Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Adding info to mysql database via php?

  • 03-02-2006 02:56PM
    #1
    Adam
    Closed Accounts Posts: 8,866 ✭✭✭


    As stated, i'm trying to add data to a mysql database via a form.
    The html of the page is working fine, the form seems ok. but when i add data and click save it doesn't send it to the database, it just creates a new empty row on the table meant to display the data.

    I debugged the $SQL variable before the INSERT INTO statment and got this:

    [INSERT INTO tbl_service_request (servreq_name, servreq_machine, servreq_fault_desc, servreq_contact_det, servreq_date) VALUES ('', '', '', '', '')]

    So the values are being sent off empty...why?


Comments

  • #2
    TouchingVirus
    Registered Users, Registered Users 2 Posts: 8,581 ✭✭✭TouchingVirus


    It is obvious your SQL query to insert data is incorrect.


    Post it up so we can have a look..


    To make 100% sure your form is passing data to the server you could try a print_R($_POST); which will print out everything that the form passes to the server :)


  • #3
    Adam
    Closed Accounts Posts: 8,866 ✭✭✭Adam


    if($v==0){
    $SQL="INSERT INTO tbl_service_request (servreq_name, servreq_machine, servreq_fault_desc, servreq_contact_det, servreq_date) VALUES ('{$s}', '{$s}', '{$s}', '{$s}', '{$s}')";
    mysql_query($SQL) or die("Query failed : " . mysql_error());



    Its messy posting! :D


  • #4
    Adam
    Closed Accounts Posts: 8,866 ✭✭✭Adam


    I ran that print_R and entered random 3 letter jobbies into the fields and it gave me this:

    Array ( [servreq_id] => [servreq_name] => asd [servreq_machine] => sdf [servreq_fault_desc] => dfg [servreq_contact_det] => fgh [servreq_date] => nbm )


  • #5
    TouchingVirus
    Registered Users, Registered Users 2 Posts: 8,581 ✭✭✭TouchingVirus


    fade_to_grey wrote:
    if($v==0){
    $SQL="INSERT INTO tbl_service_request (servreq_name, servreq_machine, servreq_fault_desc, servreq_contact_det, servreq_date) VALUES ('{$s}', '{$s}', '{$s}', '{$s}', '{$s}')";
    mysql_query($SQL) or die("Query failed : " . mysql_error());



    Its messy posting! :D

    heh, what did you assign the $s variable to..

    When php parses a form, all data is thrown into the global variable $_POST.

    if you set $s = $_POST before your statements, then $s will become the array that holds the form data


    for example
    <form action="form.php">
Check here for the craic? <input type="checkbox" name="yesno" value="1" CHECKED>
<input type="hidden" name="do" value="dosomething">
<input type="submit" value="Submit form">
</form>

    form.php extract

    [php]
    // Print all form values received..

    print_R($_POST);

    // Do the form...
    if($_POST == 'dosomething')
    {
    $value = $_POST;

    $sql = "INSERT INTO table (id,craic_value) VALUES ('','$value');

    mysql_query($sql) or die("Query failed : " . mysql_error());
    }
    [/php]


  • #6
    TouchingVirus
    Registered Users, Registered Users 2 Posts: 8,581 ✭✭✭TouchingVirus


    fade_to_grey wrote:
    I ran that print_R and entered random 3 letter jobbies into the fields and it gave me this:

    Array ( [servreq_id] => [servreq_name] => asd [servreq_machine] => sdf [servreq_fault_desc] => dfg [servreq_contact_det] => fgh [servreq_date] => nbm )

    Yes, so your html form is correct, they are the values you sent to the server when you clicked submit.

    Thing is, they are stored in $_POST, not $s...

    Try doing a print_R($s); and you will most likely see this
    Array ()

    To solve, you can either change $s[xxxx] to $_POST[xxxx] or you could type this above the insert. If your form sequence has multiple if statements for different scenario's of serverreq_id then it would be better to type the following line before the first if :)

    [php]
    $s = $_POST;
    [/php]


    Im also a little curious as to why you are basing the appropriate SQL statement on $v and not on $s ...this could prove a little hazardous if you dont know what you're at.. e.g.

    [php]
    if($v==0)
    {

    $SQL="INSERT INTO tbl_service_request (servreq_name, servreq_machine, servreq_fault_desc, servreq_contact_det, servreq_date) VALUES ('{$s}', '{$s}', '{$s}', '{$s}', '{$s}')";
    mysql_query($SQL) or die("Query failed : " . mysql_error());
    }
    else
    {
    $SQL="UPDATE tbl_service_request SET blah blah blah WHERE servreq_id=$v";
    mysql_query($SQL) or die("Query failed : " . mysql_error());
    }[/php]

    if $v is supposed to be the value in the form then this will never execute the else, since that is $s :)


  • Advertisement
  • #7
    Adam
    Closed Accounts Posts: 8,866 ✭✭✭Adam


    You sir, are a god :D


  • #8
    TouchingVirus
    Registered Users, Registered Users 2 Posts: 8,581 ✭✭✭TouchingVirus


    fade_to_grey wrote:
    You sir, are a god :D

    ;) You're very welcome, re-read my above post to see the little bit of info i added to make sure you're on the right track :)


  • #9
    rsynnott
    Registered Users, Registered Users 2 Posts: 4,003 ✭✭✭rsynnott


    TouchingVirus wrote:
    ...

    This is vulnerable to SQL Injection. Careful now!


  • #10
    Cake Fiend
    Registered Users, Registered Users 2 Posts: 5,333 ✭✭✭Cake Fiend


    SQL harassment... panda!

    PeteySexualHarassmentPanda.gif


Advertisement