PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
toxi
Forum Newbie
Posts: 5 Joined: Sun May 17, 2009 7:37 am
Post
by toxi » Sun May 17, 2009 7:39 am
I'm trying to create a simple website to enter data onto a calendar, but no matter how I tried, I can't get my PHP/SQL query to work.
In fact, even the website doesnt load at all and I get a blank page
Here's my code:
Code: Select all
//check for empty inputs
if(((isset($_POST['bookTitle']) && !empty($_POST['bookTitle'])) && (isset($_POST['date']) && !empty($_POST['date'])) && (isset($_POST['bookStart']) && !empty($_POST['bookStart'])) && ((isset($_POST['bookEnd']) && !empty($_POST['bookEnd'])) && ((isset($_POST['bookLanes']) && !empty($_POST['bookLanes']))
{
//add new booking to the database
$query = "INSERT INTO bookings (`bookDate`,`bookTitle`,`bookStart`, `bookEnd`, `bookLanes`) VALUES('". ($_POST['bookDate'])."','". addslashes($_POST['bookTitle'])."','". addslashes($_POST['bookStart'])."','". addslashes($_POST['bookEnd']). "','". addslashes[$_POST['bookLanes'])"')";
my SQL connection works fine, I've tried that. Any help is appreciated.
Last edited by
Benjamin on Sun May 17, 2009 9:37 am, edited 1 time in total.
Reason: Changed code type from text to php.
Darhazer
DevNet Resident
Posts: 1011 Joined: Thu May 14, 2009 3:00 pm
Location: HellCity, Bulgaria
Post
by Darhazer » Sun May 17, 2009 7:51 am
add "echo $query;" so we can see the resulting SQL.
I assume there is mysql_connect before that code, and mysql_query() after it
Btw, you didn't escape all the values, and better use mysql_escape_string instead of addslashes.
toxi
Forum Newbie
Posts: 5 Joined: Sun May 17, 2009 7:37 am
Post
by toxi » Sun May 17, 2009 8:07 am
The problem is that my website does not even load so I can't do that.
Here's my whole code
Code: Select all
<?php
//Database connection details
$host = "***";
$mysql_user = "***";
$mysql_password = "***";
$mysql_db = "***";
//make connection with mysql and select the database
$mysql_connect = mysql_connect($host, $mysql_user, $mysql_password);
$db_select = mysql_select_db($mysql_db);
//will be used to show alert message for success or error
$alert = "";
//check if the form is submitted
if(isset($_POST['add']))
{
//check for empty inputs
if(((isset($_POST['bookTitle']) && !empty($_POST['bookTitle'])) && (isset($_POST['date']) && !empty($_POST['date'])) && (isset($_POST['bookStart']) && !empty($_POST['bookStart'])) && ((isset($_POST['bookEnd']) && !empty($_POST['bookEnd'])) && ((isset($_POST['bookLanes']) && !empty($_POST['bookLanes']))
{
//add new booking to the database
$query = "INSERT INTO bookings (`bookDate`,`bookTitle`,`bookStart`, `bookEnd`, `bookLanes`) VALUES('". ($_POST['bookDate'])."','". addslashes($_POST['bookTitle'])."','". addslashes($_POST['bookStart'])."','". addslashes($_POST['bookEnd']). "','". addslashes[$_POST['bookLanes'])"')";
$result = mysql_query($query);
"echo $query;"
//check if the insertion is ok
if($result)
$alert = "New Event successfully added";
else
$alert = "Something is wrong. Try Again.";
}
else
{
//alert message for empty input
$alert = "No empty input please";
}
}
?>
<html>
<head>
<title>Add New Events</title>
<script type="text/javascript" src="http://code.jquery.com/jquery-latest.pack.js"></script>
<link rel="stylesheet" href="datepick/jquery.datepick.css" type="text/css" media="screen" charset="utf-8" />
<script type="text/javascript" src="datepick/jquery.datepick.pack.js"></script>
<script type="text/javascript">
$(document).ready(function(){
//configure the date format to match mysql date
$('#date').datepick({dateFormat: 'yy-mm-dd'});
});
</script>
</head>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<table align="center">
<tr>
<td colspan="2">
<h2>Add a New Booking</h2>
</td>
</tr>
<tr>
<td>Date : </td>
<td><input id="bookDate" name="bookDate" size="30"></td>
</tr>
<tr>
<td>Booking Title : </td>
<td><input id="bookTitle" name="bookTitle" size="50"></td>
</tr>
<tr>
<td>Start Time : </td>
<td><input id="bookStart" name="bookStart" size="10"></td>
</tr>
<tr>
<td>End Time : </td>
<td><input id="bookEnd" name="bookEnd" size="10"></td>
</tr>
<tr>
<td>Booked Lanes : </td>
<td><input id="bookLanes" name="bookLanes" size="5"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" value="Add a new booking" name="add"></td>
</tr>
</table>
</form>
<?php
//check if there is any alert message set
if(isset($alert) && !empty($alert))
{
//message alert
echo '<script type="text/javascript">alert("'.$alert.'");</script>';
}
?>
</body>
</html>
Last edited by
Benjamin on Sun May 17, 2009 9:38 am, edited 1 time in total.
Reason: Changed code type from text to php.
Darhazer
DevNet Resident
Posts: 1011 Joined: Thu May 14, 2009 3:00 pm
Location: HellCity, Bulgaria
Post
by Darhazer » Sun May 17, 2009 8:21 am
If your site does not load, add:
Code: Select all
error_reporting(E_ALL);
ini_set('display_errors', 'on');
At the beginning, to see what is the error that causes script to stop.
The "echo $query;" statement should be without the quotes in your code
Also, after performing the query, you can check the result:
Code: Select all
$result = mysql_query($query);
if ($result == false) {
echo mysql_error();
}
toxi
Forum Newbie
Posts: 5 Joined: Sun May 17, 2009 7:37 am
Post
by toxi » Sun May 17, 2009 8:27 am
Yup, I've tried that as well but it still didn't come up with any errors
Darhazer
DevNet Resident
Posts: 1011 Joined: Thu May 14, 2009 3:00 pm
Location: HellCity, Bulgaria
Post
by Darhazer » Sun May 17, 2009 8:34 am
Than add die('something'); in the beginning of the file.
Start moving it line after line until you get a blank page.
In this way you will find where the script stop executing.
And if it does not execute even the first line, the problem is in the server configuration.
toxi
Forum Newbie
Posts: 5 Joined: Sun May 17, 2009 7:37 am
Post
by toxi » Sun May 17, 2009 8:38 am
Everything else seems to be working fine on the server, all of the queries I've used so far on the calendar work fine and data is fetched properly.
I think there must be a problem in the db or in my script
toxi
Forum Newbie
Posts: 5 Joined: Sun May 17, 2009 7:37 am
Post
by toxi » Sun May 17, 2009 8:41 am
I got the echo working and I get these results
INSERT INTO bookings (bookDate,bookTitle,bookStart,bookEnd,bookLanes) VALUES ( , , , , )
do the comma signs mean nothing was entered ?
Benjamin
Site Administrator
Posts: 6935 Joined: Sun May 19, 2002 10:24 pm
Post
by Benjamin » Sun May 17, 2009 9:43 am
You are missing opening and closing braces starting on line 29.
AGISB
Forum Contributor
Posts: 422 Joined: Fri Jul 09, 2004 1:23 am
Post
by AGISB » Sun May 17, 2009 2:32 pm
You should write some better readable code.
Place the post values into variables that have a meaning and you can better read that query.
The if clause in the beginning probably was the main issue earlier. How someone can really read that if clause without a headache is beyond me
You post the post values into a database without any sanitation. Bad idea, even if it is an internal programm.
just a couple of thoughts