Page 1 of 1

can not write to my sql DB

Posted: Wed Apr 29, 2009 2:20 pm
by bolson
i taking data from a from i created and when i click on the submit button
it will write the data to the next page but it will not write it to the mysql
database. i do not know what i am doing wrong and everything i have
read says that it should work. any help or ideas would be great

Code: Select all

<?php
$host="localhost";
$user="root";
$password="";
$database="terminal_testing";
 
mysql_connect($host,$user,$password)or die("Can not connect DB");
mysql_select_db($database) or die( "Unable to select database");
 
mysql_query("INSERT INTO setup_page_1(testid, tdate, brand, model, app, ver, visa1, visa2, visa3, visa4, visa5, visa6, visa7, master1, discover1, amex1, amex2, txdl1, txdl2, txdl3) 
values('$_POST[Testid]', '$_POST[Tdate]', '$_POST[Brand]', '$_POST[Model]', '$_POST[App]','$_POST[Ver]', '$_POST[checkbox1]', '$_POST[checkbox2]', '$_POST[checkbox3]', '$_POST[checkbox4]', '$_POST[checkbox5]', '$_POST[checkbox6]', '$_POST[checkbox7]', '$_POST[checkbox8]', '$_POST[checkbox9]', '$_POST[checkbox10]', '$_POST[checkbox11]', '$_POST[checkbox12]', '$_POST[checkbox13]', '$_POST[checkbox14]')");
 
echo "1 record added";
mysql_close();
?>
<form>
<p>Test ID: <?php echo $_POST["Testid"]; ?><br /> 
Test Date: <?php echo $_POST["TestDate"]; ?><br />
Brand: <?php echo $_POST["Brand"]; ?><br /> 
Model: <?php echo $_POST["Model"]; ?><br /> 
App: <?php echo $_POST["App"]; ?><br /> 
Ver: <?php echo $_POST["Ver"]; ?><br /> 
 
Visa 1: <?php echo $_POST["checkbox1"]; ?><br />
Visa 2: <?php echo $_POST["checkbox2"]; ?><br />
Visa 3: <?php echo $_POST["checkbox3"]; ?><br />
Visa 4: <?php echo $_POST["checkbox4"]; ?><br />
Visa 5: <?php echo $_POST["checkbox5"]; ?><br />
Visa 6: <?php echo $_POST["checkbox6"]; ?><br />
Visa 7: <?php echo $_POST["checkbox7"]; ?><br />
MC 1: <?php echo $_POST["checkbox8"]; ?><br /> 
DS 1: <?php echo $_POST["checkbox9"]; ?><br />
Amex 1: <?php echo $_POST["checkbox10"]; ?><br />
Amex 2: <?php echo $_POST["checkbox11"]; ?><br />
TXDL 1: <?php echo $_POST["checkbox12"]; ?><br />
TXDL 2: <?php echo $_POST["checkbox13"]; ?><br />
TXDL 3: <?php echo $_POST["checkbox14"]; ?></p>
 
</form>

Re: can not write to my sql DB

Posted: Wed Apr 29, 2009 2:39 pm
by califdon
1. For your future reference, when you post code here, please enclose code between [syntax=php]and[/syntax] tags, as I have done for you in the above post. It makes it much easier for us to read.

2. In your code, always assign your SQL string to a variable, then use the variable in your mysql_query() function, not directly, as you did. This makes it 1000% easier to debug.

3. Always use the "or die(mysql_error())" method so that if your query fails, you will get a meaningful error message.

4. Try putting a space before the parenthesis before your field list and before your values list. SQL is sensitive to spaces separating parts of a SQL statement.

Re: can not write to my sql DB

Posted: Wed Apr 29, 2009 3:32 pm
by bolson
thank you for the information

1. i will do that from now on sorry

2.do you mean something like this
<php>$test_id=$_POST['Testid'];</php>

3. i have that there i am not getting an error message
and it post the data to the page

4. i tryed it too but it did not help

Re: can not write to my sql DB

Posted: Wed Apr 29, 2009 9:43 pm
by califdon
bolson wrote:2.do you mean something like this
<php>$test_id=$_POST['Testid'];</php>
No.

Instead of:

Code: Select all

mysql_query("INSERT INTO setup_page_1(testid, tdate, brand, model, app, ver, visa1, visa2, visa3, visa4, visa5, visa6, visa7, master1, discover1, amex1, amex2, txdl1, txdl2, txdl3) 
values('$_POST[Testid]', '$_POST[Tdate]', '$_POST[Brand]', '$_POST[Model]', '$_POST[App]','$_POST[Ver]', '$_POST[checkbox1]', '$_POST[checkbox2]', '$_POST[checkbox3]', '$_POST[checkbox4]', '$_POST[checkbox5]', '$_POST[checkbox6]', '$_POST[checkbox7]', '$_POST[checkbox8]', '$_POST[checkbox9]', '$_POST[checkbox10]', '$_POST[checkbox11]', '$_POST[checkbox12]', '$_POST[checkbox13]', '$_POST[checkbox14]')");
You should be doing the following:

Code: Select all

$testid=mysql_real_escape_string($_POST['Testid']);
$tdate=mysql_real_escape_string($_POST['Tdate']);
$brand=mysql_real_escape_string($_POST['Brand']);
$model=mysql_real_escape_string($_POST['Model']);
$app=mysql_real_escape_string($_POST['App']);
   ... etc. ...
$checkbox14=mysql_real_escape_string($_POST['checkbox14']);
$sql="INSERT INTO setup_page_1 
 (testid, tdate, brand, model, app, ver, visa1, visa2, visa3, visa4 ... etc. ... txdl3)
 VALUES ($testid, '$tdate', '$brand', '$model', '$app', ... etc. ... , '$checkbox14')";
mysql_query($sql) or die(mysaql_error());
The important differences are:
  1. you should always "sanitize" variables received from a form POST before using them to update a database;
  2. your SQL string should be assigned to its own separate variable ($sql, in the above code);
  3. if the mysql_query() function fails, your script should print the error and halt execution--that's what "die" does for you;
  4. the value for your first field, "testid", is enclosed in single quotes--id's are usually integers, and if your is, that's probably why your query is failing, which is what the error message would have told you if you followed usual coding practices, as I have shown you above. Quotes are used only for strings, never integers.
I would also strongly suspect that your table is not normalized (all those credit card fields look like "repeating groups", which violates First Normal Form for a relational database, but that's another whole issue).

Re: can not write to my sql DB

Posted: Thu Apr 30, 2009 9:54 pm
by bolson
:D thanks for the help i now understand what you are talking about.
yes it works great but i have to fix one line of the code you sent
from

Code: Select all

 
mysql_query($sql) or die(mysaql_error());
 
to

Code: Select all

 
mysql_query($sql) or die(mysql_error());
 
i know it was just a slip of the keyboard but i just wanted others
to know in case they do not catch it. so thanks again.