php form sending $_post but not updating database.

jamesmorris86

jamesmorris86

jamesmorris86

Associate
Joined
11 Oct 2008
Posts
268
Hey guys, I have made an admin page for a game Im working on to quickly allow me to update many aspects of the game. My form is sending the correct data because i can echo the $_post but for some reason it isnt updating my database. I just get a blank white page. Could anyone see what i have done wrong. Thanks

PHP: 
<?php
    require($DOCUMENT_ROOT . "/game/includes/connection.php");
    require($DOCUMENT_ROOT . "/game/includes/settings.php");
?>

<?php

    $name = $_POST['admin_name'];
    $img = $_POST['admin_img'];
    $current_hp = $_POST['admin_current_hp'];
    $max_hp = $_POST['admin_max_hp'];
    $current_energy = $_POST['admin_current_energy'];
    $max_energy = $_POST['admin_max_energy'];
    $level = $_POST['admin_level'];
    $exp_total = $_POST['admin_exp_total'];
    $exp = $_POST['admin_exp'];
    $exp_level = $_POST['admin_exp_level'];
    $pos_x = $_POST['admin_pos_x'];
    $pos_y = $_POST['admin_pos_y'];
    $potion = $_POST['admin_potion'];
    $ether = $_POST['admin_ether'];
    $elixir = $_POST['admin_elixir'];
    $zenni = $_POST['admin_zenni'];
    $sector = $_POST['admin_sector'];
    $battle = $_POST['admin_battle'];
          
?>


<?php

    $sql_1 = "UPDATE game_character SET name='$name', img='$img', current_hp='$current_hp', max_hp='$max_hp', current energy='$current_energy', max_energy='$max_energy', level='$level', exp_total='$exp_total', exp='$exp', exp_level='$exp_level', pos_x='$pos_x', pos_y='$pos_y', potion='$potion', ether='$ether', elixir='$elixir', zenni='$zenni' WHERE id=1";
    $sql_2 = "UPDATE game_status SET sector='$sector', battle='$battle' WHERE id=1";
    $statement_1 = $dbh->prepare($sql_1); 
    $statement_2 = $dbh->prepare($sql_2); 
    $statement_1->execute();
    $statement_2->execute();
       
?>

<SCRIPT LANGUAGE="JavaScript">
redirTime = "1";
redirURL = "<?php echo $r_admin ?>";
function redirTimer() { self.setTimeout("self.location.href = redirURL;",redirTime); }
</script>
<BODY onLoad="redirTimer()">
 
Try printing out the queries and trying them directly in the database.

Otherwise test your connections to ensure it's connecting.
 
Last edited:
I tried it directly putting the posts into the sql statement. No joy.

The connection is ok too.

For the sanitizing, is it as simple as changing it to the following? never done it before.

$name = strip_tags($_POST['admin_name']);

or should i used htmlentities() instead?

edit:

got it working using an array:

PHP: 
<?php
    require($DOCUMENT_ROOT . "/game/includes/connection.php");
    require($DOCUMENT_ROOT . "/game/includes/settings.php");
?>

<?php

    $name = htmlentities($_POST['admin_name']);
    $img = $_POST['admin_img'];
    $current_hp = $_POST['admin_current_hp'];
    $max_hp = $_POST['admin_max_hp'];
    $current_energy = $_POST['admin_current_energy'];
    $max_energy = $_POST['admin_max_energy'];
    $level = $_POST['admin_level'];
    $exp_total = $_POST['admin_exp_total'];
    $exp = $_POST['admin_exp'];
    $exp_level = $_POST['admin_exp_level'];
    $pos_x = $_POST['admin_pos_x'];
    $pos_y = $_POST['admin_pos_y'];
    $potion = $_POST['admin_potion'];
    $ether = $_POST['admin_ether'];
    $elixir = $_POST['admin_elixir'];
    $zenni = $_POST['admin_zenni'];
    $sector = $_POST['admin_sector'];
    $battle = $_POST['admin_battle'];
    $id = "1";
          
    $sql_1 = "UPDATE game_character SET name=?, img=?, current_hp=?, max_hp=?, current_energy=?, max_energy=?, level=?, exp_total=?, exp=?, exp_level=?, pos_x=?,           pos_y=?, potion=?, ether=?, elixir=?, zenni=? WHERE id=?";

    $sql_2 = "UPDATE game_status SET sector=?, battle=? WHERE id=?";
    
    $statement_1 = $dbh->prepare($sql_1);
    $statement_2 = $dbh->prepare($sql_2);

    $statement_1->execute(array($name,$img,$current_hp,$max_hp,$current_energy,$max_energy,$level,$exp_total,$exp,$exp_level,$pos_x,$pos_y,$potion,$ether,$elixir,          $zenni,$id));

    $statement_2->execute(array($sector,$battle,$id));

?>

<?php echo $name; ?><br />
<?php echo $img; ?><br />
<?php echo $current_hp; ?><br />
<?php echo $max_hp; ?><br />
<?php echo $current_energy; ?><br />
<?php echo $max_energy; ?><br />
<?php echo $level; ?><br />
<?php echo $exp_total; ?><br />
<?php echo $exp; ?><br />
<?php echo $exp_level; ?><br />
<?php echo $pos_x; ?><br />
<?php echo $pos_y; ?><br />
<?php echo $potion; ?><br />
<?php echo $ether; ?><br />
<?php echo $elixir; ?><br />
<?php echo $zenni; ?><br />
<?php echo $battle; ?><br />
<?php echo $sector; ?><br />
 
Last edited:
By trying them directly in the DB I mean

echo $sql_1;

Copy and paste. Go to phpMyAdmin or w/e you're using and query the db and paste>go
 
As said, echo/print the sql variables and test the queries using PHPMyAdmin or CLI as the queries are likely to be the issue; you shouldn't have to use arrays when executing the queries.
Also if you want to dump the $_POST array to screen just use var_dump($_POST);.
 
You must log in or register to reply here.
Back
Top Bottom