bravo14 Posted June 12, 2008 Share Posted June 12, 2008 Hi all I have probable made a very simple error hopefully someone can help I am trying to insert a record into a database using PHP the form is built using the following code <?php echo ('<form action="insert_fine.php"><table width="65%" border="0">'); echo ('<tr>'); echo ('<td width="30%" class="profiletext">Name</td>'); echo ('<td><select name="name">'); $con = mysql_connect('IPaddress', 'database', 'password', true); if(!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db('yardleyheroes', $con); $res=mysql_query('SELECT * FROM `profiles` WHERE `profiletype` =\'player\'ORDER BY `name`'); if(mysql_num_rows($res)==0) echo('<option>there is no data in table..</option>'); else { while($row=mysql_fetch_assoc($res)) { echo('<option value='.$row[profile_id].'>'.$row[name].'</option>'); } } echo ('</select></td>'); echo ('</tr>'); echo ('<tr>'); echo ('<td class="profiletext">Game</td><td><select name="match" width="145">'); $fixtures=mysql_query('SELECT * FROM `fixtures` ORDER BY `date`'); if(mysql_num_rows($fixtures)==0) echo('<option>there is no data in table..</option>'); else { while($matchrow=mysql_fetch_assoc($fixtures)) { echo('<option value='.$matchrow[match_id].'>'.$matchrow.'|'.$matchrow[Opposition].'</option>'); } } echo ('</select></td></tr>'); echo ('<tr>'); echo ('<td class="profiletext">Amount</td>'); echo ('<td><input type="text" name="amount"></td>'); echo ('</tr>'); echo ('<tr>'); echo ('<td class="profiletext">Reason</td>'); echo ('<td><textarea name="reason" cols="50" rows="4"></textarea></td>'); echo ('</tr>'); echo ('<tr>'); echo ('<td> </td>'); echo ('<td><input type="submit" name="Submit" value="Submit"></td>'); echo ('</tr>'); echo ('</table>'); echo('</form>'); ?> And the process code is <?php $con = mysql_connect('IPaddress', 'username', 'password', true); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db('yardleyheroes', $con);$sql="INSERT INTO fines (profile_id, fine_amount, reason) VALUES ('$_POST[name]','$_POST[amount]','$_POST[reason]')";if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo ('1 record added'); echo ('<table><tr><td>Name</td><td>Amount</td><td>Reason</td></tr>'); echo ('<tr><td>'.$_POST[name].'</td><td>'.$_POST[amount].'</td><td>'.$_POST[reason].'</td></tr></table>'); mysql_close($con) ?> When processing the Insert, the code says that the record has been produced, but the data from the form does not get created. Thanks in advance Quote Link to comment Share on other sites More sharing options...
revraz Posted June 12, 2008 Share Posted June 12, 2008 Your echo will run regardless if the data is inserted or not since it's outside of your IF statement. Echo $sql and see what it contains. Quote Link to comment Share on other sites More sharing options...
.josh Posted June 12, 2008 Share Posted June 12, 2008 -You didn't specify a method in your form tag. You need to put method = 'post' in that tag if you wish to use $_POST array. - You may or may not also have issues with your vars in your query string. Change it to this: $sql="INSERT INTO fines (profile_id, fine_amount, reason) VALUES ('{$_POST['name']}','{$_POST['amount']}','{$_POST['reason']}')"; Quote Link to comment Share on other sites More sharing options...
.josh Posted June 12, 2008 Share Posted June 12, 2008 p.s.- I don't recommend putting posted vars directly into a query string. you should at the very minimum do this: foreach ($_POST as $key => $val) { $$key = mysql_real_escape_string($val); } $sql="INSERT INTO fines (profile_id, fine_amount, reason) VALUES ('$name','$amount','$reason')"; Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.