Forum Moderators: coopster
heres what comes up when i try to use it:
could not post message because of error:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '["name"],$_POST["message"])' at line 2
[edited by: coopster at 2:43 am (utc) on Dec. 15, 2007]
[edit reason] no personal urls please TOS [webmasterworld.com] [/edit]
Looks like it was a syntax error in that you had double quotes around your array indexes which were inside single quotes. When you have a variable (including an index scalar) inside single quotes, the engine will not interpolate or recognize the variable as something it is supposed to parse. For future reader awareness, you can either switch to double quotation marks around the string or concatenate the strings.
Basic processing.php form for entering form data into a database:
<?
$name=$_POST['name'];
$email=$_POST['email'];
$location=$_POST['location'];
mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());
mysql_query("INSERT INTO `data` VALUES ('$name', '$email', '$location')");
Print "Your information has been successfully added to the database.";
?>
I have named my fields like this in my form:
<td width="25%" height="38"><font size="2"><b>Customer Representative:</b> <input type="text" name="customerrep_id" size="20" maxsize="20" /></font></td>
To bring that code into proper function, I would need to make that "customerrep_id" into a variable, right? Then, from there, list it into the Insert statement like the variables listed in the example...Is this the correct way to do this?
My attempt:
<?
$customerrep='customerrep_id'
$customerrep=$_POST['customerrep_id']
mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());
mysql_query("INSERT INTO `data` VALUES ('$customerrep')");
Print "Your information has been successfully added to the database.";
?>
I have a massive database to complete tonight and need to get cracking before it's due. Can someone please advise asap? Help a fellow programmer.This is the final point to my final project of the year and it's paying for the last few late presents for my daughter that I have on order to pick up. HELP!
Thanks and HAPPY HOLIDAYS!
If you are paid for you should be more cautious
Do not use short tag use <?php
Soon it won’t work (php 6)
Check if the values are in
Check if you data are the expected one
DO NOT ENTER IN YOUR DB NON CLEANED VALUE
Or you’ll be in for an “aftershock”
As is it was not tested but you should be able to fix it if needed
<?php
$customerrep_id=$_POST['customerrep_id'];
if (empty($customerrep_id))
{
echo"<a href etc.. >enter your ID</a>";
exit(); // stop exec here
}
if(!preg_match("/^[0-9]$/",$customerrep_id))
{
echo" send them back to the original form, explain what's wrong
eventualy if you know how save the good answers so the user does not need doing it again
search here.. for that ...";
}
$username=$_POST['username'];
if (empty($username))
{
echo"<a href etc.. >enter your username</a>";
exit(); // stop exec here
}
if (!preg_match("/^[0_9A-Za-z0-9\]*$/",$username) )
{
echo" send them back to the original form, explain what's wrong only allow for alphanumerical char and no space
eventualy if you know how save the good answers so the user does not need doing it again
search here.. for that ...";
}
$email=$_POST['email'];
if (empty($email))
{
echo"<a href etc.. >enter your email</a>";
exit(); // stop exec here
}
$regexp = "^([_a-z0-9-]+)(\.[_a-z0-9-]+)*@([a-z0-9-]+)(\.[a-z0-9-]+)*(\.[a-z]{2,4})$";
if (!eregi($regexp, $email))
{
echo "The email should ONLY contain Alphanumerical Characters! (Alphabetical and numeric) And: @ and - or_ <br>
<b>You entered: $email</b><br>
echo"<a href etc.. >enter your username</a>";
exit(); // stop exec here
}
$location=$_POST['location'];
if (empty($location))
{
echo"<a href etc.. >enter your location</a>";
exit(); // stop exec here
}
// works for a street address, then ask for city, zip et...
if (!preg_match("/^[A-Za-z0-9\ ]*$/",$location) )
{
echo" send them back to the original form, explain what's wrong allow only for alphanumerical char and space
eventualy if you know how save the good answers so the user does not need doing it again
search here.. for that ...";
}
if
(isset($_POST['customerrep_id']) &&!empty($_POST['customerrep_id'])&&
isset($_SESSION['username']) &&!empty($_SESSION['username'])&&
isset($_POST['email']) &&!empty($_POST['email'])&&
isset($_POST['location']) &&!empty($_POST['location']) )
// don't worry about ID, it is checked for numeric ONLY
$username=mysql_real_escape_string($username) ;
$email=mysql_real_escape_string($email) ;
$location=mysql_real_escape_string($location) ;
mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());
$query = "INSERT INTO data (customerrep_id, username, email, location)
VALUES ( '$customerrep_id', '$username', '$email', '$location')";
$result= mysql_query ($query);
if($result)
{
echo "Your information has been successfully added to the database.";
}
else
{
echo"hmm I sc...up!";
}
?>
<edit> fixed a {} </edit>
code :
<?
$customer=$_POST['company_id'];
$jobnum=$_POST['job_num_id'];
$partdes=$_POST['part_description_id'];
$fieldadmin=$_POST['filed_admin_id'];
$dateofjob=$_POST['date_id'];
$shift=$_POST['shift_id'];
$customerrep=$_POST['customer_rep_id'];
$plantcon=$_POST['plant_contact_id'];
$location=$_POST['location_id'];
$prepby=$_POST['prep_by_id'];
$sortrate=$_POST['sort_rate_id'];
$estimated=$_POST['estimated_id'];
$sort=$_POST['sort_id'];
$rework=$_POST['rework_id'];
$attachprodcert=$_POST['attach_prod_cert_id'];
$custchange=$_POST['customer_changed_id'];
$parttoolnum=$_POST['part_tool_num_id'];
$qtyproc=$_POST['qty_processed_id'];
$d1s=$_POST['d_1_s_id'];
$d1r=$_POST['d_1_r_id'];
$d2s=$_POST['d_2_s_id'];
$d2r=$_POST['d_2_r_id'];
$d3s=$_POST['d_3_s_id'];
$d3r=$_POST['d_3_r_id'];
$d4s=$_POST['d_4_s_id'];
$d4r=$_POST['d_4_r_id'];
$d5s=$_POST['d_5_s_id'];
$d5r=$_POST['d_5_r_id'];
$d6s=$_POST['d_6_s_id'];
$d6r=$_POST['d_6_r_id'];
$ncrtot=$_POST['nc_right_total_id'];
$bqtyproctot=$_POST['bottom_qty_proc_total_id'];
$totcontain=$_POST['total_contained_id'];
$totscrap=$_POST['total_scrapped_id'];
$totrework=$_POST['total_reworked_id'];
$totconfirm=$_POST['total_confirming_id'];
$defectdescript=$_POST['defect_descriptions_id'];
$operator=$_POST['operator_id'];
$inid=$_POST['in_id'];
$outid=$_POST['out_id'];
$tothours=$_POST['total_hours_id'];
$comnotes=$_POST['comments_notes_id'];
$workremain=$_POST['work_remaining_id'];
mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());
mysql_query("INSERT INTO `data` VALUES ('$customer', '$jobnum', '$partdes', '$fieldadmin', '$dateofjob', '$shift', '$customerrep', '$plantcon', '$location', '$prepby', '$sortrate', '$estimated', '$sort', '$rework', '$attachprodcert', '$custchange', '$parttoolnum', '$qtyproc', '$d1s', '$d1r', '$d2s', '$d2r', '$d3s', '$d3r', '$d4s', '$d4r', '$d5s', '$d5r', '$d6s', '$d6r', '$ncrtot', '$bqtyproctot', '$totcontain', '$totscrap', '$totrework', '$totconfirm', '$defectdescript', '$operator', '$inid', '$outid', '$tothours', '$comnotes', '$workremain')");
Print "Your information has been successfully added to the database.";
?>
I have to do two things here for the most immediate part of what I'm doing.
1. make this form work. 2. add an update/edit option to it.
Can you help me with those two issues?
I'm having no progress with it. Need a new pair of eyes.
I don't know why he wants it that way but have to make it work for this form.
Thanks for your help.
