Page 1 of 1

anyone spot whats wrong with this script?

Posted: Mon Jun 14, 2004 10:49 am
by garethnash
Total newbie so if its obvious I apppologise now. Any help appreciated. The script is to add stuff to my database. The code is:

Code: Select all

<!DOCTYPE html PUBLIC
"-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>My Sql</title>
</head>
<body>
<?php

if (!empty ($_REQUEST['name'])&&
    !empty ($_REQUEST['family'])&&
    !empty ($_REQUEST['origin'])){
	//check user input here!
	$dberror="";
	$ret=add_to_database($_REQUEST['name'],
				$_REQUEST['family'],
				$_REQUEST['origin'], $dberror);
if (! $ret) {
	print "Error: $dberror<br/>\n";
}else{
	print "Thankyou very much!<br/>\n";
	}
}else {
 write_form();
}

function add_to_database($name, $family, $origin, &$dberror){
	$name=mysql_real_escape_string($name);
	$family=mysql_real_escape_string($family);
	$origin=mysql_real_escape_string($origin);
	$link=mysql_pconnect("localhost", "garethna_fishacc", "<span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span>");
if (! $link){
	$dberror=mysqlerror();
	return false;
}
if (! mysql_select_db("garethna_fishdatabase", $link)){
$dberror=mysqlerror();
return false;
}
$query="INSERT INTO fish (name, family, origin)
	values('$name', '$family', '$origin')";
if (! mysql_query($query, $link)){
$dberror=mysql_error();
return false;
}
return true;
}

function write_form(){
print <<<EOF
	<form method="post" action = "{$_SERVER['PHP_SELF']}">
	<p><input type="text" name="name"/>
	Name</p>
	
	<p><input type="text" name="family"/>
	Family</p>

	<p><input type="text" name="origin"/>
	Origin</p>

	<p><input type="submit" value = "Sumbit it!"/></p>
</form>
FORM;
}
?>
</body>
</html>
I get back from the browser when I try to see the page:
Parse error: parse error, unexpected $ in /usr/home/garethna/public_html/addmysql.php on line 68
Thanks again


feyd switched [code.] to [php.] tag for readability

Posted: Mon Jun 14, 2004 11:01 am
by Buddha443556
The

Code: Select all

print <<<EOF
has no end. Think you tried using FORM instead of EOF which it was expecting.

Posted: Mon Jun 14, 2004 11:04 am
by garethnash
Yeah thanks that was it. Damn you guys are good and quick too lol. I will keep reading the books and may actually know what I am doing one day soon lol! :roll:

Posted: Mon Jun 14, 2004 11:04 am
by feyd
your $dberror variable in the main part will never get set (the problem is in your function).
your heredoc (<<<) is ended with the wrong word..

Posted: Mon Jun 14, 2004 11:20 am
by garethnash
heredoc?

Posted: Mon Jun 14, 2004 11:21 am
by garethnash
Now its generating a new entry in the table but not adding any of the values. Grrrrrrrrrrrrrrrrrrr!

Posted: Mon Jun 14, 2004 11:24 am
by Weirdan
this syntax:

Code: Select all

$something =  <<<EOF
lskfjlskdf,wmenrziuva""Weiujbnswwrt
EOF;
is called Heredoc

Posted: Mon Jun 14, 2004 11:24 am
by garethnash
making black netry to table and the browser outputs the following:
Warning: mysql_real_escape_string(): Access denied for user: 'root@localhost' (Using password: NO) in /usr/home/garethna/public_html/addmysql.php on line 29

Warning: mysql_real_escape_string(): A link to the server could not be established in /usr/home/garethna/public_html/addmysql.php on line 29

Warning: mysql_real_escape_string(): Access denied for user: 'root@localhost' (Using password: NO) in /usr/home/garethna/public_html/addmysql.php on line 30

Warning: mysql_real_escape_string(): A link to the server could not be established in /usr/home/garethna/public_html/addmysql.php on line 30

Warning: mysql_real_escape_string(): Access denied for user: 'root@localhost' (Using password: NO) in /usr/home/garethna/public_html/addmysql.php on line 31

Warning: mysql_real_escape_string(): A link to the server could not be established in /usr/home/garethna/public_html/addmysql.php on line 31

Posted: Mon Jun 14, 2004 11:25 am
by garethnash
that should read blank entry lol

Posted: Mon Jun 14, 2004 11:27 am
by Weirdan
you should have established a connection to db before the call to [php_man]mysql_real_escape_string[/php_man]

Posted: Mon Jun 14, 2004 11:30 am
by garethnash
Thanks weirdan! Took most that script from the book I have been learning from. I now did what you suggested and its adding the information I want rather than a blank entry. I presumed (wrongly!) the code was going to connect further down!

Thanks again!

Posted: Mon Jun 14, 2004 12:13 pm
by Weirdan
garethnash wrote:I presumed (wrongly!) the code was going to connect further down!
You was right indeed, the code was going to connect, but [php_man]mysql_real_escape_string[/php_man] needs an established connection to work since it uses mysql server settings (language dependent) to properly escape strings.

Posted: Mon Jun 14, 2004 1:08 pm
by garethnash
Thanks I think the Sams PHP book could do with you proof reading for them lol.