Jump to content
Larry Ullman's Book Forums
jeffrivers

Chapter 13: Edit_Quote.Php, Script 13.9

Recommended Posts

I'm working my way through Chapter 13 and I'm unable to get my edit_quote.php page to work. The error message I'm getting is:

 

This page has been accessed in error.

 

 

I understand that the reason for this is that the script isn't getting a valid ID. I'm just not sure why. Here's my code. I've reviewed it line-by-line a few times, but I'm not seeing the problem:

<?php

define('TITLE', 'Edit a Quote');
include('templates/header.html');

print '<h2>Edit a Quotation</h2>';

//Restrict access to adminsitrators only.
if (!is_administrator()) {
	print '<h2>Acess Denied!</h2>
	<p class="error">You do not have permission to access this page.</p>';
	include('templates/footer.html');
	exit();
}

//Need the database connection.
include('includes/mysql_connect.php');

if (isset($_GET['id']) && is_numeric($_GET['id']) && ($_GET['id'] > 0)) { // Display the entry in a form.

//Define the query.
$query = "SELECT quote, source, favorite FROM quotes WHERE quote_id={$_GET['id']}";
if ($r = mysql_query($query, $dbc)) { //Run the query.
	$row = mysql_fetch_array($r);  //retrieve the information.
	
	//Make the form.
	print '<form action="edit_quote.php" method="post">
	<p><label>Quote <textarea name="quote" rows="5" cols="30">' .htmlentities($row['quote']). '</textarea></label></p>
	<p><label>Source <input type="text" name="source" value="'.htmlentities($row['source']). '"/></label></p>
	<p><label>Is this a favorite? <input type="checkbox" name="favorite" value="yes"';
	
	//Chec the box if it is a favorite.
	if ($row['favorite'] == 1) {
		print ' checked ="checked"';
	}
	
	//Complete the form.
	print ' /></label></p>
	<input type="hidden" name="id" value="' .$_GET['id']. '" />
	<p><input type="submit" name="submit" value="Update This Quote!" /></p>
	</form>';
	
} else { //Couldn't get the infomration.
print '<p class="error">Could not retrieve the quotation because:<br/>' .mysql_error($dbc). '.</p>
<p>The query being run was: ' .$query. '</p>';

}

}elseif (isset($_POST['id']) && is_numeric($_POST['id']) && ($_POST['id'] > 0)) { //Handle the form.

	//Validate and secure the form data.
	$problem = FALSE;
	if (!empty($_POST['quote']) && !empty($_POST['source']) ) {
		
		//Prepare the values for storing.
		$quote = mysql_real_escape_string(trim(strip_tags($_POST['quote'])), $dbc);
		$source = mysql_real_escape_string(trim(strip_tags($_POST['source'])), $dbc);
		
		//Create the "favorite" value.
		if (isset($_POST['favorite'])) {
			$favorite = 1;
		} else {
			$favorite = 0;
		}
		
	} else {
		print '<p class="error">Please submit both a quotation and source.</p>';
		$problem = TRUE;
	}
	
	if (!$problem) {
		//Define the query.
		$query = "UPDATE quotes SET quote='$quote', source='$source', favorite=$favorite WHERE quote_id={$_POST['id']}";
		if ($r = mysql_query($query, $dbc)) {
			print '<p>The quotation has been updated.</p>';
		} else {
			print '<p class="error">Could not update the quotation because:<br/>' .mysql_error($dbc) . '.</p><p>The query being run was" ' .$query. '</p>';
		}
	}// No problem!
	
} else { // No ID set.
	print '<p class="error">This page has been accessed in error.</p>';
} // End of main IF.

mysql_close($dbc); //Close the connection.

include('templates/footer.html');  //Include the footer.

?>

Thanks!

Share this post


Link to post
Share on other sites

Have you verified that $_GET['id'] exists and meets the criteria? If so, have you tried running the query for yourself (like using phpMyAdmin)?

Share this post


Link to post
Share on other sites

I haven't run the query using phpMyAdmin, but I copied/pasted the query from the edit_quotes.php file into the next exercise (delete_quote.php) and I was able to delete quotes:

//Define the query.
$query = "SELECT quote, source, favorite FROM quotes WHERE quote_id={$_GET['id']}";
if ($r = mysql_query($query, $dbc)) { //Run the query.
	$row = mysql_fetch_array($r);  //retrieve the information.

So, this would indicate that the query works, right? Why would it work in one instance (delete) and not another (edit)? I checked my DB user's privileges and it appears I have all privileges enabled... (that was just a wild guess).

 

phpfortheweb.png

 

Thanks again for your help. I'm at a loss and I've stared at this for so long I feel like I'm locked up. ;-)

Share this post


Link to post
Share on other sites

Hello, Jeff. Welcome to the forums.

 

Could you please provide your HTML?

Also, please place the following code at the top of your script and see what's output:

 

echo '<pre>';
print_r($_GET);
print_r($_POST);
echo '</pre>';
 
You may be able to debug the problem yourself.
Thanks.

Share this post


Link to post
Share on other sites

Here's the HTML after adding the snippet you included above:

<pre>Array
(
    [id] => {row['quote_id']}
)
Array
(
)
</pre>
<!doctype html>
<html>
<head>
<meta charset="UTF-8">

<link rel="stylesheet" media="all" href="../css/style.css" />
<title>Edit a Quote</title>
</head>

<body>
<div id="container">
	<h1>My Site of Quotes</h1>
    <br />
    <!-- BEGIN CHANGEABLE CONTENT -->
<h2>Edit a Quotation</h2><p class="error">This page has been accessed in error.</p><hr />
	<h3>Site Admin</h3>
	<p><a href="add_quote.php">Add Quote</a> <->
	<a href="view_quotes.php">View All quotes</a> <->
	<a href="logout.php">Logout</a></p>
</div><!-- close container -->
<div id="footer">
	<p>Content © 2013</p>
</div>

</body>
</html>

I appreciate any help you can offer. Thanks!

Share this post


Link to post
Share on other sites

Your page which is linking to this one is not passing the ID value in the URL. If you look in your URL, you'll see this to be the case.

Share this post


Link to post
Share on other sites

Larry's right. Please show us the code used to generate the URL.

The problem is likely in that you're mixing up single and double quotes and causes the literal name of the variable to be output instead of the value stored in the variable.

Share this post


Link to post
Share on other sites

I found the error. I was missing the '$' in front of row in this part of the code in view_quotes.php:

{row['quote_id']}

fixed to

{$row['quote_id']}

Thanks again for helping me identify the issue.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...