Thank you for replying so quickly. I was able to work out the issue with the session varables. However now that it is working i have broken the database update. I can't seem to find any errors in the logs. The script works and the varables contain the nfo that was entered. To test it i have put an echo $comment in the success part of the script, just before it redirects to the book. I don't know if it is becuase i have added an extra field to the form, or maybe it is becuase of the mixed environment of " double quotes and ' single quotes. I know it is a bit of code to look through, but if you can find the time and explanation would be great. Thanks again
ps. Below is the line i believe is causeing the problem. It used to work before i added the security image, but now nothing. Is there anyway to make it show an error either on the screen or in the log file.
Code: Select all
$putinguestbook="INSERT INTO gbook(name2, country, mail, homepage, comment, realtime, aim, icq, yim, msn, time,IP) VALUES('$name2','$country','$email','$homepage','$comment','$day','$aim','$icq','$yim','$msn','$timegone','$r')";
mysql_query($putinguestbook);
Full Code Below
Code: Select all
<?php
// start PHP session
session_start();
?>
Code: Select all
<head>
<style type="text/css">
form { width: 18em; }
fieldset { display: block; float: left; }
legend { font-size: 1.2em; font-weight: bold; color: #000; }
#security img { float: right; border: 1px solid #000; }
label, input, #security img { margin: 5px 0; }
input, #login { float: right; }
label, #login { clear: both; }
label { float: left; width: 7em; }
#login { margin-top: 5px; }
</style>
</head>
<body>
Code: Select all
<?php
// check for posted form
if (isset($_POST['login'])) {
// see if the code the user typed matched the generated code
if (strtoupper($_POST['code']) == $_SESSION['code']) {
$name2=$_POST['name2'];
$country=$_POST['country'];
$email=$_POST['email'];
$homepage=$_POST['homepage'];
$aim=$_POST['aim'];
$icq=$_POST['icq'];
$yim=$_POST['yim'];
$msn=$_POST['msn'];
$comment=$_POST['comment'];
if(!$name2 || !$comment)
{
print "<font color='red'>Name or comment not entered, please go back and sign again</font><br>";
}
else
{
$r=$_SERVER["REMOTE_ADDR"];
$day=date("D M d, Y H:i:s");
$timegone=date("U") ; //seconds since Jan 1st, 1970
$putinguestbook="INSERT INTO gbook(name2, country, mail, homepage, comment, realtime, aim, icq, yim, msn, time,IP) VALUES('$name2','$country','$email','$homepage','$comment','$day','$aim','$icq','$yim','$msn','$timegone','$r')";
mysql_query($putinguestbook);
echo $comment;
print "Thanks for posting, you will now be redirected <META HTTP-EQUIV = 'Refresh' Content = '2; URL =http://www.delmarvanightlife.com/modules.php?name=gbook'> ";
}
} else {
echo 'You have entered the wrong code. Please <a href="addentry.php">try again</a>.';
}
} else {
?>
Code: Select all
<form method='post' action='http://www.delmarvanightlife.com/modules.php?name=gbook&file=addentry' name='form'>
<fieldset>
<legend>Guestbook</legend>
<b>Name:</b><br> <input type="text" name="name2" size="40"><br>
<b>Country:</b><br><input type="text" name="country" size="40"><br>
<b>Homepage(include http://):</b><br><input type="text" name="homepage" size="40"><br>
<b>E-mail:</b><br><input type="text" name="email" size="40"><br>
<b>Aim:</b><br><input type="text" name="aim" size="40"><br>
<b>ICQ:</b><br><input type="text" name="icq" size="40"><br>
<b>Yahoo:</b><br><input type="text" name="yim" size="40"><br>
<b>MSN:</b><br><input type="text" name="msn" size="40"><br>
<b>Comment:</b><br>
<textarea rows="6" name="comment" cols="45"></textarea><br>
<div id="security"><img src="/modules/gbook/security-image.php?width=144" width="144" height="30" alt="Security Image" /></div>
<label for="code">Security Image:</label><input type="text" name="code" id="code" value="" />
<input type="submit" name="login" id="login" value="Login" />
</fieldset>
</form>