- This topic is empty.
-
AuthorPosts
-
June 22, 2010 at 5:23 pm #29400nchippingMember
Hello,
I know this may sound like a strange question, but it has a point :)
Anyway, I have been using this method for a while, and have never encountered an issue with it, and I’m about at my wits end to get it working on the current site I’m working on.
Basically, I have a template system that stores the information for each ‘page’ of my website in the DB (so there’s only one page – but it just calls the information from the DB, depending on what’s in the URL). So, if I want to edit a page, I have to be logged in as the super-administrator, and then I can edit the PHP for the page, the HTML, the stylesheets, the scripts, etc.
So, my main concern is for editing the PHP that is custom for certain pages – on a new site I’m doing, it won’t allow me to save this way. When I create pages (using a form I’ve created, and on that same site), I can type PHP in and it will save and accept it, but when I try to EDIT it on a page, it won’t let me – it will go through the reload of the page and act like it saved it, but nothing will be changed in the DB.
Any ideas on this? The hosting is the same as other sites I’ve done as well – so I don’t think that’s the issue either. Here’s my code for my editing page:
Code:query(‘SELECT * FROM content WHERE id = ‘ . $db->escape_string($_GET[‘content_id’]) . ‘ ORDER BY id’);
while ($content = $db->fetch_assoc($result))
{
$url = $content[‘url’];
$php = $content[‘php’];
$meta = $content[‘meta’];
$page_title = $content[‘page_title’];
$title = $content[‘title’];
$style = $content[‘style’];
$script = $content[‘script’];
$content = $content[‘content’];
$content_type_id = $content[‘content_type_id’];
$analytics = $content[‘analytics’];
}//checking to see if they’ve posted something
if((!empty($_POST[‘wrangler’])) && $_POST[‘wrangler’] == 1)
{
//cool – now we want to save it
$contents = array(
‘id’ => $db->escape_string($_GET[‘content_id’]),
‘url’ => $_POST[‘url’],
‘php’ => $_POST[‘php’],
‘meta’ => $_POST[‘meta’],
‘page_title’ => $_POST[‘page_title’],
‘title’ => $_POST[‘title’],
‘style’ => $_POST[‘style’],
‘script’ => $_POST[‘script’],
‘content’ => $_POST[‘content’],
‘content_type_id’ => $_POST[‘content_type_id’],
‘analytics’ => $_POST[‘analytics’],
‘active’ => $_POST[‘active’]
);
//echo “CONTENTS ID: ” . $contents[‘id’] . “
URL: ” . $contents[‘url’] . “
php: ” . $contents[‘php’] . “
TITLE: ” . $contents[‘title’] . “
page_title: ” . $contents[‘page_title’] . “
CONTENT: ” . $contents[‘content’] . “
ACTIVE: ” . $contents[‘active’] . “”;$result = $db->query(“UPDATE content SET url = ‘” . $contents[‘url’] . “‘, php = ‘” . $contents[‘php’] . “‘, meta = ‘” . $contents[‘meta’] . “‘, page_title = ‘” . $contents[‘page_title’] . “‘, title = ‘” . $contents[‘title’] . “‘, style = ‘” . $contents[‘style’] . “‘, script = ‘” . $contents[‘script’] . “‘, content = ‘” . $contents[‘content’] . “‘, content_type_id = ‘” . $contents[‘content_type_id’] . “‘, analytics = ‘” . $contents[‘analytics’] . “‘, active = ‘” . $contents[‘active’] . “‘ WHERE id = ‘” . $db->escape_string($_GET[‘content_id’]) . “‘LIMIT 1”);
redirect($contents[‘url’]);
}
else
{
//echo ‘this is the session user id: ‘ . $_SESSION[‘user_id’];
$result = $db->query(“SELECT * FROM users WHERE id = ‘” . $_SESSION[‘user_id’] . “‘ ORDER BY id DESC”);
while($users = $db->fetch_assoc($result))
{
$name = $users[‘first_name’];
$permissions = $users[‘permission’];
}if (permission(1) == true)
{
//show this stuff
$result = $db->query(‘SELECT * FROM content WHERE id = ‘ . $db->escape_string($_GET[‘content_id’]) . ‘ ORDER BY id’);
while ($content = $db->fetch_assoc($result))
{
?>} } else { echo 'Sorry, you don't have permission to access this page. Your permission level is only: ' . $permissions . ', ' . $name . '.'; } } } else { echo 'You are not following procedure to get here.'; } ?>
Then the code for the page creator is here:
Code:$db->escape_string($_GET[‘content_id’]),
‘url’ => $_POST[‘url’],
‘php’ => $_POST[‘php’],
‘meta’ => $_POST[‘meta’],
‘page_title’ => $_POST[‘page_title’],
‘title’ => $_POST[‘title’],
‘style’ => $_POST[‘style’],
‘script’ => $_POST[‘script’],
‘content’ => $_POST[‘content’],
‘content_type_id’ => $_POST[‘content_type_id’],
‘analytics’ => $_POST[‘analytics’]
);
//echo “CONTENTS ID: ” . $contents[‘id’] . “
SITE NAME: ” . $contents[‘site_name’] . “
STYLE: ” . $contents[‘style’] . “
TITLE: ” . $contents[‘title’] . “
NAV: ” . $contents[‘nav’] . “
CONTENT: ” . $contents[‘content’];$result = $db->query(“INSERT INTO content (id, url, php, meta, page_title, title, style, script, content, content_type_id, analytics) VALUES (”, ‘” . $contents[‘url’] . “‘, ‘” . $contents[‘php’] . “‘, ‘” . $contents[‘meta’] . “‘, ‘” . $contents[‘page_title’] . “‘, ‘” . $contents[‘title’] . “‘, ‘” . $contents[‘style’] . “‘, ‘” . $contents[‘script’] . “‘, ‘” . $contents[‘content’] . “‘, ‘” . $contents[‘content_type_id’] . “‘, ‘” . $contents[‘analytics’] . “‘)”);
$page_title = $contents[‘page_title’];
redirect(‘http://www.productionbook.com/’ . $page_title);
}
else
{
if (permission(1) == true)
{
//show this stuff
?>} else { echo 'Sorry, you don't have permission to access this page. Your permission level is only: ' . $permissions . ', ' . $name . '.'; } } ?>
June 23, 2010 at 5:51 pm #78596nchippingMemberYes, I wrote the code myself, but I already know it works. I have used this SAME CODE on multiple websites without any trouble – so I think it’s something with the web host, but they say it isn’t. Is there anything in the php.ini file or the .htaccess file that could do something like this? Please let me know if any of you know. I appreciate the help!
June 28, 2010 at 1:49 pm #79014nchippingMember"nchipping" wrote:Yes, I wrote the code myself, but I already know it works. I have used this SAME CODE on multiple websites without any trouble – so I think it’s something with the web host, but they say it isn’t. Is there anything in the php.ini file or the .htaccess file that could do something like this? Please let me know if any of you know. I appreciate the help!Does anybody have any ideas on this? Could it have anything to do with a php.ini or .htaccess file?
June 28, 2010 at 6:27 pm #79016nchippingMemberHere’s a little more information that might help:
Just for reference, I finally put this in the PHPMyadmin MySQL query thing, and it gave me the following:
Code:ErrorSQL query:
UPDATE `content` SET `url` = ‘http://www.productionbook.com/home’,
`php` = ‘{startp} $hotdog = ‘chicken ‘; echo $hotdog; {/endp}’,
`meta` = ‘ ‘,
`page_title` = ‘home’,
`title` = ‘Home’,
`style` = ‘ ‘,
`script` = ‘ ‘,
`content` = ‘Under construction This site is currently under construction. Please check back later.
‘,
`content_type_id` = ‘1’,
`analytics` = ‘ ‘,
`active` = ‘1’ WHERE `id` = ‘1’ LIMIT 1MySQL said: Documentation
#1064 – You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘chicken’; echo $hotdog; {/endp}’, `meta` = ‘ ‘, `page_title` = ‘home’, `title` =’ at line 1When, what I put in (just for testing) –
Code:UPDATE `content` SET `url` = ‘http://www.productionbook.com/home’, `php` = ‘{startp} $hotdog = ‘chicken’; echo $hotdog; {/endp}’, `meta` = ‘ ‘, `page_title` = ‘home’, `title` = ‘Home’, `style` = ‘ ‘, `script` = ‘ ‘, `content` = ‘
Under constructionThis site is currently under construction. Please check back later.
‘, `content_type_id` = ‘1’, `analytics` = ‘ ‘, `active` = ‘1’ WHERE `id` = ‘1’ LIMIT 1I had to put in the {startp} and {/endp} (made up tags) in order for it to try to save at all – if I use regular PHP tags it won’t even post it. Any ideas?
June 28, 2010 at 7:41 pm #79017nchippingMemberI finally got it working – I had to use mysql_real_escape_string() for everything that I posted – it fixed it! :D :D :D :D :D :D :D :D :D :D :D :D :D Thanks everybody for your patience with me on this one!
-
AuthorPosts
- The forum ‘Back End’ is closed to new topics and replies.