PHP - Moved: Sql Insertion Error
This topic has been moved to MySQL Help.
http://www.phpfreaks.com/forums/index.php?topic=320009.0 Similar TutorialsGuys, I'm not at all able to insert characters like " ' ` and all sorts into my database or it will always return an error. I just created a textarea field in my site of which I just want to istore all those collected datas into my database for later retrieval and all sorts. Please help! This topic has been moved to PHP Applications. http://www.phpfreaks.com/forums/index.php?topic=344105.0 This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=315281.0 This topic has been moved to Third Party PHP Scripts. http://www.phpfreaks.com/forums/index.php?topic=323310.0 This topic has been moved to Apache HTTP Server. http://www.phpfreaks.com/forums/index.php?topic=343321.0 This topic has been moved to Other Libraries and Frameworks. http://www.phpfreaks.com/forums/index.php?topic=311225.0 Hello Guys, With this code I am able to match two strings, where one of them is standard and the other is changeable. This doesn't matter. What it does matter that I want to insert the values into a database consisted of a number of columns. As you can see in the code every iteration it gives one value of the whole insertion. I hope I made my question clear. Code: [Select] <?php preg_match_all('/\b(' . implode("|", array_map("preg_quote", $dictionary)) . ')/i', $file, $foundwords); $sim = array_count_values($foundwords[0]); $max = max ($sim); foreach ($sim as $key=> $value) { $norm = ($value/$max); echo $key. " = $norm </br>"; } $foundwords[0] = array_flip ($foundwords[0]); ksort($foundwords[0]); foreach ($foundwords[0] as $key=> $value) { echo "<br/>$key "; // [color=red]after here how can I insert all the values in one row[/color] } ?> I am a newbie to php.. Used to do work in Cold Fusion and I cannot figure out what I am doing with a registration page I have created. I am looking to have the page insert into two databases, which it is doing, and then redirect to the main member's page. I have been looking for something and have not found anything here or online that works for me. I understand that you cannot use header() after any type of html or echo, but I have tried .js and other methods. I am not throwing errors, just no redirect... Also I am interested in hearing how bad my code is... any positive criticism is appreciated, as I am still learning Here is my code: Code: [Select] <?php include("dbc.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Registration Page</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="stylesheet" href="style.css" type="text/css" charset="utf-8"> <link rel="stylesheet" href="styles.css" type="text/css" charset="utf-8"> //Some Javascript... </script> </head> <body> //Some Styling... <!-- content goes here --> <h1>Register</h1> <?php ob_start(); error_reporting(0); $_POST = array_map('secure', $_POST); if($_POST['submit']) { $user_name = mysql_real_escape_string($_POST['user_name']); $query = mysql_query("SELECT * FROM xxxxusers WHERE user_name='$user_name'"); $query = mysql_query("SELECT * FROM xxxusers WHERE user_name='$user_name'"); if(mysql_num_rows($query) != 0) { echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Username already exists</div>"; } else { $user_password = mysql_real_escape_string($_POST['user_password']); $user_pass = mysql_real_escape_string($_POST['user_pass']); $user_email = $_POST['user_email']; $query = mysql_query("SELECT * FROM xxxxusers WHERE user_email='$user_email'"); $query = mysql_query("SELECT * FROM xxxusers WHERE user_email='$user_email'"); if(mysql_num_rows($query) != 0) { echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Email already exists</div>"; } else { $enc_password = md5($user_password); $enc_password = md5($user_pass); if($user_name && $user_password && $user_pass && $user_email) { if (strlen($user_name)>20) { echo "<div style="font-size: 9pt; font-weight: bold;color: red;">Your Name is Too Long</div>"; } $email = htmlspecialchars($_POST['user_email']); if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)) { echo "<div style="font-size: 9pt; font-weight: bold;color: red;">E-mail address not valid</div>"; } { require "dbc.php"; mysql_query("INSERT INTO xxxxusers stuff....) VALUES(stuff....) ") or die(mysql_error()); mysql_query("INSERT INTO xxxusers stuff....) VALUES(stuff....) ") or die(mysql_error()); } } else echo "<div style="font-size: 9pt; font-weight: bold;color: red;">All Fields Are Required</div>"; } } } ob_end_flush(); ?> <form action="register.php" method="post"> <table align="left" border="0" cellspacing="0" cellpadding="3"> <tr> <td>Username:</td> <td><input type="text" name="user_name" maxlength="30" value="<?php echo "$user_name"; ?>"></td> </tr> <tr> <td>Password:</td> <td><input type="password" name="user_password" maxlength="30" value=""></td> </tr> <tr> <td>Confirm password:</td> <td><input type="password" name="user_pass" maxlength="30" value=""></td> </tr> <tr> <td>Email address:</td> <td><input type="text" name="user_email" maxlength="50" value=""<?php echo "$user_email"; ?>""></td </tr> <tr><td colspan="2" align="right"> <input type="submit" value="Register!" id="submit" name="submit"></td></tr> <tr><td colspan="2" align="left"><a href="index.php">Back to Home Page</a></td></tr> </table> </form> Code: [Select] //enter into btree ---------------------------------------------- $sql_plevel='select nlevel from btree where uniqueid = '.$formjoinedunder; $abc = mysql_query($sql_plevel , $db) $result_plevel = mysql_fetch_assoc($abc) or die(mysql_error()); $plevel = $result_plevel['nlevel'] + 1; $insert_btree = 'INSERT INTO btree (uniqueid,nlevel,pside) VALUES ('.$reguniqueid.','.$plevel.','.$formposition.')'; mysql_query($insert_btree , $db) or die(mysql_error()); Can any one please tell me what is the problem in the above code it does not insert into the table btree. Hi Friends ! I need to discuss a problem with you. When we fill a customer info form, and redirect to other page. but go back by browser's back button and resubmit the form. In this case duplicate data is inserted. Or when we refresh a page multiple data is inserted, so HOW TO AVOID this terrible problem ? I'm trying to learn writing php scripts with html-simple-dom. I am scrapping my website with html-simple-dom and the below code, but I am running into an issue with inserting the scrapped data into my database. This code scraps the website and grabs the html data I want. Code: [Select] $ret = $html->find('table[class=data] tr'); foreach($ret as $visitor){ $visitor = $visitor->find('td','1') . "<br>"; $insert="INSERT INTO $dbtable (visitor) VALUES ('$visitor')"; mysql_query($insert) OR die(mysql_error()); } But this is being inserted into the database "visitor" field. Code: [Select] <td colspan="1" rowspan="1" style="text-align: left;"><a style="border-bottom:1px dotted;" onclick="loadTeamSpotlight(jQuery(this));" rel="HEN" href="javascript:void(0);">HENRY</a></td><br> I only want "HENRY" to be extracted out of the html code above and inserted into the database table. Any help would be greatly appreciated, as I have been pulling my hair out trying to figure this out. Do I need to use explode or something? Thanks, Hi, I have a lovely wordpress theme on my website. Unfortunately I can not get text or the home page itself into the landing page, is there any way to do this at all? I want to the home page text to sit under the
I have contacted the theme author with no help. I want the text to sit underneath the four image buttons (below banner slider)
This is the website http://www.cloudchasing.co.uk/
Hope this makes sense, many thanks for help in advance.
Karl
Hi everyone, I'm trying to create a site where teachers can upload educational animations (swfs) and source files (.fla's) to a site as a shared resource for others to use in their classrooms. I've concatinated a random number to both the source file and animation file to circumvent the problem of files with same names being uploaded. However, I have one small problem. The source file is not a mandatory upload, so sometimes the $source_file is null. However, with the random number concatinated, $source_fileX is not null. I tried to write some code saying that if $source_file is null, then $source_fileX should be null, else $source_fileX should be random_number concatinated with $source_file , but it doesn't seem to be working. The animation files are uploading fine. It's just the source files that are not. Nor is $source_fileX being inserted into the source_file field in the database. Code below. Thanks in advance. Code: [Select] <?php $keywords = $_POST["keywords"]; $subject = $_POST["subject"]; $description = $_POST["description"]; $website = $_POST["website"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; $school = $_POST["school"]; $animation_file = $_POST["animation_file"]; $source_file = $_POST["source_file"]; $random_digit=rand(00000, 9999); $animation_fileX=$random_digit . $_FILES['animation_file']['name']; if($animation_fileX!="") { if (!copy($_FILES['animation_file']['tmp_name'], "uploads/$animation_fileX")) { echo "failed to copy \n"; } } if ($source_file!="") { $source_fileX=$random_digit . $_FILES['source_file']['name']; } else { $source_fileX=""; } if($source_fileX!="") { if (!copy($_FILES['source_file']['tmp_name'], "source_file_uploads/$source_fileX")) { echo "failed to copy \n"; } } //**********************SEND TO DATABASE**************************** include 'mysql_connect.php'; $query = "INSERT INTO animation_uploads (date, animation_file, source_file, keywords, subject, description, firstname, lastname, school, website)" . "VALUES (NOW(), '$animation_fileX', '$source_fileX', '$keywords', '$subject' , '$description', '$firstname', '$lastname', '$school' , '$website')"; //if($query){echo 'data has been placed'} mysql_query($query) or die(mysql_error()); //***********************END OF DATABASE CODE*********************** Hi All, I am using the PHP Simple HTML DOM parser to connect to a financials website, parse out a companies financial information (Income statement in this case) and then insert the scrapped data into a mysql database that I can then later use to run automated calculations. Here is the code I have so far: Code: [Select] <?php include_once 'simple_html_dom.php'; //Connect to financial Website and Create DOM from URL $income_statement = file_get_html('http://www.WEBSITE.com/finance?etc..etc...etc...etc...'); //PULL FINANCIAL DATA foreach($income_statement->find('td[class]' ) as $lines=>$data) { echo $data->plaintext . "<br/>"; } // clean up memory $html->clear(); unset($html); ?> So far I am able to get output that looks like this: Code: [Select] Revenue 336.57 331.52 324.32 319.29 320.40 Other Revenue, Total - - - - - Total Revenue 336.57 331.52 324.32 319.29 320.40 etc............................. But being a newb I do not understand how I can break each $ value and each - into their own variables and then insert them to their corresponding mysql table fields. During the database insert I would like to ignore field headings from insertion (i.e Revenue, Total Revenue, etc.... Any help would be absolutely amazing, as I have been reading, scripting and searching for information like crazy, but just can't seem to figure it out. <?php if(isset($_POST['submit'])){ $uname = $_POST['username']; $pword = $_POST['password']; /*** mysql hostname ***/ $hostname = 'localhost'; /*** mysql username ***/ $username = 'root'; /*** mysql password ***/ $password = 'anty90'; try { $link = new PDO("mysql:host=$hostname;dbname=gambling", $username, $password); /*** echo a message saying we have connected ***/ echo 'Connected to database<br />'; /*** INSERT data ***/ $stmt = $link->prepare("INSERT INTO gamb(username, password) VALUES (?, ?)"); try{ $stmt->execute(array("$uname", "$pword")); } catch(PDOException $e){ echo "Exception caught: $e"; } /*** echo the number of affected rows ***/ //echo $count; /*** close the database connection ***/ $link = null; } catch(PDOException $e) { echo $e->getMessage(); } } ?> <html> <form action='home.php' method='post'> <input type="text" name="username" > <input type="password" name="password" > <input type="submit" name="submit" value="submit"> </form> </html>I'm new to databse programming so I was just wondering if this was vulnerable to sql injection or not. Hi, This escape function will only block quotes How would you stop java script insertion? function escape($string) { return htmlentities($string, ENT_QUOTES, 'UTF-8'); }Thanks i am facing a problem regarding the insertion of of link in a text area is not detected but the output is a normal text "unlike facebook comments" is there any php functions ??? thanks in advance Hi guys.I am making a Query Analyzer in php which takes the query string inside a form and out puts the result table in that particular page.How do i output the notification by MySQL when you do a successful insertion of data into mysql.i want to know if there are any methods in php which gives you that such as "1 row affected","Query took 0.00sec".Thanks This topic has been moved to MySQL Help. http://www.phpfreaks.com/forums/index.php?topic=306682.0 |