Jump to content
Larry Ullman's Book Forums

Chapter 13: Edit_Quote.Php, Script 13.9


Recommended Posts

I'm working my way through Chapter 13 and I'm unable to get my edit_quote.php page to work. The error message I'm getting is:

 

This page has been accessed in error.

 

 

I understand that the reason for this is that the script isn't getting a valid ID. I'm just not sure why. Here's my code. I've reviewed it line-by-line a few times, but I'm not seeing the problem:

<?php

define('TITLE', 'Edit a Quote');
include('templates/header.html');

print '<h2>Edit a Quotation</h2>';

//Restrict access to adminsitrators only.
if (!is_administrator()) {
	print '<h2>Acess Denied!</h2>
	<p class="error">You do not have permission to access this page.</p>';
	include('templates/footer.html');
	exit();
}

//Need the database connection.
include('includes/mysql_connect.php');

if (isset($_GET['id']) && is_numeric($_GET['id']) && ($_GET['id'] > 0)) { // Display the entry in a form.

//Define the query.
$query = "SELECT quote, source, favorite FROM quotes WHERE quote_id={$_GET['id']}";
if ($r = mysql_query($query, $dbc)) { //Run the query.
	$row = mysql_fetch_array($r);  //retrieve the information.
	
	//Make the form.
	print '<form action="edit_quote.php" method="post">
	<p><label>Quote <textarea name="quote" rows="5" cols="30">' .htmlentities($row['quote']). '</textarea></label></p>
	<p><label>Source <input type="text" name="source" value="'.htmlentities($row['source']). '"/></label></p>
	<p><label>Is this a favorite? <input type="checkbox" name="favorite" value="yes"';
	
	//Chec the box if it is a favorite.
	if ($row['favorite'] == 1) {
		print ' checked ="checked"';
	}
	
	//Complete the form.
	print ' /></label></p>
	<input type="hidden" name="id" value="' .$_GET['id']. '" />
	<p><input type="submit" name="submit" value="Update This Quote!" /></p>
	</form>';
	
} else { //Couldn't get the infomration.
print '<p class="error">Could not retrieve the quotation because:<br/>' .mysql_error($dbc). '.</p>
<p>The query being run was: ' .$query. '</p>';

}

}elseif (isset($_POST['id']) && is_numeric($_POST['id']) && ($_POST['id'] > 0)) { //Handle the form.

	//Validate and secure the form data.
	$problem = FALSE;
	if (!empty($_POST['quote']) && !empty($_POST['source']) ) {
		
		//Prepare the values for storing.
		$quote = mysql_real_escape_string(trim(strip_tags($_POST['quote'])), $dbc);
		$source = mysql_real_escape_string(trim(strip_tags($_POST['source'])), $dbc);
		
		//Create the "favorite" value.
		if (isset($_POST['favorite'])) {
			$favorite = 1;
		} else {
			$favorite = 0;
		}
		
	} else {
		print '<p class="error">Please submit both a quotation and source.</p>';
		$problem = TRUE;
	}
	
	if (!$problem) {
		//Define the query.
		$query = "UPDATE quotes SET quote='$quote', source='$source', favorite=$favorite WHERE quote_id={$_POST['id']}";
		if ($r = mysql_query($query, $dbc)) {
			print '<p>The quotation has been updated.</p>';
		} else {
			print '<p class="error">Could not update the quotation because:<br/>' .mysql_error($dbc) . '.</p><p>The query being run was" ' .$query. '</p>';
		}
	}// No problem!
	
} else { // No ID set.
	print '<p class="error">This page has been accessed in error.</p>';
} // End of main IF.

mysql_close($dbc); //Close the connection.

include('templates/footer.html');  //Include the footer.

?>

Thanks!

Link to comment
Share on other sites

I haven't run the query using phpMyAdmin, but I copied/pasted the query from the edit_quotes.php file into the next exercise (delete_quote.php) and I was able to delete quotes:

//Define the query.
$query = "SELECT quote, source, favorite FROM quotes WHERE quote_id={$_GET['id']}";
if ($r = mysql_query($query, $dbc)) { //Run the query.
	$row = mysql_fetch_array($r);  //retrieve the information.

So, this would indicate that the query works, right? Why would it work in one instance (delete) and not another (edit)? I checked my DB user's privileges and it appears I have all privileges enabled... (that was just a wild guess).

 

phpfortheweb.png

 

Thanks again for your help. I'm at a loss and I've stared at this for so long I feel like I'm locked up. ;-)

Link to comment
Share on other sites

Hello, Jeff. Welcome to the forums.

 

Could you please provide your HTML?

Also, please place the following code at the top of your script and see what's output:

 

echo '<pre>';
print_r($_GET);
print_r($_POST);
echo '</pre>';
 
You may be able to debug the problem yourself.
Thanks.
Link to comment
Share on other sites

Here's the HTML after adding the snippet you included above:

<pre>Array
(
    [id] => {row['quote_id']}
)
Array
(
)
</pre>
<!doctype html>
<html>
<head>
<meta charset="UTF-8">

<link rel="stylesheet" media="all" href="../css/style.css" />
<title>Edit a Quote</title>
</head>

<body>
<div id="container">
	<h1>My Site of Quotes</h1>
    <br />
    <!-- BEGIN CHANGEABLE CONTENT -->
<h2>Edit a Quotation</h2><p class="error">This page has been accessed in error.</p><hr />
	<h3>Site Admin</h3>
	<p><a href="add_quote.php">Add Quote</a> <->
	<a href="view_quotes.php">View All quotes</a> <->
	<a href="logout.php">Logout</a></p>
</div><!-- close container -->
<div id="footer">
	<p>Content © 2013</p>
</div>

</body>
</html>

I appreciate any help you can offer. Thanks!

Link to comment
Share on other sites

 Share

×
×
  • Create New...