Writing the current url to mySql
Moderator: General Moderators
Writing the current url to mySql
Hi,
I am putting a form on a page and will write that info to a mySql db, but I also want to grab the current url and write that to the database as well.
This is what i have tried but it doesn't seem to work.
$url = $_SERVER['PHP_SELF'];
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO comments (Name, `Date`, `Comment`, Page) VALUES (%s, now(), %s, .$url)",
GetSQLValueString($_POST['Name'], "text"),
GetSQLValueString($_POST['Comment'], "text"));
In the database, the url field is set up as a test field.
Any help would be greatly appreciated!
I am putting a form on a page and will write that info to a mySql db, but I also want to grab the current url and write that to the database as well.
This is what i have tried but it doesn't seem to work.
$url = $_SERVER['PHP_SELF'];
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO comments (Name, `Date`, `Comment`, Page) VALUES (%s, now(), %s, .$url)",
GetSQLValueString($_POST['Name'], "text"),
GetSQLValueString($_POST['Comment'], "text"));
In the database, the url field is set up as a test field.
Any help would be greatly appreciated!
Re: Writing the current url to mySql
What error are you getting?
Re: Writing the current url to mySql
After i submit the form a page comes up saying:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '/Site/commentstest.php)' at line 1
Thanks
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '/Site/commentstest.php)' at line 1
Thanks
- Frozenlight777
- Forum Commoner
- Posts: 75
- Joined: Wed May 28, 2008 12:59 pm
Re: Writing the current url to mySql
How are you executing the query?
Re: Writing the current url to mySql
The URL isn't being properly escaped.
-
WebbieDave
- Forum Contributor
- Posts: 213
- Joined: Sun Jul 15, 2007 7:07 am
Re: Writing the current url to mySql
Correct. I don't know what your GetSQLValueString function is doing but you want the end result to be similar to:noctorum wrote:The URL isn't being properly escaped.
Code: Select all
$insertSQL = "INSERT INTO comments
(Name, `Date`, `Comment`, Page)
VALUES
('" . mysql_real_escape_string(trim($_POST['Name'])) . "', NOW(), '" . mysql_real_escape_string(trim($_POST['Name'])) . "', '" . mysql_real_escape_string(trim($_POST['Comment'])) . "')";If the error persists, you'll want to echo $insertSQL to examine the SQL.
Also, PHP_SELF will not include the query string. If you need that info, you can use REQUEST_URI.
Re: Writing the current url to mySql
Hi,
thanks for your response. But it looks like you are adding the 'Name' field twice? And I don't see where it adds the url?
thanks for your response. But it looks like you are adding the 'Name' field twice? And I don't see where it adds the url?
-
WebbieDave
- Forum Contributor
- Posts: 213
- Joined: Sun Jul 15, 2007 7:07 am
Re: Writing the current url to mySql
Whoops. What I meant to say was:
But I'm sure you knew that 
Code: Select all
$insertSQL = "INSERT INTO comments
(Name, `Date`, `Comment`, Page)
VALUES
('" . mysql_real_escape_string(trim($_POST['Name'])) . "', NOW(), '" . mysql_real_escape_string(trim($_POST['Comment'])) . "', '" . mysql_real_escape_string($_POST['PHP_SELF']) . "')";Re: Writing the current url to mySql
Hi,
I am no longer getting an error when I submit the form, but when I check in the database, the Page field is blank??
I am no longer getting an error when I submit the form, but when I check in the database, the Page field is blank??
-
WebbieDave
- Forum Contributor
- Posts: 213
- Joined: Sun Jul 15, 2007 7:07 am
Re: Writing the current url to mySql
Whoops, I'm having a rough day. Change $_POST['PHP_SELF'] to $_SERVER['PHP_SELF']. I mean, heck, you even got that right in your original post 
Re: Writing the current url to mySql
right - should have been able to catch that one! working like a charm now - thanks for all your help!