Hi,

You'll find form vars in the $_POST [php.net] super global array.

Nick

the set up you have there will only work if register_globals is set to on. It is posting to itself, which is fine, though I usually use two seperate files.

$iq = "insert video1 (namn, nummer, tid) values ('",$HTTP_POST_VARS[namn],"', '",$HTTP_POST_VARS[nummer],"','", $HTTP_POST_VARS[tid],"')";

$dbinfo = mysql_db_query("video",$iq);

I think got all of the quotes right.

It is posting to itself, which is fine, though I usually use two seperate files.

Personally, I find the "self-processing" form approach to be a great way to organize my thoughts and my code. In fact, I have a pet project web app that is basically a several thousand line self-processing form. (It doesn't have to use or even load anywhere near all of the code for any given request/)

It is important to understand what you are doing when you write them, though. This page, for example, will display the form again when it is submitted. Unless I'm missing something, there will be no indication to the person submitting the form that anything happened. That's almost certainly a bad thing.

another thing to be very careful of when posting to the same page is what happens when someone refreshes the page.

If you are passing vars to it then it may insert double rows, send double emails or whatever the form does. If it is a seperate processing script it is easier to make sure it only does what is requested and steer away from weird behaviours.

There is a lot more error checking and possible problems with posting to self.

Any form submission that isn't idempotent should have some check for duplicate submissions to deal with refresh. It's not an issue specific to self-processing forms. In fact, the contact form on one of my domains has separate processing and still suffers the duplicate e-mail problem. I just don't worry about it in that case because I'd rather put up with the occasional double-submit than add enough complexity to the script to notice duplicates.

The extra care needed to make self-processing work right is real. I find the mental organization useful rather than off-putting, though.

>>I find the mental organization useful

I guess part of the reason I do them seperately is the way it sorts in my head. It makes more sense to me that way.

I still think it is much easier to make mistakes when self processing, especially for people who are newer to scripting than if they are seperate. I guess I just see it happen more with self processed scripts.

I was recently working with an open source cms type app and it was all self processed and it wreaked havoc. I had to rewrite large chunks of it to get it to work. Supposedly this is the best free solution in its particular market too.

Purely, in my experience.

i am yhe only one who is gonna use this and it is all my video tapes så i kan find witch tape they are on so it don do anny thing that the form is apears again

hello i cant get it to work

is teher some one who can help me and make the hole file så it works write all the scirpt whwn you are finished pleas so i can get it working

i need this

you can split it up like you want so it will be easyer for you and i can learn it

thanks

are you getting a specific error that you can tell us? If we know exactly how it isn't working it would be easier to give you an answer.

i have change very mutch så i cant tell you wat the error message is becaus it is o many different mesages but if you make a database "video" whit table "video1" and columns "namn, nummer, tid" (they are char (50)) and an id that are pimary key and counts self
than you can try to fix the file

the problem is that i cant write anything in to my database when i try to things hapend

1. i get nothing in my database

2. the results from the database is always whatever i write
namn =namn nummer=nummer tid=tid

i cant find the real problem inthe script i think i have tried evertihng but probably not

Splitting up form generation and form processing makes it a lot harder to generate the form again if there are errors in the supplied data. You do show any error messages on the same page the form in on and where any values the user already supplied are preset, don´t you.

Having the whole generation and error checking in one file is so much nicer. The actual processing of data might be moved to a different file.

This is the structure of a form processing script. The form is contained in a template. The form processing script is included into the actual page. This way the form does not bother you when you edit the actual page where it is contained. You can edit the processing script separately. The layout of the form is separated from the processing code.

if (posted) { 
 check for errors 
 if (errors == 0) { 
  process data 
  let user know everything was ok 
 } else { 
  format error message 
 } 
} 
show form

Andreas

well let's go through this piece by piece and see if we can see what is going on. Your form as posted above is fine and I will use it as is.

I will try to make it step by step, trying not to do too more than one thing in each line.

Your form will post the information entered into the associative array [php.net] $HTTP_POST_VARS ($_POST [php.net] can be used for versions after, and including, 4.1.0) you will need to access the values in that array so that you can construct your query.

We will take the values out of the post array and put them into other variables. We will access the values by using the name/index in single quotes.

$namn = $HTTP_POST_VARS['namn'];
$nummer = $HTTP_POST_VARS['nummer'];
$tid = $HTTP_POST_VARS['tid'];

now we need to build our insert [mysql.com] query $iq

$iq = "insert into video1 values ('" . $namn . "','" . $nummer . "','" . $tid . "');
for this particular method of insert you need to make sure your columns are in the right order

now connect to the mysql server
$connection = mysql_connect("localhost","username","password") or die (mysql_error());

this makes sure that if it doesn't connect that it gives us the error message to help figure out why.

select the the db and then run the query
mysql_select_db ("video") or die (mysql_error());

mysql_query($iq) or die (mysql_error());

then close the connection
mysql_close ($connection);

the mysql functions [php.net]

that pretty much says it all. If you get any errors then you can deal with them as they arise.

In addition to Adam´s detailed howto you might want to consider this:

A user might insert malicious SQL code into your form. This is solved by escaping backslashes, null-bytes and single quotes with the addslashes function. If magic_quotes_gpc is on then PHP will automatically escape those characters in all data from GET and POST actions and from COOKIEs.

Andreas