Paul15679

When I echo the query, I get INSERT INTO comments VALUES (NULL,'2','','Test comment ','I hope this works!',NULL) with no value between the '2' and the 'Test comment' values. This is where the post_id value should be being inserted into the table but isn't, despite being succesfully grabbed from the URL. This is the structure of the comments table: CREATE TABLE `comments` ( `comment_id` int(11) NOT NULL auto_increment, `user_id` int(11) NOT NULL, `post_id` int(11) NOT NULL, `title` varchar(150) NOT NULL, `body` text NOT NULL, `posted` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, PRIMARY KEY (`comment_id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=4 ; Thanks for your help guys

Thanks, but I've tried that and it didn't make any difference.

I've written a script to process user comments on a blog that grabs the post_id from the URL and passes it to a database query along with the other parameters necessary to insert the comment in the database. The problem is that the post_id isn't being passed to the query. The comments are being created in the database, but they all have a post_id of 0. I've echoed the $post_id variable in the script, and it echoes correctly. When I echo the query, it shows INSERT INTO comments VALUES (NULL,'2','','Test comment ','I hope this works!',NULL) with a blank between '2' and 'Test comment', which is where the post_id should be. Can anyone suggest why the post_id might be being grabbed from the URL correctly but not passed to the query? The full code of my script is below. I'd be really grateful for any help <?php session_start(); require_once('config.php'); require_once('c:\wamp\www\db_login.php'); require_once('DB.php'); // Display the page header $smarty->assign('blog_title',$blog_title); $smarty->display('header.tpl'); // Check for valid login if (!isset($_SESSION["username"])) { echo "Please <a href='login.php'>Login</a>."; exit; } //Connect to the database $connection = DB::connect("mysql://$db_username:$db_password@$db_host/$db_database"); if (DB::isError($connection)) { die ("Could not connect to the database: <br />". DB::errorMessage($connection)); } $stop=FALSE; // grab submission variables $post_id=$_GET[post_id]; $title=$_POST['title']; $body=$_POST['body']; $action=$_POST['action']; $category_id=$_POST['category_id']; $user_id=$_SESSION["user_id"]; $comment_id=$_POST['comment_id']; echo $post_id; if ($_GET['action']=="delete" AND !$stop) { $comment_id=$_GET["comment_id"]; $comment_id=mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($comment_id): $comment_id); $query= "DELETE FROM comments WHERE comment_id='".$comment_id."' AND user_id='".$user_id."'"; $result=$connection->query($query); if (DB::isError($result)) { die ("Could not query the database: <br />".$query. " ".DB::errorMessage($result)); } echo ("Deleted successfully.<br />"); $stop=TRUE; } // We are editing an entry, explicitly grab the id from the url if ($_GET["comment_id"] AND !$stop) { $comment_id=$_GET["comment_id"]; $query= "SELECT * FROM comments NATURAL JOIN users WHERE comment_id =".$_GET["comment_id"]; $result=$connection->query($query); if (DB::isError($result)) { die ("Could not query the database: <br />". $query. " ".DB::errorMessage($result)); } while ($result_row= $result->fetchRow(DB_FETCHMODE_ASSOC)) { $comments[]=array('title'=>htmlentities($result_row['title']), 'body'=>htmlentities($result_row['body']), 'comment_id'=>$result_row['comment_id']); } $post_id=$_GET["post_id"]; $smarty->assign('action','edit'); $smarty->assign('comments',$comments); $smarty->assign('post_id',htmlentities($post_id)); $smarty->display('comment_form.tpl'); //Display the footer $smarty->display('footer.tpl'); exit; } echo $post_id; //The form was submitted, was it an add or an edit if ($_POST['submit'] AND !$stop) { //validate fields if ($title == "") { echo 'Title must not be null.<br />'; $found_error= TRUE; $stop= TRUE; } if($body == "") { echo "Body must not be null.<br />"; $found_error= TRUE; $stop= TRUE; } //validated ok lets hit the database if ($_POST['action'] == "add" AND !$stop) { $title=mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($title): $title); $body=mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($body): $body); $post_id=mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($post_id): $post_id); $user_id=mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($user_id): $user_id); $query= "INSERT INTO comments VALUES (NULL,'".$user_id."','".$post_id."','".$title."','".$body."', NULL)"; $result=$connection->query($query); if (DB::isError($result)) { die ("Could not query the database: <br />".$query." ".DB::errorMessage($result)); } echo "Posted Successfully.<br />"; $stop=TRUE; } echo $query; } if ($_POST['action']=="edit" AND !$stop) { $title=mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($title): $title); $body=mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($body): $body); $comment_id=mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($comment_id): $comment_id); $user_id=mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($user_id): $user_id); $query= "UPDATE comments SET title ='".$title."',body= '".$body."' WHERE comment_id= '".$comment_id."' AND user_id= '".$user_id."'"; $result=$connection->query($query); if (DB::isError($result)) { die ("Could not query the database: <br />". $query." ".DB::errorMessage($result)); } echo "Updated Successfully.<br />"; $stop=TRUE; } if (!$stop) { //Display the blank form //Create an empty entry $post_id=$_GET["post_id"]; $result_row=array('title'=>NULL,'body'=>NULL,'comment_id'=>NULL); $comments[]=$result_row; //Get the categories $smarty->assign('post_id',htmlentities($post_id)); $smarty->assign('comments',$comments); $smarty->assign('action','add'); $smarty->display('comment_form.tpl'); } if ($found_error) { //assign old values //redisplay form $post_id=$_GET["post_id"]; $result_row=array('title'=>htmlentities($title),'body'=>htmlentities($body), 'comment_id'=>htmlentities($comment_id)); $comments[]=$result_row; $smarty->assign('action',htmlentities($action)); $smarty->assign('post_id',htmlentities($post_id)); $smarty->assign('comments',$comments); $smarty->display('comment_form.tpl'); } //Display the footer $smarty->display('footer.tpl'); ?>

I'm trying to create a script to validate a form using both Javascript and PHP, but when I run it I get this error: "Fatal error: Call to a member function query() on a non-object in C:\wamp\www\java_form_val2.php on line 57" Line 57 is where I run a database query: $result = $connection->query($query); And the rest of the script: <html> <head> <title>Sample Form</title> <script type="text/javascript" src="source.js"></script> <script type="text/javascript"> function check_valid(form) { var error =""; error += verify_username(form.username.value); error += verify_password(form.password.value); error += verify_phone(form.phone.value); error += verify_email(form.email.value); if (error != ""){ alert(error); return false; } return true } </script> </head> <body> <?php if ($_POST["submit"]){ require_once('db_login.php'); require_once('DB.php'); $connection= DB::connect("mysql://$db_username:$db_password@$db_host/$db_database"); if (DB::isError($connection)){ die ("Could not connect to the database: <br />". DB::errorMessage($connection)); } $username=$_POST["username"]; $username=mysql_real_escape_string(get_magic_quotes_gpc() ? stripslashes($username) : $username); $password=$_POST["password"]; $password=htmlentities(get_magic_quotes_gpc() ? stripslashes($password) : $password); $email=$_POST["email"]; $email=htmlentities(get_magic_quotes_gpc() ? stripslashes($email) : $email); $phone=$_POST["phone"]; $phone=htmlentities(get_magic_quotes_gpc() ? stripslashes($phone) : $phone); $error= ""; } if (is_null($username == "")){ $error .= "Username must not be null.<br />"; } if ($password == ""){ $error .= "Password must not be null.<br />"; } if ($email == ""){ $error .= "Email must not be null.<br />"; } if ($phone == ""){ $error .= "Phone must not be null.<br />"; } $query = "SELECT * FROM users WHERE username='$username'"; $result = $connection->query($query); if (DB::isError($result)){ die ("Could not query the database:<br />".$query." ".DB::errorMessage($result)); } $user_count = $result->numRows(); if ($user_count > 0) { $error .= "Error:Username $username is taken already. Please select another.<br />"; } if ($error){ echo $error; } else { echo "Username is available."; exit; } ?> <form action="<?php echo htmlentities($_SERVER["PHP_SELF"]); ?>" method="POST" onSubmit="return check_valid(this)" id="test1" name="test1"> <table> <tr> <td width="30%" ALIGN="right">Username:</td> <td><input type="text" name="username" value="<?php echo ($username); ?>" /> </td> </tr> <tr> <td align="right">Password:</td> <td><input type="text" name="password" value="<?php echo ($password); ?>" /> </td> </tr> <tr> <td align="right">Phone:</td> <td><input type="text" name="phone" value="<?php echo ($phone); ?>" /> </td> </tr> <tr> <td align="right">Email:</td> <td><input type="text" name="email" value="<?php echo ($email); ?>" /> </td> </tr> <tr> <td> </TD> <td>:<input type="submit" name="submit" value="Submit" /></td> </tr> </table> </form> </body> </html> I ran the same script with just Javascript validation and it ran fine, it's as if its not recognising the PEAR connection query object, but I've run other scripts that use PEAR to run queries, and they work fine. I'd really appreciate it if anyone could point out where I'm going wrong.

I changed to $_POST and $_FILES and my script works. Thanks to you both, I appreciate the help.

Hi, I'm trying to write a script to validate a user uploaded image and move it to the server, and I've encountered a problem. Whenever I tried to upload a file, the page just reloads and displays the file upload box again, regardless of whether I've tried to upload the right kind of file, or even if I have just pressed the submit button without choosing a file to upload. It's as if the PHP isn't being processed at all, and my browser is just displaying the form. My code is below, I'd be really grateful if anyone could point out where I'm going wrong. Apologies for the long post and code <?php $maxsize=28480; //set the max upload size in bytes if (!$HTTP_POST_VARS['submit']){ //print_r($HTTP_POST_FILES); $error=" "; //This will cause the rest of the processing to be skipped //and the upload form displays } if (!is_uploaded_file($HTTP_POST_FILES['upload_file']['tmp_name'])AND !isset($error)){ $error= "<b>You must upload a file!</b><br /><br />"; unlink($HTTP_POST_FILES['upload_file']['tmp_name']); } if ($HTTP_POST_FILES['upload_file']['size'] > $maxsize AND !isset($error)){ $error= "<b>Error, file must be less than $maxsize bytes.</b><br /><br />"; unlink($HTTP_POST_FILES['upload_file']['tmp_name']); } if($HTTP_POST_FILES['upload_file']['type'] != "image/gif" AND $HTTP_POST_FILES['upload_file']['type'] != "image/pjpeg" AND $HTTP_POST_FILES['upload_file']['type'] != "image/jpeg" AND !isset($error)){ $error = "<b>You may only upload .gif or .jpeg files!</b><br /><br />"; unlink($HTTP_POST_FILES['upload_file']['tmp_name']); } if (!isset($error)){ move_uploaded_file($HTTP_POST_FILES['upload_file']['tmp_name'], "uploads/".$HTTP_POST_FILES['upload_file']['name']); print "Thank you for your upload."; exit; } else{ echo ("$error"); } ?> <html> <head></head> <body> <form action="<?php echo(htmlspecialchars($_SERVER['PHP_SELF']))?>" method="post" enctype="multipart/form-data"> Choose a file to upload:<br /> <input type="file" name="upload_file" size="80"/> <br /> <input type="submit" name="submit" value="submit"/> </form> </body> </html>