Jump to content

[SOLVED] Mysql query not working at all ?? :S

jamesxg1

By jamesxg1
in PHP Coding Help

 Share

Recommended Posts

jamesxg1 Advanced Member

jamesxg1

Posted
Posted 
<?php session_start();

include '../Database/Connection.php';
include '../Database/Utility.php';

isloggedin();
accessneeded("A");

if (isset($_POST['Add'])) {

$holder = mysql_real_escape_string($_POST['holder']);
$firstname = mysql_real_escape_string($_POST['firstname']);
$firstname        = ereg_replace(" ", "", $firstname); 
$lastname = mysql_real_escape_string($_POST['lastname']);
$lastname        = ereg_replace(" ", "", $lastname); 
$address = mysql_real_escape_string($_POST['address']);
$postcode = mysql_real_escape_string($_POST['postcode']);
$email = mysql_real_escape_string($_POST['email']);
$email       = ereg_replace(" ", "", $email); 
$pnumber = mysql_real_escape_string($_POST['pnumber']);
$pnumber        = ereg_replace(" ", "", $pnumber); 

if($holder && $firstname && $lastname && $address && $postcode && $email && $pnumber){
$_name = "/^[-!#$%&\'*+\\.\/0-9=?A-Z^`{|}~]+";
$_host = "([-0-9A-Z]+\.)+";
$_tlds = "([0-9A-Z]){2,4}$/i";

if( !preg_match($_name."@".$_host.$_tlds,$email) ){
	echo "<div align=\"center\">The email you entered is of invalid format.</div>";
      	include("ContactControl.php?contact=Add");
      	die();
}

if (md5($number) == $_SESSION['image_random_value']) {


$sql = "INSERT INTO `contacts` (`holder`, `firstname`, `lastname`, `address`, `postcode`, `email`, `pnumber`) VALUES('$holder', '$firstname', '$lastname', '$address', '$postcode', '$email', '$pnumber')";
mysql_query($sql) or die(mysql_error());
header('Location: ContactControl.php?contact=Overview');}
if ($_GET['contact'] == "Add") {

?> 
  <form method="POST" action="ContactControl.php?contact=Add">
<p>
 <b>First Name:</b><br><input type="text" name="firstname" size="20" maxlength="255" />
 </p>
<p>
 <b>Last Name:</b><br><input type="text" name="lastname" size="20" maxlength="255" />
 </p>

<p>
 <b>Address:</b><br><textarea rows="5" cols="40" name="address" id="$address"></textarea>
 </p>

<p>
 <b>Postcode:</b><br><input type="text" name="postcode" size="20" maxlength="255" />
 </p>
<p>
 <b>Email:</b><br><input type="text" name="email" size="20" maxlength="255" />
 </p>
<p>
 <b>Phone Number:</b><br><input type="text" name="pnumber" size="20" maxlength="255" />
 </p>

<p><img src="Security/SecureSubmit.php"></p>

<p><b>Security Code:</b><br><input name="txtNumber" type="text" id="txtNumber" value="" /></p>
<p>
<br><input type="text" name="holder" size="20" maxlength="255" value="<?php print $_SESSION['userid']; ?>/>
 </p>
    <p align="center">
    <input type="submit" name="Add" value="Submit" /> 
     <input type="reset" name="reset" value="Reset Form">
    </p>
  </form>
<?php
}
}
}
?>

Link to comment
https://forums.phpfreaks.com/topic/153160-solved-mysql-query-not-working-at-all-s/
Share on other sites
jamesxg1 Advanced Member

jamesxg1

Posted
  • Author
Posted

Do you get any errors?  Did you echo out the sql statement to see if it's what you intended?

 

Are you echoing out below the if statements to see if they succeed and proceed to your sql portion?

 

nope no errors, no i havent how would i got about this just 

<?php print $sql ?>

?, no i shall do that now :)

Maq Prolific Member

Maq

Posted
Posted

sorry, ermm how do i print a if statment result ? :S

 

You don't, you just see if it's what you expect by echoing something directly under it to see if it succeeded.

 

Or, you can echo the two values it's comparing right above it to see if you're using the logical operator correctly.

mrMarcus Member

mrMarcus

Posted
Posted

add some echo's to your if statements and add some else statements as well .. that way you know where things are breaking and you can go from there .. it's troubleshooting 101.

 

otherwise, you can have this massive script, have it not work and sit there pulling your hair out wondering why .. just takes some initial steps to help yourself fix your own code.

 

your code starts out with this...

if (isset($_POST['Add']))

then i scroll down a bit and see this...

if( !preg_match($_name."@".$_host.$_tlds,$email) )
	{
		echo "<div align=\"center\">The email you entered is of invalid format.</div>";
		include("ContactControl.php?contact=Add");
		die();
	}

and...

if ($_GET['contact'] == "Add") {

you're using both the $_GET and $_POST methods here.

 

and, do you mean md5($pnumber) instead of md5($number)?

if (md5($number) == $_SESSION['image_random_value']) {

if so, there's why your query ain't working .. remember, throw out some conditions so you know where your code is failing.

jamesxg1 Advanced Member

jamesxg1

Posted
  • Author
Posted

what was the problem?

 

 

slight adjustment to the query and i needed to add a $_POST for the security code :)

 

i have a problem guys.

 

this is the code

<?php session_start();

include 'Database/Connection.php';
include 'Database/Utility.php';

isloggedin();
accessneeded("C");

if (isset($_POST['Add'])) {

$holder = mysql_real_escape_string($_POST['holder']);
$firstname = mysql_real_escape_string($_POST['firstname']);
$firstname        = ereg_replace(" ", "", $firstname); 
$lastname = mysql_real_escape_string($_POST['lastname']);
$lastname        = ereg_replace(" ", "", $lastname); 
$address = mysql_real_escape_string($_POST['address']);
$postcode = mysql_real_escape_string($_POST['postcode']);
$email = mysql_real_escape_string($_POST['email']);
$email       = ereg_replace(" ", "", $email); 
$pnumber = mysql_real_escape_string(intval($_POST['pnumber']));
$pnumber        = ereg_replace(" ", "", $pnumber); 
$number          = mysql_real_escape_string($_POST['txtNumber']);

if($holder && $firstname && $lastname && $address && $postcode && $email && $pnumber){
$_name = "/^[-!#$%&\'*+\\.\/0-9=?A-Z^`{|}~]+";
$_host = "([-0-9A-Z]+\.)+";
$_tlds = "([0-9A-Z]){2,4}$/i";

if( !preg_match($_name."@".$_host.$_tlds,$email) ){
	echo "<div align=\"center\">The email you entered is of invalid format.</div>";
      	include("ContactControl.php?contact=Add");
      	die();
}

if (md5($number) == $_SESSION['image_random_value']) {

$sql = sprintf("INSERT INTO `contacts` (`holder`, `firstname`, `lastname`, `address`, `postcode`, `email`, `pnumber`) VALUES('$holder', '$firstname', '$lastname', '$address', '$postcode', '$email', '$pnumber')");
mysql_query($sql) or die(mysql_error());
header('Location: ContactControl.php?contact=Overview');
}

if ($_GET['contact'] == "Add") {

?> 
  <form method="POST" action="ContactControl.php?contact=Add">
<p>
 <b>First Name:</b><br><input type="text" name="firstname" size="20" maxlength="255" />
 </p>
<p>
 <b>Last Name:</b><br><input type="text" name="lastname" size="20" maxlength="255" />
 </p>

<p>
 <b>Address:</b><br><textarea rows="5" cols="40" name="address" id="$address"></textarea>
 </p>

<p>
 <b>Postcode:</b><br><input type="text" name="postcode" size="20" maxlength="255" />
 </p>
<p>
 <b>Email:</b><br><input type="text" name="email" size="20" maxlength="255" />
 </p>
<p>
 <b>Phone Number:</b><br><input type="text" name="pnumber" size="20" maxlength="255" />
 </p>

<p><img src="Security/SecureSubmit.php"></p>

<p><b>Security Code:</b><br><input name="txtNumber" type="text" id="txtNumber" value="" /></p>
<p>
<br><input type="hidden" name="holder" size="20" maxlength="255" value="<?php print $_SESSION['userid'] ?>"/>
 </p>
    <p align="center">
    <input type="submit" name="Add" value="Submit" /> 
     <input type="reset" name="reset" value="Reset Form">
    </p>
  </form>
<?php
}
}
}

if ($_GET['contact'] == "Overview") {

$count = 0;
$query = mysql_query(sprintf("SELECT * FROM contacts WHERE holder = '$_SESSION['userid']'")) or die(mysql_error()); 
while ($row = mysql_fetch_object($query)) { 
if ($count!=0){echo "<br>";}
print "First Name: <font color=red>$row->firstname<br>";
print "Last Name: <font color=red>$row->lastname<br>";
print "Address: <font color=red>$row->address<br>";
print "Postcode: <font color=red>$row->postcode<br>"; 
print "Email: <font color=red>$row->email<br>";
print "Phone Number: <font color=red>$row->pnumber<br>";
$count++;
}
}
?>

 

i get this

 

Parse error: syntax error, unexpected '}' in C:\xampp\htdocs\family\ContactControl.php on line 80

 

but i delete the whole bottom of the code and it is still there. :S

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.