Page 1 of 1

while function repeat problem

Posted: Thu Jun 28, 2007 7:04 am
by devanmagelan
feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


I have made a couple of php files to allow users on a site to update a timetable of events stored in a mysql database. 

The users choose a value for "$tabtam" (a value named "actpermno" on the original html form not included here), this being the number of activities to appear in the timetable. Then the "while" function is used to generate the correct number of textarea inputs (in the first php file for user entry), and also the number of entries to be made to the mysql database (in the consequent php file), according to "$tabtam".

The problem is that the second file has been inputting one too few entries (i.e. set of 'fecha' and 'actividad') into mysql, even though the first file has been producing the correct number of tables for entry into the second file.

Confusion is compounded by the fact that the files sometimes appears to work as desired, though mysteriously othertimes not, without any change in the code. It has not been working correctly the last couple of times.

Any ideas?

Very many thanks,
Matt

PS. This is for a Spanish website, the client-facing content as well as some variables are in spanish.

activperminput.php:

Code: Select all

<?php
$tabtam1 = $_POST["actpermno"];
$num = 1;

print "Cambio de detalles de actividades permanentes en el
Ecolocal.</br> Por favor rellena las cajas como quieres que se vean en la pagina</br>
y pulsa \"Vale\".</br></br>
<form action=\"actualizaractiv1.php?var1=$tabtam1\" method=\"post\">";

while ( $num <=$tabtam1 )
{
print "Fecha" . $num . ":</br><textarea rows=\"6\" name=\"fecha" . $num . "\"></textarea></br>
Actividad" . $num . ":</br><textarea rows=\"6\" cols=\"60\"
name=\"actividad" . $num . "\"></textarea> </br></br>";
$num++;
}

print "<input type=\"submit\" value=\"Vale\"></form>";

?>

actualizaractiv1.php:

Code: Select all

<?php
mysql_connect("rdbms.strato.de", "code", "pass") or die(mysql_error()); 
mysql_select_db("DB289204") or die(mysql_error()); 

$var1 = $_GET["var1"];  

$tabtam = $var1;
$num = 1;

mysql_query("DELETE FROM ActividadesPerm");

while ( $num <=$tabtam )
{
$fecha["$num"] = $_POST["fecha$num"];
$actividad["$num"] = $_POST["actividad$num"];
mysql_query("INSERT INTO `ActividadesPerm` VALUES ('$fecha[$num]', '$actividad[$num]')");
$num++;
}

print "Los detalles de Actividades Permanentes yá se han actualizado.</br>
Para regresar a la pagina de actividades para ver el resultado, pulsa
<a href=\"http://www.ecolocal.es/Actividades.html\">aquí</a>.";

$data = mysql_query("SELECT * FROM ActividadesPerm")
or die(mysql_error());

Print "</br></br><table border cellpadding=3>"; 
while ($info = mysql_fetch_array( $data )) 
{
print "<td>";
print "<th>Fecha:</th> <td>" . $info['fecha'] . "</td>";
print "<th>Actividad:</th> <td>" . $info['actividad'] . "
</td></tr>";
}
Print "</table>";

?>

feyd | Please use

Code: Select all

,

Code: Select all

and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]

Posted: Thu Jun 28, 2007 7:35 am
by idevlin
First of all you are performing no safety checks on user input before inserting them into the database. This is very bad, so I suggest you perform some validity checks on the data.

Secondly, in actualizaractiv1.php, what does "var1" actually contain?

cheers

Posted: Fri Jun 29, 2007 6:22 am
by devanmagelan
Hi there.

Sorry for improper post presentation. Thanks for fixing.

Firstly, do you have any good links to information on the significance and coding application of safety checks?

Secondly, "$var1" is just "$tabtam" as transmitted from one page to the next via the URL which can be seen in activterminput.php.
I realise that there are some bizarre and likely confusing comparison variable attributions and re-attributions. The reason for this is that I'm a total newbie and the files you see are a patchwork combination of example files from elsewhere, thus the program design was an evolving process.


Thanks for your response.