The following code is part of a longer script which allows me to edit users in my database. I figured out that it is this initial part of the script that is the problem. The error occurs when the script tries to look for a number ID value (of the user) and cannot… the latter part of the script (which I have not posted here) is therefore not executed. … Any help please ?

<?php # Script 9.3 - edit_user.php // This page is for editing a user record. // This page is accessed through view_users.php $page_title = 'Edit a User'; include('header.html'); echo '

Edit a User

'; //Check for a valid user ID, through GET or POST: if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { //From view_users.php $id = $_GET['id']; } elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission $id = $_POST['id']; } else { // No valid ID . kill the script. echo '

This is where the error occurs.

'; include('footer.html'); exit(); }

Hello,

The script you posted above works fine and as expected.

You do have a column in your database called ‘id’ don’t you? Good i thought so

I would suggest your problem may lie where you are calling the data from the database?
You would need to post the code here for me to check.

<?php # Script 9.3 - edit_user.php // This page is for editing a user record. // This page is accessed through view_users.php $page_title = 'Edit a User'; include('header.html'); echo '

Edit a User

'; //Check for a valid user ID, through GET or POST: if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { //From view_users.php $id = $_GET['id']; } elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission $id = $_POST['id']; } else { // No valid ID . kill the script. echo '

This is where the error occurs.

'; include('footer.html'); exit(); } require_once('../htdocs/mysqli_connect.php'); //Check if the form has been submitted: if (isset($_POST['submitted'])) { $errors = array(); //Check for a first name: if (empty($_POST['first_name'])) { $errors[] = 'You forgot to enter your first name.'; } else { $fn = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); } //Check for a last name: if (empty($_POST['last_name'])) { $errors[] = 'You forgot to enter your last name.'; } else { $ln = mysqli_real_escape_string($dbc, trim($_POST['last_name'])); } //Check for an email address: if (empty($_POST['email'])) { $errors[] = 'You forgot to enter your email address.'; } else { $e = mysqli_real_escape_string($dbc, trim($_POST['email'])); } if (empty($errors)) { //If everything's okay. //Test for unique email address: $q = "SELECT user_id FROM users WHERE email='$e' AND user_id != $id"; $r = @mysqli_query($dbc, $q); if (mysqli_num_rows($r) == 0) { //Make the query: $q = "UPDATE users SET first_name='$fn', last_name='$ln', email='$e', WHERE user_id=$id LIMIT 1"; $r = @mysqli_query ($dbc, $q); if (mysqli_affected_rows($dbc) == 1) { // If it ran OK //Print a message: echo '

The user has been edited.

'; } else { // If the query did not run OK echo '

The user could not be edited due to a system error. We apologize for any inconvenience

'; // Public message. echo '

' . mysqli_error($dbc) . '
Query: ' . $q . '

'; //Debugging Message. } } else { //Already Registered. echo '

The email address has already been registered.

'; } } else { // Report the errors. echo '

The following error(s) occured:
'; foreach($errors as $msg) { //Print each error. echo " - $msg
\n"; } echo '

Please try again.

'; } // End of if (empty($errors)) IF. } //End of submit conditional. //Always show the form... //Retrieve the user's information: $q = "SELECT first_name, last_name, email FROM users WHERE user_id=$id"; $r = @mysqli_query ($dbc, $q); if (mysqli_num_rows($r) ==1) { // Valid user ID shown in the form. // Get the user's information: $row = mysqli_fetch_array ($r, MYSQLI_NUM); // Create the form: echo '

First Name:

Last Name:

Email Address:

'; } else { // Not a valid user ID. echo '

This page has been accessed in error.

'; } mysqli_close($dbc); include('footer.html'); ?>

Here is the whole code. I also have a similar script for deleting a user, and the same error occurs as in this script! Thanks for all your help so far btw, it’s really appreiciated, as PHP is the first language that I’m learning - and without your help, I wouldn’t have progressed any further!

Hello

I have had a quick look through your script - big footy game on tv -

you call the connection using require_once and within that statement you have a path to the file

[php]require_once(’…/htdocs/mysqli_connect.php’);[/php]
you don’t need to write htdocs as that is the public folder.

change this to

[php]require_once($_SERVER[‘DOCUMENT_ROOT’] . ‘…/…/mysqli_connect.php’);[/php]

and place the mysqli_connect.php file ABOVE your public directory (htdocs).
You should not have connection files or password (or anything you don’t want the public to see) in the public directory.

If this doesn’t solve your problem post back and i’ll look into it further, (after the match ;D )

hmm… still not working …
perhaps it’s a configuration issue ?

ok, couple of things:

[php]$q = “UPDATE users SET first_name=’$fn’, last_name=’$ln’, email=’$e’ --> , <-- WHERE user_id=$id LIMIT 1”; // comma here not needed![/php]

there is an equals sign missing from this line in the value element:
[php]<input type=“hidden” name=“id” value"’ . $id . '" />[/php]

it should be:
[php][/php]

i’ve copied and altered the script (see below) for you to take and compare with yours see if you can see how i changed what, and why…

[php]

<?php # Script 9.3 - edit_user.php // This page is for editing a user record. // This page is accessed through view_users.php $page_title = 'Edit a User'; include('header.html'); echo '

Edit a User

'; //Check for a valid user ID, through GET or POST: if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { //From view_users.php $id = $_GET['id']; } elseif( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission $id = $_POST['id']; } else { // No valid ID . kill the script. echo '

This is where the error occurs.

'; //include('footer.html'); //exit(); } require_once($_SERVER['DOCUMENT_ROOT'] . '/connect.php'); // in public folder //require_once($_SERVER['DOCUMENT_ROOT'] . '../../connect.php'); // above public folder //Check if the form has been submitted: if (isset($_POST['submitted'])) { $errors = array(); echo $id; //Check for a first name: if(empty($_POST['first_name'])) { $errors[] = 'You forgot to enter your first name.'; } else { $fn = mysql_real_escape_string(trim($_POST['first_name'])); } //Check for a last name: if (empty($_POST['last_name'])) { $errors[] = 'You forgot to enter your last name.'; } else { $ln = mysql_real_escape_string(trim($_POST['last_name'])); } //Check for an email address: if (empty($_POST['email'])) { $errors[] = 'You forgot to enter your email address.'; } else { $e = mysql_real_escape_string(trim($_POST['email'])); } //If everything's okay. if (empty($errors)) { //Test for unique email address: $q = "SELECT user_id FROM users WHERE email='$e' AND user_id != $id"; $r = mysql_query($q); if (mysql_num_rows($r) == 0) { //Make the query: $q = "UPDATE users SET first_name='$fn', last_name='$ln', email='$e' WHERE user_id=$id LIMIT 1"; if (mysql_affected_rows($dbc) == 1) { // If it ran OK //Print a message: echo '

The user has been edited.

'; } else { // If the query did not run OK echo '

The user could not be edited due to a system error. We apologize for any inconvenience

'; // Public message. echo '

' . mysql_error() . '
Query: ' . $q . '

'; //Debugging Message. } } else { //Already Registered. echo '

The email address has already been registered.

'; } } else { // Report the errors. echo '

The following error(s) occured:
'; foreach($errors as $msg) { //Print each error. echo " - $msg
\n"; } echo '

Please try again.

'; } // End of if (empty($errors)) IF. } //End of submit conditional. //Always show the form... //Retrieve the user's information: $q = "SELECT first_name, last_name, email FROM users WHERE user_id=$id"; $r = @mysql_query ($q); if (mysql_num_rows($r) ==1) { // Valid user ID shown in the form. // Get the user's information: $row = mysql_fetch_array ($r, MYSQL_NUM); echo $id; // Create the form: echo '

First Name:

Last Name:

Email Address:

'; } else { // Not a valid user ID. echo '

This page has been accessed in error.

'; } mysql_close($dbc); include('footer.html'); ?>

[/php]

and here is your connect script: just add in your details (username, password etc)
[php]

<?php /*********************************************************************/ /* Database connection settings */ /*********************************************************************/ // Mysql stuff $db_con = ''; // Address of database $db_sel = ''; // Select database $db_user = ''; // Database username $db_pass = ''; // Database password // Attempt to connect to MySQL. if ( mysql_connect ($db_con, $db_user, $db_pass) ) { // Select the database if ( !mysql_select_db ($db_sel) ) { // If could not select database die ( '

Could not select database !!

' ); } } else { // If could not connect to MySQL. print '

Could not connect to database.

'; } ?>

[/php]

For the purpose of this script connect.php can be in your public folder, but for security reasons it shouldn’t be kept here. There is two lines (1 commented out) so you can choose where to put it.

I hope this helps

P.s: in the form anything AFTER the submit button won’t be sent so you can see i swapped the button to the bottom.

Hm… I did change what you suggested in my script, and now the error is different.
I didn’t use your data connection script/the changed script of mine you wrote, as I have about 5 other scripts that are written around the database connection script I already use… Hope that makes sense!

But yeh, now what I get is this :

The user could not be edited due to a system error. We apologize for any inconvenience

Query: UPDATE users SET first_name=‘sd’, last_name=‘sd’, email=‘13’ WHERE user_id=7 LIMIT 1

ps. the dodgy first name, last name and email, are because I just typed anything to test that writing a user to the database worked!

looks like your problem could be here:
[php]
$q = “UPDATE users SET first_name=’$fn’, last_name=’$ln’, email=’$e’ WHERE user_id=$id LIMIT 1”;
if (mysql_affected_rows($dbc) == 1)
[/php]

in the mysql_affected_rows change $dbc to $q as that is the query your running.

hmmmm…strange

changing to $q gives

( ! ) Warning: mysqli_affected_rows() expects parameter 1 to be mysqli, string given in C:\wamp\www\edit_user.php on line 59
Call Stack

Time Memory Function Location

1 0.0461 392792 {main}( ) …\edit_user.php:0
2 0.1186 401392 mysqli_affected_rows ( ) …\edit_user.php:59

The user could not be edited due to a system error. We apologize for any inconvenience

Query: UPDATE users SET first_name=‘sd’, last_name=‘sd’, email=‘13’ WHERE user_id=7 LIMIT 1

That is strange… The script i posted above i tested (obviously i changed the database/column names etc) but it returned the data i expected it to?

hm yeh … it is all a bit strange, cos I actually took the script from the book I’m following…

Not sure whether I should just leave it, and move on to something else, or whether to sit and wait for an answer

is it Larry Ulman: PHP / Mysql by any chance?? (script looks familiar thats why i ask)

got it!

i had to add the extension to get ‘mysqli’ to work - anyway, back to your problem…

the way you have set out the $_GET/$_POST if/else statement, will always cause an error unless the id is sent along with the request to view the page (ie:part of the link you clicked to get to the page or sent as $_POST[‘id’] )

thats part one of the problem (temporarily solved by adding ?id=1 (or any valid id) after the .php in the address bar)

now the form, change this: [php]action=“edit_user.php”[/php] to this [php]action=“edit_user.php?id=’ . $id . '”[/php] that way when you submit the form, the id is sent too.

you will have to decide how your going to send the id along with the call to the page.

Sorry it took so long, but hey, we’re there now

first things first, yes it is Larry Ullman

next-- i reverted back to if (mysqli_affected_rows($dbc) == 1) { , not $q, as this solved the mysql error that I got when it was $q.

Changing the form didn’t do anything - I am still getting the same error. However, I think you misunderstood a bit… The script goes as far as adding the user id on to the end of the url. Where it errors, is when i try and submit the ‘edit user’ form… I click submit, and then this comes up:
The user could not be edited due to a system error. We apologize for any inconvenience

Query: UPDATE users SET first_name=‘Larry’, last_name=‘Ullman’, email=‘[email protected]’ WHERE user_id=1 LIMIT 1

Ahh… Headache!

Good ol’ Larry There the books i learned from, found them to be the easiest out there to understand…
i recommend stopping by his site where you can download every script from the book (with any errors usually fixed)
his site: Larry Ulman

This bit has me curious??

How does the id get onto the end of the URL if its not sent in the form??
(for clarity: i mean the $_GET clause? when you first arrive on the page?)

!?!?!?!?

I download the script from his website and the same errors still come up!
ahhhh! - is it a config setting somewhere thats causing all of this ?

And just to clarify… Maybe I lied to myself,… I just realised that it doesn’t add the user id on to the end of the url, - it simply gets as far as trying to process the form, but can’t!