Discussion in 'Programming/Scripts' started by edge, Aug 9, 2008.

  1. edge

    edge Active Member Moderator

    Anyone here who might have a clue why I can not get this to work (I'm new to PHP)
    Code example one is not working.
    It's getting the variable BedrijfsNaamTMP from a POST of an other page.
    When doing an echo $BedrijfsNaamTMP; it DOES show the value fine.
    When I echo the $strSql, it does also show it correctly.
    Problem is that it's NOT updating the MySQL :)

    example 1 - not working
    $BedrijfsNaamTMP = $_POST["BedrijfsNaam"];
    $strSql = "UPDATE `account_info` SET `BedrijfsNaam` = $BedrijfsNaamTMP WHERE `accountID` = 1";
    Example two is exactly the same as example one, EXEPT that the variable $BedrijfsNaamTMP is HARD CODED to "test"
    When running this code, all is working fine.
    The echo $strSql; is showing exactly the same string as in example one.

    example - 2 working fine
    $BedrijfsNaamTMP = "'test'";
    $strSql = "UPDATE `account_info` SET `BedrijfsNaam` = $BedrijfsNaamTMP WHERE `accountID` = 1";
    Anyone here who might know what could be causing this?
  2. el-sid

    el-sid New Member


    try using single quotes on the $BedrijfsNaamTMP variable as '$BedrijfsNaamTMP' on the sql statement as in

    $strSql = "UPDATE account_info SET BedrijfsNaam = '$BedrijfsNaamTMP' WHERE accountID = 1";
    Last edited: Aug 10, 2008
  3. edge

    edge Active Member Moderator

    Hi el-sid,
    Thank you for your reply.

    Your "fix" did not work for me.

    I've managed to get it to work, but I needed to change the way the variables were posted.

    in the "form" page I was 1st doing the post like this:
    <form id="form1" name="form1" method="post" action="?action=save&record=<?php echo "$record"; ?>">
    Note the action part.

    After changeing it to
    <form id="form1" name="form1" method="post" action="save.php?record=<?php echo "$record"; ?>">
    Again note the action part.

    As you can see, in the 2nd code part, I'm directly posting the variables to the save.php file. (this is working fine).
    For some reason when I go through the index.php that will include the file save.php when called with the option "action=save" it does not work EVEN when save.php is showing all the variables okay.
    Last edited: Aug 10, 2008
  4. Ben

    Ben ISPConfig Developer ISPConfig Developer

    But do you mean by "it does not work"? What kind of error do you get?

    Could you post the index.php + save.php?
    During this time, you e.g. might try to debug index.php and save.php whith some echo statements before and after those points in the script, where you expect the logic to go trough (e.g. before / in the if / case part in the index.php etc.)
  5. edge

    edge Active Member Moderator

    Hi Ben,

    Does not work problem: it's NOT updating the MySQL DB.
    I get no error. It's just not updating the database. Even as the echo'ed variables in save.php showup okay.

    The shown example codes is part of the code that I'm using, and will NOT update the DB fore some reason.
    (when I refresh the page with F5 it WILL update the DB)
    When I change the "action=save" in the edit.php to action=save.php (post the variables directly to save.php) the DB WILL get updated (so it's working!).
    When I echo any of the variables with both ways (action=save or action=save.php) they showup okay.
    The same thing for echoing the $strSql. Both ways they show exactly the same strSql string.
    $action   = $_GET['action'];
    if ($action == "edit")
    if ($action == "save")
    $record = $_GET['record'];
    $strSql = "select * from _account_info where `accountID` = '$record'";
    $rsFile = $conn->execute($strSql);
    $BedrijfsNaam = $rsFile->fields["BedrijfsNaam"];
    <form id="form1" name="form1" method="post" action="?action=save&record=<?php echo "$record"; ?>">
    BedrijfsNaam: <input name="BedrijfsNaam" type="text" id="BedrijfsNaam" value="<?php echo "$BedrijfsNaam"; ?>" size="50" />
    <input type="submit" name="button" id="button" value="save" />

    $record   = $_GET['record'];
    $BedrijfsNaam = $_POST['BedrijfsNaam'];
    $strSql = "UPDATE account_info SET `BedrijfsNaam` = '".$BedrijfsNaam."'  WHERE `accountID` = '".$record."'";
    echo $strSql;
  6. Ben

    Ben ISPConfig Developer ISPConfig Developer

    So if its not updating the DB and not showing any error, the problem should be to find anywere in the $conn object / class. Is it your own or where does it come from?

    But the SQL-Statement when echoed looks ok, so that e.g. sending it via phpMyAdmin to your DB will end up the wanted result?
  7. edge

    edge Active Member Moderator

    Hi Ben,

    the $conn object is not from me.
    It belongt to the "ADODB Library"

    Using phpMyAdmin will add the data to the DB.

    I've done a deep dig in the "ADODB Library", to see if I can find the problem, but no luck.
    I've now recoded my code to post directly from the edit.php to save.php, and this is working fine.

    It's still strange that doing it my 1st way the posted variables did showup okay, but did not get added to the DB.

    Anyway. Thank you for helping. If I ever find the problem, I will post it here.
  8. prijikn

    prijikn New Member

    PHP is an open-source server-side scripting language.It's widely supported language.It's the best general purpose web language.
  9. collardgreen

    collardgreen New Member

    Sanitize the string!

    You should always make sure to sanitize/validate/escape any values submitted to MySql.
    Possibly, the value you are submitting contains some kind of quote character such as a single quote or maybe a slash.
    If that is the case, simply pass the value through the function addslashes() or mysql_real_escape_string().

    I would also check that magic_quotes_gpc is turned Off in the php.ini file. it's always caused me a lot of headaches!!
  10. edge

    edge Active Member Moderator

    Hi collardgreen,

    Thank you for the info.
    The project is finished, but I'll be doing some testing later to see if your tip / fix might have been the problem.

    Once again, thank you for your input.

Share This Page