|
PHP - Why Won't My Code Insert Records Into My Mysql Database?
Code: [Select]
<?php require "db/config.php"; $fname = $_POST['fname']; $lname = $_POST['lname']; $country = $_POST['country']; $state = $_POST['state']; $city = $_POST['city']; $zcode = $_POST['zcode']; $address = $_POST['address']; $ppemail = $_POST['ppemail']; $pnumber = $_POST['pnumber']; $cemail = $_POST['cemail']; $url = $_POST['url']; $price = "$5.00"; $query = "INSERT INTO custpackage1000( id, FirstName, LastName, Country, State, City, ZipCode, Address, PayPalEmail, PhoneNumber, PrimaryEmail, WebsiteURL) VALUES ( '1', '$fname', '$lname', '$country', '$state', '$city', '$zcode', '$ppemail', '$pnumber', '$cemail', '$url')"; mysql_connect($host, $user, $pass) or die("<br /><br /><h1>Fatal error. Please contact support if this persists.</h1>"); mysql_select_db($dbname); mysql_query($query) or die ("could not open db".mysql_error()); sleep(2); ?> Why won't the code insert into my database upon submission of data? What am I doing wrong? Similar TutorialsI created this database Code: [Select] <?php $mysqli = mysqli_connect('localhost', 'admin', 'jce123', 'php_class'); if(mysqli_connect_errno()) { printf("connection failed: %s\n", mysqli_connect_error()); exit(); }else{ $q = mysqli_query($mysqli, "DROP TABLE IF EXISTS airline_survey"); if($q){echo "deleted the table airline_survey....<br>";} else{echo "damm... ".mysqli_error($mysqli);} $sql = "CREATE TABLE airline_survey ( id INT NOT NULL PRIMARY KEY AUTO_INCREMENT, staff CHAR(10) NOT NULL, luggage CHAR(10) NOT NULL, seating CHAR(10) NOT NULL, clean CHAR(10) NOT NULL, noise CHAR(10) NOT NULL )"; $res = mysqli_query($mysqli, $sql); if($res === TRUE) { echo "table created"; } else { printf("Could not create table: %s\n", mysqli_error($mysqli)); } mysqli_close($mysqli); } ?> When I look at it it looks fine. I have a form that sends data to this script: Code: [Select] <?php $con = mysql_connect('localhost', 'admin', 'abc123'); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("php_class", $con); foreach ($_POST as $key => $value) { $staff = ""; $luggage = ""; $seating = ""; $clean = ""; $noise = ""; switch($key){ case "staff": $staff = $value; break; case "luggage": $luggage = $value; break; case "seating": $seating = $value; break; case "clean": $clean = $value; break; case "noise": $noise = $value; break; default: echo "we must be in the twilight zone"; } echo $staff."<br>"; [color=red] mysql_query("INSERT INTO airline_survey (staff, luggage, seating, clean, noise) VALUES ($staff, $luggage, $seating, $clean, $noise)");[/color] } ?> as you can see right before the insert query I test one of the variables to see if it has the string I'm expecting and it does. The problem is the script runs without giving me an error message but the data never gets inserted into the table. Hi,I'm hoping someone can help me:). When I add foreign keys to the database in MySQL I CAN change the primary key field and the corresponding indexed field will automatically change giving me the same value which is exactly what i want. The issue is when I try to insert the values using my php code i get the 'cannot update child error'. I have not selected a value for the unique_id field as I want it to inherit the value from the primary key. Here's my code as simplified as I could do it. <?php //this calls the class productupload and instantiates the function insert_form to insert values into the db. $product = new productUpload(); $product->insert_form();?> //This calls the insert_form function and inserts info into tables <?php class productUpload extends DatabaseObject{ protected static $table_name="itm_details"; protected static $db_fields =array('id','unique_id','itm_cat','itm_make','itm_model','itm_desc','itm_cond','itm_date_from','itm_date_to','itm_add_date'); public $id; public $unique_id; public $itm_cat; public $itm_make; public $itm_model; public $itm_desc; public $itm_cond; public $itm_date_from; public $itm_date_to; public $itm_add_date; Heres the function insert_form which grabs the form submitted data. Note I have not defined a value for $unique_id public function insert_form(){ global $database; //set the object attributes to the form the parameters if(isset($_POST['submit'])) { $result = array( $this->itm_cat =(!empty($_POST['itm_cat'])) ? trim($_POST['itm_cat']) : NULL, $this->itm_make =(!empty($_POST['itm_make'])) ? trim($_POST['itm_make']) : NULL, $this->itm_model = (!empty($_POST['itm_model'])) ? trim($_POST['itm_model']) : NULL, $this->itm_desc =(!empty($_POST['itm_desc'])) ? trim($_POST['itm_desc']) : NULL, $this->itm_cond =(!empty($_POST['itm_cond'])) ? trim($_POST['itm_cond']) : NULL, $this->itm_date_from =(!empty($_POST['itm_date_from'])) ? trim($_POST['itm_date_from']) : NULL, $this->itm_date_to =(!empty($_POST['itm_date_to'])) ? trim($_POST['itm_date_to']) : NULL, $this->itm_add_date = date("Y-m-d H:m:s")); //check date is numeric //if(is_numeric($_POST['itm_date_from'])) { //$this->itm_date_from = $_POST['itm_date_from']; //} //check date is numeric //if(is_numeric($_POST['itm_date_to'])) { //$this->itm_date_to = $_POST['itm_date_to']; //} if($result){ $result = $this->create(); } } } //here's the create function referred to above which sanitises the posted data and inserts it into the db. public function create() { global $database; $attributes = $this->sanitised_attributes(); $sql = "INSERT INTO ".self::$table_name."("; $sql .= join(", ", array_keys($attributes)); $sql .= ") VALUES ('"; $sql .= join("', '", array_values($attributes)); $sql .= "')"; if($database->query($sql)) { $this->id = $database->insert_id(); return true; } else { return false; } } I have a problem . I 've been trying for a long time to make an update for php mysql to change the data. but every time I do not manage to make it work with a form. but it works if I only if I put this ($ sql = "UPDATE users SET username = 'value' WHERE id = 10 " ; ) so it only works when I put the value of the id. but I want in an html form to indicate what I want to change and what id goes. but I have tried so long that I do not feel like I so want someone help me. make the same database and same as my records and make the code and test it if it works show me please my database name : web test my table called : users my records are called : id int ( 11) AUTO_INNCREMENT username , varchar ( 255 ) password , varchar ( 255 ) first_name , varchar ( 255 ) last_name , varchar ( 255 ) email, varchar ( 255 ) Age, int ( 11) Look, my update.php is like this now <?php $servername = "localhost"; $username = "root"; $password = "....."; $dbname = "webtest"; $conn = new mysqli($servername, $username, $password, $dbname); if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "UPDATE users SET password='cotton candy' WHERE id=10"; if ($conn->query($sql) === TRUE) { echo "Record updated successfully"; } else { echo "Error updating record: " . $conn->error; } $conn->close(); ?> but now i have still have to go into the php file to change the valeu or the id but i looked on site and youtube how to put it in a simple html form but it still does not work. i want it in a html from. I want that when I enter the ID that the data of the user appears and that I can change any valeu separately. I am trying to display data from mysql. Each row from the mysql database shows up under rows. I want the rows of data from mysql to appear in colums of 4. can some one help please. <?php $sql = 'SELECT * FROM dbtable ORDER BY id'; $result = $db->query($sql); $output[] = '<ul>'; while ($row = $result->fetch()) { $output[] = '<table>'; $output[] = '<tr>'; $output[] = '<td class="style10"><strong>'.$row['item'].'</strong></td>'; $output[] = '</tr>'; $output[] = '<tr>'; $output[] = '<td><img src="images/'.$row['pic'].'" width="100" height="150" /></td>'; $output[] = '</tr>'; $output[] = '<tr>'; $output[] = '<td>'.$row['description'].'</td>'; $output[] = '</tr>'; $output[] = '</table>'; } echo join('',$output); ?> Hi, I'm having trouble adding data to the database (test) that i created. I just can't see where I'm going wrong. need some other peoples opinions. I have tried taking the id out of the SQL statement completely as it is an auto increment, but that doesn't seem to work either. Thanks in advance... <?php $fname = $_POST['fname']; $sname = $_POST['sname']; $email = $_POST['email']; $pword = $_POST['password']; $gender = $_POST['gender']; $user_name = "root"; $password = ""; $database = "test"; $server = "127.0.0.1"; $db_handle = mysql_connect($server, $user_name, $password); $db_found = mysql_select_db($database, $db_handle); if ($db_found) { $SQL = "INSERT INTO members (id, fname, sname, email, password, gender) VALUES (NULL, $fname, $sname, $email, $pword, $gender);"; $result = mysql_query($SQL); mysql_close($db_handle); print "Thanks for joining us ".$fname."."; print "<br /><br />"; print $fname . "<br />"; print $sname . "<br />"; print $email . "<br />"; print $pword . "<br />"; print $gender . "<br />"; } else { print "Database NOT Found"; mysql_close($db_handle); } ?> hi guys so i have this add contacts page and the form is divided into 3 different froms 1) primary contact 2)spouse 3)child and the child form data is inserted as array into database because in the primary contact part of the form there is a "Children ?" with yes and no radio button and if yes a drop down list is enabled where if user chooses say 2 then there would be 2 child form that appears. and since theres 2 children then in the database a new row and data will be added accordingly.
image attached to be clearer.
from2.jpg 24.15KB
0 downloads
i got it inserted into database but in the specified field it says array: |child_name|dob|house_add1|mobile|office|email| inserted: |array|array-array-array|array|array|array|array| query:
"INSERT INTO child VALUES('','".$childsalutations." $childfname $childlname',' ".$cday."-".$cmonth."-$cyear ','$childline1','$childline2','$childm','$childoff','$childemail')"
in a stackoverflow question(not my own question) someone says: information stating arrays need to be split, before inserting into the table. does that mean something like this?:
$cday = ($_POST['cday']);
$cmonth = ($_POST['cmonth']);
$cyear = ($_POST['cyear']);
$childsalutations = ($_POST['child-salutations']);
$childfname = ($_POST['child-fname']);
$childlname = ($_POST['child-lname']);
$childline1 = ($_POST['child-line1']);
$childemail = ($_POST['child-email']);
$childm = ($_POST['child-mobile']);
$childoff = ($_POST['child-office']);
$info = array('c_name' => $childsalutation $childfname $childlname, 'c_dob' => $cday-$cmonth-$cyear, 'c_line1' => $childline1, 'c_mobile' => $childm, 'c_office' => $childoff, 'c_email' => $childemail)
just in case u wanted to c the html child form(warning its abit long,very!):
<table class="prime"> <tbody> <br> <tr><td style="font-size:20px;font-weight:bold">Child <span id="number"></span></td></tr> <tr> <td>Salutation :</td> <td><select name="child-salutations[]" id="child-salutations"> <option value="" disabled selected>Salutations</option> <option value="Datin">Datin</option> <option value="Datin Paduka">Datin Paduka</option> <option value="Dato Paduka">Dato Paduka</option> <option value="Dato'">Dato'</option> <option value="Dato' Seri">Dato' Seri</option> <option value="Datuk">Datuk</option> <option value="Datuk Seri">Datuk Seri</option> <option value="Dr.">Dr.</option> <option value="Haji">Haji</option> <option value="Hajjah">Hajjah</option> <option value="HM">HM</option> <option value="HRH">HRH</option> <option value="Miss">Miss</option> <option value="Mrs.">Mrs.</option> <option value="Mr.">Mr.</option> <option value="Pehin">Pehin</option> <option value="Professor">Professor</option> <option value="Raja">Raja</option> <option value="Tan Sri">Tan Sri</option> <option value="Tengku">Tengku</option> <option value="Tuanku">Tuanku</option> <option value="Tun">Tun</option> <option value="Tunku">Tunku</option> <option value="Ungku">Ungku</option> </select> </td> </tr> <tr><td colspan="2"><label class="label" style="color:Red">*If a person has many salutations, choose the highest form of salutation</label></td></tr> <tr><td>First Name :</td><td><input type="text" name="child-fname[]" id="child-fname" class="style" /></td> <td>Last Name :</td><td><input type="text" name="child-lname[]" id="child-lname" class="style" /></td></tr> <tr> <td>Date of Birth : </td> <td> <select name="cday[]"> <option value=""selected disabled>Day</option> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5</option> <option value="6">6</option> <option value="7">7</option> <option value="8">8</option> <option value="9">9</option> <option value="10">10</option> <option value="11">11</option> <option value="12">12</option> <option value="13">13</option> <option value="14">14</option> <option value="15">15</option> <option value="16">16</option> <option value="17">17</option> <option value="18">18</option> <option value="19">19</option> <option value="20">20</option> <option value="21">21</option> <option value="22">22</option> <option value="23">23</option> <option value="24">24</option> <option value="25">25</option> <option value="26">26</option> <option value="27">27</option> <option value="28">28</option> <option value="29">29</option> <option value="30">30</option> <option value="31">31</option> </select> <select name="cmonth[]"> <option value="" selected disabled>Month</option> <option value="1">January</option> <option value="2">February</option> <option value="3">March</option> <option value="4">April</option> <option value="5">May</option> <option value="6">June</option> <option value="7">July</option> <option value="8">August</option> <option value="9">September</option> <option value="10">October</option> <option value="11">November</option> <option value="12">December</option> </select> Year : <input type="text" name="cyear[]" maxlength="4" size="4" class="year"> </td> </tr> <tr><td>Where do they live ?</td><td colspan="3"><input type="radio" name="living[]" id="living-me" class="living-me"/>With Me<input type="radio" name="living[]" id="living-other" class="living-other"/>With Other Parent<input type="radio" name="living[]" id="living-own" class="living-own"/>Own</td></tr> <tr><td>House Address</td></tr> <tr><td>Line 1 :</td><td><input type="text" name="child-line1[]" id="child-line1" size="20" class="style" /></td> <td>Mobile No :</td><td><input type="text" name="child-mobile[]" id="child-mobile" class="style" /></td></tr> <tr><td>Office No :</td><td><input type="text" name="child-office[]" id="child-office" class="style" /></td> <td>Email Address : </td><td><input type="email" name="child-email[]" id="email" class="style" /></td></tr> </tbody> </table> i have this code... and i want to make it more dynamic.... Code: [Select] <?php $content = $content[1].$content[2].$content[3].$content[4].$content[5].$content[6].$content[7].$content[8].$content[9].$content[10].$content[11].$content[12] .$content[13].$content[14].$content[15].$content[16] .$content[17].$content[18].$content[19].$content[20].$content[21].$content[22].$content[23].$content[24]; $sql = mysql_query ("insert into database (content) values ('$content')") or die(mysql_error()); ?> for example... instead content[1]. content[2]. content[3] ...etc... i want something like this....... $content = $content[from 1 to 24]; or $content = $content[from 1 to 777]; any solutions? Hello, I am trying to get a news script to work, but I can't get it to insert anything into the database. I cannot figure it out for the life of me. Code: (newsupdate.php) [Select] <form name="shout" action="post.php" method="post"> <p><b>Name:</b><br/><input type="text" name="name" size="15"/></p> <p><b>Message</b>:<br/> <textarea wrap="physical" name="message" rows="3" cols="25">News goes here! </textarea></p> <p><input type="submit" value="Shout now!"/> <input type="reset" value="Clear"/></p> </form> Code: (post.php) [Select] <? $name = $_POST["name"]; $message = $_POST["message"]; include("dbconnect.php"); $date = date("M j y"); $menu = MYSQL_QUERY("INSERT INTO adminnews (id,name,date,message)". "VALUES ('NULL', '$name', '$date', '$message')"); echo("Shout-out added! You will be redirected to the main page shortly. If you are not, click <a href='index.php'>here</a>."); ?> dbconnect.php is just the configuration for connecting to the database, and I have checked that all ready. A log-in script uses it just fine. Hello, I'm having some frustrations right now. I have built an application form where an applicant inputs their info and then uploads their resume. Even though the resume gets uploaded to a directory on the server i would also like the file name of the resume to get inserted into the mysql database so that I can easily see which resume matches which applicant...if that makes sense. At any rate I'm able to get everything else to work, the applicant's info gets inserted into the database, the resume gets uploaded to the directory, i just can't seem to get the resume file name to also insert into the database. Most of the info i have found on this subject through googleing and the like has been a little over my head and/or a little more complex than what i'm looking for. Here is an extremely simplified version of what I have right now. I have excluded the 'connect to database' code since it's working fine and really doesn't have anything to do with this issue: Code: [Select] <?php $target_path = "docs/"; $target_path = $target_path . basename( $_FILES['resume']['name']); $first_name=$_POST['first_name']; $last_name=$_POST['last_name']; $middle_init=$_POST['middle_init']; $resume=$_POST['resume']; mysql_query("INSERT INTO `intern` VALUES ('$first_name', '$last_name', '$middle_init', '$resume')") ; if (move_uploaded_file($_FILES['resume']['tmp_name'], $target_path)); ?> HTML begins after that. At any rate, any info, help, etc. you could provide would be GREATLY appreciated! Thanks! Hi I have been trying to grab some data from an XML feed parse it and then insert it into a database. I will only need to do this on one occasion so no update or deletes. Sample of xml structu Code: [Select] <property> <id>34935</id> <date>2009-11-03 06:52:45</date> <ref>SVS0108</ref> <price>450000</price> <currency>EUR</currency> <price_freq>sale</price_freq> </property> Using xml2array class to parse the feed: <?php /** * xml2array Class * Uses PHP 5 DOM Functions * * This class converts XML data to array representation. * */ class Xml2Array { /** * XML Dom instance * * @var XML DOM Instance */ private $xml_dom; /** * Array representing xml * * @var array */ private $xml_array; /** * XML data * * @var String */ private $xml; public function __construct($xml = '') { $this->xml = $xml; } public function setXml($xml) { if(!empty($xml)) { $this->xml = $xml; } } /** * Change xml data-to-array * * @return Array */ public function get_array() { if($this->get_dom() === false) { return false; } $this->xml_array = array(); $root_element = $this->xml_dom->firstChild; $this->xml_array[$root_element->tagName] = $this->node_2_array($root_element); return $this->xml_array; } private function node_2_array($dom_element) { if($dom_element->nodeType != XML_ELEMENT_NODE) { return false; } $children = $dom_element->childNodes; foreach($children as $child) { if($child->nodeType != XML_ELEMENT_NODE) { continue; } $prefix = ($child->prefix) ? $child->prefix.':' : ''; if(!is_array($result[$prefix.$child->nodeName])) { $subnode = false; foreach($children as $test_node) { if($child->nodeName == $test_node->nodeName && !$child->isSameNode($test_node)) { $subnode = true; break; } } } else { $subnode = true; } if ($subnode) { $result[$prefix.$child->nodeName][] = $this->node_2_array($child); } else { $result[$prefix.$child->nodeName] = $this->node_2_array($child); } } if (!is_array($result)) { $result['#text'] = html_entity_decode(htmlentities($dom_element->nodeValue, ENT_COMPAT, 'UTF-8'), ENT_COMPAT,'ISO-8859-15'); } if ($dom_element->hasAttributes()) { foreach ($dom_element->attributes as $attrib) { $prefix = ($attrib->prefix) ? $attrib->prefix.':' : ''; $result["@".$prefix.$attrib->nodeName] = $attrib->nodeValue; } } return $result; } /** * Generated XML Dom * */ private function get_dom() { if(empty($this->xml)) { echo 'No XML found. Please set XML data using setXML($xml)'; return false; } $this->xml_dom = @DOMDocument::loadXML($this->xml); if($this->xml_dom) { return $this->xml_dom; } echo 'Invalid XML data'; exit; } } ?> My results page: <?php require_once('classes/xml2array.php'); require_once('conn.php'); function curlURL($url) { $ch= curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.2) Gecko/20070219 Firefox/2.0.0.2'); $output = curl_exec($ch); return $output; } $curlResults = curlURL("http://localhost/alphashare_dump/property.xml"); $xml = $curlResults; $converter = new Xml2Array(); $converter->setXml($xml); $xml_array = $converter->get_array(); $array = ($xml_array['root']['property']); echo "<pre>"; print_r($array); echo "</pre>"; ////////////// INSERT DATA INTO DB //////////////////////////////////////////////////// ?> My array structure looks like this: Code: [Select] Array ( [0] => Array ( [id] => Array ( [#text] => 34935 ) [date] => Array ( [#text] => 2009-11-03 06:52:45 ) [ref] => Array ( [#text] => SVS0108 ) [price] => Array ( [#text] => 450000 ) [currency] => Array ( [#text] => EUR ) [price_freq] => Array ( [#text] => sale ) [part_ownership] => Array ( [#text] => 0 ) Can somebody help with actually getting this into some format that will enable me to insert this into my database please GT I have a download area in my index.php. I'd like to insert a row in the connected database when a user downloads a file. Here's what I have at the start of index.php:
<?php
session_start();
// start of script every time.
// setup a path for all of your canned php scripts
$php_scripts = '/home/larry/web/test/php/'; // a folder above the web accessible tree
// load the pdo connection module
require $php_scripts . 'PDO_Connection_Select.php';
require $php_scripts . 'GetUserIpAddr.php';
//*******************************
// Begin the script here
$ip = GetUserIpAddr();
if (!$pdo = PDOConnect("foxclone")):
{
echo "Failed to connect to database" ;
exit;
}
else:
{
$filename = NULL;
$stmt = $pdo->prepare("INSERT INTO download (IP_ADDRESS, FILENAME) VALUES (?, ?)");
$stmt->execute([$ip,$filename]) ;
}
endif;
//exit();
?>
<DOCTYPE html>
Here's what my download area looks like:
<?php
$files = glob('download/*.iso');
$file = $files[count($files) -1];
$filename = basename($file);
?>
<div class="container">
<div class="divL">
<h3>Get the "<?php echo "{$filename}";?>" file (approx. 600MB)</h3>
<center> <a href="<?php echo "/{$file}";?>"><img src="images/button_get-the-app.png" alt=""></a> </center>
How do I execute "$stmt->execute([$ip,$filename]) ;" when the download button is pressed? i am trying to insert data into a database with the following code <?php $first_name=$_POST['first_name']; $middle_name=$_POST['middle_name']; $last_name=$_POST['last_name']; $gender=$_POST['gender']; $file_number=$_POST['file_number']; $character=$_POST['character']; $diagnosis=$_POST['diagnosis']; $description=$_POST['description']; $day = $_POST['day']; $month = $_POST['month']; $year = $_POST['year']; $date = date("Y-m-d", mktime(0,0,0,$month, $day, $year)); $con = mysql_connect("localhost","fathersh_search","f33321rh"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("fathersh_childsearch", $con); $sql="INSERT INTO child_info (first_name,middle_name,last_name,gender,birthdate,character,diagnosis,description,file_number) VALUES ('$_POST[first_name]','$_POST[middle_name]','$_POST[last_name]','$_POST[file_number]','$_POST[gender]','$date','$_POST[character]','$_POST[diagnosis]','$_POST[description]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "1 record added"; mysql_close($con) ?> the error i get is Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'character,diagnosis,description,file_number) VALUES ('James','Anthony','Peters',' at line 1 Hi, I'm a researcher (and complete coding noob), and am planning a longitudinal study that requires e-mail follow-up with subjects taking an initial survey. For purposes of ethics/anonymity due to sensitive survey data, I'd like the acquired e-mails to be saved uncoupled from the survey responses; this is simple to deal with, and I use a basic PHP e-mail form, which injects the email address in a table in MySQL in a different server than the one used for the survey. The issue is that the e-mails are saved in the MySQL database in order of injection, thus it is still theoretically possible for me to link the e-mails back to the survey responses (which have a time stamp that I cannot remove). Ideally I would like not to be able (at all) to link the e-mails to the survey responses, and one way to do that (since I don't save the e-mail injection timestamps in MySQL) might be to have the e-mails saved in MySQL in a random order. Not sure if this is possible, and not even sure if this would be via PHP or MySQL side of things. The server is on godaddy and uses Starfield interface for MySQL but I cannot find an option for random insert/saving of table items (emails). They are saved in order of injection. Any solution for this? Thanks, Hi, I have a website where users can log on and edit their profile pic, name, biography etc. I was wondering about the correct way to:- Add data to the database through forms (Register.php) Display the data on a page Using mysql escape sting, however, the way I am currently using will display a '\' before any ' symbol. So it's >> it\'s ... Here is a snippet of the code I am using... Code: [Select] //insert data $about1 = mysql_real_escape_string($_POST['about']); //get $query = mysql_query("SELECT * FROM `staff` WHERE username='$username'"); $row = mysql_fetch_array($query); $about = $row['about']; echo $about; Hello everyone I need code for this question
would you help me please..?
Hello everybody, I can't seem to figure out why this insert code isn't working. I'm trying to create a database of US zip codes. I created this user interface (form) with nothing but a submit button to execute the insert query <div id="right_content" class=""> <h3> Insert Zips </h3> <form action = "insertzip1.php" method = "post"> <input type = "submit" name = "submit" value = "submit"/> </form> </div> <!--closes right content--> Well here is the insert query which is supposed to accomplish the task. I have just included a tiny subsets of all the zipcodes (the insertzip1.php page which is the value of the action attribute of the form). <php? if (isset($_POST['submit'])) { require ('config.php'); $query = "INSERT INTO zips (zip, lat, lon, city, state, county, z_type, xaxis, yaxis, zaxis, z_primary, worldregion, country, locationtext, location, population, housingunits, income, landarea, waterarea, decommisioned, militaryrestrictioncodes, decommisionedplace) VALUES ('00501', 40.81, -73.04, 'HOLTSVILLE', 'NY', 'SUFFOLK', 'UNIQUE', 0.22, -0.72, 0.65, 'Yes', 'NA', 'US', 'Holtsville, NY', 'NA-US-NY-HOLTSVILLE', '', 0, 0, '', '', 'No', '', ''), ('00501', 40.81, -73.04, 'I R S SERVICE CENTER', 'NY', 'SUFFOLK', 'UNIQUE', 0.22, -0.72, 0.65, 'No', 'NA', 'US', 'I R S Service Center, NY', 'NA-US-NY-I R S SERVICE CENTER', '', 0, 0, '', '', 'No', '', ''), ('00544', 40.81, -73.04, 'HOLTSVILLE', 'NY', 'SUFFOLK', 'UNIQUE', 0.22, -0.72, 0.65, 'Yes', 'NA', 'US', 'Holtsville, NY', 'NA-US-NY-HOLTSVILLE', '', 0, 0, '', '', 'No', '', ''), ('00544', 40.81, -73.04, 'IRS SERVICE CENTER', 'NY', 'SUFFOLK', 'UNIQUE', 0.22, -0.72, 0.65, 'No', 'NA', 'US', 'Irs Service Center, NY', 'NA-US-NY-IRS SERVICE CENTER', '', 0, 0, '', '', 'No', '', '') "; $result = mysql_query($query); header("Location: insertzipsuccess.php"); }else{ die ("Could not insert data because" . mysql_error());} ?> The insertzipsuccess.php page is simply a page that prints out a success message if the query is successfully executed. Well when I hit the submit button, I just get redirected to a blank insertzip1.php page Can anyone show me what I'm not doing right here? PS I already created the table with fields that correspond to all the fields I'm trying insert. When submitting the form, the records are sometimes inserted and sometimes not. I receive no errors stating what the problem is. Code: [Select] <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { $insertSQL = sprintf("INSERT INTO customer_tbl (customer_first_name, customer_last_name, customer_company, customer_ac, customer_phone, customer_fax_ac, customer_fax_phone, customer_email) VALUES (%s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['customer_first_name'], "text"), GetSQLValueString($_POST['customer_last_name'], "text"), GetSQLValueString($_POST['customer_company'], "text"), GetSQLValueString($_POST['customer_ac'], "text"), GetSQLValueString($_POST['customer_phone'], "text"), GetSQLValueString($_POST['customer_fax_ac'], "text"), GetSQLValueString($_POST['customer_fax_phone'], "text"), GetSQLValueString($_POST['customer_email'], "text")); $customer_id = false; if(mysql_query($insertSQL, $connCid)) $customer_id = mysql_insert_id(); else echo "There was an error."; } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { $insertSQL = sprintf("INSERT INTO quote_request_tbl (customer_id, quote_trans_date, quote_from_company, quote_from_address, quote_from_city, quote_from_state, quote_from_zip, quote_to_company, quote_to_address, quote_to_city, quote_to_state, quote_to_zip, quote_comments) VALUES ('$customer_id', %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['quote_trans_date'], "text"), GetSQLValueString($_POST['quote_from_company'], "text"), GetSQLValueString($_POST['quote_from_address'], "text"), GetSQLValueString($_POST['quote_from_city'], "text"), GetSQLValueString($_POST['quote_from_state'], "text"), GetSQLValueString($_POST['quote_from_zip'], "text"), GetSQLValueString($_POST['quote_to_company'], "text"), GetSQLValueString($_POST['quote_to_address'], "text"), GetSQLValueString($_POST['quote_to_city'], "text"), GetSQLValueString($_POST['quote_to_state'], "text"), GetSQLValueString($_POST['quote_to_zip'], "text"), GetSQLValueString($_POST['quote_comments'], "text")); $quote_id = false; if(mysql_query($insertSQL, $connCid)) $quote_id = mysql_insert_id(); else echo "There was an error."; } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1") && (isset($quote_id))) { $insertSQL = sprintf("INSERT INTO building_tbl (quote_id, building_quantity, building_width, building_length, building_height, building_overhang, slope_id, building_type_id, manufacture_id, foundation_id) VALUES ('$quote_id', %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['building_quantity1'], "int"), GetSQLValueString($_POST['building_width1'], "int"), GetSQLValueString($_POST['building_length1'], "int"), GetSQLValueString($_POST['building_height1'], "int"), GetSQLValueString($_POST['building_overhang1'], "int"), GetSQLValueString($_POST['slope_id1'], "int"), GetSQLValueString($_POST['building_type_id1'], "int"), GetSQLValueString($_POST['manufacture_id1'], "int"), GetSQLValueString($_POST['foundation_id1'], "int"); mysql_select_db($database_connCid, $connCid); $Result1 = mysql_query($insertSQL, $connCid) or die(mysql_error()); header('Location: index.php?view=article&id=7'); } mysql_select_db($database_connCid, $connCid); $query_rsSlope = "SELECT * FROM slope_tbl ORDER BY slope_id ASC"; $rsSlope = mysql_query($query_rsSlope, $connCid) or die(mysql_error()); $row_rsSlope = mysql_fetch_assoc($rsSlope); $totalRows_rsSlope = mysql_num_rows($rsSlope); $query_rsSlope = "SELECT * FROM slope_tbl ORDER BY slope_id ASC"; $rsSlope = mysql_query($query_rsSlope, $connCid) or die(mysql_error()); $row_rsSlope = mysql_fetch_assoc($rsSlope); $totalRows_rsSlope = mysql_num_rows($rsSlope); mysql_select_db($database_connCid, $connCid); $query_rsBuildingType = "SELECT * FROM building_type_tbl ORDER BY building_type_id ASC"; $rsBuildingType = mysql_query($query_rsBuildingType, $connCid) or die(mysql_error()); $row_rsBuildingType = mysql_fetch_assoc($rsBuildingType); $totalRows_rsBuildingType = mysql_num_rows($rsBuildingType); mysql_select_db($database_connCid, $connCid); $query_rsManufacture = "SELECT * FROM manufacture_tbl ORDER BY manufacture_name ASC"; $rsManufacture = mysql_query($query_rsManufacture, $connCid) or die(mysql_error()); $row_rsManufacture = mysql_fetch_assoc($rsManufacture); $totalRows_rsManufacture = mysql_num_rows($rsManufacture); mysql_select_db($database_connCid, $connCid); $query_rsFoundation = "SELECT * FROM foundation_tbl ORDER BY foundation_name ASC"; $rsFoundation = mysql_query($query_rsFoundation, $connCid) or die(mysql_error()); $row_rsFoundation = mysql_fetch_assoc($rsFoundation); $totalRows_rsFoundation = mysql_num_rows($rsFoundation); ?> I belve the problem is in this part of the code: if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1") && (isset($quote_id))) Many thanks in advance. I'm trying to use php code that is stored in the sql database, but It doesn't seem to be executing the code. when I see the page source, its there but the server is not executing the command how do I accomplish this. Here is a simple code snippet to show what I am trying to do. $result = mysql_query("select * from data"); $row = mysql_fetch_array($result); echo $row['code']; In the code field in data table this is whats there. <?php echo "testing."; ?> the below code as I understand should insert a new record into my database, but it's not. <?php $notes = $_POST['notes']; $cnamedb = $_POST['cname']; $username = $_SESSION['username']; mysql_query("INSERT INTO `ccccomma_eve`.`corps` (`id`, `name`, `ticker`, `alliance`, `ceo`, `tax`, `members`, `hq`, `apidate`, `notes`, `notedate`, `updatedby`) VALUES ('', '$cnamedb', '', '', '', '', '', '', '', '$notes', NOW(), '$username'"); echo $cnamedb." Updated"; ?> Any ideas why? I am working on a kind of CMS for my own website which no one else will be using but me as a way of improving my php skills, and am having problems with retrieving data from the database that holds both text and php code. I have searched the web and found that i should be using eval() for the code to be executed before it is send to the browser but cannot get it to work and can't find my mistake(s). the php code will always be the same, and is supposed to retrieve the id number of a page to use in a link (and works fine when tested by loading the code directly without retrieving it from the database) this is an example of data stored in the database Code: [Select] The <a href="page_builder.php?id=<?php echo $page->id('mines_DwarvenMines') ?>">Dwarven Mines</a> have a great selection of Ores,... Of course when I leave it like this, hovering over the link in my page will show exactly that and lead to nowhere Code: [Select] localhost/page_builder.php?id=<?php echo $page->id('mines_DwarvenMines') ?> Most of these links appear in tips given at the end of the page and are processed as followed Code: [Select] $questtips = $quest->getQuestTips(); $tips = ""; if ($questtips == "none") { $tips = "/"; } else { foreach($questtips as $tip) { $tips .= "<li>"; $tips .= $tip->getTip(); $tips .= "</li>"; } } and finally put on screen by the presentation layer as followed Code: [Select] <h2>Tips & Extra Info</h2> <div class="tipsList"> <ul> <?php echo $tips ?> </ul> </div> I have tried all sorts to get the code to be executed when retrieved from the database before being send to the browser so that this particular link would say "localhost/page_builder.php?id=57" but I cannot get it to work, though I suspect it is fairly easy. I suspect I would have to store the data in a different format in the database? And how exactly do I use the eval() function in my case? Could someone please adjust my code so that it does work? Thanks |
|||||||