Page 1 of 1

PHP and mySQL

Posted: Tue Feb 03, 2004 3:20 am
by GrimShadow
I am currently making a script to log complaints against staff members and am having a few problems. This is the index page

Code: Select all

<style type="text/css">
<!--
body,td,th &#123;
color: #FFFFFF;
&#125;
body &#123;
background-color: #888888;
&#125;
a:link &#123;
color: #FFFFFF;
&#125;
a:visited &#123;
color: #FFFFFF;
&#125;
a:hover &#123;
color: #FFFFFF;
&#125;
a:active &#123;
color: #FFFFFF;
&#125;
-->
</style>
<form action="action.php" method="POST">
 <table width="100%">
   <tr>
     <td align="right" bgcolor="#000000">Username:</td>
     <td bgcolor="#000000"><input type='text' size='30' maxlength='30' name='username' value='' class='textinput' /></td>
   </tr>
   <tr>
     <td align="right" bgcolor="#000000">Email Address: </td>
     <td bgcolor="#000000"><input type='text' size='60' maxlength='60' name='email' value='' class='textinput' /></td>
   </tr>
   <tr>
     <td align="right" bgcolor="#000000">Complaint Filed Against: </td>
     <td bgcolor="#000000"><input name='filed' type='text' class='textinput' id="filed" value='' size='30' maxlength='30' /></td>
   </tr>
   <tr>
     <td align="right" bgcolor="#000000">Complaint:</td>
     <td bgcolor="#000000"><textarea cols='60' rows='12' name='complaint' class='textinput'></textarea></td>
   </tr>
   <tr>
     <td align="right" bgcolor="#000000">URL to Proof:</td>
     <td bgcolor="#000000"><input name='proofurl' type='text' class='textinput' id="proofurl" value='' size='60' maxlength='60' /></td>
   </tr>
 </table>
 <div align="center">
   <input name="send" type="submit" id="send" value="Submit" />
 </div>
</form>
When the user enters the data and presses submit, it sends them to action.php:

Code: Select all

<?
$username= $_POST&#1111;'username'];
$email = $_POST&#1111;'email'];
$filed = $_POST&#1111;'filed'];
$complaint = $_POST&#1111;'complaint'];
$proofurl = $_POST&#1111;'proofurl'];
$ip = $_SERVER&#1111;'REMOTE_ADDR'];
$time =  date ("l dS F Y at h:i:s a");
if($YES)
&#123;
// connect to mysql
$mysql = mysql_connect( 'localhost', 'DBUSER', 'DBPASS' );
if(!$mysql)
&#123;
 echo 'Cannot connect to database.';
 exit;
&#125;
// select the appropriate database
$mysql = mysql_select_db( 'DB' );
if(!$mysql)
&#123;
 echo 'Cannot select database.';
 exit;
&#125;
$query = "insert into grb (username,email,filed,complaint,proofurl,ip,time) values ('$username','$email','$filed','$complaint','$proofurl','$ip','$time')";
$result = mysql_query($query);
if ($result)
   echo  mysql_affected_rows()." Complaint Filed Successfully.";
&#125;
?>
<html><body>
<b>Username:</b>&nbsp;<span style='color:red'><b><?php echo $_POST&#1111;'username'];?></b></span><br>
<b>Email:</b>&nbsp;<span style='color:red'><b><?php echo $_POST&#1111;'email'];?></b></span><br>
<b>Complaint Filed Against:</b>&nbsp;<span style='color:red'><b><?php echo $_POST&#1111;'filed'];?></b></span><br>
<b>Complaint:</b>&nbsp;<span style='color:red'><b><?php echo $_POST&#1111;'complaint'];?></b></span><br>
<b>Url to Proof:</b>&nbsp;<span style='color:red'><b><?php echo $_POST&#1111;'proofurl'];?></b></span><br>
<b><?php echo "Is this correct?";?></b>
<form name="form1" method="post" target="_self" enctype="multipart/form-data">
<input type="submit" name="YES" value="Yes"></input>
</form>
<form name="form1" method="post" action="javascript:history.go(-1);" enctype="multipart/form-data">
<input type="submit" name="NO" value="No"></input>
</form>
</body></html>
The action in turn prints all of the data they enter and asks if it is correct. If so, they press Yes and it targets itself and attempts to connect to the database and enter the data. If not, they press No and it directs them back to the first form.

Where I'm having the problem now is getting the action page to work correctly. When I submit the data from the index page, the action page prints it out fine, but when I press YES it simply refreshes the action page and erases all of the data without entering it into the database or displaying any sort of error. Have any clue why it might be doing this?

Posted: Tue Feb 03, 2004 3:27 am
by Wayne
maybe ..... $_POST['YES'] in your if statement???

Posted: Tue Feb 03, 2004 3:30 am
by teniosoft
It sounds like a database problem what I would do is this.

echo your query

copy and paste the text into mysql directly to execute it and check to see if an error message is being made.

Posted: Tue Feb 03, 2004 4:26 am
by GrimShadow
I tried $_POST['YES'] instead of $YES, did the same exact thing.
It sounds like a database problem what I would do is this.

echo your query

copy and paste the text into mysql directly to execute it and check to see if an error message is being made.
Echoing it didn't do anything. Though I found out that my ID field in the database was not set to auto_increment, so each query was submiting a duplicate. I went in and set the field to auto_increment and it lets me insert data when I'm doing in through phpmyadmin, but the form still doesn't insert the data. Also, when I submited the query in phpmyadmin it gave me an option to create the php code for the query, i used that instead, but it still didn't insert any data.

EDIT: this is the php code that phpmyadmin said to use:

Code: Select all

$sql = 'INSERT INTO grb( username, email, filed, complaint, proofurl, ip, time ) ';
$sql .= 'VALUES ( ''$username'', ''$email'', ''$filed'', ''$complaint'', ''$proofurl'', ''$ip'', ''$time'' )';

Posted: Tue Feb 03, 2004 4:41 am
by teniosoft
$result = mysql_query($query);
shouldn't this be
$result = mysql_query($query, $mysql);

so that you are missing the connection to the database with with to execute the query;

Posted: Tue Feb 03, 2004 4:45 am
by GrimShadow
When I change it to that I get

Code: Select all

Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /home/httpd/vhosts/ladderhall.com/httpdocs/forum/sources/grboard/action.php on line 28
line 28 is $result = mysql_query($query, $mysql);

Posted: Tue Feb 03, 2004 4:52 am
by Wayne
because by doing

Code: Select all

$mysql = mysql_select_db( 'DB' );
$mysql is now either TRUE or FALSE

Posted: Tue Feb 03, 2004 5:27 am
by GrimShadow
Ah, I didn't think about that, so i changed

Code: Select all

$mysql = mysql_select_db( 'DB' );
to

Code: Select all

$sql = mysql_select_db( 'DB' );
I didn't get any errors, it just went back to refreshing and erasing the data without entering it, just like it used to.

Posted: Tue Feb 03, 2004 1:10 pm
by teniosoft
I think it should be
mysql_select_db("db",$mysql) 'or whatever connection string you might have

Been while since i've programmed but.

Posted: Tue Feb 03, 2004 2:40 pm
by aybra
I might be wrong, but on your second stage, shouldnt the info your trying to post be inside the <form></form> tags? and the stuff your NOT trying to post be outside of them?


From:

Code: Select all

<html><body> 
<b>Username:</b> <span style='color:red'><b><?php echo $_POST&#1111;'username'];?></b></span><br> 
<b>Email:</b> <span style='color:red'><b><?php echo $_POST&#1111;'email'];?></b></span><br> 
<b>Complaint Filed Against:</b> <span style='color:red'><b><?php echo $_POST&#1111;'filed'];?></b></span><br> 
<b>Complaint:</b> <span style='color:red'><b><?php echo $_POST&#1111;'complaint'];?></b></span><br> 
<b>Url to Proof:</b> <span style='color:red'><b><?php echo $_POST&#1111;'proofurl'];?></b></span><br> 
<b><?php echo "Is this correct?";?></b> 
<form name="form1" method="post" target="_self" enctype="multipart/form-data"> 
<input type="submit" name="YES" value="Yes"></input> 
</form> 
<form name="form1" method="post" action="javascript:history.go(-1);" enctype="multipart/form-data"> 
<input type="submit" name="NO" value="No"></input> 
</form> 
</body></html>

Code: Select all

<html><body> 
<form name="form1" method="post" target="_self" enctype="multipart/form-data">
<b>Username:</b> <span style='color:red'><b><?php echo $_POST&#1111;'username'];?></b></span><br> 
<b>Email:</b> <span style='color:red'><b><?php echo $_POST&#1111;'email'];?></b></span><br> 
<b>Complaint Filed Against:</b> <span style='color:red'><b><?php echo $_POST&#1111;'filed'];?></b></span><br> 
<b>Complaint:</b> <span style='color:red'><b><?php echo $_POST&#1111;'complaint'];?></b></span><br> 
<b>Url to Proof:</b> <span style='color:red'><b><?php echo $_POST&#1111;'proofurl'];?></b></span><br> 
<b><?php echo "Is this correct?";?></b> 
 
<input type="submit" name="YES" value="Yes"></input> 
</form> 
<form name="form1" method="post" action="javascript:history.go(-1);" enctype="multipart/form-data"> 
<input type="submit" name="NO" value="No"></input> 
</form> 
</body></html>

Posted: Wed Feb 04, 2004 5:58 am
by GrimShadow
Ok, I got it most of it sorted out, it now enters data into the database with this query:

Code: Select all

$sql = 'INSERT INTO grb( username, email, filed, complaint, proofurl, ip, time ) ';
$sql .= 'VALUES ( ''$username'', ''$email'', ''$filed'', ''$complaint'', ''$proofurl'', ''$ip'', ''$time'' )';
However, it literally enter $username, $email, $filed, $complaint, $proofurl, $ip, and $time instead of the data. So now I believe all I'm stuck on is finding the correct query to enter the data into the database.

Posted: Wed Feb 04, 2004 6:48 am
by DuFF
teniosoft wrote:I think it should be
mysql_select_db("db",$mysql) 'or whatever connection string you might have
You don't need to do this, and most programs I have seen don't. It's an optional parameter, use it if you want.

As for your query, you are not using $_POST again, as mentioned at the top of this page. Since PHP v4.2.0 register_globals defaults to OFF so you can't just use the variable $username when it's posted from a form! You have to use $_POST['username'].

Heres the corrected form:

Code: Select all

<?php
$username = $_POST['username'];
$email = $_POST['email'];
$filed = $_POST['filed'];
$compliant = $_POST['compliant'];
$proofurl = $_POST['proofurl'];
$ip = $_POST['ip'];
$time = $_POST['time'];

$query = "insert into grb (username,email,filed,complaint,proofurl,ip,time) values ('$username','$email','$filed','$complaint','$proofurl','$ip','$time')"; 
?>

Posted: Wed Feb 04, 2004 7:22 am
by GrimShadow
Yea, thats the current way I was using

Ok, this is the current setup I'm using.

index.php

Code: Select all

<style type="text/css">
<!--
body,td,th &#123;
color: #FFFFFF;
&#125;
body &#123;
background-color: #888888;
&#125;
a:link &#123;
color: #FFFFFF;
&#125;
a:visited &#123;
color: #FFFFFF;
&#125;
a:hover &#123;
color: #FFFFFF;
&#125;
a:active &#123;
color: #FFFFFF;
&#125;
-->
</style>
<form action="action.php" method="POST">
<table width="100%">
   <tr>
     <td align="right" bgcolor="#000000">Username:</td>
     <td bgcolor="#000000"><input type='text' size='30' maxlength='30' name='username' value='' class='textinput' /></td>
   </tr>
   <tr>
     <td align="right" bgcolor="#000000">Email Address: </td>
     <td bgcolor="#000000"><input type='text' size='60' maxlength='60' name='email' value='' class='textinput' /></td>
   </tr>
   <tr>
     <td align="right" bgcolor="#000000">Complaint Filed Against: </td>
     <td bgcolor="#000000"><input name='filed' type='text' class='textinput' id="filed" value='' size='30' maxlength='30' /></td>
   </tr>
   <tr>
     <td align="right" bgcolor="#000000">Complaint:</td>
     <td bgcolor="#000000"><textarea cols='60' rows='12' name='complaint' class='textinput'></textarea></td>
   </tr>
   <tr>
     <td align="right" bgcolor="#000000">URL to Proof:</td>
     <td bgcolor="#000000"><input name='proofurl' type='text' class='textinput' id="proofurl" value='' size='60' maxlength='60' /></td>
   </tr>
</table>
<div align="center">
   <input name="send" type="submit" id="send" value="Submit" />
</div>
</form>
function.php

Code: Select all

<?php
class DB &#123;
   function DB() &#123;
       $this->host = "localhost";
       $this->db = "DB";
       $this->user = "DBUSER";
       $this->pass = "DBPASS";
       $this->link = mysql_connect($this->host, $this->user, $this->pass);
       mysql_select_db($this->db);
   &#125;
   function query($query) &#123;
       $result = mysql_query($query, $this->link);
       return $result;
   &#125;
   function close() &#123;
       mysql_close($this->link);
   &#125;
&#125;
?>
action.php

Code: Select all

<?
$username = $_POST&#1111;'username'];
$email = $_POST&#1111;'email'];
$filed = $_POST&#1111;'filed'];
$complaint = $_POST&#1111;'complaint'];
$proofurl = $_POST&#1111;'proofurl'];
$ip = $_SERVER&#1111;'REMOTE_ADDR'];
$time =  date ("l dS F Y  h:i:s a");
$baseurl = "/home/httpd/vhosts/ladderhall.com/httpdocs/forum/sources/grboard/";
$function = $baseurl."function.php";
include($function);
if($_POST&#1111;'YES'])
&#123;
$DB = new DB;
$DB = "INSERT INTO grb (username,email,filed,complaint,proofurl,ip,time) VALUES ('$username','$email','$filed','$complaint','$proofurl','$ip','$time')";
$result = mysql_query($DB) or die("Query failed : " . mysql_error());
if ($result)
   echo  mysql_affected_rows(). " Complaint Filed Successfully.";
&#125;
?>
<html><body>
<form name="form1" method="post" target="_self" enctype="multipart/form-data">
<b>Username:</b> <span style='color:red'><b><?php echo $_POST&#1111;'username'];?></b></span><br>
<b>Email:</b> <span style='color:red'><b><?php echo $_POST&#1111;'email'];?></b></span><br>
<b>Complaint Filed Against:</b> <span style='color:red'><b><?php echo $_POST&#1111;'filed'];?></b></span><br>
<b>Complaint:</b> <span style='color:red'><b><?php echo $_POST&#1111;'complaint'];?></b></span><br>
<b>Url to Proof:</b> <span style='color:red'><b><?php echo $_POST&#1111;'proofurl'];?></b></span><br>
<b><?php echo "Is this correct?";?></b>

<input type="submit" name="YES" value="Yes"></input>
</form>
<form name="form1" method="post" action="javascript:history.go(-1);" enctype="multipart/form-data">
<input type="submit" name="NO" value="No"></input>
</form>
</body></html>
Even now it still won't work correctly, data is entered into the database, but only the $ip and $time variables. The $username, $email, $filed, $complaint, and $proofurl fields are completely blank in the database.