Jump to content
Larry Ullman's Book Forums

Recommended Posts

I'm working with the last chapter in book trying to put it all together but, the edit quotes.php and delete quotes.php, gives me this error below.

"This page has been accessed in error."  

 

I made sure that I'm logged in using the me@example.com and testpass password and even checked my scripts with yours I think everything lined up. Can you please help?

 

Edit_quotes.php Script 

 

 

<?php // Script 13.9 - edit_quote.php
/* This script edits a quote. */
// Define a page title and include the header:
define('TITLE', 'Edit a Quote');
include('templates/header.html');
print '<h2>Edit a Quotation</h2>';
// Restrict access to administators only:
if (!is_administrator()) {
 print '<h2>Access Denied!</h2><p class="error">You do not have permission to access this page.</p>';
 include('templates/footer.html');
 exit();
}
// Need the database connection:
include('../mysqli_connect.php');
if (isset($_GET['id']) && is_numeric($_GET['id']) && ($_GET['id'] > 0) ) { // Display the entry in a form:
 // Define the query.
 $query = "SELECT quote, source, favorite FROM quotes WHERE id={$_GET['id']}";
 if ($result = mysqli_query($dbc, $query)) { // Run the query.
 $row = mysqli_fetch_array($result); // Retrieve the information.
 
  // Make the form:
  print '<form action="edit_quote.php" method="post">
   <p><label>Quote <textarea name="quote" rows="5" cols="30">' . htmlentities($row['quote']) . '</textarea></label></p>
   <p><label>Source <input type="text" name="source"value="' . htmlentities($row['source']) . '"></label></p>
   <p><label>Is this a favorite? <input type="checkbox" name="favorite" value="yes"';
  // Check the box if it is a favorite:
  if ($row['favorite'] == 1) {
   print ' checked="checked"';
  }
  // Complete the form:
  print '></label></p>
   <input type="hidden" name="id" value="' . $_GET['id'] . '">
   <p><input type="submit" name="submit" value="Update This Quote!"></p>
 </form>';
 } else { // Couldn't get the information.
  print '<p class="error">Could not retrieve the quotation because:<br>' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>';
 }
} elseif (isset($_POST['id']) && is_numeric($_POST['id']) && ($_POST['id'] > 0)) { // Handle the form.
 // Validate and secure the form data:
 $problem = FALSE;
 if ( !empty($_POST['quote']) && !empty($_POST['source']) ) {
  // Prepare the values for storing:
  $quote = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['quote'])));
  $source = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['source'])));
  // Create the "favorite" value:
  if (isset($_POST['favorite'])) {
   $favorite = 1;
  } else {
   $favorite = 0;
  }
 } else {
  print '<p class="error">Please submit both a quotation and a source.</p>';
  $problem = TRUE;
 }
 if (!$problem) {
  // Define the query.
  $query = "UPDATE quotes SET quote='$quote', source='$source', favorite=$favorite WHERE id={$_POST['id']}";
  if ($result = mysqli_query($dbc, $query)) {
   print '<p>The quotation has been updated.</p>';
  } else {
   print '<p class="error">Could not update the quotation because:<br>' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>';
  }
 } // No problem!
} else { // No ID set.
 print '<p class="error">This page has been accessed in error.</p>';
} // End of main IF.
mysqli_close($dbc); // Close the connection.
include('templates/footer.html'); // Include the footer.
?>

 

Delete_quotes.php Script 

 

 

<?php // Script 13.10 - delete_quote.php
/* This script deletes a quote. */
// Define a page title and include the header:
define('TITLE', 'Delete a Quote');
include('templates/header.html');
print '<h2>Delete a Quotation</h2>';
// Restrict access to administrators only:
if (!is_administrator()) {
 print '<h2>Access Denied!</h2><p class="error">You do not have permission to access this page.</p>';
 include('templates/footer.html');
 exit();
}
// Need the database connection:
include('../mysqli_connect.php');
if (isset($_GET['id']) && is_numeric($_GET['id']) && ($_GET['id'] > 0) ) { // Display the quote in a form:
 // Define the query:
 $query = "SELECT quote, source, favorite FROM quotes WHERE id={$_GET['id']}";
 if ($result = mysqli_query($dbc, $query)) { // Run the query.
  $row = mysqli_fetch_array($result); // Retrieve the information.
  // Make the form:
  print '<form action="delete_quote.php" method="post">
  <p>Are you sure you want to delete this quote?</p>
  <div><blockquote>' . $row['quote'] . '</blockquote>- ' . $row['source'];
  // Is this a favorite?
  if ($row['favorite'] == 1) {
   print ' <strong>Favorite!</strong>';
  }
  print '</div><br><input type="hidden" name="id" value="' . $_GET['id'] . '">
  <p><input type="submit" name="submit" value="Delete this Quote!"></p>
  </form>';
 } else { // Couldn't get the information.
  print '<p class="error">Could not retrieve the quote because:<br>' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>';
 }
} elseif (isset($_POST['id']) && is_numeric($_POST['id']) && ($_POST['id'] > 0) ) { // Handle the form.
 // Define the query:
 $query = "DELETE FROM quotes WHERE id={$_POST['id']} LIMIT 1";
 $result = mysqli_query($dbc, $query); // Execute the query.
 // Report on the result:
 if (mysqli_affected_rows($dbc) == 1) {
  print '<p>The quote entry has been deleted.</p>';
 } else {
  print '<p class="error">Could not delete the blog entry because:<br>' . mysqli_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>';
 }
} else { // No ID received.
 print '<p class="error">This page has been accessed in error.</p>';
} // End of main IF.
mysqli_close($dbc); // Close the connection.
include('templates/footer.html');
?>

 

 

 

Share this post


Link to post
Share on other sites

Okay, if you're getting that error it means no ID was set or received. I assume you're seeing this on the first access of the page? If so, then you're presumably not properly passing the ID in the URL. Check what the URL is, making sure it says ?id=X, where X is a number. 

Share this post


Link to post
Share on other sites

Larry, I have a similar issue (I tripled check the code and it is correct).

edit_a_quote.PNG.db40b8e83d3a294a3fe6cdc5ed438e13.PNG

edit_a_quote_after_submit.PNG.af6b9fac273206caf0060507a61b30d7.PNG

when I choose a quote from the "View All Quotes" site I get a correct load, id is displayed in the URL and I can edit.  However, when I click "Update this quote!" I get the access error message.  I can send the code if you need it, but what else should I check?

 

Share this post


Link to post
Share on other sites

fixed!!  the issue was using word wrap I misread one of the lines (49) and had a replicated piece of code (is_numeric was repeated) so after removing the second one it worked fine.

Share this post


Link to post
Share on other sites

no confusion, this last chapter reinforced the need to sometimes WALK AWAY and take a break.  Now that this is complete, it is time to get started on PHP and MySQL.

Share this post


Link to post
Share on other sites

Yes, yes: walking away and taking a break is the most reliable debugging technique for complex problems!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×