Page 1 of 1
Data not inserted/Page not loading
Posted: Sun May 17, 2009 7:39 am
by toxi
I'm trying to create a simple website to enter data onto a calendar, but no matter how I tried, I can't get my PHP/SQL query to work.
In fact, even the website doesnt load at all and I get a blank page
Here's my code:
Code: Select all
//check for empty inputs
if(((isset($_POST['bookTitle']) && !empty($_POST['bookTitle'])) && (isset($_POST['date']) && !empty($_POST['date'])) && (isset($_POST['bookStart']) && !empty($_POST['bookStart'])) && ((isset($_POST['bookEnd']) && !empty($_POST['bookEnd'])) && ((isset($_POST['bookLanes']) && !empty($_POST['bookLanes']))
{
//add new booking to the database
$query = "INSERT INTO bookings (`bookDate`,`bookTitle`,`bookStart`, `bookEnd`, `bookLanes`) VALUES('". ($_POST['bookDate'])."','". addslashes($_POST['bookTitle'])."','". addslashes($_POST['bookStart'])."','". addslashes($_POST['bookEnd']). "','". addslashes[$_POST['bookLanes'])"')";
my SQL connection works fine, I've tried that. Any help is appreciated.
Re: Data not inserted/Page not loading
Posted: Sun May 17, 2009 7:51 am
by Darhazer
add "echo $query;" so we can see the resulting SQL.
I assume there is mysql_connect before that code, and mysql_query() after it
Btw, you didn't escape all the values, and better use mysql_escape_string instead of addslashes.
Re: Data not inserted/Page not loading
Posted: Sun May 17, 2009 8:07 am
by toxi
The problem is that my website does not even load so I can't do that.
Here's my whole code
Code: Select all
<?php
//Database connection details
$host = "***";
$mysql_user = "***";
$mysql_password = "***";
$mysql_db = "***";
//make connection with mysql and select the database
$mysql_connect = mysql_connect($host, $mysql_user, $mysql_password);
$db_select = mysql_select_db($mysql_db);
//will be used to show alert message for success or error
$alert = "";
//check if the form is submitted
if(isset($_POST['add']))
{
//check for empty inputs
if(((isset($_POST['bookTitle']) && !empty($_POST['bookTitle'])) && (isset($_POST['date']) && !empty($_POST['date'])) && (isset($_POST['bookStart']) && !empty($_POST['bookStart'])) && ((isset($_POST['bookEnd']) && !empty($_POST['bookEnd'])) && ((isset($_POST['bookLanes']) && !empty($_POST['bookLanes']))
{
//add new booking to the database
$query = "INSERT INTO bookings (`bookDate`,`bookTitle`,`bookStart`, `bookEnd`, `bookLanes`) VALUES('". ($_POST['bookDate'])."','". addslashes($_POST['bookTitle'])."','". addslashes($_POST['bookStart'])."','". addslashes($_POST['bookEnd']). "','". addslashes[$_POST['bookLanes'])"')";
$result = mysql_query($query);
"echo $query;"
//check if the insertion is ok
if($result)
$alert = "New Event successfully added";
else
$alert = "Something is wrong. Try Again.";
}
else
{
//alert message for empty input
$alert = "No empty input please";
}
}
?>
<html>
<head>
<title>Add New Events</title>
<script type="text/javascript" src="http://code.jquery.com/jquery-latest.pack.js"></script>
<link rel="stylesheet" href="datepick/jquery.datepick.css" type="text/css" media="screen" charset="utf-8" />
<script type="text/javascript" src="datepick/jquery.datepick.pack.js"></script>
<script type="text/javascript">
$(document).ready(function(){
//configure the date format to match mysql date
$('#date').datepick({dateFormat: 'yy-mm-dd'});
});
</script>
</head>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<table align="center">
<tr>
<td colspan="2">
<h2>Add a New Booking</h2>
</td>
</tr>
<tr>
<td>Date : </td>
<td><input id="bookDate" name="bookDate" size="30"></td>
</tr>
<tr>
<td>Booking Title : </td>
<td><input id="bookTitle" name="bookTitle" size="50"></td>
</tr>
<tr>
<td>Start Time : </td>
<td><input id="bookStart" name="bookStart" size="10"></td>
</tr>
<tr>
<td>End Time : </td>
<td><input id="bookEnd" name="bookEnd" size="10"></td>
</tr>
<tr>
<td>Booked Lanes : </td>
<td><input id="bookLanes" name="bookLanes" size="5"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" value="Add a new booking" name="add"></td>
</tr>
</table>
</form>
<?php
//check if there is any alert message set
if(isset($alert) && !empty($alert))
{
//message alert
echo '<script type="text/javascript">alert("'.$alert.'");</script>';
}
?>
</body>
</html>
Re: Data not inserted/Page not loading
Posted: Sun May 17, 2009 8:21 am
by Darhazer
If your site does not load, add:
Code: Select all
error_reporting(E_ALL);
ini_set('display_errors', 'on');
At the beginning, to see what is the error that causes script to stop.
The "echo $query;" statement should be without the quotes in your code
Also, after performing the query, you can check the result:
Code: Select all
$result = mysql_query($query);
if ($result == false) {
echo mysql_error();
}
Re: Data not inserted/Page not loading
Posted: Sun May 17, 2009 8:27 am
by toxi
Yup, I've tried that as well but it still didn't come up with any errors

Re: Data not inserted/Page not loading
Posted: Sun May 17, 2009 8:34 am
by Darhazer
Than add die('something'); in the beginning of the file.
Start moving it line after line until you get a blank page.
In this way you will find where the script stop executing.
And if it does not execute even the first line, the problem is in the server configuration.
Re: Data not inserted/Page not loading
Posted: Sun May 17, 2009 8:38 am
by toxi
Everything else seems to be working fine on the server, all of the queries I've used so far on the calendar work fine and data is fetched properly.
I think there must be a problem in the db or in my script
Re: Data not inserted/Page not loading
Posted: Sun May 17, 2009 8:41 am
by toxi
I got the echo working and I get these results
INSERT INTO bookings (bookDate,bookTitle,bookStart,bookEnd,bookLanes) VALUES ( , , , , )
do the comma signs mean nothing was entered ?
Re: Data not inserted/Page not loading
Posted: Sun May 17, 2009 9:43 am
by Benjamin
You are missing opening and closing braces starting on line 29.
Re: Data not inserted/Page not loading
Posted: Sun May 17, 2009 2:32 pm
by AGISB
You should write some better readable code.
Place the post values into variables that have a meaning and you can better read that query.
The if clause in the beginning probably was the main issue earlier. How someone can really read that if clause without a headache is beyond me
You post the post values into a database without any sanitation. Bad idea, even if it is an internal programm.
just a couple of thoughts