jeffrivers Posted October 16, 2013 Share Posted October 16, 2013 I'm working my way through Chapter 13 and I'm unable to get my edit_quote.php page to work. The error message I'm getting is: This page has been accessed in error. I understand that the reason for this is that the script isn't getting a valid ID. I'm just not sure why. Here's my code. I've reviewed it line-by-line a few times, but I'm not seeing the problem: <?php define('TITLE', 'Edit a Quote'); include('templates/header.html'); print '<h2>Edit a Quotation</h2>'; //Restrict access to adminsitrators only. if (!is_administrator()) { print '<h2>Acess Denied!</h2> <p class="error">You do not have permission to access this page.</p>'; include('templates/footer.html'); exit(); } //Need the database connection. include('includes/mysql_connect.php'); if (isset($_GET['id']) && is_numeric($_GET['id']) && ($_GET['id'] > 0)) { // Display the entry in a form. //Define the query. $query = "SELECT quote, source, favorite FROM quotes WHERE quote_id={$_GET['id']}"; if ($r = mysql_query($query, $dbc)) { //Run the query. $row = mysql_fetch_array($r); //retrieve the information. //Make the form. print '<form action="edit_quote.php" method="post"> <p><label>Quote <textarea name="quote" rows="5" cols="30">' .htmlentities($row['quote']). '</textarea></label></p> <p><label>Source <input type="text" name="source" value="'.htmlentities($row['source']). '"/></label></p> <p><label>Is this a favorite? <input type="checkbox" name="favorite" value="yes"'; //Chec the box if it is a favorite. if ($row['favorite'] == 1) { print ' checked ="checked"'; } //Complete the form. print ' /></label></p> <input type="hidden" name="id" value="' .$_GET['id']. '" /> <p><input type="submit" name="submit" value="Update This Quote!" /></p> </form>'; } else { //Couldn't get the infomration. print '<p class="error">Could not retrieve the quotation because:<br/>' .mysql_error($dbc). '.</p> <p>The query being run was: ' .$query. '</p>'; } }elseif (isset($_POST['id']) && is_numeric($_POST['id']) && ($_POST['id'] > 0)) { //Handle the form. //Validate and secure the form data. $problem = FALSE; if (!empty($_POST['quote']) && !empty($_POST['source']) ) { //Prepare the values for storing. $quote = mysql_real_escape_string(trim(strip_tags($_POST['quote'])), $dbc); $source = mysql_real_escape_string(trim(strip_tags($_POST['source'])), $dbc); //Create the "favorite" value. if (isset($_POST['favorite'])) { $favorite = 1; } else { $favorite = 0; } } else { print '<p class="error">Please submit both a quotation and source.</p>'; $problem = TRUE; } if (!$problem) { //Define the query. $query = "UPDATE quotes SET quote='$quote', source='$source', favorite=$favorite WHERE quote_id={$_POST['id']}"; if ($r = mysql_query($query, $dbc)) { print '<p>The quotation has been updated.</p>'; } else { print '<p class="error">Could not update the quotation because:<br/>' .mysql_error($dbc) . '.</p><p>The query being run was" ' .$query. '</p>'; } }// No problem! } else { // No ID set. print '<p class="error">This page has been accessed in error.</p>'; } // End of main IF. mysql_close($dbc); //Close the connection. include('templates/footer.html'); //Include the footer. ?> Thanks! Link to comment Share on other sites More sharing options...
Larry Posted October 16, 2013 Share Posted October 16, 2013 Have you verified that $_GET['id'] exists and meets the criteria? If so, have you tried running the query for yourself (like using phpMyAdmin)? Link to comment Share on other sites More sharing options...
jeffrivers Posted October 16, 2013 Author Share Posted October 16, 2013 I haven't run the query using phpMyAdmin, but I copied/pasted the query from the edit_quotes.php file into the next exercise (delete_quote.php) and I was able to delete quotes: //Define the query. $query = "SELECT quote, source, favorite FROM quotes WHERE quote_id={$_GET['id']}"; if ($r = mysql_query($query, $dbc)) { //Run the query. $row = mysql_fetch_array($r); //retrieve the information. So, this would indicate that the query works, right? Why would it work in one instance (delete) and not another (edit)? I checked my DB user's privileges and it appears I have all privileges enabled... (that was just a wild guess). Thanks again for your help. I'm at a loss and I've stared at this for so long I feel like I'm locked up. ;-) Link to comment Share on other sites More sharing options...
HartleySan Posted October 16, 2013 Share Posted October 16, 2013 Hello, Jeff. Welcome to the forums. Could you please provide your HTML? Also, please place the following code at the top of your script and see what's output: echo '<pre>'; print_r($_GET); print_r($_POST); echo '</pre>'; You may be able to debug the problem yourself. Thanks. Link to comment Share on other sites More sharing options...
jeffrivers Posted October 16, 2013 Author Share Posted October 16, 2013 Here's the HTML after adding the snippet you included above: <pre>Array ( [id] => {row['quote_id']} ) Array ( ) </pre> <!doctype html> <html> <head> <meta charset="UTF-8"> <link rel="stylesheet" media="all" href="../css/style.css" /> <title>Edit a Quote</title> </head> <body> <div id="container"> <h1>My Site of Quotes</h1> <br /> <!-- BEGIN CHANGEABLE CONTENT --> <h2>Edit a Quotation</h2><p class="error">This page has been accessed in error.</p><hr /> <h3>Site Admin</h3> <p><a href="add_quote.php">Add Quote</a> <-> <a href="view_quotes.php">View All quotes</a> <-> <a href="logout.php">Logout</a></p> </div><!-- close container --> <div id="footer"> <p>Content © 2013</p> </div> </body> </html> I appreciate any help you can offer. Thanks! Link to comment Share on other sites More sharing options...
Larry Posted October 16, 2013 Share Posted October 16, 2013 Your page which is linking to this one is not passing the ID value in the URL. If you look in your URL, you'll see this to be the case. Link to comment Share on other sites More sharing options...
jeffrivers Posted October 16, 2013 Author Share Posted October 16, 2013 I did notice that. Here's what I see: http://localhost:8888/phpfortheweb/edit_quote.php?id={row['quote_id']} What's the fix for this? Link to comment Share on other sites More sharing options...
Larry Posted October 17, 2013 Share Posted October 17, 2013 You have to fix it in the page that creates that URL. Link to comment Share on other sites More sharing options...
HartleySan Posted October 17, 2013 Share Posted October 17, 2013 Larry's right. Please show us the code used to generate the URL. The problem is likely in that you're mixing up single and double quotes and causes the literal name of the variable to be output instead of the value stored in the variable. Link to comment Share on other sites More sharing options...
jeffrivers Posted October 17, 2013 Author Share Posted October 17, 2013 I found the error. I was missing the '$' in front of row in this part of the code in view_quotes.php: {row['quote_id']} fixed to {$row['quote_id']} Thanks again for helping me identify the issue. Link to comment Share on other sites More sharing options...
Recommended Posts