HTMl to PHP to MySQL problem
Moderator: General Moderators
-
travelpics
- Forum Newbie
- Posts: 4
- Joined: Sun Sep 06, 2009 2:49 pm
- Location: Spain
HTMl to PHP to MySQL problem
Can someone please help. I am a PHP / MySQL newbie trying to develop a free ads site for my local community. After going round in circles for three weeks I decided to ask for help. First I created a MySQL database and defined a table with seven columns (seven variables). This works fine. Then I created an HTML form to collect values for six of these variables. This works fine. The HTML form posts (method post) the data to a PHP page (insert.php) which inserts the data into the table. This works fine. Then I created a PHP page to read all the ads. This works fine.
The fun started when I tried to make use of the seventh variable. This is not input by the user. Rather it is an integer created automatically called “whenadposted”. I have written a PHP version and a JavaScript version. Both codes work fine and print the correct values for “whenadposted” to the screen. What I can’t seem to do is send the value of this variable to the seventh column of the table. I don’t think it’s a syntax problem but a logic problem. I have tried calculating “whenadposted” using JavaScript in the HTML form, and posting it using input TYPE="hidden" but to do this I have to go out of JavaScript so HTML has no knowledge of the variable. Maybe I can export this value to HTML somehow?
I have also tried calculating “whenadposted” using PHP in the insert.php page, then sending it to the table with all the others.
$sql="INSERT INTO allads (FirstName, LastName , category, AdText, URL, emailtoapearinad, whenadposted)
VALUES
('$_POST[FirstName]','$_POST[LastName]','$_POST[category]','$_POST[AdText]','$_POST[URL]','$_POST[emailtoapearinad]','$_POST[whenadposted]')";
Either way, when I run the ReadAllAds.php page it returns zero for this variable.
Can someone please suggest where I may be going wrong.Thanks.
The fun started when I tried to make use of the seventh variable. This is not input by the user. Rather it is an integer created automatically called “whenadposted”. I have written a PHP version and a JavaScript version. Both codes work fine and print the correct values for “whenadposted” to the screen. What I can’t seem to do is send the value of this variable to the seventh column of the table. I don’t think it’s a syntax problem but a logic problem. I have tried calculating “whenadposted” using JavaScript in the HTML form, and posting it using input TYPE="hidden" but to do this I have to go out of JavaScript so HTML has no knowledge of the variable. Maybe I can export this value to HTML somehow?
I have also tried calculating “whenadposted” using PHP in the insert.php page, then sending it to the table with all the others.
$sql="INSERT INTO allads (FirstName, LastName , category, AdText, URL, emailtoapearinad, whenadposted)
VALUES
('$_POST[FirstName]','$_POST[LastName]','$_POST[category]','$_POST[AdText]','$_POST[URL]','$_POST[emailtoapearinad]','$_POST[whenadposted]')";
Either way, when I run the ReadAllAds.php page it returns zero for this variable.
Can someone please suggest where I may be going wrong.Thanks.
Re: HTMl to PHP to MySQL problem
I don't understand, you're inserting 6 values into 7 columns...
Re: HTMl to PHP to MySQL problem
What is the datatype of the whenadposted column in the database?
How you are trying to calculate it in PHP?
How you are trying to calculate it in PHP?
-
travelpics
- Forum Newbie
- Posts: 4
- Joined: Sun Sep 06, 2009 2:49 pm
- Location: Spain
Re: HTMl to PHP to MySQL problem
The HTML form posts values to the first 6 columns. Then I am trying to post an additional value, not entered by the user, into the seventh (INT) column.jackpf wrote:I don't understand, you're inserting 6 values into 7 columns...
-
travelpics
- Forum Newbie
- Posts: 4
- Joined: Sun Sep 06, 2009 2:49 pm
- Location: Spain
Re: HTMl to PHP to MySQL problem
The datatype is INT. My PHP code to calculate this value (which works fine) is:Darhazer wrote:What is the datatype of the whenadposted column in the database?
How you are trying to calculate it in PHP?
$yearseconds = date("y") * 31556926;
$monthseconds = date("y") * 2629744;
$dayseconds = date("y") * 86400;
$hourseconds = date("h") * 3600;
$minseconds = date("i") * 60;
$seconds = date("s");
$whenadposted = $yearseconds + $monthseconds + $dayseconds + $hourseconds + $minseconds + $seconds;
?>
Re: HTMl to PHP to MySQL problem
Try removing the $_post in $_post[whenadposted] and replace with $whenadposted in the sql.
-
travelpics
- Forum Newbie
- Posts: 4
- Joined: Sun Sep 06, 2009 2:49 pm
- Location: Spain
Re: HTMl to PHP to MySQL problem
jvandread wrote:Try removing the $_post in $_post[whenadposted] and replace with $whenadposted in the sql.
Hi jvandread,
Thanks for the idea but unfortunately no good. whenadposted still returns zero.
The code is:
// Execute query
mysql_query($sql,$conn);
$yearseconds = date("y") * 31556926;
$monthseconds = date("y") * 2629744;
$dayseconds = date("y") * 86400;
$hourseconds = date("h") * 3600;
$minseconds = date("i") * 60;
$whenposted = $yearseconds + $monthseconds + $dayseconds + $hourseconds + $minseconds;
$sql="INSERT INTO allads (FirstName, LastName , category, AdText, URL, emailtoapearinad, whenadposted)
VALUES
('$_POST[FirstName]','$_POST[LastName]','$_POST[category]','$_POST[AdText]','$_POST[URL]','$_POST[emailtoapearinad]','$_POST[whenadposted]')";
if (!mysql_query($sql,$conn))
{
die('Error: ' . mysql_error());
}
echo "Your advertisement has been added - ";
echo $whenadposted;
echo "<br />";
mysql_close($conn)
?>
The "echo $whenadposted;" bit returns the correct value to the screen but it is still not being posted to the table.
Re: HTMl to PHP to MySQL problem
In addition, never ever directly use user input in SQL. As it stands right now, you've left yourself wide open to SQL injection.
- Jonah Bron
- DevNet Master
- Posts: 2764
- Joined: Thu Mar 15, 2007 6:28 pm
- Location: Redding, California
Re: HTMl to PHP to MySQL problem
Code: Select all
// Execute query
mysql_query($sql,$conn);
/*
$yearseconds = date("y") * 31556926;
$monthseconds = date("y") * 2629744;
$dayseconds = date("y") * 86400;
$hourseconds = date("h") * 3600;
$minseconds = date("i") * 60;
$whenposted = $yearseconds + $monthseconds + $dayseconds + $hourseconds + $minseconds;
*/
// you don't need to use all of that. Just use time()
$whenposted = time();
// Or, if you want a more readable date, use
$whenposted = date('M d, Y');
$sql="INSERT INTO allads (FirstName, LastName , category, AdText, URL, emailtoapearinad, whenadposted)
VALUES ('". mysql_real_escape_string($_POST['FirstName']) ."','". mysql_real_escape_string($_POST['LastName']) ."','". mysql_real_escape_string($_POST['category']) ."','". mysql_real_escape_string($_POST['AdText']). "','". mysql_real_escape_string($_POST['URL']) ."','". mysql_real_escape_string($_POST['emailtoapearinad']) ."','". $whenadposted ."')";
if (!mysql_query($sql,$conn))
{
die('Error: ' . mysql_error());
}
echo "Your advertisement has been added - ";
echo $whenadposted;
echo "<br />";
mysql_close($conn);Hope it works.