Page 1 of 1

problems with php code

Posted: Tue Mar 01, 2005 6:11 am
by KevinCB
Hi, I'm trying to create an online shopping website for a small shop, which I'm currently now stuck on, trying to create the admin side of the site to allow a user to add data into a mysql database. This is what I have so far:

Code: Select all

<?php
if ($_POST&#1111;op] != "add") &#123;
   //haven't seen the form, so show it
   $display_block = "<h1>Add a Book</h1>
   <form method="post" action="$_SERVER&#1111;PHP_SELF]">
   <P><strong>Title of Book:</strong><br>
   <input type="text" name="item_name" size=50 maxlength=100>

   <P><strong>Author of Book:</strong><br>
   <input type="text" name="item_author" size=30 maxlength=75>

   <P><strong>Artist:</strong><br>
   <input type="text" name="item_author" size=30 maxlength=75>

   <P><strong>Description of Book:</strong><br>
   <textarea name="item_desc" cols=35 rows=5 wrap=virtual></textarea>

   <P><strong>Price of Book:</strong><br>
   <input type="text" name="item_price" size=10 maxlength=10>

   <!-- The data encoding type, enctype, MUST be specified as below -->
   <method="POST" action="addimage.php" enctype="multipart/form-data">
       <!-- MAX_FILE_SIZE must precede the file input field -->
       <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
       <!-- Name of input element determines name in $_FILES array -->
       Save this Image: <input name="userfile" type="file" />
       <input type="submit" value="Save File" />

   <p><input type="submit" name="submit" value="Add Book"></p>
   </FORM>";

&#125; else if ($_POST&#1111;op] == "add") &#123;
   //time to add to tables, so check for required fields
    if ($_POST&#1111;item_name] == " ") &#123;
       header("Location: addentry.php");
       exit;
    &#125;

   //connect to database
   $conn = mysql_connect("localhost", "username", "password")
       or die(mysql_error());
   mysql_select_db("shoot_the_moon_store",$conn)  or die(mysql_error());

   //add to store_items table
   $add_title = "insert into store_items values ('', now(), now(),
	'$_POST&#1111;item_name]')";
   mysql_query($add_title) or die(mysql_error());

   //get item_id for use with other tables
   $item_id = mysql_insert_id();

   if ($_POST&#1111;item_author]) &#123;
      //something relevant, so add to store_item_author table
      $add_author = "insert into store_item_author values ('', $item_id,
	   now(), now(), '$_POST&#1111;item_author]')";
      mysql_query($add_author) or die(mysql_error());
   &#125;

   if ($_POST&#1111;item_artist]) &#123;
      //something relevant, so add to store_item_author table
      $add_artist = "insert into store_item_artist values ('', $item_id,
	   now(), now(), '$_POST&#1111;item_artist]')";
      mysql_query($add_artist) or die(mysql_error());
   &#125;

   if ($_POST&#1111;item_desc]) &#123;
      //something relevant, so add to store_items table
      $add_desc = "insert into store_items values ('', $item_desc,
           now(), now(), '$_POST&#1111;item_desc]')";
      mysql_query($add_desc) or die(mysql_error());
   &#125;

   if ($_POST&#1111;item_price]) &#123;
      //something relevant, so add to store_items table
      $add_price = "insert into store_items values ('', $item_price,
           now(), now(), '$_POST&#1111;item_price]')";
      mysql_query($add_price) or die(mysql_error());
   &#125;

   $display_block = "<h1>Record Added</h1>
   <P>Your record has been added.  Would you like to
    <a href="addbook.php">add another</a>?</p>";
&#125;
?>
<HTML>
<HEAD>
<TITLE>Add a Book Record</TITLE>
</HEAD>
<BODY>
<?php echo $display_block; ?>
</BODY>
</HTML>
My questions are:

What should my code be for allowing a user to add the link of an image to the database?
Can I have a form embedded within a form to allow me to do this?
Is the rest of the code correct?, when I tried it before it didn't save the data into the database, and just refreshed the page.

Posted: Tue Mar 01, 2005 6:28 am
by smpdawg
It never updated the database because op was never set in this code. Without op, your form would be shown even on a submit. Are you using one file with more than one admin area and thus the need for op?

You can use $_SERVER['REQUEST_METHOD'] to determine the user action. POST would be the signal for a database update and GET would be used to show the input form.

Posted: Tue Mar 01, 2005 7:15 am
by KevinCB
Ok, as this is my first time using php could you explain how I can set op in the code?

This code was given as an example in a Sams Teach Yourself book, but was used for creating an online address book instead. I've obviously failed miserably at trying to adapt it to work with the online shopping site.

It also says in the php log that there is an unexpected T_STRING in line 22, which is the following:

Code: Select all

<method="POST" action="addimage.php" enctype="multipart/form-data">
Is this the section you are talking about, when saying that op was not set?

Posted: Tue Mar 01, 2005 7:19 am
by n00b Saibot
you forgot to escape all the double quotes on that line.

Posted: Tue Mar 01, 2005 7:23 am
by CoderGoblin
You are not using the escape \ to escape the double quotes hence the error.

Posted: Tue Mar 01, 2005 7:31 am
by smpdawg
You could put something like this inside the form tags.

Code: Select all

<input TYPE="hidden" VALUE="add" NAME="op">
This ends up being a variable in the $_POST array.

And yes you will need to escape the quotes for this to work in your code. " becomes \"

Posted: Tue Mar 01, 2005 3:05 pm
by KevinCB
Thanks for the replies, I've now added these things to the code, but now it comes up saying:
Column count doesn't match value count at row 1
Is this to do with the MySQl tables?

Posted: Tue Mar 01, 2005 3:35 pm
by feyd
that has to do with the column list and values list you provide in an insert query, usually.