I am currently trying to make a type blog site and I'm having trouble uploading the post in the edition of a post already created .
I'm currently using the Bootstrap and do not know if this will influence my code or not but the php error is in the lines of the form table.
<?php
include("includes/connect.php");
if (isset($_GET['edit'])) {
$edit_id = $_GET['edit'];
$edit_query = "select * from posts where post_id='$edit_id'";
$run_edit = mysql_query($edit_query);
while ($edit_row=mysql_fetch_array($run_edit)) {
$post_id = $edit_row['post_id'];
$post_title = $edit_row['post_title'];
$post_author = $edit_row['post_author'];
$post_keywords = $edit_row['post_keywords'];
$post_image = $edit_row['post_image'];
$post_content = $edit_row['post_content'];
}
}
?>
<div class="col-md-10" id="content-area">
<div class="container">
<div class="row">
<h2>Edit Post</h2>
<form method="post" action="edit_post.php?edit_form=<?php echo $edit_id ?>" enctype="multipart/form-data">
<fieldset class="form-group">
<label for="title">Title</label>
<input type="text" name="title" class="form-control" id="title" placeholder="title" value="<?php echo $post_title; ?>">
</fieldset>
<fieldset class="form-group">
<label for="author">Author</label>
<input type="text" name="author" class="form-control" id="author" placeholder="author" value="<?php echo $post_author; ?>">
</fieldset>
<fieldset class="form-group">
<label for="keywords">Keywords</label>
<input type="text" name="keywords" class="form-control" id="keywords" placeholder="keywords" value="<?php echo $post_keywords; ?>">
</fieldset>
<fieldset class="form-group">
<label for="image">Image</label>
<input type="file" name="image" class="form-control" id="image" placeholder="image">
<img src="../images/<?php echo $post_image; ?>" width="100" height="100">
</fieldset>
<fieldset class="form-group">
<label for="content">Content</label>
<textarea name="content" cols="20" rows="20" class="form-control" id="content" placeholder="content"><?php echo $post_content; ?></textarea>
</fieldset>
<input class="btn btn-primary" type="submit" name="submit" value="Update Post"></input>
</form>
</div>
</div>
</div>
</body>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<script src="../js/bootstrap.min.js"></script>
</html>
<?php
if (isset($_POST['update'])) {
$update_id = $_GET['edit_form'];
$post_title1 = $_POST['title'];
$post_date1 = date('m-d-y');
$post_author1 = $_POST['author'];
$post_keywords1 = $_POST['keywords'];
$post_content1 = $_POST['content'];
$post_image1 = $_FILES['image']['name'];
$image_tmp = $_FILES['image']['tmp_name'];
if($post_title1=='' or $post_author1=='' or $post_keywords1=='' or $post_content1=='' or $post_image1=='') {
echo "<script>alert('Preencha todos os campos')</script>";
exit();
}
else {
move_uploaded_file($image_tmp, "../images/$post_image1");
$update_query = "update posts set post_title='$post_title1',post_date='$post_date1',post_author='$post_author1',post_image='$post_image1',post_keywords='$post_keywords1',post_content='$post_content1' where post_id='update_id'";
if (mysql_query($update_query)) {
echo "<script>alert('O seu post foi atualizado')</script>";
echo "<script>window.open('view_posts.php','_self')</script>";
}
}
}
?>
First of all, you should prevent SQL Injection.
Change this line:
$edit_id = $_GET['edit'];
To this:
$edit_id = (int)$_GET['edit'];
This way, php will always assume that the variable is an int.
The same on update code:
$update_id = $_GET['edit_form'];
To:
$update_id = (int)$_GET['edit_form'];
And then, you forgot to put $ inside SQL query, on update_id variable to run as a PHP variable:
$update_query = (...) where post_id='$update_id'";
Related
I want to update my form using PHP and SQL but update query not working. select query working but update not working. there is no error. when I am using a select query for show value in the input field and it's working. I am trying much think but not figure out what is the error. I am trying much think but not figure out what is the error.
<?php
include 'connection.php';
include 'config.php';
if (isset($_GET['edit'])) {
{
$topHeading=$_POST['topHeading'];
$mainHeading=$_POST['mainHeading'];
$bottomHeading=$_POST['bottomHeading'];
$filesname = $_FILES['file']['name'];
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["file"]["name"]);
// Select file type
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Valid file extensions
$extensions_arr = array("jpg","jpeg","png","gif","svg");
// Check extension
if( in_array($imageFileType,$extensions_arr) ){
// Convert to base64
$image_base64 = base64_encode(file_get_contents($_FILES['file']['tmp_name']) );
$images = 'data:image/'.$imageFileType.';base64,'.$image_base64;
$sql = "update banner set topHeading='$topHeading', filesname='$filesname', images='$images', mainHeading='$mainHeading', bottomHeading='$bottomHeading' where id='$id'";
if (mysqli_query($connection, $sql)) {
echo "Done";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($connection);
}
// mysqli_close($connection);
// Upload file
move_uploaded_file($_FILES['file']['tmp_name'],$target_dir.$filesname);
if($sql)
{
echo "";
}
else
{
echo "<script>alert('Data not inserted');</script>";
}
}
}
}
$query = mysqli_query($connection, "select * from banner");
while ($row = mysqli_fetch_array($query)) {
echo "<b><a href='editbanner.php?id={$row['id']}'>{$row['topHeading']}</a></b>";
echo "<br />";
}
if (isset($_GET['edit'])) {
echo '<div class="form" id="form3"><br><br><br><br><br><br>
<Span>Data Updated Successfuly......!!</span></div>';
}
?>
<?php
if (isset($_GET['id'])) {
$id = $_GET['id'];
$count = 0;
$mysqli = mysqli_query($connection,"SELECT * FROM banner");
foreach($mysqli as $row){
$count++;
?>
<form class="form-horizontal" method="post" name="form1" id="form1" enctype="multipart/form-data">
<div class="form-group label-floating form-rose">
<label for="brandname" class="control-label col-xs-2">Brand Name of Stock Broker</label>
<div class="col-xs-12">
<input type="text" name="topHeading" id="brandname" class="form-control" value="<?php echo $row["topHeading"]; ?>"/>
<span class="error" id="pointfn"></span>
</div>
</div>
<div class="form-group label-floating form-rose">
<label for="name" class="control-label col-xs-2">Contact Person</label>
<div class="col-xs-12">
<input type="text" name="mainHeading" id="name" class="form-control" value="<?php echo $row["mainHeading"]; ?>"/>
<span class="error" id="pointln"></span>
</div>
</div>
<div class="form-group label-floating form-rose">
<label for="designation" class="control-label col-xs-2">Designation</label>
<div class="col-xs-12">
<input type="text" name="bottomHeading" id="designation" class="form-control" value="<?php echo $row["bottomHeading"]; ?>"/>
<span class="error" id="designationln"></span>
</div>
</div>
<div class="label-floating form-rose file-upload">
<div class="file-select">
<div class="file-select-button" id="fileName">Upload Logo</div>
<div class="file-select-name" id="noFile">No file chosen...</div>
<input type="file" name="file" id="chooseFile" required>
</div>
</div>
<div class="form-group label-floating form-rose">
<div class="col-xs-12"> <input type='checkbox' name='checkbox' id="checkbox" required /> <label for="checkbox" class="col-xs-10 term">I accept the terms and condition</label>
</div>
</div>
<button type="submit" name="edit" value="Submit" id="formT" class="button-cta cta btn" onClick="return validateForm()"> I am Interested!</button>
</form>
<?php }} ?>
</body>
</html>
$id is missing above your update query...
$id = $_REQUEST['id'];
$sql = "update banner set topHeading='$topHeading', filesname='$filesname', images='$images', mainHeading='$mainHeading', bottomHeading='$bottomHeading' where id='$id'";
I'm working on this feature in my project where I want to add three(3) images along side other details into my database row and I want this images to be in separate columns in one row.... So far below is my code. the code is not working yet... The images and texts are not uploading to the database....
Please help me out guys. What am I doing wrong. Thanks.
Below is my code sample:
//THE PHP SECTION//
<?php
session_start();
include 'includes/config.php';
if (isset($_POST['post']) && isset($_POST['itemtype'])) {
$title = mysqli_real_escape_string($link, $_POST['title']);
$itemtype = mysqli_real_escape_string($link, $_POST['itemtype']);
$description = mysqli_real_escape_string($link, $_POST['description']);
$image1 = $_FILES['image1']['name'];
$image1_tmp_name = $_FILES['image1']['tmp_name'];
$image2 = $_FILES['image2']['name'];
$image2_tmp_name = $_FILES['image2']['tmp_name'];
$image3 = $_FILES['image3']['name'];
$image3_tmp_name = $_FILES['image3']['tmp_name'];
$price = mysqli_real_escape_string($link, $_POST['price']);
$category = mysqli_real_escape_string($link, $_POST['category']);
$name = mysqli_real_escape_string($link, $_POST['name']);
//image file directory
$target1 = 'images/user_ads/'.basename($image1);
$target2 = 'images/user_ads/'.basename($image2);
$target3 = 'images/user_ads/'.basename($image3);
if (move_uploaded_file($_FILES['image1_tmp_name'], $target1)) {
}
if (move_uploaded_file($_FILES['image2_tmp_name'], $target2)) {
}
if (move_uploaded_file($_FILES['image3_tmp_name'], $target3)) {
}
//insert into ost database
$insert = "INSERT INTO products(Title,Product_Type,Description,Image1,Image2,Image3,Price,Category,Name,PostedDate)VALUES('$title','$itemtype','$description','$target1','$target2','$target3','$price','$category','$name',NOW())";
$insertKwary = mysqli_query($link, $insert);
if ($insertKwary) {
$msg = "<div class='alert alert-danger alert-success'>Product Submitted</div>";
}else{
$msg = "<div class='alert alert-danger alert-success'>Product Not Submitted...Try again</div>";
}
}
?>
//THE HTML SECTION//
<div class="col-md-8 col-md-offset-2">
<?php if(isset($msg)) { echo $msg; } ?>
<form action="" method="POST" enctype="multipart/form-data" class="postAdForm" id="postAdForm">
<div class="form-group">
<label for="Ad_title">Item Title</label>
<input type="text" name="title" class="form-control title" id="title" required=""/>
</div>
<div class="form-group">
<label for="itemtype">Item Type</label>
<select class="form-control" name="itemtype" id="itemtype">
<option>Sale</option>
<option>Request</option>
</select>
</div>
<div class="form-group">
<label for="description">Item Description</label>
<textarea name="description" class="form-control description" id="description" rows="7" required=""></textarea>
</div>
<div class="form-group">
<label for="price">First Image</label>
<input type="file" name="image1" class="form-control image1" id="image1" required="" />
</div>
<div class="form-group">
<label for="price">Second Image</label>
<input type="file" name="image2" class="form-control image2" id="image2" required="" />
</div>
<div class="form-group">
<label for="price">Third Image</label>
<input type="file" name="image3" class="form-control image3" id="image3" required="" />
</div>
<div class="form-group">
<label for="price">Price</label>
<input type="text" name="price" class="form-control price" id="price" required="" />
</div>
<div class="form-group">
<label for="category">Item Category</label>
<select class="form-control" name="category" id="category">
<option>Sale</option>
<option>Request</option>
</select>
</div>
<div class="form-group">
<label for="price">Name</label>
<input type="text" name="name" class="form-control name" id="name" required="" readonly="" />
</div>
<div class="form-group">
<input type="submit" name="post" class="btn btn-post post" id="post" value="POST AD" />
</div>
</form>
</div>
I've also attached an image of the error i'm getting..
image of web page showing thee errors i get..error gotten
The error is due to these lines:
if (move_uploaded_file($_FILES['image1_tmp_name'], $target1)) {
}
if (move_uploaded_file($_FILES['image2_tmp_name'], $target2)) {
}
if (move_uploaded_file($_FILES['image3_tmp_name'], $target3)) {
}
You're setting $image1_tmp_name, not $_FILES['image1_tmp_name'].
Try this:
if (move_uploaded_file($image1_tmp_name, $target1)) {
}
if (move_uploaded_file($image2_tmp_name, $target2)) {
}
if (move_uploaded_file($image3_tmp_name, $target3)) {
}
Edit: Using mysqli_error() to print the error helped solve additional issues (Mentioned in comments)
Hi Guys could please check my code I have written, the problem is it won't update the data in DB, it just reloading and not giving any error.
Here is my update.php
if (isset($_POST['update']) && isset($_POST['update']) != "") {
$name = $_POST['c_name'];
$mobile = $_POST['c_mob'];
$dDate = $_POST['d_date'];
$frame = $_POST['frame'];
$size = $_POST['size'];
$lense = $_POST['lense'];
$descr = $_POST['descr'];
$paid = $_POST['paid'];
$remains = $_POST['remains'];
$refer = $_POST['c_refer'];
}
$setquery = "UPDATE `dep_sale` SET c_name='$name', c_mob='$mobile', d_date='$dDate', frame='$frame', size='$size', lense='$lense', descr='$descr',c_refer='$refer', paid='$paid', remains='$remains' WHERE id='".$_POST["id"]."'";
mysqli_query($link, $setquery);
header("location: reports.php");
And here is the HTML
<form method="POST" action="update.php">
<div class="row">
<div class="col-lg-4 col-md-4">
<input type="hidden" name="id" />
<input type="text" class="form-control" value="<?php echo $row['c_name']; ?>" required id="c_name" name="c_name" placeholder="Name..."/>
</div>
<div class="col-lg-4 col-md-4">
<input type="phone" class="form-control" value="<?php echo $row['c_mob']; ?>" required id="c_mob" name="c_mob" placeholder="Mobile..."/>
</div>
<div class="col-lg-4 col-md-4">
<input type="text" class="form-control" value="<?php echo $row['d_date']; ?>" required id="d_date" name="d_date" onfocus="(this.type='date')" placeholder="Delivery Date..."/>
</div>
</div>
<br>
<div class="row">
<div class="col-lg-4 col-md-4">
<input type="text" class="form-control" value="<?php echo $row['frame']; ?>" required id="frame" name="frame" placeholder="Frame..."/>
</div>
<div class="col-lg-4 col-md-4">
<input type="text" class="form-control" value="<?php echo $row['size']; ?>" required id="size" name="size" placeholder="Size..."/>
</div>
<div class="col-lg-4 col-md-4">
<input type="text" class="form-control" value="<?php echo $row['lense']; ?>" required id="lense" name="lense" placeholder="Lense..."/>
</div>
</div>
<br>
</form>
There is no problem in connection because i am fetching and inserting data perfectly.Please help me guys.Thanks
To see the errors set the following at first lines:
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
Your if is wrong. Try this:
if (isset($_POST['update']) && $_POST['update'] != "") {
Or more shorter version
if (!empty($_POST['update'])) {
Hope this helped you!
I built a script named add_post.php that submit form data in database.
The script is here:
<?php include ("includes/header.php"); ?>
<div class="content" style="text-align: center;">
<header>
<h1 style="color: rgb(245, 106, 106);">ADMIN AREA</h1><br/>
<p>Movie Post Area</p>
</header>
</div>
</section>
<?php
include("includes/startsession.php");
if(isset($_SESSION['username'])){
?>
<Section>
<?php
if(isset($_POST['submit'])){
$name =mysqli_real_escape_string($con, trim($_POST['name']));
$description = mysqli_real_escape_string($con, trim($_POST['description']));
$year = mysqli_real_escape_string($con, trim($_POST['year']));
$popularity = mysqli_real_escape_string($con, trim($_POST['popularity']));
$download_link = mysqli_real_escape_string($con, trim($_POST['download']));
$tags = mysqli_real_escape_string($con, trim($_POST['tags']));
//upload the name to the temporary folder
$images = mysqli_real_escape_string($con, trim($_FILES['image']['name']));
//select the image from the temporary folder
$images_tmp = $_FILES['image']['tmp_name'];
//move the uploaded image to the `images` folder
move_uploaded_file($images_tmp, "../images/$images");
$output_form = false;
if( empty($name) || empty($description) || empty($year) || empty($popularity) || empty($download_link) || empty($tags) || empty($images)){
echo '<h2>Oops! You seem to forget writing something</h2>';
$output_form = true;
}
if( (!empty($name)) && (!empty($description)) && (!empty($year)) && (!empty($popularity)) && (!empty($download_link)) && (!empty($tags)) && (!empty($images))){
$insert = "INSERT INTO movies (name, description, year, image, popularity, download_link, tags)
VALUES ('$name', '$description', '$year', '$images', '$popularity', '$download_link', '$tags') " or die(mysqli_error);
$run = mysqli_query($con, $insert);
echo "<h2>The Movie has been added.<h2>";
echo 'RESET';
}
} else{
$output_form = true;
$name = '';
$description = '';
$year = '';
$popularity = '';
$download_link = '';
$tags = '';
$images = '';
}
?>
<?php if($output_form = true){ ?>
<form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
<div class="row uniform">
<div class="6u 12u$(xsmall)" style="float:none">
<label>Movie Name</label>
<input type="text" name="name" value="<?php echo $name; ?>" id="demo-name" value="" placeholder="Enter Movie Name" />
</div>
<br/>
<div class="6u 12u$(xsmall)" style="float:none">
<label>Description</label>
<textarea name="description" id="demo-message" placeholder="Enter Description" rows="6"><?php echo $description; ?></textarea>
</div>
<br/>
<div class="6u 12u$(xsmall)" style="float:none">
<label>Year</label>
<input type="text" name="year" value="<?php echo $year; ?>" id="demo-name" placeholder="Enter Year" />
</div>
<br/>
<div class="6u 12u$(xsmall)" style="float:none">
<label>Image</label>
<input type="file" name="image" value="<?php echo $images; ?>" id="demo-name" class="special" />
</div>
<div class="12u$" style="float:none">
<div class="select-wrapper">
<label>Popularity</label>
<select name="popularity" id="demo-category">
<option <?php if ($popularity == 'Yes'){echo 'selected';} ?> >Yes</option>
<option <?php if ($popularity == 'No'){echo 'selected';} ?> >No</option>
</select>
</div>
</div>
<div class="6u 12u$(xsmall)" style="float:none">
<label>Download Link</label>
<input type="text" name="download" value="<?php echo $download_link; ?>" id="demo-name" value="" placeholder="Enter Download Link" />
</div>
<div class="6u 12u$(xsmall)" style="float:none">
<label>Tags</label>
<input type="text" name="tags" value="<?php echo $tags; ?>" id="demo-name" value="" placeholder="Enter Tags seperated by commas(,)" />
</div>
<!-- Break -->
<div class="12u$" style="float:none">
<ul class="actions">
<li><input type="submit" name="submit" value="ADD MOVIE" class="special" /></li>
</ul>
</div>
</div>
</form>
<?php } ?>
<?php
} else{
header('Location: login.php');
}
?>
when I submit the form the page returns the script of index.php. When i refresh the page then the page shows the content of add_post.php and above all the data content of the form did not add to the database.
I don't know whats causing this problem and how to fix it.
This question already has an answer here:
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 6 years ago.
I checked source code ten times but can't find anymistake,for some reason i remember it was working now it doesn't work,i didn't change anything elsewhere to blame everything wors except update,when iclick Edit button it gives error,meaning that there was something wrong with query.
<?php
$editId = $_GET['id'];
$event = mysqli_query($con, "SELECT * FROM events WHERE id = '$editId'")->fetch_assoc();
if(isset($_POST['submit'])){
$name = $_POST['name'];
$description = $_POST['description'];
$date = $_POST['date'];
$artists = $_POST['artists'];
$tickets = $_POST['tickets'];
$updateQuery = mysqli_query($con, "UPDATE events SET name='$name',description='$description',date='$date', artists='$artists', ticket='$tickets' WHERE id = '$editId'");
}
?>
<?php if(isset($updateQuery) && $updateQuery): ?>
<div class="alert alert-success">
<strong>Successfully Edited</strong>
</div>
<?php endif; ?>
<?php if(isset($updateQuery) && !$updateQuery): ?>
<div class="alert alert-danger">
<strong>Error</strong>
</div>
<?php endif; ?>
<form action="<?php echo $app_host; ?>/admin/?page=editevent&id=<?php echo $editId; ?>" method="post">
<div class="form-group">
<label for="name">Name</label>
<input value="<?php echo $event['name']; ?>" required="true" type="text" class="form-control" id="name" name="name">
</div>
<div class="form-group">
<label for="description">Description</label>
<textarea class="form-control" id="description" name="description"><?php echo $event['description'];; ?></textarea>
</div>
<div class="form-group">
<label for="date">Date</label>
<input value="<?php echo $event['date']; ?>" required="true" type="text" class="form-control" id="date" name="date">
</div>
<div class="form-group">
<label for="artists">Artists</label>
<input value="<?php echo $event['artists']; ?>" required="true" type="text" class="form-control" id="artists" name="artists" data-role="tagsinput">
</div>
<div class="form-group">
<label for="tickets">Ticket Link</label>
<input value="<?php echo $event['tickets']; ?>" required="true" type="text" class="form-control" id="tickets" name="tickets" data-role="tagsinput">
</div>
<input name="submit" type="submit" class="btn btn-default" value="Edit Event" />
</form>
Okay,so you declare a variable ,
$tickets = $_POST['tickets'];
and than you say
$updateQuery = mysqli_query($con, "UPDATE events SET name='$name',description='$description',date='$date', artists='$artists', ticket='$tickets' WHERE id = '$editId'");
}
and solution is simple:
$updateQuery = mysqli_query($con, "UPDATE events SET name='$name',description='$description',date='$date', artists='$artists', tickets='$tickets' WHERE id = '$editId'");
}
simply changed 'ticket' in query to 'tickets'.