Mysql INSERT INTO help

magie · February 1, 2009

Hey i have made this guestbook, but everytime, it only put in the 1st info to the 1st field.

Here is the codes i used

laes.php

<html>
<title>Gæstebog</title>
<body bgcolor="#FFFFFF">

<form name="form1" method="get" action="opdater.php">

Læg venligst en besked
<br>
Navn:
<input type="text" name="navn" id="navn">
<br>
Email:
<input type"text" name"email" id="email">
<br>
Besked:
<textarea name"besked" rows="8" id="besked"></textarea>
<input type="submit" name"Submit" value="Indsend">

</form>

<hr>

Tak til de personer, som allerede har lagt en besked!

<hr>

<?php

$host = "localhost";
$user = "twossdow_magie";
$pass = "******";
$mb   = "twossdow_magie2";
$db = mysql_pconnect($host, $user, $pass);

mysql_select_db($mb,$db);

$result = mysql_query("SELECT * FROM indlaeg",$db);

while ($myrow = mysql_fetch_row($result)){

?>

Navn: <? echo $myrow[1] ?>
<br>
Email: <? echo $myrow[2] ?>
<br>
Besked: <? echo $myrow[3] ?>
<br>

<hr>

<?
}
?>


</body>
</html>

opdater.php

<?php

$host = "localhost";
$user = "twossdow_magie";
$pass = "280788";
$mb   = "twossdow_magie2";
$db = mysql_pconnect($host, $user, $pass);
$navn = $_REQUEST['navn'] ;
$email = $_REQUEST['email'] ;
$besked = $_REQUEST['besked'] ;

mysql_select_db($mb,$db);

$sql = "INSERT INTO indlaeg (`navn`,`email`,`besked`) "
  ."VALUES ('".$_POST["navn"]."', "
  ."VALUES ('".$_POST["besked"]."'), "
  ."'".$_POST["email"]."')";


$result = mysql_query($sql);

?>

<html>
<title>Opdater</title>
<body bgcolor="#FFFFFF">

Tak for det. <a href="laes.php">Klik for at vende tilbage til gæstebogen.</a>

</body>
</html>

Snart · February 1, 2009

The query you use to insert the new entry seems to contain "VALUES" twice. It sould be only once:

$sql = "INSERT INTO indlaeg (`navn`,`email`,`besked`) "
  ."VALUES ('".$_POST["navn"]."', "
  ."'".$_POST["besked"]."', "
  ."'".$_POST["email"]."')";

Also two remarks:

1. If your date of birth happens to be 28 of July 1988, you really need a more secure MySql password. ;-)

2. After someone writes an entry, he is taken to opdater.php. Keep in mind that there is no checking on multiple attempts to post an entry there. By simply pressing F5 over and over, I can easily spam multiple entries in your guestbook.

magie · February 1, 2009

thx m8, ill try it now

magie · February 1, 2009

no, now i get nothing into my database

Snart · February 1, 2009

Can you post the new, modified query and also perhaps the output of mysql_error()?

magie · February 1, 2009

yea, here is the code

<?php

$host = "localhost";
$user = "twossdow_magie";
$pass = "******";
$mb   = "twossdow_magie2";
$db = mysql_pconnect($host, $user, $pass);
$navn = $_REQUEST['navn'] ;
$email = $_REQUEST['email'] ;
$besked = $_REQUEST['besked'] ;

mysql_select_db($mb,$db);

$sql = "INSERT INTO indlaeg (`navn`,`email`,`besked`) "
  ."VALUES ('".$_POST["navn"]."', "
  ."'".$_POST["besked"]."', "
  ."'".$_POST["email"]."')";


$result = mysql_query($sql);

?>

<html>
<title>Opdater</title>
<body bgcolor="#FFFFFF">

Tak for det. <a href="laes.php">Klik for at vende tilbage til gæstebogen.</a>

</body>
</html>

How do i get the mysql error code?

Snart · February 1, 2009

Like so:

$result = mysql_query($sql);

echo mysql_error($result);

I also noticed that you seem to use $_REQUEST at first and then switch to $_POST. It is always better to use $_POST or $_GET or $_COOKIE, depending on where the data is coming from.

magie · February 1, 2009

so when i wannt the inormation from my formular, then i can use $_GET instead of $_REQUEST

magie · February 1, 2009

It just say error, when put this in

echo mysql_error($result);

Snart · February 1, 2009

so when i wannt the inormation from my formular, then i can use $_GET instead of $_REQUEST

It depends, if the method of your form is POST, you should use $_POST.

Snart · February 1, 2009

It just say error, when put this in

echo mysql_error($result);

Weird, it should normally also give a bit more info on which error. But if there is an error, at least we know why no info is inserted.

If you replace

echo mysql_error($result);

by

echo $sql;

What does it say on the screen?

magie · February 1, 2009

i comes with this message

INSERT INTO indlaeg (`navn`,`email`,`besked`) VALUES ('', '', '') Tak for det. Klik for at vende tilbage til gæstebogen.

Snart · February 1, 2009

All the values are empty. So Navn: <? echo $myrow[1] ?> will only show "Navn:"

magie · February 1, 2009

u mean, nothing put in the form for "email" and "besked"

Or what do u mean by empty Values

Im sry im new at PHP

Snart · February 1, 2009

If we look at the query you echoed to the screen, we see:

VALUES ('', '', '')

So only empty values are inserted. When you retrieve the info afterwards, there will be result rows, but all data in it will be empty.

magie · February 1, 2009

ok, i get it, but what can i do to fix that it find some values

Snart · February 1, 2009

Validate $_POST["navn"] and $_POST["besked"] and $_POST["email"] and see if something has been filled in. E.g.:

if(trim($_POST["navn"]) == "") {//Alert the user}

magie · February 1, 2009

then this error comes

Parse error: syntax error, unexpected $end in /home/twossdow/public_html/magie_test/gaestebog/opdater.php on line 32

Snart · February 1, 2009

I only gave that as an example. You should replace the "//Alert the user" with something useful, otherwise the } will be regarded as part of that comment.

magie · February 1, 2009

i don't get it, now it comes with no errors, but it still don't put anything in

Snart · February 1, 2009

Can you repost the code including the $_POST validation you just added?

magie · February 1, 2009

yep here it is

<?php

$host = "localhost";
$user = "twossdow_magie";
$pass = "280788";
$mb   = "twossdow_magie2";
$db = mysql_pconnect($host, $user, $pass);

mysql_select_db($mb,$db);

if(trim($_POST["navn"]) == "Plz fill this out")

$sql = "INSERT INTO indlaeg (`navn`,`email`,`besked`) "
  ."VALUES ('".$_POST["navn"]."', "
  ."'".$_POST["besked"]."', "
  ."'".$_POST["email"]."')";


$result = mysql_query($sql);
echo $sql;


?>

<html>
<title>Opdater</title>
<body bgcolor="#FFFFFF">

Tak for det. <a href="laes.php">Klik for at vende tilbage til gæstebogen.</a>

</body>
</html>

Snart · February 1, 2009

Are you sure that $_POST["navn"]) will always be "please fill this out"? Everything else is in Danish, so this seems kind of strange.

magie · February 1, 2009

its right, its just me who is tired, but yea it should be danish, but that have nothing to do with why it don't sent right?

magie · February 2, 2009

can it be, because i only have 1 table in mysql, with 4 fields.

Field: Type: Length:

id INT

navn CHAR 100

email CHAR 100

besked TEXT

Sign In

Mysql INSERT INTO help

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Archived

Important Information