Page 2 of 3

Posted: Mon Apr 19, 2004 9:38 am
by magicrobotmonkey
Oh, and you need a better check then strlen, like isset:

Code: Select all

<?php


if(isset($_POST['comments']{
  $comments = $_POST["comments"]; 
  //check comment has been entered 
  if (strlen($comments) > 0) { 
    $comments = stripslashes($comments); 
  } else { // if there are no comments.. 
    $comments = NULL; 
    echo '<p><font color="red" size"+1">You forgot to enter your comments!</b</p>'; 
  } 
  //if everything was filled out ok 
  if ($username && $email && $comments) { // if everything's ok 

    //Add comments 
    $query = "INSERT INTO guestbook (username, email, comments)   VALUES ('$username','$email','$comments')"; 
    $result = @mysql_query ($query); // run the query. 

    if ($result) { // If it ran ok. 

      echo '<h3>Thank you for leaving a comments!</h3>'; 
     //are you sure you want the footer here??
      include ('includes/footer.html'); // include the HTML footer. 
     exit(); 
     } else { // If it did not run ok. 
      echo '<p><font color="red" size="+1">You could not leave a comment due to a system error.  We apologise for any inconvenience.</font></p>'; 
    } 

    mysql_close(); // Close the database connection. 
    } 
  } 
}
?>

Posted: Mon Apr 19, 2004 9:40 am
by magicrobotmonkey
And another thing, this:

Code: Select all

<?php
 $result = @mysql_query ($query); 
?>
is bad
try something like

Code: Select all

<?php
$result = mysql_query ($query) or die("Error submitting comment: ".mysql_error())
?>

still the same

Posted: Mon Apr 19, 2004 9:41 am
by mike08
i now have this code

Code: Select all

<p></p><b>Comments:<b> <textarea name="comments" rows="5" cols="30">
"<?php if (isset($_POST['comments'])) print $_POST['comments']; ?>" </textarea></p> 
</fieldset>

i added / to textarea is that correct so now is </textarea> at the end.

now in the comments box when i run it there is 2 of these ""

Posted: Mon Apr 19, 2004 9:42 am
by magicrobotmonkey
cause $_POST['comments'] is empty! oh, and you have quotes around that php block which are unecesary because in text area tage you can just have plain text not like in attributes where you need to quote it!

Posted: Mon Apr 19, 2004 9:52 am
by mike08
so should i use these two statement instead of

Code: Select all

if(isset($_POST['comments']{ 
  $comments = $_POST["comments"]; 
   

these two?

  if (strlen($comments) > 0) { 
    $comments = stripslashes($comments); 



  } else { // if there are no comments.. 
    $comments = NULL; 
    echo '<p><font color="red" size"+1">You forgot to enter your comments!</b</p>'; 
  }

Posted: Mon Apr 19, 2004 9:55 am
by magicrobotmonkey
the I'd say use both - the isset will ensure that you dont get an array index error and you can use strlen and add on to that if statement to ensure that the information is valid and not a script kiddie trying to get control of your code!

i copied the code you written and now have this error :(

Posted: Mon Apr 19, 2004 10:00 am
by mike08
Parse error: parse error, unexpected ';' in C:\Program Files\Apache Group\Apache2\htdocs\shopbots\guestbook2.php on line 41


which points to this line

Code: Select all

if(isset($_POST['comments']{ 
  $comments = $_POST["comments"];        - this line 
  //check comment has been entered 
  if (strlen($comments) > 0) { 
    $comments = stripslashes($comments);

Posted: Mon Apr 19, 2004 10:17 am
by magicrobotmonkey
missing two closing )'s on line above!

Posted: Mon Apr 19, 2004 10:31 am
by mike08
Thanks got rid of all errors apart from

doesn't seem to be going into database, when i fill out the form it goes straight to my error i set up which is

Code: Select all

echo '<p><font color="red" size="+1">You could not leave a comment due to a system error.  We apologise for any inconvenience.</font></p>';

Posted: Mon Apr 19, 2004 10:40 am
by magicrobotmonkey
Did you do this:

And another thing, this: PHP:

<?php
$result = @mysql_query ($query);
?>


is bad
try something like
PHP:

<?php
$result = mysql_query ($query) or die("Error submitting comment: ".mysql_error())
?>


then you can lose the if($result)

another error

Posted: Mon Apr 19, 2004 11:04 am
by mike08
ive added that now and now have a parse error on this line

Code: Select all

if ($result) { // If it ran ok.

Posted: Mon Apr 19, 2004 11:08 am
by magicrobotmonkey
did you add a closing ; ? and you can get rid of that line now - the or die() ensures that it ran ok, just go straight to printing out the message!

Posted: Mon Apr 19, 2004 11:13 am
by mike08
thanks

done all that now

removed the other line and put in the ; at the end of the last

i now have this error message when filling in guest book

Code: Select all

Error submitting comment: Duplicate entry '0' for key 1
any ideas?

Posted: Mon Apr 19, 2004 11:14 am
by Draco_03
shouldn t you close the second <textarea>

Code: Select all

</textarea>
..

Posted: Mon Apr 19, 2004 11:16 am
by magicrobotmonkey
i take it key1 is your primary key and you have it defaulting to "0" so it won't submit because you can't have duplicates on a key so you need to change it to AUTO_INCREMENT or some random thing!