remonit1405241472 0 Report post Posted November 15, 2004 Hi all how are you? I am just having a bit of an issue with my form script and mysql, inserting records from this form of mine into my table in my database.it looks like all my others and they work, so what could be so wrong with this. Herelet me show you the codeCODE<?php$host="xxxxxxxxx";$username="xxxxxxx";$password="xxxxxx";$db="xxxxx";$link=mysql_connect($host,$username,$password);if (!$link)die("Couldn't connect to MySQL");mysql_select_db($db,$link)or die("couldn't open $db:".mysql_error());$sender_firstandlast =$_POST['sender_firstandlast'];$sender_companyname =$_POST['sender_companyname'];$sender_email=$_POST['sender_email'];$sender_phonenumber=$_POST['sender_phonenumber'];$how_recieve=$_POST['how_recieve'];$websitetitle=$_POST['websitetitle'];$what=$_POST['what'];$websitedetails=$_POST['websitedetails'];$websitebudget=$_POST['websitebudget'];$how_pages=$_POST['how_pages'];$completiondate=$_POST['completiondate'];$currenturl=$_POST['currenturl'];$chooseany=$_POST['chooseany'];$size=$_POST['size'];$scripts=$_POST['scripts'];$databases=$_POST['databases'];$scriptdetails=$_POST['scriptdetails'];mysql_select_db($db) or die("Cannot select the database.<br>" . mysql_error());$result=mysql_query("INSERT INTO quote (sender_firstandlast, sender_companyname, sender_email, sender_phonenumber, how_recieve, websitetitle, what, websitedetails, websitebudget, how_pages, completiondate, currenturl, chooseany, size, scripts, databases, scriptdetails) VALUES ('$sender_firstandlast','$sender_companyname','$sender_email','$sender_phonenumber','$how_recieve','$websitetitle','$what','$websitedetails','$websitebudget','$how_pages','$completiondate','$currenturl','$chooseany','$size','$scripts','$databases','$scriptdetails')")or die("Insert Error: ".mysql_error());?><?phpinclude("steveform.php");?>All my other scripts use this for their inserting data and so why doesn't this work. The variables are all set right im sure. They carry the same name= as in the form names. the names are correct in the Database Table. May be I entered the data the wrong way in my database??? I don't know, I've tried everything and my form is not running, well dumby me i need to put up my backup, duh, but in the mean time i would really like to solve this, please help me anyone. thanks Share this post Link to post Share on other sites
Hercco 0 Report post Posted November 15, 2004 Does MySQL print out an error message? If so could you copy & paste it here. Oh and you accidentally double posted. Delete the other thread and save our mods time. Share this post Link to post Share on other sites
marijnnn 0 Report post Posted November 16, 2004 just a couple of things1) don't put single quotes around your variables. they will not be seen as variables but as actual strings2) don't just put posted data right in to your db. if they post quotes in the fields, it'll **** up everything. what you want to do is this:insert into ... (...)values (addslashes($...),addslashes(...)and when writing out the data from db, go: print(stripslashes($var));hope that helpsif not, post the mysql errors please Share this post Link to post Share on other sites
Hercco 0 Report post Posted November 17, 2004 just a couple of things 1) don't put single quotes around your variables. they will not be seen as variables but as actual strings Actually single quotes around variable on a string inside double quotes doesn't prevent the variable from being parsed. To clarify, this does work, it prints out 'foo' (with the quotes) <?php $stuff = "foo"; $var = " '$stuff' "; echo $var;?> But just to make sure every variable is parsed I always use . (dot) operator and \ before quotes which are meant to be as characters. So the beginning of the VALUES would look like this 'VALUES (\''.$sender_firstandlast.'\'',\''.$sender_companyname.'\',\''.$sender_email'\'' 2) don't just put posted data right in to your db. if they post quotes in the fields, it'll **** up everything. what you want to do is this: insert into ... (...) values (addslashes($...),addslashes(...) and when writing out the data from db, go: print(stripslashes($var)); hope that helps if not, post the mysql errors please <{POST_SNAPBACK}> I don't know if it's the browser or PHP but for me this has always been done automatically. So straight from a post or get variable "Hercco's " would be in PHP like "Hercco\'s". But nevertheless using addslashes() does no harm and is probably wise thing to do. And it should be always done if you take the data from a file for example. EDIT: Also, in addition to removing that double post vcould you, Remonit, (or Mod) add few spaces to the SQL line. The thread is quite wiiiiiiide in Mozilla. Share this post Link to post Share on other sites
r3d1405241470 0 Report post Posted November 19, 2004 The thread is quite wiiiiiiide in Mozilla. <{POST_SNAPBACK}> fixed. about the code mysql_select_db($db) or die("Cannot select the database.<br>" . mysql_error()); $result=mysql_query("INSERT INTO quote (sender_firstandlast, sender_companyname, sender_email, sender_phonenumber, how_recieve, websitetitle, what, websitedetails, websitebudget, how_pages, completiondate, currenturl, chooseany, size, scripts, databases, scriptdetails) VALUES ('$sender_firstandlast','$sender_companyname','$sender_email', '$sender_phonenumber','$how_recieve','$websitetitle','$what', '$websitedetails','$websitebudget','$how_pages','$completiondate', '$currenturl','$chooseany','$size','$scripts','$databases','$scriptdetails')") or die("Insert Error: ".mysql_error()); if you can prevent doing this, please do so.or try like this $result=mysql_query("$query"); your query $query <<< EOF INSERT INTO quote (sender..., sender..., ..... EOF; just like the way in mysql client problems we don't know the error code. we don't know how you design your db. for now try this sol'n kindly use double qoutes(") in post/get values $sender_firstandlast =$_POST["sender_firstandlast"];i never see this code beforeor die("Insert Error: ".mysql_error());try $result=mysql_result(your query); if(!result) { die("Query not inserted! ".mysql_error()); } well i'm might be wrong coz i'm not doing this a long time good luck Share this post Link to post Share on other sites
Hercco 0 Report post Posted November 21, 2004 or die("Insert Error: ".mysql_error()); What that simply does is, in case select_db fails (ie. returns false) the execution of the code ends with printing for the error given as a parameter. Semantically it does just what R3d's code, just looks tidier. Share this post Link to post Share on other sites
thedevil 0 Report post Posted December 9, 2004 hey use { before any variable if you need to use the ' over the string... as for example$foo ="Xisto";$query ="insert into db (name) values ('{$foo}');mysql_query($query) or die(mysql_error());just try this... Share this post Link to post Share on other sites
whafizi 0 Report post Posted December 13, 2004 i dont want to interrup here, but dude, now we are talking the OOP era.Object Oriented Programming.Means you use object/classes to connect to databases. Here is the idea;1. Create a connection library using CLASS to define a database object which include all the login informations.2. Include a CONSTRUCTOR which automatically connect to the database when this class is defined.3. Now, all you need to do is to include this library whenever you want to use database function. No more rewriting the same code again!.I can never live without OOP!. Share this post Link to post Share on other sites
iGuest 3 Report post Posted January 14, 2005 thanks for the good informations !! Share this post Link to post Share on other sites