• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1664
  • Last Modified:

why is sprintf error displaying too few arguments query was empty

I am getting an error on updating a form that displays

"Warning: sprintf() [function.sprintf]: Too few arguments in /home/anyone/public_html/abc/admin/update_post.php on line 115
Query was empty?

I am using PHP with MySQL on hostgator site. Everything else is working fine. In fact, the update_post.php was working fine until I updated the database.

I submitted the code and confirmed that the database, tables, and fields are correctly named and in the same order from PHP code to MySQL database

The site and code sequence is login.php to index.php to manage_all_post.php to update.php

I am choosing 500 points since this solution is urgent (even if it is a simple) solution.
Please tell me which line(s) are causing the error.
Thanks.
login.php

<?php require_once('../Connections/abc.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['username'])) {
  $loginUsername=$_POST['username'];
  $password=$_POST['password'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "index.php";
  $MM_redirectLoginFailed = "login.php";
  $MM_redirecttoReferrer = true;
  mysql_select_db($database_abc, $abc);
  
  $LoginRS__query=sprintf("SELECT username, password FROM users WHERE username=%s AND password=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $abc) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  if ($loginFoundUser) {
     $loginStrGroup = "";
    
	if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;	      

    if (isset($_SESSION['PrevUrl']) && true) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Authorized Users Only</title>
<link href="../styles/admin.css" rel="stylesheet" type="text/css" />
</head>

<body>
<h1>Authorized Users Only for <br />
Administrators of abc Race Club</h1>
<form id="form1" name="form1" method="POst" action="<?php echo $loginFormAction; ?>">
  <p>
    <label for="username">Username:</label>
    <input type="text" name="username" id="username" />
  </p>
  <p>
    <label for="password">Password:</label>
    <input type="password" name="password" id="password" />
  </p>
  <p>
    <input type="submit" name="login" id="login" value="Log In" />
  </p>
</form>
<p>If you need help, then contact us [to be done insert email here]. </p>
</body>
</html>

index.php

<?php
//initialize the session
if (!isset($_SESSION)) {
  session_start();
}

// ** Logout the current user. **
$logoutAction = $_SERVER['PHP_SELF']."?doLogout=true";
if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){
  $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){
  //to fully log out a visitor we need to clear the session varialbles
  $_SESSION['MM_Username'] = NULL;
  $_SESSION['MM_UserGroup'] = NULL;
  $_SESSION['PrevUrl'] = NULL;
  unset($_SESSION['MM_Username']);
  unset($_SESSION['MM_UserGroup']);
  unset($_SESSION['PrevUrl']);
	
  $logoutGoTo = "login.php";
  if ($logoutGoTo) {
    header("Location: $logoutGoTo");
    exit;
  }
}
?>
<?php
if (!isset($_SESSION)) {
  session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 
  // For security, start by assuming the visitor is NOT authorized. 
  $isValid = False; 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  if (!empty($UserName)) { 
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
    // Parse the strings into arrays. 
    $arrUsers = Explode(",", $strUsers); 
    $arrGroups = Explode(",", $strGroups); 
    if (in_array($UserName, $arrUsers)) { 
      $isValid = true; 
    } 
    // Or, you may restrict access to only certain users based on their username. 
    if (in_array($UserGroup, $arrGroups)) { 
      $isValid = true; 
    } 
    if (($strUsers == "") && true) { 
      $isValid = true; 
    } 
  } 
  return $isValid; 
}

$MM_restrictGoTo = "login.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) 
  $MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo); 
  exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Admin menu</title>
<link href="../styles/admin.css" rel="stylesheet" type="text/css" />
</head>

<body>
<h1>Administration Menu for abc Race Club</h1>
<p><a href="add_post.php">Add New Member</a></p>
<p><a href="manage_posts_all.php">Manage Members</a> (all records all at once for long edit and delete)</a></p>
<p>&nbsp;<a href="<?php echo $logoutAction ?>">Log out</a></p>
<p>&nbsp;</p>
</body>
</html>


manage_posts_all.php

<?php require_once('../Connections/abc.php'); ?>
<?php
if (!isset($_SESSION)) {
  session_start();
}

$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 
  // For security, start by assuming the visitor is NOT authorized. 
  $isValid = False; 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  if (!empty($UserName)) { 
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
    // Parse the strings into arrays. 
    $arrUsers = Explode(",", $strUsers); 
    $arrGroups = Explode(",", $strGroups); 
    if (in_array($UserName, $arrUsers)) { 
      $isValid = true; 
    } 
    // Or, you may restrict access to only certain users based on their username. 
    if (in_array($UserGroup, $arrGroups)) { 
      $isValid = true; 
    } 
    if (($strUsers == "") && true) { 
      $isValid = true; 
    } 
  } 
  return $isValid; 
}

$MM_restrictGoTo = "login.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) 
  $MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo); 
  exit;
}
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$currentPage = $_SERVER["PHP_SELF"];

$maxRows_getPosts = 20;
$pageNum_getPosts = 0;
if (isset($_GET['pageNum_getPosts'])) {
  $pageNum_getPosts = $_GET['pageNum_getPosts'];
}
$startRow_getPosts = $pageNum_getPosts * $maxRows_getPosts;

mysql_select_db($database_abc, $abc);
$query_getPosts = "SELECT * FROM users ORDER BY userid ASC";
$query_limit_getPosts = sprintf("%s LIMIT %d, %d", $query_getPosts, $startRow_getPosts, $maxRows_getPosts);
$getPosts = mysql_query($query_limit_getPosts, $abc) or die(mysql_error());
$row_getPosts = mysql_fetch_assoc($getPosts);

if (isset($_GET['totalRows_getPosts'])) {
  $totalRows_getPosts = $_GET['totalRows_getPosts'];
} else {
  $all_getPosts = mysql_query($query_getPosts);
  $totalRows_getPosts = mysql_num_rows($all_getPosts);
}
$totalPages_getPosts = ceil($totalRows_getPosts/$maxRows_getPosts)-1;

if (isset($_GET['totalRows_getPosts'])) {
  $totalRows_getPosts = $_GET['totalRows_getPosts'];
} else {
  $all_getPosts = mysql_query($query_getPosts);
  $totalRows_getPosts = mysql_num_rows($all_getPosts);
}
$totalPages_getPosts = ceil($totalRows_getPosts/$maxRows_getPosts)-1;

$queryString_getPosts = "";
if (!empty($_SERVER['QUERY_STRING'])) {
  $params = explode("&", $_SERVER['QUERY_STRING']);
  $newParams = array();
  foreach ($params as $param) {
    if (stristr($param, "pageNum_getPosts") == false && 
        stristr($param, "totalRows_getPosts") == false) {
      array_push($newParams, $param);
    }
  }
  if (count($newParams) != 0) {
    $queryString_getPosts = "&" . htmlentities(implode("&", $newParams));
  }
}
$queryString_getPosts = sprintf("&totalRows_getPosts=%d%s", $totalRows_getPosts, $queryString_getPosts);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Manage Posts</title>
<link href="../styles/admin.css" rel="stylesheet" type="text/css" />
</head>

<body>
<h1><strong>Administrators Database Complete View to Add New Member, Edit/Update Existing Member, Delete Existing Member</strong></h1>
<p><a href="index.php">Administration Menu</a></p>
<p><a href="add_post.php">Add New Member</a></p>
<table width="800">
  <tr>
    <th scope="col">username</th>
    <th scope="col">password</th>
     <th scope="col">userid</th>
     <th scope="col">userlevel</th>
      <th scope="col">email</th>
      <th scope="col">timestamp</th>
      <th scope="col">First Name</th>
    <th scope="col">Last Name</th>
    <th scope="col">street</th>
    <th scope="col">city</th>
    <th scope="col">st</th>
    <th scope="col">zip</th>
        <th scope="col">phone</th>
        <th scope="col">birth_date</th>
    <th scope="col">sex</th>
    <th scope="col">t_shirt</th>
    <th scope="col">first_triathlon_date</th>
       <th scope="col">recd</th>
    <th scope="col">membership_number</th>
    <th scope="col">expiration_date</th>
    <th scope="col">renewal_date</th>
    <th scope="col">entry_date</th>
    <th scope="col">email_rejected</th>
    <th scope="col">business</th>
    <th scope="col">business_phone</th>
    <th scope="col">business_notes</th>
             <th scope="col">age</th>
        <th scope="col">online_ID</th>
        <th scope="col">last_updated</th>
  <th scope="col">&nbsp;</th>
    <th scope="col">&nbsp;</th>
  </tr>
  <?php do { ?>
    <tr>
      <td><?php echo $row_getPosts['username']; ?></td>
      <td><?php echo $row_getPosts['password']; ?></td>
      <td><?php echo $row_getPosts['userid']; ?></td>
       <td><?php echo $row_getPosts['userlevel']; ?></td>
      <td><?php echo $row_getPosts['email']; ?></td>
      <td><?php echo $row_getPosts['timestamp']; ?></td>
            <td><?php echo $row_getPosts['first_name']; ?></td>
            <td><?php echo $row_getPosts['last_name']; ?></td>
       <td><?php echo $row_getPosts['street']; ?></td>
      <td><?php echo $row_getPosts['city']; ?></td>
      <td><?php echo $row_getPosts['st']; ?></td>
      <td><?php echo $row_getPosts['zip']; ?></td>
         <td><?php echo $row_getPosts['phone']; ?></td>
            <td><?php echo $row_getPosts['birth_date']; ?></td>
       <td><?php echo $row_getPosts['sex']; ?></td>
      <td><?php echo $row_getPosts['t_shirt']; ?></td>
      <td><?php echo $row_getPosts['first_triathlon_date']; ?></td>
      <td><?php echo $row_getPosts['recd']; ?></td>
       <td><?php echo $row_getPosts['membership_number']; ?></td>
      <td><?php echo $row_getPosts['expiration_date']; ?></td>
      <td><?php echo $row_getPosts['renewal_date']; ?></td>
      <td><?php echo $row_getPosts['entry_date']; ?></td>
       <td><?php echo $row_getPosts['email_rejected']; ?></td>
        <td><?php echo $row_getPosts['business']; ?></td>
        <td><?php echo $row_getPosts['business_phone']; ?></td>
       <td><?php echo $row_getPosts['business_notes']; ?></td>
           <td><?php echo $row_getPosts['age']; ?></td>
           <td><?php echo $row_getPosts['online_ID']; ?></td>
             <td><?php echo $row_getPosts['last_updated']; ?></td>
             <td><a href="update_post.php?userid=<?php echo $row_getPosts['userid']; ?>">EDIT</a></td>
      <td><a href="delete_post.php?userid=<?php echo $row_getPosts['userid']; ?>">DELETE</a></td>
    </tr>
    <?php } while ($row_getPosts = mysql_fetch_assoc($getPosts)); ?>
</table>
<table border="0">
  <tr>
    <td><?php if ($pageNum_getPosts > 0) { // Show if not first page ?>
        <a href="<?php printf("%s?pageNum_getPosts=%d%s", $currentPage, 0, $queryString_getPosts); ?>">First</a>
        <?php } // Show if not first page ?></td>
    <td><?php if ($pageNum_getPosts > 0) { // Show if not first page ?>
        <a href="<?php printf("%s?pageNum_getPosts=%d%s", $currentPage, max(0, $pageNum_getPosts - 1), $queryString_getPosts); ?>">Previous</a>
        <?php } // Show if not first page ?></td>
    <td><?php if ($pageNum_getPosts < $totalPages_getPosts) { // Show if not last page ?>
        <a href="<?php printf("%s?pageNum_getPosts=%d%s", $currentPage, min($totalPages_getPosts, $pageNum_getPosts + 1), $queryString_getPosts); ?>">Next</a>
        <?php } // Show if not last page ?></td>
    <td><?php if ($pageNum_getPosts < $totalPages_getPosts) { // Show if not last page ?>
        <a href="<?php printf("%s?pageNum_getPosts=%d%s", $currentPage, $totalPages_getPosts, $queryString_getPosts); ?>">Last</a>
        <?php } // Show if not last page ?></td>
  </tr>
</table>
</body>
</html>
<?php
mysql_free_result($getPosts);
?>


update_post.php

<?php require_once('../Connections/abc.php'); ?>
<?php
if (!isset($_SESSION)) {
  session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 
  // For security, start by assuming the visitor is NOT authorized. 
  $isValid = False; 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  if (!empty($UserName)) { 
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
    // Parse the strings into arrays. 
    $arrUsers = Explode(",", $strUsers); 
    $arrGroups = Explode(",", $strGroups); 
    if (in_array($UserName, $arrUsers)) { 
      $isValid = true; 
    } 
    // Or, you may restrict access to only certain users based on their username. 
    if (in_array($UserGroup, $arrGroups)) { 
      $isValid = true; 
    } 
    if (($strUsers == "") && true) { 
      $isValid = true; 
    } 
  } 
  return $isValid; 
}

$MM_restrictGoTo = "login.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) 
  $MM_referrer .= "?" . $QUERY_STRING;
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo); 
  exit;
}
?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

  
  if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
  $updateSQL = sprintf("UPDATE users SET username=%s, password=%s, userid=%s, userlevel=%s, email=%s, timestamp=%s, first_name=%s, last_name=%s, street=%s, city=%s, st=%s, zip=%s, phone=%s, birth_date=%s, sex=%s, t_shirt=%s, first_triathlon_date=%s, recd=%s, membership_number=%s, expiration_date=%s, renewal_date=%s, entry_date=%s, email_rejected=%s, business=%s, business_phone=%s, business_notes=%s, age=%s, online_ID=%s, last_updated=%s WHERE userid=%s",
                      GetSQLValueString($_POST['username'], "text"),
					   GetSQLValueString($_POST['password'], "text"),
					   GetSQLValueString($_POST['userid'], "int"),
					   GetSQLValueString($_POST['userlevel'], "int"),
					    GetSQLValueString($_POST['email'], "text"),
						 GetSQLValueString($_POST['timestamp'], "text"),
						 GetSQLValueString($_POST['first_name'], "text"),
                       GetSQLValueString($_POST['last_name'], "text"),
                       GetSQLValueString($_POST['street'], "text"),
                       GetSQLValueString($_POST['city'], "text"),
                       GetSQLValueString($_POST['st'], "text"),
                       GetSQLValueString($_POST['zip'], "text"),
                      GetSQLValueString($_POST['phone'], "text"),
                      GetSQLValueString($_POST['birth_date'], "date"),
                       GetSQLValueString($_POST['sex'], "text"),
                       GetSQLValueString($_POST['t_shirt'], "text"),
                       GetSQLValueString($_POST['first_triathlon_date'], "date"),
                       GetSQLValueString($_POST['recd'], "text"),
                       GetSQLValueString($_POST['membership_number'], "text"),
                       GetSQLValueString($_POST['expiration_date'], "date"),
                       GetSQLValueString($_POST['renewal_date'], "date"),
                       GetSQLValueString($_POST['entry_date'], "date"),
                       GetSQLValueString($_POST['email_rejected'], "text"),
                       GetSQLValueString($_POST['business'], "text"),
                       GetSQLValueString($_POST['business_phone'], "text"),
                       GetSQLValueString($_POST['business_notes'], "text"),
                       GetSQLValueString($_POST['age'], "text"),
                       GetSQLValueString($_POST['online_ID'], "text"),
                       GetSQLValueString($_POST['last_updated'], "date"));

  mysql_select_db($database_abc, $abc);
  $Result1 = mysql_query($updateSQL, $abc) or die(mysql_error());
}

$colname_getPosts = "-1";
if (isset($_GET['userid'])) {
  $colname_getPosts = $_GET['userid'];
}
mysql_select_db($database_abc, $abc);
$query_getPosts = sprintf("SELECT * FROM users WHERE userid = %s", GetSQLValueString($colname_getPosts, "int"));
$getPosts = mysql_query($query_getPosts, $abc) or die(mysql_error());
$row_getPosts = mysql_fetch_assoc($getPosts);
$totalRows_getPosts = mysql_num_rows($getPosts);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Update Post</title>
<link href="../styles/admin.css" rel="stylesheet" type="text/css" />
</head>

<body>
<h1>Update Record for Existing Member</h1>
<p>Go back to <a href="index.php">Administration Menu</a></p>
<form action="<?php echo $editFormAction; ?>" method="post" name="form1" id="form1">
  <table align="center">
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">username:</td>
      <td><input type="text" name="username" value="<?php echo htmlentities($row_getPosts['username'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">password:</td>
      <td><input type="text" name="password" value="<?php echo htmlentities($row_getPosts['password'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">userid:</td>
      <td><?php echo $row_getPosts['userid']; ?></td>
    </tr>
     <tr valign="baseline">
      <td nowrap="nowrap" align="right">userlevel:</td>
      <td><?php echo $row_getPosts['userlevel']; ?></td>
    </tr>
   <tr valign="baseline">
      <td nowrap="nowrap" align="right">email:</td>
      <td><input type="text" name="email" value="<?php echo htmlentities($row_getPosts['email'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">timestamp:</td>
      <td><input name="timestamp" type="text" id="timestamp" value="<?php echo htmlentities($row_getPosts['timestamp'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">first_name:</td>
      <td><input type="text" name="first_name" value="<?php echo htmlentities($row_getPosts['first_name'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">last_name:</td>
      <td><input type="text" name="last_name" value="<?php echo htmlentities($row_getPosts['last_name'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">street:</td>
      <td><input type="text" name="street" value="<?php echo htmlentities($row_getPosts['street'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">city:</td>
      <td><input type="text" name="city" value="<?php echo htmlentities($row_getPosts['city'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">st:</td>
      <td><input type="text" name="st" value="<?php echo htmlentities($row_getPosts['st'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">zip:</td>
      <td><input type="text" name="zip" value="<?php echo htmlentities($row_getPosts['zip'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
     <tr valign="baseline">
      <td nowrap="nowrap" align="right">phone:</td>
      <td><input type="text" name="phone" value="<?php echo htmlentities($row_getPosts['phone'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
   <tr valign="baseline">
      <td nowrap="nowrap" align="right">birth_date:</td>
      <td><input type="date" name="birth_date" value="<?php echo htmlentities($row_getPosts['birth_date'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">sex:</td>
      <td><input type="text" name="sex" value="<?php echo htmlentities($row_getPosts['sex'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">t-shirt:</td>
      <td><input type="text" name="t_shirt" value="<?php echo htmlentities($row_getPosts['t_shirt'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">first_triathlon_date:</td>
      <td><input type="date" name="first_triathlon_date" value="<?php echo htmlentities($row_getPosts['first_triathlon_date'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">recd:</td>
      <td><input type="text" name="recd" value="<?php echo htmlentities($row_getPosts['recd'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">membership_number:</td>
      <td><input type="text" name="membership_number" value="<?php echo htmlentities($row_getPosts['membership_number'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">expiration_date:</td>
      <td><input type="date" name="expiration_date" value="<?php echo htmlentities($row_getPosts['expiration_date'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">renewal_date:</td>
      <td><input type="date" name="renewal_date" value="<?php echo htmlentities($row_getPosts['renewal_date'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">entry_date:</td>
      <td><input type="date" name="entry_date" value="<?php echo htmlentities($row_getPosts['entry_date'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">email_rejected:</td>
      <td><input type="text" name="email_rejected" value="<?php echo htmlentities($row_getPosts['email_rejected'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">business:</td>
      <td><input type="text" name="business" value="<?php echo htmlentities($row_getPosts['business'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">business_phone:</td>
      <td><input type="text" name="business_phone" value="<?php echo htmlentities($row_getPosts['business_phone'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">business_notes:</td>
      <td><input type="text" name="business_notes" value="<?php echo htmlentities($row_getPosts['business_notes'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">age:</td>
      <td><input type="text" name="age" value="<?php echo htmlentities($row_getPosts['age'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">online_ID:</td>
      <td><input type="text" name="online_ID" value="<?php echo htmlentities($row_getPosts['online_ID'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">last_updated:</td>
      <td><input type="date" name="last_updated" value="<?php echo htmlentities($row_getPosts['last_updated'], ENT_COMPAT, 'UTF-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">&nbsp;</td>
      <td><input type="submit" value="Update Post" /></td>
    </tr>
  </table>
  <input type="hidden" name="MM_update" value="form1" />
  <input type="hidden" name="userid" value="<?php echo $row_getPosts['userid']; ?>" />
</form>
</body>
</html>
<?php
mysql_free_result($getPosts);
?>

Open in new window

0
bianchef9
Asked:
bianchef9
  • 5
1 Solution
 
bianchef9Author Commented:
I am guessing this is a common question but I need a specific answer. Again, thanks.
0
 
MichaelT_Commented:
I don't know what query is on line 115 as you posted a few different pages in your code and line 115 above doesn't have a query on it so I can't give an exact answer but it sounds like a variable isn't being passed thru to the query correctly.  Why not print out the query before it is executed to make sure it contains exactly what you expect.  For example say you have the query (this is a simple one for example purposes)

$q="SELECT address, phone FROM ".TBL_USERS." WHERE userID='$userID' ";
print "<br>Query: ".$q."<br> User ID: ".$userID."<br>";

If you post the exact query that is giving you the error perhaps we can see what makes up the query and what possible parts could be missing.

Michael.
0
 
bianchef9Author Commented:
Sorry, my mistake when posting this question is not putting the my actual code line numbers in the question code block numbers above.

My actual code Line 115 is question code Line 549
and is part of "if(isset..." in question code lines 519 to 553 in the update_post.php file as

 if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
  $updateSQL = sprintf("UPDATE users SET username=%s, password=%s, userid=%s, userlevel=%s, email=%s, timestamp=%s, first_name=%s, last_name=%s, street=%s, city=%s, st=%s, zip=%s, phone=%s, birth_date=%s, sex=%s, t_shirt=%s, first_triathlon_date=%s, recd=%s, membership_number=%s, expiration_date=%s, renewal_date=%s, entry_date=%s, email_rejected=%s, business=%s, business_phone=%s, business_notes=%s, age=%s, online_ID=%s, last_updated=%s WHERE userid=%s",
                      GetSQLValueString($_POST['username'], "text"),
                                 GetSQLValueString($_POST['password'], "text"),
                                 GetSQLValueString($_POST['userid'], "int"),
                                 GetSQLValueString($_POST['userlevel'], "int"),
                                  GetSQLValueString($_POST['email'], "text"),
                                     GetSQLValueString($_POST['timestamp'], "text"),
                                     GetSQLValueString($_POST['first_name'], "text"),
                       GetSQLValueString($_POST['last_name'], "text"),
                       GetSQLValueString($_POST['street'], "text"),
                       GetSQLValueString($_POST['city'], "text"),
                       GetSQLValueString($_POST['st'], "text"),
                       GetSQLValueString($_POST['zip'], "text"),
                      GetSQLValueString($_POST['phone'], "text"),
                      GetSQLValueString($_POST['birth_date'], "date"),
                       GetSQLValueString($_POST['sex'], "text"),
                       GetSQLValueString($_POST['t_shirt'], "text"),
                       GetSQLValueString($_POST['first_triathlon_date'], "date"),
                       GetSQLValueString($_POST['recd'], "text"),
                       GetSQLValueString($_POST['membership_number'], "text"),
                       GetSQLValueString($_POST['expiration_date'], "date"),
                       GetSQLValueString($_POST['renewal_date'], "date"),
                       GetSQLValueString($_POST['entry_date'], "date"),
                       GetSQLValueString($_POST['email_rejected'], "text"),
                       GetSQLValueString($_POST['business'], "text"),
                       GetSQLValueString($_POST['business_phone'], "text"),
                       GetSQLValueString($_POST['business_notes'], "text"),
                       GetSQLValueString($_POST['age'], "text"),
                       GetSQLValueString($_POST['online_ID'], "text"),
                       GetSQLValueString($_POST['last_updated'], "date"));

  mysql_select_db($database_abc, $abc);
  $Result1 = mysql_query($updateSQL, $abc) or die(mysql_error());
}
0
Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

 
bianchef9Author Commented:
Here is the code from page manage_posts_all.php that lists members names with an Edit button that sends to page update_post.php that displays the form to update their records

$currentPage = $_SERVER["PHP_SELF"];

$maxRows_getPosts = 20;
$pageNum_getPosts = 0;
if (isset($_GET['pageNum_getPosts'])) {
  $pageNum_getPosts = $_GET['pageNum_getPosts'];
}
$startRow_getPosts = $pageNum_getPosts * $maxRows_getPosts;

mysql_select_db($database_SandyHookers, $SandyHookers);
$query_getPosts = "SELECT * FROM users ORDER BY userid ASC";
$query_limit_getPosts = sprintf("%s LIMIT %d, %d", $query_getPosts, $startRow_getPosts, $maxRows_getPosts);
$getPosts = mysql_query($query_limit_getPosts, $SandyHookers) or die(mysql_error());
$row_getPosts = mysql_fetch_assoc($getPosts);

if (isset($_GET['totalRows_getPosts'])) {
  $totalRows_getPosts = $_GET['totalRows_getPosts'];
} else {
  $all_getPosts = mysql_query($query_getPosts);
  $totalRows_getPosts = mysql_num_rows($all_getPosts);
}
$totalPages_getPosts = ceil($totalRows_getPosts/$maxRows_getPosts)-1;

if (isset($_GET['totalRows_getPosts'])) {
  $totalRows_getPosts = $_GET['totalRows_getPosts'];
} else {
  $all_getPosts = mysql_query($query_getPosts);
  $totalRows_getPosts = mysql_num_rows($all_getPosts);
}
$totalPages_getPosts = ceil($totalRows_getPosts/$maxRows_getPosts)-1;

$queryString_getPosts = "";
if (!empty($_SERVER['QUERY_STRING'])) {
  $params = explode("&", $_SERVER['QUERY_STRING']);
  $newParams = array();
  foreach ($params as $param) {
    if (stristr($param, "pageNum_getPosts") == false && 
        stristr($param, "totalRows_getPosts") == false) {
      array_push($newParams, $param);
    }
  }
  if (count($newParams) != 0) {
    $queryString_getPosts = "&" . htmlentities(implode("&", $newParams));
  }
}
$queryString_getPosts = sprintf("&totalRows_getPosts=%d%s", $totalRows_getPosts, $queryString_getPosts);
0
 
bianchef9Author Commented:
MichaelT

I tried your suggestion in update_post.php as

$q="SELECT * FROM ".TBL_USERS." WHERE userid='$userid' ";
print "<br>Query: ".$q."<br> User ID: ".$userid."<br>";

and got the result

Query: SELECT * FROM TBL_USERS WHERE userid='2'
User ID: 2

which is the correct ID for the record from the form on the previous page manage_posts_all.php where the user clicks "Edit" to send to update_post.php where the complete record is displayed in form fields to be updated but upon submit "Update Posts" the same message occurs

"Warning: sprintf() [function.sprintf]: Too few arguments in /home/anyone/public_html/abc/admin/update_post.php on line 115
Query was empty?

so the record is never updated

0
 
bianchef9Author Commented:
thanks for your suggestion which led me to solve the problem by replacing the placeholder userid=%s with the variable $userid
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now