www.webdeveloper.com
Page 1 of 2 12 LastLast
Results 1 to 15 of 17

Thread: PHP refuses to read one of my variables in a MySQL query

  1. #1
    Join Date
    Jul 2009
    Posts
    23

    Exclamation PHP refuses to read one of my variables in a MySQL query

    I'm using $_GET to grab an id from the URL and then storing this in a variable called $taskid like so:

    $taskid = $_GET['id'];

    This works fine, however earlier in my code I have an UPDATE SQL statement that updates the task when the submit button is pressed, which looks like this:

    $updatelist = "UPDATE list SET name='".$_POST['name']."' WHERE taskid = '$taskid'";
    $result = mysql_query($updatelist);

    For some reason the query does nothing as it fails to read the $taskid variable. However the variable is read with no problem further down in the code. I've tried re-declaring the variable above the query with no luck.

    I will be HUGELY appreciative to anyone that can provide any help, this problem has been driving me up the wall for a while. Thanks!

  2. #2
    Join Date
    Dec 2005
    Posts
    2,984
    Well, if the code is completely procedural with no functions in it like this:

    Code:
    //query is here
    
    $taskid = $_GET['id'];
    
    //further usage of $taskid works
    Then it's fairly obvious that $taskid can't be read by the query because it's not declared yet.

    Why it doesn't work when you move declaration of the variable id before the query, I don't know....but I think the bigger issue is why are you assigning a variable to a variable?

    Why not just use the $_GET variable without giving it a different name?

    PHP Code:
    $updatelist "UPDATE list SET name='".$_POST['name']."' WHERE taskid = '".mysql_real_escape_string($_GET['id'])."'";
    $result mysql_query($updatelist); 

  3. #3
    Join Date
    Jul 2009
    Location
    Falls Church, Va.
    Posts
    780
    Based solely on your comment, exactly as you posted it...

    PHP Code:
    however earlier in my code I have an UPDATE SQL statement 
    Um, I'm guessin' you need to move the $taskid=$_GET['id'] before the update statement.

    You didn't say what $taskid was set to earlier! PHP will default the string to a null value until it's defined otherwise.

    If this turns out not to be the case, apologies for over simplifying and please post the relevant code so we can look more closely.

    jim

  4. #4
    Join Date
    Jul 2009
    Location
    Falls Church, Va.
    Posts
    780
    Quote Originally Posted by aj_nsc View Post
    Why not just use the $_GET variable without giving it a different name?
    True. I'm not disagreeing with you on your advice to this OP, just sometimes I personally like to do stuff like this:

    $taskid=(isset($_GET['id']) && !empty($_GET['id'])) ? intval(trim($_GET['id'])) : 0;

    That allows me to preserve the original value of $GET['id'] which might be necessary sometimes for conditions later in the code, plus I'm not simply copying the value -- I'm testing and cleaning it up to ensure it's an integer or it defaults to 0 otherwise. Just a quickie example, not saying this is perfect code and for all situations.

    -jim

  5. #5
    Join Date
    Jul 2009
    Posts
    23
    Thanks for all the replies, they've been massively helpful. Just to confirm I've tried declaring the variable directly before the update statement, but it doesn't get the value:

    Code:
    $taskid = $_GET['id'];
    $updatelist = "UPDATE list SET name='".$_POST['name']."' WHERE taskid = '$taskid'";
    $result = mysql_query($updatelist);
    Ive also tried doing it this way, with no luck:

    Code:
    $updatelist = "UPDATE list SET name='".$_POST['name']."' WHERE taskid = '".mysql_real_escape_string($_GET['id'])."'";
    $result = mysql_query($updatelist);
    Furthermore I tried placing the following before the UPDATE statement and it didn't work:

    Code:
    $taskid=(isset($_GET['id']) && !empty($_GET['id'])) ? intval(trim($_GET['id'])) : 0;
    Yet the PHP successfully retrieves the id further down in the code in a SELECT statement and when I put a value in the SQL statement instead of the variable, it works.

    If you're still baffled let me know and I'll post larger chunks of the code or something.

    Thank you again!

  6. #6
    Join Date
    Mar 2007
    Posts
    946
    Can you run the command if you fill in the details by hard coding it for testing purposes?

    Like
    PHP Code:
    $updatelist "UPDATE list SET name='Test_Name' WHERE taskid = '1'"
    The other thing I wonder if the database user you are using doesn't have the permission to update data. I don't know if you would get a error from this or not.

  7. #7
    Join Date
    Jul 2009
    Posts
    23
    Quote Originally Posted by skywalker2208 View Post
    Can you run the command if you fill in the details by hard coding it for testing purposes?

    Like
    PHP Code:
    $updatelist "UPDATE list SET name='Test_Name' WHERE taskid = '1'"
    The other thing I wonder if the database user you are using doesn't have the permission to update data. I don't know if you would get a error from this or not.
    I can confirm if I hard code the values in the query executes correctly.

    For instance if I run the following query:

    $updatelist = "UPDATE list SET name='".$_POST['name']."' WHERE taskid = '1'";
    $result = mysql_query($updatelist);

    It will successfully update the task.

  8. #8
    Join Date
    Jul 2009
    Posts
    23
    Sorry if it's a bit vague currently, to provide a better idea about the problem I am posting the code (ommitting unnecessary and unrelated html and php).

    Please let me know if you spot any problems that prevent the variable $taskid from being used in the UPDATE query.

    PHP Code:
    <?php
    include("scripts/dbconnection.php"); //start database connection 

    //checks cookies to make sure they are logged in
    if(isset($_COOKIE['ID_my_site']))
    {
    $email $_COOKIE['ID_my_site'];
    $pass $_COOKIE['Key_my_site'];
    $check mysql_query("SELECT * FROM user WHERE email = '$email'")or die(mysql_error());
    while(
    $info mysql_fetch_array$check ))
    {

    //if the cookie has the wrong password, they are taken to the login page
    if ($pass != $info['password'])
    header("Location: login.php");
    }

    //otherwise they are shown the admin area
    else
    {
    }
    }
    }
    else

    //if the cookie does not exist, they are taken to the login screen
    {
    header("Location: login.php");
    }
    ?>
    <?php
    //This code runs if the form has been submitted
    if (isset($_POST['ieproblem'])) {

    //Ensure no fields are left blank
    if (!$_POST['task'] | !$_POST['name']) {
    die(
    '<script type="text/javascript">
    alert("Incomplete Form. \n \nPlease fill in all of the required fields. \n")
    window.location="javascript:history.go(-1)";
    </script>'
    );
    }

    // Get the current users id
    $getuserid "SELECT userid FROM user WHERE email = '$email'"
    $uidresult mysql_query($getuserid);
    while(
    $getuserid_row mysql_fetch_assoc($uidresult))
    foreach(
    $getuserid_row as $key => $activeuserid)

    $taskid $_GET['id'];

    // Update the record in the database
    $updatelist "UPDATE list SET name='".$_POST['name']."' WHERE taskid = '$taskid'"// This query does NOT work - It fails to retrieve the variable $taskid
    $result mysql_query($updatelist);

    // Redirect browser
    header("Location: list.php");
    // Ensure code below does not execute on redirect
    exit;

    }
    else
    {
    ?>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
    <html>
    <head>
    </head>
    <body>
    <?php

    $taskid 
    $_GET['id'];

    // Get the task
    $tdetails "SELECT * FROM list WHERE taskid = '$taskid'"// This query works - It successfully retrieves the variable $taskid
    $tresult mysql_query($tdetails);
    ?>
    </body>
    </html>
    <?php
    }
    ?>

  9. #9
    Join Date
    Dec 2005
    Posts
    2,984
    Add some breakpoints in your code and some echo statements for debugging purposes just to make sure your code is working.

    Also, with all those if else statements, it begs the question - is that section of code even getting executed?

  10. #10
    Join Date
    Mar 2007
    Posts
    946
    I would suggest trying to print your query to the screen to see what the query actually looks like

    PHP Code:
    echo "UPDATE list SET name='".$_POST['name']."' WHERE taskid = '$taskid'"

  11. #11
    Join Date
    Dec 2008
    Posts
    64
    'm not sure if this will help but when i use variables in a update/search command i have had to do it like this...

    PHP Code:
    $query=("SELECT * FROM `".$table."` WHERE X BETWEEN ".$Xcord." AND ".$newmaxX." "); 
    in the above example

    ".$Xcord." and $newmaxX are variables and X is a database column name


    I got so tied up with this type of thing trying to differentiate between

    PHP Code:
    ' ` " 
    Adrian

  12. #12
    Join Date
    Jul 2009
    Posts
    23
    Okay, I've manage to identify where the problem is happening. When I echo out the $taskid variable above the
    PHP Code:
     if (isset($_POST['submit'])) { 
    to check if the form is submitted, the correct ID is outputted. However if I try to declare and get the ID underneith
    PHP Code:
     if (isset($_POST['submit'])) { 
    the variable is empty.

    PHP Code:
    $taskid $_GET['id']; // This successfully gets the id
    echo $taskid// This successfully echo's the id

    //This code runs if the form has been submitted
    if (isset($_POST['submit'])) {

    $taskid $_GET['id']; // This returns nothing
    echo $taskid// This echo's nothing 
    What could possibly be stopping the variable from being read after the statement that checks if the submit button has been pressed?

  13. #13
    Join Date
    Jul 2009
    Posts
    23
    Thank you everyone for your help. Problem has been solved!

    I believe the issue was caused by PHP Bug #18251 which causes lost variables from post action. Further down in the code where the variable was being read, I placed a hidden input field with the $taskid variable in, like so:

    PHP Code:
    <input type="hidden" name="taskid" value="<?php echo"$taskid"  ?>" />
    Then I used $_POST to get the value from the form:

    PHP Code:

    $updatelist 
    "UPDATE list SET name='".$_POST['name']."' WHERE taskid = '".$_POST['taskid']."'"
    I hope that this helps anyone else that experiences this problem, to overcome it.

  14. #14
    Join Date
    Jan 2010
    Posts
    13
    Quote Originally Posted by SrWebDeveloper View Post
    True. I'm not disagreeing with you on your advice to this OP, just sometimes I personally like to do stuff like this:

    $taskid=(isset($_GET['id']) && !empty($_GET['id'])) ? intval(trim($_GET['id'])) : 0;

    That allows me to preserve the original value of $GET['id'] which might be necessary sometimes for conditions later in the code, plus I'm not simply copying the value -- I'm testing and cleaning it up to ensure it's an integer or it defaults to 0 otherwise. Just a quickie example, not saying this is perfect code and for all situations.

    -jim
    Why not just

    Code:
    $taskid=(int)trim($_GET["id"]);
    ?

  15. #15
    Join Date
    Jul 2009
    Location
    Falls Church, Va.
    Posts
    780
    My explanation above explains why in detail. Yours doesn't do all of that.

    This isn't a contest to minimize code!!!!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles