update table fails

This file, dosave.php is supposed to update a name and a description field in the db.  It also controls checkboxes on the page , if there is any data in the field pid then the box will be checked(page editpc.php).  If the user unchecks the box on page editpc.php then all the records with pid = $pidc have pid set to '' then after that the pid is set with id tags only for those boxes that have been checked. Currently the box can be checked and its value gets entered in the db but it cant be unchecked.

dosave.php:
<?php
if ($logged_in) {
include("connect.php");


if ($idarray) {
$a=0;

$len = count($idtwo) + 1;

while ($a < $len) {  //this while makes sure that all checkboxes that have been unchecked get updated it clears all records then in the next while it updates the ones that were checked
$mqueryd = "UPDATE `podmp3` SET `pid` = '' WHERE CONVERT( `user` USING utf8 ) = '$userid' AND CONVERT( `pid` USING utf8 )  = '$pidc'";
mysql_query($mqueryd);
$a++;
}

$i=0;
$length = count($idarray) + 1;
while ($i < $length) {


$mquerya = "UPDATE `podmp3` SET `pid` = '$pidc' WHERE CONVERT( `user` USING utf8 )  = '$userid' AND CONVERT( `id` USING utf8 )  = '$idarray[$i]'";
mysql_query($mquerya);
echo $idarray[$i];
$i++;
}

}
$updatend = "UPDATE `podlist` SET `podtitle` = '$pcname', `descrip` = '$pcdescription' WHERE CONVERT( `author` USING utf8 )  = '$userid' AND CONVERT( `id` USING utf8 )  = '$pidc'";
mysql_query($updatend);


echo $length;







}
else {
$atitle = "Authorization Error | Odkast";
header("Location: index.php?page=autherror&type=1&reflector=login&t=5&pagetitle=$atitle");
       }
?>




editpc.php
<?php
if ($logged_in == "TRUE") {
$recordset = mysql_query("SELECT `podtitle`, `descrip` FROM `podlist` WHERE `id` = '$editd' AND `author` = '$userid'", $db);
$pods = mysql_fetch_assoc($recordset);
$ptitle = $pods["podtitle"];
$pdescrip = $pods["descrip"];
setcookie("pidc", $editd);
?>

<head>
 <title>Edit a Podcast | Odkast</title>

<style type="text/css">
textarea {
      overflow: auto;
      font-family: Geneva, Arial, Helvetica, sans-serif;
      border: 1px solid #999999;
      font-size: 12px;
      color: #666666;
}
.textb {
      overflow: auto;
      font-family: Geneva, Arial, Helvetica, sans-serif;
      border: 1px solid #999999;
      font-size: 12px;
      color: #666666;
}
input {
      overflow: auto;
      font-family: Geneva, Arial, Helvetica, sans-serif;
}
div {
      font-family: Geneva, Arial, Helvetica, sans-serif;
      font-size: 11pt;
      color: #666666;
}
.submit {
            }
</style>

<style type="text/css">
<!--
.underline {
      border-bottom-width: 1px;
      border-bottom-style: solid;
      border-bottom-color: #CCCCCC;
}
.style4 {color: #666666}
.underline {
      border-bottom-width: 1px;
      border-bottom-style: solid;
      border-bottom-color: #CCCCCC;
      font-family: Geneva, Arial, Helvetica, sans-serif;
      font-size: 9px;
      color: #666666;
}
.underlineb {
      border-bottom-width: 1px;
      border-bottom-style: solid;
      border-bottom-color: #333333;
      font-family: Geneva, Arial, Helvetica, sans-serif;
      font-size: 9px;
      color: #666666;
}
.style5 {
      font-size: 11px;
      font-family: Arial, Helvetica, sans-serif;
      color: #666666;
}
.overline {
      font-family: Geneva, Arial, Helvetica, sans-serif;
      font-size: 9px;
      color: #666666;
      border-top-width: 1px;
      border-top-style: solid;
      border-top-color: #CCCCCC;
}
-->
</style>

</head>
<body>

<h3 class="style4"><font face="Geneva, Arial, Helvetica, sans-serif" family="arial">Edit Podcast </font></h3>
  <form action="dosave.php" method="post" onSubmit="MM_validateForm('name','','R','description','','R');return document.MM_returnValue">
    <table width="800" border="0" cellpadding="0" cellspacing="0" onfocus="MM_validateForm('name','','R','description','','R');return document.MM_returnValue">
      <tr>
        <td>Podcast Title: </td>
        <td><input name="pcname" type="text" class="textb" id="pcname" value="<?php echo $ptitle; ?>" size="53"></td>
      </tr>
      <tr>
        <td align="left" valign="top">Description:</td>
        <td><textarea name="pcdescription" cols="50" rows="6" id="pcdescription"><?php echo $pdescrip; ?></textarea></td>
      </tr>
  </table>
   <h3 class="style4"><font face="Geneva, Arial, Helvetica, sans-serif" family="arial">Audio to Broadcast </font></h3>
    <table width="807" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td width="29"class="underlineb">&nbsp;</td>
        <td width="250" class="underlineb"><font color="#666666" class="style5" >File Name <font color="#666666" class="style5" > (Mouse over to See Complete Name) </font></font></td>
        <td width="528"  class="underlineb"><font color="#666666" class="style5" >Description</font></td>
      </tr>
      <?php
        $result = mysql_query("SELECT `id`, `name` , `length` , `descrip`, `pid`
FROM `podmp3`
WHERE `user` = '$userid'", $db);
while ($podrow = mysql_fetch_assoc($result))
{
$id = $podrow["id"];
$name = $podrow["name"];
$length = $podrow["length"];
$descrip = $podrow["descrip"];
$pide = $podrow["pid"];

?>
<tr>
      <td class="underline"><input type="checkbox" name="idarray[]" value="<?php echo $id; ?>" id="<?php echo $id; ?>" <?php if ($pide) { echo "checked"; } ?> >
        <input type="hidden" name="idtwo[]" value="<?php echo $id; ?>"></td>
        <td class="underline"><?php echo Truncatec ($name); ?></td>
        <td class="underline"><div title="<?php echo $descrip; ?>"><?php echo Truncateb ($descrip); ?></div></td>
      </tr>
        <?php
        }
        
          if ($name == "") {
      echo "
        <tr>
        <td class=\"underline\" colspan=\"3\">No Audio Files, Please Choose \"Upload an Audio File\" on your Management Page to add Audio.</td>
         </tr>";
            
            
   
      
        }
        ?>
  </table>
    <br>
    <p><input name="image" type="image" src="images/submit.gif">
      <br>
    </p>
</form>
</body>
</html>
<?php
}
else {
$atitle = "Authorization Error | Odkast";
header("Location: index.php?page=autherror&type=1&reflector=login&t=5&pagetitle=$atitle");
       }
?>
LVL 3
bartonjo2Asked:
Who is Participating?
 
TeRReFConnect With a Mentor Commented:
Add some debug statement to make sure that all the vars for the query are set.
I.e.
print($userid);print($pidc);die();

If they are set properly, you might want to run the query directly from the command  line to see what kind of error you get.

0
 
Joseph MelnickSenior Software Developer - Pharmacy ApplicationsCommented:
Hello bartonjo2,

The client side javascript form validations are not included in your script or linked to.
ie: onSubmit="MM_validateForm('name'...

The variable idarray[] is posted back to your page as idarray[] = selected id

OK.   Your logic to reset checkboxes only resets the ones that are checked.

Therefore you must reset ALL the check boxes.

change this:
$mqueryd = "UPDATE `podmp3` SET `pid` = '' WHERE CONVERT( `user` USING utf8 ) = '$userid' AND CONVERT( `pid` USING utf8 )  = '$pidc'";

to this:
$mqueryd = "UPDATE `podmp3` SET `pid` = '' WHERE CONVERT( `user` USING utf8 ) = '$userid';


Joseph Melnick

As a side note: This is a rather insecure script since no input validation is performed and makes use of the script unsafe. You might want to look into this to protect you database.

0
 
bartonjo2Author Commented:
ummm... the javascript for the input validation is on the main page, these pages get included in the body area of my index page so it inherits all of the head functions... what do you mean my database is insecure?  Oh and btw the code for checkboxes to be cleared needs to take into account that we are only clearing records for which pid=editd  in other words.  
0
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

 
bartonjo2Author Commented:
also for some reason sometimes the textboxes labeled pcname and pcdescription get their values set to blank somehow.  
0
 
bartonjo2Author Commented:
i found out the problem... i should ahve put the erasure section before if ($idarray[]) {

0
 
Joseph MelnickSenior Software Developer - Pharmacy ApplicationsCommented:
Cool.
0
 
TeRReFCommented:
Don't forget to ask for a refund...
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.