topflight Posted November 19, 2008 Share Posted November 19, 2008 I don't why my code is not inserting into the database, it does everything else just dosen't insert into the database. <?php if(!$_COOKIE['login']) { header("Location:login.php"); } ?> <?php if($_POST['apply']){ include 'db.php'; $login = $_COOKIE['login']; $pwd = $_COOKIE['pwd']; $fname = $_COOKIE['fname']; $lname = $_COOKIE['lname']; $connect = mysql_connect($db_host,$db_username,$db_password) or die("MySQL Said:".mysql_error()); $database = mysql_select_db($db_database,$connect) or die("MySQl Said:".mysql_error()); $link = mysql_query("SELECT * FROM `pilots` WHERE fname='$fname' and lname='$lname'") or die("MySQL Said:".mysql_error()); $data=mysql_fetch_assoc($link); $ecd = $data['ed']; $bm = $data['bm']; $fname = $data['fname']; $lname = $data['lname']; $pic = $_POST['pic']; $title = $_POST['title']; $date = $_POST['date']; $time = $_POST['time']; $about = $_POST['about']; $picip = $_SERVER['REMOTE_ADDR']; $publish = $_POST['publish']; $now = date("j, n, Y"); if($ecd=='1' or $bm=='1'){ if((!$title) || (!$date) || (!$time)|| (!$about) || (!$publish)){ echo'<font color="#FF0000"><center>You did Not Submit The Following Information!</center></font>'; if(!$title){ echo"<br />You are Missing an Event Title<br /><br />"; } if(!$date){ echo"<br /> Please file a date for this event!<br /><br />"; } if(!$time){ echo"<br />Please file a date for this event<br /><br />"; } if(!$about){ echo"<br />Please provide some information about this event<br /><br />"; } if(!$publish){ echo"<br />You have forgotten to decide if you are ready to publish this event<br /><br />"; } else { $events = "SELECT * FROM `events` WHERE title='$title'"; $eventsr = mysql_query($events); $counte = mysql_num_rows($eventsr); } if($counte >'1'){ echo'Event is Already in database'; } else { mysql_query("INSERT INTO events(id,pic,title,date,time,about,picip,publish,pdate) VALUES('','$pic','$title','$date','$time','$about','$picip','$publish','$now')");.. } } } } ?> Thanks in advanced Quote Link to comment Share on other sites More sharing options...
premiso Posted November 19, 2008 Share Posted November 19, 2008 Try running this: mysql_query("INSERT INTO events(id,pic,title,date,time,about,picip,publish,pdate) VALUES('','$pic','$title','$date','$time','$about','$picip','$publish','$now')") or die(mysql_error()); But I can already tell you, the "date" column is a reserved column name and is throwing the error. I would suggest renaming that, and possible the time column. For a temp fix this would work: mysql_query("INSERT INTO events(`id`,`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('','$pic','$title','$date','$time','$about','$picip','$publish','$now')") or die(mysql_error()); Backticks (`) around the column names will take the columns literally and not as a function thus not throwing the error. Quote Link to comment Share on other sites More sharing options...
revraz Posted November 19, 2008 Share Posted November 19, 2008 Date is not a reserved word. Just echo your query to see what's missing (along with adding the mysql_error). Quote Link to comment Share on other sites More sharing options...
premiso Posted November 19, 2008 Share Posted November 19, 2008 Date is not a reserved word. Just echo your query to see what's missing (along with adding the mysql_error). Weird man, I must have just made that up. Could have sworn but all manuals back to 3.x show it is allowed. Weirdness. Anyhow I bet you query is throwing an error due to the id. If you are not going to use a column, do not define, especially an auto_increment column. IE: mysql_query("INSERT INTO events(`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('$pic','$title','$date','$time','$about','$picip','$publish','$now')") or die(mysql_error()); But that could also be only part of it, I would definitely run the above and see if one of the strings has a single ' or other characters mysql does not do well without them being escaped. Quote Link to comment Share on other sites More sharing options...
topflight Posted November 20, 2008 Author Share Posted November 20, 2008 Sorry for the late delay. But I have now changed the query to look like mysql_query("INSERT INTO events(`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('$pic','$title','$date','$time','$about','$picip','$publish','$now')") or die(mysql_error()); and it is still no inserting into the database. Quote Link to comment Share on other sites More sharing options...
Lee-Bartlett Posted November 20, 2008 Share Posted November 20, 2008 This is the code i use, it might help it might not. <?php $sql="INSERT INTO tblbasicform (name, email, buissnes_name, location, ct, website, telephone, longitude, latitude, type, approve) VALUES ('$_POST[name]','$_POST[email]','$_POST[buissnes_name]','$_POST[location]','$_POST[ct]','$_POST[website]','$_POST[telephone]','$_POST[longitude]', '$_POST[latitude]','$_POST[type]','$_POST[approve]')"; if (!mysql_query($sql,$connect)) { die('Error: ' . mysql_error()); } ?> Quote Link to comment Share on other sites More sharing options...
topflight Posted November 20, 2008 Author Share Posted November 20, 2008 Now I am recceving this error message. Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\xampp\htdocs\addevent_phrase.php on line 95 With the following code: <?php $sql= mysql_query("INSERT INTO events(`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('$_POST[pic]','$_POST[title]','$_POST[date]','$_POST[time]','$_POST[about]','$picip','$_POST['publish']','$now')") or die(mysql_error()); if (!mysql_query($sql,$connect)) { die('Error: ' . mysql_error()); } ?> that is line 94 - 100 Quote Link to comment Share on other sites More sharing options...
revraz Posted November 20, 2008 Share Posted November 20, 2008 You need to redo your arrays in Values, you can't do this '$_POST['publish']' Quote Link to comment Share on other sites More sharing options...
Lee-Bartlett Posted November 20, 2008 Share Posted November 20, 2008 Is there anything connected to this file, for that to work for me, my form names/id's etc are set to them. Quote Link to comment Share on other sites More sharing options...
premiso Posted November 20, 2008 Share Posted November 20, 2008 This is the code i use, it might help it might not. <?php $sql="INSERT INTO tblbasicform (name, email, buissnes_name, location, ct, website, telephone, longitude, latitude, type, approve) VALUES ('$_POST[name]','$_POST[email]','$_POST[buissnes_name]','$_POST[location]','$_POST[ct]','$_POST[website]','$_POST[telephone]','$_POST[longitude]', '$_POST[latitude]','$_POST[type]','$_POST[approve]')"; if (!mysql_query($sql,$connect)) { die('Error: ' . mysql_error()); } ?> That is just a bad way of doing that. Not recommended at all. Here is an improved way. <?php $sql= mysql_query("INSERT INTO events(`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('" . $_POST['pic'] . "','" . $_POST['title'] . "','" . $_POST['date'] . "','" . $_POST['time'] . "','" . $_POST['about'] . "','" . $picip . "','" . $_POST['publish'] . "','" . $now. "')") or die(mysql_error()); if (!mysql_query($sql,$connect)) { die('Error: ' . mysql_error()); } ?> I always like to concatenate strings just because it makes it easier to identify. And always use single quotes (') when access array elements via association, if you have any type of error reporting on it will throw and undefined constant error. Now to protect yourself from SQL injection I would recommend doing this: <?php // note you can easily do this by defining each value instead of looping // but for demonstration purposes I will loop instead of writing the 5 if statements. foreach ($_POST as $key => $val) { $_POST[$key] = mysql_real_escape_string($val); } $sql= mysql_query("INSERT INTO events(`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('" . $_POST['pic'] . "','" . $_POST['title'] . "','" . $_POST['date'] . "','" . $_POST['time'] . "','" . $_POST['about'] . "','" . $picip . "','" . $_POST['publish'] . "','" . $now. "')") or die(mysql_error()); if (!mysql_query($sql,$connect)) { die('Error: ' . mysql_error()); } ?> Questions let me know. For demonstration purposes you could also do this instead of using concatenation: <?php $sql= mysql_query("INSERT INTO events(`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('{$_POST['pic']}','{$_POST['title']}','{$_POST['date']}','{$_POST['time']}','{$_POST['about']}','$picip','{$_POST['publish']}','$now')") or die(mysql_error()); if (!mysql_query($sql,$connect)) { die('Error: ' . mysql_error()); } ?> Quote Link to comment Share on other sites More sharing options...
topflight Posted November 20, 2008 Author Share Posted November 20, 2008 I have now modified my code to look like this <?php $sql= mysql_query("INSERT INTO events(`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('{$_POST['pic']}','{$_POST['title']}','{$_POST['date']}','{$_POST['time']}','{$_POST['about']}','$picip','{$_POST['publish']}','$now')") or die(mysql_error()); if (!mysql_query($sql,$connect)) { die('Error: ' . mysql_error()); } ?> and nothing is still not inserting into the database. I don't know why this is really weird. Quote Link to comment Share on other sites More sharing options...
corbin Posted November 20, 2008 Share Posted November 20, 2008 <?php $sql= mysql_query("INSERT INTO events(`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('{$_POST['pic']}','{$_POST['title']}','{$_POST['date']}','{$_POST['time']}','{$_POST['about']}','$picip','{$_POST['publish']}','$now')") or die(mysql_error()); if (!mysql_query($sql,$connect)) { die('Error: ' . mysql_error()); } ?> Why are you querying twice? Quote Link to comment Share on other sites More sharing options...
topflight Posted November 21, 2008 Author Share Posted November 21, 2008 that is what other people said I should do any other suggestions. Quote Link to comment Share on other sites More sharing options...
revraz Posted November 21, 2008 Share Posted November 21, 2008 Yeah, don't run the query twice. Quote Link to comment Share on other sites More sharing options...
topflight Posted November 21, 2008 Author Share Posted November 21, 2008 so just use $sql= mysql_query("INSERT INTO events(`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('{$_POST['pic']}','{$_POST['title']}','{$_POST['date']}','{$_POST['time']}','{$_POST['about']}','$picip','{$_POST['publish']}','$now')") or die(mysql_error()); and thats it? Quote Link to comment Share on other sites More sharing options...
topflight Posted November 21, 2008 Author Share Posted November 21, 2008 ? Quote Link to comment Share on other sites More sharing options...
revraz Posted November 21, 2008 Share Posted November 21, 2008 Did you try it? Quote Link to comment Share on other sites More sharing options...
topflight Posted November 21, 2008 Author Share Posted November 21, 2008 yes and nothing happens. Quote Link to comment Share on other sites More sharing options...
revraz Posted November 21, 2008 Share Posted November 21, 2008 Your form data is probably missing. echo $sql here, what does it show? $sql= "INSERT INTO events(`pic`,`title`,`date`,`time`,`about`,`picip`,`publish`,`pdate`) VALUES('{$_POST['pic']}','{$_POST['title']}','{$_POST['date']}','{$_POST['time']}','{$_POST['about']}','$picip','{$_POST['publish']}',NOW())"; Quote Link to comment Share on other sites More sharing options...
topflight Posted November 22, 2008 Author Share Posted November 22, 2008 when I echo the SQL it is just a blank white page. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.