CBXZero

I ended up deciding to forget the fwrite stuff and just create a page and using a $_GET and letting a single page generate my reviews from the database, thank you all for all the help!

Thank you Pikachu, i didn't even think about that, I'm changing them right now

<?php // Establish Connection to Database $db = mysql_connect("cmscbesalke.db.8675706.hostedresource.com","redacted","redacted"); // Set variables from the form $gametitle = $_POST[gameTitle]; $gamereview = $_POST[gameReview]; $gamescore = $_POST[gameScore]; $gamePS2 = $_POST[gamePS2]; $gamePS3 = $_POST[gamePS3]; $gameXBOX360 = $_POST[gameXBOX360]; $gameWii = $_POST[gameWII]; $game3DS = $_POST[game3DS]; $gameDS = $_POST[gameDS]; $gameANDROID = $_POST[gameANDROID]; $gameIOS = $_POST[gameIOS]; $gamePC = $_POST[gamePC]; $gameMMO = $_POST[gameMMO]; $gameAuthor = $_POST[gameAuthor]; $username = $_POST[username]; $password = $_POST[password]; $gamesummary = $_POST[gameSummary]; // Submit data from the form into the database cmscbesalke.game if ($_POST[submit]=='Submit Review') { if (empty($gametitle) or empty($gamereview) or empty($gamescore)) { echo("One of your fields are blank, please check them"); } else { $passwordcheck = mysql_query('SELECT * from cmscbesalke.users where username="'.$username.'" and password="'.$password.'"'); $passwordcheck2 = mysql_num_rows($passwordcheck); if($passwordcheck2 == 1) { if(mysql_query("insert into cmscbesalke.game values('','".$gametitle."','".$gamesummary."','".$gamereview."','".$gamescore."','".$gamePS2."','".$gamePS3."','".$gameXBOX360."','".$gameWii."','".$game3DS."','".$gameDS."','".$gameANDROID."','".$gameIOS."','".$gamePC."','".$gameMMO."','".$gameAuthor."','')")) { echo("<font color='green' size='10'> Your article was added to the Database! </font><br>"); $filename = $gametitle.".php"; $newfile = fopen($filename,"w"); if($newfile==false) { die("Unable to create file"); } $newstring = "<html itemscope itemtype='http://schema.org/Review'>\n"; fwrite($newfile,$newstring); $newstring = "<head>\n"; fwrite($newfile,$newstring); $newstring = "<title>".$gametitle." Review </title>\n"; fwrite($newfile,$newstring); $newstring = "<Script type='text/Javascript' src='header.js'></Script>\n"; fwrite($newfile,$newstring); $newstring = "<Script type='text/Javascript' src='address.js'></Script>\n"; fwrite($newfile,$newstring); $newstring = "<link rel='stylesheet' type='text/css' href='game.css' />\n"; fwrite($newfile,$newstring); $newstring = "<!-- Start Analytics Code -->\n"; fwrite($newfile,$newstring); $newstring = "<script type='text/javascript'>\n"; fwrite($newfile,$newstring); $newstring = "\n"; fwrite($newfile,$newstring); $newstring = " var _gaq = _gaq || [];\n"; fwrite($newfile,$newstring); $newstring = " _gaq.push(['_setAccount', 'UA-27485704-1']);\n"; fwrite($newfile,$newstring); $newstring = " _gaq.push(['_trackPageview']);\n"; fwrite($newfile,$newstring); $newstring = "\n"; fwrite($newfile,$newstring); $newstring = " (function() {\n"; fwrite($newfile,$newstring); $newstring = " var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;\n"; fwrite($newfile,$newstring); $newstring = " ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';\n"; fwrite($newfile,$newstring); $newstring = " var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);\n"; fwrite($newfile,$newstring); $newstring = " })();\n"; fwrite($newfile,$newstring); $newstring = "\n"; fwrite($newfile,$newstring); $newstring = "</script>\n"; fwrite($newfile,$newstring); $newstring = "<!-- End Analytics Code -->\n"; fwrite($newfile,$newstring); $newstring = "<!-- Google+ Code -->\n"; fwrite($newfile,$newstring); $newstring = "<meta itemprop='name' content='".$gametitle." Review'>\n"; fwrite($newfile,$newstring); $newstring = "<meta itemprop='description' content='Game Review Central, giving you our latest review of ".$gametitle."!'>\n"; fwrite($newfile,$newstring); $newstring = "<script type='text/javascript'>\n"; fwrite($newfile,$newstring); $newstring = " (function() {\n"; fwrite($newfile,$newstring); $newstring = " var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true;\n"; fwrite($newfile,$newstring); $newstring = " po.src = 'https://apis.google.com/js/plusone.js';\n"; fwrite($newfile,$newstring); $newstring = " var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s);\n"; fwrite($newfile,$newstring); $newstring = " })();\n"; fwrite($newfile,$newstring); $newstring = "</script>\n"; fwrite($newfile,$newstring); $newstring = "<!-- Google+ Code Ends -->\n"; fwrite($newfile,$newstring); $newstring = "</head>\n"; fwrite($newfile,$newstring); $newstring = "<body>\n"; fwrite($newfile,$newstring); $newstring = "<TABLE cellpadding='2' border='0'>\n"; fwrite($newfile,$newstring); $newstring = "<tr> <td colspan='3'>\n"; fwrite($newfile,$newstring); $newstring = "<Script language=Javascript>\n"; fwrite($newfile,$newstring); $newstring = "headerbot();\n"; fwrite($newfile,$newstring); $newstring = "</Script>\n"; fwrite($newfile,$newstring); $newstring = "</td> </tr> <tr> <td colspan='2' width='90%'>\n"; fwrite($newfile,$newstring); $newstring = "<center>\n"; fwrite($newfile,$newstring); $newstring = "<h2>".$gametitle."</h2>"; fwrite($newfile,$newstring); $newstring = "<p>\n"; fwrite($newfile,$newstring); $newstring = "<?php\n"; fwrite($newfile,$newstring); $newstring = '$db = mysql_connect("cmscbesalke.db.8675706.hostedresource.com","redacted","redacted") or die(mysql_error());'; fwrite($newfile,$newstring."\n"); $newstring = '$search = mysql_query("SELECT * FROM cmscbesalke.game where gameTitle = '".$gametitle."'");'; fwrite($newfile,$newstring."\n"); $newstring = '$result = mysql_fetch_array($search);'; fwrite($newfile,$newstring."\n"); $newstring = 'echo("<i>" . $result[gameAuthor] . "</i><br>");'; fwrite($newfile,$newstring."\n"); $newstring = 'echo($result[gameSummary] . $result[gameReview]);'; fwrite($newfile,$newstring."\n"); $newstring = 'echo("Final Score: ".$result[gameScore]."/10<br>");'; fwrite($newfile,$newstring."\n"); $newstring = 'mysql_close($db);'; fwrite($newfile,$newstring."\n"); $newstring = '?>'; fwrite($newfile,$newstring."\n"); $newstring = "</p>\n"; fwrite($newfile,$newstring); $newstring = "</td> <td width='10%'>\n"; fwrite($newfile,$newstring); $newstring = "<!-- Google Ad Start -->\n"; fwrite($newfile,$newstring); $newstring = "<script type='text/javascript'><!--\n"; fwrite($newfile,$newstring); $newstring = "google_ad_client = 'ca-pub-6906472896133150';\n"; fwrite($newfile,$newstring); $newstring = "/* Skinnier Ad */\n"; fwrite($newfile,$newstring); $newstring = "google_ad_slot = '0858349924';\n"; fwrite($newfile,$newstring); $newstring = "google_ad_width = 160;\n"; fwrite($newfile,$newstring); $newstring = "google_ad_height = 600;\n"; fwrite($newfile,$newstring); $newstring = "//-->\n"; fwrite($newfile,$newstring); $newstring = "</script>"; fwrite($newfile,$newstring); $newstring = "<script type='text/javascript' src='http://pagead2.googlesyndication.com/pagead/show_ads.js'>\n"; fwrite($newfile,$newstring); $newstring = "</script>\n"; fwrite($newfile,$newstring); $newstring = "<script type='text/javascript' src='http://pagead2.googlesyndication.com/pagead/show_ads.js'>\n"; fwrite($newfile,$newstring); $newstring = "</script>\n"; fwrite($newfile,$newstring); $newstring = "<!-- Google Ad End -->\n"; fwrite($newfile,$newstring); $newstring = "<!-- Google Ad Start -->\n"; fwrite($newfile,$newstring); $newstring = "<script type='text/javascript'><!--\n"; fwrite($newfile,$newstring); $newstring = "google_ad_client = 'ca-pub-6906472896133150';\n"; fwrite($newfile,$newstring); $newstring = "/* Skinny Ad 2 */\n"; fwrite($newfile,$newstring); $newstring = "google_ad_slot = '9730647914';\n"; fwrite($newfile,$newstring); $newstring = "google_ad_width = 160;\n"; fwrite($newfile,$newstring); $newstring = "google_ad_height = 600;\n"; fwrite($newfile,$newstring); $newstring = "//-->\n"; fwrite($newfile,$newstring); $newstring = "</script>\n"; fwrite($newfile,$newstring); $newstring = "<script type='text/javascript' src='http://pagead2.googlesyndication.com/pagead/show_ads.js'>\n"; fwrite($newfile,$newstring); $newstring = "</script>\n"; fwrite($newfile,$newstring); $newstring = "<!-- Google Ad End -->\n"; fwrite($newfile,$newstring); $newstring = "</td> </tr> <tr> <td colspan='3'>\n"; fwrite($newfile,$newstring); $newstring = "<hr>\n"; fwrite($newfile,$newstring); $newstring = "<!-- Google + Code -->\n"; fwrite($newfile,$newstring); $newstring = "<g:plusone annotation='inline'></g:plusone>\n"; fwrite($newfile,$newstring); $newstring = "<Script language=Javascript>\n"; fwrite($newfile,$newstring); $newstring = "addressbot();\n"; fwrite($newfile,$newstring); $newstring = "</Script>\n"; fwrite($newfile,$newstring); $newstring = "</body>\n"; fwrite($newfile,$newstring); $newstring = "</html>\n"; fwrite($newfile,$newstring); $newstring = "<!-- This document was generated with Charlie's Review Page Genorator -->\n"; fwrite($newfile,$newstring); fclose($newfile); } else { echo("<font color='red' size='10'> Your article cannot be added at this time...</font><br>"); } } else { echo("<font color='red'> Password Incorrect </font>"); echo($passwordcheck2); } } } // Create a form that will allow someone (or me) to enter in a new review echo("<form name='review' method='post' action='#'>"); echo("Game Title:<input type='text' name='gameTitle' /><br>"); echo("Game Summary(is visible):<input type='text' name='gameSummary' /><br>"); echo("Game Review:<textarea cols='50' rows='30' name='gameReview'></textarea><br>"); echo("Game Score:<input type='text' name='gameScore' /><br>"); echo("Systems Applicable: PS2:<input type='checkbox' name='gamePS2' value='1' /> PS3:<input type='checkbox' name='gamePS3' value='1' />"); echo("Xbox360: <input type='checkbox' name='gameXBOX360' value='1' /> Wii: <input type='checkbox' name='gameWII' value='1' /> "); echo("3DS: <input type='checkbox' name='game3DS' value='1' /> DS: <input type='checkbox' name='gameDS' value='1' /> "); echo("Android: <input type='checkbox' name='gameANDROID' value='1' /> iOS: <input type='checkbox' name='gameIOS' value='1' /> "); echo("PC: <input type='checkbox' name='gamePC' value='1' /> MMO: <input type='checkbox' name='gameMMO' value='1' /> <br> "); echo("Author: <input type='text' name='gameAuthor' /> <br>"); echo("Username: <input type='text' name='username' /> <br>"); echo("Password: <input type='password' name='password' /> <br>"); echo("<br><input type='submit' name='submit' value='Submit Review' />"); echo("</form>"); // Close Connection to Database mysql_close($db); ?> There is the entire code, and I'm just trying to write the entire line to a document, not actually process it... if that makes any sense

It's supposed to send an SQL command, I'm still noobish on SQL but I believe that when you're trying to see if a variable inside of an SQL query matches anything or not you only use one = sign. The variable is already assigned at the top of my code with a $gametitle = $_POST[gametitle]; would I still need to evaluate it first?

Alright, I've troubleshooted for about an hour on this and still can't figure it out, I've got the following line of code: $newstring = '$search = mysql_query("SELECT * FROM cmscbesalke.game where gameTitle = '".$gametitle."'");'; that is giving the following error: Parse error: syntax error, unexpected '"' in /home/content/06/8675706/html/edit.game.php on line 136 I've tried to do the following as well: Escaping the ", adding in extra . operators, and removing quotes. The complicated part here is that I need the fwrite to write the $gametitle variable, with single quotes around it that way the mysql_query will return the correct database entry, but everytime I get the line of code to work it does not put the quotes.