Jump to content
xisto Community
Sign in to follow this  
Followers 0
remonit1405241472

MySQL

By remonit1405241472, in Programming

Recommended Posts

remonit1405241472    0

remonit1405241472
Posted

Hi all how are you? I am just having a bit of an issue with my form script and mysql, inserting records from this form of mine into my table in my database.it looks like all my others and they work, so what could be so wrong with this. Herelet me show you the codeCODE<?php$host="xxxxxxxxx";$username="xxxxxxx";$password="xxxxxx";$db="xxxxx";$link=mysql_connect($host,$username,$password);if (!$link)die("Couldn't connect to MySQL");mysql_select_db($db,$link)or die("couldn't open $db:".mysql_error());$sender_firstandlast =$_POST['sender_firstandlast'];$sender_companyname =$_POST['sender_companyname'];$sender_email=$_POST['sender_email'];$sender_phonenumber=$_POST['sender_phonenumber'];$how_recieve=$_POST['how_recieve'];$websitetitle=$_POST['websitetitle'];$what=$_POST['what'];$websitedetails=$_POST['websitedetails'];$websitebudget=$_POST['websitebudget'];$how_pages=$_POST['how_pages'];$completiondate=$_POST['completiondate'];$currenturl=$_POST['currenturl'];$chooseany=$_POST['chooseany'];$size=$_POST['size'];$scripts=$_POST['scripts'];$databases=$_POST['databases'];$scriptdetails=$_POST['scriptdetails'];mysql_select_db($db) or die("Cannot select the database.<br>" . mysql_error());$result=mysql_query("INSERT INTO quote (sender_firstandlast, sender_companyname, sender_email, sender_phonenumber, how_recieve, websitetitle, what, websitedetails, websitebudget, how_pages, completiondate, currenturl, chooseany, size, scripts, databases, scriptdetails) VALUES ('$sender_firstandlast','$sender_companyname','$sender_email','$sender_phonenumber','$how_recieve','$websitetitle','$what','$websitedetails','$websitebudget','$how_pages','$completiondate','$currenturl','$chooseany','$size','$scripts','$databases','$scriptdetails')")or die("Insert Error: ".mysql_error());?><?phpinclude("steveform.php");?>All my other scripts use this for their inserting data and so why doesn't this work. The variables are all set right im sure. They carry the same name= as in the form names. the names are correct in the Database Table. May be I entered the data the wrong way in my database??? I don't know, I've tried everything and my form is not running, well dumby me i need to put up my backup, duh, but in the mean time i would really like to solve this, please help me anyone. thanks

Share this post

Link to post
Share on other sites

marijnnn    0

marijnnn
Posted

just a couple of things1) don't put single quotes around your variables. they will not be seen as variables but as actual strings2) don't just put posted data right in to your db. if they post quotes in the fields, it'll **** up everything. what you want to do is this:insert into ... (...)values (addslashes($...),addslashes(...)and when writing out the data from db, go: print(stripslashes($var));hope that helpsif not, post the mysql errors please

Share this post

Link to post
Share on other sites

Hercco    0

Hercco
Posted

just a couple of things

1) don't put single quotes around your variables. they will not be seen as variables but as actual strings


Actually single quotes around variable on a string inside double quotes doesn't prevent the variable from being parsed. To clarify, this does work, it prints out 'foo' (with the quotes)

 

<?php	$stuff = "foo";	$var = " '$stuff' ";	echo $var;?>

But just to make sure every variable is parsed I always use . (dot) operator and \ before quotes which are meant to be as characters. So the beginning of the VALUES would look like this

 

'VALUES (\''.$sender_firstandlast.'\'',\''.$sender_companyname.'\',\''.$sender_email'\''

 

2) don't just put posted data right in to your db. if they post quotes in the fields, it'll **** up everything. what you want to do is

this:

insert into ... (...)

values (addslashes($...),addslashes(...)

 

and when writing out the data from db, go: print(stripslashes($var));

 

hope that helps

if not, post the mysql errors please

<{POST_SNAPBACK}>


I don't know if it's the browser or PHP but for me this has always been done automatically. So straight from a post or get variable "Hercco's " would be in PHP like "Hercco\'s". But nevertheless using addslashes() does no harm and is probably wise thing to do. And it should be always done if you take the data from a file for example.

 

 

EDIT: Also, in addition to removing that double post vcould you, Remonit, (or Mod) add few spaces to the SQL line. The thread is quite wiiiiiiide in Mozilla. :P

Share this post

Link to post
Share on other sites

r3d1405241470    0

r3d1405241470
Posted

The thread is quite wiiiiiiide in Mozilla. :P

<{POST_SNAPBACK}>

fixed.

 

about the code

mysql_select_db($db) or die("Cannot select the database.<br>" . mysql_error());

$result=mysql_query("INSERT INTO quote (sender_firstandlast, sender_companyname, sender_email, sender_phonenumber, how_recieve, websitetitle, what, websitedetails, websitebudget, how_pages, completiondate, currenturl, chooseany, size, scripts, databases, scriptdetails) VALUES ('$sender_firstandlast','$sender_companyname','$sender_email',

'$sender_phonenumber','$how_recieve','$websitetitle','$what',

'$websitedetails','$websitebudget','$how_pages','$completiondate',

'$currenturl','$chooseany','$size','$scripts','$databases','$scriptdetails')")

or die("Insert Error: ".mysql_error());

if you can prevent doing this, please do so.

or try like this

$result=mysql_query("$query");

 

your query

$query <<< EOF

INSERT INTO quote

(sender..., sender...,

.....

EOF;

just like the way in mysql client

 

problems :P

we don't know the error code.

we don't know how you design your db.

 

for now try this sol'n

kindly use double qoutes(") in post/get values

$sender_firstandlast =$_POST["sender_firstandlast"];

i never see this code before

or die("Insert Error: ".mysql_error());

try

$result=mysql_result(your query);

if(!result)

  {

      die("Query not inserted! ".mysql_error());

  }

well i'm might be wrong coz i'm not doing this a long time :o

 

good luck

Share this post

Link to post
Share on other sites

Hercco    0

Hercco
Posted 
or die("Insert Error: ".mysql_error());

What that simply does is, in case select_db fails (ie. returns false) the execution of the code ends with printing for the error given as a parameter.

Semantically it does just what R3d's code, just looks tidier.

Share this post

Link to post
Share on other sites

thedevil    0

thedevil
Posted

hey use { before any variable if you need to use the ' over the string... as for example$foo ="Xisto";$query ="insert into db (name) values ('{$foo}');mysql_query($query) or die(mysql_error());just try this...

Share this post

Link to post
Share on other sites

whafizi    0

whafizi
Posted

i dont want to interrup here, but dude, now we are talking the OOP era.Object Oriented Programming.Means you use object/classes to connect to databases. Here is the idea;1. Create a connection library using CLASS to define a database object which include all the login informations.2. Include a CONSTRUCTOR which automatically connect to the database when this class is defined.3. Now, all you need to do is to include this library whenever you want to use database function. No more rewriting the same code again!.I can never live without OOP!.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept