UPDATE command not updating when fed from HTML form page

[sincitybrant]

If anyone can spot what I am doing incorrectly, please let me know. The first .php page displays previously entered data and then allows the user to modify the band's database row. It then passes the information (I hope at least) to another .php page that in turn SHOULD update all of the row's fields.

Code: Select all

$bandid = '1';
   
   $query = "SELECT * FROM bands WHERE bandid='$bandid'";
   $result = mysql_query($query)
      or die ("Couldn't bring up band.");
   $row = mysql_fetch_array($result);
   extract($row);
   
   echo "<form method='post' action='testingpage2.php'>
     <table width='59%' border='0' cellspacing='0' cellpadding='1'>
    <tr>
      <td>bandname</td>
      <td><input name='bandname' type='text' size='50' maxlength='50' value='$bandname'></td>
    </tr>
    <tr>
      <td>contact (first & last name)</td>
      <td><input name='contact' type='text' size='50' maxlength='40' value='$contact'></td>
    </tr>
    <tr>
      <td>phone number</td>
      <td><input name='phone' type='text' size='10' maxlength='10' value='$phone'>
        click to release phone number
        <input type='checkbox' name='phonerel' value='1'><input type='hidden' name='bandid' value='$bandid'</td>
    </tr>
    <tr>
      <td>email address:</td>
      <td><input name='email' type='text' size='30' maxlength='60' value='$email'>
        click to release email
        <input type='checkbox' name='emailrel' value='1'></td>
    </tr>
    <tr>
      <td>website (include http):</td>
      <td><input name='website' type='text' size='50' maxlength='90' value='$website'>
      </td>
    </tr>
    <tr>
      <td>select category:</td>
      <td>
        <select name='catid'>
          <option value='1' selected>rock/alternative/indie</option>
          <option value='2'>punk/hardcore</option>
          <option value='3'>metal/hard rock/grindcore</option>
          <option value='4'>folk/acoustic/songwriter</option>
          <option value='5'>ska/reggae/funk</option>
        </select>
        .................
        <input type='submit' name='Submit' value='Submit'></td>
    </tr>
  </table>
</form>";
?>
</body>
</html>


That would be the first page minus password/user information. And as follows would be testingpage2.php:

Code: Select all

$label_array = array ("bandname" => "bandname",
                    "website" => "website",
                    "email" => "email",
                    "phonerel" => "phonerel",
                    "emailrel" => "emailrel",
                    "contact" => "contact",
                    "catid" => "catid",
                    "phone" => "phone",
                    "bandid" => "bandid");
   foreach ($HTTP_POST_VARS as $key => $value)
   $bandname = trim($bandname);
   $bandname = strip_tags($bandname);
   $contact = trim($contact);
   $contact = strip_tags($contact);
   $phone = trim($phone);
   $phone = strip_tags($phone);
   $website = trim($website);
   $website = strip_tags($website);
   $email = trim($email);
   $email = strip_tags($email);
   
   $query = "UPDATE bands SET phone='$phone' WHERE bandid='$bandid'";
   $query = "UPDATE bands SET contact='$contact' WHERE bandid='$bandid'";
   $query = "UPDATE bands SET website='$website' WHERE bandid='$bandid'";
   $query = "UPDATE bands SET email='$email' WHERE bandid='$bandid'";
   $query = "UPDATE bands SET bandname='$bandname' WHERE bandid='$bandid'";
   $query = "UPDATE bands SET phonerel='$phonerel' WHERE bandid='$bandid'";
   $query = "UPDATE bands SET emailrel='$emailrel' WHERE bandid='$bandid'";
   $result = mysql_query($query)
      or die ("Couldn't update band listing at this time.");
   echo "Your band listing has been modified.<br>";
?>
</body>
</html>


[pootergeist]

do you have register_global set to OFF in your .ini ?

try echoing $bandid / $emailrel and the like to test they exist before the update - if they don't, you probably do have reg_globs OFF (which is a good thing) and should access form posted variables by using the $_POST array.

$bandid = $_POST['bandid'];

a bad coding standard quick fix would be putting
extract($_POST);
at the top of the receiving script - bad coding as that would still be as unsecure as coding with reg_globs ON.

[sincitybrant]

I did modify the settings as you suggested in the second half of the program. That however produced no results. However the code that relates to result and mysql_query, I took out all of the changes except for one and tried modifying a setting and it worked. So then I added each of the settings you suggested, but below it I gave it its own result or die statement as well as an echo. And now it is working just fine.
Thanks a lot!

[Joel]

I have a pretty similar problem, this is my code...

$sql = "UPDATE shows SET date='$date',bands='$bands',venue='$venue',other='$other' WHERE date='$date'";

$result = mysql_query($sql);

I already posted all the info from a form to variables, and echo'd them on the page, i get no errors and it says eveyrthing went fine, but it makes no change to the database.

[bezmond]

Code: Select all

$result = mysql_query($sql);

try using

Code: Select all

$result = mysql_query($sql) or die(mysql_error());

That'll tell you if there's an error in the update script or not.

Andrew

[Joel]

That gave me nothing. I am completely puzzled, I have an update code pretty much the same working on another page. Here are the 2 codes, maybe I'm missing something, because after all me = newbie, or should i say $me = "newbie";

$sql = "UPDATE employees SET first='$first',last='$last',address='$address',position='$position' WHERE id=$id";
$result = mysql_query($sql);

thats the one that works

$sql = "UPDATE shows SET date='$date',bands='$bands',venue='$venue',other='$other' WHERE date='$date'";
$result = mysql_query($sql) or die(mysql_error());

that's the one that i can't get to work.