If statements with inserting data from forms

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
johnnymac131
Forum Newbie
Posts: 11
Joined: Sun Oct 28, 2007 11:51 am

If statements with inserting data from forms

Post by johnnymac131 »

This is my code, struggling to get this to work, i need to run an if statement,
basically im getting code from a form entered by a user.
if the userStatus = accountJ then i want the data to be stored in the user table and journalist table
if the userStatus = accountM then i want the data to be stored in the user table and Manager table
if the userStatus = accountE then i want the data to be stored in the user table and editor table

if i run this code without the if statement it will execute perfectly though when i try it with the
if statement i get a blank screen and nothing is stored in my database.

Code: Select all

$userStatus = $_POST['userStatus'];
if ($userStatus == "accountJ"){

    $query = "insert into users (username, password, userStatus) VALUES ( 
    '".mysql_escape_string($_POST['username'])."', '".mysql_escape_string($_POST['password'])."',
    '".mysql_escape_string($_POST['userStatus'])."')"; 
       if(!mysql_query($query) ) { 
         print "Error with query: \"$query\"<br>".mysql_error(); 
         // Simple error handling... 
        }

    $query = "insert into journalist (username, journ_fname, journ_lname) VALUES ( 
    '".mysql_escape_string($_POST['username'])."', '".mysql_escape_string($_POST['firstname'])."',
    '".mysql_escape_string($_POST['lastname'])."')"; 
      if(!mysql_query($query) ) { 
         print "Error with query: \"$query\"<br>".mysql_error(); 
         // Simple error handling... 
      }
}
else{
echo 'this is no good';
}

?>
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

Please use [syntax=php][/syntax] tags when posting php code in the future, thanks.
User avatar
califdon
Jack of Zircons
Posts: 4484
Joined: Thu Nov 09, 2006 8:30 pm
Location: California, USA

Post by califdon »

When a PHP script fails to send any HTML to the browser, it is generally because something in your code has caused the PHP parser to fail, so it doesn't send anything to the browser, causing you to see a blank page.

The only thing I see in your code is that you didn't leave any space between else and {, which might cause a parse error. You should try to adhere to accepted spacing and indentation standards in your script. Sometimes people say, "Well, it works, why should I take the time to make it look pretty?!" Here is an example of why.
johnnymac131
Forum Newbie
Posts: 11
Joined: Sun Oct 28, 2007 11:51 am

Post by johnnymac131 »

sorry about that ill fix it
Last edited by johnnymac131 on Sun Oct 28, 2007 7:56 pm, edited 1 time in total.
johnnymac131
Forum Newbie
Posts: 11
Joined: Sun Oct 28, 2007 11:51 am

Post by johnnymac131 »

Yeah still wont parse to the database any ideas why? is the if statement written correctly??

Code: Select all

include('dbConnect.php');

//This code runs if the form has been submitted
if (isset($_POST['submit'])) { 

//This makes sure they did not leave any fields blank
if (!$_POST['lastname'] |!$_POST['firstname'] | !$_POST['userStatus'] | !$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) {
die('You did not complete all of the required fields');
}

// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'") 
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the username '.$_POST['username'].' is already in use.');
}

// this makes sure both passwords entered match
if ($_POST['pass'] != $_POST['pass2']) {
die('Your passwords did not match.');
}

// here we encrypt the password and add slashes if needed
$_POST['pass'] = md5($_POST['pass']);
if (!get_magic_quotes_gpc()) {
$_POST['pass'] = addslashes($_POST['pass']);
$_POST['username'] = addslashes($_POST['username']);
}

$userStatus = $_POST['userStatus'];
if ($userStatus == "accountJ"){

    $query = "insert into users (username, password, userStatus) VALUES ( 
    '".mysql_escape_string($_POST['username'])."', '".mysql_escape_string($_POST['password'])."',
    '".mysql_escape_string($_POST['userStatus'])."')"; 
       if(!mysql_query($query) ) { 
         print "Error with query: \"$query\"<br>".mysql_error(); 
         // Simple error handling... 
        }

    $query = "insert into journalist (username, journ_fname, journ_lname) VALUES ( 
    '".mysql_escape_string($_POST['username'])."', '".mysql_escape_string($_POST['firstname'])."',
    '".mysql_escape_string($_POST['lastname'])."')"; 
      if(!mysql_query($query) ) { 
         print "Error with query: \"$query\"<br>".mysql_error(); 
         // Simple error handling... 
      }
}
else {
echo 'this is no good';
}
User avatar
seppo0010
Forum Commoner
Posts: 47
Joined: Wed Oct 24, 2007 4:13 pm
Location: Buenos Aires, Argentina

Post by seppo0010 »

You've forgotten to close one bracket, before the last else. Here is the closing brackets, marking which if statement is opening them, the one that remains open is the first one, isset($_POST['submit'])

Code: Select all

<?php
//This code runs if the form has been submitted
if (isset($_POST['submit'])) {

//This makes sure they did not leave any fields blank
if (!$_POST['lastname'] |!$_POST['firstname'] | !$_POST['userStatus'] | !$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) {
die('You did not complete all of the required fields');
} //!$_POST['lastname'] |!$_POST['firstname'] | !$_POST['userStatus'] | !$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] 

// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
} //!get_magic_quotes_gpc()
$usercheck = $_POST['username'];
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'")
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
die('Sorry, the username '.$_POST['username'].' is already in use.');
} //$check2 != 0

// this makes sure both passwords entered match
if ($_POST['pass'] != $_POST['pass2']) {
die('Your passwords did not match.');
}//$_POST['pass'] != $_POST['pass2']

// here we encrypt the password and add slashes if needed
$_POST['pass'] = md5($_POST['pass']);
if (!get_magic_quotes_gpc()) {
$_POST['pass'] = addslashes($_POST['pass']);
$_POST['username'] = addslashes($_POST['username']);
}//get_magic_quotes_gpc()

$userStatus = $_POST['userStatus'];
if ($userStatus == "accountJ"){

    $query = "insert into users (username, password, userStatus) VALUES (
    '".mysql_escape_string($_POST['username'])."', '".mysql_escape_string($_POST['password'])."',
    '".mysql_escape_string($_POST['userStatus'])."')";
       if(!mysql_query($query) ) {
         print "Error with query: \"$query\"<br>".mysql_error();
         // Simple error handling...
        } //!mysql_query($query)

    $query = "insert into journalist (username, journ_fname, journ_lname) VALUES (
    '".mysql_escape_string($_POST['username'])."', '".mysql_escape_string($_POST['firstname'])."',
    '".mysql_escape_string($_POST['lastname'])."')";
      if(!mysql_query($query) ) {
         print "Error with query: \"$query\"<br>".mysql_error();
         // Simple error handling...
      } // !mysql_query($query) 
} // $userStatus == "accountJ"
else {
echo 'this is no good';
}
?>
johnnymac131
Forum Newbie
Posts: 11
Joined: Sun Oct 28, 2007 11:51 am

Post by johnnymac131 »

cheers bud, cant believe that, hopeless.
Post Reply