Forum Moderators: coopster
<?
# tip: its always best to have an include file with all your
# database information in one location. I'll post this file next.
include 'db.php';
# grab the POST variables from the HTML form,
# put them into PHP variables so we can work with them
$ud_id = $_POST['ud_id'];
$ud_title = $_POST['ud_title'];
$ud_article = $_POST['ud_article'];
$ud_blurb = $_POST['ud_blurb'];
$ud_author = $_POST['ud_author'];
$ud_sdate = $_POST['ud_sdate'];
$ud_simage = $_POST['ud_simage'];
$ud_id = stripslashes($ud_id);
$ud_title = stripslashes($ud_title);
$ud_article = nl2br($ud_article);
$ud_blurb = nl2br($ud_blurb);
$ud_author = stripslashes($ud_author);
$ud_sdate = stripslashes($ud_sdate);
$ud_simage = stripslashes($ud_simage);
# everything checks out so far, so lets update the story!
$sql = mysql_query ("UPDATE news SET title='$ud_title', article='$ud_article', blurb='$ud_blurb', author='$ud_author', sdate='$ud_sdate', simage='$ud_simage' WHERE id='$ud_id'");
mysql_close();
echo 'News Story Updated Successfully. Return to Admin Area. <a href="newsadmin.php">here</a>';
?>
Welcome to WebmasterWorld. :)
A couple of things. Firstly, use mysql_error for debugging. This usually helps find a database error.
$sql = mysql_query ("UPDATE news SET title='$ud_title', article='$ud_article', blurb='$ud_blurb', author='$ud_author', sdate='$ud_sdate', simage='$ud_simage' WHERE id='$ud_id'") or die(mysql_error());
Secondly, always use mysql_real_escape_string [php.net] when sending post data to your database. An easy way to prepare data for importing is to use array_map [php.net]. So, before your query add:
$_POST = array_map('mysql_real_escape_string',$_POST);
My guess is you probably have a single quote or some other character thats causing the query to fail.
dc
Thanks a lot for the warm welcome. :)
I can't see any obvious errors in the code, which is very frustrating! More so because I am trying to write this for a client who wants it tomorrow!
