Page 1 of 1

Another date Problem - If any php God is there please help.

Posted: Sat May 16, 2009 12:56 pm
by Ddywalgi
Hi I am trying to add a date field to my form.
I have tried for several days to try and make this date work.
All the other aspects of the form work ok but I cannot get the date to work.

The code is below
I have broken the date up into ddmmyyyy put the parts back together then put it into a field but I am still getting no result.

Please if someone can understand where my coding is going wrong I would appreciate it as I don't get any errors by which to work this.
Many Appreciations

Sean

Code: Select all

require_once ('../mysql_connect.php'); // Connect to the database.
 
if (isset($_POST['submitted'])) { // Handle the form.
 
    // Check for a URL.
    if (eregi ('^([[:alnum:]\-\.])+(\.)([[:alnum:]]){2,4}([[:alnum:]/+=%&_\.~?\-]*)$', $_POST['url'])) {
        $u = escape_data($_POST['url']);
    } else {
        $u = FALSE;
        echo '<p><font color="red">Please enter a valid URL!</font></p>';
    }
    
    // Check for a URL title.
    if (!empty($_POST['title'])) {
        $t = escape_data($_POST['title']);
    } else {
        $t = FALSE;
        echo '<p><font color="red">Please enter a URL name/title!</font></p>';
    }
    
[color=#800000]        // Check for a Date. I have broken the DATE up into ddmmYYYY
    if (eregi ("^([0-9]{2})/([0-9]{2})/([0-9]{4})$", $_POST['date_added'], $parts)) {
        $p = escape_data($_POST['date_added'], $parts);
    } else {
        $p = FALSE;
        echo '<p><font color="red">Please enter a valid Date!</font></p>';
    }[/color]
 
        
    // Check for a description.
    if (!empty($_POST['description'])) {
        $d = escape_data($_POST['description']);
    } else {
        $d = FALSE;
        echo '<p><font color="red">Please enter a description!</font></p>';
    }
    
    // Check for a category.
    if (isset($_POST['types']) && (is_array($_POST['types']))) {
        $type = TRUE;
    } else {
        $type = FALSE;
        echo '<p><font color="red">Please choose a client!</font></p>';
    }
        
    if ($u && $t && $d && $type) { // If everything's OK.
    
[color=#800000]    // Reassemble the date of publishing into database format - I am putting the parts together
             $p = " \"$parts[2]-$parts[1]-$parts[0]\"";[/color]
 
        // Add the URL to the urls table.
        $query = "INSERT INTO urls (url, title, description, date_added) VALUES ('$u', '$t', '$d', '$p')";      
        $result = @mysql_query ($query); // Run the query.
        $uid = @mysql_insert_id(); // Get the url ID.
 
        if ($uid > 0) { // New URL has been added.
        
            // Make the URL associations.
            
 
            // Build the query.
            $query = 'INSERT INTO url_associations (url_id, url_category_id, approved) VALUES ';
            foreach ($_POST['types'] as $v) {
                $query .= "($uid, $v, 'Y'), ";
            }
            $query = substr ($query, 0, -2); // Chop off the last comma and space.
 
            $result = @mysql_query ($query); // Run the query.
            
            if (mysql_affected_rows() == count($_POST['types'])) { // Query ran OK.
            
                echo '<p><b>Thank you for your submission!</b></p>';
                $_POST = array(); // Reset values.
                
            } else { // If second query did not run OK.
            
                echo '<p><font color="red">Your submission could not be processed due to a system error. We apologize for any inconvenience.</font></p>'; // Public message.
                echo '<p><font color="red">' . mysql_error() . '<br /><br />Query: ' . $query . '</font></p>'; // Debugging message.
                
                // Delete the URL from the urls table.
                $query = "DELETE FROM urls WHERE url_id=$uid";
                @mysql_query ($query); // Run the query.
                
            } // End of mysql_affected_rows() IF.
            
        } else { // If first query did not run OK.
            echo '<p><font color="red">Your submission could not be processed due to a system error. We apologize for any inconvenience.</font></p>'; // Public message.
            echo '<p><font color="red">' . mysql_error() . '<br /><br />Query: ' . $query . '</font></p>'; // Debugging message.
        }       
 
    } else { // If one of the data tests failed.
        echo '<p><font color="red">Please try again.</font></p>';       
    }
 
} // End of the main submitted conditional.
// --------- DISPLAY THE FORM ---------
?>
<style type="text/css">
<!--
.highlight {
    color: #F00;
}
-->
</style>
 
<form action="add_url.php" method="post">
 
    <fieldset><legend><strong>Please complete the form below to submit a News Feed:</strong>    </legend>
      <div>
        <p><b>URL of News Feed:</b>        </p>
        <blockquote>
          <blockquote>
            <blockquote>
              <p>
                <input type="text" name="url" size="120" maxlength="220" value="<?php if (isset($_POST['url'])) echo $_POST['url']; ?>" />
              </p>
            </blockquote>
          </blockquote>
        </blockquote>
      </div>
      <div>
      <blockquote>
        <blockquote>
          <blockquote>
            <p><span class="highlight"><small><strong><u>Do NOT</u> include the initial <i><u>http://</u></i></strong></small></span> </p>
          </p>
          </blockquote>
        </blockquote>
      </blockquote>
    </div>
    </fieldset>
    <fieldset>
    <div><b>Title of the News Feed:</b></p>
    
    <blockquote>
      <blockquote>
        <blockquote>
           
            
             <div align="left">
               <input type="text" name="title" size="80" maxlength="150" value="<?php if (isset($_POST['title'])) echo $_POST['title']; ?>" />
            </div>
         
        </blockquote>
      </blockquote>
  </blockquote></div> </fieldset>
  
      <fieldset>
    <div><b>Date News Feed Published:</b></p>
    
    <blockquote>
      <blockquote>
        <blockquote>
            [color=#800000] <div align="left">//ADDING The Date field on the form
               <input type="text" name="date_added" size="40" maxlength="40" value="<?php if (isset($_POST['date_added'], $parts)) echo $_POST['date_added']; ?>" /><span class="date">*(dd/mm/yyyy)[/color]
            </div>
        </blockquote>
      </blockquote>
  </blockquote></div> </fieldset>
  
  
    <fieldset>
    <div><b>Description of the News Feed:</b><div> 
        <blockquote>
          <blockquote>
            <blockquote>
              <p name="description" cols="40" rows="5">
                <textarea name="description" cols="60" rows="5"><?php if (isset($_POST['description'])) echo $_POST['description']; ?></textarea>
              </p>
            </blockquote></blockquote></blockquote>
        </div>
      </div>
      <div><b>News Feed Client:</b> <div>
        <blockquote>
          <blockquote>
            <blockquote>
              <p name="types[]" multiple="multiple" size="5">
                <select name="types[]">
                  <?php // Create the pull-down menu information.
    $query = "SELECT * FROM url_categories ORDER BY url_category_id ASC";       
    $result = @mysql_query ($query);
    while ($row = mysql_fetch_array ($result, MYSQL_NUM)) {
        echo "<option value=\"$row[0]\"";
        // Make sticky, if necessary.
        if (isset($_POST['types']) && (in_array($row[0], $_POST['types']))) {
            echo ' selected="selected"';
        }
        echo ">$row[1]</option>\n";
    }
     ?>
                </select>
              </p>
            </blockquote></blockquote></blockquote>
        </div>
        <input type="hidden" name="submitted" value="TRUE" />
    </div>
    </fieldset>
    <div align="center"><input type="submit" name="submit" value="Submit" /></div>
 
</form>
<?php

Re: Another date Problem - If any php God is there please help.

Posted: Sat May 16, 2009 6:26 pm
by ldougherty
What exactly isn't working?? I copied the form aspect of your code to my web server and the form works fine or displays fine anyhow. The date field you are using is just a simple text field, instead of using a text field for the date you should implement javascript to have a popup date picker.

Re: Another date Problem - If any php God is there please help.

Posted: Sat May 16, 2009 6:36 pm
by Griven
I agree with the above poster. Dates can be hard to handle if you're relying on raw user input. Your best bet is to give the users a choice of dates. That way, the format of their input is what you expect it to be, thereby allowing you to handle it in a much easier fashion.

Re: Another date Problem - If any php God is there please help.

Posted: Sun May 17, 2009 3:33 am
by Ddywalgi
Thank you for your response Larry and Griven.

The form dsplays ok no errors, the form passes the data to the MySQL server without any error, but it doesn't pass the data in the date field.
The field is a DATETIME format in the MySQL db and continues to remain 00 00 00 00 00 00.
I would like to use the date picker but my coding skills are left wanting in that area so far, but I will look to see if I can find anything to help with what your suggesting.

Thanks for for looking and for your assistance.

Sean

Re: Another date Problem - If any php God is there please help.

Posted: Sun May 17, 2009 3:36 am
by Benjamin
Can you please post the insert query? I haven't looked through all your code, but I am assuming that an insert is working, but when you view an inserted record the data is not correct. More than likely the date is malformed in the insert query.

Re: Another date Problem - If any php God is there please help.

Posted: Sun May 17, 2009 3:39 am
by Ddywalgi
Hi Astions,

The insert query is in the code. All data apart from the date is added to the MySQl db.

Thanks,

Re: Another date Problem - If any php God is there please help.

Posted: Sun May 17, 2009 3:47 am
by Benjamin
Not so much. Your code:

Code: Select all

 
            $query = 'INSERT INTO url_associations (url_id, url_category_id, approved) VALUES ';
            foreach ($_POST['types'] as $v) {
                $query .= "($uid, $v, 'Y'), ";
            }
            $query = substr ($query, 0, -2); // Chop off the last comma and space.
 
            $result = @mysql_query ($query); // Run the query.
 
Doesn't clearly indicate what the final query is. In fact, there appear to be some major security issues here. This is very poorly written. I would recommend studying sql injection, as this bug you have stumbled upon are the least of your worries.

So, do you even know what the query is?

Re: Another date Problem - If any php God is there please help.

Posted: Sun May 17, 2009 4:06 am
by Ddywalgi
Hi Astions,
The query you have chosen there is to insert id values into a related table, that is not the insert query for the data but simply takes existing data from 3 tables in the db and adds them into that one.

Below are the aspects of the date section,

Code: Select all

        // Check for a Date.
    if (eregi ("^([0-9]{2})/([0-9]{2})/([0-9]{4})$", $_POST['date_added'], $parts)) {
        $p = escape_data($_POST['date_added'], $parts);
    } else {
        $p = FALSE;
        echo '<p><font color="red">Please enter a valid Date!</font></p>';
    }
 
    
    // Reassemble the date of publishing into database format
             $p = " \"$parts[2]-$parts[1]-$parts[0]\"";
 
 
        // Add the URL to the urls table.
        $query = "INSERT INTO urls (url, title, description, date_added) VALUES ('$u', '$t', '$d', '$p')";      
        $result = @mysql_query ($query); // Run the query.
        $uid = @mysql_insert_id(); // Get the url ID.
 
        if ($uid > 0) { // New URL has been added.
        
            // Make the URL associations.
            
 
            // Build the query.
            $query = 'INSERT INTO url_associations (url_id, url_category_id, approved) VALUES ';
            foreach ($_POST['types'] as $v) {
                $query .= "($uid, $v, 'Y'), ";
            }
            $query = substr ($query, 0, -2); // Chop off the last comma and space.
 
            $result = @mysql_query ($query); // Run the query.
            
            if (mysql_affected_rows() == count($_POST['types'])) { // Query ran OK.
            
                echo '<p><b>Thank you for your submission!</b></p>';
                $_POST = array(); // Reset values.
                
            } else { // If second query did not run OK.
 
Thank you for pointing out the security aspect.