PHP question

[eschuppe]

The script below is supposed to first validate that the user_idnum is and if that a correct value in users then grabs full_name (this is where the error occurs). I may possibly select information wrong, since I want to select from one table and insert into another. When the script is executed it appears as if it ran properly. However, when checking the database table all the values are inserted except full name. Any ideas how on how to fix this?

<?php 
session_start();


include ('dbc.php'); 


if ($_POST['Submit'] == 'Register')
{
   if (strlen($_POST['user_idnum']) > 4)
   {
     header("Location: checkout.php?msg=ERROR: Incorrect Student ID. Please enter valid ID number.");
    }
   if (strlen($_POST['bookisbn']) < 4)
   {
     header("Location: checkout.php?msg=ERROR: Incorrect Student ID. Please enter valid ID number.");
    }

if ($_POST['user_idnum'] && $_POST['bookisbn']) { // If everything is okay.
           $query = "SELECT user_idnum FROM users WHERE user_idnum='$_POST[user_idnum]'";
           $result = mysql_query ($query); // Run the query.
           if (mysql_num_rows($result) == 1) {
           $query = "SELECT full_name FROM users";
           $fullname = mysql_query($query);
           
        // Make the query.
        $query = "INSERT INTO checkout (full_name, user_idnum, date, book) VALUES ('$fullname', '$_POST[user_idnum]', NOW(), '$_POST[bookisbn]')";
        $result = mysql_query ($query); // Run the query.
        if ($result) {
	// Send an email.
	echo '<p><b>You have been registered!</b></p>';
         exit(); // Quit the script.
         } else { // If it did not run okay.
           echo '<p>You could not checkout a book due to a system error. We apologize for any inconvenience.</p><p>' . mysql_error() . '</p>';
         }
         } else {
           echo '<p>Your id number does not match.</p>';
           }
         mysql_close(); // Close the database.

    } // End the conditionoal.

  }
?> 

<link href="styles.css" rel="stylesheet" type="text/css">
<?php if (isset($_GET['msg'])) { echo "<div class=\"msg\"> $_GET[msg] </div>"; } ?>
<p> </p>
<table width="65%" border="0" cellpadding="0" cellspacing="0">
  <tr>
    <td bgcolor="d5e8f9" class="mnuheader"><strong><font size="5">Register Account</font></strong></td>
  </tr>
  <tr>
    <td bgcolor="e5ecf9" class="forumposts"><form name="form1" method="post" action="checkout.php" style="padding:5px;">
        <p><br>
          ID Number:
          <input name="user_idnum" type="text" id="user_idnum">
          </p>
        <p>
        Book:
         <input name="bookisbn" type="text" id="bookisbn">
         </p>
        <p align="center">
          <input type="submit" name="Submit" value="Register">
        </p>
      </form></td>
  </tr>
</table>
<div align="left"></div>
</body>
</html>

The actual script can be found at: www.ericschuppe.com/checkout.php

Thanks so much for the help.

 

 

[friedemann_bach]

Well, inserting won't work, as the query is executed, but the data is not yet fetched from the result. You need something like this:

 

$query_string = "SELECT full_name FROM users";
$query_result = mysql_query($query_string);
$query_result_row = mysql_fetch_object($query_result);

 

and then refer to the result columns by $query_result_row->full_name.

 

You should not have more than one row returned, but in other cases, you should repeat the INSERT for each result row as follows:

 

while ($query_result_row = mysql_fetch_object($query_result)) {
  <put your INSERT operation here>
}

 

Good luck!

 

[eschuppe]

Thanks friedemann_bach,

 

If I wanted to grab the full_name that corresponded only to the user_idnum  would I add a WHERE into the query or would I have to use some other what?

Thanks agian.

[friedemann_bach]

Yes, you're right: "... WHERE user_idnum='$_POST[user_idnum]'", as in the query directly above. You could also merge the two queries into one with "SELECT full_name, user_idnum ...".

 

By the way, you could also get rid of checking mysql_num_rows if you limit your query to one row (... LIMIT 1). Check also if user_idnum is set as a primary index in your database, so that you avoid multiple ids.