2

When i click this button my page is forwarded to a removeRowValue.php page: 

<a href="/includes/incl/removeRowValue.php?name=ontvangenklantdatum"><button type="button" class="btn btn-default">Empty</button></a>

My removeRowValue.php page:

<?php
session_start();
$str = (int) $_SESSION['rights'];
$accptList = array(1,3);
if(!in_array($str, $accptList)){          
    header('Location: index.php?pagina=login');
}
    require('conn.inc.php');
    $getName        = filter_input(INPUT_GET, "name", FILTER_SANITIZE_STRING);
    $columnName     = 'rd_' . $getName;
    $artCode        = $_SESSION['artcode'];
    $getadmrmaid    = $_SESSION['getadmrmaid'];

    $delRmaDetVal = $dbh->prepare("UPDATE rma_detail LEFT JOIN rma ON rma_detail.rd_rma_id=rma.r_id SET $columnName = NULL WHERE rd_artikel_code = :artcode AND r_nr = :getadmrmaid");
    $delRmaDetVal->bindParam(':artcode', $artcode, PDO::PARAM_STR);
    $delRmaDetVal->bindParam(':getadmrmaid', $getadmrmaid, PDO::PARAM_INT);   
    $delRmaDetVal->execute();

?>
  • In my mysql table empty is checked for that column
  • Default value is NULL.

I have updated the NULL to some value (ie: 2014-12-2) but now i want to put it back to NULL when i click the above button but this is not working. I don't get any error.

Improve this question
5
  • 1
    does your column(s) allow null? :D Commented Dec 2, 2014 at 15:06
  • Can you echo the query? Commented Dec 2, 2014 at 15:07
  • 2
    Out of scope of the question, but from what I can remember from my PHP days, your security check is broken. You set a header to redirect to the login page if $_SESSION['rights'] doesn't include the required $accptList, but you don't exit the script or wrap the rest in an else, so the database code executes even if the header is sent, doesn't it? Commented Dec 2, 2014 at 15:14
  • @DanFarrell That makes a lot of sense. Mind if I quote you in my answer? Commented Dec 2, 2014 at 15:19
  • Not at all, please do Commented Dec 3, 2014 at 15:08

1 Answer 1

Reset to default
4

You have

$artCode = $_SESSION['artcode'];

yet are using $artcode in your bind. Notice the lowercase "c".

Variables are case-sensitive. Therefore, you need to change it to $artCode

Using error reporting would have signaled an undefined variable.

Add $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); right after the connection is opened.

  • You may not be checking for errors.

Add error reporting to the top of your file(s) which will help find errors.

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

// rest of your code

Sidenote: Error reporting should only be done in staging, and never production.

Quoting Dan Farrell in comments:

"Out of scope of the question, but from what I can remember from my PHP days, your security check is broken. You set a header to redirect to the login page if $_SESSION['rights'] doesn't include the required $accptList, but you don't exit the script or wrap the rest in an else, so the database code executes even if the header is sent, doesn't it?"

  • You should also add an exit; after your header. If it exits to the header, then you will know that it's the first part of your code that is failing.

  • exit; should always be following a header, and is considered good practice to do so.

I also suggest you check whether or not all of the session names are indeed set using isset() and maybe even if they are empty using empty() in a conditional statement.

I.e.:

if( isset($_SESSION['artcode']) && !empty($_SESSION['artcode']) )

While adding other session variables to that condition, and checking to see if your column does allow NULL, as mentioned in comments.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Thank you very much for your help in this. I am very glad that it works now and sometimes it is not the code but just a stupid fault. Tha camelcase writing had done the trick!
@DanFarrel & Fred I did not knew that before you guys actually have brought something new to me! Thank you for that. Sadly i cannot give you both a +1 because my reputation is still not growing fast but nice work!
@Peter You're very much welcome Peter. Glad to have helped and sharing the wealth ;) Cheers

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.