www.webdeveloper.com
Results 1 to 5 of 5

Thread: Values not going in DB

  1. #1
    Join Date
    Apr 2012
    Posts
    23

    Values not going in DB

    Hi,

    I have put the following code together in an attempt to insert data into my DB. It isnt producing any error messages just posting to self returning back to the start again.

    Any ideas?

    PHP Code:
    <html>
    <head></head>
    <body>
    <?php 

    session_start
    ();

    $self $_SERVER['PHP_SELF'];

    $localhost 'localhost';
    $dbuser 'root';
    $dbpass 'password';
    $dbname 'north';

    $connect mysql_connect($localhost$dbuser$dbpass);

    mysql_select_db($dbname$connect);
    if(isset(
    $_POST['submit']))
    {
    $id $_POST['id'];
    $title $_POST['title'];
    $description $_POST['description'];
    $keywords $_POST['keywords'];
    $_SESSION['id']=$id;
    $_SESSION['title']=$title;
    $_SESSION['description']=$description;
    $_SESSION['keywords']=$keywords;

    $query "INSERT INTO URL VALUES ('','$id','$title','$description','$keywords')";
    mysql_query($query);
    header("location: home.php");

    echo 
    'Success';


    ?>

    <form method="post" action="<?php echo $self?>">
    Page Name: <input type="text" name="id"><br>
    Title of Page: <input type="text" name="title"><br>
    Description: <input type="text" name="description"><br>
    Keywords: <input type="text" name="keywords"><br>
    <input type="Submit">
    </form>


    </body>
    </html>

  2. #2
    Join Date
    Mar 2012
    Location
    bangalore,india
    Posts
    27
    $query = "INSERT INTO URL VALUES ('','$id','$title','$description','$keywords')";

    may i know the reason why you have specified '' this in values?

  3. #3
    Join Date
    Nov 2011
    Posts
    37
    try to check if you are actually connect to the sql server by
    $connect = mysql_connect($localhost, $dbuser, $dbpass) or die ('could not connect to SQL server');


    mysql_select_db($dbname, $connect) or die ('could not select');

    if the connection is fine, check the errors for your sql_query by
    mysql_query($query) or die (mysql_error();

  4. #4
    Join Date
    Feb 2005
    Location
    Tauranga
    Posts
    2,062
    PHP Code:
    <?php
        
    // no output should be sent before starting a session - or sending a header redirect ( below )
        
    session_start();
        
        
    // make this safe
        
    $self htmlentities(basename($_SERVER['PHP_SELF']));
        
        
    // why define these as vars ? put them direct in the mysql_connect ....
        
    $localhost 'localhost';
        
    $dbuser 'root';
        
    $dbpass 'password';
        
    $dbname 'north';
        
        
    // connect with built in debug
        
    $connect mysql_connect($localhost$dbuser$dbpass) or die('Can not connect to MYSQL:'mysql_error());
        
    mysql_select_db($dbname$connect); or die('Can not select database:'mysql_error());
        
        
    // if the form has been submitted..
        
    if(isset($_POST['submit'])) {
            
            
    // A fast way to prep data.
            
    foreach($POST as $key => $value) {
                
    // ALWAYS mysql_real_escape_string your data before injecting in to MYSQL
                
    $_SESSION[$key] = mysql_real_escape_string($value);
            }
            
            
    // set up query - this is a yuck way ... 
            
    $query "INSERT INTO url VALUES ('','{$_SESSION['id']}','{$_SESSION['title']}','{$_SESSION['description']}','{$_SESSION['keywords']}')";
            
    // I would to this ..
            
    $query "INSERT INTO url set id = '{$_SESSION['id']}', title = '{$_SESSION['title']}', description = '{$_SESSION['description']}', keywords = '{$_SESSION['keywords']}'";

            
    // run the query - with built in debug
            
    mysql_query($query) or die('Query Error:'mysql_error());
            
            
    // on success - redirect.
            
    header("location: home.php");
        
        }
    ?>
    <html>
    <head></head>
    <body>
        
        <form method="post" action="<?php echo $self?>">
            Page Name: <input type="text" name="id"><br>
            Title of Page: <input type="text" name="title"><br>
            Description: <input type="text" name="description"><br>
            Keywords: <input type="text" name="keywords"><br>
            <input type="Submit">
        </form>

    </body>
    </html>

  5. #5
    Join Date
    Apr 2012
    Posts
    23
    Hey Sheldon,

    Thanks for the reply,

    Since then I decided to re-write the script completely to incorporate an edit function too. I have the DB connect file elsewhere now to keep things neat.

    Here is the new script, let me know your thoughts:

    PHP Code:
    <?php
            
    // creates the new/edit record form
            
    function renderForm($page ''$title ''$descr ''$keywords ''$error ''$id '')
            { 
    ?>
                    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
                    <html>
                            <head>  
                                    <title>
                                            <?php if ($id != '') { echo "Edit Record"; } else { echo "New Record"; } ?>
                                    </title>
                                    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
                            </head>
                            <body>
                                    <h1><?php if ($id != '') { echo "Edit Record"; } else { echo "New Record"; } ?></h1>
                                    <?php if ($error != '') {
                                            echo 
    "<div style='padding:4px; border:1px solid red; color:red'>" $error
                                                    
    "</div>";
                                    } 
    ?>
                                    <form action="" method="post">
                                    <div>
                                            <?php if ($id != '') { ?>
                                                    <input type="hidden" name="id" value="<?php echo $id?>" />
                                                    <p>ID: <?php echo $id?></p>
                                            <?php ?>
                                            
                                            <strong>First Name: *</strong> <input type="text" name="page"
                                                    value="<?php echo $page?>"/><br/>
                                            <strong>Last Name: *</strong> <input type="text" name="title"
                                                    value="<?php echo $title?>"/>
                                            <strong>Desc: *</strong> <input type="text" name="descr"
                                                    value="<?php echo $descr?>"/>
                                            <strong>Desc: *</strong> <input type="text" name="keywords"
                                                    value="<?php echo $keywords?>"/>
                                            <p>* required</p>
                                            <input type="submit" name="submit" value="Submit" />
                                    </div>
                                    </form>
                            </body>
                    </html> 
            <?php }
            
    /*
               EDIT RECORD
            */
            // if the 'id' variable is set in the URL
            
    if (isset($_GET['id']))
            {
                    
    // if the form's submit button is clicked process
                    
    if (isset($_POST['submit']))
                    {
                            
    // make sure the 'id' in the URL is valid
                            
    if (is_numeric($_POST['id']))
                            {
                                    
    // get variables from the URL/form
                                    
    $id $_POST['id'];
                                    
    $page htmlentities($_POST['page'], ENT_QUOTES);
                                    
    $title htmlentities($_POST['title'], ENT_QUOTES);
                                    
    $descr htmlentities($_POST['descr'], ENT_QUOTES);
                                    
    $keywords htmlentities($_POST['keywords'], ENT_QUOTES);
                                    
    // check that page and title are both not empty
                                    
    if ($page == '' || $title == '' || $descr == '')
                                    {
                                            
    // if they are empty, show an error message and display the form
                                            
    $error 'ERROR: Please fill in all required fields!';
                                            
    renderForm($page$title$descr$keywords$error$id);
                                    }
                                    else
                                    {
                                            
    // if everything is fine, update the record
                                            
    if ($stmt $mysqli->prepare("UPDATE URL SET page = ?, title = ?, descr = ?, keywords = ?
                                                    WHERE id=?"
    ))
                                            {
                                                    
    $stmt->bind_param("ssssi"$page$title$descr$keywords$id);
                                                    
    $stmt->execute();
                                                    
    $stmt->close();
                                            }
                                            
    // show an error message if the query has an error
                                            
    else
                                            {
                                                    echo 
    "ERROR: could not prepare SQL statement.";
                                            }
                                            
    // redirect the user once the form is updated
                                            
    header("Location: view.php");
                                    }
                            }
                            
    // if the 'id' variable is not valid, show an error message
                            
    else
                            {
                                    echo 
    "Error!";
                            }
                    }
                    
    // if the form hasn't been submitted yet, get the info from the database and show the form
                    
    else
                    {
                            
    // make sure the 'id' value is valid
                            
    if (is_numeric($_GET['id']) && $_GET['id'] > 0)
                            {
                                    
    // get 'id' from URL
                                    
    $id $_GET['id'];
                                    
                                    
    // get the recod from the database
                                    
    if($stmt $mysqli->prepare("SELECT * FROM URL WHERE id=?"))
                                    {
                                            
    $stmt->bind_param("i"$id);
                                            
    $stmt->execute();
                                            
    $stmt->bind_result($id$page$title$descr$keywords);
                                            
    $stmt->fetch();
                                            
                                            
    // show the form
                                            
    renderForm($page$title$descr$keywordsNULL$id);
                                            
    $stmt->close();
                                    }
                                    
    // show an error if the query has an error
                                    
    else
                                    {
                                            echo 
    "Error: could not prepare SQL statement";
                                    }
                            }
                            
    // if the 'id' value is not valid, redirect the user back to the view.php page
                            
    else
                            {
                                    
    header("Location: view.php");
                            }
                    }
            }
            
    /*
               NEW RECORD
            */
            // if the 'id' variable is not set we must be creating a new record
            
    else
            {
                    
    // if the form's submit button is clicked, we need to process the form
                    
    if (isset($_POST['submit']))
                    {
                            
    // get the form data
                            
    $page htmlentities($_POST['page'], ENT_QUOTES);
                            
    $title htmlentities($_POST['title'], ENT_QUOTES);
                            
    $descr htmlentities($_POST['descr'], ENT_QUOTES);
                            
    $keywords htmlentities($_POST['keywords'], ENT_QUOTES);
                            
                            
    // check that page and title are both not empty
                            
    if ($page == '' || $title == '' || $descr == '' || $keywords == '')
                            {
                                    
    // if they are empty, show an error message and display the form
                                    
    $error 'ERROR: Please fill in all required fields!';
                                    
    renderForm($page$title$descr$keywords$error);
                            }
                            else
                            {
                                    
    // insert the new record into the database
                                    
    if ($stmt $mysqli->prepare("INSERT INTO URL (page, title, descr, keywords) VALUES (?, ?, ?, ?)"))
                                    {
                                            
    $stmt->bind_param("ssss"$page$title$descr$keywords);
                                            
    $stmt->execute();
                                            
    $stmt->close();
                                    }
                                    
    // show an error if the query has an error
                                    
    else
                                    {
                                            echo 
    "ERROR: Could not prepare SQL statement.";
                                    }
                                    
                                    
    // redirec the user
                                   
    header("Location: view.php");
                            }   
                    }
                    
    // if the form hasn't been submitted yet, show the form
                    
    else
                    {
                            
    renderForm();
                    }
            }
            
    // close mysqli connection
            
    $mysqli->close();

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles