PHP variables passed incorrectly to MySQL

Question

Hi, I asked this question before, but not very well! Basically I have an editing page for a CMS, somewhere along the line (from the element onwards) the fields display in the box next to where they should be displaying. any ideas why?

<?php

if(isset($_GET['id']))
{
   $query  = "SELECT * ".
             "FROM studies ".
             "WHERE id = '".$_GET['id']."'";

   $result = mysql_query($query) or die('Error : ' . mysql_error());
      list($id, $pagetitle, $title, $date, $copy, $outputs, $strategies, $client, $niche, $media, $thumbmedia, $newfieldtitle, $newfieldcontent) = mysql_fetch_array($result, MYSQL_NUM);



}

if(isset($_POST['update1']))
{
   $id = $_POST['id'];
   $pagetitle = $_POST['pagetitle'];
   $title = $_POST['title'];
   $date = $_POST['date'];
   $copy = $_POST['copy'];
   $outputs = $_POST['outputs'];
   $strategies = $_POST['strategies'];
   $client = $_POST['client'];
   $niche = $_POST['niche'];
   $media = $_POST['media'];
   $thumbmedia = $_POST['thumbmedia'];
   $newfieldtitle = $_POST['newfieldtitle'];
   $newfieldcontent = $_POST['newfieldcontent'];

   if(!get_magic_quotes_gpc())
   {
      $pagetitle = addslashes($pagetitle);
      $title = addslashes($title);
      $date = addslashes($date);
      $copy = addslashes($copy);
      $outputs = addslashes($outputs);
      $strategies = addslashes($strategies);
      $client = addslashes($client);
      $niche = addslashes($niche);
      $media = addslashes($media);
      $thumbmedia = addslashes($thumbmedia);
      $newfieldtitle = addslashes($newfieldtitle);
      $newfieldcontent = addslashes($newfieldcontent);

   }

   // update the article in the database
   $query = "UPDATE studies
            SET pagetitle = '$pagetitle', title = '$title', date = '$date', copy = '$copy', outputs = '$outputs', strategies = '$strategies', client = '$client', niche = '$niche', media = '$media', thumbmedia = '$thumbmedia', newfieldtitle = '$newfieldtitle', newfieldcontent = '$newfieldcontent' ".
        "WHERE id = '$id'";
   mysql_query($query) or die('Error : ' . mysql_error());

   // then remove the cached file
   $cacheDir = dirname(__FILE__) . '/cache/';

   $cacheFile = $cacheDir . '_' . $_GET['id'] . '.html';

   @unlink($cacheFile);

   // and remove the index.html too because the file list
   // is changed
   @unlink($cacheDir . 'index.html');

   echo "<b>Article '$title' updated</b>";

   // now we will display $title & content
   // so strip out any slashes
      $pagetitle   = stripslashes($pagetitle);
      $title   = stripslashes($title);
      $date   = stripslashes($date);
      $copy = stripslashes($copy);
      $outputs = stripslashes($outputs);
      $strategies = stripslashes($strategies);
      $client = stripslashes($client);
      $niche = stripslashes($niche);
      $media = stripslashes($media);
      $thumbmedia = stripslashes($thumbmedia);
      $newfieldtitle = stripslashes($newfieldtitle);
      $newfieldcontent = stripslashes($newfieldcontent);

}


?>


<div class="container">
<form method="post">
<input type="hidden" name="id" value="<?php echo $id; ?>">

<p class="subheadsmall">Browser Title</p>
<textarea cols="40" rows="1" class="box" name="pagetitle" id="editbox"><?php echo $pagetitle; ?></textarea>


<p class="subheadsmall">Story Title</p>
<textarea cols="40" rows="1" class="box" name="title" id="editbox"><?php echo $title; ?></textarea>

<p class="subheadsmall">Date</p>
<textarea cols="40" rows="1" class="box" name="date" id="editbox"><?php echo $date; ?></textarea>

<p class="subheadsmall">Story</p>
<textarea cols="80" rows="10" class="box" name="copy" id="editbox"><?php echo $copy; ?></textarea>

<p class="subheadsmall">Outputs</p>
<textarea cols="80" rows="10" class="box" name="outputs" id="editbox"><?php echo $outputs; ?></textarea>

<p class="subheadsmall">Strategies</p>

<p class="subheadsmall">Client</p>
<select name="client">
    <option value="empty">Select a Client...</option>
 <?php
      $result2 = mysql_query("SELECT name FROM clients");
       if (!$result2) {
        die("Database query failed: " . mysql_error());
       }


while($row = mysql_fetch_array($result2)) {
    $clientlist = $row['name'];
    $clientname = htmlspecialchars($row['name']);

    if ($_POST['client'] == $clientlist)
    { 

    echo '<option value="' . $clientlist . '" selected="selected" >' . $clientname . '</option>' . '\n';
    }
    else{
    echo '<option value="' . $clientlist . '" >' . $clientname . '</option>' . '\n';
}
}


?>
</select>

<p class="subheadsmall">Core Classification</p>

<?php

switch ($niche) {
    case "brand":
        echo '<input type="radio" name="niche" value="brand" checked="checked" />Brand';
     echo '<input type="radio" name="niche" value="marketing" />Marketing';
     echo '<input type="radio" name="niche" value="communication" />Communication';
        break;
    case "marketing":
     echo '<input type="radio" name="niche" value="brand" />Brand';
     echo '<input type="radio" name="niche" value="marketing" checked="checked" />Marketing';
     echo '<input type="radio" name="niche" value="communication" />Communication';
        break;
    case "communication":
     echo '<input type="radio" name="niche" value="brand" />Brand';
     echo '<input type="radio" name="niche" value="marketing" />Marketing';
     echo '<input type="radio" name="niche" value="communication" checked="checked" />Communication';
        break;
    default;
     echo '<input type="radio" name="niche" value="brand" />Brand';
     echo '<input type="radio" name="niche" value="marketing" />Marketing';
     echo '<input type="radio" name="niche" value="communication" />Communication';
    break;
}

?>

<p class="subheadsmall">Add New Strategy</p>
<textarea cols="40" rows="1" class="box" name="strategies" id="editbox"><?php echo $strategies; ?></textarea>

<p class="subheadsmall">Media</p>
<textarea cols="80" rows="10" class="box" name="media" id="editbox"><?php echo $media; ?></textarea>

<p class="subheadsmall">Thumbnail image</p>
<textarea cols="80" rows="3" class="box" name="thumbmedia" id="editbox"><?php echo $thumbmedia; ?></textarea>

<p class="subheadsmall">Additional Field</p>

<p class="subheadsmall">Additional Field Title</p>
<textarea cols="40" rows="1" class="box" name="newfieldtitle" id="editbox"><?php echo $newfieldtitle; ?></textarea>
<p class="subheadsmall">Additional Field Content</p>
<textarea cols="40" rows="3" class="box" name="newfieldcontent" id="editbox"><?php echo $newfieldcontent; ?></textarea>



<input name="update1" type="submit" class="box" id="editbutton" value="Update Article">

</form>

Answer 1

A side note about security :

Please, for the sake of the internet and all your users, don't use mysql_query. Please use PDO http://php.net/pdo. It automatically escapes your variables so you don't have SQL exploits.

And if you must use mysql_query (for legacy code) make sure to run each variable through http://php.net/mysql_real_escape_string before using it in a query string.

Answer 2

• Remove the addslashes and magic quotes crap replace it with mysql_real_escape_string()
• You are leaving yourself open to sql injections with the SELECT * FROM studies WHERE id = '".$_GET['id']."'";
  • What if I make a request like: domain.tld/page.ext?id=SELECT * FROM users

I've rewritten a bunch of the problems I saw give this a try.

<?php

if(isset($_GET['id']))
{
   $query  = "SELECT * FROM studies WHERE id = " . mysql_real_escape_string($_GET['id']);
   $result = mysql_query($query) or die('Error : ' . mysql_error());
      list($id, $pagetitle, $title, $date, $copy, $outputs, $strategies, $client, $niche, $media, $thumbmedia, $newfieldtitle, $newfieldcontent) = mysql_fetch_array($result, MYSQL_NUM);
}

if(isset($_POST['update1']))
{
   $id = $_POST['id'];
   $pagetitle = $_POST['pagetitle'];
   $title = $_POST['title'];
   $date = $_POST['date'];
   $copy = $_POST['copy'];
   $outputs = $_POST['outputs'];
   $strategies = $_POST['strategies'];
   $client = $_POST['client'];
   $niche = $_POST['niche'];
   $media = $_POST['media'];
   $thumbmedia = $_POST['thumbmedia'];
   $newfieldtitle = $_POST['newfieldtitle'];
   $newfieldcontent = $_POST['newfieldcontent'];

   // update the article in the database
   $query = "UPDATE studies
            SET pagetitle = '" . mysql_real_escape_string($pagetitle) . "', title = '" . mysql_real_escape_string($title) . "', date = '" . mysql_real_escape_string($date) . "', copy = '" . mysql_real_escape_string($copy) . "', outputs = '" . mysql_real_escape_string($outputs) . "', strategies = '" . mysql_real_escape_string($strategies) . "', client = '" . mysql_real_escape_string($client) . "', niche = '" . mysql_real_escape_string($niche) . "', media = '" . mysql_real_escape_string($media) . "', thumbmedia = '" . mysql_real_escape_string($thumbmedia) . "', newfieldtitle = '" . mysql_real_escape_string($newfieldtitle) . "', newfieldcontent = '" . mysql_real_escape_string($newfieldcontent) . "' ".
        "WHERE id = '" . mysql_real_escape_string($id) . "'";
   mysql_query($query) or die('Error : ' . mysql_error());

   // then remove the cached file
   $cacheDir = dirname(__FILE__) . '/cache/';

   $cacheFile = $cacheDir . '_' . $_GET['id'] . '.html';

   @unlink($cacheFile);

   // and remove the index.html too because the file list
   // is changed
   @unlink($cacheDir . 'index.html');

   echo "<b>Article '$title' updated</b>";

}


?>


<div class="container">
<form method="post">
<input type="hidden" name="id" value="<?php echo $id; ?>">

<p class="subheadsmall">Browser Title</p>
<textarea cols="40" rows="1" class="box" name="pagetitle" id="editbox"><?php echo $pagetitle; ?></textarea>


<p class="subheadsmall">Story Title</p>
<textarea cols="40" rows="1" class="box" name="title" id="editbox"><?php echo $title; ?></textarea>

<p class="subheadsmall">Date</p>
<textarea cols="40" rows="1" class="box" name="date" id="editbox"><?php echo $date; ?></textarea>

<p class="subheadsmall">Story</p>
<textarea cols="80" rows="10" class="box" name="copy" id="editbox"><?php echo $copy; ?></textarea>

<p class="subheadsmall">Outputs</p>
<textarea cols="80" rows="10" class="box" name="outputs" id="editbox"><?php echo $outputs; ?></textarea>

<p class="subheadsmall">Strategies</p>

<p class="subheadsmall">Client</p>
<select name="client">
    <option value="empty">Select a Client...</option>
 <?php
                $result2 = mysql_query("SELECT name FROM clients") or die("Database query failed: " . mysql_error());    

while($row = mysql_fetch_assoc($result2)) {
    $clientlist = $row['name'];
    $clientname = htmlspecialchars($row['name']);

    if ($_POST['client'] == $clientlist)
    { 

    echo '<option value="' . $clientlist . '" selected="selected" >' . $clientname . '</option>' . '\n';
    }
    else{
    echo '<option value="' . $clientlist . '" >' . $clientname . '</option>' . '\n';
}
}


?>
</select>

<p class="subheadsmall">Core Classification</p>

<?php

switch ($niche) {
    case "brand":
        echo '<input type="radio" name="niche" value="brand" checked="checked" />Brand';
        echo '<input type="radio" name="niche" value="marketing" />Marketing';
        echo '<input type="radio" name="niche" value="communication" />Communication';
        break;
    case "marketing":
        echo '<input type="radio" name="niche" value="brand" />Brand';
        echo '<input type="radio" name="niche" value="marketing" checked="checked" />Marketing';
        echo '<input type="radio" name="niche" value="communication" />Communication';
        break;
    case "communication":
        echo '<input type="radio" name="niche" value="brand" />Brand';
        echo '<input type="radio" name="niche" value="marketing" />Marketing';
        echo '<input type="radio" name="niche" value="communication" checked="checked" />Communication';
        break;
    default;
        echo '<input type="radio" name="niche" value="brand" />Brand';
        echo '<input type="radio" name="niche" value="marketing" />Marketing';
        echo '<input type="radio" name="niche" value="communication" />Communication';
    break;
}

?>

<p class="subheadsmall">Add New Strategy</p>
<textarea cols="40" rows="1" class="box" name="strategies" id="editbox"><?php echo $strategies; ?></textarea>

<p class="subheadsmall">Media</p>
<textarea cols="80" rows="10" class="box" name="media" id="editbox"><?php echo $media; ?></textarea>

<p class="subheadsmall">Thumbnail image</p>
<textarea cols="80" rows="3" class="box" name="thumbmedia" id="editbox"><?php echo $thumbmedia; ?></textarea>

<p class="subheadsmall">Additional Field</p>

<p class="subheadsmall">Additional Field Title</p>
<textarea cols="40" rows="1" class="box" name="newfieldtitle" id="editbox"><?php echo $newfieldtitle; ?></textarea>
<p class="subheadsmall">Additional Field Content</p>
<textarea cols="40" rows="3" class="box" name="newfieldcontent" id="editbox"><?php echo $newfieldcontent; ?></textarea>



<input name="update1" type="submit" class="box" id="editbutton" value="Update Article">

</form>

EDIT: I've made a few more changes to your code, also I think your problem stems from this line:

while($row = mysql_fetch_array($result2)) {

I think your looking for the mysql_fetch_assoc() array.

Answer 3

I suppose you're simply assigning the wrong content to the wrong variables, which supposedly happens here:

list($id, $pagetitle, $title, ...) = mysql_fetch_array($result, MYSQL_NUM);

You're relying on the database fields being in the exact order your code is in. Not very reliable and a horror to maintain.

Why go through the trouble of copying them out of an array into separate variables in the first place? Just keep them as they are until you need them:

<?php $row = mysql_fetch_assoc($result); ?>
...
<textarea name="date"><?php echo $row['date']; ?></textarea>