Looks like stale data, smells like stale data, could it be stale data?

Discussion in 'PHP' started by Sleeping Troll, Sep 3, 2008.

0
  1. #1
    This is a simple serverside ajax script, all I will say about it is that the code in red echoes the values to the page for verification.


    <?php
$conn = mysql_connect("xxx","xxx","xxx"); 
mysql_select_db("xxx",$conn);
$Name = $_GET["Name"];
$SQL = "Select * From Categories Where Title = '$Name'";
$result = mysql_query($SQL);
$row=mysql_fetch_array($result);
if ($row[2] = "Enabled")
 {
  $SQL = "Update Categories Set Enable = 'Disabled' Where Title = '$Name'"; 
 }
else
 {
  $SQL = "Update Categories Set Enable = 'Enabled' Where Title = '$Name'"; 
 }
[COLOR="Red"]
echo("$row[2], ");
echo($SQL);
[/COLOR]
mysql_query($SQL);
echo " <table width='100%' border='0'>";
$SQL = "Select * From Categories Order By CategoryID";
$result = mysql_query($SQL);
while($row = mysql_fetch_array($result))
{
 echo (" 
   <tr> 
    <td width = '160' height = '28'><div class = 'style8' align = 'left'><a href = '#' title = 'Rename Category' onClick = EditCatName('Categories','$row[1]')>$row[1]</a></div></td>
    <td width = '80' ><div class = 'style8' align = 'right'><a href = '#' title = 'Enable/Disable' onClick = ToggleCatEnable('Categories','$row[1]')>$row[2]</a></div></td>
   </tr>
   ");
}
echo "</table>";
?>
    Code (markup):
    Please take a look at code then visit the site and see the problem with toggling Enable/Disable, looks like cahed data to me, but I am somewhat new to php.

    http://trollnest.com/bragflags/Administration/default.php

    *
     
    Sleeping Troll, Sep 3, 2008 IP
  2. Sleeping Troll

    Sleeping Troll Peon

    Messages:
    217
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #2
    Nope, just stale programming, if ($row[2] = "Enabled") SB if ($row[2] = = "Enabled")
     
    Sleeping Troll, Sep 3, 2008 IP
  3. Steve136

    Steve136 Peon

    Messages:
    240
    Likes Received:
    15
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Hi,

    I've modified the code slightly, it now escapes the "name" string before it gets added to the database, for security reasons.

    I've also fixed the problem with the enabled/disabled - By replacing the = with == on the $row check line.

    I have also added closing of the database and unsetting on variables after they're no longer of use.

    I've done it from memory, not been tested - So forgive me if you get any errors, if you do post here and i'll fix them.

    
<?php

	$SQLconn = mysql_connect("xxx","xxx","xxx"); 
	mysql_select_db("xxx", $SQLconn);

	$catName = mysql_real_escape_string($_GET["Name"]);
	$result = mysql_query("SELECT * FROM `Categories` WHERE `Title` ='{$catName}'");
	$row=mysql_fetch_array($result);

	if($row[2] == "Enabled")
	{
		$SQL = "UPDATE `Categories` Set `Enable` = 'Disabled' WHERE `Title` = '{$catName}'"; 
	}
	else
	{
		$SQL = "UPDATE `Categories` Set `Enable` = 'Enabled' WHERE `Title` = '{$catName}'"; 
	}

	echo($row[2]);
	echo($SQL);

	mysql_query($SQL);

	echo " <table width='100%' border='0'>";
	$result = mysql_query("SELECT * FROM `Categories` ORDER BY `CategoryID`");

	while($row = mysql_fetch_array($result))
	{
 		echo (" 
   		<tr> 
    		<td width = '160' height = '28'><div class = 'style8' align = 'left'><a href = '#' title = 'Rename Category' onClick = EditCatName('Categories','$row[1]')>$row[1]</a></div></td>
    		<td width = '80' ><div class = 'style8' align = 'right'><a href = '#' title = 'Enable/Disable' onClick = ToggleCatEnable('Categories','$row[1]')>$row[2]</a></div></td>
   		</tr>");
	}

	echo "</table>";

	mysql_close($SQLconn);
	unset($SQLconn, $catName, $result, $row);
?>
    PHP:
    Regards,

    Steve
     
    Steve136, Sep 3, 2008 IP