Cannot get this update script to execute

amnion · February 23, 2015, 9:25pm

I have a basic website set up with a forum and registration system. I am now working on adding the ability to edit content and update the db. I have yet to get any of the update portions of my site to work. This one loads the form with all the current data, but it doesn’t execute. It doesn’t seem to do anything at all. The same thing happens on any other page where I try to update the db with new info. Anyway, here is the code to the one for user profiles. I figure if I can get this one working I can fix the others.

<?php

include_once('includes/config.php');
include_once('classes/player.php');
include('includes/header.php');

$player = new Player;

if(isset($_GET['id']))
{
    if( $user->is_logged_in() && ($_SESSION['user_id'] == $_GET['id'])) 
    {
    $user_id = $_GET['id'];
    $data = $player->fetch_data($user_id);
    if(isset($_POST['submit']))
    {

        if (isset($_POST['user_name'], $_POST['user_signature'], $_POST['user_email'])) 
        {
            $name = $_POST['name'];
            $email = $_POST['email'];
            $sig = ($_POST['signature']);

            $query = $pdo->prepare('UPDATE users SET (user_name, user_email, user_signature) VALUES (?, ?, ?) WHERE user_id = ?');

            $query->bindValue(1, $name);
            $query->bindValue(2, $email);
            $query->bindValue(3, $sig);
            $query->bindValue(4, $user_id);
            $query->execute();
            
            header("location:player.php?id=".$_GET['id']); 
            exit;
        }
    }
    
?>
<div id = "wrapper">
        <div id = "header-style"><?php echo $data['user_name']; ?></div> 
			<section>                
				<?php if (isset($error)) { ?>
					<small><?php echo $error; ?></small>
				<?php } ?>
				<form action="<?php echo "edit_player.php?id=".$_GET['id']?>" method="post" autocomplete="off">
                    <small>Username</small><br/>
					<input type="text" name="name" placeholder="Something cool..." value="<?php echo $data['user_name']; ?>" /><br /><br />
                    <small>Email</small><br/>
					<input type="email" name="email" placeholder="Email" value="<?php echo $data['user_email']; ?>" /><br /><br />
                    <small>Dead Drop Signature (limit 30 characters)</small><br />
					<input type="text" name="signature" placeholder="Your tagline..." value="<?php echo $data['user_signature']; ?>" /><br/><br />
					<input type="submit" value="Update" />
				</form>
			</section>
	</div>	

<?php
    } else {
    //the user is not the same
	echo '<div id="errors">Sorry, you do not have sufficient rights to access this page.</div>';
    }
}
include('includes/footer.php');
?>

SpacePhoenix · February 23, 2015, 9:28pm

Has session_start() been used called already? (You’re making use of the $_SESSIOn array?

If you crank up PHP’s error reporting to maximum and set PHP to display errors (if it’s on a live server set it to log errors instead), what errors if any are given?

amnion · February 23, 2015, 9:30pm

Yeah, I have session start in my code but it still doesn’t do anything at all. Let me see about the error reporting.

amnion · February 23, 2015, 9:33pm

I get no errors or notices or anything. It just doesn’t execute at all. I’m using this for my errors on this page:

error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);

therockers · February 23, 2015, 9:58pm

If it’s not executing, it could be an interference with an included file. Does the page stop at any part of the page? Try viewing the source code. If something is wrong, it can actually display the error in the source code. Odd to say, but it does that sometimes. Well for me at least. If I don’t see either errors in my error log nor any errors on screen. I usually look at the source code. Sometimes the error can show up there as well.

amnion · February 23, 2015, 10:01pm

I haven’t seen any errors in the source code. The included config file simply connects me to the db. Of course my header is included there, the only other include is my classes/player.php. This is what that one looks like.

<?php

class Player {
	public function fetch_all() {
		global $pdo;
		
		$query = $pdo->prepare("SELECT * FROM users");
		$query->execute();
		
		return $query->fetchAll();
	}
	
	public function fetch_data($user_id) {
		global $pdo;
		
		$query = $pdo->prepare("SELECT * FROM users WHERE user_id = ?");
		$query->bindValue(1, $user_id);
		$query->execute();
		
		return $query->fetch();
	}
}

?>

droopsnoot · February 25, 2015, 11:26am

When you view the page source after the form has been drawn, what’s the code for the “form action=” line? The quotes are confusing me and I wonder if that’s parsing correctly.

Also, what’s the reason for passing the ‘id’ variable through as $GET rather than using a hidden form attribute so it can come through as part of the $POST array? I’ve seen it elsewhere and wondered if there’s a specific reason for it. To me it just seems confusing as the code is dealing with the results of a ‘method=“post”’ form, but accessing the $GET array.

Also, and more likely to prevent the data from being processed, you have this code:

        if (isset($_POST['user_name'], $_POST['user_signature'], $_POST['user_email']))

but then

            $name = $_POST['name'];
            $email = $_POST['email'];
            $sig = ($_POST['signature']);

The input tags don’t have “user_” at the start.

<input type="text" name="name" placeholder="Something cool..." value="<?php echo $data['user_name']; ?>" /><br /><br />

system · May 27, 2015, 6:36pm

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.