Hey everyone, been a while since I have been here but I need some advice in a bad way. Being new to PHP I am at wit's end with this one. I created a main website that displays images and info about the images. All of the images and info can be uploaded through a separate admin site I created (PHP as well). Once info and images are entered and uploaded through the admin site, the info and images then get stored into a database (phpMyAdmin).

Here is the problem:

Either the database or the admin site is not storing the information correctly because once or twice a week the admin site is dumping all the data it contains. Not sure what code to show and troubleshoot, but below is the code for the admin site's upload file. Anything look wrong in here?

<?php

include( "config.php" );

$p = new Portfolio();

if ($_POST) {
    if ( isset( $_POST['PortfolioCategoryID'] ) && (int) $_POST['PortfolioCategoryID'] > 0 ) {
        $p->editPortfolioCategory();
    } else {
        $p->saveNewPortfolioCategory();
    }
}

include( APP_AB_PATH . "includes" . DIRECTORY_SEPARATOR . "header.php" );

if ($_GET['p']) {
    $port = $p->getPortfolioCategory($_GET['p']);
    $pCategoryId = $port['PortfolioCategoryID'];
    $pCategoryName = $port['PortfolioCategoryName'];
    $pCategoryDefault = $port['PortfolioCategoryDefault'];
} else {
    $pCategoryId = 0;
    $pCategoryName = '';
    $pCategoryDefault = 10000;
}
?>

<h2 style="margin-bottom:4px">Portfolio Category Form</h2>

<form action="" method="post" enctype="multipart/form-data" name="form1">
    <table width="750" border="0" cellspacing="0" cellpadding="8" style="border:solid 1px black">
        <tr>
            <td width="22%" nowrap>
                <strong>Name</strong>
            </td>
            <td width="78%">
                <input name="PortfolioCategoryName" type="text" id="PortfolioCategoryName" size="40" value="<?=$pCategoryName;?>">
            </td>
        </tr>

        <tr>
            <td width="22%" nowrap>
                <strong>Default</strong>
            </td>
            <td width="78%">
                <select name="PortfolioCategoryDefault" id="PortfolioCategoryDefault">
                    <option value="NULL"<?php echo ( ( (int) $pCategoryDefault > 1 ) ? ' selected="selected"' : '' ); ?>>Select</option>
                    <option value="1"<?php echo ( ( (int) $pCategoryDefault == 1 ) ? ' selected="selected"' : '' ); ?>>Yes</option>
                    <option value="0"<?php echo ( ( (int) $pCategoryDefault == 0 ) ? ' selected="selected"' : '' ); ?>>No</option>
                </select>
            </td>
        </tr>

        <tr>
            <td><input type="submit" name="Submit" value="Save"></td>
            <td>&nbsp;</td>
        </tr>
    </table>
    <input type="hidden" name="PortfolioCategoryID" value="<?=$pCategoryId;?>">
</form>

<?php
include("./includes/footer.php");
?>

<?php print_r($_POST); ?> will show up the data posted from the form.
Please check that data for all the field mentioned in the insert or update commands are displayed. print $sql string and run it in phpmyadmin. You may be able to know where the bug is.

<?php print_r($_POST); ?> will show up the data posted from the form.
Please check that data for all the field mentioned in the insert or update commands are displayed. print $sql string and run it in phpmyadmin. You may be able to know where the bug is.

I am not sure I follow, my php skill-set is far from expert. Are you saying I should run <?php print_r($_POST); ?> in phpmyadmin?

No, after line 7 put in print_r($_POST);, though I highly recommend (for readibility until you understand what print_r() actually looks like) doing echo"<pre>";print_r($_POST);echo"</pre>"; instead.

print_r() will display the $_POST array onto the page in an array style format so you can see what is actually within the array. In this case it'll show you what is being posted to the page, this is just to make sure what's being posted is what you want.

Though just as a thought, I'm not entirely sure $_POST can return a bool value as it's an array and I can't recall ever seeing it used in that manner. If it can't it'll toss an error or simply return false every time.

No, after line 7 put in print_r($_POST);, though I highly recommend (for readibility until you understand what print_r() actually looks like) doing echo"<pre>";print_r($_POST);echo"</pre>"; instead.

print_r() will display the $_POST array onto the page in an array style format so you can see what is actually within the array. In this case it'll show you what is being posted to the page, this is just to make sure what's being posted is what you want.

Though just as a thought, I'm not entirely sure $_POST can return a bool value as it's an array and I can't recall ever seeing it used in that manner. If it can't it'll toss an error or simply return false every time.

Okay, tried that and definitely think you are onto something here. For each category I add to it comes back with the following (kind of weird how it assigns every ID as 0?):

Array
(
    [PortfolioCategoryName] => Kitchen
    [PortfolioCategoryDefault] => 1
    [Submit] => Save
    [PortfolioCategoryID] => 0
)
(
    [PortfolioCategoryName] => Bathroom
    [PortfolioCategoryDefault] => 0
    [Submit] => Save
    [PortfolioCategoryID] => 0
)
(
    [PortfolioCategoryName] => Bar & Entertainment
    [PortfolioCategoryDefault] => 0
    [Submit] => Save
    [PortfolioCategoryID] => 0
)

If the ID is not suppose to be zero, you have one of potentially many problems. Start from there and work your way backwards following the "paper trail" back to where the ID is assigned to find out what's going on... if you haven't done this already that is.

Interestingly enough, this has been solved. I followed the paper trail back to each ID and everything was running as it should. Still confused, I decided that someone somewhere had to be tampering with this data, and wouldn't you know it I was right! I integrated an IP tracker onto the website to monitor who was accessing it, and some web development company out of Chicago was going onto the admin site a few times a week and manually deleting the data. After finding that out, I completely changed the login section of the admin site to a more secure login and haven't had a problem since.

I thank you all for your input!

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.