 |
BOOK: Beginning PHP 6, Apache, MySQL 6 Web Development ISBN: 9780470391143
 | This is the forum to discuss the Wrox book Beginning PHP 6, Apache, MySQL 6 Web Development by Timothy Boronczyk, Elizabeth Naramore, Jason Gerner, Yann Le Scouarnec, Jeremy Stolz; ISBN: 9780470391143 |
|
Welcome to the p2p.wrox.com Forums.
You are currently viewing the BOOK: Beginning PHP 6, Apache, MySQL 6 Web Development ISBN: 9780470391143 section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
|
|
|
November 25th, 2009, 10:04 PM
|
|
Registered User
|
|
Join Date: Nov 2009
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
Chapter 13 - Submit Article - Errata
Using files supplied online, and comparing to the book, the code provided in chapter 13: Building a Content Management System does not permit one to post article_text to the MySQl database. We cannot compose an article and post it to a table (and it doesn't show up as a pending article. Everything else about the application works. Is there a correction available? Other than that, great book. Thanks. Steve
|
June 30th, 2010, 08:58 AM
|
|
Registered User
|
|
Join Date: Jun 2010
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
I have the same problem, I downloaded the files and typed out the code from the book and it doesn't work, I can't seem to find any problem in the code as far as I can see. Can anyone give some light on this problem?
|
June 30th, 2010, 09:57 AM
|
|
Registered User
|
|
Join Date: Jun 2010
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
I started to mess with the code and I think there is a problem with the if statement in the creation of the entry
PHP Code:
if (isset($_SESSION['user_id']) && !empty($title) &&
!empty($article_text)) {
$sql = 'INSERT INTO cms_articles
(user_id, submit_date, title, article_text)
VALUES
(' . $_SESSION['user_id'] . ',
"' . date('Y-m-d H:i:s') . '",
"' . mysql_real_escape_string($title, $db) . '",
"' . mysql_real_escape_string($article_text, $db) . '")';
mysql_query($sql, $db) or die(mysql_error($db));
}
redirect('cms_index.php');
break;
I tested it by commenting out the redirect and placing an echo in the if statement and the echo was never displayed:
PHP Code:
if (isset($_SESSION['user_id']) && !empty($title) &&
!empty($article_text)) {
echo 'Hello World';
$sql = 'INSERT INTO cms_articles
(user_id, submit_date, title, article_text)
VALUES
(' . $_SESSION['user_id'] . ',
"' . date('Y-m-d H:i:s') . '",
"' . mysql_real_escape_string($title, $db) . '",
"' . mysql_real_escape_string($article_text, $db) . '")';
mysql_query($sql, $db) or die(mysql_error($db));
}
// redirect('cms_index.php');
break;
I changed the if statement so it is always true to see if I can have have the data entered into the database I get an error:
PHP Code:
if (1 == 1) {
$sql = 'INSERT INTO cms_articles
(user_id, submit_date, title, article_text)
VALUES
(' . $_SESSION['user_id'] . ',
"' . date('Y-m-d H:i:s') . '",
"' . mysql_real_escape_string($title, $db) . '",
"' . mysql_real_escape_string($article_text, $db) . '")';
mysql_query($sql, $db) or die(mysql_error($db));
}
// redirect('cms_index.php');
break;
Code:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' "2010-06-30 10:44:56", "Hello", ' at line 4
|
September 17th, 2010, 05:21 AM
|
|
Authorized User
|
|
Join Date: Jun 2010
Location: Bra - Italy
Posts: 36
Thanks: 1
Thanked 1 Time in 1 Post
|
|
In these script there are several errors, start with cms_compose.php
PHP Code:
<tr>
<td><label for="title">Title:</label></td>
<td><input type="text" name="title" id="title" maxlength="255"
value="<?php echo htmlspecialchars($title); ?>"/></td>
</tr><tr>
<td><label for="article_text">Text:</label></td>
<td><textarea name="article_text" name="article_text" rows="10"
cols="60"><?php echo htmlspecialchars($article_text); ?></textarea></td>
</tr><tr>
There are two name="article_text", one must be id="article_text"
next problem:
PHP Code:
if (empty($article_id)) {
echo '<input type="submit" name="action" "value="Submit New Article"/>';
} else {
echo '<input type="hidden" name="article_id" value="' . $article_id . '"/>';
echo '<input type="submit" name="action" "value="Save Changes"/>';
}
look the html syntax, just before value="Submit New Article" and "Save Changes" there are two (") character, they must be deleted.
Next step, cms_transact_article.php
PHP Code:
case 'Submit New Article':
$title = (isset($_POST['title'])) ? $_POST['title'] : '';
$article_text = (isset($_POST['article_text'])) ? $_POST['article_text']
: '';
if (isset($_SESSION['user_id']) && !empty($title) &&
!empty($article_text)) {
$sql = 'INSERT INTO cms_articles
(user_id, submit_date, title, article_text)
VALUES
(' . $_SESSION['user_id'] . ',
"' . date('Y-m-d H:i:s') . '",
"' . mysql_real_escape_string($title, $db) . '",
"' . mysql_real_escape_string($article_text, $db) . '")';
mysql_query($sql, $db) or die(mysql_error($db));
}
redirect('cms_index.php');
break;
The script seems only redirect to the cms_index.php, normal behavior if the conditions "(isset($_SESSION['user_id']) && !empty($title) && !empty($article_text))" are not valid.. but.. also the mysql syntax can have errors, just try to delete all the "if" cicle, the script will return the error:
Quote:
|
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' "2010-06-30 10:44:56", "Hello", ' at line 4
|
.
Probably the syntax date('Y-m-d H:i:s') is not correct, or the database settings are wrong for receive this input.. I will try to fix it as soon is possible.. bye
Last edited by DMatt; September 17th, 2010 at 10:50 AM..
|
September 21st, 2010, 04:30 PM
|
|
Authorized User
|
|
Join Date: Jun 2010
Location: Bra - Italy
Posts: 36
Thanks: 1
Thanked 1 Time in 1 Post
|
|
Ok, i fix it... finally...
For enter the article data in the database and show them, we have to modify 2 script: cms_transact_article.php and cms_compose.php
The right solution for cms_transact_article is here:
PHP Code:
case 'Submit New Article':
$title = (isset($_POST['title'])) ? $_POST['title'] : '';
$article_text = (isset($_POST['article_text'])) ? $_POST['article_text'] : '';
$user_id = (isset($_POST['user_id'])) ? $_POST['user_id'] : '';
if (!empty($user_id) && !empty($title) && !empty($article_text)) {
$sql = "INSERT INTO cms_articles
(user_id, submit_date, title, article_text)
VALUES
('$user_id', NOW(), '$title', '$article_text')";
mysql_query($sql, $db) or die (mysql_error($db));
}
redirect('cms_index.php');
break;
and the cms_compose is here:
PHP Code:
if (empty($article_id)) {
echo '<input type="hidden" name="user_id" value="' . $_SESSION['user_id'] . '"/>';
echo '<input type="submit" name="action" value="Submit New Article"/>';
The problem was an incorrect syntax of mysql instructions and the value of $_SESSION['user_id'] that wasn't passed through the pages.. As you look i've fix the syntax problems first, and after set user_id like a "post" data..
The comments have the same problems... This book is full of f*****g errors..
|
October 14th, 2010, 02:15 AM
|
|
Authorized User
|
|
Join Date: Sep 2010
Posts: 20
Thanks: 0
Thanked 2 Times in 2 Posts
|
|
Nice work DMatt! I changed your code a little bit in cms_transact to pass values to mysql_real_escape_string() like this:
Code:
$title = (isset($_POST['title'])) ? mysql_real_escape_string($_POST['title'], $db) : '';
$article_text = (isset($_POST['article_text'])) ? mysql_real_escape_string($_POST['article_text'], $db) : '';
$user_id = (isset($_POST['user_id'])) ? $_POST['user_id'] : '';
This is because it's very dangerous to let users enter outside data into the datasbase without cleaning first. $user_id doesn't need it because it's value is generated internally.
Last edited by bopjo1; October 14th, 2010 at 02:19 AM..
|
November 13th, 2010, 07:56 AM
|
|
Registered User
|
|
Join Date: Nov 2010
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
I use DMatt's code but it doesn't work ,finaly iI fount the error
The "cms_compose.php" If we do like this :
Code:
require 'db.inc.php';
include 'cms_header.inc.php';
$db = mysql_connect(MYSQL_HOST,MYSQL_USER,MYSQL_PASSWORD) or
die ('Unable to connect .Check your connection parameters.');
mysql_select_db(MYSQL_DB,$db) or die(mysql_error($db));
$action = (isset($_GET['action'])) ? $_GET['action'] : '';
$article_id = (isset($_GET['article_id']) && ctype_digit($_GET['article_id'])) ? $_GET['article_id'] : '';
$title = (isset($_POST['title'])) ? $_POST['title'] : '';
$article_text = (isset($_POST['article_text'])) ? $_POST['article_text'] : '';
//$user_id = (isset($_POST['user_id'])) ? $_POST['user_id'] : '';//delete this row
and edit the "cms_transact_article.php" Add "session_start()"
Code:
require_once 'db.inc.php';
require_once 'cms_http_functions.inc.php';
session_start();//add this row
$db = mysql_connect(MYSQL_HOST,MYSQL_USER,MYSQL_PASSWORD) or
die ('Unable to connect .Check your connection parameters.');
mysql_select_db(MYSQL_DB,$db) or die(mysql_error($db));
if (isset($_REQUEST['action']))
{
switch ($_REQUEST['action'])
{
case 'Submit New Article':
$title = (isset($_POST['title'])) ? $_POST['title'] : '';
$article_text = (isset($_POST['article_text'])) ? $_POST['article_text']: '';
if (isset($_SESSION['user_id']) && !empty($title) &&
!empty($article_text)) {
$sql = 'INSERT INTO cms_articles
(user_id, submit_date, title, article_text)
VALUES
(' . $_SESSION['user_id'] . ',
"' . date('Y-m-d H:i:s') . '",
"' . mysql_real_escape_string($title, $db) . '",
"' . mysql_real_escape_string($article_text, $db) . '")';
mysql_query($sql, $db) or die(mysql_error($db));
}
redirect('cms_index.php');
break;
and we can find it work . I 'm from china so my English is terrible ,forgive me!
The $_SESSION['user_id'] is always exist.and it's value only be changed in "cms_compose.php" "";
Last edited by jackzengfanwei; November 13th, 2010 at 08:03 AM..
|
February 11th, 2014, 08:02 AM
|
|
Registered User
|
|
Join Date: Feb 2014
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
|
|
ch13 cms_transact_article.php
I also Download ch13 full code from this site .
but unfortunately that problem is still continue.
my actually problem is not inserting data in data base
& editing problem
plz solve is
Code:
<?php
require_once 'db.inc.php';
require_once 'cms_http_functions.inc.php';
$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or
die ('Unable to connect. Check your connection parameters.');
mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));
if (isset($_REQUEST['action'])) {
switch ($_REQUEST['action']) {
case 'Submit New Article':
$title = (isset($_POST['title'])) ? $_POST['title'] : '';
$article_text = (isset($_POST['article_text'])) ? $_POST['article_text']
: '';
if (isset($_SESSION['user_id']) && !empty($title) &&
!empty($article_text)) {
$sql = 'INSERT INTO cms_articles
(user_id, submit_date, title, article_text)
VALUES
(' . $_SESSION['user_id'] . ',
"' . date('Y-m-d H:i:s') . '",
"' . mysql_real_escape_string($title, $db) . '",
"' . mysql_real_escape_string($article_text, $db) . '")';
mysql_query($sql, $db) or die(mysql_error($db));
}
redirect('cms_index.php');
break;
case 'Edit':
redirect('cms_compose.php?action=edit&article_id=' . $_POST['article_id']);
break;
case 'Save Changes':
$article_id = (isset($_POST['article_id'])) ? $_POST['article_id'] : '';
$user_id = (isset($_POST['user_id'])) ? $_POST['user_id'] : '';
$title = (isset($_POST['title'])) ? $_POST['title'] : '';
$article_text = (isset($_POST['article_text'])) ? $_POST['article_text']
: '';
if (!empty($article_id) && !empty($title) && !empty($article_text)) {
$sql = 'UPDATE cms_articles SET
title = "' . mysql_real_escape_string($title, $db) . '",
article_text = "' . mysql_real_escape_string($article_text,
$db) . '",
submit_date = "' . date('Y-m-d H:i:s') . '"
WHERE
article_id = ' . $article_id;
if (!empty($user_id)) {
$sql .= ' AND user_id = ' . $user_id;
}
mysql_query($sql, $db) or die(mysql_error($db));
}
if (empty($user_id)) {
redirect('cms_pending.php');
} else {
redirect('cms_cpanel.php');
}
break;
case 'Publish':
$article_id = (isset($_POST['article_id'])) ? $_POST['article_id'] : '';
if (!empty($article_id)) {
$sql = 'UPDATE cms_articles SET
is_published = TRUE,
publish_date = "' . date('Y-m-d H:i:s') . '"
WHERE
article_id = ' . $article_id;
mysql_query($sql, $db) or die(mysql_error($db));
}
redirect('cms_pending.php');
break;
case 'Retract':
$article_id = (isset($_POST['article_id'])) ? $_POST['article_id'] : '';
if (!empty($article_id)) {
$sql = 'UPDATE cms_articles SET
is_published = FALSE,
publish_date = "0000-00-00 00:00:00"
WHERE
article_id = ' . $article_id;
mysql_query($sql, $db) or die(mysql_error($db));
}
redirect('cms_pending.php');
break;
case 'Delete':
$article_id = (isset($_POST['article_id'])) ? $_POST['article_id'] : '';
if (!empty($article_id)) {
$sql = 'DELETE a, c FROM
cms_articles a LEFT JOIN cms_comments c ON
a.article_id = c.article_id
WHERE
a.article_id = ' . $article_id . ' AND
is_published = FALSE';
mysql_query($sql, $db) or die(mysql_error($db));
}
redirect('cms_pending.php');
break;
case 'Submit Comment':
$article_id = (isset($_POST['article_id'])) ? $_POST['article_id'] : '';
$comment_text = (isset($_POST['comment_text'])) ?
$_POST['comment_text'] : '';
if (isset($_SESSION['user_id']) && !empty($article_id) &&
!empty($comment_text)) {
$sql = 'INSERT INTO cms_comments
(article_id, user_id, comment_date, comment_text)
VALUES
(' . $article_id . ',
' . $_SESSION['user_id'] . ',
"' . date('Y-m-d H:i:s') . '",
"' . mysql_real_escape_string($comment_text, $db) . '")';
mysql_query($sql, $db) or die(mysql_error($db));
}
redirect('cms_view_article.php?article_id=' . $article_id);
break;
default:
redirect('cms_index.php');
}
} else {
redirect('cms_index.php');
}
?>
|
|
Similar Threads
