einthetheory Posted March 21, 2018 Share Posted March 21, 2018 I'm working with the last chapter in book trying to put it all together but, the edit quotes.php and delete quotes.php, gives me this error below. "This page has been accessed in error." I made sure that I'm logged in using the me@example.com and testpass password and even checked my scripts with yours I think everything lined up. Can you please help? Edit_quotes.php Script <?php // Script 13.9 - edit_quote.php/* This script edits a quote. */ // Define a page title and include the header:define('TITLE', 'Edit a Quote');include('templates/header.html'); print '<h2>Edit a Quotation</h2>'; // Restrict access to administators only:if (!is_administrator()) { print '<h2>Access Denied!</h2><p class="error">You do not have permission to access this page.</p>'; include('templates/footer.html'); exit();} // Need the database connection:include('../mysqli_connect.php'); if (isset($_GET['id']) && is_numeric($_GET['id']) && ($_GET['id'] > 0) ) { // Display the entry in a form: // Define the query. $query = "SELECT quote, source, favorite FROM quotes WHERE id={$_GET['id']}"; if ($result = mysqli_query($dbc, $query)) { // Run the query. $row = mysqli_fetch_array($result); // Retrieve the information. // Make the form: print '<form action="edit_quote.php" method="post"> <p><label>Quote <textarea name="quote" rows="5" cols="30">' . htmlentities($row['quote']) . '</textarea></label></p> <p><label>Source <input type="text" name="source"value="' . htmlentities($row['source']) . '"></label></p> <p><label>Is this a favorite? <input type="checkbox" name="favorite" value="yes"'; // Check the box if it is a favorite: if ($row['favorite'] == 1) { print ' checked="checked"'; } // Complete the form: print '></label></p> <input type="hidden" name="id" value="' . $_GET['id'] . '"> <p><input type="submit" name="submit" value="Update This Quote!"></p> </form>'; } else { // Couldn't get the information. print '<p class="error">Could not retrieve the quotation because:<br>' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>'; } } elseif (isset($_POST['id']) && is_numeric($_POST['id']) && ($_POST['id'] > 0)) { // Handle the form. // Validate and secure the form data: $problem = FALSE; if ( !empty($_POST['quote']) && !empty($_POST['source']) ) { // Prepare the values for storing: $quote = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['quote']))); $source = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['source']))); // Create the "favorite" value: if (isset($_POST['favorite'])) { $favorite = 1; } else { $favorite = 0; } } else { print '<p class="error">Please submit both a quotation and a source.</p>'; $problem = TRUE; } if (!$problem) { // Define the query. $query = "UPDATE quotes SET quote='$quote', source='$source', favorite=$favorite WHERE id={$_POST['id']}"; if ($result = mysqli_query($dbc, $query)) { print '<p>The quotation has been updated.</p>'; } else { print '<p class="error">Could not update the quotation because:<br>' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>'; } } // No problem! } else { // No ID set. print '<p class="error">This page has been accessed in error.</p>';} // End of main IF. mysqli_close($dbc); // Close the connection. include('templates/footer.html'); // Include the footer.?> Delete_quotes.php Script <?php // Script 13.10 - delete_quote.php/* This script deletes a quote. */ // Define a page title and include the header:define('TITLE', 'Delete a Quote');include('templates/header.html'); print '<h2>Delete a Quotation</h2>'; // Restrict access to administrators only:if (!is_administrator()) { print '<h2>Access Denied!</h2><p class="error">You do not have permission to access this page.</p>'; include('templates/footer.html'); exit();} // Need the database connection:include('../mysqli_connect.php'); if (isset($_GET['id']) && is_numeric($_GET['id']) && ($_GET['id'] > 0) ) { // Display the quote in a form: // Define the query: $query = "SELECT quote, source, favorite FROM quotes WHERE id={$_GET['id']}"; if ($result = mysqli_query($dbc, $query)) { // Run the query. $row = mysqli_fetch_array($result); // Retrieve the information. // Make the form: print '<form action="delete_quote.php" method="post"> <p>Are you sure you want to delete this quote?</p> <div><blockquote>' . $row['quote'] . '</blockquote>- ' . $row['source']; // Is this a favorite? if ($row['favorite'] == 1) { print ' <strong>Favorite!</strong>'; } print '</div><br><input type="hidden" name="id" value="' . $_GET['id'] . '"> <p><input type="submit" name="submit" value="Delete this Quote!"></p> </form>'; } else { // Couldn't get the information. print '<p class="error">Could not retrieve the quote because:<br>' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>'; } } elseif (isset($_POST['id']) && is_numeric($_POST['id']) && ($_POST['id'] > 0) ) { // Handle the form. // Define the query: $query = "DELETE FROM quotes WHERE id={$_POST['id']} LIMIT 1"; $result = mysqli_query($dbc, $query); // Execute the query. // Report on the result: if (mysqli_affected_rows($dbc) == 1) { print '<p>The quote entry has been deleted.</p>'; } else { print '<p class="error">Could not delete the blog entry because:<br>' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>'; } } else { // No ID received. print '<p class="error">This page has been accessed in error.</p>';} // End of main IF. mysqli_close($dbc); // Close the connection. include('templates/footer.html');?> Link to comment Share on other sites More sharing options...
Larry Posted March 31, 2018 Share Posted March 31, 2018 Okay, if you're getting that error it means no ID was set or received. I assume you're seeing this on the first access of the page? If so, then you're presumably not properly passing the ID in the URL. Check what the URL is, making sure it says ?id=X, where X is a number. Link to comment Share on other sites More sharing options...
possowski Posted October 11, 2018 Share Posted October 11, 2018 Larry, I have a similar issue (I tripled check the code and it is correct). when I choose a quote from the "View All Quotes" site I get a correct load, id is displayed in the URL and I can edit. However, when I click "Update this quote!" I get the access error message. I can send the code if you need it, but what else should I check? Link to comment Share on other sites More sharing options...
possowski Posted October 12, 2018 Share Posted October 12, 2018 fixed!! the issue was using word wrap I misread one of the lines (49) and had a replicated piece of code (is_numeric was repeated) so after removing the second one it worked fine. Link to comment Share on other sites More sharing options...
Larry Posted October 12, 2018 Share Posted October 12, 2018 Ah, excellent! Kudos for figuring it out and apologies for any confusion! Link to comment Share on other sites More sharing options...
possowski Posted October 12, 2018 Share Posted October 12, 2018 no confusion, this last chapter reinforced the need to sometimes WALK AWAY and take a break. Now that this is complete, it is time to get started on PHP and MySQL. Link to comment Share on other sites More sharing options...
Larry Posted October 12, 2018 Share Posted October 12, 2018 Yes, yes: walking away and taking a break is the most reliable debugging technique for complex problems! Link to comment Share on other sites More sharing options...
kravmaguy Posted November 2, 2018 Share Posted November 2, 2018 On 3/20/2018 at 10:48 PM, einthetheory said: I'm working with the last chapter in book trying to put it all together but, the edit quotes.php and delete quotes.php, gives me this error below. "This page has been accessed in error." I made sure that I'm logged in using the me@example.com and testpass password and even checked my scripts with yours I think everything lined up. Can you please help? Edit_quotes.php Script <?php // Script 13.9 - edit_quote.php /* This script edits a quote. */ // Define a page title and include the header: define('TITLE', 'Edit a Quote'); include('templates/header.html'); print '<h2>Edit a Quotation</h2>'; // Restrict access to administators only: if (!is_administrator()) { print '<h2>Access Denied!</h2><p class="error">You do not have permission to access this page.</p>'; include('templates/footer.html'); exit(); } // Need the database connection: include('../mysqli_connect.php'); if (isset($_GET['id']) && is_numeric($_GET['id']) && ($_GET['id'] > 0) ) { // Display the entry in a form: // Define the query. $query = "SELECT quote, source, favorite FROM quotes WHERE id={$_GET['id']}"; if ($result = mysqli_query($dbc, $query)) { // Run the query. $row = mysqli_fetch_array($result); // Retrieve the information. // Make the form: print '<form action="edit_quote.php" method="post"> <p><label>Quote <textarea name="quote" rows="5" cols="30">' . htmlentities($row['quote']) . '</textarea></label></p> <p><label>Source <input type="text" name="source"value="' . htmlentities($row['source']) . '"></label></p> <p><label>Is this a favorite? <input type="checkbox" name="favorite" value="yes"'; // Check the box if it is a favorite: if ($row['favorite'] == 1) { print ' checked="checked"'; } // Complete the form: print '></label></p> <input type="hidden" name="id" value="' . $_GET['id'] . '"> <p><input type="submit" name="submit" value="Update This Quote!"></p> </form>'; } else { // Couldn't get the information. print '<p class="error">Could not retrieve the quotation because:<br>' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>'; } } elseif (isset($_POST['id']) && is_numeric($_POST['id']) && ($_POST['id'] > 0)) { // Handle the form. // Validate and secure the form data: $problem = FALSE; if ( !empty($_POST['quote']) && !empty($_POST['source']) ) { // Prepare the values for storing: $quote = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['quote']))); $source = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['source']))); // Create the "favorite" value: if (isset($_POST['favorite'])) { $favorite = 1; } else { $favorite = 0; } } else { print '<p class="error">Please submit both a quotation and a source.</p>'; $problem = TRUE; } if (!$problem) { // Define the query. $query = "UPDATE quotes SET quote='$quote', source='$source', favorite=$favorite WHERE id={$_POST['id']}"; if ($result = mysqli_query($dbc, $query)) { print '<p>The quotation has been updated.</p>'; } else { print '<p class="error">Could not update the quotation because:<br>' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>'; } } // No problem! } else { // No ID set. print '<p class="error">This page has been accessed in error.</p>'; } // End of main IF. mysqli_close($dbc); // Close the connection. include('templates/footer.html'); // Include the footer. ?> Delete_quotes.php Script <?php // Script 13.10 - delete_quote.php /* This script deletes a quote. */ // Define a page title and include the header: define('TITLE', 'Delete a Quote'); include('templates/header.html'); print '<h2>Delete a Quotation</h2>'; // Restrict access to administrators only: if (!is_administrator()) { print '<h2>Access Denied!</h2><p class="error">You do not have permission to access this page.</p>'; include('templates/footer.html'); exit(); } // Need the database connection: include('../mysqli_connect.php'); if (isset($_GET['id']) && is_numeric($_GET['id']) && ($_GET['id'] > 0) ) { // Display the quote in a form: // Define the query: $query = "SELECT quote, source, favorite FROM quotes WHERE id={$_GET['id']}"; if ($result = mysqli_query($dbc, $query)) { // Run the query. $row = mysqli_fetch_array($result); // Retrieve the information. // Make the form: print '<form action="delete_quote.php" method="post"> <p>Are you sure you want to delete this quote?</p> <div><blockquote>' . $row['quote'] . '</blockquote>- ' . $row['source']; // Is this a favorite? if ($row['favorite'] == 1) { print ' <strong>Favorite!</strong>'; } print '</div><br><input type="hidden" name="id" value="' . $_GET['id'] . '"> <p><input type="submit" name="submit" value="Delete this Quote!"></p> </form>'; } else { // Couldn't get the information. print '<p class="error">Could not retrieve the quote because:<br>' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>'; } } elseif (isset($_POST['id']) && is_numeric($_POST['id']) && ($_POST['id'] > 0) ) { // Handle the form. // Define the query: $query = "DELETE FROM quotes WHERE id={$_POST['id']} LIMIT 1"; $result = mysqli_query($dbc, $query); // Execute the query. // Report on the result: if (mysqli_affected_rows($dbc) == 1) { print '<p>The quote entry has been deleted.</p>'; } else { print '<p class="error">Could not delete the blog entry because:<br>' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>'; } } else { // No ID received. print '<p class="error">This page has been accessed in error.</p>'; } // End of main IF. mysqli_close($dbc); // Close the connection. include('templates/footer.html'); ?> I reformatted OP's code so its easier for everyone else to read On 3/20/2018 at 10:48 PM, einthetheory said: Link to comment Share on other sites More sharing options...
Larry Posted November 3, 2018 Share Posted November 3, 2018 Working backwards, that error should be given when the page does not receive a numeric ID passed in the URL. I'd check for that first. Link to comment Share on other sites More sharing options...
Recommended Posts