search

thedigicraft / Atom.CMS

Atom.CMS
56 stars 52 forks source link

I have some issues when i tried to update pages, please help #254

Closed Th3-Gh057 closed 5 years ago

Th3-Gh057 commented 5 years ago

For couple of days I have an error on my admin page, if I want to update the title or anything from an existing page when I hit the save button, the page is not updating but it create a new one with the same content as the existing one and instead of 'page was update' message I receive 'page was added' .. I put here queries.php and pages.php in the case someone can help me with this issue, thanks

queries.php

<?php

    switch ($page) {

        case 'dashboard':

        break;

        case 'pages':

            if(isset($_POST['submitted'])&&$_POST['submitted'] == 1) {

                $title = mysqli_real_escape_string($dbc, $_POST['title']);
                $label = mysqli_real_escape_string($dbc, $_POST['label']);
                $header = mysqli_real_escape_string($dbc, $_POST['header']);
                $body = mysqli_real_escape_string($dbc, $_POST['body']);

                if(isset($_POST['id']) AND $_POST['id'] != '') {

                    $action = 'updated';
                    $q = "UPDATE pages SET user = $_POST[user], slug = '$_POST[slug]', title = '$title', label = '$label', header = '$header', body = '$body' WHERE id = $_GET[id]";
                } else {
                    $action = 'added';                          
                    $q = "INSERT INTO pages (user, slug, title, label, header, body) VALUES ($_POST[user], '$_POST[slug]', '$title', '$label', '$header', '$body')";
                }

                $r = mysqli_query($dbc, $q);

                if($r){

                    $message = '<p class="alert alert-success">Page was '.$action.'!</p>';

                } else {

                    $message = '<p class="alert alert-danger">Page could not be '.$action.' because: '.mysqli_error($dbc);
                    $message .= '<p class="alert alert-warning">Query: '.$q.'</p>';

                }

            }

            if(isset($_GET['id'])) { $opened = data_page($dbc, $_GET['id']); }

        break;

        case 'users':
            if(isset($_POST['submitted']) == 1) {

                $first = mysqli_real_escape_string($dbc, $_POST['first']);
                $last = mysqli_real_escape_string($dbc, $_POST['last']);

                if($_POST['password'] != '') {

                    if($_POST['password'] == $_POST['passwordv']) {

                        $password = " password = SHA1('$_POST[password]'),";
                        $verify = true;

                    } else {

                        $verify = false;

                    }                   

                } else {

                    $verify = false;    

                }

                if(isset($_POST['id']) != '') {

                    $action = 'updated';
                    $q = "UPDATE users SET first = '$first', last = '$last', email = '$_POST[email]', $password status = $_POST[status] WHERE id = $_GET[id]";
                    $r = mysqli_query($dbc, $q);

                } else {

                    $action = 'added';                  
                    $q = "INSERT INTO users (first, last, email, password, status) VALUES ('$first', '$last', '$_POST[email]', SHA1('$_POST[password]'), '$_POST[status]')";

                    if($verify == true) {
                        $r = mysqli_query($dbc, $q);
                    }
                }

                if($r){

                    $message = '<p class="alert alert-success">User was '.$action.'!</p>';

                } else {

                    $message = '<p class="alert alert-danger">User could not be '.$action.' because: '.mysqli_error($dbc);
                    if($verify == false) {
                        $message .= '<p class="alert alert-danger">Password fields empty and/or do not match.</p>';
                    }
                    $message .= '<p class="alert alert-warning">Query: '.$q.'</p>';

                }

            }

            if(isset($_GET['id'])) { $opened = data_user($dbc, $_GET['id']); }

        break;

        case 'navigation':

            if(isset($_POST['submitted']) == 1) {

                $label = mysqli_real_escape_string($dbc, $_POST['label']);
                $url = mysqli_real_escape_string($dbc, $_POST['url']);

                if(isset($_POST['id']) != '') {

                    $action = 'updated';
                    $q = "UPDATE navigation SET id = '$_POST[id]', label = '$label', url = '$url', position = $_POST[position], status = $_POST[status] WHERE id = '$_POST[openedid]'";
                    $r = mysqli_query($dbc, $q);

                } 

                if($r){

                    $message = '<p class="alert alert-success">Navigation Item was '.$action.'!</p>';

                } else {

                    $message = '<p class="alert alert-danger">Navigation Item could not be '.$action.' because: '.mysqli_error($dbc);
                    $message .= '<p class="alert alert-warning">Query: '.$q.'</p>';

                }

            }

        break;

        case 'settings':

            if(isset($_POST['submitted']) == 1) {

                $label = mysqli_real_escape_string($dbc, $_POST['label']);
                $value = mysqli_real_escape_string($dbc, $_POST['value']);

                if(isset($_POST['id']) != '') {

                    $action = 'updated';
                    $q = "UPDATE settings SET id = '$_POST[id]', label = '$label', value = '$value' WHERE id = '$_POST[openedid]'";
                    $r = mysqli_query($dbc, $q);

                } 

                if($r){

                    $message = '<p class="alert alert-success">Setting was '.$action.'!</p>';

                } else {

                    $message = '<p class="alert alert-danger">Setting could not be '.$action.' because: '.mysqli_error($dbc);
                    $message .= '<p class="alert alert-warning">Query: '.$q.'</p>';

                }

            }

        break;      

        default:

        break;
    }
?>

Page Manager

New Page

creptor commented 5 years ago

Hey @Th3-Gh057, I think the problem has something to do with the $opened['id'] variable. Please check what value it has (when editing a page), and before clicking update.

Please check the value of the input id. (this line: <input type="hidden" id="id" value="<?php echo $opened['id']; ?>">)

creptor commented 5 years ago

Please use var_dump($opened) and send the response given by the server.

Th3-Gh057 commented 5 years ago

Thank you @creptor for your instant answers to my issue. I tried to observe the value for $opened['id] variable but it gives me an headache.. I have no enough php knowledges, I am at the beginning, this is why I wanted to learn from thedigicraft which is awesome.. I executed var_dump($opened) and I received this:

array(9) { ["id"]=> string(1) "1" ["user"]=> string(1) "1" ["slug"]=> string(4) "home" ["label"]=> string(4) "Home" ["title"]=> string(9) "Home Page" ["header"]=> string(21) "Welcome to DynaCoPlat" ["body"]=> string(3067)

Before I clicked update from the debug I received this:

[opened] => Array ( [id] => 1 [user] => 1 [slug] => home [label] => Home [title] => Home Page [header] => Welcome to DynaCoPlat [body] =>

After I clicked update debug shows these informations:

( [_GET] => Array ( [page] => pages [id] => 1 )

[_POST] => Array
    (
        [title] => Home Page1
        [user] => 1
        [slug] => home
        [label] => Home
        [header] => Welcome to DynaCoPlat
        [body] =>

[submitted] => 1 ) [action] => added [q] => SELECT id FROM users ORDER by first ASC [r] => mysqli_result Object ( [current_field] => 0 [field_count] => 1 [lengths] => [num_rows] => 7 [type] => 0 )

[message] =>

Page was added!

[opened] => Array
    (
        [id] => 1
        [user] => 1
        [slug] => home
        [label] => Home
        [title] => Home Page
        [header] => Welcome to DynaCoPlat
        [body] =>

If these results are not enough, you can please give me some directions how to check the values for $opened['id'] variable. Thank you so much for your support..

Th3-Gh057 commented 5 years ago

Issue was resolved, the error was on line: <input type="hidden" id="id" value="<?php echo $opened['id']; ?>"> Where id="id" it was supposed to be name="id". Thank you for your support.

creptor commented 5 years ago

Nice catch, sry for not being able to help in time. I have a lot stuff to do on the week 😅.

If you have any other problems, want some advice or information don't hesitate and post it here, I'll try to help you.