Change this:

or die('Error, insert query failed');

To the following and give the error shown:

or die([url=http://www.php.net/mysql-error]mysql_error[/url]());

To get the reason (and real error message), use this:
mysql_query($query) or die(mysql_error());

instead of this:
mysql_query($query) or die('Error, insert query failed');

Do you have update access to the table? The mysql_query() function will also return FALSE if it cannot be executed due to missing permissions.

Calling mysql_error() right after mysql_query() should give a good indication why the call failed.

<added>
Three people with almost identical replies within one minute. Must be a hot topic :)
</added>

thanks, heres what i get now when replaced the line as suggested -

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'priv) VALUES ('http://www.example.com', '', '', '', 'Y', 'Y', 'Y')' at line 1

I dont have any manuals, and yes i do have access to the database via myphpadmin, and my mysql version is 4.1.22

:)

You accidentally keyed a space in your column name

update_ priv

BTW, if you are on the internet, which it seems you are, you do indeed have access to the manual
[dev.mysql.com...]
;)

It will quickly become one of your most valuable resources.

d'oh!

internet? whats that then? :p

Got some more errors..but its saying the database soemthing or other doesn't exist..should be able to fix that one..

Once i come across another one that stumps me, then you'll soon know ;)

thanks

:)

Ok..i have a new error

Its saying

Table 'dbname.dbname' doesn't exist

Where dbname is the name of the database, it says it doesn't exist, well it does, but why is echoed twice? And why is it called a table?

The line in my first post, is now changed to this -

$query = "INSERT INTO $dbname (host, Name, Email, Comments, select_priv, insert_priv, update_priv) VALUES ('$dbhost', '$name', '$email', '$message', 'Y', 'Y', 'Y')";
mysql_query($query) or die(mysql_error());

This is where the error is been generated, no where else does it say die(mysql_error()) to give me an error message as suggested in this topic. So it must be somewhere along that line. I've checked several times that everything is correct, the name, the password, user etc..but i cant figure out why it says that the table doesn't exist..i'm not asking it to write to a table called that within the database.

Any ideas?

:)

INSERT INTO $dbname ...

i'm not asking it to write to a table called that within the database

Well, you can't be sure about your above statement until you peek into what content is in your $dbname variable.

In such cases, some debug echos like
echo "Trying to insert into $dbname <br>\n";
or
echo "This is my query string: $query <br>\n";
always help a lot.

And finally, be sure to supply a tablename
to the INSERT statement, not a pure dbname.

Kind regards,
R.

weird and wonderful error messages now..well..they are to me anyway..

Again, coming from this line

$query = "INSERT INTO guestbook ($dbhost, Name, Email, Comments, select_priv, insert_priv, update_priv) VALUES ('$dbhost', '$name', '$email', '$message', 'Y', 'Y', 'Y')";
mysql_query($query) or die(mysql_error());

In place of $dbhost:

host -
Unknown column 'host' in 'field list'

my website domain name (example.co.uk)
Unknown table 'example.co' in field list
(it misses off the .uk)

If i get rid of it altogether
Column count doesn't match value count at row 1

None of which makes much sense to me. I think i've now sorted out the previous problems, due to me not knowing how to create the tables and rows properly in phpmyadmin.

What does all this mean?
I've tried the 'trial and error' method, but i've ran out of trials and upto my eyeballs in errors...

:)

you have 7 columns/values there, it looks like the problem one is the first one, you don't seem to have the right name.

what are the names of all the columns in the guestbook table?

the fields in the table are 'Name', 'Email' and 'Comments'.

I thought the select_priv, insert_priv, update_ priv are functions of some kind to do with the mysql? Hence the "Y" (for yes..?) in the 2nd set of brackets.

And obviously host been the host...do i just need those field values in the brackets and not anything else? And why is it in there twice?

thanks

:)

if you are sure, via phpmyadmin or other, that those are the only fields in the guestbook table and those are their exact names then you should only need to have those 3 field/value pairs in your insert query

something like

INSERT INTO guestbook (Name, Email, Comments) VALUES ('$name', '$email', '$message')

though the other names look like they may be settings that also are stored in the same rows

Thanks

Now i get to the next bit and another error

$query = "$FLUSH PRIVILEGES";
mysql_query($query) or die('Error, inserting failed...');

Cant work out what the $FLUSH PRIVILEGES is for. Even searching on google doesn't realyl help me much..unless i'm looking in the wrong places. Something to do with replacing privelages. But i dont think i need to. I just need to update the database tables with some data from the form.

Followed by a confirmation message and a redirect back to a page.

Another question is, how come the form data is in the url? Is it the $_POST thats doing that? I read somewhere about differing ways of fetching data form, one way puts it in the url and the other doesn't. But i thought $_POST doesn't put the data in the url?

I'm not sure what that would be there for either

the form data in the url

check what your form tag has in it, the mthod portion should be

method="post"

if it is get then it will go to the url.

if it is in the url and you don't see $_GET used in the script then register_globals may be on which isn't good

[php.net...]

ok..thanks. Missed off the method="post" in the form..d'oh!

I have now replaced the flush privelage lines with a simple echo statement. And those now appear when i complete the form. No other errors appear.

I've now worked out how to retrieve the data from the table. However..a new problem (surprise surprise).

It looks like theres something in the database, as its echoing the html several times on the page, like name and comments. But nothing is appearing where the data should be.

So..basically..the form is working, its submitting to the database. However, it doesn't look like its storing it correctly, or something like that. But its creating the rows and such as each time i fill out the form, it adds another bit onto the page where i print the results. So, it looks like the form is now working.

Thats how i'm calling the results up.
Pretty sure all the names are correct, as in names of databases and tables and rows, fields etc...Its just not printing the actual database data.

<?php
// get the important bits and bobs
include 'config.php';
include 'opendb.php';
// collect data from table
$data = mysql_query ("SELECT * FROM guestbook")
or die (mysql_error());
$info = mysql_fetch_array ( $data );

while ($info = mysql_fetch_array( $data ))
{
echo "<p>Name: " .$info['Name'] . "</p>";
echo "<p>Comment: " .$info['Comments'] . "<br />-------------------------------</p>";
}
?>

echo '$info = <pre>';
print_r($info);
echo '</pre>';
while ($info = mysql_fetch_array( $data ))
{
echo "<p>Name: " .$info['Name'] . "</p>";
echo "<p>Comment: " .$info['Comments'] . "<br />-------------------------------</p>";
} 

As this should show you the contents of the $info array.
You can then see if the $info array contains what you expected.

thanks..

doesn't look like the array contains anything

$info =

Array
(
[0] =>
[Name] =>
[1] =>
[Email] =>
[2] =>
[Comments] =>
)

so the database isn't storing the info, or its not been sent properly..

is that right?

:)

it could be the insert, try using the $_POST vars

$query = "INSERT INTO guestbook (Name, Email, Comments) VALUES ('" . $_POST['name'] . "', '" . $_POST['email'] . "', '" . $_POST['message'] . "')";

that might work

A very serious warning here though.

All user supplied data MUST be cleaned before inserting directly into your database, this is testing so I have not addressed that in the above code.

Thanks. Yeah, i want to get the basics right, learn how it works and get it working first. And then concentrate on security. Theres no way i'd want a script this basic on any website ;)

But that option of sticking the $_POST in there doesnt work. Doesn't create any errors, just doesn't make anything appear in both the displaying of the database contents and the array function thingymigig that returned nothing..

:)

my guess is you are inserting blank variables then

1. what are the actual names of the elements from the form?

2. what happens if you put this at the top of your processing script?

echo '<pre>';
print_r($_POST);
echo '</pre>';

hmmm...

theres only 3 elements - name email and comments. But only name and comments are displayed on the page. Is it me or is there no where to put the database user? Surely you need to tell something what user to use to access the database with? The user is is in the config file, so its set, ready to be used..but its not actually called up by the script to put the stuff in the database...

And this is displayed when putting that bit of code at the top

$info =

Array
(
[0] =>
[Name] =>
[1] =>
[Email] =>
[2] =>
[Comments] =>
)

:)

Was the array from your last post the POST array? Are you using post or get to send the information from the form to the database?

As if it was then you are not getting any information sent through the POST array. Just to check try the GET and REQUEST arrays as well. This needs to go on the page where the users comments are processed, so that may not be the same page as you are doing all of your database stuff.

echo '<pre>POST'; // already know the answer, but just in here for completeness ;)
print_r($_POST);
echo 'GET';
print_r($_GET);
echo 'REQUEST';
print_r($_REQUEST);
echo '</pre>'

The database user will be in your code that connects to the database, and if separate from the form where people can leave there comments. So somewhere in your script you have something along the lines of mysql_connect(...stuff...), this is the code that tells the database what user, password and so on.

as a side note for clarity

we would like you to enter some fake/test data into the form and then submit it, if you leave it empty then it compounds the mystery :)

Thanks

I do indeed fill out the fields to test the form, such as "test name" or "test message" etc..

echo '<pre>POST';
print_r($_POST);
echo 'GET';
print_r($_GET);
echo 'REQUEST';
print_r($_REQUEST);
echo '</pre>';

You missed a ; off the end btw ;)

Anyway..the post and get produce nothing. However, the request does.

REQUESTArray
(
[__utma] => 197933741.1388232711.1186600464.1201035386.1201038087.114
[__utmz] => 197933741.1197071840.63.6.utmccn=(organic)Šutmcsr=googleŠutmctr=part of my page titleŠutmcmd=organic
)

And i have no idea what that means..never seen anything like it before..

Figured out the connect now with regards to the user/pass etc..

:)

it seems odd that the POST and GEt arrays are empty if you have data in there

maybe post a bit of code

how about the form (hopefully not too long)

and then the basics of the processing script

Sure..

the form -

<form action="process.php" method="post">
Name: <input type="text" name="name" id="name"><br />
Email: <input type="text" name="email" id="email"><br />
Message: <input type="text" name="message" id="message"><br />
<input type="submit" value="submit">
</form>

Do the names/id's need to correspond with the fields in the database?

And the processing bit

<?php
// include the config and open database files
include 'config.php';
include 'opendb.php';
// next, we need to do something
// Variables from the form that is sent to this page
$name = $_POST['Name'];
$email = $_POST['Email'];
$message = $_POST['Comments'];
//Talk to the database, and insert stuff into it
$query = "INSERT INTO guestbook (Name, Email, Comments) VALUES ('" . $_POST['name'] . "', '" . $_POST['email'] . "', '" . $_POST['message'] . "')";
echo "post succesful, i think. link back to the guestbook";
// Last - we need to close the connection
mysql_close ($conn);
?>

Thats it..

:)

alright

here's one issue, capitalization

$name = $_POST['Name'];
$email = $_POST['Email'];
$message = $_POST['Comments'];

should be

$name = $_POST['name'];
$email = $_POST['email'];
$message = $_POST['comments'];

the array elements need to match the names of the form elements exactly

I have a hard time understanding the print_r output you posted above because it had caps in it. This either came from something else or it came from a different form.

try using this as process.php

<?php
echo '<pre>POST';
print_r($_POST);
echo 'GET';
print_r($_GET);
echo 'REQUEST';
print_r($_REQUEST);
echo '</pre>';
/*
// include the config and open database files
include 'config.php';
include 'opendb.php';
// next, we need to do something
// Variables from the form that is sent to this page
$name = $_POST['Name'];
$email = $_POST['Email'];
$message = $_POST['Comments'];
//Talk to the database, and insert stuff into it
$query = "INSERT INTO guestbook (Name, Email, Comments) VALUES ('" . $_POST['name'] . "', '" . $_POST['email'] . "', '" . $_POST['message'] . "')";
echo "post succesful, i think. link back to the guestbook";
// Last - we need to close the connection
mysql_close ($conn);
*/
?>

it should just output the posted stuff since all else is commented

>> Do the names/id's need to correspond with the fields in the database?

no, lots of people match them for clarity but it is not required

thanks

Seems to working at long last!

I got rid of the capital letters you said, and also added in

mysql_query($query) or die(mysql_error());

just before the echo "post successful etc etc";

However..it doesn't seem to display the database when theres only 1 result in there. I cleared the database and submitted a test.

I did another test, and that one appeared, but not the first. Another test, and that one also appears, as well the 2nd.

Just need to work out how to stick a date/time on each post and sort the order differently..but any clues as to this new problem?

:)