search

thedigicraft / Atom.CMS

Atom.CMS
56 stars 50 forks source link

Part 44 getting an error #149

Open yoshiy22 opened 9 years ago

yoshiy22 commented 9 years ago

this is the error i am recieving have any idea how this can be fixed?

Page could not be added

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'body = ' UPDATE pages SET user = 3, slug = 'about-us', title = 'About Us 23', label = 'About', header = 'About Dynamic CMS' body = '

\"\" There are many variations of passages of Lorem Ipsum available, but the majority have suffered alteration in some form, by injected humour, or randomised words which don\'t look even slightly believable. If you are going to use a passage of Lorem Ipsum, you need to be sure there isn\'t anything embarrassing hidden in the middle of text. All the Lorem Ipsum generators on the Internet tend to repeat predefined chunks as necessary, making this the first true generator on the Internet. It uses a dictionary of over 200 Latin words, combined with a handful of model sentence structures, to generate Lorem Ipsum which looks reasonable. The generated Lorem Ipsum is therefore always free from repetition, injected humour, or non-characteristic words etc.

' WHERE id = 2

creptor commented 9 years ago

alright, please post your query php code, and an example of how is being inputted the text into your form please (html and database). I'll be happy to help :smile:. It doesn't matter if the text is Spanish (I speak Spanish), but please write everything here on English, so other people can solve this problem if they have it too.

yoshiy22 commented 9 years ago 
<?php 

if (isset($_POST['submitted']) == 1) {
    $title = mysqli_real_escape_string($dbc, $_POST['title']);
    $label = mysqli_real_escape_string($dbc, $_POST['label']);
    $header = mysqli_real_escape_string($dbc, $_POST['header']);
    $body = mysqli_real_escape_string($dbc, $_POST['body']);

    if (isset($_POST['id']) != '') {
        $action = 'updated';

        $q = "UPDATE pages SET user = $_POST[user], slug = '$_POST[slug]', title = '$title', label = '$label', header = '$header' body = '$body' WHERE id = $_POST[id]";
    } else {
        $action = 'added';
        $q = "INSERT INTO pages (user, slug, title, label, header, body) VALUES ($_POST[user], '$_POST[slug]', '$title', '$label', '$header', '$body')";
    }

    $r = mysqli_query($dbc, $q);

    if ($r) {
        $message = '<p>Page was '.$action.'!</p>';
    } else {
        $message = '<p>Page could not be '.$action.' because </p>'.mysqli_error($dbc);
        $message .= '<p>'.$q.'</p>';
    }

}

?>

<form action="index.php?id=<?= $opened['id'] ;?>" method="POST" role="form">
    <div class="form-group">
        <label for="title">Title:</label>
        <input class="form-control" type="text" name="title" id="title" value="<?= $opened['title'];?>" placeholder="Page Title">
    </div>
    <div class="form-group">
        <label for="user">User:</label>
        <select class="form-control" name="user" id="user">
        <option value="0">No user</option>
            <?php 

            $q = "SELECT id FROM users ORDER BY first ASC";
            $r = mysqli_query($dbc, $q);

            while ($user_list = mysqli_fetch_assoc($r)) { 

            $user_data = data_user($dbc, $user_list['id']);

            ?>

        <option value="<?= $user_data['id'];?>" 
            <?php
                if (isset($_GET['id'])) {
                    selected($user_data['id'], $opened['user'], 'selected');
                    } else {
                    selected($user_data['id'], $user['id'], 'selected');
                     }

                    ?>><?= $user_data['fullname'] ;?></option>

                    <?php } ?>

                </select>
            </div>
            <div class="form-group">
                <label for="slug">Slug:</label>
                <input class="form-control" type="text" name="slug" id="slug" value="<?= $opened['slug'];?>" placeholder="Page Label">
            </div>
            <div class="form-group">
                <label for="label">Label:</label>
                <input class="form-control" type="text" name="label" id="label" value="<?= $opened['label'];?>" placeholder="Page Label">
            </div>
            <div class="form-group">
                <label for="header">Header:</label>
                <input class="form-control" type="text" name="header" id="header" value="<?= $opened['header'];?>" placeholder="Page Header">
            </div>
            <div class="form-group">
                <label for="body">Body:</label>
                <textarea class="form-control editor" id="body" name="body" rows="8"><?= $opened['body'];?></textarea>
            </div>
            <button type="submit" class="btn btn-default">Save</button>
            <input type="hidden" name="submitted" value="1">
            <input type="hidden" name="id" value="<?= $opened['id']; ?>">
        </form>

screenshot 2015-11-28 17 52 51 screenshot 2015-11-28 17 52 35 screenshot 2015-11-28 17 52 14

yoshiy22 commented 9 years ago

screenshot 2015-11-28 17 57 16

creptor commented 9 years ago

one question... are you adding or updating a page?

yoshiy22 commented 9 years ago

updating

creptor commented 9 years ago

try this line of code if(isset($_POST['id'])&&is_numeric($_POST['id'])){ as a replacement of this if (isset($_POST['id']) != '') {

yoshiy22 commented 9 years ago

just tired it and this came up again Page could not be updated because

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'body = ' UPDATE pages SET user = 3, slug = 'about-us', label = 'About', title = 'About Us', header = 'About Dynamic CMS' body = '

\"\" There are many variations of passages of Lorem Ipsum available, but the majority have suffered alteration in some form, by injected humour, or randomised words which don\'t look even slightly believable. If you are going to use a passage of Lorem Ipsum, you need to be sure there isn\'t anything embarrassing hidden in the middle of text. All the Lorem Ipsum generators on the Internet tend to repeat predefined chunks as necessary, making this the first true generator on the Internet. It uses a dictionary of over 200 Latin words, combined with a handful of model sentence structures, to generate Lorem Ipsum which looks reasonable. The generated Lorem Ipsum is therefore always free from repetition, injected humour, or non-characteristic words etc.

' WHERE id = 2

creptor commented 9 years ago

at least now it says update, now why does it have \"\" at the beginning? anything was inputted before that?, if not, please add a echo $q so that the query appears with the error message.

yoshiy22 commented 9 years ago

SELECT * FROM pages WHERE id = 2

yoshiy22 commented 9 years ago

thats what "echo $q" shows

creptor commented 9 years ago

i'm sorry.... I would like the inputted body, and a echo $body please, so that way I can find out what's wrong :cry:

creptor commented 9 years ago

please just as it is, any especial characters included. (spaces too)