jdorenbush

Works great! Thanks Ken!

This is what I came up with... if ($action == 'doAddBook') { $qtmp = array(); foreach ($_POST as $k => $v) if ($k != 'submit' && $k != 'id') $qtmp[] = $k . " = '" . mysql_real_escape_string(trim(stripslashes($v))) . "'"; $query = "INSERT catalog SET " . implode(', ',$qtmp) . mysql_real_escape_string($_POST['id']) . "'"; $result = mysql_query($query) or die("ERROR: Unable to add book. The query was: $query<br />" . mysql_error()); echo "<h2>The book has been successfully added to the database.</h2>"; } I received an error though... You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''''' at line 1 I don't really understand this script so its really difficult for me to try and solve the problem.

Hey it worked! Very compact code to. It looks great, I don't fully understand it, but in time I will make sense of it. Is it possible to use something along those lines for doAddBook?

*bump* Almost fixed guys just need a bit more help fixing the whats listed above. Thanks!

UPDATE: I've sort of fixed the EDIT portion of the admin. It was looking for ID when it should have been looking for BOOK_ID. So it UPDATES the record, but when I go back to view whats its supposedly updated, it shows me nothing that I edited. Now I need to fix the ADD portion. It looks like the field I am missing is the BOOK_ID when I am trying to add a book. The ID is just supposed to auto-increment for each book I add. Where/what would I include so that it inserts an auto-incremented book ID # into the database for each book I add?

For us to tell you that, we need to see the code for the update portion. Ken if ( $action == "EditBook" ) { $id=$_GET['id']; $query = "SELECT * FROM catalog WHERE book_id = '$id'"; $result = mysql_query($query) or die('Couldnt read book catalog database'); $book_cover=mysql_result($result,$i,"book_cover"); $book_title=mysql_result($result,$i,"book_title"); $book_author=mysql_result($result,$i,"book_author"); $book_publisher=mysql_result($result,$i,"book_publisher"); $book_publication=mysql_result($result,$i,"book_publication"); $book_isbn=mysql_result($result,$i,"book_isbn"); $book_covertype=mysql_result($result,$i,"book_covertype"); $book_pages=mysql_result($result,$i,"book_pages"); $book_condition=mysql_result($result,$i,"book_condition"); $book_listprice=mysql_result($result,$i,"book_listprice"); $book_amazonprice=mysql_result($result,$i,"book_amazonprice"); $book_price=mysql_result($result,$i,"book_price"); $book_summary=mysql_result($result,$i,"book_summary"); $book_whothis=mysql_result($result,$i,"book_whothis"); $book_opinion=mysql_result($result,$i,"book_opinion"); $book_approved=mysql_result($result,$i,"book_approved"); $book_essential=mysql_result($result,$i,"book_essential"); echo " <form action=\"?action=doEditBook\" method=\"POST\"> <fieldset> <legend>Edit Book with ID $id</legend> <input type=\"hidden\" name=\"id\" value=\"$id\"> <label for=\"book_cover\">Book Cover URL</label><input type=\"text\" name=\"book_cover\" class=\"txt\" value=\"$book_cover\" > <label for=\"book_title\">Title</label><input type=\"text\" name=\"book_title\" class=\"txt\" value=\"$book_title\" > <label for=\"book_author\">Author</label><input type=\"text\" name=\"book_author\" class=\"txt\" value=\"$book_author\" > <label for=\"book_publisher\">Publisher</label><input type=\"text\" name=\"book_publisher\" class=\"txt\" value=\"$book_publisher\" > <label for=\"book_publication\">Publication Year</label><input type=\"text\" name=\"book_publication\" class=\"txt\" value=\"$book_publication\" > <label for=\"book_isbn\">ISBN</label><input type=\"text\" name=\"book_isbn\" class=\"txt\" value=\"$book_isbn\" > <label for=\"book_covertype\">Book Cover Type</label><select name='book_covertype' class=\"txt\"value=\"$book_covertype\" ><option selected value=\"$book_covertype\"></option> <option value=\"Hard\">Hard Cover</option> <option value=\"Soft\">Soft Cover</option> </select> <label for=\"book_pages\">Pages</label><input type=\"text\" name=\"book_pages\" class=\"txt\" value=\"$book_pages\" > <label for=\"book_condition\">Condition</label><select name='book_condition' class=\"txt\" ><option selected value=\"$book_condition\"></option> <option value=\"New\">New</option> <option value=\"Used/Like New\">Used/Like New</option> <option value=\"Used/Slight Wear\">Used/Slight Wear</option> <option value=\"Used/Worn\">Used/Worn</option> </select> <label for=\"book_category\">Category</label><select name='book_category' class=\"txt\"><option selected value=\"$book_category\"> </option>"; $query = " SELECT cat_name FROM categories"; $result = mysql_query($query) or die('Cant select categories table'); while ($getcat= mysql_fetch_array($result)) { ?> <? echo "<option value=\"$getcat[cat_name]\""; ?> <? if ($getcat[cat_name]=="$book_category"){ echo " selected>"; } else { echo ">"; } ?> <? echo "$getcat[cat_name]</option>"; ?><? } echo " </select><br /><br /> <label for=\"book_listprice\">List Price</label><input type=\"text\" name=\"book_listprice\" class=\"txt\" value=\"$book_listprice\" > <label for=\"book_amazonprice\">Amazon Price</label><input type=\"text\" name=\"book_amazonprice\" class=\"txt\" value=\"$book_amazonprice\" > <label for=\"book_price\">Mutineer Price</label><input type=\"text\" name=\"book_price\" class=\"txt\" value=\"$book_price\" > <label for=\"book_summary\">Book Summary</label><textarea name='book_summary' cols='30' rows='3' class=\"txt\">$book_summary</textarea> <label for=\"book_whothis\">Who its For</label><textarea name='book_whothis' cols='30' rows='3' class=\"txt\">$book_whothis</textarea> <label for=\"book_opinion\">Mutineer's Opinion</label><textarea name='book_opinion' cols='30' rows='3' class=\"txt\">$book_opinion</textarea> <label for=\"book_approved\"><font color=\"red\">Mutineer Approved?</font></label><br /><br /> Yes<input name=\"book_approved\" type=\"radio\" value=\"Yes\" /> No<input name=\"book_approved\" type=\"radio\" value=\"No\" /><br /><br /> <label for=\"book_essential\"><font color=\"red\">Mutineer Essential<?/font></label><br /><br /> Yes<input name=\"book_essential\" type=\"radio\" value=\"Yes\" /> No<input name=\"book_essential\" type=\"radio\" value=\"No\" /><br /><br /> <p><input type=\"Submit\" value=\"Submit\" class=\"txt2\"></p> </fieldset> </form>"; } if ( $action == "doEditBook" ) { $book_cover=mysql_real_escape_string($_POST['book_cover']); $book_title=mysql_real_escape_string($_POST['book_title']); $book_author=mysql_real_escape_string($_POST['book_author']); $book_publisher=mysql_real_escape_string($_POST['book_publisher']); $book_publication=mysql_real_escape_string($_POST['book_publication']); $book_isbn=mysql_real_escape_string($_POST['book_isbn']); $book_covertype=mysql_real_escape_string($_POST['book_covertype']); $book_pages=mysql_real_escape_string($_POST['book_pages']); $book_condition=mysql_real_escape_string($_POST['book_condition']); $book_listprice=mysql_real_escape_string($_POST['book_listprice']); $book_amazonprice=mysql_real_escape_string($_POST['book_amazonprice']); $book_price=mysql_real_escape_string($_POST['book_price']); $book_summary=mysql_real_escape_string($_POST['book_summary']); $book_whothis=mysql_real_escape_string($_POST['book_whothis']); $book_opinion=mysql_real_escape_string($_POST['book_opinion']); $book_approved=mysql_real_escape_string($_POST['book_approved']); $book_essential=mysql_real_escape_string($_POST['book_essential']); $query = "UPDATE catalog SET book_cover='$book_cover',book_title='$book_title', book_author='$book_author', book_publisher='$book_publisher', book_publication='$book_publication', book_isbn='$book_isbn', book_covertype='$book_covertype', book_pages='$book_pages', book_condition='$book_condition', book_listprice='$book_listprice', book_amazonprice='$book_amazonprice', book_price='$book_price', book_summary='$book_summary', book_whothis='$book_whothis', book_summary='$book_summary', book_opinion='$book_opinion', book_approved='$book_approved', book_essential='$book_essential' WHERE book_id='$id'"; $result = mysql_query($query) or die("ERROR: Unable to update book. The query was: $query<br>" . mysql_error()); echo "<h2>The book has been successfully updated in the database.</h2>"; }

Whoops. That was the EDIT(UPDATE) portion. Here is what happens when I try and ADD. ERROR: Unable to add book. The query was: INSERT INTO catalog VALUES('','test','test','test','test','test','test','Hard','test','New','$test','$test','$test','test','test','test','Yes','Yes') Column count doesn't match value count at row 1 I fixed the comma in the EDIT portion, but how do I address the null ID?

ERROR: Unable to update book. The query was: UPDATE catalog SET book_cover='bartendingfordummies.jpg',book_title='Bartending for Dummies', book_author='Ray Foley', book_publisher='IDG Books', book_publication='1997', book_isbn='0-7645-5051-9', book_covertype='', book_pages='', book_condition='', book_listprice='', book_amazonprice='', book_price='$9.99', book_summary='A basic guide to everything bartending and mixology.', book_whothis='Anyone interested in bartending or mixology; good starter book.', book_summary='A basic guide to everything bartending and mixology.', book_opinion='I’m typically not a fan of books in the “Dummies” series…not sure why, just not for some reason. This book, however, has been a useful tool for me over the years. If nothing else, it contains an accurate density chart for layering liquors and liqueurs. The book is laid out in an approachable and sensible way, and does a good job covering the basics of bartending, mixology, and spirits.', book_approved='', book_essential='', WHERE book_id='' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE book_id=''' at line 1

After pressing submit it brings me to a page and says "Unable to add book." $result = mysql_query($query) or die('ERROR: Unable to add book.');

I was making a few changes to the admin side of a PHP based Bookstore I have. Somewhere along the lines I broke it and I am no PHP expert so I am having a heck of a time fixing it. I am unable to edit or add books to the database now. I keep getting the ERROR message. Here is the "Add Books" portion of the code. Does anyone see something that stands out as incorrect? Code: // Add Books if ( $action == "AddBook" ) { echo " <form action=\"?action=doAddBook\" method=\"POST\"> <fieldset> <legend>Add Book</legend> <label for=\"book_cover\">Book Cover URL</label><input type=\"text\" name=\"book_cover\" class=\"txt\"> <label for=\"book_title\">Title</label><input type=\"text\" name=\"book_title\" class=\"txt\" > <label for=\"book_author\">Author</label><input type=\"text\" name=\"book_author\" class=\"txt\" > <label for=\"book_publisher\">Publisher</label><input type=\"text\" name=\"book_publisher\" class=\"txt\" > <label for=\"book_publication\">Publication Year</label><input type=\"text\" name=\"book_publication\" class=\"txt\" > <label for=\"book_isbn\">ISBN</label><input type=\"text\" name=\"book_isbn\" class=\"txt\" > <label for=\"book_covertype\">Book Cover Type</label><select name=\"book_covertype\" class=\"txt\" > <option selected> </option> <option value=\"Hard\">Hard Cover</option> <option value=\"Soft\">Soft Cover</option> </select> <label for=\"book_pages\">Pages</label><input type=\"text\" name=\"book_pages\" class=\"txt\" > <label for=\"book_condition\">Condition</label><select name=\"book_condition\" class=\"txt\" ><option selected> </option> <option value=\"New\">New</option> <option value=\"Used/Like New\">Used/Like New</option> <option value=\"Used/Slight Wear\">Used/Slight Wear</option> <option value=\"Used/Worn\">Used/Worn</option> </select> <label for=\"book_category\">Category</label><select name=\"book_category\" class=\"txt\" > <option selected> </option>"; $query = " SELECT * FROM categories ORDER BY cat_id ASC"; $result = mysql_query($query) or die('Error, query failed'); while ($getcat= mysql_fetch_array($result)) { echo "<option value=\"$getcat[cat_name]\">$getcat[cat_name]</option>";} echo " </select><br /><br /> <label for=\"book_listprice\">List Price</label><input type=\"text\" name=\"book_listprice\" class=\"txt\" value=\"$\" > <label for=\"book_amazonprice\">Amazon Price</label><input type=\"text\" name=\"book_amazonprice\" class=\"txt\" value=\"$\" > <label for=\"book_price\">Mutineer Price</label><input type=\"text\" name=\"book_price\" class=\"txt\" value=\"$\" > <label for=\"book_summary\">Book Summary</label><textarea name=\"book_summary\" cols=\"30\" rows=\"3\" class=\"txt\"></textarea> <label for=\"book_whothis\">Who its For</label><textarea name=\"book_whothis\" cols=\"30\" rows=\"3\" class=\"txt\"></textarea> <label for=\"book_opinion\">Mutineer's Opinion</label><textarea name=\"book_opinion\" cols=\"30\" rows=\"3\" class=\"txt\"></textarea> <label for=\"book_approved\">Mutineer Approved?</label><br /><br /> Yes<input name=\"book_approved\" type=\"radio\" value=\"Yes\" /> No<input name=\"book_approved\" type=\"radio\" value=\"No\" /><br /><br /> <label for=\"book_essential\">Mutineer Essential?</label><br /><br /> Yes<input name=\"book_essential\" type=\"radio\" value=\"Yes\" /> No<input name=\"book_essential\" type=\"radio\" value=\"No\" /><br /><br /> <p><input type=\"Submit\" value=\"Submit\" class=\"txt2\"></p> </fieldset> </form> ";} if ( $action == "doAddBook" ) { $book_cover=mysql_real_escape_string($_POST['book_cover']); $book_title=mysql_real_escape_string($_POST['book_title']); $book_author=mysql_real_escape_string($_POST['book_author']); $book_publisher=mysql_real_escape_string($_POST['book_publisher']); $book_publication=mysql_real_escape_string($_POST['book_publication']); $book_isbn=mysql_real_escape_string($_POST['book_isbn']); $book_covertype=mysql_real_escape_string($_POST['book_covertype']); $book_pages=mysql_real_escape_string($_POST['book_pages']); $book_condition=mysql_real_escape_string($_POST['book_condition']); $book_listprice=mysql_real_escape_string($_POST['book_listprice']); $book_amazonprice=mysql_real_escape_string($_POST['book_amazonprice']); $book_price=mysql_real_escape_string($_POST['book_price']); $book_summary=mysql_real_escape_string($_POST['book_summary']); $book_whothis=mysql_real_escape_string($_POST['book_whothis']); $book_opinion=mysql_real_escape_string($_POST['book_opinion']); $book_approved=mysql_real_escape_string($_POST['book_approved']); $book_essential=mysql_real_escape_string($_POST['book_essential']); $query = " INSERT INTO catalog VALUES('','$book_cover','$book_title','$book_author','$book_publisher','$book_publication','$book_isbn','$book_covertype','$book_pages','$book_condition','$book_listprice','$book_amazonprice','$book_price','$book_summary','$book_whothis','$book_opinion','$book_approved','$book_essential')"; $result = mysql_query($query) or die('ERROR: Unable to add book.'); echo "<h2>The book has been successfully added to the database.</h2>"; } MySQL: 4.1.20-3 / PHP: 4.3.9 Hosting: RackForce Here is a screenshot from PHPMyAdmin: Any help is much appreciated... Remember, take it easy on me - I am a PHP noob.