Jump to content


Photo

Insert into?


  • Please log in to reply
5 replies to this topic

#1 Unseeeen

Unseeeen
  • Members
  • PipPip
  • Member
  • 18 posts

Posted 27 June 2006 - 07:08 AM

I honestly cant find anything wrong with this script, other than it's extremely insecure (and I'll fix that later [img src=\"style_emoticons/[#EMO_DIR#]/unsure.gif\" style=\"vertical-align:middle\" emoid=\":unsure:\" border=\"0\" alt=\"unsure.gif\" /])

<?php
$dbconnect = mysql_connect ("localhost", "***", "***") or die ('I cannot connect to the database because: ' . mysql_error()); 
mysql_select_db ("***");
$title = $_POST['title'];
$author = $_POST['author'];
$news = $_POST['news'];
$submit = $_POST['submit'];
$time = date('D M j'); 

if(isset($submit))
$sql = "INSERT INTO news ( id, title, newsbody, username, time ) values ( 'NULL', '$title', '$news', '$author', '$time' )";
mysql_query ($sql) or die(mysql_error();
echo "News successfully submitted!";
} else {
?>

I get a unexpected ';' error on line 12, and thats

if(isset($submit))

I'm pretty sure I used isset() correctly?

I was thinking there could be an error on the next line...but I've been trying everything I can think of and it just won't work

Can anyone see what's wrong with it? Thanks.

#2 Brandon Jaeger

Brandon Jaeger
  • Members
  • PipPipPip
  • Advanced Member
  • 155 posts
  • LocationPA
  • Age:25

Posted 27 June 2006 - 07:19 AM

You need an { on that line with the error.
PHP is my friend (=

#3 phpstuck

phpstuck
  • Members
  • PipPipPip
  • Advanced Member
  • 59 posts

Posted 27 June 2006 - 07:20 AM

Just take out that line and it should function perfectly, since everything is coming in POST anyway. Just srip out any special characters someone might add and you are there.

#4 Unseeeen

Unseeeen
  • Members
  • PipPip
  • Member
  • 18 posts

Posted 27 June 2006 - 07:59 AM

v3x: That didn't fix the error.

phpstuck: the reason why I have that if there is because that's not all of it...I made it so if there's a post, basically send it to the database, else post the form. I didn't bother posting the form because I didn't feel it was needed and would just make my post longer.

#5 Brandon Jaeger

Brandon Jaeger
  • Members
  • PipPipPip
  • Advanced Member
  • 155 posts
  • LocationPA
  • Age:25

Posted 27 June 2006 - 08:04 AM

You're also missing an ) here:
mysql_query ($sql) or die(mysql_error();

PHP is my friend (=

#6 Unseeeen

Unseeeen
  • Members
  • PipPip
  • Member
  • 18 posts

Posted 27 June 2006 - 08:55 AM

Haha wow, I would of never saw that.


Thanks! That's what fixed it. :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users