Jump to content


Photo

Im having trouble using superglobals with mysql query


  • Please log in to reply
8 replies to this topic

#1 Imothep

Imothep
  • Members
  • PipPip
  • Member
  • 15 posts

Posted 21 July 2006 - 11:54 AM

Hello guys.. im kinda n00bish when it comes to PHP so i hope you can help me. Basically what im trying to do is to tell mysql to insert information into the database which the user inputs through a HTML form.

I tried coding this but it is not entered into the database. Also i tried to echo the mysql_query string, but nothing seems to be inserted into the variable $sql.
Any help would be greatly appriciated.

CODE1

$sql=mysql_query("INSERT INTO `larf_users` (`firstname`, `surname`, `email`, `landphone`, `mobilephone`, `postalcode`)
VALUES
('$_POST[firstname]' , '$_POST[surname]', '$_POST[email]', '$_POST[landphone] ', '$_POST[mobilphone] ', '$_POST[postalcode]')" );


CODE2

mysql_query("INSERT INTO `larf_users` (`firstname`, `surname`, `email`, `landphone`, `mobilephone`, `postalcode`)
VALUES
('" .$_POST['firstname']."', '".$_POST['surname']."', '" .$_POST['email']."', '" .$_POST['landphone']. "', '" .$_POST['mobilephone']."', '" .$_POST['postalcode']."')");


It is probably just a shabby code error somewhere.. Also can you try and give me some advice on how to make my code cleaner ?

Thank you very much

Fredrik Christensen
Ip Generation Ltd

#2 hvle

hvle
  • Members
  • PipPipPip
  • Advanced Member
  • 667 posts
  • Locationmelbourne, Australia

Posted 21 July 2006 - 12:02 PM

super globals are just array and you will need to wrap {} around it.

$sql = "INSERT INTO `larf_users` (`firstname`, `surname`, `email`, `landphone`, `mobilephone`, `postalcode`)
        VALUES (
        '{$_POST['firstname']}',
        '{$_POST['surname']}',
        '{$_POST['email']}',
        '{$_POST['landphone']}',
        '{$_POST['mobilphone']}',
        '{$_POST['postalcode']}')";
        
    mysql_query($sql);

Life's too short for arguing.

#3 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 21 July 2006 - 12:07 PM

First, make sure the script is recieving the $_POST values, put this at the start of your script:
<?php if (isset($_POST)) echo '<pre>' . print_r($_POST,true) . '</pre>'; ?>
Then, you could use the alternative syntax for the insert "insert into tablename set field='value'" and use PHP to create the query:
<?php
$qtmp = array();
foreach ($_POST as $key=>$value)
      switch ($key) {
          case 'firstname':
          case 'surname':
          case 'email':
          case 'landphone':
          case 'mobilphone':
          case 'postalcode':
                 $qtmp[] = $key . " = '" . mysql_real_escape_string(trim(stripslashes($val))) . "'";
                 breaK;
      }
$q = 'insert into larf_users set ' . implode(', ',$qtmp);
echo "Generated query: $q<br>\n";
?>
BTW, I use the mysql_real_escape_string() function to prevent sql injections.

Ken

#4 Imothep

Imothep
  • Members
  • PipPip
  • Member
  • 15 posts

Posted 21 July 2006 - 12:13 PM

:( Thank you very much but it doesnt seem to be entering data into the database:


This is my whole script... please dont laugh  :P im a n00b. But the mail functions and the echo functions work perfectly :S

except from the mysql_query :S

<?php
$username="xxxxxx"; ( changed for security reasons)
	$password="xxxxxx"; ( changed for security reasons)
	$server="xxxxxx"; ( changed for security reasons)
	$database="xxxxxx"; ( changed for security reasons)
	
	$adminmail="fred@ipgeneration.co.uk";
	
	$required="This is a required field *";
	$usermail= $_POST['email'];
	
	
	$adminmessage= " \n"
			. "\n"
			. "\n"
			. "Name: $_POST[firstname] $_POST[surname]"  
			. "\n"
			. "\n"
			. "\n"
			. "User email: $_POST[email]"  
			. "\n"
			. "\n"
			. "\n"
			. "Landline phone: $_POST[landphone]" 
			. "\n"
			. "\n"
			. "\n"
			. "Mobile phone: $_POST[mobilephone]" 
			. "\n"
			. "\n"
			. "\n"
			. "Postal Code : $_POST[postalcode]"
			. "\n"
			. "\n"
			. "\n";	
	
	
	
	
	
	
	
	
	
	
		mysql_connect($server, $username, $password) 
		or die(" could not connect to the server please contact $adminmail for more information");
		
		
		mysql_select_db($database) 
		or die("Could not connect to the database");
		
		
		if(empty($_POST['firstname']))
		{
		echo "You did not fill in your Firstname $required";	
		}				
		
		
		
		
		echo "<br>";
		
		
		
		
		if(empty($_POST['surname']))
		{
		echo "You did not fill in your Surname $required";	
		}	
		
		
		
		
		echo "<br>";
		
		
		
		
				if(empty($_POST['email']))
		{
		echo "You did not fill in your email $required";	
		}	
		
		
		
		echo "<br>";
		
		
				if(empty($_POST['landphone']))
		{
		echo "You did not fill in your land phone number $required";	
		}	
		
		
		echo"<br>";
		
		
				if(empty($_POST['mobilephone']))
		{
		echo "You did not fill in your Mobile phone number $required";	
		}	
		
		
		
		echo "<br>";
		
		
				if(empty($_POST['postalcode']))
		{
		echo "<h4>" ."You did not fill in your Postal code $required" .	 "</h4>";
		
		}
		
		
		if (empty($_POST['firstname']) || empty($_POST['surname']) || empty($_POST['email']) || empty($_POST['landphone']) || empty($_POST['mobilephone']) || empty($_POST['postalcode']))	
		{
		}
		else {
			
			
				$sql = "INSERT INTO `larf_users` (`firstname`, `surname`, `email`, `landphone`, `mobilephone`, `postalcode`)
        VALUES (
        '{$_POST[firstname]}',
        '{$_POST[surname]}',
        '{$_POST[email]}',
        '{$_POST[landphone]}',
        '{$_POST[mobilphone]}',
        '{$_POST[postalcode]}')";
				
				mysql_query($sql);
		
			mail($adminmail, "New Registered user", "$adminmessage");
			

			
			echo "Registration Successfull. You will shortly receive a confirmation mail with your registered details" . "<a href='index.php'> Back to Main Page? </a>";
			
			
			
			mail($usermail, "Thank you for registerting at LARF TV", "Welcome to LARF TV $_POST[firstname] $_POST[surname]. Below you will find all the information you used to register with. If any of this information is wrong please let us know so that we can correct this manually." . "\n" . "\n" .  "Thank you and once again Welcome!"
			. "\n"
			. "\n"
			. "\n"
			. "Name: $_POST[firstname] $_POST[surname]" 
			. "\n"
			. "\n"
			. "\n"
			. "User email: $_POST[email]"
			. "\n"
			. "\n"
			. "\n"
			. "Landline phone: $_POST[landphone]"
			. "\n"
			. "\n"
			. "\n"
			. "Mobile phone: $_POST[mobilephone]"
			. "\n"
			. "\n"
			. "\n"
			. "Postal Code : $_POST[postalcode]"
			);
		
		}
		?>

anyone have any idea ?

Thank you again!

(edited by a moderator to put in the [code][/code] tags)

#5 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 21 July 2006 - 12:20 PM

Change the
<?php mysql_query($sql); ?>
to
<?php mysql_query($sql) or die("Problem with the query: $sql<br>" . mysql_error()); ?>
and see it any error is printed.

Ken


#6 Imothep

Imothep
  • Members
  • PipPip
  • Member
  • 15 posts

Posted 21 July 2006 - 12:24 PM

Problem with the query: INSERT INTO `larf_users` (`firstname`, `surname`, `email`, `landphone`, `mobilephone`, `postalcode`) VALUES ( 'Fredrik', 'Christensen', 'fredrik@pixelpeople.org', '22222222', '', 'SW19 5DH')
Duplicate entry '' for key 1

#7 kenrbnsn

kenrbnsn
  • Staff Alumni
  • Advanced Member
  • 8,235 posts
  • LocationHillsborough, NJ, USA

Posted 21 July 2006 - 12:29 PM

So you're you're trying to enter a duplicate "firstname". That doesn't make much sense, since many people have the same firstnames. Take a look at your database design.

Ken

#8 Imothep

Imothep
  • Members
  • PipPip
  • Member
  • 15 posts

Posted 21 July 2006 - 12:38 PM

I found the problem Ken.. I forgot to use INT AUTO_INCREMENT on the userid field. IM sorry to bother you about this, but stupid errors occur all the time for me :P lol

Thanks alot!

#9 Imothep

Imothep
  • Members
  • PipPip
  • Member
  • 15 posts

Posted 21 July 2006 - 12:42 PM

Also mate.. is there a lot of work to do a USER EXISTENCE check? so that users cant register twice ?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users