|
PHP - Form Retrieved From A Mysql Database Disappears Upon Submit: Resource Id#3, 4
Hey--New to the forum, and php.
I have a drop-down list populated by a MySQL database. Submitting that selection retrieves php scripts which I run using eval(). One of them is a form. The scripts evaluate fine, but when I submit the second form, it disappears and I get a resource id where the "result" script was. The resource ids change between 3 and 4 when I refresh the page. Any hints on what I'm doing wrong? Here is the main script: <?php $host="localhost"; $username="root"; $password="root"; $con = mysql_connect($host,$username,$password); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("calculators", $con); $result = mysql_query("SELECT * FROM calculator"); while($row = mysql_fetch_array($result)) { echo "<option type='text' " . "value='" . $row['Title'] . "'>" . $row['Title'] . "</option>"; } echo "</select>"; echo "<br>"; echo "<input type='submit' name='submit1'>"; echo "</form>"; $title = mysql_real_escape_string($_GET['Title']); $result = mysql_query('SELECT * FROM calculator WHERE Title = "' . $title . '"'); while($row = mysql_fetch_array($result)) { $header = $row['Header']; $calculator = $row['Calculator']; $result = $row['Result']; $formula = $row['Formula']; $reference = $row['Reference']; } eval('?>' . $header . '<?php '); echo "<h2>Calculator</h2>"; eval('?>' . $calculator . '<?php '); echo "<h2>Result</h2>"; eval('?>' . $result . '<?php '); echo "<h2>Formula</h2>"; eval('?>' . $formula . '<?php '); echo "<h2>Reference</h2>"; eval('?>' . $reference . '<?php '); mysql_close($con); ?> Thanks, Davis Similar TutorialsHi Guys, I have the following code that I'm getting from my database. This is how it appears in the DB. Code: [Select] <div id="reply_flash"> <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td style="font-family: Arial; font-size: 14px; line-height: 19px; text-align: left; color: rgb(102, 102, 102);"> <br> <div style="font-family: Georgia; font-size: 19px; line-height: 20px; color: rgb(88, 43, 0); font-weight: normal; text-align: left;">This is a heading</div> <p>This is some text in this area.</p> <a href="#"><strong>Read more</strong></a> </td> </tr> </table> </div> When the user goes to edit the page, I'm retrieving the above from the database: http://www.mysite.com/newsletter/edit/56 Code: [Select] // Controller to handle the request public function edit() { $id = $this->uri->segment(3); $data['get_newsletter'] = $this->Newsletter_model->get_newsletter($id); $this->load->view('header'); $this->load->view('newsletter/edit', $data); $this->load->view('footer'); } // View to display the request foreach($get_newsletter as $row) { $code = $row->code; $newsletter_id = $row->id; } echo $code; Now, when I echo the code below. It appears in the html as Code: [Select] <div id="reply_flash"> </div> // CLOSING THE DIV AND PUTTING THE TABLE OUTSIDE <table width="100%" border="0" cellpadding="0" cellspacing="0"> <tr> <td style="font-family: Arial; font-size: 14px; line-height: 19px; text-align: left; color: rgb(102, 102, 102);"> <br> <div style="font-family: Georgia; font-size: 19px; line-height: 20px; color: rgb(88, 43, 0); font-weight: normal; text-align: left;">This is a heading</div> <p>This is some text in this area.</p> <a href="#"><strong>Read more</strong></a> </td> </tr> </table> </div> As you can see, when it's being retrieved and being displayed on the webpage, the div is being closed and the table appears outside it. Have no isdea what is going on. I'm trying to modify code from a book called "PHP with MySQL" where data is read from a MySQL db, edited via a form and written back. It's all technically working but the data is written to the screen from left to right as follows (where the top row is the heading and the second row is the data retrieved from the database in an edit box.): First Name | Last Name | <David> | <Beckham> | I have tons of fields (but only have firstname/lastname in the script for now), so the headings scroll left to right on the screen and I find it really annoying. I'd like things to go top-to-bottom so it looks like this: First Name | <David> Last Name | <Beckham> I've been playing around with the code and trying to add <tr>'s here and there but I can't get it. At best, it looks like this: First Name Last Name <David> <Beckham> I'm hoping it's something simple, but I just can't see it. Any help would be appreciated... the full code is below Code: [Select] # cat editrecord.php <html> <head> <style> body {font-family:arial;} .error {font-weight:bold; color:#FF0000;} </style> <title>Edit Contact Records</title> </head> <body> <h2>Edit Contact Records:</h2> <? //connect to the database include("dbinfo.php"); $link = mysqli_connect($server, $username, $password, $database); // has the form been submitted? if ($_POST) { foreach($_POST as $k => $v) { $v = trim($v); $$k = $v; } // build UPDATE query $update = "UPDATE contact_records SET firstname='$firstname', lastname='$lastname' WHERE Id=$id"; // execute query and check for success if (!mysqli_query($link, $update)) { $msg = "Error updating data"; } else { $msg = "Record successfully updated:"; // write table row confirming data $table_row = ' <tr> <td>' . $firstname . '</td> <td>' . $lastname . '</td> </tr>'; } // if not posted, check that an Id has been passed via the URL } else { if (!IsSet($_GET['id'])) { $msg = "No customer selected!"; } else { $id = $_GET['id']; //build and execute the query $select = "SELECT firstname, lastname FROM contact_records where id=$id"; $result = mysqli_query($link, $select); // check that the record exists if (mysqli_num_rows($result)<1) { $msg = "No customer with that ID found!"; } else { // set vars for form code $form_start = "<form method=\"post\"action=\"" . $_SERVER['PHP_SELF'] . "\">"; $form_end = ' <tr> <td colspan="2"><input type="submit" value="Submit changes" /></td> <td colspan="3"><input type="reset" value="Cancel" /></td> </tr> </form>'; // assign the results to an array while ($row = mysqli_fetch_array($result)) { $firstname = $row['firstname']; $lastname = $row['lastname']; // write table row with form fields $table_row = ' <tr> <td><input type="text" name="firstname" value="' . $firstname . '" size="10" /></td> <td><input type="text" name="lastname" value="' . $lastname . '" size="10" /></td> </tr>'; } // end 'if record exists' if } //end 'if ID given in URL' if } // end 'if form posted' if } // close connection mysqli_close($link); // print error/success message echo (IsSet($msg)) ? "<div class=\"error\">$msg</div>" : ""; ?> <table border="1" cellpadding="5"> <!-- Show start-of-form code if form needed --> <? echo (IsSet($form_start)) ? $form_start : ""; ?> <input type="hidden" name="id" value="<? echo $id ?>" /> <tr> <th>First Name</th> <th>Last Name</th> </tr> <!-- Show appropriate table row code (none set if there were errors) --> <? echo (IsSet($table_row)) ? $table_row : ""; ?> <!-- Show end-of-form code if we are displaying the form --> <? echo (IsSet($form_end)) ? $form_end : ""; ?> </table> <br /><a href="records.php">Back to customer list</a> </body> </html> Hi All, I'm hoping someone can help me. I'm looking to create a form that will submit multiple entries to a MySQL database depending on the options selected on the form. I am able to submit single entries, but the multiple entire is a bit of a mystery to me. I have attached an JPG image to show an example of how I would like the form to work. I have also added the description/explination below to this example: Example 1 The form was completed and three access types were selected. Thus Three entries, all with the Same Reference number were captured into the database Example 2 The form was completed and Two Access Types were selected. Thus Two entries, all with the Same Reference number were captured into the database Example 3 The form was completed and Four Access Types were selected. Thus Four entries, all with the Same Reference number were captured into the database I can not get the values from the javascript add row to go dynamically as a row into MySql only the form values show up as the form below as one row. I made it as an array, but no such luck, I have tried this code around a multitude of ways. I don't know what I am doing wrong, kindly write out the correct way.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR...ransitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Dynamic Fields js/php to MySql need to submit dynamically to the database</title> <?php require ('database.php'); ?> <script type="text/javascript"> var counter = 1; var collector = ""; function addfields(indx) { var tbl = document.getElementById('table_id'); var newtr = document.createElement('tr'); counter = counter + indx; newtr.setAttribute('id','tr'+counter); newtr.innerHTML = '<td><input type="checkbox" name="checkb'+counter+'" id="checkb'+counter+'" value="'+counter+'" onclick="checkme('+counter+')"></td><td><input type="text" name="text1[]"></td><td><textarea name="textarea1[]"></textarea></td>'; tbl.appendChild(newtr); } function checkme(dx) { collector += dx+","; } function deletetherow(indx) { var col = collector.split(","); for (var i = 0; i < col.length; i++) { var remvelem = document.getElementById('tr'+col[i]); var chckbx = document.getElementById("checkb"+col[i]); if(remvelem && chckbx.checked) { var tbl = document.getElementById('table_id'); tbl.removeChild(remvelem); } } } </script> </head> <body> <form enctype="multipart/form-data" id="1" style="background-color:#ffffff;" action="<?php echo $_SERVER['PHP_SELF']; ?>"></form> <table id="table_id" > <tr id="tr1" class="trmain"> <td> </td> <td> <input type="text" name="text1[]"> </td> <td> <textarea name="textarea1[]"></textarea> </td> </tr> </table> <input type="button" value="Add" onClick="addfields(1);" /> <input type="button" value="Delete" onClick="deletetherow()" /> <input type="submit" value="Send" id="submit" name="submit"/> <?php if(isset($_POST['submit'])) { for ($i=0; $i < count($_POST['text1']); $i++ ) { $ced = stripslashes($_POST['text1'][$i]); $erg = stripslashes($_POST['textarea1'][$i]); } $bnt = mysql_query("INSERT INTO tablename (first, second) VALUES ('$ced', '$erg')")or die('Error: '. mysql_error() ); $result = mysql_query($bnt); } ?> </body> </html> Before I pull my hair out, can I: form1.html Retrieve 1 record, 5 columns from the db Display that data in a form Allow the user to change any of the column data on the form Use form action update.php, method post update.php use $_POST to capture variables update db My main concern is if the retrieved data will be displayed on the form. Thanks Hi- the code below lets me upload a CSV file to my database if I have 1 field in my database and 1 column in my CSV. I need to add to my db "player_id" from the CVS file and "event_name" and "event_type" from the form... any ideas??? here's the code: Code: [Select] <?php $hoststring =""; $database = ""; $username = ""; $password = ""; $makeconnection = mysql_pconnect($hoststring, $username, $password); ?> <?php ob_start(); mysql_select_db($database, $makeconnection); $sql_get_players=" SELECT * FROM tabel ORDER BY player_id ASC"; // $get_players = mysql_query($sql_get_players, $makeconnection) or die(mysql_error()); $row_get_players = mysql_fetch_assoc($get_players); // $message = null; $allowed_extensions = array('csv'); $upload_path = '.'; //same directory if (!empty($_FILES['file'])) { if ($_FILES['file']['error'] == 0) { // check extension $file = explode(".", $_FILES['file']['name']); $extension = array_pop($file); if (in_array($extension, $allowed_extensions)) { if (move_uploaded_file($_FILES['file']['tmp_name'], $upload_path.'/'.$_FILES['file']['name'])) { if (($handle = fopen($upload_path.'/'.$_FILES['file']['name'], "r")) !== false) { $keys = array(); $out = array(); $insert = array(); $line = 1; while (($row = fgetcsv($handle, 0, ',', '"')) !== FALSE) { foreach($row as $key => $value) { if ($line === 1) { $keys[$key] = $value; } else { $out[$line][$key] = $value; } } $line++; } fclose($handle); if (!empty($keys) && !empty($out)) { $db = new PDO( 'mysql:host=host;dbname=db', 'user', 'pw'); $db->exec("SET CHARACTER SET utf8"); foreach($out as $key => $value) { $sql = "INSERT INTO `table` (`"; $sql .= implode("`player_id`", $keys); $sql .= "`) VALUES ("; $sql .= implode(", ", array_fill(0, count($keys), "?")); $sql .= ")"; $statement = $db->prepare($sql); $statement->execute($value); } $message = '<span>File has been uploaded successfully</span>'; } } } } else { $message = '<span>Only .csv file format is allowed</span>'; } } else { $message = '<span>There was a problem with your file</span>'; } } ob_flush();?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>CSV File Upload</title> </head> <body> <form class="form" action="" method="post" enctype="multipart/form-data"> <h3>Select Your File</h3> <p><?php echo $message; ?></p> <input type="file" name="file" id="file" size="30" /> <br/> <label>Event Name:</label><input name="event_name" type="text" value="" /> <br/> <label>Event Type:</label><input name="event_type" type="text" value="" /> <br/> <input type="submit" id="btn" class="button" value="Submit" /> </form> <br/> <h3>Results:</h3> <?php do { ?> <p><?php echo $row_get_players['player_id'];?></p> <?php } while ($row_get_players = mysql_fetch_assoc($get_players)); ?> </body> </html> I have deleted mysql info for safety reasons. Here are the two webpage's codes i'm using right now menu.php <? session_start(); if(!session_is_registered(myusername)){ header("location:login.php"); } ?> <html><title>ChronoServe - Saving Time</title> <link href="style.css" rel="stylesheet" type="text/css"> <body> <table width="100%" border="0" cellpadding="0" cellspacing="0" class="container"> <tr> <td> <table width="335px" height="50%" border="1" align="center" cellpadding="0" cellspacing="0" class="centered"> <tr> <td> <form method="post" action="insertvalues.php"> <table width="100%" border="0" align="center" cellpadding="3" cellspacing="10"> <tr> <td colspan="2"><div align="center" class="font2">Activation Information</div></td> </tr> <tr> <td colspan="2"></td> </tr> <tr> <td width="40%" class="font3">First Name :</td> <td width="60%"> <div align="center"> <input name="firstname" type="text" class="font3" id="firstname" maxlength="25" /> </div></td> </tr> <tr> <td class="font3">Last Name :</td> <td> <div align="center"> <input name="lastname" type="text" class="font3" id="lastname" maxlength="25" /> </div></td> </tr> <tr> <td height="28" class="font3">Phone Number :</td> <td> <div align="center"> <input name="pnumber" type="text" class="font3" id="pnumber" maxlength="10" /> </div></td> </tr> <tr> <td class="font3">Personnel Activated :</td> <td> <div align="center"> <input name="numberactivated" type="text" class="font3" id="numberactivated" maxlength="3" /> </div></td> </tr> <tr> <td height="37" colspan="2"></td> </tr> <tr> <td colspan="2"><div align="center"> <input name="submit" type="Submit" class="font3" value="Submit" /> </div> </td> </tr> </table> </form></td> </tr> </table> </td> </tr> </table> </body> </html> insertvalues.php <?php if(isset($_POST['Submit'])) { $firstname = $_POST['firstname']; $lastname = $_POST['lastname']; $pnumber = $_POST['pnumber']; $numberactivated = $_POST['numberactivated']; mysql_connect ("deleted", "deleted", "deleted") or die ('Error: ' . mysql_error()); mysql_select_db ("deleted"); $query = "INSERT INTO disney_database (id, firstname, lastname, pnumber, numberactivated, date) VALUES ('NULL', '".$firstname."', '".$lastname."', '".$pnumber."', '".$numberactivated."', 'NULL')"; mysql_query($query) or die('Error updating database'); header("location:menu.php"); echo "Database Updated With: ".$firstname."" - "".$lastname."" - "".$pnumber."" - "".$numberactivated.""; } else { echo "Database Error" { ?> Here is my problem. I set a one <form> on every form field I have including the submit button. Now whenever I press the submit button it redirects to insertvalues.php which it should be doing. In insertvalues i told it to query the form data and post it into my database's table. Its not doing that and tells me that it has a database error which i set it to tell me if something goes wrong. Anyone can help me? BTW I can manually query in the information using sql with phpmyadmin. so can someone please review my code for me? thanks big help! You can see what is happening. Visit www.chronoserve.com The username and password are "admin" I'm using some code to create a select menu of a fieldname of data I have in a mysql database : Code: [Select] <?php mysql_connect('localhost' , 'dbname', 'password'); mysql_select_db('dbname'); $result=mysql_query("SELECT * FROM Persons"); if(mysql_num_rows($result)>0) { ?> <select name="Persons"> <?php while($rows=mysql_fetch_array($result)){ ?> <option value="<?php echo $rows['id']; ?>"> <?php echo $rows['FirstName']; ?></option> <?php } ?> </select> What I would like to do is to elevate this into a jump menu form so that if the user selects an item from my form they are taken to a results page showing the full row of data from the database. Basically a search form containing items from the database they can choose to see more details on. eg. In my example you select a persons name and then you are taken to a results page which displays the details of that person from the database. Problem is I don't know how to do this and have been trawling around for a couple of days to find a solution (sorry I'm new to php). I would appreciate some help or a working example would be great of : 1/ A working dynamic jump menu 2/ The page that would process the form 3/ The results page displaying the data I have selected. Thank you for your time... Hi everyone, First off thank you very kindly to anyone who can provide some enlightenment to this total php/mysql newb. I am creating my first database and while I have been able to connect to the database within my php script (or so I believe), the form data does not appear to be actually getting sent. I have development experience in other languages but this is completely new to me so if I've missed something that appears painfully obvious like a parse error of some sort, I do apologize. I am creating a website using Godaddy as the hosting account, and attempting to connect to the mysql database at the following URL (maybe this is where I'm going wrong): "pnmailinglist.db.4662743.hostedresource.com" Below is my very simple code: <?php //Verify successful connection to database. $connect = mysql_connect("pnmailinglist.db.4662743.hostedresource.com", "*********", "*********"); if(!$connect) {die("Could not connect!"); } //Initialize variables with form data. $firstname = $_POST['FirstName']; $lastname = $_POST['LastName']; $email = $_POST['Email']; $howfound = $_POST['HowFound']; //Post data to database, or return error. mysql_select_db("pnmailinglist", $connect); mysql_query("INSERT INTO mailinglist (First, Last, Email, How_Found) VALUES ($firstname,$lastname,$email,$howfound)"); mysql_close($connect); echo "Thank you for joining our mailing list! We will contact you soon with the dates and times of our upcoming events."; ?> Thank you again very much for any pointers or hints as to where I'm screwing up. I get no runtime errors, no syntax errors, and the echo message does display fine at the end -- just no data when I go to check my database! Best Regards, CL I am having difficulty inserting the following codes values into my database. I know that the variables contain a value as I am displaying them on the output screen. Code: [Select] $link = mysql_connect($db_host,$db_user,$db_pass) or die('Unable to establish a DB connection'); mysql_select_db($db_database,$link); mysql_query("SET names UTF8"); $usr = $userid; $golfer = $_REQUEST['golfer']; $tourney = $_REQUEST['tournament']; $backup = $_REQUEST['backup']; date_default_timezone_set('US/Eastern'); $time = date("Y-m-d H:i:s"); $t_id=1; mysql_query("INSERT INTO weekly_picks (t_id, tournament, user, player, backup, timestamp) VALUES ('$t_id', '$tournament', '$usr', '$golfer', '$backup', '$time') or die('Error, insert query failed')"); echo $t_id; echo "<br />"; echo $tourney; echo "<br />"; echo $usr; echo "<br />"; echo $golfer; echo "<br />"; echo $backup; echo "<br />"; echo $time; echo "<br />"; echo $userdetail['email']; echo "<br />"; $to = $userdetail['email']; $subject = "Weekly Tournament Pick for: $tourney"; $message = "This email is to confirm your pick for $tourney has been received. Your pick is: $golfer. Your backup pick is: $backup The time it was submitted was $time Do not reply to this email, the mailbox does not exist. Contact me with any issues at xxxxxxx@xxxxxxx.com"; $from = "noreply@chubstersgcc.com"; $headers = "From:" . $from; mail($to,$subject,$message,$headers); ?> <div> <p>This is to confirm that your pick has been submitted for the following tournament: <?php echo $tourney; ?>. A confirmation of your pick as also been emailed to you.</p> <p>Your golfer: <?php echo $golfer; ?></p> <p>Your backup: <?php echo $backup; ?></p> <p>Your pick was submitted at: <?php echo $time; ?></p> </div> Hello everyone,
I have a card database and everything works perfectly besides one thing..
I can't store
'in my database via my form, i however do can store them into the database via PHPMyAdmin. I dont know what i've been doing wrong and it really bothers me. If any of you guys could help me out. Here's all the code you would need to find the issue. This is the form file
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Edit Page</title>
</head>
<body>
<h1 align="center"> Add Cards</h1>
<form action="insert.php" method="POST">
<input type="text" name="name" placeholder="Name" />
<input type="text" name="color" placeholder="Color" />
<input type="text" name="type" placeholder="Type" />
<input type="text" name="subtype" placeholder="Sub Type" />
<input type="text" name="power" placeholder="Power" />
<input type="text" name="toughness" placeholder="Toughness" />
<br>
<input type="text" name="manacost" placeholder="Converted Mana Cost" />
<input type="text" name="rarity" placeholder="Rarity" />
<input type="text" name="expansion" placeholder="Expansion" />
<input type="text" name="foil" placeholder="Foil" />
<input type="text" name="stock" placeholder="Stock" />
<input type="submit" value="Save" />
</form>
</body>
</html>
This inserts it into my database.
<?php
($GLOBALS["___mysqli_ston"] = mysqli_connect("", "", "", , ))or die("cannot connect");
((bool)mysqli_query($GLOBALS["___mysqli_ston"], "USE e_industries"))or die("cannot select DB");
$name = $_POST['name'];
$color = $_POST['color'];
$type = $_POST['type'];
$subtype = $_POST['subtype'];
$power = $_POST['power'];
$toughness = $_POST['toughness'];
$manacost = $_POST['manacost'];
$rarity = $_POST['rarity'];
$expansion = $_POST['expansion'];
$foil = $_POST['foil'];
$stock = $_POST['stock'];
$sql="INSERT INTO Osiris (Name, Color, Type, Subtype, Power, Toughness, Manacost, Rarity, Expansion, Foil, Stock)
VALUES ('$name', '$color', '$type', '$subtype', '$power', '$toughness', '$manacost', '$rarity', '$expansion', '$foil', '$stock')";
$result=mysqli_query($GLOBALS["___mysqli_ston"], $sql);
if($result){
echo "Successful";
echo "<BR>";
echo "<a href='add.html'>Back to main page</a>";
}
else {
echo "ERROR";
}
?>
If anyone could help me out that would be great!
Edited by OsirisElKeleni, 05 October 2014 - 12:29 PM. I keep getting the mysql resource id #4 on a query that I am running and I have tried everything that I have read to fix it and nothing is working. I tried using the mysql_fetch_array, mysql_fetch_accoc, and the mysql_fetch_row functions I would appreciate any help that can be given to me. Here is my code as it stands now Code: [Select] <?php include('includes/config.php'); $last = $_GET['l_name']; $first = $_GET['f_name']; $sql = 'SELECT * FROM `ttmautos` WHERE `l_name` LIKE \'$last\' AND `f_name` LIKE \'$first\''; $autographs = mysql_query($sql, $connection)or die(mysql_error()); $row = mysql_fetch_array($autographs); echo $sql; echo $autographs; $l_name = $row['l_name']; $f_name = $row['f_name']; $sent = $row['date_sent']; $return = $row['date_return']; $address = $row['address']; $isent = $row['item_sent']; $ireturn = $row['item_return']; $project = $row['project']; $team = $row['team']; $address = stripslashes($address); ?> Can I not pass references into class properities from outside the object? class db_manipulation { private $connection = NULL; function __construct(&$database_connection) { $this->connection = $database_connection; if (!$this->connection) die('couldnt connection to database'); } function __destruct() { mysqli_close($this->connection); } } Results in: Warning: mysqli_close() [function.mysqli-close]: Couldn't fetch mysqli in So I've spent 2 days now searching the web on how to make my checkbox array on my form insert the value selected by the user into my database. Here is the code that I've written. All fields except for the checkbox array works fine. <?php virtual('/budgets/Connections/connAdmin.php'); ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if (isset($_POST['submit'])) { $workStyle = $_POST['art_photos']; // Setting up a blank variable to be used in the coming loop. $allStyles = ""; // For every checkbox value sent to the form. foreach ($workStyle as $style) { // Append a string called $allStyles with the current array element, and then add a comma and a space at the end. $allStyles .= $style . ", "; } // Delete the last two characters from the string. $allStyles = substr($allStyles, 0, -2); echo "<p>The resulting string is: <strong>$allStyles</strong></p>\r\n"; } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { $insertSQL = sprintf("INSERT INTO daily_budget (rundate, slug, reporter, budgetInfo, notes, `section`, deadline, art_photos sidebar, sBudget) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['rundate'], "text"), GetSQLValueString($_POST['slug'], "text"), GetSQLValueString($_POST['reporter'], "text"), GetSQLValueString($_POST['budgetInfo'], "text"), GetSQLValueString($_POST['notes'], "text"), GetSQLValueString($_POST['section'], "text"), GetSQLValueString($_POST['deadline'], "text"), GetSQLValueString($_POST['art_photos'], "text"), GetSQLValueString($_POST['sidebar'], "text"), GetSQLValueString($_POST['sBudget'], "text")); mysql_select_db($database_connAdmin, $connAdmin); $Result1 = mysql_query($insertSQL, $connAdmin) or die(mysql_error()); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Budget Record</title> </head> <body> <?php if (isset($error)) { echo '<ul>'; foreach($error as $alert) { echo "<li class='warning'>$alert</li>\n"; } echo '</ul>'; } ?> <form action="<?php echo $editFormAction; ?>" method="POST" name="form1" id="form1"> <table align="center" width="60%" border="2" bgcolor="#FFFFFF"> <tr valign="baseline"> <td width="14%" align="right" nowrap="nowrap"><STRONG>Rundate:</STRONG></td> <td width="86%"> <input type="text" name="rundate" size="30" value="" id="jQueryUICalendar2"/> <script type="text/javascript"> // BeginWebWidget jQuery_UI_Calendar: jQueryUICalendar2 jQuery("#jQueryUICalendar2").datepicker(); // EndWebWidget jQuery_UI_Calendar: jQueryUICalendar2 </script></td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right"><STRONG>Section:</STRONG></td> <td> <select name="section"> <option value=""></option> <option value="A1">A1</option> <option value="Pickup All">Pickup All</option> <option value="Region">Region</option> <option value="Atlantic">Atlantic</option> <option value="Business">Business</option> <option value="Features">Features</option> <option value="Sports">Sports</option> </select> </td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right"><strong>Slug:</strong></td> <td><span id="sprytextfield2"> <input type="text" name="slug" value="" size="32" /> <span class="textfieldRequiredMsg">REQUIRED</span></span><span style="color: #F00; font-weight: bold; font-size: 10px;"></span></td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right"><strong>Budget Information:</strong></td> <td><span id="sprytextarea1"> <textarea name="budgetInfo" cols="50" rows="4"></textarea> <span class="textareaRequiredMsg">Required.</span></span><span style="color: #F00; font-weight: bold; font-size: 11px;"></span></td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right"><strong>Notes:</strong></td> <td><input type="text" name="notes" value="" size="32" /></td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right"><strong>Reporter:</strong></td> <td><span id="sprytextfield3"> <input type="text" name="reporter" value="" size="32" /> <span class="textfieldRequiredMsg">Required.</span></span><span style="color: #F00; font-weight: bold; font-size: 10px;"></span></td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right"><strong>Deadline:</strong></td> <td><input type="text" name="deadline" size="30" value="Enter date" id="jQueryUICalendar1"/><script type="text/javascript"> // BeginWebWidget jQuery_UI_Calendar: jQueryUICalendar2 jQuery("#jQueryUICalendar1").datepicker(); // EndWebWidget jQuery_UI_Calendar: jQueryUICalendar2 </script> </td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right"><strong>Artwork:</strong></td> <td><label> <input type="checkbox" name="art_photos[]" value="factbox" id="art_photos_0" /> Factbox</label> <label> <input type="checkbox" name="art_photos[]" value="graphic" id="art_photos_1" /> Graphic</label> <label> <input type="checkbox" name="art_photos[]" value="photo" id="art_photos_2" /> Photo</label> <label> <input type="checkbox" name="art_photos[]" value="video" id="art_photos_3" /> Video</label> <br /></td> </tr> <tr> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right"> <strong>Sidebar:</strong></td> <td valign="baseline"><span id="spryradio2"> <label> <input type="radio" name="sidebar" value="y" id="sidebar_0" /> Yes</label> <br /> <label> <input type="radio" name="sidebar" value="n" id="sidebar_1" /> No</label> <br /> <span class="radioRequiredMsg"><strong style="font-size: 11px">REQUIRED.</strong></span></span> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right"><strong>Sidebar Information:</strong></td> <td><input type="text" name="sBudget" value="" size="32" /></td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right"> </td> <td><input type="submit" value="Insert record" /></td> </tr> </table> <input type="hidden" name="MM_insert" value="form1" /> </form> <p> </p> <h3><a href="/new_budget/admin/manage_budgets.php"><strong>View your budget entry, make changes or delete your budget.</strong></a></h3> <script type="text/javascript"> <!-- jQuery("#jQueryUICalendar1").datepicker(); jQuery("#jQueryUICalendar2").datepicker(); var sprytextfield2 = new Spry.Widget.ValidationTextField("sprytextfield2", "none", {maxChars:15, validateOn:["change"]}); var sprytextarea1 = new Spry.Widget.ValidationTextarea("sprytextarea1", {validateOn:["change"]}); var sprytextfield3 = new Spry.Widget.ValidationTextField("sprytextfield3"); var spryradio2 = new Spry.Widget.ValidationRadio("spryradio2"); //--> </script> </body> </html> Hello Im quite confused at what filtering I should use on my data when pulling it from a MySQL database. I don't sanitize my data on input because I am using prepared statements with PHP's PDO Driver which means I don't need to use mysql_real_escape_string() at all. When I pull the data to be displayed i.e. in a HTML Table I use the below function to make it safe for HTML output. public static function htmlSafe($data) { return nl2br(htmlentities($data, ENT_QUOTES)); } However the rules change when Im using a HTML Form to edit the data, and I am unsure what I need to strip out. I.e. What would I need to do to make all data safe to insert into the following form input. <input id = "someInput" type = "text" value = "<?php echo $someVarThatNeedsFiltering ?>" /> Also, one more question, in my html attributes (Valid ones like class, name, id, style, _target) I use a mixture of double quotes(") and single quotes ('), for quoting my values. Which one should I use or which one is more valid, doubles, or singles? Hi, I have two html made text boxes one that is called "name" and another that is called "regnum". I also have a submit button. They are both used to add data to a database. The name text box should add a name to the database under the "name" heading and the regnum should add a number under the "regnum" heading Here is the code for them: HTML Code: <form action="" method="post"> <p> Name: <input type="text" name="name"/> </p> <p> Regnum: <input type="text" name="regnum"/> </p> <p> <input type="submit" value="Add To Database" name = "submit2" /> </p> </form> Here is the PHP code that i am using for adding the user to the database: PHP Code: $host="localhost"; $username="root"; $password=""; $database="lab2"; mysql_connect("$host", "$username", "$password") or die(mysql_error()); mysql_select_db("$database") or die(mysql_error()); $name = $_POST['name']; $regnum = $_POST['regnum']; if(!$_POST['submit2']){ echo "Enter A Vaue"; }else{ mysql_query("INSERT INTO lab2('name', 'regnum') VALUES(NULL, '$name', '$regnum')") or die(mysql_error()); echo "User Added To Database"; } The problem i get with this is "Undefined Index name and regnum". I watched a video on youtube and this is how the guy did it but it worked for him and for some reason it doesn't work for me. Can anyone help?? Thanks. We recently upgraded from PHP4 to PHP5 and the below script that was working perfectly in 4 has completely stopped working and I can't figure out why for the life of me. I'm not an experienced PHP programmer--I've done some forms, but this is the first time I've used a database. What needs to (and was) happen: A user enters their username in the form and gets a readout of their participation so far that month. The problem(s): I know that it's storing the variable 'user' because it echoes it back properly, but the database is no longer allowing me to select the row based on that variable. I know it's not that I can't connect to the database because if instead of '$user' I change the code to a username I know is in there, I get the proper readout. This all started as soon as I transferred over to PHP5--before that, no problems at all. The database information is all correct, I just took it out for privacy's sake. <form id="feedback" method="post" action="index.php"> <input name="user" type="text" value="Enter user name" size="20" maxlength="50" /><br /> <input name="send" id="send" type="submit" value="Submit" /> </form> <?php if (isset($_POST['user'])) { $_session['user'] = $_POST['user']; } ?> <p>You entered your username as: <strong><? echo $_session['user'];?></strong>. If this is not correct or you do not see your information below, please re-enter your username and click Submit again.</p> <?php $con = mysql_connect("database","username","password"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("database", $con); $result = mysql_query("SELECT * FROM March WHERE Username='$user'") or die ('Error: '.mysql_error ()); while($row = mysql_fetch_array($result)) { echo "<table border='0'>"; echo "<tr>"; echo "<td><strong>Username:</strong> </td><td>" . $row['Username'] . "</td></tr>"; echo "<tr><td><strong>Mar. 2 Discussion:</strong></td><td>" . $row['Mar2Q'] . "</td></tr>"; echo "<tr><td><strong>Mar. 2 Poll:</strong></td><td>" . $row['Mar2P'] . "</td></tr>"; echo "<tr><td><strong>Mar. 9 Discussion:</strong></td><td>" . $row['Mar9Q'] . "</td></tr>"; echo "<tr><td><strong>Mar. 9 Poll:</strong></td><td>" . $row['Mar9P'] . "</td></tr>"; echo "<tr><td><strong>Mar. 16 Discussion:</strong></td><td>" . $row['Mar16Q'] . "</td></tr>"; echo "<tr><td><strong>Mar. 16 Poll:</strong></td><td>" . $row['Mar16P'] . "</td></tr>"; echo "<tr><td><strong>March Participation To-Date:</strong></td><td>" . $row['Participation'] . "</td></tr>"; echo "</tr>"; } echo "</table>"; mysql_close($con); ?> ANY help would be greatly appreciated! I've got a couple hundred people who use this on a regular basis and are starting to ask why it's not working. I always use my queries like below mysql_query("SELECT id FROM someTable", $cn); but some times i see in my error_log says: mysql_fetch_array(): supplied argument is not a valid MySQL result resource. Why is this happening? I mean, there is no problem with my sites and all they are working as they should be but why php generates this error? |
|||||||