senso

Hi Larry Many thanks for your help.

Hi Larry Thanks for the reply. I understand what you're saying, but the problem I'm having is where to pass the id? I'm running three select queries: one at the top to check the creator ID matches the user id, one after the form is created to retrieve the data from the DB and populate the form to enable editing, and one to update the form after it's posted. The update query has the page id, but do you also pass this into a variable? I've included the code below: <?php # edit_page.php // This page both displays and handles the "add a page" form // Need the utilities file: require('includes/utilities.inc.php'); // Create a new form: //set_include_path(get_include_path().PATH_SEPARATOR.'/usr/share/php/'); require('HTML/QuickForm2.php'); $select_query = 'SELECT id, creatorId FROM pages WHERE id=:id'; $stmt = $pdo->prepare($select_query); $select_result = $stmt->execute(array(':id'=>$_GET['id'])); // If the query ran ok, fetch the record into an object: if($select_result){ $stmt->setFetchMode(PDO::FETCH_CLASS, 'Page'); $page = $stmt->fetch(); } if (!$user->canEditPage($page)) { header("Location:index.php"); exit(); } $form = new HTML_QuickForm2('editPageForm'); // Add the title field: $title = $form->addElement('text', 'title'); $title->setLabel('Page Title'); $title->addFilter('strip_tags'); $title->addRule('required', 'Please enter a page title'); // Add the content field: $content = $form->addElement('textarea', 'content'); $content->setLabel('Page Content'); $content->addFilter('trim'); $content->addRule('required', 'Please enter the page content.'); // Add the submit Button: $submit = $form->addElement('submit', 'submit', array('value'=>'Edit This Page')); // Add a hidden form element $pid = $form->addElement('hidden', 'id'); // Run the select method on the page id $select_query = 'SELECT id, creatorId, title, content, DATE_FORMAT(dateAdded, "%e %M %Y") AS dateAdded FROM pages WHERE id=:id'; $stmt = $pdo->prepare($select_query); $select_result = $stmt->execute(array(':id'=>$_GET['id'])); //if it ran ok, fetch the page as an object and set the retrieved values to the form if($select_result){ $stmt->setFetchMode(PDO::FETCH_CLASS, 'Page'); while($page = $stmt->fetch()){ $title->setValue($page->getTitle()); $content->setValue($page->getContent()); $pid->setValue($page->getId()); } } // Check for a form submission: if($_SERVER['REQUEST_METHOD'] == 'POST'){ //handle the form submission // Validate the form data: if($form->validate()){ // Insert into the database: $insert_query = 'UPDATE pages SET title=:title, content=:content, dateUpdated=NOW() WHERE id=:id'; $stmt = $pdo->prepare($insert_query); $insert_result = $stmt->execute(array (':id'=>$pid->getValue(),':title'=>$title->getValue(),':content'=>$content->getValue())); // Redirect the user to the newly edited page if($insert_result){ header("Location: /cms2/page.php?id=".$pid->getValue()); } } // end of form validation IF } // End of form submission IF $pageTitle = 'Edit this Page'; include('includes/header.inc.php'); include('views/edit_page.html'); include('includes/footer.inc.php'); ?>

Hi Larry Thanks for the reply Yes, I'm still having issues, but I'm guessing I need to use try - catch statements instead of using an array of errors, like you demo'd in the book?

Ok, another problem I'm using the following code at the top of the page to pass an instance of type page to verify that the authour or admin can edit the page: $select_query = 'SELECT id, creatorId FROM pages WHERE id=:id'; $stmt = $pdo->prepare($select_query); $select_result = $stmt->execute(array(':id'=>$_GET['id'])); // If the query ran ok, fetch the record into an object: if($select_result){ $stmt->setFetchMode(PDO::FETCH_CLASS, 'Page'); $page = $stmt->fetch(); } if (!$user->canEditPage($page)) { header("Location:index.php"); exit(); } This works, however, when I try to edit the page and submit the form, I get the following error: I don't understand why it accepts the $page value as an object when validating canEditPage() when the page loads, but thinks it's a boolean value when it tries to submit the form?

Ok, I decided to to switch the $id element from a hidden to a text form and used $pid->setValue($_GET['id']). I now have the correct id in the form but it still won't update the database when I submit the page. Not sure why it can't pick up the page value, unless my SQL statement is incorrect? EDIT: The problem WAS with my SQL statement (a trailing ')' character I forgot to delete). It all works now.

Hi Antonio When I do as you suggest, I get a bool(true) message at the top of the page. I've noticed that when I'm logged in as the authour of the page, it redirects me to index.php when I click on edit. When I log in as admin, it doesn't edit the page.

Hello I'm trying to finish my edit_page.php script and I can't get the page to recognise the page id tha tgets passed to it. Here's the script: <?php # add_page.php // This page both displays and handles the "edit a page" form // Need the utilities file: require('includes/utilities.inc.php'); // Redirect if the user doesn't have permission to edit this page: if(!$user->canEditPage(new Page($_GET['id']))){ header("Location:index.php"); exit(); } // get the page id if ( (isset($_GET['id'])) &&(is_numeric($_GET['id'])) ) { $id = $_GET['id']; } elseif ( (isset($_POST['id'])) &&(is_numeric($_POST['id'])) ) { $id = $_POST['id']; } else { header("Location: index.php"); } // Create a new form: //set_include_path(get_include_path().PATH_SEPARATOR.'/usr/share/php/'); require('HTML/QuickForm2.php'); $form = new HTML_QuickForm2('addPageForm'); // Add the title field: $title = $form->addElement('text', 'title'); $title->setLabel('Page Title'); $title->addFilter('strip_tags'); $title->addRule('required', 'Please enter a page title'); // Add the content field: $content = $form->addElement('textarea', 'content'); $content->setLabel('Page Content'); $content->addFilter('trim'); $content->addRule('required', 'Please enter the page content.'); // Add the submit Button: $submit = $form->addElement('submit', 'submit', array('value'=>'Edit This Page')); // Add a hidden form element $pid = $form->addElement('hidden', 'id', $id); // Run the select method on the page id $select_query = 'SELECT id, creatorId, title, content, DATE_FORMAT(dateAdded, "%e %M %Y") AS dateAdded FROM pages WHERE id=:id'; $stmt = $pdo->prepare($select_query); $select_result = $stmt->execute(array(':id'=>$_GET['id'])); //if it ran ok, fetch the page as an object and set the retrieved values to the form if($select_result){ $stmt->setFetchMode(PDO::FETCH_CLASS, 'Page'); while($page = $stmt->fetch()){ $title->setValue($page->getTitle()); $content->setValue($page->getContent()); } } // Check for a form submission: if($_SERVER['REQUEST_METHOD'] == 'POST'){ //handle the form submission // Validate the form data: if($form->validate()){ // Insert into the database: $insert_query = 'UPDATE pages SET title=:title, content=:content, dateUpdated=NOW()) WHERE id=:id'; $stmt = $pdo->prepare($insert_query); $insert_result = $stmt->execute(array (':id'=>$pid->getValue(),':title'=>$title->getValue(),':content'=>$content->getValue())); // Redirect the user to the newly edited page if($insert_result){ header("Location: /cms2/page.php?id=$p_id"); } } // end of form validation IF } // End of form submission IF $pageTitle = 'Edit this Page'; include('includes/header.inc.php'); include('views/edit_page.html'); include('includes/footer.inc.php'); ?> If I try to edit the page, it redirects me to index.php, which means that it can't retrieve the id for some reason. Am I retrieving the page id incorrectly? I'm using the method from Larry's first 'PHP and MySQL for Dynamic Websites' book.

Hello I've finished chapter 9 and am currently attempting to create a registration form on the site using HTML_QuickForm2. Everything is working fine, except I can't seem to return error messages if the username and/or email address are already registered. Here is the code after the form has been submitted: // Add the submit button if($_SERVER['REQUEST_METHOD']=='POST'){ $errors = array(); // validate the form data if($form->validate()){ //check to see if the email is available $select_query = 'SELECT id FROM users WHERE email=:email or username=:username'; $stmt = $pdo->prepare($select_query); $select_result = $stmt->execute(array(':email'=>$email->getValue(), ':username'=>$username->getValue())); // Check to see if email address is available if(mysqli_num_rows($select_result)==0){ // if the email address or username are available // Insert the user into the database $insert_query = 'INSERT INTO users (userType, username, email, pass, dateAdded) VALUES (:userType, :username, :email, SHA1(:password), NOW())'; $stmt = $pdo->prepare($insert_query); $insert_result = $stmt->execute(array (':userType'=>'public', ':username'=>$username->getValue(), ':email'=>$email->getValue(), ':password'=>$password->getValue(), )); if($insert_result){ // if it ran ok // freeze the form upon success $form->toggleFrozen(true); $form->removeChild($submit); } else { $errors[] = ('You could not be registered at this time'); } } else { // if the username/password are already registered $errors[] = ('The username and/or password have already been registered.'); } } } The problem is that only the error message in the 'insert_result' else statement is displayed when I loop through the results in the register.html view. Any other errors added to the array are not displayed, so the user is not notified why they can't register. Is this a problem with the way I'm trying to implement it (objects instead of procedurally) or is there something obvious that I've missed? Hope I've explained myself well and thanks in advance for any suggestions.