Jump to content

Archived

This topic is now archived and is closed to further replies.

Imothep

Im having trouble using superglobals with mysql query

Recommended Posts

Hello guys.. im kinda n00bish when it comes to PHP so i hope you can help me. Basically what im trying to do is to tell mysql to insert information into the database which the user inputs through a HTML form.

I tried coding this but it is not entered into the database. Also i tried to echo the mysql_query string, but nothing seems to be inserted into the variable $sql.
Any help would be greatly appriciated.

[b]CODE1[/b]

$sql=mysql_query("INSERT INTO `larf_users` (`firstname`, `surname`, `email`, `landphone`, `mobilephone`, `postalcode`)
VALUES
('$_POST[firstname]' , '$_POST[surname]', '$_POST[email]', '$_POST[landphone] ', '$_POST[mobilphone] ', '$_POST[postalcode]')" );


[b]CODE2[/b]

mysql_query("INSERT INTO `larf_users` (`firstname`, `surname`, `email`, `landphone`, `mobilephone`, `postalcode`)
VALUES
('" .$_POST['firstname']."', '".$_POST['surname']."', '" .$_POST['email']."', '" .$_POST['landphone']. "', '" .$_POST['mobilephone']."', '" .$_POST['postalcode']."')");


It is probably just a shabby code error somewhere.. Also can you try and give me some advice on how to make my code cleaner ?

Thank you very much

Fredrik Christensen
Ip Generation Ltd

Share this post


Link to post
Share on other sites
super globals are just array and you will need to wrap {} around it.

[code]
$sql = "INSERT INTO `larf_users` (`firstname`, `surname`, `email`, `landphone`, `mobilephone`, `postalcode`)
        VALUES (
        '{$_POST['firstname']}',
        '{$_POST['surname']}',
        '{$_POST['email']}',
        '{$_POST['landphone']}',
        '{$_POST['mobilphone']}',
        '{$_POST['postalcode']}')";
       
    mysql_query($sql);
[/code]

Share this post


Link to post
Share on other sites
First, make sure the script is recieving the $_POST values, put this at the start of your script:
[code]<?php if (isset($_POST)) echo '<pre>' . print_r($_POST,true) . '</pre>'; ?>[/code]
Then, you could use the alternative syntax for the insert "insert into tablename set field='value'" and use PHP to create the query:
[code]<?php
$qtmp = array();
foreach ($_POST as $key=>$value)
      switch ($key) {
          case 'firstname':
          case 'surname':
          case 'email':
          case 'landphone':
          case 'mobilphone':
          case 'postalcode':
                $qtmp[] = $key . " = '" . mysql_real_escape_string(trim(stripslashes($val))) . "'";
                breaK;
      }
$q = 'insert into larf_users set ' . implode(', ',$qtmp);
echo "Generated query: $q<br>\n";
?>[/code]
BTW, I use the mysql_real_escape_string() function to prevent sql injections.

Ken

Share this post


Link to post
Share on other sites
:( Thank you very much but it doesnt seem to be entering data into the database:


This is my whole script... please dont laugh  :P im a n00b. But the mail functions and the echo functions work perfectly :S

except from the mysql_query :S

[code]<?php
$username="xxxxxx"; ( changed for security reasons)
$password="xxxxxx"; ( changed for security reasons)
$server="xxxxxx"; ( changed for security reasons)
$database="xxxxxx"; ( changed for security reasons)

$adminmail="fred@ipgeneration.co.uk";

$required="This is a required field *";
$usermail= $_POST['email'];


$adminmessage= " \n"
. "\n"
. "\n"
. "Name: $_POST[firstname] $_POST[surname]" 
. "\n"
. "\n"
. "\n"
. "User email: $_POST[email]" 
. "\n"
. "\n"
. "\n"
. "Landline phone: $_POST[landphone]"
. "\n"
. "\n"
. "\n"
. "Mobile phone: $_POST[mobilephone]"
. "\n"
. "\n"
. "\n"
. "Postal Code : $_POST[postalcode]"
. "\n"
. "\n"
. "\n";










mysql_connect($server, $username, $password)
or die(" could not connect to the server please contact $adminmail for more information");


mysql_select_db($database)
or die("Could not connect to the database");


if(empty($_POST['firstname']))
{
echo "You did not fill in your Firstname $required";
}




echo "<br>";




if(empty($_POST['surname']))
{
echo "You did not fill in your Surname $required";
}




echo "<br>";




if(empty($_POST['email']))
{
echo "You did not fill in your email $required";
}



echo "<br>";


if(empty($_POST['landphone']))
{
echo "You did not fill in your land phone number $required";
}


echo"<br>";


if(empty($_POST['mobilephone']))
{
echo "You did not fill in your Mobile phone number $required";
}



echo "<br>";


if(empty($_POST['postalcode']))
{
echo "<h4>" ."You did not fill in your Postal code $required" . "</h4>";

}


if (empty($_POST['firstname']) || empty($_POST['surname']) || empty($_POST['email']) || empty($_POST['landphone']) || empty($_POST['mobilephone']) || empty($_POST['postalcode']))
{
}
else {


$sql = "INSERT INTO `larf_users` (`firstname`, `surname`, `email`, `landphone`, `mobilephone`, `postalcode`)
        VALUES (
        '{$_POST[firstname]}',
        '{$_POST[surname]}',
        '{$_POST[email]}',
        '{$_POST[landphone]}',
        '{$_POST[mobilphone]}',
        '{$_POST[postalcode]}')";

mysql_query($sql);

mail($adminmail, "New Registered user", "$adminmessage");



echo "Registration Successfull. You will shortly receive a confirmation mail with your registered details" . "<a href='index.php'> Back to Main Page? </a>";



mail($usermail, "Thank you for registerting at LARF TV", "Welcome to LARF TV $_POST[firstname] $_POST[surname]. Below you will find all the information you used to register with. If any of this information is wrong please let us know so that we can correct this manually." . "\n" . "\n" .  "Thank you and once again Welcome!"
. "\n"
. "\n"
. "\n"
. "Name: $_POST[firstname] $_POST[surname]"
. "\n"
. "\n"
. "\n"
. "User email: $_POST[email]"
. "\n"
. "\n"
. "\n"
. "Landline phone: $_POST[landphone]"
. "\n"
. "\n"
. "\n"
. "Mobile phone: $_POST[mobilephone]"
. "\n"
. "\n"
. "\n"
. "Postal Code : $_POST[postalcode]"
);

}
?>[/code]

anyone have any idea ?

Thank you again!

(edited by a moderator to put in the [nobbc][code][/code][/nobbc] tags)

Share this post


Link to post
Share on other sites
Change the
[code]<?php mysql_query($sql); ?>[/code]
to
[code]<?php mysql_query($sql) or die("Problem with the query: $sql<br>" . mysql_error()); ?>[/code]
and see it any error is printed.

Ken

Share this post


Link to post
Share on other sites
Problem with the query: INSERT INTO `larf_users` (`firstname`, `surname`, `email`, `landphone`, `mobilephone`, `postalcode`) VALUES ( 'Fredrik', 'Christensen', 'fredrik@pixelpeople.org', '22222222', '', 'SW19 5DH')
Duplicate entry '' for key 1

Share this post


Link to post
Share on other sites
So you're you're trying to enter a duplicate "firstname". That doesn't make much sense, since many people have the same firstnames. Take a look at your database design.

Ken

Share this post


Link to post
Share on other sites
I found the problem Ken.. I forgot to use INT AUTO_INCREMENT on the userid field. IM sorry to bother you about this, but stupid errors occur all the time for me :P lol

Thanks alot!

Share this post


Link to post
Share on other sites
Also mate.. is there a lot of work to do a USER EXISTENCE check? so that users cant register twice ?

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.