Ok, changed the script so that it is more correct, or so I thought, but it isn't working still. This is the script so far:
Code: Select all
<?php
//connect to database
$conn = mysql_connect("localhost", "username", "password")
or die(mysql_error());
mysql_select_db("shoot_the_moon",$conn) or die(mysql_error());
//get parts of record
$get_list = "select 12_disk as disk_type from store_12_singles";
$get_list_res = mysql_query($get_list) or die(mysql_error());
if(mysql_num_rows($get_list_res) < 1) {
//no records
$display_block .= "<p><em>Sorry, no records to select!</em></p>";
} else if ($_POST['op'] != "add") {
//haven't seen the form, so show it
$display_block .= "
<form method=\"post\" action=\"$_SERVER[PHP_SELF]\">
<P><strong>Artist:</strong><br>
<input type=\"text\" name=\"12_artist\" size=30 maxlength=100>
<P><strong>Single Title:</strong><br>
<input type=\"text\" name=\"item_name\" size=30 maxlength=75>
<P><strong>Description:</strong><br>
<textarea name=\"item_desc\" cols=35 rows=7 wrap=virtual></textarea>
<P><strong>Select a Record to View:</strong><br>
<select name=\"sel_type">
<option value=\"\">-- Select One --</option>";
while ($recs = mysql_fetch_array($get_list_res)) {
$disk_type = stripslashes($recs['disk_type']);
$display_block .= "<option value=\"$disk_type\">
$disk_type = </option>";
}
$display_block .= "
</select>
<P><strong>Price:</strong><br>
<input type=\"text\" name=\"item_price\" size=10 maxlength=10>
<P><strong>Image:</strong><br>
<input type=\"text\" name=\"item_image\" size=30 maxlength=100>
<input type=\"hidden\" name=\"op\" value=\"add\">
<p><input type=\"submit\" name=\"submit\" value=\"Add Single\"></p>
</FORM>";
} else if ($_POST['op'] == "add") {
//time to add to tables, so check for required fields
if ($_POST['12_artist'] == "") {
header("Location: add12.php");
exit;
}
//add to store_items table
$add_items = sprintf('
INSERT INTO store_items
(cat_id, item_name, item_price, item_desc item_image)
VALUES("5", "%s", "%s", "%s", "%s")
',
mysql_real_escape_string($_POST['item_name']),
mysql_real_escape_string($_POST['item_price']),
mysql_real_escape_string($_POST['item_desc']),
mysql_real_escape_string($_POST['item_image'])
);
mysql_query($add_items) or die(mysql_error());
//get item id for use with other tables
$item_id = mysql_insert_id();
if ($_POST['12_artist']) {
//something relevant so add to the book table
$add_12 = sprintf('
INSERT INTO store_12_singles
(item_id, 12_artist, 12_disk)
VALUES("%s", "%s", "%s")
',
$item_id,
mysql_real_escape_string($_POST['12_artist']),
mysql_real_escape_string($_POST['12_disk'])
);
mysql_query($add_12) or die(mysql_error());
}
$display_block = "<h1>Record Added</h1>
<P>Your record has been added. Would you like to
<a href=\"add12.php\">add another</a>?</p>
<P>Go back to the
<a href=\"adminmenu.php\">main menu</a></p>";
}
?>
Can anyone check this for me to see if I've done this correctly.
Also it comes up with an error:
Parse error: syntax error, unexpected '<' in add12.php on line 30