Page 1 of 2
Problem submiting form
Posted: Fri Jun 22, 2007 5:59 pm
by franknu
Ok. i have a problem that whenever i visit the page it send the data into the database. i only want the data to be send when the user hit submit bottom.
Here is my code
Code: Select all
<body bgcolor="#E5E5E5">
<?php
$host = "assd";
$username = "sds";
$password = "abc123";
$database = "tosdcts";
$db = mysql_connect($host, $username, $password) or die(mysql_error());
mysql_select_db($database) or die(mysql_error());
$from = addslashes($_POST['from']);
$date=NOW();
$status= addslashes($_POST['status']);
$subject= addslashes($_POST['subject']);
$message= addslashes($_POST['message']);
$BusinessName= $_SESSION['BusinessName'];
if(Submit)
{
$query = "INSERT INTO `messages` (`BusinessName`,`date`,`from`,`status`,`subject`,`message`)
VALUES ('".$_SESSION['BusinessName']."','".$date."','".$from."', '".$status."','".$subject."',
'".$message."')";
$result = mysql_query($query);
echo mysql_error();
}
if($result)
{
echo " Your Message have been sent. We will get back to you. <br>";
}
?>
Posted: Fri Jun 22, 2007 6:02 pm
by feyd
I think it has something to do with...
it's hard to place a finger on it though...

Posted: Fri Jun 22, 2007 6:10 pm
by franknu
I know. i tried doing it , many diffrent ways.
but it should be there
Posted: Fri Jun 22, 2007 6:14 pm
by feyd
franknu wrote:I know. i tried doing it , many diffrent ways.
but it should be there
To a degree, it should be there, yes. The degree being that a condition should be there, but not looking for a submit button. Although in this case it's not even looking for that; it's looking at a constant, which doesn't exist I bet.
Something tells me you are developing with E_NOTICE turned off. Tsk, tsk.

Posted: Fri Jun 22, 2007 7:07 pm
by franknu
well that is the php code the rest is only the html forms
Posted: Fri Jun 22, 2007 7:10 pm
by .Stealth
lets say you have a form with a field "BusinessName" in it, we would use:
Code: Select all
if(isset($_POST['BusinessName']))
{
$query = "INSERT INTO `messages` (`BusinessName`,`date`,`from`,`status`,`subject`,`message`)
VALUES ('".$_SESSION['BusinessName']."','".$date."','".$from."', '".$status."','".$subject."',
'".$message."')";
$result = mysql_query($query);
if(!$result)
{
echo mysql_error();
}else{
echo " Your Message have been sent. We will get back to you. <br>";
}
}
Posted: Fri Jun 22, 2007 7:30 pm
by RobertGonzalez
Basically your condition should check to see if a certain criteria is met before updating/inserting. Perhaps checking to see if the form data array is empty? Or perhaps checking to see if the servers request method was post? Of course, you could always check to see if the constant 'Submit' is set to true, which is what you are doing in the code you posted above, but then you would more than likely be setting that constant based on something else, which you have failed to show us in any code that you have provided as of yet.
Posted: Fri Jun 22, 2007 7:35 pm
by franknu
ok i try that and it doesnt send data to the database
then at the top i did this
if(isset($_SESSION['BusinessName']))
it does send the data but also when i visit the page it send info to database too.
Posted: Fri Jun 22, 2007 7:46 pm
by Styx
It shouldn't be $_SESSION['BusinessName'] but $_POST['name_of_submit_button']
Whatever you name your submit button should go in there. If it doesn't have a name, name it.
Also, the code block if ($result) should go inside the code block above it, so just move the closing brace above it to below it.
Posted: Fri Jun 22, 2007 8:29 pm
by feyd
You should not be checking for the submit button, ever.
Posted: Fri Jun 22, 2007 8:47 pm
by franknu
i had used the same process in the pass and it has worked fine, but last one work, it made more sense to me
Posted: Sat Jun 23, 2007 12:00 am
by RobertGonzalez
Checking for the submit button is bad. If you want to know why, check for it in IE when using the enter key in an input type=text field.
Posted: Sat Jun 23, 2007 2:32 am
by Styx
ok, that's how they do it in the phpBB software, so that's what I've been going by
It's probably more reasonable to say that hitting enter from a text input field is wrong and you should submit a form by clicking the submit button.
If you don't want to use that, use if ($_SERVER['REQUEST_METHOD'] == 'POST')
Posted: Sat Jun 23, 2007 6:44 am
by superdezign
Or just
Code: Select all
if(!empty($_POST))
{
if(!isset($_POST['field1'], $_POST['field2'], $_POST['field3']))
{
// failure
}
else
{
// attempt to submit
}
}
Posted: Sat Jun 23, 2007 8:11 pm
by feyd
Styx wrote:ok, that's how they do it in the phpBB software, so that's what I've been going by
It's probably more reasonable to say that hitting enter from a text input field is wrong and you should submit a form by clicking the submit button.
If you don't want to use that, use if ($_SERVER['REQUEST_METHOD'] == 'POST')
Why should we have to click a button to submit a form?