Code not entering into table

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Da_Elf
Forum Commoner
Posts: 81
Joined: Mon Dec 29, 2008 12:31 pm

Code not entering into table

Post by Da_Elf »

My code does all of the error checking, i can echo all of the variables but when it come to insert the information into the table it just returns me to the form with anything being inserted into the table

Code: Select all

<?php
session_start();
include "<my database connection>";
//Bands
if(isset($_POST['bandadd'])){
function checkEntry($entery,$ecode,$local){
		$clean = mysql_real_escape_string($_POST[$entery]);
		if (ctype_space($clean) || $clean == ''){header('Location: control.php?error='.$ecode.'#'.$local);die();}
		else {return $clean;}
		}
	//check if an old band is selected
	if (is_numeric(mysql_real_escape_string(substr($_POST['bandlist'],19,9)))){$ban = mysql_real_escape_string(substr($_POST['bandlist'],19,9));}
	if ($ban != NULL){header('Location: control.php?error=0#bands');die();}
	//check if new bands name already exists and required fields are filled
	$bandname = checkEntry("bandname","1","bands");
	$descript = checkEntry("description","2","bands");
	$result = mysql_query("SELECT * FROM bands WHERE name = '$bandname'", $SCdbConn);
	if(mysql_num_rows($result) >= 1) {header('Location: control.php?error=0#bands');die();}
	$specials = mysql_real_escape_string($_POST['specials']);
	mysql_query("INSERT INTO bands (name, desc, special) VALUES ('$bandname', '$descript', '$specials')",$SCdbConn);
	header('Location: control.php#bands');die();
}//end of adding band

this is the form if it helps

Code: Select all

<div style="padding:20px; background-color:#AEBEC1; width:480px; margin:10px">
<form name="dabands" action="surfcms.php" method="post">
<?php
if ($error != NULL){echo "<span class='warning'>".$errz[$error]."</span><br />";}
$bandsq = mysql_query("SELECT * FROM bands ORDER BY name ASC", $SCdbConn); ?>
<select name="bandlist" id="select" ONCHANGE="location = this.options[this.selectedIndex].value;">
<option value="control.php"></option>
<?php while ($bandsf = mysql_fetch_array($bandsq, MYSQL_ASSOC)) { ?>
<option id="1" value="control.php?bandid=<?=$bandsf['entid']?>" <?php 
if ($bandid == $bandsf['entid']){ echo "selected='selected'";} ?>	>
<?=stripslashes($bandsf["name"])?></option>
<?php } ?>
</select><br />
Band Name<br /><input type="text" name="bandname" class="userpass" placeholder="bandname" value="<?=$bandfill['name']?>" required><br />
Description<br /><textarea name="description" class="details" placeholder="Message" required="required"><?=$bandfill['desc']?></textarea><br />
Specials<br /><textarea name="specials" class="details" placeholder="Message"><?=$bandfill['special']?></textarea><br />
<input class="butt" type="submit" name="bandadd" value="ADD" /><input class="butt" type="submit" name="bandchange" value="change" /><input class="butt" type="submit" name="banddelete" value="delete" />
</form>
</div>
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: Code not entering into table

Post by requinix »

Code: Select all

mysql_query("INSERT INTO bands (name, desc, special) VALUES ('$bandname', '$descript', '$specials')",$SCdbConn);
"desc" is a reserved word. Either quote the name or use a different one.
Da_Elf
Forum Commoner
Posts: 81
Joined: Mon Dec 29, 2008 12:31 pm

Re: Code not entering into table

Post by Da_Elf »

thanks. i changed it to descr but it still doesnt work. i also put it in quotes

Code: Select all

mysql_query("INSERT INTO bands (name, 'descr', special) VALUES ('$bandname', '$descript', '$specials')",$SCdbConn);
Da_Elf
Forum Commoner
Posts: 81
Joined: Mon Dec 29, 2008 12:31 pm

Re: Code not entering into table

Post by Da_Elf »

Da_Elf wrote:thanks. i changed it to descr but it still doesnt work. i also put it in quotes

Code: Select all

mysql_query("INSERT INTO bands (name, 'band_descr', special) VALUES ('$bandname', '$descript', '$specials')",$SCdbConn);
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: Code not entering into table

Post by requinix »

Wrong quotes. Double " and single ' quotes are for strings only, backticks ` are for names.

And by the way you can edit your own posts - no need to quote yourself in another post.
Da_Elf
Forum Commoner
Posts: 81
Joined: Mon Dec 29, 2008 12:31 pm

Re: Code not entering into table

Post by Da_Elf »

the quote was clicked by mistake. thought i clicked edit
ok. it works now for the insert. but doesnt work for the update code that comes a little further down

Code: Select all

mysql_query("UPDATE bands SET name ='$bandname', `band_descr` ='$descript', specials ='$specials' WHERE entid = '$ban'",$SCdbConn);

never mind i found the problem. has an s on the end of special that messed it up
Last edited by Da_Elf on Mon Feb 25, 2013 1:05 pm, edited 1 time in total.
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: Code not entering into table

Post by requinix »

Are you sure that was working to begin with? Without that INSERT there wouldn't have been anything to update anyways.

What's the code surrounding that?
Da_Elf
Forum Commoner
Posts: 81
Joined: Mon Dec 29, 2008 12:31 pm

Re: Code not entering into table

Post by Da_Elf »

everythings working now. it was only a spelling mistake on "special" that messed up the UPDATE. but the use of desc was something that caught me off guard. thanks for the help

this is the sum total of the code for that section

Code: Select all

//Bands
if(isset($_POST['bandadd'])){
	//check if an old band is selected
	if (is_numeric(mysql_real_escape_string(substr($_POST['bandlist'],19,9)))){$ban = mysql_real_escape_string(substr($_POST['bandlist'],19,9));}
	if ($ban != NULL){header('Location: control.php?error=0#bands');die();}
	//check if new bands name already exists and required fields are filled
	$bandname = checkEntry("bandname","1","bands");
	$descript = checkEntry("description","2","bands");
	$result = mysql_query("SELECT * FROM bands WHERE name = '$bandname'", $SCdbConn);
	if(mysql_num_rows($result) >= 1) {header('Location: control.php?error=0#bands');die();}
	$specials = mysql_real_escape_string($_POST['specials']);
	mysql_query("INSERT INTO bands (name, `band_descr`, special) VALUES ('$bandname', '$descript', '$specials')",$SCdbConn);
	header('Location: control.php#bands');die();
}
if(isset($_POST['bandchange'])){
	//check if new bands name already exists and required fields are filled
	if (is_numeric(mysql_real_escape_string(substr($_POST['bandlist'],19,9)))){$ban = mysql_real_escape_string(substr($_POST['bandlist'],19,9));}
	$bandname = checkEntry("bandname","1","bands");
	$descript = checkEntry("description","2","bands");
	$result = mysql_query("SELECT * FROM bands WHERE entid != '$ban' AND name = '$bandname'", $SCdbConn);
	if(mysql_num_rows($result) >= 1) {header('Location: control.php?error=0#bands');die();}
	$specials = mysql_real_escape_string($_POST['specials']);
	mysql_query("UPDATE bands SET name ='$bandname', `band_descr` ='$descript', special ='$specials' WHERE entid = '$ban'",$SCdbConn);
	header('Location: control.php?bandid='.$ban.'#bands');die();	
}
if(isset($_POST['banddelete'])){
	if (is_numeric(mysql_real_escape_string(substr($_POST['bandlist'],19,9)))){$ban = mysql_real_escape_string(substr($_POST['bandlist'],19,9));}
	if ($ban != NULL){mysql_query("Delete FROM bands WHERE entid = '$ban'",$SCdbConn);}
	header('Location: control.php#bands');die();
}
Post Reply