0

im having a problem when trying to implement a edit page in php.

Getting items from the database doesent pose any problem, yet trying to update it tells me that i have missed a field and trying to skip the check just leaves me with a unedited table.

To explain more, there is a page that directs to this one while passing on a id (propertyID) veriable and from that we use it to grab the desired variables.

Can anyone look at the code and tell me what i have done wrong, i have prevously got a similar page working and am getting quite flustered trying to figure out why this one isent. 

<?php


// Start sessions
include('includes/security.inc.php');
authorise();



if (!isset($_GET['propertyID']) || !is_numeric($_GET['propertyID']))
{
    header('Location:./houselist.php');
}
else
{
// Include connection file
include('includes/connection.inc.php');

    // Get  details
    connect();


    $propertyID = $_GET['propertyID'];

    $sql = "SELECT * FROM Properties WHERE propertyID='$propertyID' LIMIT 1";
    $result = @mysql_query($sql) or die('Unable to run query');
    $record = mysql_fetch_object($result);

    mysql_close();      

    // Check to see if the form has been submitted
    if (isset($_POST['submit']))
    {
        // Check to see all fields have been completed
    $address = $_POST['address'];
    $categoryID = $_POST['categoryID'];
    $price = $_POST['price'];
    $landlordName = $_POST['landlordName'];
    $img = $_POST['img'];
    $description= $_POST['description'];


    if (!empty($address) && !empty($categoryID) && !empty($price) && !empty($landlordName) && !empty($img) && !empty($description))
        {
            // Create an SQL query to add the comment


            $sql = "UPDATE property SET propertyID = '$propertyID', img = '$img', address = '$address', price = '$price', landlordName = '$landlordName', description = '$description' WHERE propertyID = $propertyID";

            // Connect to the database
            connect();

            // Run the query and store the result in a variable
            $result = mysql_query($sql) or die("Could not run query1");

            // Close connection to the database
            mysql_close();

            // Check if query was successful
            if ($result)
            {
                $message = '<div class="success"><p>You have successfully edited Article details.</p><p>Please <a href="Animal_Manage.php">Click Here</a> to view the Animal list.</p></div>';
            }
            else
            {
                $message = '<div class="error"><p>There was an error editing details, please try again</p></div>';
            }
        }
        else
        {
            $message = '<div class="error"><p>Please make sure you fill all fields in before submitting the form.</p></div>';
        }
    }
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <link rel="stylesheet" type="text/css" href="css/960.css"/>
    <link rel="stylesheet" type="text/css" href="css/demo.css"/>
    <link rel="stylesheet" type="text/css" href="css/960_24_col.css"/>
    <link rel="stylesheet" type="text/css" href="css/reset.css"/>
    <link rel="stylesheet" type="text/css" href="css/text.css"/>
    <link rel="stylesheet" type="text/css" href="css/style.css"/>
    <title>Complete Property Solutions</title>
<title>Homescreen - Complete Property Solutions</title>
</head>

<body>

<div class="container_24" id="container">
    <div class="grid_24" id="banner">
        <a href="home.php"><img src="img/banner.png" width="960" height="92" /></a>
    </div>
    <div class="grid_18" id="nav" align="right">
        <ul id="topnav">
            <li><a href="home.php">Home</a></li>
            <li><a href="categories.php">Properties</a></li>
            <li><a href="landloeds.php">Landlords</a></li>
            <li><a href="tenants.php">Tenants</a></li>
            <li><a href="logout.php">Logout</a></li>
        </ul>
    </div>
    <div class="grid_6" id="search" align="right">
    <form action="search.php" method="GET"> 
        <input type="text" name="term" size="15">
          <input type="submit" value="Search"> 
    </form>
    </div>

</div>
<div class="container_24" id="container" align="center">
<div id="container">
  <form id="PropertyEdit" name="PropertyEdit" method="post" action="<? echo $_SERVER['PHP_SELF'] . "?propertyID=" . $propertyID; ?>">
  <input type="hidden" name="propertyID" id="propertyID" value="<?php echo $propertyID; ?>" />

<?php
    if (isset($message))
    {
        echo $message;  
    }
    else
    {
?>


 <div class="label"><label for="propertyID"></label></div>
  <div class="input"><input type="hidden" name="propertyID" id="propertyID" tabindex="1" value="<? echo $record->propertyID; ?>" /></div>  
  <br />

     <div class="label"><label for="categoryID">Category</label></div>
  <div class="input"><input type="text" name="categoryID" id="categoryID" tabindex="1" value="<? echo $record->categoryID; ?>" /></div>  
  <br />

    <div class="label">
      <label for="address">Address:</label></div>
  <div class="input"><input type="text" name="address" id="address" tabindex="1" value="<? echo $record->address; ?>" /></div>  
  <br />

 <div class="label"><label for="price">Price:</label></div>
  <div class="input"><input type="text" name="Price" id="price" tabindex="3" value="<? echo $record->price; ?>" /></div>


  <div class="label"><label for="landlordName">Landlord</label></div>
  <div class="input"><input type="text" name="landlordName" id="landlordName" tabindex="1" value="<? echo $record->landlordName; ?>" /></div>  
  <br />
   <div class="label"><label for="img">Image</label></div>
  <div class="input"><input type="text" name="img" id="img" tabindex="1" value="<? echo $record->img; ?>" /></div>  
  <br />
<div class="label"><label for="description">Description:</label></div>
  <div class="input"><textarea name="description" id="description" cols="50" rows="10" tabindex="5"><? echo $record->description; ?></textarea></div>
  <br />
  <div class="label">&nbsp;</div>
  <div class="input">
    <input type="reset" name="reset" id="reset" value="Reset" tabindex="6" />
    <input type="submit" name="submit" id="submit" value="Submit" tabindex="7" />
  </div>
  <p class="normal"><a href="index.php">Click Here</a> to Return to the Home page</p>
<?php
    }
?>
</form> </div>
</div>

</body>
</html>
<?php
}
?>

my best guess for the problem would revolve around

// Check to see if the form has been submitted
    if (isset($_POST['submit']))
    {
        // Check to see all fields have been completed
    $address = $_POST['address'];
    $categoryID = $_POST['categoryID'];
    $price = $_POST['price'];
    $landlordName = $_POST['landlordName'];
    $img = $_POST['img'];
    $description= $_POST['description'];


    if (!empty($address) && !empty($categoryID) && !empty($price) && !empty($landlordName) && !empty($img) && !empty($description))
        {
            // Create an SQL query to add the comment


            $sql = "UPDATE property SET propertyID = '$propertyID', img = '$img', address = '$address', price = '$price', landlordName = '$landlordName', description = '$description' WHERE propertyID = $propertyID";

            // Connect to the database
            connect();

            // Run the query and store the result in a variable
            $result = mysql_query($sql) or die("Could not run query1");

            // Close connection to the database
            mysql_close();

            // Check if query was successful
            if ($result)
            {
                $message = '<div class="success"><p>You have successfully edited Article details.</p><p>Please <a href="Animal_Manage.php">Click Here</a> to view the Animal list.</p></div>';
            }
            else
            {
                $message = '<div class="error"><p>There was an error editing details, please try again</p></div>';
            }
        }
        else
        {
            $message = '<div class="error"><p>Please make sure you fill all fields in before submitting the form.</p></div>';
        }
    }

And the below section, my problem is that im not sure where exactly

<div class="container_24" id="container" align="center">
<div id="container">
  <form id="PropertyEdit" name="PropertyEdit" method="post" action="<? echo $_SERVER['PHP_SELF'] . "?propertyID=" . $propertyID; ?>">
  <input type="hidden" name="propertyID" id="propertyID" value="<?php echo $propertyID; ?>" />

<?php
    if (isset($message))
    {
        echo $message; 
    }
    else
    {
?>


 <div class="label"><label for="propertyID"></label></div>
  <div class="input"><input type="hidden" name="propertyID" id="propertyID" tabindex="1" value="<? echo $record->propertyID; ?>" /></div>  
  <br />

     <div class="label"><label for="categoryID">Category</label></div>
  <div class="input"><input type="text" name="categoryID" id="categoryID" tabindex="1" value="<? echo $record->categoryID; ?>" /></div>  
  <br />

    <div class="label">
      <label for="address">Address:</label></div>
  <div class="input"><input type="text" name="address" id="address" tabindex="1" value="<? echo $record->address; ?>" /></div>  
  <br />

 <div class="label"><label for="price">Price:</label></div>
  <div class="input"><input type="text" name="Price" id="price" tabindex="3" value="<? echo $record->price; ?>" /></div>


  <div class="label"><label for="landlordName">Landlord</label></div>
  <div class="input"><input type="text" name="landlordName" id="landlordName" tabindex="1" value="<? echo $record->landlordName; ?>" /></div>  
  <br />
   <div class="label"><label for="img">Image</label></div>
  <div class="input"><input type="text" name="img" id="img" tabindex="1" value="<? echo $record->img; ?>" /></div>  
  <br />
<div class="label"><label for="description">Description:</label></div>
  <div class="input"><textarea name="description" id="description" cols="50" rows="10" tabindex="5"><? echo $record->description; ?></textarea></div>
  <br />
  <div class="label">&nbsp;</div>
  <div class="input">
    <input type="reset" name="reset" id="reset" value="Reset" tabindex="6" />
    <input type="submit" name="submit" id="submit" value="Submit" tabindex="7" />
Exobyte
  • 51
  • 10
  • 1
    Please, [stop using `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). Learn about [prepared statements](http://en.wikipedia.org/wiki/Prepared_statement) instead, and use [PDO](http://jayblanchard.net/demystifying_php_pdo.html). – Jay Blanchard Apr 22 '15 at 19:46
  • Can you isolate the code where the problem occurs? – Jay Blanchard Apr 22 '15 at 19:49
  • ` – Sean Apr 22 '15 at 19:58
  • The upper case price is used for the text of the page rather then the code. as for the reason im using mysql functions is that this is for a modual that im currently doing and am required to do it this way – Exobyte Apr 22 '15 at 20:02
  • but you have `Price` in your input name attribute ``. So you need `$price = $_POST['Price'];` – Sean Apr 22 '15 at 20:03
  • i see, must have missed that, unforchenitly that seems to have changed nothing – Exobyte Apr 22 '15 at 20:07
  • or i could be a idiot and make a mistake and mispell it when redoing it. this time it comes up with Could not run query1, which means that its a problem on the database side of things correct? – Exobyte Apr 22 '15 at 20:12
  • if you get `Could not run query1`, then your query failed, most likely due to a syntax error. Change `$result = mysql_query($sql) or die("Could not run query1");` to `$result = mysql_query($sql) or die(mysql_error());` so you can get your query error. note- you are open to sql injection (and syntax errors) as you are not sanitizing your user query data. – Sean Apr 22 '15 at 20:19
  • It looks like your table is wrong in your `UPDATE` query -> `$sql = "SELECT * FROM Properties...` VS `$sql = "UPDATE property SET...`. `property`!=`Properties` – Sean Apr 22 '15 at 20:21
  • Thank you, i should have been using mysql_error() when this whole mess started, it turns out i was property instead of Properties as you said. Thank you very mutch for your help – Exobyte Apr 22 '15 at 20:35

0 Answers0