Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.
Moderator: General Moderators
the9ulaire
Forum Commoner
Posts: 74 Joined: Mon Jun 11, 2007 11:31 am
Post
by the9ulaire » Wed Aug 08, 2007 11:06 am
I have a form which includes a date field:
Code: Select all
<input type="text" name="date" maxlength="10" value="<?php echo $date; ?>" />
Inserting a date through my form is no problem. When I use the same form to update information, it'll retrieve the date from the database, but on submit it inserts into the database "0000-00-00".
What do I need to add so that the date can be updated?
Thanks in advance!
Luke
timvw
DevNet Master
Posts: 4897 Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium
Post
by timvw » Wed Aug 08, 2007 12:07 pm
You'll have to show us the code how you're handling the post, and how you're inserting it into the database...
the9ulaire
Forum Commoner
Posts: 74 Joined: Mon Jun 11, 2007 11:31 am
Post
by the9ulaire » Wed Aug 08, 2007 12:23 pm
I'm posting the information to another page:
Code: Select all
case 'Save Changes':
if (isset($_POST['event_name'])
and ($_POST['event_name']) != ''
and isset($_POST['date'])
and ($_POST['date']) != ''
and isset($_POST['location'])
and ($_POST['location']) != ''
and isset($_POST['time'])
and ($_POST['time']) != ''
and isset($_POST['details'])
and ($_POST['details']) != ''
and isset($_POST['event_id']))
{
$event_name = $_POST['event_name'];
$sql = "UPDATE calendar " .
"SET event_name='" . $_POST['event_name'] . "', date=" . $_POST['date'] .
", location='" . $_POST['location'] . "', time='" . $_POST['time'] .
"', details='" . $_POST['details'] . "' WHERE event_id=" . $_POST['event_id'];
mysql_query($sql, $conn)
or die('Could not update page; ' . mysql_error());
redirect('edit_calendar.php?s=yes&event_name=' . $event_name);
}
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Wed Aug 08, 2007 1:11 pm
Look into SQL injection.
Your date field is being updated with math.
the9ulaire
Forum Commoner
Posts: 74 Joined: Mon Jun 11, 2007 11:31 am
Post
by the9ulaire » Wed Aug 08, 2007 2:27 pm
I've read some stuff on SQL Injection and watched a few videos, but I don't understand how I'm supposed to use that for fixing my date field.
feyd
Neighborhood Spidermoddy
Posts: 31559 Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA
Post
by feyd » Wed Aug 08, 2007 3:32 pm
They are separate issues.
the9ulaire
Forum Commoner
Posts: 74 Joined: Mon Jun 11, 2007 11:31 am
Post
by the9ulaire » Wed Aug 08, 2007 3:38 pm
So how can I go about setting it up so that my date field will work?
the9ulaire
Forum Commoner
Posts: 74 Joined: Mon Jun 11, 2007 11:31 am
Post
by the9ulaire » Wed Aug 08, 2007 3:51 pm
Never mind, I finally figured out how to do it.