Page 1 of 1
Adding input to a table...
Posted: Mon Mar 03, 2003 4:53 pm
by Jim
I'm trying to create a page that allows an administrator to add a user to a news system and define which sites this user can access.
The list of sites that can be accessed contains the following information:
The site prefix - 3 letters
The site name - Full Name
The site admin power - a single digit from 1-3
I'd like the information to be inserted into my MySQL db when this form is submitted. At the moment, when I submit the data it only enters ONE of the sites (no matter how many are checked), and it refuses to enter any site (whether checked or not) unless that site is "RoN".
To see an example, head here:
http://www.empiregaming.net/xg/news/edituser.php
My current SQL statement:
Code: Select all
$sql = "insert into ".$username."_sites ( site_name, site_pre, site_value ) values ( '$site_name', '$site_pre', '$site_value')";
$query = mysql_query($sql);
There are no parse errors of any sort, so this code runs clean. It just doesn't do all that I want it to. Any ideas?
Posted: Mon Mar 03, 2003 6:58 pm
by McGruff
try this:
$sql = "insert into " . $username . "_sites ( site_name, site_pre, site_value ) values ( '" . $site_name . "', '" . $site_pre . "', '" . $site_value . "')";
Posted: Mon Mar 03, 2003 7:00 pm
by protokol
McGruff .. you printed the same thing the original poster did only you put the variables out of the quotes. Interpolation works fine with the original poster's code. I think it's a problem of whether the variables are set and whether the logic is correct.
Posted: Mon Mar 03, 2003 7:14 pm
by McGruff
Not what I have found. In real world example these two are not the same:
"nav.php?page=post_$id4_$pid"
"nav.php?page=post_" . $id4 . "_" . $pid
Posted: Mon Mar 03, 2003 7:16 pm
by protokol
Yeah, but you didn't do that. His code did blah ". $username ."_blah"; which was fine. You changed the code where it was '$a', '$b', '$c'; which was not necessary. Please read my explanations to understand my comment and its validity.
Posted: Mon Mar 03, 2003 7:20 pm
by McGruff
I don't know why exactly the 2nd example I gave doesn't work, and I'm not sure if my suggestion for the query will solve the problem but I do know that I've had problems mixing up vars and text in strings in the past and that it's good practice always to concatenate bits of text and vars - for the sake of clarity as much as anything.
Always glad to learn something new - I hope we're not having a flame war.
Posted: Mon Mar 03, 2003 7:22 pm
by protokol
No, this is not a flame war at all

I'm just offering light onto the situation at hand and the numerous ways to attack the problem.
You are right in the fact that when starting out it is a good idea to not interpolate for the sake of readability or less syntax errors.
But as an experienced PHP programmer, the less keystrokes the better

The variables are set...
Posted: Mon Mar 03, 2003 7:54 pm
by Jim
Because something always goes into the table. The problem is, not all of the information I want goes in.
Here's the entire page:
Code: Select all
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<?
include("/home/empirega/public_html/xg/style.css");
include("/home/empirega/public_html/xg/news/config.php");
?>
<title>XeonGaming News</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#D0CECE">
<?
if($action == add) {
//Create Insert into Necessary User Tables
$sql = "insert into user_db ( username , password ) values ( '$username' , '$password' )";
$query = mysql_query($sql);
if(!$query) {
echo mysql_error();
echo "<BR><BR>";
}
$sql = "create table ".$username."_sites ( id int NOT NULL AUTO_INCREMENT PRIMARY KEY, site_name varchar(80), site_pre varchar(3), site_value tinyint(1) );";
$query = mysql_query($sql);
if(!$query) {
echo mysql_error();
echo "<BR><BR>";
}
$sql = "create table ".$username."_info ( email varchar(50), admin_status tinyint(1), tier_status tinyint(1), icon_url varchar(80), job_title varchar(50), fav_quote text )";
$query = mysql_query($sql);
if(!$query) {
echo mysql_error();
echo "<BR><BR>";
}
if($access == yes) {
$sql = "insert into ".$username."_sites ( site_name, site_pre, site_value ) values ( '$site_name', '$site_pre', '$site_value')";
$query = mysql_query($sql);
if(!$query) {
echo mysql_error();
}
}
}
?>
<table cellpadding=0 cellspacing=0 border=0 align="center" background="/xg/images/body_bg.jpg" width="771">
<tr>
<td>
<!-- Logo -->
<table cellpadding=0 cellspacing=0 border=0 width="771">
<tr>
<td><img src="/xg/images/x_logo.jpg"></td>
</tr>
</table>
<!-- Body -->
<table cellpadding=0 cellspacing=10 border=0 width="771">
<tr>
<td>
<!-- Menu Tables -->
<!-- Menu #1 -->
<table cellpadding=0 cellspacing=0 border=0>
<tr>
<td><img src="/xg/images/menu_top.jpg"></td>
</tr>
<tr>
<td background="/xg/images/menu_bg.jpg">
<table cellpadding=0 cellspacing=0 border=0 width="80%" align="center">
<tr>
<td>
<span class="menuTitle"><u>News System</u></span><BR>
<span class="menuItem">
<b>User Panel</b><BR>
PM Inbox<BR>
PM Compose<BR>
Edit Profile<BR><BR>
<b>News Panel</b><BR>
Post News<BR>
Edit News<BR>
</span>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td><img src="/xg/images/menu_bottom.jpg"></td>
</tr>
</table>
</td>
<td>
<table cellpadding=0 cellspacing=0 border=0 background="/xg/news/images/body-bg.jpg" align="center" width="507">
<tr>
<td><img src="/xg/news/images/body-top.jpg"></td>
</tr>
<tr>
<td>
<table cellpadding=0 cellspacing=0 border=0 width="90%" align="center" class="bodyMain">
<tr>
<td>
Welcome <b><?$username?>!</b><BR><BR></td>
</tr>
<tr>
<td>
<table cellpadding=10 cellspacing=0 border=0 align="center" class="bodyMain" valign="top" width="100%">
<tr>
<td>
<b>Add User</b><BR><BR>
<i>Username and Password</i><BR>
<form method="post" action="/xg/news/edituser.php?action=add">
<input type="text" name="username" maxlength="20" style="width:130px" value="Username"><BR>
<input type="text" name="password" maxlength="20" style="width:130px" value="Password"><BR><BR><BR>
<i>Site Permissions</i><BR>
<?
$sql = "select * from site_db";
$query = mysql_query($sql);
if($query) {
echo "<table cellpadding=3 border=0 class='bodyCaption'><tr><td>#</td><td>Access?</td><td>Admin?</td><td>Site Name</td></tr>";
while($info = mysql_fetch_array($query)) {
$id = $info['id'];
$prefix = $info['site_pre'];
$name = $info['site_name'];
echo "<tr><td>$id<input type='hidden' value='$name' name='site_name'></td><td><input type='hidden' name='site_pre' value='$prefix'><input type='checkbox' name='access' value='yes'></td><td><input type='checkbox' value='yes' name='admin'></td><td><a class='bodyMain'>$name</a></td></tr>";
}
echo "</table>";
}
?>
<input type="submit" value="Add User">
</form>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td><img src="/xg/news/images/body-bottom.jpg"></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td><img src="/xg/images/body_bottom.jpg"></td>
</tr>
</table>
</body>
</html>
What do you see?
Posted: Mon Mar 03, 2003 7:57 pm
by protokol
Dammit man ... register_globals is probably off ... you need to be processing the form variables in $_POST.
Posted: Mon Mar 03, 2003 8:35 pm
by Jim
Getting information from variables isn't a problem...
The query I use to insert info works... But it only inserts information from one selection. I want it to insert information for each site I select.
Posted: Tue Mar 04, 2003 3:46 am
by twigletmac
You should seriously consider using arrays such as $_GET and $_POST (or $HTTP_GET_VARS and $HTTP_POST_VARS if you are on PHP <= 4.0.6) because it makes it a lot clearer where variables are coming from.
On the example page you have a select box, not a multiple select box so you would only be able to select one site at a time.
In your example code you have this looping code:
Code: Select all
echo "<tr><td>$id<input type='hidden' value='$name' name='site_name'></td><td><input type='hidden' name='site_pre' value='$prefix'><input type='checkbox' name='access' value='yes'></td><td><input type='checkbox' value='yes' name='admin'></td><td><a class='bodyMain'>$name</a></td></tr>";
This means that you have a number of hidden fields with the same name - that means that you overwrite the data of one with another and can only ever have 1 set of data returned. Surely as well, if you have a table with the site info in already with a unique ID field, you would only have to put the ID value into the users table - not all the info from the sites table?
You are going to have to think about your form's design a bit more and you'll probably have to use arrays, maybe something like:
Code: Select all
echo '<input type="checkbox" name="admin[]" value="'.$id.'" />';
That way you could do foreach() on the resulting array to determine the ID's to enter.
Mac