php form sending $_post but not updating database.

jamesmorris86

jamesmorris86

jamesmorris86

Associate
Joined
11 Oct 2008
Posts
268
Hey guys, I have made an admin page for a game Im working on to quickly allow me to update many aspects of the game. My form is sending the correct data because i can echo the $_post but for some reason it isnt updating my database. I just get a blank white page. Could anyone see what i have done wrong. Thanks

PHP: 
<?php
    require($DOCUMENT_ROOT . "/game/includes/connection.php");
    require($DOCUMENT_ROOT . "/game/includes/settings.php");
?>

<?php

    $name = $_POST['admin_name'];
    $img = $_POST['admin_img'];
    $current_hp = $_POST['admin_current_hp'];
    $max_hp = $_POST['admin_max_hp'];
    $current_energy = $_POST['admin_current_energy'];
    $max_energy = $_POST['admin_max_energy'];
    $level = $_POST['admin_level'];
    $exp_total = $_POST['admin_exp_total'];
    $exp = $_POST['admin_exp'];
    $exp_level = $_POST['admin_exp_level'];
    $pos_x = $_POST['admin_pos_x'];
    $pos_y = $_POST['admin_pos_y'];
    $potion = $_POST['admin_potion'];
    $ether = $_POST['admin_ether'];
    $elixir = $_POST['admin_elixir'];
    $zenni = $_POST['admin_zenni'];
    $sector = $_POST['admin_sector'];
    $battle = $_POST['admin_battle'];
          
?>


<?php

    $sql_1 = "UPDATE game_character SET name='$name', img='$img', current_hp='$current_hp', max_hp='$max_hp', current energy='$current_energy', max_energy='$max_energy', level='$level', exp_total='$exp_total', exp='$exp', exp_level='$exp_level', pos_x='$pos_x', pos_y='$pos_y', potion='$potion', ether='$ether', elixir='$elixir', zenni='$zenni' WHERE id=1";
    $sql_2 = "UPDATE game_status SET sector='$sector', battle='$battle' WHERE id=1";
    $statement_1 = $dbh->prepare($sql_1); 
    $statement_2 = $dbh->prepare($sql_2); 
    $statement_1->execute();
    $statement_2->execute();
       
?>

<SCRIPT LANGUAGE="JavaScript">
redirTime = "1";
redirURL = "<?php echo $r_admin ?>";
function redirTimer() { self.setTimeout("self.location.href = redirURL;",redirTime); }
</script>
<BODY onLoad="redirTimer()">
 
I tried it directly putting the posts into the sql statement. No joy.

The connection is ok too.

For the sanitizing, is it as simple as changing it to the following? never done it before.

$name = strip_tags($_POST['admin_name']);

or should i used htmlentities() instead?

edit:

got it working using an array:

PHP: 
<?php
    require($DOCUMENT_ROOT . "/game/includes/connection.php");
    require($DOCUMENT_ROOT . "/game/includes/settings.php");
?>

<?php

    $name = htmlentities($_POST['admin_name']);
    $img = $_POST['admin_img'];
    $current_hp = $_POST['admin_current_hp'];
    $max_hp = $_POST['admin_max_hp'];
    $current_energy = $_POST['admin_current_energy'];
    $max_energy = $_POST['admin_max_energy'];
    $level = $_POST['admin_level'];
    $exp_total = $_POST['admin_exp_total'];
    $exp = $_POST['admin_exp'];
    $exp_level = $_POST['admin_exp_level'];
    $pos_x = $_POST['admin_pos_x'];
    $pos_y = $_POST['admin_pos_y'];
    $potion = $_POST['admin_potion'];
    $ether = $_POST['admin_ether'];
    $elixir = $_POST['admin_elixir'];
    $zenni = $_POST['admin_zenni'];
    $sector = $_POST['admin_sector'];
    $battle = $_POST['admin_battle'];
    $id = "1";
          
    $sql_1 = "UPDATE game_character SET name=?, img=?, current_hp=?, max_hp=?, current_energy=?, max_energy=?, level=?, exp_total=?, exp=?, exp_level=?, pos_x=?,           pos_y=?, potion=?, ether=?, elixir=?, zenni=? WHERE id=?";

    $sql_2 = "UPDATE game_status SET sector=?, battle=? WHERE id=?";
    
    $statement_1 = $dbh->prepare($sql_1);
    $statement_2 = $dbh->prepare($sql_2);

    $statement_1->execute(array($name,$img,$current_hp,$max_hp,$current_energy,$max_energy,$level,$exp_total,$exp,$exp_level,$pos_x,$pos_y,$potion,$ether,$elixir,          $zenni,$id));

    $statement_2->execute(array($sector,$battle,$id));

?>

<?php echo $name; ?><br />
<?php echo $img; ?><br />
<?php echo $current_hp; ?><br />
<?php echo $max_hp; ?><br />
<?php echo $current_energy; ?><br />
<?php echo $max_energy; ?><br />
<?php echo $level; ?><br />
<?php echo $exp_total; ?><br />
<?php echo $exp; ?><br />
<?php echo $exp_level; ?><br />
<?php echo $pos_x; ?><br />
<?php echo $pos_y; ?><br />
<?php echo $potion; ?><br />
<?php echo $ether; ?><br />
<?php echo $elixir; ?><br />
<?php echo $zenni; ?><br />
<?php echo $battle; ?><br />
<?php echo $sector; ?><br />
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom