Can't find my stupid mistake!

This site is best viewed in a modern browser with JavaScript enabled.

Lazarix

Hi all,
I'm trying to create a form that will insert into a mysql database.
The code for the php file is below:

<?

//set database connection parameters
$hostname = "127.0.0.1:3307"; // database server name
$db_user = "testuser"; // change to your database password 
$db_password = "testpass"; // change to your database password 
$database = "testdb"; // provide your database name 
$db_table = "form1"; // leave this as is 


//database connection
$db = mysql_connect($hostname, $db_user, $db_password); 
mysql_select_db($database,$db);

//Prepare prerequisites
		$created = time();
		$ip = $_SERVER['REMOTE_ADDR'];
		$_POST = array_map('mysql_real_escape_string',$_POST);

if(isset($_REQUEST['submit']))
{
//inserting data order
$sql = "INSERT INTO $db_table(EmployeeName,EmployeeRef,WeeksPerYear,MonTownFrom,MonPostcodeFrom,MonTownTo,MonPostcodeTo,MonMiles,TueTownFrom,TuePostcodeFrom,TueTownTo,TuePostcodeTo,TueMiles,WedTownFrom,WedPostcodeFrom,WedTownTo,WedPostcodeTo,WedMiles,ThuTownFrom,ThuPostcodeFrom,ThuTownTo,ThuPostcodeTo,ThuMiles,FriTownFrom,FriPostcodeFrom,FriTownTo,FriPostcodeTo,FriMiles,SatTownFrom,SatPostcodeFrom,SatTownTo,SatPostcodeTo,SatMiles,SunTownFrom,SunPostcodeFrom,SunTownTo,SunPostcodeTo,SunMiles,SumMiles,MonCheck,TueCheck,WedCheck,ThuCheck,FriCheck,SatCheck,SunCheck,MonHours,TueHours,WedHours,ThuHours,FriHours,SatHours,SunHours,SumHours,MonTravel,TueTravel,WedTravel,ThuTravel,FriTravel,SatTravel,SunTravel,MonMealCheck,TueMealCheck,WedMealCheck,ThuMealCheck,FriMealCheck,SatMealCheck,SunMealCheck,MonEveningMealCheck,TueEveningMealCheck,WedEveningMealCheck,ThuEveningMealCheck,FriEveningMealCheck,SatEveningMealCheck,SunEveningMealCheck,MonOvernightCheck,TueOvernightCheck,WedOvernightCheck,ThuOvernightCheck,FriOvernightCheck,SatOvernightCheck,SunOvernightCheck,DeclarationCheck,ip,created) 
            VALUES ('$_POST['EmployeeName']','$_POST['EmployeeRef']','$_POST['WeeksPerYear']','$_POST['MonTownFrom']','$_POST['MonPostcodeFrom']','$_POST['MonTownTo']','$_POST['MonPostcodeTo']','$_POST['MonMiles']','$_POST['TueTownFrom']','$_POST['TuePostcodeFrom']','$_POST['TueTownTo']','$_POST['TuePostcodeTo']','$_POST['TueMiles']','$_POST['WedTownFrom']','$_POST['WedPostcodeFrom']','$_POST['WedTownTo']','$_POST['WedPostcodeTo']','$_POST['WedMiles']','$_POST['ThuTownFrom']','$_POST['ThuPostcodeFrom']','$_POST['ThuTownTo']','$_POST['ThuPostcodeTo']','$_POST['ThuMiles']','$_POST['FriTownFrom']','$_POST['FriPostcodeFrom']','$_POST['FriTownTo']','$_POST['FriPostcodeTo']','$_POST['FriMiles']','$_POST['SatTownFrom']','$_POST['SatPostcodeFrom']','$_POST['SatTownTo']','$_POST['SatPostcodeTo']','$_POST['SatMiles']','$_POST['SunTownFrom']','$_POST['SunPostcodeFrom']','$_POST['SunTownTo']','$_POST['SunPostcodeTo']','$_POST['SunMiles']','$_POST['SumMiles']','$_POST['MonCheck']','$_POST['TueCheck']','$_POST['WedCheck']','$_POST['ThuCheck']','$_POST['FriCheck']','$_POST['SatCheck']','$_POST['SunCheck']','$_POST['MonHours']','$_POST['TueHours']','$_POST['WedHours']','$_POST['ThuHours']','$_POST['FriHours']','$_POST['SatHours']','$_POST['SunHours']','$_POST['SumHours']','$_POST['MonTravel']','$_POST['TueTravel']','$_POST['WedTravel']','$_POST['ThuTravel']','$_POST['FriTravel']','$_POST['SatTravel']','$_POST['SunTravel']','$_POST['MonMealCheck']','$_POST['TueMealCheck']','$_POST['WedMealCheck']','$_POST['ThuMealCheck']','$_POST['FriMealCheck']','$_POST['SatMealCheck']','$_POST['SunMealCheck']','$_POST['MonEveningMealCheck']','$_POST['TueEveningMealCheck']','$_POST['WedEveningMealCheck']','$_POST['ThuEveningMealCheck']','$_POST['FriEveningMealCheck']','$_POST['SatEveningMealCheck']','$_POST['SunEveningMealCheck']','$_POST['MonOvernightCheck']','$_POST['TueOvernightCheck']','$_POST['WedOvernightCheck']','$_POST['ThuOvernightCheck']','$_POST['FriOvernightCheck']','$_POST['SatOvernightCheck']','$_POST['SunOvernightCheck']','$_POST['DeclarationCheck']','$_POST['ip']','$_POST['created']')";


//declare in the order variable
if($result = mysql_query($sql ,$db))
{
	echo = "<br>Your Mileage form has been submitted successfully";
} 
else{
	echo = "<br>Your Mileage form has not been submitted successfully. Please correct any errors and try again."
	"ERROR: ".mysql_error();
}
}
?>

My problem is:
When I click submit on the form, the only thing I get is:

Your Mileage form has been submitted successfully"; } else{ echo = "
Your Mileage form has not been submitted successfully. Please correct any errors and try again." "ERROR: ".mysql_error(); } } ?>

Obviously my syntax is wrong somewhere, but I simply can't find where!
I've tried everything and pulling my hair out is next.

I'd appreciate someone giving me a hand with this!

Thanks

Derokorian

You're trying to embed variables (namely post) into a string, but when you do this quotes around the array index are NOT correct.

Note you should NEVER place external data directly into a SQL query like that, else you will be open to SQL Injection

Also note, the entire mysql_* library is out of date and to be deprecated. You shjould instead use PDO or mysqli. See API choosing for more information.

NogDog

For my personal tastes, I'll leave the quotes in there around the array indexes just to be consistent throughout the app. To do that, however, you either have to use "complex" variable notation (wrapping the entire array variable in curly braces) or use concatenation -- or use sprintf() and add the variables as the additional arguments.

// both (ugh!) complex notation and concatenation:
$sql = "test {$_GET['foo']} test " . $_GET['bar'] . " test";

// or use sprintf with place-holders:
$sql = sprintf(
    "test %s test %s test",
    mysql_real_escape_string($_GET['foo']),
    mysql_real_escape_string($_GET['bar'])
);

Lazarix

Thanks guys.
I've taken your advice and used mysqli instead of the (previously unbeknownst to me) depreciated mysql_connect() method.

Below is my new code.
Is this any good?
(splitting it into two posts because the forum doesn't like the length)

<?

//set database connection parameters
$hostname = "127.0.0.1:3307"; // usually is localhost, but if not sure, check with your hosting company, if you are with webune leave as localhost 
$db_user = "testuser"; // change to your database username
$db_password = "testpw"; // change to your database password 
$database = "testdb"; // provide your database name 
$db_table = "form1"; // leave this as is 


//database connection
$db = new mysqli($hostname, $db_user, $db_password, $database);
if($db->connect_errno > 0)
     {
	die('Unable to connect to database [' . $db->connect_error . ']');
      }
	mysqli_report(MYSQLI_REPORT_ERROR);

//Prepare prerequisites
		$created = time();
		$ip = $_SERVER['REMOTE_ADDR'];
		$_POST = array_map('mysql_real_escape_string',$_POST);

if(isset($_POST['submit']))
	{

//get the form data
   $EmployeeName        = htmlentities($_POST['EmployeeName'],        ENT_QUOTES);
   $EmployeeRef         = htmlentities($_POST['EmployeeRef'],         ENT_QUOTES);
   $WeeksPerYear        = htmlentities($_POST['WeeksPerYear'],        ENT_QUOTES);
   $MonTownFrom         = htmlentities($_POST['MonTownFrom'],         ENT_QUOTES);
   $MonPostcodeFrom     = htmlentities($_POST['MonPostcodeFrom'],     ENT_QUOTES);
   $MonTownTo           = htmlentities($_POST['MonTownTo'],           ENT_QUOTES);
   $MonPostcodeTo       = htmlentities($_POST['MonPostcodeTo'],       ENT_QUOTES);
   $MonMiles            = htmlentities($_POST['MonMiles'],            ENT_QUOTES);
   $TueTownFrom         = htmlentities($_POST['TueTownFrom'],         ENT_QUOTES);
   $TuePostcodeFrom     = htmlentities($_POST['TuePostcodeFrom'],     ENT_QUOTES);
   $TueTownTo           = htmlentities($_POST['TueTownTo'],           ENT_QUOTES);
   $TuePostcodeTo       = htmlentities($_POST['TuePostcodeTo'],       ENT_QUOTES);
   $TueMiles            = htmlentities($_POST['TueMiles'],            ENT_QUOTES);
   $WedTownFrom         = htmlentities($_POST['WedTownFrom'],         ENT_QUOTES);
   $WedPostcodeFrom     = htmlentities($_POST['WedPostcodeFrom'],     ENT_QUOTES);
   $WedTownTo           = htmlentities($_POST['WedTownTo'],           ENT_QUOTES);
   $WedPostcodeTo       = htmlentities($_POST['WedPostcodeTo'],       ENT_QUOTES);
   $WedMiles            = htmlentities($_POST['WedMiles'],            ENT_QUOTES);
   $ThuTownFrom         = htmlentities($_POST['ThuTownFrom'],         ENT_QUOTES);
   $ThuPostcodeFrom     = htmlentities($_POST['ThuPostcodeFrom'],     ENT_QUOTES);
   $ThuTownTo           = htmlentities($_POST['ThuTownTo'],           ENT_QUOTES);
   $ThuPostcodeTo       = htmlentities($_POST['ThuPostcodeTo'],       ENT_QUOTES);
   $ThuMiles            = htmlentities($_POST['ThuMiles'],            ENT_QUOTES);
   $FriTownFrom         = htmlentities($_POST['FriTownFrom'],         ENT_QUOTES);
   $FriPostcodeFrom     = htmlentities($_POST['FriPostcodeFrom'],     ENT_QUOTES);
   $FriTownTo           = htmlentities($_POST['FriTownTo'],           ENT_QUOTES);
   $FriPostcodeTo       = htmlentities($_POST['FriPostcodeTo'],       ENT_QUOTES);
   $FriMiles            = htmlentities($_POST['FriMiles'],            ENT_QUOTES);
   $SatTownFrom         = htmlentities($_POST['SatTownFrom'],         ENT_QUOTES);
   $SatPostcodeFrom     = htmlentities($_POST['SatPostcodeFrom'],     ENT_QUOTES);
   $SatTownTo           = htmlentities($_POST['SatTownTo'],           ENT_QUOTES);
   $SatPostcodeTo       = htmlentities($_POST['SatPostcodeTo'],       ENT_QUOTES);
   $SatMiles            = htmlentities($_POST['SatMiles'],            ENT_QUOTES);
   $SunTownFrom         = htmlentities($_POST['SunTownFrom'],         ENT_QUOTES);
   $SunPostcodeFrom     = htmlentities($_POST['SunPostcodeFrom'],     ENT_QUOTES);
   $SunTownTo           = htmlentities($_POST['SunTownTo'],           ENT_QUOTES);
   $SunPostcodeTo       = htmlentities($_POST['SunPostcodeTo'],       ENT_QUOTES);
   $SunMiles            = htmlentities($_POST['SunMiles'],            ENT_QUOTES);
   $SumMiles            = htmlentities($_POST['SumMiles'],            ENT_QUOTES);
   $MonCheck            = htmlentities($_POST['MonCheck'],            ENT_QUOTES);
   $TueCheck            = htmlentities($_POST['TueCheck'],            ENT_QUOTES);
   $WedCheck            = htmlentities($_POST['WedCheck'],            ENT_QUOTES);
   $ThuCheck            = htmlentities($_POST['ThuCheck'],            ENT_QUOTES);
   $FriCheck            = htmlentities($_POST['FriCheck'],            ENT_QUOTES);
   $SatCheck            = htmlentities($_POST['SatCheck'],            ENT_QUOTES);
   $SunCheck            = htmlentities($_POST['SunCheck'],            ENT_QUOTES);
   $MonHours            = htmlentities($_POST['MonHours'],            ENT_QUOTES);
   $TueHours            = htmlentities($_POST['TueHours'],            ENT_QUOTES);
   $WedHours            = htmlentities($_POST['WedHours'],            ENT_QUOTES);
   $ThuHours            = htmlentities($_POST['ThuHours'],            ENT_QUOTES);
   $FriHours            = htmlentities($_POST['FriHours'],            ENT_QUOTES);
   $SatHours            = htmlentities($_POST['SatHours'],            ENT_QUOTES);
   $SunHours            = htmlentities($_POST['SunHours'],            ENT_QUOTES);
   $SumHours            = htmlentities($_POST['SumHours'],            ENT_QUOTES);
   $MonTravel           = htmlentities($_POST['MonTravel'],           ENT_QUOTES);
   $TueTravel           = htmlentities($_POST['TueTravel'],           ENT_QUOTES);
   $WedTravel           = htmlentities($_POST['WedTravel'],           ENT_QUOTES);
   $ThuTravel           = htmlentities($_POST['ThuTravel'],           ENT_QUOTES);
   $FriTravel           = htmlentities($_POST['FriTravel'],           ENT_QUOTES);
   $SatTravel           = htmlentities($_POST['SatTravel'],           ENT_QUOTES);
   $SunTravel           = htmlentities($_POST['SunTravel'],           ENT_QUOTES);
   $MonMealCheck        = htmlentities($_POST['MonMealCheck'],        ENT_QUOTES);
   $TueMealCheck        = htmlentities($_POST['TueMealCheck'],        ENT_QUOTES);
   $WedMealCheck        = htmlentities($_POST['WedMealCheck'],        ENT_QUOTES);
   $ThuMealCheck        = htmlentities($_POST['ThuMealCheck'],        ENT_QUOTES);
   $FriMealCheck        = htmlentities($_POST['FriMealCheck'],        ENT_QUOTES);
   $SatMealCheck        = htmlentities($_POST['SatMealCheck'],        ENT_QUOTES);
   $SunMealCheck        = htmlentities($_POST['SunMealCheck'],        ENT_QUOTES);
   $MonEveningMealCheck = htmlentities($_POST['MonEveningMealCheck'], ENT_QUOTES);
   $TueEveningMealCheck = htmlentities($_POST['TueEveningMealCheck'], ENT_QUOTES);
   $WedEveningMealCheck = htmlentities($_POST['WedEveningMealCheck'], ENT_QUOTES);
   $ThuEveningMealCheck = htmlentities($_POST['ThuEveningMealCheck'], ENT_QUOTES);
   $FriEveningMealCheck = htmlentities($_POST['FriEveningMealCheck'], ENT_QUOTES);
   $SatEveningMealCheck = htmlentities($_POST['SatEveningMealCheck'], ENT_QUOTES);
   $SunEveningMealCheck = htmlentities($_POST['SunEveningMealCheck'], ENT_QUOTES);
   $MonOvernightCheck   = htmlentities($_POST['MonOvernightCheck'],   ENT_QUOTES);
   $TueOvernightCheck   = htmlentities($_POST['TueOvernightCheck'],   ENT_QUOTES);
   $WedOvernightCheck   = htmlentities($_POST['WedOvernightCheck'],   ENT_QUOTES);
   $ThuOvernightCheck   = htmlentities($_POST['ThuOvernightCheck'],   ENT_QUOTES);
   $FriOvernightCheck   = htmlentities($_POST['FriOvernightCheck'],   ENT_QUOTES);
   $SatOvernightCheck   = htmlentities($_POST['SatOvernightCheck'],   ENT_QUOTES);
   $SunOvernightCheck   = htmlentities($_POST['SunOvernightCheck'],   ENT_QUOTES);
   $DeclarationCheck    = htmlentities($_POST['DeclarationCheck'],    ENT_QUOTES);
   $ip                  = htmlentities($_POST['ip'],                  ENT_QUOTES);
   $created             = htmlentities($_POST['created'],             ENT_QUOTES);

Lazarix

part 2:

//check that the required fields are not empty
if ($EmployeeName == '' || $EmployeeRef == '' || $DeclarationCheck == '')
		{
$error = 'ERROR: Please fill in all required fields!';
renderForm($EmployeeName, $EmployeeRef, $DeclarationCheck, $error);
		}
else
		{
	//Insert the new record
	if ($stmt = $mysqli->prepare("INSERT mileageform (EmployeeName,EmployeeRef,WeeksPerYear,MonTownFrom,MonPostcodeFrom,MonTownTo,MonPostcodeTo,MonMiles,TueTownFrom,TuePostcodeFrom,TueTownTo,TuePostcodeTo,TueMiles,WedTownFrom,WedPostcodeFrom,WedTownTo,WedPostcodeTo,WedMiles,ThuTownFrom,ThuPostcodeFrom,ThuTownTo,ThuPostcodeTo,ThuMiles,FriTownFrom,FriPostcodeFrom,FriTownTo,FriPostcodeTo,FriMiles,SatTownFrom,SatPostcodeFrom,SatTownTo,SatPostcodeTo,SatMiles,SunTownFrom,SunPostcodeFrom,SunTownTo,SunPostcodeTo,SunMiles,SumMiles,MonCheck,TueCheck,WedCheck,ThuCheck,FriCheck,SatCheck,SunCheck,MonHours,TueHours,WedHours,ThuHours,FriHours,SatHours,SunHours,SumHours,MonTravel,TueTravel,WedTravel,ThuTravel,FriTravel,SatTravel,SunTravel,MonMealCheck,TueMealCheck,WedMealCheck,ThuMealCheck,FriMealCheck,SatMealCheck,SunMealCheck,MonEveningMealCheck,TueEveningMealCheck,WedEveningMealCheck,ThuEveningMealCheck,FriEveningMealCheck,SatEveningMealCheck,SunEveningMealCheck,MonOvernightCheck,TueOvernightCheck,WedOvernightCheck,ThuOvernightCheck,FriOvernightCheck,SatOvernightCheck,SunOvernightCheck,DeclarationCheck,ip,created)
	 VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"))
			{
			$stmt->bind_param("ss", $EmployeeName, $EmployeeRef, $WeeksPerYear, $MonTownFrom, $MonPostcodeFrom, $MonTownTo, $MonPostcodeTo, $MonMiles, $TueTownFrom, $TuePostcodeFrom, $TueTownTo, $TuePostcodeTo, $TueMiles, $WedTownFrom, $WedPostcodeFrom, $WedTownTo, $WedPostcodeTo, $WedMiles, $ThuTownFrom, $ThuPostcodeFrom, $ThuTownTo, $ThuPostcodeTo, $ThuMiles, $FriTownFrom, $FriPostcodeFrom, $FriTownTo, $FriPostcodeTo, $FriMiles, $SatTownFrom, $SatPostcodeFrom, $SatTownTo, $SatPostcodeTo, $SatMiles, $SunTownFrom, $SunPostcodeFrom, $SunTownTo, $SunPostcodeTo, $SunMiles, $SumMiles, $MonCheck, $TueCheck, $WedCheck, $ThuCheck, $FriCheck, $SatCheck, $SunCheck, $MonHours, $TueHours, $WedHours, $ThuHours, $FriHours, $SatHours, $SunHours, $SumHours, $MonTravel, $TueTravel, $WedTravel, $ThuTravel, $FriTravel, $SatTravel, $SunTravel, $MonMealCheck, $TueMealCheck, $WedMealCheck, $ThuMealCheck, $FriMealCheck, $SatMealCheck, $SunMealCheck, $MonEveningMealCheck, $TueEveningMealCheck, $WedEveningMealCheck, $ThuEveningMealCheck, $FriEveningMealCheck, $SatEveningMealCheck, $SunEveningMealCheck, $MonOvernightCheck, $TueOvernightCheck, $WedOvernightCheck, $ThuOvernightCheck, $FriOvernightCheck, $SatOvernightCheck, $SunOvernightCheck, $DeclarationCheck, $ip, $created);
			$stmt->execute();
			$stmt->close();
			}
		// show an error if the query has an error
		else
			{
			echo "ERROR: Could not prepare SQL statement. Your Mileage form has not been submitted successfully.";
			}
		}
	}
	else
	{
		renderForm();
	}

//declare in the order variable
$mysqli->close();

?>

Lazarix

Well,
clearly i'm doing something wrong because when I press submit, i get the following as the result:

connect_errno > 0) { die('Unable to connect to database [' . $db->connect_error . ']'); } mysqli_report(MYSQLI_REPORT_ERROR); //Prepare prerequisites $created = time(); $ip = $SERVER['REMOTE_ADDR']; $POST = array_map('mysql_real_escape_string',$POST); if(isset($POST['submit'])) { //get the form data $EmployeeName = htmlentities($POST['EmployeeName'], ENT_QUOTES); $EmployeeRef = htmlentities($POST['EmployeeRef'], ENT_QUOTES); $WeeksPerYear = htmlentities($POST['WeeksPerYear'], ENT_QUOTES); $MonTownFrom = htmlentities($POST['MonTownFrom'], ENT_QUOTES); $MonPostcodeFrom = htmlentities($POST['MonPostcodeFrom'], ENT_QUOTES); $MonTownTo = htmlentities($POST['MonTownTo'], ENT_QUOTES); $MonPostcodeTo = htmlentities($POST['MonPostcodeTo'], ENT_QUOTES); $MonMiles = htmlentities($POST['MonMiles'], ENT_QUOTES); $TueTownFrom = htmlentities($POST['TueTownFrom'], ENT_QUOTES); $TuePostcodeFrom = htmlentities($POST['TuePostcodeFrom'], ENT_QUOTES); $TueTownTo = htmlentities($POST['TueTownTo'], ENT_QUOTES); $TuePostcodeTo = htmlentities($POST['TuePostcodeTo'], ENT_QUOTES); $TueMiles = htmlentities($POST['TueMiles'], ENT_QUOTES); $WedTownFrom = htmlentities($POST['WedTownFrom'], ENT_QUOTES); $WedPostcodeFrom = htmlentities($POST['WedPostcodeFrom'], ENT_QUOTES); $WedTownTo = htmlentities($POST['WedTownTo'], ENT_QUOTES); $WedPostcodeTo = htmlentities($POST['WedPostcodeTo'], ENT_QUOTES); $WedMiles = htmlentities($POST['WedMiles'], ENT_QUOTES); $ThuTownFrom = htmlentities($POST['ThuTownFrom'], ENT_QUOTES); $ThuPostcodeFrom = htmlentities($POST['ThuPostcodeFrom'], ENT_QUOTES); $ThuTownTo = htmlentities($POST['ThuTownTo'], ENT_QUOTES); $ThuPostcodeTo = htmlentities($POST['ThuPostcodeTo'], ENT_QUOTES); $ThuMiles = htmlentities($POST['ThuMiles'], ENT_QUOTES); $FriTownFrom = htmlentities($POST['FriTownFrom'], ENT_QUOTES); $FriPostcodeFrom = htmlentities($POST['FriPostcodeFrom'], ENT_QUOTES); $FriTownTo = htmlentities($POST['FriTownTo'], ENT_QUOTES); $FriPostcodeTo = htmlentities($POST['FriPostcodeTo'], ENT_QUOTES); $FriMiles = htmlentities($POST['FriMiles'], ENT_QUOTES); $SatTownFrom = htmlentities($POST['SatTownFrom'], ENT_QUOTES); $SatPostcodeFrom = htmlentities($POST['SatPostcodeFrom'], ENT_QUOTES); $SatTownTo = htmlentities($POST['SatTownTo'], ENT_QUOTES); $SatPostcodeTo = htmlentities($POST['SatPostcodeTo'], ENT_QUOTES); $SatMiles = htmlentities($POST['SatMiles'], ENT_QUOTES); $SunTownFrom = htmlentities($POST['SunTownFrom'], ENT_QUOTES); $SunPostcodeFrom = htmlentities($POST['SunPostcodeFrom'], ENT_QUOTES); $SunTownTo = htmlentities($POST['SunTownTo'], ENT_QUOTES); $SunPostcodeTo = htmlentities($POST['SunPostcodeTo'], ENT_QUOTES); $SunMiles = htmlentities($POST['SunMiles'], ENT_QUOTES); $SumMiles = htmlentities($POST['SumMiles'], ENT_QUOTES); $MonCheck = htmlentities($POST['MonCheck'], ENT_QUOTES); $TueCheck = htmlentities($POST['TueCheck'], ENT_QUOTES); $WedCheck = htmlentities($POST['WedCheck'], ENT_QUOTES); $ThuCheck = htmlentities($POST['ThuCheck'], ENT_QUOTES); $FriCheck = htmlentities($POST['FriCheck'], ENT_QUOTES); $SatCheck = htmlentities($POST['SatCheck'], ENT_QUOTES); $SunCheck = htmlentities($POST['SunCheck'], ENT_QUOTES); $MonHours = htmlentities($POST['MonHours'], ENT_QUOTES); $TueHours = htmlentities($POST['TueHours'], ENT_QUOTES); $WedHours = htmlentities($POST['WedHours'], ENT_QUOTES); $ThuHours = htmlentities($POST['ThuHours'], ENT_QUOTES); $FriHours = htmlentities($POST['FriHours'], ENT_QUOTES); $SatHours = htmlentities($POST['SatHours'], ENT_QUOTES); $SunHours = htmlentities($POST['SunHours'], ENT_QUOTES); $SumHours = htmlentities($POST['SumHours'], ENT_QUOTES); $MonTravel = htmlentities($POST['MonTravel'], ENT_QUOTES); $TueTravel = htmlentities($POST['TueTravel'], ENT_QUOTES); $WedTravel = htmlentities($POST['WedTravel'], ENT_QUOTES); $ThuTravel = htmlentities($POST['ThuTravel'], ENT_QUOTES); $FriTravel = htmlentities($POST['FriTravel'], ENT_QUOTES); $SatTravel = htmlentities($POST['SatTravel'], ENT_QUOTES); $SunTravel = htmlentities($POST['SunTravel'], ENT_QUOTES); $MonMealCheck = htmlentities($POST['MonMealCheck'], ENT_QUOTES); $TueMealCheck = htmlentities($POST['TueMealCheck'], ENT_QUOTES); $WedMealCheck = htmlentities($POST['WedMealCheck'], ENT_QUOTES); $ThuMealCheck = htmlentities($POST['ThuMealCheck'], ENT_QUOTES); $FriMealCheck = htmlentities($POST['FriMealCheck'], ENT_QUOTES); $SatMealCheck = htmlentities($POST['SatMealCheck'], ENT_QUOTES); $SunMealCheck = htmlentities($POST['SunMealCheck'], ENT_QUOTES); $MonEveningMealCheck = htmlentities($POST['MonEveningMealCheck'], ENT_QUOTES); $TueEveningMealCheck = htmlentities($POST['TueEveningMealCheck'], ENT_QUOTES); $WedEveningMealCheck = htmlentities($POST['WedEveningMealCheck'], ENT_QUOTES); $ThuEveningMealCheck = htmlentities($POST['ThuEveningMealCheck'], ENT_QUOTES); $FriEveningMealCheck = htmlentities($POST['FriEveningMealCheck'], ENT_QUOTES); $SatEveningMealCheck = htmlentities($POST['SatEveningMealCheck'], ENT_QUOTES); $SunEveningMealCheck = htmlentities($POST['SunEveningMealCheck'], ENT_QUOTES); $MonOvernightCheck = htmlentities($POST['MonOvernightCheck'], ENT_QUOTES); $TueOvernightCheck = htmlentities($POST['TueOvernightCheck'], ENT_QUOTES); $WedOvernightCheck = htmlentities($POST['WedOvernightCheck'], ENT_QUOTES); $ThuOvernightCheck = htmlentities($POST['ThuOvernightCheck'], ENT_QUOTES); $FriOvernightCheck = htmlentities($POST['FriOvernightCheck'], ENT_QUOTES); $SatOvernightCheck = htmlentities($POST['SatOvernightCheck'], ENT_QUOTES); $SunOvernightCheck = htmlentities($POST['SunOvernightCheck'], ENT_QUOTES); $DeclarationCheck = htmlentities($POST['DeclarationCheck'], ENT_QUOTES); $ip = htmlentities($POST['ip'], ENT_QUOTES); $created = htmlentities($_POST['created'], ENT_QUOTES); //check that the required fields are not empty if ($EmployeeName == '' || $EmployeeRef == '' || $DeclarationCheck == '') { $error = 'ERROR: Please fill in all required fields!'; renderForm($EmployeeName, $EmployeeRef, $DeclarationCheck, $error); } else { //Insert the new record if ($stmt = $mysqli->prepare("INSERT mileageform (EmployeeName,EmployeeRef,WeeksPerYear,MonTownFrom,MonPostcodeFrom,MonTownTo,MonPostcodeTo,MonMiles,TueTownFrom,TuePostcodeFrom,TueTownTo,TuePostcodeTo,TueMiles,WedTownFrom,WedPostcodeFrom,WedTownTo,WedPostcodeTo,WedMiles,ThuTownFrom,ThuPostcodeFrom,ThuTownTo,ThuPostcodeTo,ThuMiles,FriTownFrom,FriPostcodeFrom,FriTownTo,FriPostcodeTo,FriMiles,SatTownFrom,SatPostcodeFrom,SatTownTo,SatPostcodeTo,SatMiles,SunTownFrom,SunPostcodeFrom,SunTownTo,SunPostcodeTo,SunMiles,SumMiles,MonCheck,TueCheck,WedCheck,ThuCheck,FriCheck,SatCheck,SunCheck,MonHours,TueHours,WedHours,ThuHours,FriHours,SatHours,SunHours,SumHours,MonTravel,TueTravel,WedTravel,ThuTravel,FriTravel,SatTravel,SunTravel,MonMealCheck,TueMealCheck,WedMealCheck,ThuMealCheck,FriMealCheck,SatMealCheck,SunMealCheck,MonEveningMealCheck,TueEveningMealCheck,WedEveningMealCheck,ThuEveningMealCheck,FriEveningMealCheck,SatEveningMealCheck,SunEveningMealCheck,MonOvernightCheck,TueOvernightCheck,WedOvernightCheck,ThuOvernightCheck,FriOvernightCheck,SatOvernightCheck,SunOvernightCheck,DeclarationCheck,ip,created) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)")) { $stmt->bind_param("ss", $EmployeeName, $EmployeeRef, $WeeksPerYear, $MonTownFrom, $MonPostcodeFrom, $MonTownTo, $MonPostcodeTo, $MonMiles, $TueTownFrom, $TuePostcodeFrom, $TueTownTo, $TuePostcodeTo, $TueMiles, $WedTownFrom, $WedPostcodeFrom, $WedTownTo, $WedPostcodeTo, $WedMiles, $ThuTownFrom, $ThuPostcodeFrom, $ThuTownTo, $ThuPostcodeTo, $ThuMiles, $FriTownFrom, $FriPostcodeFrom, $FriTownTo, $FriPostcodeTo, $FriMiles, $SatTownFrom, $SatPostcodeFrom, $SatTownTo, $SatPostcodeTo, $SatMiles, $SunTownFrom, $SunPostcodeFrom, $SunTownTo, $SunPostcodeTo, $SunMiles, $SumMiles, $MonCheck, $TueCheck, $WedCheck, $ThuCheck, $FriCheck, $SatCheck, $SunCheck, $MonHours, $TueHours, $WedHours, $ThuHours, $FriHours, $SatHours, $SunHours, $SumHours, $MonTravel, $TueTravel, $WedTravel, $ThuTravel, $FriTravel, $SatTravel, $SunTravel, $MonMealCheck, $TueMealCheck, $WedMealCheck, $ThuMealCheck, $FriMealCheck, $SatMealCheck, $SunMealCheck, $MonEveningMealCheck, $TueEveningMealCheck, $WedEveningMealCheck, $ThuEveningMealCheck, $FriEveningMealCheck, $SatEveningMealCheck, $SunEveningMealCheck, $MonOvernightCheck, $TueOvernightCheck, $WedOvernightCheck, $ThuOvernightCheck, $FriOvernightCheck, $SatOvernightCheck, $SunOvernightCheck, $DeclarationCheck, $ip, $created); $stmt->execute(); $stmt->close(); } // show an error if the query has an error else { echo "ERROR: Could not prepare SQL statement. Your Mileage form has not been submitted successfully."; } } } else { renderForm(); } //declare in the order variable $mysqli->close(); ?>

NogDog

Try using <?php (instead of <?). (Looks like it's not being parsed as PHP, just outputting (malformed) HTML.)

Lazarix

Yep, you're dead right

So, now it's complaining about:

		$_POST = array_map('mysql_real_escape_string',$_POST);

on line 22
the error is shown as:

Warning: mysql_real_escape_string() [<a href='function.mysql-real-escape-string'>function.mysql-real-escape-string</a>]: Access denied for user ''@'localhost' (using password: NO)

despite the fact that i'm specifying the database as 127.0.0.1:3307, i'm not sure why it's throwing localhost in there.

Does it have something to do with how i'm applying the real escape string, versus how i'm trying to use "$stmt ->execute();" ?

NogDog

If you're using the MySQLi extension, then the mysql_*() function won't know anything about that DB connection, and so won't work. In any case, if you are using bound parameters for all the inputs, then you do not want to escape them separately anyway, since the bind_param() method automatically takes care of that, as doing so would result in double escaping. (However, it looks like you'll need a lot more place-holders in its first parameter: one for each place-holder to be bound).

Lazarix

Thanks very much NogDog, I think i'm starting to get somewhere now!
I've commented out the mysql_real_escape_string piece and now it's progressing past that error.

The only thing that I don't seem to be handling correctly now are the checkboxes in my form.

I've got all the inputs looking for whether they are set or not by the master:

if(isset($_POST['submit']))

However, this isn't handling the checkboxes.
I get:

Notice: Undefined index: MonCheck

and so on, for all checkbox values.

by looking online, I believe i'd like to handle the checkbox insertion by either using a 1 or a 0 if they are checked or unchecked respectively.
I can see that this can be typically done by:

$MonCheck = (isset($_POST['MonCheck'])) ? 1 : 0;

If this is the way to do it, I can't see how to handle that within my existing code due to the fact that i'm running an isset for all inputs as opposed to doing it for each input individually :

   $MonCheck            = htmlentities($_POST['MonCheck'],            ENT_QUOTES);
   $TueCheck            = htmlentities($_POST['TueCheck'],            ENT_QUOTES);

Unless I do something like:

   $MonCheck            = htmlentities($_POST['MonCheck'],            ENT_QUOTES) ? 1 : 0;
   $TueCheck            = htmlentities($_POST['TueCheck'],            ENT_QUOTES) ? 1 : 0;

but i'm not sure if this is the right way to go about it.

Derokorian

Checkboxes are only POST when they are checked. So even though you check if the form was submitted, which you should do differently btw (see: here), the $_POST['CheckBox'] will not be set unless it was checked, that's why the suggested way to check for it is with isset on the field itself.

Lazarix

So, the only way to do it is to have 85 different isset statements?

Derokorian

If you have 85 checkboxes, in a way yes. You could however name those checkboxes something like name="Options[]" Value="unique values" and then just check the $_POST['Options'] is set and loop through looking for values, you could then have a predefined array of possible values, and then loop through them to determine which ones were checked and which ones weren't. I'm not going to do an 85 point but here's an example of what I mean:

<?php

$PossibleOptions = array('Ashley','Jack','John');
$Picks = array();
if( isset($_POST['Options']) && is_array($_POST['Options']) ) {
   foreach( $PossibleOptions as $opt ) {
      if( in_array($opt, $_POST['Options']) ) {
         $Picks[$opt] = 1;
      } else {
         $Picks[$opt] = 0;
      }
   }
} else {
   $Picks = array_combine($PossibleOptions, array_fill(0, count($PossibleOptions), 0));
}

$query = "Insert into Picks (Jack, John, Ashley) values (". implode(',', $Picks) .")";
echo $query;

?>
<form method="post" action="">
   <input type="checkbox" value="Jack"> Jack<br>
   <input type="checkbox" value="Ashley"> Ashley<br>
   <input type="checkbox" value="John"> John<br>
   <input type="submit" value="Submit">
</form>

*Note: Not producing valid html, pseudo/example code.

Lazarix

Thanks very much for the input Derokorian.

I've refined (or is it bloated?) the code now to the below and fixed other errors that I spotted along the way.

The only issue i'm facing at the moment is that the insert doesn't seem to insert the date/time that I have set by a variable.
The error is:

Warning: mysqli_stmt::execute() [<a href='mysqli-stmt.execute'>mysqli-stmt.execute</a>]: (23000/1048): Column 'created' cannot be null

Obviously this is the target mysql server notifying me that the destination column is not nullable (which is fine) and the underlying issue is that it's not being given the date/time correctly.

My code is now as below:

<?php

//set database connection parameters
$hostname = 'localhost:3307'; // usually is localhost, but if not sure, check with your hosting company, if you are with webune leave as localhost 
$db_user = 'testuser'; // change to your database username
$db_password = 'testpass'; // change to your database password 
$database = 'test'; // provide your database name 
//$db_table = 'testform'; // leave this as is 


//database connection
$db = new mysqli($hostname, $db_user, $db_password, $database);
if($db->connect_errno > 0)
	{
	die('Unable to connect to database [' . $db->connect_error . ']');
	}
	mysqli_report(MYSQLI_REPORT_ERROR);

//Prepare prerequisites
		$created = date("d-m-Y H:i:s");
		$ip = $_SERVER['REMOTE_ADDR'];

{

//get the form data
   $EmployeeName        = htmlentities(isset($_POST['EmployeeName']),        ENT_QUOTES);
   $EmployeeRef         = htmlentities(isset($_POST['EmployeeRef']),         ENT_QUOTES);
   $WeeksPerYear        = htmlentities(isset($_POST['WeeksPerYear']),        ENT_QUOTES);
   $MonTownFrom         = htmlentities(isset($_POST['MonTownFrom']),         ENT_QUOTES);
   $MonPostcodeFrom     = htmlentities(isset($_POST['MonPostcodeFrom']),     ENT_QUOTES);
   $MonTownTo           = htmlentities(isset($_POST['MonTownTo']),           ENT_QUOTES);
   $MonPostcodeTo       = htmlentities(isset($_POST['MonPostcodeTo']),       ENT_QUOTES);
   $MonMiles            = htmlentities(isset($_POST['MonMiles']),            ENT_QUOTES);
   $TueTownFrom         = htmlentities(isset($_POST['TueTownFrom']),         ENT_QUOTES);
   $TuePostcodeFrom     = htmlentities(isset($_POST['TuePostcodeFrom']),     ENT_QUOTES);
   $TueTownTo           = htmlentities(isset($_POST['TueTownTo']),           ENT_QUOTES);
   $TuePostcodeTo       = htmlentities(isset($_POST['TuePostcodeTo']),       ENT_QUOTES);
   $TueMiles            = htmlentities(isset($_POST['TueMiles']),            ENT_QUOTES);
   $WedTownFrom         = htmlentities(isset($_POST['WedTownFrom']),         ENT_QUOTES);
   $WedPostcodeFrom     = htmlentities(isset($_POST['WedPostcodeFrom']),     ENT_QUOTES);
   $WedTownTo           = htmlentities(isset($_POST['WedTownTo']),           ENT_QUOTES);
   $WedPostcodeTo       = htmlentities(isset($_POST['WedPostcodeTo']),       ENT_QUOTES);
   $WedMiles            = htmlentities(isset($_POST['WedMiles']),            ENT_QUOTES);
   $ThuTownFrom         = htmlentities(isset($_POST['ThuTownFrom']),         ENT_QUOTES);
   $ThuPostcodeFrom     = htmlentities(isset($_POST['ThuPostcodeFrom']),     ENT_QUOTES);
   $ThuTownTo           = htmlentities(isset($_POST['ThuTownTo']),           ENT_QUOTES);
   $ThuPostcodeTo       = htmlentities(isset($_POST['ThuPostcodeTo']),       ENT_QUOTES);
   $ThuMiles            = htmlentities(isset($_POST['ThuMiles']),            ENT_QUOTES);
   $FriTownFrom         = htmlentities(isset($_POST['FriTownFrom']),         ENT_QUOTES);
   $FriPostcodeFrom     = htmlentities(isset($_POST['FriPostcodeFrom']),     ENT_QUOTES);
   $FriTownTo           = htmlentities(isset($_POST['FriTownTo']),           ENT_QUOTES);
   $FriPostcodeTo       = htmlentities(isset($_POST['FriPostcodeTo']),       ENT_QUOTES);
   $FriMiles            = htmlentities(isset($_POST['FriMiles']),            ENT_QUOTES);
   $SatTownFrom         = htmlentities(isset($_POST['SatTownFrom']),         ENT_QUOTES);
   $SatPostcodeFrom     = htmlentities(isset($_POST['SatPostcodeFrom']),     ENT_QUOTES);
   $SatTownTo           = htmlentities(isset($_POST['SatTownTo']),           ENT_QUOTES);
   $SatPostcodeTo       = htmlentities(isset($_POST['SatPostcodeTo']),       ENT_QUOTES);
   $SatMiles            = htmlentities(isset($_POST['SatMiles']),            ENT_QUOTES);
   $SunTownFrom         = htmlentities(isset($_POST['SunTownFrom']),         ENT_QUOTES);
   $SunPostcodeFrom     = htmlentities(isset($_POST['SunPostcodeFrom']),     ENT_QUOTES);
   $SunTownTo           = htmlentities(isset($_POST['SunTownTo']),           ENT_QUOTES);
   $SunPostcodeTo       = htmlentities(isset($_POST['SunPostcodeTo']),       ENT_QUOTES);
   $SunMiles            = htmlentities(isset($_POST['SunMiles']),            ENT_QUOTES);
   $SumMiles            = htmlentities(isset($_POST['SunMiles']),            ENT_QUOTES);
   $MonCheck            = htmlentities(isset($_POST['MonCheck']),            ENT_QUOTES) ? 1 : 0;
   $TueCheck            = htmlentities(isset($_POST['TueCheck']),            ENT_QUOTES) ? 1 : 0;
   $WedCheck            = htmlentities(isset($_POST['WedCheck']),            ENT_QUOTES) ? 1 : 0;
   $ThuCheck            = htmlentities(isset($_POST['ThuCheck']),            ENT_QUOTES) ? 1 : 0;
   $FriCheck            = htmlentities(isset($_POST['FriCheck']),            ENT_QUOTES) ? 1 : 0;
   $SatCheck            = htmlentities(isset($_POST['SatCheck']),            ENT_QUOTES) ? 1 : 0;
   $SunCheck            = htmlentities(isset($_POST['SunCheck']),            ENT_QUOTES) ? 1 : 0;
   $MonHours            = htmlentities(isset($_POST['MonHours']),            ENT_QUOTES);
   $TueHours            = htmlentities(isset($_POST['TueHours']),            ENT_QUOTES);
   $WedHours            = htmlentities(isset($_POST['WedHours']),            ENT_QUOTES);
   $ThuHours            = htmlentities(isset($_POST['ThuHours']),            ENT_QUOTES);
   $FriHours            = htmlentities(isset($_POST['FriHours']),            ENT_QUOTES);
   $SatHours            = htmlentities(isset($_POST['SatHours']),            ENT_QUOTES);
   $SunHours            = htmlentities(isset($_POST['SunHours']),            ENT_QUOTES);
   $SumHours            = htmlentities(isset($_POST['SumHours']),            ENT_QUOTES);
   $MonTravel           = htmlentities(isset($_POST['MonTravel']),           ENT_QUOTES);
   $TueTravel           = htmlentities(isset($_POST['TueTravel']),           ENT_QUOTES);
   $WedTravel           = htmlentities(isset($_POST['WedTravel']),           ENT_QUOTES);
   $ThuTravel           = htmlentities(isset($_POST['ThuTravel']),           ENT_QUOTES);
   $FriTravel           = htmlentities(isset($_POST['FriTravel']),           ENT_QUOTES);
   $SatTravel           = htmlentities(isset($_POST['SatTravel']),           ENT_QUOTES);
   $SunTravel           = htmlentities(isset($_POST['SunTravel']),           ENT_QUOTES);
   $MonMealCheck        = htmlentities(isset($_POST['MonMealCheck']),        ENT_QUOTES) ? 1 : 0;
   $TueMealCheck        = htmlentities(isset($_POST['TueMealCheck']),        ENT_QUOTES) ? 1 : 0;
   $WedMealCheck        = htmlentities(isset($_POST['WedMealCheck']),        ENT_QUOTES) ? 1 : 0;
   $ThuMealCheck        = htmlentities(isset($_POST['ThuMealCheck']),        ENT_QUOTES) ? 1 : 0;
   $FriMealCheck        = htmlentities(isset($_POST['FriMealCheck']),        ENT_QUOTES) ? 1 : 0;
   $SatMealCheck        = htmlentities(isset($_POST['SatMealCheck']),        ENT_QUOTES) ? 1 : 0;
   $SunMealCheck        = htmlentities(isset($_POST['SunMealCheck']),        ENT_QUOTES) ? 1 : 0;
   $MonEveningMealCheck = htmlentities(isset($_POST['MonEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
   $TueEveningMealCheck = htmlentities(isset($_POST['TueEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
   $WedEveningMealCheck = htmlentities(isset($_POST['WedEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
   $ThuEveningMealCheck = htmlentities(isset($_POST['ThuEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
   $FriEveningMealCheck = htmlentities(isset($_POST['FriEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
   $SatEveningMealCheck = htmlentities(isset($_POST['SatEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
   $SunEveningMealCheck = htmlentities(isset($_POST['SunEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
   $MonOvernightCheck   = htmlentities(isset($_POST['MonOvernightCheck']),   ENT_QUOTES) ? 1 : 0;
   $TueOvernightCheck   = htmlentities(isset($_POST['TueOvernightCheck']),   ENT_QUOTES) ? 1 : 0;
   $WedOvernightCheck   = htmlentities(isset($_POST['WedOvernightCheck']),   ENT_QUOTES) ? 1 : 0;
   $ThuOvernightCheck   = htmlentities(isset($_POST['ThuOvernightCheck']),   ENT_QUOTES) ? 1 : 0;
   $FriOvernightCheck   = htmlentities(isset($_POST['FriOvernightCheck']),   ENT_QUOTES) ? 1 : 0;
   $SatOvernightCheck   = htmlentities(isset($_POST['SatOvernightCheck']),   ENT_QUOTES) ? 1 : 0;
   $SunOvernightCheck   = htmlentities(isset($_POST['SunOvernightCheck']),   ENT_QUOTES) ? 1 : 0;
   $DeclarationCheck    = htmlentities(isset($_POST['DeclarationCheck']),    ENT_QUOTES) ? 1 : 0;

Lazarix

Part 2:

//check that the required fields are not empty
if ($EmployeeName == '' || $EmployeeRef == '' || $DeclarationCheck == '')
		{
			$error = 'ERROR: Please fill in all required fields!';
			//renderForm($EmployeeName, $EmployeeRef, $DeclarationCheck, $error);
		}
else
		{
	//Insert the new record
	if ($stmt = $db->prepare("INSERT mileageform (EmployeeName,EmployeeRef,WeeksPerYear,MonTownFrom,MonPostcodeFrom,MonTownTo,MonPostcodeTo,MonMiles,TueTownFrom,TuePostcodeFrom,TueTownTo,TuePostcodeTo,TueMiles,WedTownFrom,WedPostcodeFrom,WedTownTo,WedPostcodeTo,WedMiles,ThuTownFrom,ThuPostcodeFrom,ThuTownTo,ThuPostcodeTo,ThuMiles,FriTownFrom,FriPostcodeFrom,FriTownTo,FriPostcodeTo,FriMiles,SatTownFrom,SatPostcodeFrom,SatTownTo,SatPostcodeTo,SatMiles,SunTownFrom,SunPostcodeFrom,SunTownTo,SunPostcodeTo,SunMiles,SumMiles,MonCheck,TueCheck,WedCheck,ThuCheck,FriCheck,SatCheck,SunCheck,MonHours,TueHours,WedHours,ThuHours,FriHours,SatHours,SunHours,SumHours,MonTravel,TueTravel,WedTravel,ThuTravel,FriTravel,SatTravel,SunTravel,MonMealCheck,TueMealCheck,WedMealCheck,ThuMealCheck,FriMealCheck,SatMealCheck,SunMealCheck,MonEveningMealCheck,TueEveningMealCheck,WedEveningMealCheck,ThuEveningMealCheck,FriEveningMealCheck,SatEveningMealCheck,SunEveningMealCheck,MonOvernightCheck,TueOvernightCheck,WedOvernightCheck,ThuOvernightCheck,FriOvernightCheck,SatOvernightCheck,SunOvernightCheck,DeclarationCheck,ip,created)
	 VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, INET_ATON(?))"))
			{
			$stmt->bind_param("sssssssssssssssssssssssssssssssssssssssiiiiiiisssssssssssssssiiiiiiiiiiiiiiiiiiiiiiss", $EmployeeName, $EmployeeRef, $WeeksPerYear, $MonTownFrom, $MonPostcodeFrom, $MonTownTo, $MonPostcodeTo, $MonMiles, $TueTownFrom, $TuePostcodeFrom, $TueTownTo, $TuePostcodeTo, $TueMiles, $WedTownFrom, $WedPostcodeFrom, $WedTownTo, $WedPostcodeTo, $WedMiles, $ThuTownFrom, $ThuPostcodeFrom, $ThuTownTo, $ThuPostcodeTo, $ThuMiles, $FriTownFrom, $FriPostcodeFrom, $FriTownTo, $FriPostcodeTo, $FriMiles, $SatTownFrom, $SatPostcodeFrom, $SatTownTo, $SatPostcodeTo, $SatMiles, $SunTownFrom, $SunPostcodeFrom, $SunTownTo, $SunPostcodeTo, $SunMiles, $SumMiles, $MonCheck, $TueCheck, $WedCheck, $ThuCheck, $FriCheck, $SatCheck, $SunCheck, $MonHours, $TueHours, $WedHours, $ThuHours, $FriHours, $SatHours, $SunHours, $SumHours, $MonTravel, $TueTravel, $WedTravel, $ThuTravel, $FriTravel, $SatTravel, $SunTravel, $MonMealCheck, $TueMealCheck, $WedMealCheck, $ThuMealCheck, $FriMealCheck, $SatMealCheck, $SunMealCheck, $MonEveningMealCheck, $TueEveningMealCheck, $WedEveningMealCheck, $ThuEveningMealCheck, $FriEveningMealCheck, $SatEveningMealCheck, $SunEveningMealCheck, $MonOvernightCheck, $TueOvernightCheck, $WedOvernightCheck, $ThuOvernightCheck, $FriOvernightCheck, $SatOvernightCheck, $SunOvernightCheck, $DeclarationCheck, $ip, $created);
			$stmt->execute();
			$stmt->close();
			}
		// show an error if the query has an error
		else
			{
			echo "ERROR: Could not prepare SQL statement. Your Mileage form has not been submitted successfully.";
			}
		}
	}


//declare in the order variable
$db->close();

?>

So, i've declared: $created = date("d-m-Y H:i:s");
but it doesn't seem to be inserting.
Is it because the declaration is in the wrong location?

Derokorian

You need another question mark after INET_ATON. Also instead of setting a PHP variable you can just use the mysql function NOW().

Lazarix

If I use the function NOW() then it returns:

Fatal error: Call to undefined function NOW()

I'm not concerned about that at the moment.

After adding in the question mark at the end (and removing one preceeding the INET_ATON), it now inserts data into mysql!
Yay!

However...
oddly enough, it's only inserting either 1 or 0 values across the board, as opposed to actual values.
I.E.:

idnumber;"employeename";"employeeref";"weeksperyear";"montownfrom";"monpostcodefrom";"montownto";"monpostcodeto";"monmiles";"tuetownfrom";"tuepostcodefrom";"tuetownto";"tuepostcodeto";"tuemiles";"wedtownfrom";"wedpostcodefrom";"wedtownto";"wedpostcodeto";"wedmiles";"thutownfrom";"thupostcodefrom";"thutownto";"thupostcodeto";"thumiles";"fritownfrom";"fripostcodefrom";"fritownto";"fripostcodeto";"frimiles";"sattownfrom";"satpostcodefrom";"sattownto";"satpostcodeto";"satmiles";"suntownfrom";"sunpostcodefrom";"suntownto";"sunpostcodeto";"sunmiles";"summiles";"moncheck";"tuecheck";"wedcheck";"thucheck";"fricheck";"satcheck";"suncheck";"monhours";"tuehours";"wedhours";"thuhours";"frihours";"sathours";"sunhours";"sumhours";"montravel";"tuetravel";"wedtravel";"thutravel";"fritravel";"sattravel";"suntravel";"monmealcheck";"tuemealcheck";"wedmealcheck";"thumealcheck";"frimealcheck";"satmealcheck";"sunmealcheck";"moneveningmealcheck";"tueeveningmealcheck";"wedeveningmealcheck";"thueveningmealcheck";"frieveningmealcheck";"sateveningmealcheck";"suneveningmealcheck";"monovernightcheck";"tueovernightcheck";"wedovernightcheck";"thuovernightcheck";"friovernightcheck";"satovernightcheck";"sunovernightcheck";"declarationcheck";"ip";"created"
2;"1";"1";"0000-00-00";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"0";"0";"0";"0";"0";"0";"1";"1";"1";"1";"1";"1";"1";"0";"1";"1";"1";"1";"1";"1";"1";"1";"0";"0";"0";"0";"0";"0";"1";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"1";"2140706433";"28"
3;"1";"1";"0000-00-00";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"0";"0";"0";"0";"0";"0";"1";"1";"1";"1";"1";"1";"1";"0";"1";"1";"1";"1";"1";"1";"1";"1";"0";"0";"0";"0";"0";"0";"1";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"1";"2140706433";"28"

Lazarix

This last one is bugging the hell out of me
I can't figure out why it's posting 1's and 0's...

Lazarix

Don't suppose you have any ideas Derokorian?

NogDog

Sounds like the "NOW()" is being interpreted as a PHP function call, which suggests it's not properly in your SQL string (you want it to be called as a MySQL function).

// correct
$sql = "INPUT INTO table_name (datetime_column) VALUES (NOW())";

// incorrect
$sql = "INPUT INTO table_name (datetime_column) VALUES (" . NOW() . ")";