954,585 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Have something to say? Contribute New Article Reply to this Article
3 Years Ago
0

Questionable cookie in update

Hello there,

I am working on an update script that can be broken down into 3 parts.

1. The form (uses id to populate fields)
2. The UPDATE
3. The confirmation.

Form:

<?php require_once("includes/connection.php");

$pid = $_POST['pid'];
$delete = $_POST['Delete'];
$update = $_POST['Update'];

if(isset($update))
{
  $sql = "SELECT * FROM player WHERE id = {$pid}";
  $result = mysql_query($sql, $connection);
  $row = mysql_fetch_array($result)
  or die("Database query failed: " . mysql_error());
  setcookie(pid, $pid, 3600);
  ?>
  <html>
<h3>Update Player</h3>

    <body>
    <form action="update_player.php" method="post">
<table cellspacing="0" cellpadding="0" width="100%"> 
...
</form>
    </body>
    </html>
  <?php
  
}
else
if(isset($delete))
{
  $sql = "DELETE FROM player WHERE id = {$pid}";
  $result = mysql_query($sql, $connection)
  or die("Database query failed: " . mysql_error());


The UPDATE:

<?php
$pid = $_COOKIE['pid'];
$ln = $_POST['ln'];
$fn = $_POST['fn'];
$mi = $_POST['mi'];
$ad = $_POST['ad'];
...
$DoBYYYY = $_POST['DoBYYYY'];
$team = $_POST['team'];
$output_form = false;

if (empty($ln) || empty($fn) || empty($pcell)){
echo 'You forgot either the last name, first name, or player\'s cell. <br \>';
$output_form = true;
}
else{

$query = "UPDATE player SET last_name = '$ln', first_name = '$fn', middle_initial = '$mi', home_address = '$ad', city = '$ci', state = '$st', zip = '$zi', mother = '$mn', father = '$dn',".
"player_cell = '$pcell', mom_cell = '$mcell', dad_cell = '$dcell', home_number = '$hnumber', mom_work_number = '$mwork', dad_work_number = '$dwork', mom_email = '$memail', dad_email = '$demail', personal_email = '$pemail',".
"preferred_email = '$prefemail', years_played = '$yrsp', medical_conditions = '$medc', emergency_contact_name = '$emerc', emergency_contact_phone = '$emercnumber', texting = '$text', as_of_date = '$AoD',".
"position_played = '$position', preferences = '$prefs', school = '$school', DoBMM = '$DoBMM', DoBDD =  = '$DoBDD', DoBYYYY = '$DoBYYYY', feet = '$feet', inches = '$inches', lbs = '$lbs', oz = '$oz', team = '$team')".
"WHERE id = '$pid'";

if 

$result = mysql_query($query, $connection)
or die("Database query failed: " . mysql_error());

header('Refresh: 1;url=add_thankyou.php');


I'm not getting any MySQL errors and the data is not being updated which suggests to me that i'm using the cookie inappropriately.

Here is the error:

Notice: Use of undefined constant pid - assumed 'pid' in C:\wamp\www\base_ball\update_delete.php on line 13

Any thoughts?

KJATL
Newbie Poster
7 posts since Apr 2009
Reputation Points: 10
Solved Threads: 0
 
3 Years Ago
0

Don't forget the quotes.

setcookie('pid', $pid, 3600);
pritaeas
Posting Expert
Moderator
5,484 posts since Jul 2006
Reputation Points: 653
Solved Threads: 875
 
3 Years Ago
0

Don't forget the quotes.

setcookie('pid', $pid, 3600);


Hello pritaeas!

I have placed quotes around the name of the cookie, but I am still experiencing problems:

$pid = $_POST['pid'];$delete = $_POST['Delete'];
$update = $_POST['Update'];

if(isset($update))
{
  $sql = "SELECT * FROM player WHERE id = {$pid}";
  $result = mysql_query($sql, $connection);
  $row = mysql_fetch_array($result)
  or die("Database query failed: " . mysql_error());
  setcookie('pid', $pid, 3600);


In the second script:

<?php require_once("includes/connection.php"); ?>
<?php
$pid = $_COOKIE['pid'];$ln = $_POST['ln'];
$fn = $_POST['fn'];
$mi = $_POST['mi'];
$ad = $_POST['ad'];
$ci = $_POST['ci'];
$st = $_POST['st'];
$zi = $_POST['zi'];
$mn = $_POST['mn'];
$dn = $_POST['dn'];
Notice: Undefined index: pid in C:\wamp\www\base_ball\update_player.php on line 3 Database query failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')WHERE id = ''' at line 1

I am assuming the query is failing because $pid doesn't carry over. I've changed my browser settings to allow cookies from any website.

Do you have any thoughts?

KJATL
Newbie Poster
7 posts since Apr 2009
Reputation Points: 10
Solved Threads: 0
 
3 Years Ago
0

Appears that $pid is empty (not set), and thus the query is invalid. Shouldn't $_POST['pid'] be $_COOKIE['pid'] ??

pritaeas
Posting Expert
Moderator
5,484 posts since Jul 2006
Reputation Points: 653
Solved Threads: 875
 
3 Years Ago
0
Appears that $pid is empty (not set), and thus the query is invalid. Shouldn't $_POST['pid'] be $_COOKIE['pid'] ??

Maybe, i'm not sure.

On the first script, the player enters pid as an interger value to specify which player they would like to update or delete, if the update button is clicked after information is entered into pid, that information is posted to the next script as $pid. My assumption was that $pid would remain set through the second script, but from the second (editing the record) to the third (performing the update), I though I would need a cookie.

Maybe there is a problem with my method.

---

I've changed my cookie to grab the server time:

setcookie('pid', $pid, time()+3600);

This is still printing that pid is an undefined index.

---

After using the function "print_r($_COOKIE);" I see the following output. I am not sure if this suggests a session is established. The only session I remember establishing was a connection to the database, not a php session:

Array ( [PHPSESSID] => g3i5fqjakvprqgmut894pr5m54 [9d4bb4a09f511681369671a08beff228] => rnnhg0t43bih5p6ke8gkno5a56 [cda3f8363c72cb411c8879ff46e7dbfa] => 356jv7t74i29gjf11a1p0v3tk1 [c0f8b8f4c4af84715b39697f86810ec8] => accf9619f4a96c9642cc37becc69fcfd )
KJATL
Newbie Poster
7 posts since Apr 2009
Reputation Points: 10
Solved Threads: 0
 

This article has been dead for over three months

Post: Markdown Syntax: Formatting Help
You
 
© 2012 DaniWeb® LLC
Home | About Us | Contact Us | Terms of Service | Advertising Opportunities
RSS Feed RSS Feed