anyone spot whats wrong with this script?

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
garethnash
Forum Newbie
Posts: 18
Joined: Sun Jun 13, 2004 11:35 am
Location: UK

anyone spot whats wrong with this script?

Post by garethnash »

Total newbie so if its obvious I apppologise now. Any help appreciated. The script is to add stuff to my database. The code is:

Code: Select all

<!DOCTYPE html PUBLIC
"-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>My Sql</title>
</head>
<body>
<?php

if (!empty ($_REQUEST['name'])&&
    !empty ($_REQUEST['family'])&&
    !empty ($_REQUEST['origin'])){
	//check user input here!
	$dberror="";
	$ret=add_to_database($_REQUEST['name'],
				$_REQUEST['family'],
				$_REQUEST['origin'], $dberror);
if (! $ret) {
	print "Error: $dberror<br/>\n";
}else{
	print "Thankyou very much!<br/>\n";
	}
}else {
 write_form();
}

function add_to_database($name, $family, $origin, &$dberror){
	$name=mysql_real_escape_string($name);
	$family=mysql_real_escape_string($family);
	$origin=mysql_real_escape_string($origin);
	$link=mysql_pconnect("localhost", "garethna_fishacc", "<span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span>");
if (! $link){
	$dberror=mysqlerror();
	return false;
}
if (! mysql_select_db("garethna_fishdatabase", $link)){
$dberror=mysqlerror();
return false;
}
$query="INSERT INTO fish (name, family, origin)
	values('$name', '$family', '$origin')";
if (! mysql_query($query, $link)){
$dberror=mysql_error();
return false;
}
return true;
}

function write_form(){
print <<<EOF
	<form method="post" action = "{$_SERVER['PHP_SELF']}">
	<p><input type="text" name="name"/>
	Name</p>
	
	<p><input type="text" name="family"/>
	Family</p>

	<p><input type="text" name="origin"/>
	Origin</p>

	<p><input type="submit" value = "Sumbit it!"/></p>
</form>
FORM;
}
?>
</body>
</html>
I get back from the browser when I try to see the page:
Parse error: parse error, unexpected $ in /usr/home/garethna/public_html/addmysql.php on line 68
Thanks again


feyd switched [code.] to [php.] tag for readability
User avatar
Buddha443556
Forum Regular
Posts: 873
Joined: Fri Mar 19, 2004 1:51 pm

Post by Buddha443556 »

The

Code: Select all

print <<<EOF
has no end. Think you tried using FORM instead of EOF which it was expecting.
garethnash
Forum Newbie
Posts: 18
Joined: Sun Jun 13, 2004 11:35 am
Location: UK

Post by garethnash »

Yeah thanks that was it. Damn you guys are good and quick too lol. I will keep reading the books and may actually know what I am doing one day soon lol! :roll:
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

your $dberror variable in the main part will never get set (the problem is in your function).
your heredoc (<<<) is ended with the wrong word..
garethnash
Forum Newbie
Posts: 18
Joined: Sun Jun 13, 2004 11:35 am
Location: UK

Post by garethnash »

heredoc?
garethnash
Forum Newbie
Posts: 18
Joined: Sun Jun 13, 2004 11:35 am
Location: UK

Post by garethnash »

Now its generating a new entry in the table but not adding any of the values. Grrrrrrrrrrrrrrrrrrr!
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

this syntax:

Code: Select all

$something =  <<<EOF
lskfjlskdf,wmenrziuva""Weiujbnswwrt
EOF;
is called Heredoc
garethnash
Forum Newbie
Posts: 18
Joined: Sun Jun 13, 2004 11:35 am
Location: UK

Post by garethnash »

making black netry to table and the browser outputs the following:
Warning: mysql_real_escape_string(): Access denied for user: 'root@localhost' (Using password: NO) in /usr/home/garethna/public_html/addmysql.php on line 29

Warning: mysql_real_escape_string(): A link to the server could not be established in /usr/home/garethna/public_html/addmysql.php on line 29

Warning: mysql_real_escape_string(): Access denied for user: 'root@localhost' (Using password: NO) in /usr/home/garethna/public_html/addmysql.php on line 30

Warning: mysql_real_escape_string(): A link to the server could not be established in /usr/home/garethna/public_html/addmysql.php on line 30

Warning: mysql_real_escape_string(): Access denied for user: 'root@localhost' (Using password: NO) in /usr/home/garethna/public_html/addmysql.php on line 31

Warning: mysql_real_escape_string(): A link to the server could not be established in /usr/home/garethna/public_html/addmysql.php on line 31
garethnash
Forum Newbie
Posts: 18
Joined: Sun Jun 13, 2004 11:35 am
Location: UK

Post by garethnash »

that should read blank entry lol
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

you should have established a connection to db before the call to [php_man]mysql_real_escape_string[/php_man]
garethnash
Forum Newbie
Posts: 18
Joined: Sun Jun 13, 2004 11:35 am
Location: UK

Post by garethnash »

Thanks weirdan! Took most that script from the book I have been learning from. I now did what you suggested and its adding the information I want rather than a blank entry. I presumed (wrongly!) the code was going to connect further down!

Thanks again!
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

garethnash wrote:I presumed (wrongly!) the code was going to connect further down!
You was right indeed, the code was going to connect, but [php_man]mysql_real_escape_string[/php_man] needs an established connection to work since it uses mysql server settings (language dependent) to properly escape strings.
garethnash
Forum Newbie
Posts: 18
Joined: Sun Jun 13, 2004 11:35 am
Location: UK

Post by garethnash »

Thanks I think the Sams PHP book could do with you proof reading for them lol.
Post Reply