I get this error:
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/jamper5.coconia.net/php/admin/news.php on line 128

Which is this line:

Code: Select all

$num=mysql_num_rows($result);
I don't understand why I am recieving this error and if someone could help me I'd very much appreciate it. Sorry, I'm new to PHP and the code is a little messy.

Posted: Sun Jan 28, 2007 10:41 pm
by superdezign
mysql_connect($db_host,$db_user,$db_pass);

$result=mysql_query("SELECT * FROM news WHERE id='$id'");
$num=mysql_num_rows($result);
mysql_close();
I'm sure "Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/www/jamper5.coconia.net/php/admin/news.php on line 128" means that you're passing an invalid result resource. So, that'd mean you're query result isn't valid.

Did you forget to call mysql_select_db()?

Posted: Sun Jan 28, 2007 11:22 pm
by tail
Yeah that was the problem. Silly mistake. Too late here, need to get to bed. Thanks.

Posted: Sun Jan 28, 2007 11:30 pm
by superdezign
No problem. In the future, maybe you could limit your code to one call and use the handles instead of reconnecting and reselecting over and over again. Then again, your method ensures the database can only be edited when you call on it to be.

Whichever you prefer I guess.