Page 1 of 2

SOLVED - Form data not posting to mysql

Posted: Fri Feb 25, 2005 12:50 pm
by thx967
I am posting my revised code to this post so no one has to scroll thru pages of code

I have a mysql db i'm trying to post a form to and can't seem to get past my validation code. I've checked over the $insertQuery and don't see any errors that stand out in that code.db name is correct, field names are correct and in the same order as my table. But this is where the problem has to be. I am connecting to my db and posting fine with other forms on the site. Anyone have any ideas?

Heres my //REVISED// code

Code: Select all

<?php
error_reporting(E_ALL);
// Get the PHP file containing the DbConnector class
require_once('includes/DbConnector.php');
require_once('includes/Validator.php');

// Create an instance of DbConnector
$connector = new DbConnector();

// Check whether a form has been submitted. If so, carry on
if ($HTTP_POST_VARS)&#123;

// Validate the entries
$validator = new Validator();

$validator->validateGeneral($HTTP_POST_VARS&#1111;'title'],'title');
$validator->validateTextOnly($HTTP_POST_VARS&#1111;'affiliate_name'],'affiliate_name');
$validator->validateGeneral($HTTP_POST_VARS&#1111;'pkg_type'],'pkg_type');
$validator->validateTextOnly($HTTP_POST_VARS&#1111;'departure'],'departure');
$validator->validateTextOnly($HTTP_POST_VARS&#1111;'destination'],'destination');
$validator->validateTextOnly($HTTP_POST_VARS&#1111;'hotel'],'hotel');
$validator->validateGeneral($HTTP_POST_VARS&#1111;'nights'],'nights');
$validator->validateGeneral($HTTP_POST_VARS&#1111;'price'],'price');
$validator->validateGeneral($HTTP_POST_VARS&#1111;'desc'],'desc');

// Check whether the validator found any problems
if ( $validator->foundErrors() )&#123;
	echo 'There was a problem with: <br>'.$validator->listErrors('<br>'); // Show the errors, with a line between each
&#125;else&#123;

// Create an SQL query (MySQL version)
// The 'addslashes' command is used 5 lines below for added security
// Remember to use 'stripslashes' later to remove them (they are inserted in front of any
// special characters

$insertQuery = "INSERT INTO cmshotdeals (title,affiliate_name,pkg_type,departure,destination,hotel,nights,price,desc) VALUES (".
"'".addslashes($HTTP_POST_VARS&#1111;'title'])."', ".
"'".$HTTP_POST_VARS&#1111;'affiliate_name']."', ".
"'".addslashes($HTTP_POST_VARS&#1111;'pkg_type'])."', ".
"'".$HTTP_POST_VARS&#1111;'departure']."', ".
"'".$HTTP_POST_VARS&#1111;'destination']."', ".
"'".$HTTP_POST_VARS&#1111;'hotel']."', ".
"'".$HTTP_POST_VARS&#1111;'nights']."', ".
"'".addslashes($HTTP_POST_VARS&#1111;'price'])."', ".
"'".addslashes($HTTP_POST_VARS&#1111;'desc'])."')";

echo $insertQuery;
	// Save the form data into the database 
	if ($result = $connector->query($insertQuery))&#123;

		// It worked, give confirmation
		echo '<center><b>Hot Deal added to the database</b></center><br>';

	&#125;else&#123;

		// It hasn't worked so stop. Better error handling code would be good here!
		exit('<center>Sorry, there was an error saving to the database</center>');

	&#125;
&#125;
&#125;
?>

Posted: Fri Feb 25, 2005 12:55 pm
by smpdawg
Turn on error_reporting and see if you get any messages that would be helpful.

Posted: Fri Feb 25, 2005 1:11 pm
by thx967
smpdawg wrote:Turn on error_reporting and see if you get any messages that would be helpful.
I'm pretty new to php - would i add the following as the first php line:

error_reporting(E_ALL);

Posted: Fri Feb 25, 2005 1:11 pm
by John Cartwright
smpdawg wrote:Turn on error_reporting and see if you get any messages that would be helpful.

Code: Select all

error_reporting(E_ALL);
edit.. you beat me :P.. and to your question, yes.

Posted: Fri Feb 25, 2005 1:17 pm
by thx967
Phenom wrote:
smpdawg wrote:Turn on error_reporting and see if you get any messages that would be helpful.

Code: Select all

error_reporting(E_ALL);
edit.. you beat me :P.. and to your question, yes.
I don't get any error messages - err - except my die msg "Sorry, there was an error saving to the database"

I placed the error reporting like so:

Code: Select all

<?php
error_reporting(E_ALL);

// Get the PHP file containing the DbConnector class
require_once('includes/DbConnector.php');
require_once('includes/Validator.php');

Posted: Fri Feb 25, 2005 1:24 pm
by smpdawg
Do me a favor. Do an

Code: Select all

echo $insertQuery;


after your insert statement is constructed but before the query is executed.

edit - and post the results here obviously.

Posted: Fri Feb 25, 2005 1:55 pm
by thx967
smpdawg wrote:Do me a favor. Do an

Code: Select all

echo $insertQuery;


after your insert statement is constructed but before the query is executed.

edit - and post the results here obviously.
Ok - Heres the results- seems there are some additional ")" in the echo:

INSERT INTO cmshotdeals (title,affiliate_name,pkg_type,departure,destination,hotel,nights,price,desc) VALUES ('none', 'Beaches', 'Air Only')'Chicago', 'Cancun', 'none', '7', '350')'none')
Sorry, there was an error saving to the database

Posted: Fri Feb 25, 2005 1:56 pm
by John Cartwright
You should add addition error reporting in your queries.

query() should look something like this

Code: Select all

function query($sql)
&#123;
     return mysql_query($sql) or die(mysql_error());
&#125;
That should spit out the exact problem

Posted: Fri Feb 25, 2005 2:06 pm
by smpdawg
Change this

Code: Select all

"'".addslashes($HTTP_POST_VARS&#1111;'pkg_type'])."')".
"'".$HTTP_POST_VARS&#1111;'departure']."', ".
"'".$HTTP_POST_VARS&#1111;'destination']."', ".
"'".$HTTP_POST_VARS&#1111;'hotel']."', ".
"'".$HTTP_POST_VARS&#1111;'nights']."', ".
"'".addslashes($HTTP_POST_VARS&#1111;'price'])."')".
"'".addslashes($HTTP_POST_VARS&#1111;'desc'])."')";
To this

Code: Select all

"'".addslashes($HTTP_POST_VARS&#1111;'pkg_type'])."',".
"'".$HTTP_POST_VARS&#1111;'departure']."', ".
"'".$HTTP_POST_VARS&#1111;'destination']."', ".
"'".$HTTP_POST_VARS&#1111;'hotel']."', ".
"'".$HTTP_POST_VARS&#1111;'nights']."', ".
"'".addslashes($HTTP_POST_VARS&#1111;'price'])."',".
"'".addslashes($HTTP_POST_VARS&#1111;'desc'])."')";
There were unnecessary parens in the query. Please note that the last paren needs to stay.

edit - Oops. I missed the commas. This version should work.

Posted: Fri Feb 25, 2005 2:34 pm
by smpdawg
Here as some separate notes.

1. You can surround an array element in {} and embed the variable into a double-quoted script. It helps readability.

For example.

Code: Select all

"'&#123;$HTTP_POST_VARS&#1111;'departure']&#125;', '&#123;$HTTP_POST_VARS&#1111;'destination']&#125;', '&#123;$HTTP_POST_VARS&#1111;'hotel']&#125;', '&#123;$HTTP_POST_VARS&#1111;'nights']&#125;'"
2. The $HTTP_POST_VARS is outdated - the new form is $_POST.

3. To help with readability you could assign the result of addslashes to a variable and display the variable. It makes it easier to debug.

Posted: Fri Feb 25, 2005 2:43 pm
by thx967
yeah - i noticed the commas and put those in. I still get a bloody error.
INSERT INTO cmshotdeals (title,affiliate_name,pkg_type,departure,destination,hotel,nights,price,desc) VALUES ('title goes here', 'Beaches', 'Air + Hotel', 'Cleveland', 'Cancun', 'hotel', 'nights', 'price', 'desc'
Sorry, there was an error saving to the database
As a side note. my table is setup like so:
Field - Type - Null - Default
ID - int(4) - No - NULL
title - text - Yes - NULL
affiliate_name - varchar(255) - Yes - NULL
pkg_type - text - Yes - NULL
departure - varchar(255) - Yes - NULL
destination - varchar(255) - Yes - NULL
hotel - varchar(255) - Yes - NULL
nights - varchar(255) - Yes - NULL
price - text - Yes - NULL
desc - text - Yes - NULL
datetime - timestamp(14) - Yes - NULL
[/quote]

Posted: Fri Feb 25, 2005 2:47 pm
by smpdawg
It's missing the last paren by the desc that is coming from the post array.

Posted: Fri Feb 25, 2005 2:56 pm
by thx967
smpdawg wrote:It's missing the last paren by the desc that is coming from the post array.
Yeah i found that one too.

Since I've been modifying the code as this thread goes on - i've edited my original post with the revised code to keep the thread from going into multiple pages.

Does anyone think my table may be the problem?

Posted: Fri Feb 25, 2005 3:06 pm
by thx967
Phenom wrote:You should add addition error reporting in your queries.

query() should look something like this

Code: Select all

function query($sql)
&#123;
     return mysql_query($sql) or die(mysql_error());
&#125;
That should spit out the exact problem
Are you saying I should rewrite the following using the above?

Code: Select all

$insertQuery = "INSERT INTO cmshotdeals (title,affiliate_name,pkg_type,departure,destination,hotel,nights,price,desc) VALUES ("...............

Posted: Fri Feb 25, 2005 3:12 pm
by smpdawg
Actually it never occurred to me that you were changing the code at the top. Some people will not know that is what you did and may end up saying something about the code looking right because they don't know that you changed it but I know where you are coming from.

You may want to add that or die() to DbConnector.php so you can see the error message. You can always remove it when the code is stable.