-2

I'm trying to create a custom blog system for a website I am working on, I have created all of the systems however when I try to insert the form to the database, the script executes however the data is not saved to the database. Some of the fields do contain large amounts of text and formatting using TinyMCE could this be the problem? When I test it with smaller amounts of text it works fine.

PHP script:

$conn = connect();
$action = $_GET['a'];
$id = $_GET['id'];
switch($action) {
case 'delete':
    $sql = "DELETE FROM articles WHERE id='$id'";
    if(mysql_query($sql)) {
        echo "<script type='text/javascript'> alert('Article Deleted'); </script>";
        header("Location: manage.php");
    }   
break;

case 'add':
if(isset($_POST['submit'])) {
$slug = $_POST['slug'];
$datecreated = $_POST['datecreated'];
$datepublish = $_POST['datepublish'];
$author = $_POST['author'];
$status = $_POST['status'];
$title = $_POST['title'];
$miniexcerpt = $_POST['miniexcerpt'];
$teaser = $_POST['teaser'];
$body = $_POST['body'];
    $sql = "INSERT INTO articles (slug,datecreated,datepublish,author,status,title,miniexcerpt,teaser,body) values ('$slug','$datecreated','$datepublish','$author','$status','$title','$miniexcerpt','$teaser','$body')";
    if(mysql_query($sql)) {
        echo "<script type='text/javascript'> alert('Article Added'); </script>";
        header("Location: manage.php");
    }
}
break;

case 'edit':
if(isset($_POST['submit'])) {
$slug = $_POST['slug'];
$datecreated = $_POST['datecreated'];
$datepublish = $_POST['datepublish'];
$author = $_POST['author'];
$status = $_POST['status'];
$title = $_POST['title'];
$miniexcerpt = $_POST['miniexcerpt'];
$teaser = $_POST['teaser'];
$body = $_POST['body'];
    $sql = "UPDATE articles SET slug='$slug',datecreated='$datecreated',datepublish='$datepublish',author='$author',status='$status',title='$title',miniexcerpt='$miniexcerpt',teaser='$teaser',body='$body' WHERE id='$id'";
    if(mysql_query($sql)) {
        echo "<script type='text/javascript'> alert('Article Updated'); </script>";
        header("Location: manage.php");
    }
    }
break;  

}

$conn = connect();
$action = $_GET['a'];
$id = $_GET['id'];
switch($action) {
case 'publish':
    $sql = "UPDATE articles SET status='published' WHERE id='$id'";
    if(mysql_query($sql)) {
        echo "<script type='text/javascript'> alert('Article Published'); </script>";
        header("Location: manage.php");
    }   
break;
}

HTML Form:

<form id="form" name="form" action="articlefunctions.php?a=add" method="post">
            <div class="form-group row">
                <label for="title" class="col-sm-2 col-form-label">Article Title</label>
                <div class="col-sm-10">
                    <input name="title" type="text" id="title" class="form-control" placeholder="Article Title" />
                </div>
            </div>
            <div class="form-group row">
                <label for="slug" class="col-sm-2 col-form-label">Article URL (Slug)</label>
                <div class="col-sm-10">
                    <input name="slug" type="text" id="slug" class="form-control" placeholder="Article URL - Must NOT include spaces - use '-' instead" />
                </div>
            </div>
            <div class="form-group row">
                <label for="teaser" class="col-sm-2 col-form-label">Article Excerpt</label>
                <div class="col-sm-10">
                    <textarea name="teaser" id="teaser" placeholder="Article Excerpt" rows="4"></textarea>
                </div>
            </div>
            <div class="form-group row">
                <label for="miniexcerpt" class="col-sm-2 col-form-label">Homepage Excerpt</label>
                <div class="col-sm-10">
                    <textarea name="miniexcerpt" id="miniexcerpt" maxlength="180" placeholder="Snippet from excerpt to go on homepage" rows="4"></textarea>
                    <span id='remainingC' class="pull-right"></span>
                </div>
            </div>
            <div class="form-group row">
                <label for="body" class="col-sm-2 col-form-label">Article Content</label>
                <div class="col-sm-10">
                    <textarea name="body" id="body" rows="8"></textarea>
                </div>
            </div>
            <div class="form-group row">
                <label for="author" class="col-sm-2 col-form-label">Article Author</label>
                <div class="col-sm-10">
                    <input name="author" type="text" id="author"  readonly class="form-control" value="<?php echo $_SESSION['user_name'];?>" />
                </div>
            </div>
            <div class="form-group row">
                <label for="status" class="col-sm-2 col-form-label">Article Status</label>
                <div class="col-sm-10">
                    <select name="status" id="status" class="form-control" />
                        <option value="draft" selected>draft</option>
                        <option value="published">published</option>
                    </select>
                </div>
            </div>
            <input name="datecreated" type="hidden" id="datecreated" value="<?php echo date('Y-m-d'); ?>" class="form-control" />
            <div class="form-group row">
                <label for="datepublish" class="col-sm-2 col-form-label">Publish Date</label>
                <div class="col-sm-10">
                    <input name="datepublish" type="date" id="datepublish" class="form-control" />
                </div>
            </div>
            <div class="form-group row">
                <input type="submit" value="Save" id="submit" name="submit" class="btn btn-primary"/>
            </div>
        </form>
J Stone
  • 1
  • 3
  • 1
    Can you post your code? – Jonny Apr 09 '18 at 14:14
  • added the code. – J Stone Apr 09 '18 at 14:18
  • can you post your html form as well – Jonny Apr 09 '18 at 14:23
  • html code now added – J Stone Apr 09 '18 at 14:32
  • `ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL);` add that to your php and `mysql_error()` on the queries; what does that throw? – Funk Forty Niner Apr 09 '18 at 14:33
  • you're outputting before header, that I know. – Funk Forty Niner Apr 09 '18 at 14:33
  • sorry to seem a bit blonde but where am i adding the error reporting? – J Stone Apr 09 '18 at 14:37
  • Which database? How long the text need to be before it break? Have you confirmed that the data exists in the server and you actually inserting it? Whats the column type & length of this DB field? is it varchar(255) or text/blob ? in short - we need more info to help you – roy Apr 09 '18 at 14:18
  • It is being put into a Mysql database on the server and it is being put into a 'longtext' field on the database. The text does not need to be very long before it breaks. it seems to work for a short sentence or two but any more than that it doesn't post it. I have checked after submitting the form in case it was the php header that wasn't working but it is definitely not being put onto the database – J Stone Apr 09 '18 at 14:22

1 Answers1

0

Check your php.ini. Some parameters affect POST payload size.

post_max_size integer Sets max size of post data allowed. This setting also affects file upload. To upload large files, this value must be larger than upload_max_filesize. Generally speaking, memory_limit should be larger than post_max_size. When an integer is used, the value is measured in bytes. Shorthand notation, as described in this FAQ, may also be used. If the size of post data is greater than post_max_size, the $_POST and $_FILES superglobals are empty. This can be tracked in various ways, e.g. by passing the $_GET variable to the script processing the data, i.e. , and then checking if $_GET['processed'] is set.

source

N. D.
  • 311
  • 2
  • 8