Next problem :)

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
calumstevens
Forum Commoner
Posts: 25
Joined: Mon Oct 23, 2006 5:16 am

Next problem :)

Post by calumstevens »

Ok so now that I have created an add customer page (with a little help). I would like to use the header function to redirect to an acknowledgement page.

When I add a customer the record is added to the db, but this error is displayed:

Error in query:SELECT * FROM customer WHERE CustomerID = . You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

Any pointers/solutions greatly appreciated :)

The code for the addcustomer page:

Code: Select all

<?php
	include "connection.php"
?>
<?php 
   


$newFirstname = $_POST['firstname'];

$newSurname = $_POST['surname'];

$newUsername = $_POST['username'];

$newEmail = $_POST['email'];

$newPassword = $_POST['password'];


$query = "INSERT INTO customer (Firstnames, Surname, Username, Email, Password) VALUES ('$newFirstname', '$newSurname', '$newUsername', '$newEmail', '$newPassword')";




$result = mysql_query($query) or die ("Error in query:$query. 
".mysql_error()); 


// (5) print message with ID of inserted record    
header("Location: userReceipt.php?"."CustomerID=". mysql_insert_id($connection)); 


  mysql_close($connection);     

?>
The code for the acknowledgement page is as follows:

Code: Select all

<?php
	include "connection.php"
?>

<?php


// (2)gather details of CustomerID sent 

$customerId = $_GET['CustomerID'] ;

// (3)create query 

$query = "SELECT * FROM customer WHERE CustomerID = $CustomerID";



// (4) Run the query on the customer table through the connection

$result = mysql_query($query) or die ("Error in query:$query. 
".mysql_error()); 


// (5) print message with ID of inserted record    

if ($row = @ mysql_fetch_array($result)) 
{ 
print "The following Customer was added"; 
print "<br>Customer ID: " . $row["CustomerID"]; 
print "<br>First Name: " . $row["Firstnames"]; 
print "<br>Surname: " . $row["Surname"]; 
print "<br>User Name: " . $row["Username"]; 
print "<br>Email: " . $row["Email"]; 
print "<br>Password: " . $row["Password"]; 
}

// close connection 
mysql_close($connection); 

?>
User avatar
Burrito
Spockulator
Posts: 4715
Joined: Wed Feb 04, 2004 8:15 pm
Location: Eden, Utah

Post by Burrito »

Code: Select all

$customerId = $_GET['CustomerID'] ;

// (3)create query

$query = "SELECT * FROM customer WHERE CustomerID = $CustomerID";
php is case sensitive.
User avatar
Cameri
Forum Commoner
Posts: 87
Joined: Tue Apr 12, 2005 4:12 pm
Location: Santo Domingo, Dominican Republic

Post by Cameri »

$customerID is not $CustomerID, variables are case sensitive:

Code: Select all

// (2)gather details of CustomerID sent

$customerId = $_GET['CustomerID'] ;

// (3)create query

$query = "SELECT * FROM customer WHERE CustomerID = $CustomerID";
to this:

Code: Select all

// (2)gather details of CustomerID sent

$CustomerId = $_GET['CustomerID'] ;

// (3)create query

$query = "SELECT * FROM customer WHERE CustomerID = $CustomerID";
And also a few suggestions, check if the variables are set in $_POST with isset(), validate them, add slashes, maybe mysql_real_escape_string() <-- not sure if it's the best option.
calumstevens
Forum Commoner
Posts: 25
Joined: Mon Oct 23, 2006 5:16 am

Post by calumstevens »

Excellent, working now thankyou.

I hope spotting stuff like that gets easier, as even though I knew it was case sensitive I still missed it over and over lol xD
User avatar
Cameri
Forum Commoner
Posts: 87
Joined: Tue Apr 12, 2005 4:12 pm
Location: Santo Domingo, Dominican Republic

Post by Cameri »

Never trust user input, always validate the fields, or your db could become compromised.
calumstevens
Forum Commoner
Posts: 25
Joined: Mon Oct 23, 2006 5:16 am

Post by calumstevens »

hehe thanks but im just figuring out the basic workings for now, as you can see im having enough trouble as it is! :)

Once I've figured out how to setup pages that can write, delete, amend, then ill start investigating validation.
Post Reply