Page 1 of 1

Can anyone see why this doesnt work?

Posted: Sat Mar 22, 2003 2:50 am
by werlop
Im adding functionality to a (badly) written school website. I added ip and date logging as below and that worked fine. Then i added the authorised field and after that everything but the ip and date/time worked. Can anybody see why the ip and date/time do not get stored?

Thanks

Code: Select all

<?php
	if ($id) {
		 echo "Function not permitted";
	} else {
	
		$ip = $REMOTE_ADDR;
		$now = date("F j, Y, g:i a");
    	$sql = "INSERT INTO guestbook (name,email,location,check,homepage,comment,ip,date_time,authorised) VALUES ('$name','$email','$location','$check','$homepage','$comment','$ip','$now','No')";
	}

  // run SQL against the DB

  $result = mysql_query($sql);
?>

Posted: Sat Mar 22, 2003 3:01 am
by twigletmac
Where does $id come from?

If you want to test if a variable is set use empty() or isset():

Code: Select all

if (!empty($id)) {
or

Code: Select all

if (isset($id)) {
instead of

Code: Select all

if ($id) {
Is the idea to stop the function being used if you're logged in?

Also you probably want the mysql_query() call inside the else statment:

Code: Select all

} else { 
    
      $ip = $REMOTE_ADDR; 
      $now = date("F j, Y, g:i a"); 
       $sql = "INSERT INTO guestbook (name,email,location,check,homepage,comment,ip,date_time,authorised) VALUES ('$name','$email','$location','$check','$homepage','$comment','$ip','$now','No')"; 
  // run SQL against the DB 
  $result = mysql_query($sql);
}
instead of

Code: Select all

} else { 
    
      $ip = $REMOTE_ADDR; 
      $now = date("F j, Y, g:i a"); 
       $sql = "INSERT INTO guestbook (name,email,location,check,homepage,comment,ip,date_time,authorised) VALUES ('$name','$email','$location','$check','$homepage','$comment','$ip','$now','No')"; 
   } 

  // run SQL against the DB 

  $result = mysql_query($sql);
Mac

Posted: Sat Mar 22, 2003 3:16 am
by werlop
Thanks, I didn't actually write the origional code. The site is http://www.bearsdenacademy.org/. $id comes from a form that is posted. It is not the way I would have written the site. Also bear in mind that im 15!

Anyway soz wot u send didnt change n e thing, everything still works apart from the ip and date/time. They both worked before i added the authorised field.

Any more ideas would be cool.

Posted: Sat Mar 22, 2003 5:15 am
by pootergeist
you really should turn register_global off (if it hasn't been through upgrading) and access form variables through the $_POST or $_GET arrays.

I assume you've echoed $id to prove that it does hold a value within your script - if not, do so.

Posted: Sat Mar 22, 2003 7:53 am
by twigletmac
As pootergeist said, what is being shown if you echo $id?

Code: Select all

echo '$id = '.$id;
If that shows nothing then you need to try:

Code: Select all

if (!empty($_POST['id'])) {
instead of

Code: Select all

if ($id) {
I would also put this at the very top of your script:

Code: Select all

error_reporting(E_ALL); 
ini_set('display_errors', TRUE);
in case there are errors which aren't being displayed.

Mac