elite_prodigy Posted December 11, 2008 Share Posted December 11, 2008 I'm getting a Notice: Undefined variable: mysql_fetch_array in C:\wamp\www\team\php\hire.php on line 30 and a Fatal error: Function name must be a string in C:\wamp\www\team\php\hire.php on line 30 This is the file that is rendering the error: hire.php <?php include 'config.php'; include 'functions.php'; mysql_select_db('exembar_site'); if( ($_POST['username'] != "") & ($_POST['password'] != "") & ($_POST['location'] != "") & ($_POST['realname'] != "") & ($_POST['email'] != "")) { $username = $_POST['username']; $password = $_POST['password']; $location = $_POST['location']; $realname = $_POST['realname']; $email = $_POST['email']; //sanitize everything $username = sanitize($username); $password = sanitize($password); $location = sanitize($location); $realname = sanitize($realname); $email = sanitize($email); $sql = "INSERT INTO `staff` VALUES('','{$username}','{$password}')"; mysql_query($sql) or die(mysql_error()); $sql = "SELECT * FROM `staff` WHERE `username`='{$username}' AND `password`='{$password}'"; echo $sql; $res = mysql_query($sql) or die(mysql_error()); $info = $mysql_fetch_array($res); //$id = info['id']; $sql = "INSERT INTO `staff_info` VALUES('','{$location}','{$realname}','{$email}','{$id}')"; //header("location:{$root}"); } else { echo "There can be no empty fields!<br>If something is unknown, type 'UNKNOWN'."; } ?> I feel as though I must iterate how horribly error-prone I am with PHP, and without you guys, I would never get anything done, ever. So thanks. I'll be trying to make a donation to phpFreaks asap, when I am more financially stable. -David Quote Link to comment Share on other sites More sharing options...
Maq Posted December 11, 2008 Share Posted December 11, 2008 $info = mysql_fetch_array($res); //remove the $ FYI: The '&' should be double '&&'. You also don't need {} around the variables in the SQL statements. Quote Link to comment Share on other sites More sharing options...
revraz Posted December 11, 2008 Share Posted December 11, 2008 Using {} around variable names is acceptable and actually preferred by some. No reason to remove them. Quote Link to comment Share on other sites More sharing options...
elite_prodigy Posted December 11, 2008 Author Share Posted December 11, 2008 I know I don't need the {} but it improves readability. The && is helpful. Um, why remove the $ from $res? The $ means its a variable..... Quote Link to comment Share on other sites More sharing options...
Maq Posted December 11, 2008 Share Posted December 11, 2008 Um, you have this: $info = $mysql_fetch_array($res); You need this: $info = mysql_fetch_array($res); mysql_fetch_array() is a function, NOT a variable. Quote Link to comment Share on other sites More sharing options...
trq Posted December 11, 2008 Share Posted December 11, 2008 You have an $ attached to the mysql_fetch_array() function. See... $info = $mysql_fetch_array($res); Quote Link to comment Share on other sites More sharing options...
elite_prodigy Posted December 11, 2008 Author Share Posted December 11, 2008 Still getting a parse error on line 31. Quote Link to comment Share on other sites More sharing options...
trq Posted December 11, 2008 Share Posted December 11, 2008 I don't see any parse errors. Post your current code. Quote Link to comment Share on other sites More sharing options...
elite_prodigy Posted December 11, 2008 Author Share Posted December 11, 2008 <?php include 'config.php'; include 'functions.php'; mysql_select_db('exembar_site'); if( ($_POST['username'] != "") & ($_POST['password'] != "") & ($_POST['location'] != "") & ($_POST['realname'] != "") & ($_POST['email'] != "")) { $username = $_POST['username']; $password = $_POST['password']; $location = $_POST['location']; $realname = $_POST['realname']; $email = $_POST['email']; //sanitize everything $username = sanitize($username); $password = sanitize($password); $location = sanitize($location); $realname = sanitize($realname); $email = sanitize($email); $sql = "INSERT INTO `staff` VALUES('','{$username}','{$password}')"; mysql_query($sql) or die(mysql_error()); $sql = "SELECT * FROM `staff` WHERE `username`='{$username}' AND `password`='{$password}'"; echo $sql; $res = mysql_query($sql) or die(mysql_error()); $info = mysql_fetch_array($res); //$id = info['id']; $sql = "INSERT INTO `staff_info` VALUES('','{$location}','{$realname}','{$email}','{$id}')"; //header("location:{$root}"); } else { echo "There can be no empty fields!<br>If something is unknown, type 'UNKNOWN'."; } ?> Quote Link to comment Share on other sites More sharing options...
trq Posted December 11, 2008 Share Posted December 11, 2008 Don't see anything near line 31, but all these &'s need to be &&. if( ($_POST['username'] != "") & ($_POST['password'] != "") & ($_POST['location'] != "") & ($_POST['realname'] != "") & ($_POST['email'] != "")) { You should really be using isset or empty instead however. Quote Link to comment Share on other sites More sharing options...
Maq Posted December 11, 2008 Share Posted December 11, 2008 What line is 31? This one? $sql = "INSERT INTO `staff_info` VALUES('','{$location}','{$realname}','{$email}','{$id}')"; You're not specifying the fields you're inserting into, for example: $sql = "INSERT INTO `staff_info` (field1, location, realname, email, id) VALUES('','{$location}','{$realname}','{$email}','{$id}')"; Quote Link to comment Share on other sites More sharing options...
premiso Posted December 11, 2008 Share Posted December 11, 2008 What line is 31? This one? $sql = "INSERT INTO `staff_info` VALUES('','{$location}','{$realname}','{$email}','{$id}')"; You're not specifying the fields you're inserting into, for example: $sql = "INSERT INTO `staff_info` (field1, location, realname, email, id) VALUES('','{$location}','{$realname}','{$email}','{$id}')"; As long as he has all the fields in the VALUES, he does not need to specify them. Corrected version: <?php include 'config.php'; include 'functions.php'; mysql_select_db('exembar_site'); // added && instead of & if( ($_POST['username'] != "") && ($_POST['password'] != "") && ($_POST['location'] != "") && ($_POST['realname'] != "") && ($_POST['email'] != "")) { $username = $_POST['username']; $password = $_POST['password']; $location = $_POST['location']; $realname = $_POST['realname']; $email = $_POST['email']; //sanitize everything $username = sanitize($username); $password = sanitize($password); $location = sanitize($location); $realname = sanitize($realname); $email = sanitize($email); $sql = "INSERT INTO `staff` VALUES('','$username','$password')"; // removed { and } mysql_query($sql) or die(mysql_error()); $sql = "SELECT * FROM `staff` WHERE `username`='$username' AND `password`='$password'"; // removed { and } echo $sql; $res = mysql_query($sql) or die(mysql_error()); $info = mysql_fetch_array($res); // removed $ here. //$id = info['id']; $sql = "INSERT INTO `staff_info` VALUES('','$location','$realname','$email','$id')"; // removed the { and } from here { and } are only needed for ' not " //header("location:{$root}"); } else { echo "There can be no empty fields!<br>If something is unknown, type 'UNKNOWN'."; } ?> Give that a try and see if you still get the parse error. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.