Jump to content

Recommended Posts

Hi all,

 

I am trying add information to a database once a user has logged in.

 

The form looks like this:

 

<?php
session_start();

include('include/database.php');
?>

<form id="updateBandinfo" name="bandInfo" method="post" action="updatebandinfo.php">
  <table border="0">
  <tr>
    <td width="185">Genre</td>
    <td width="87"><select name="genre">
      <option value="Rock">Rock</option>
      <option value="Pop">Pop</option>
      <option value="Punk">Punk</option>
      <option value="PunkPop">Punk Pop</option>
      <option value="Metal">Metal</option>
    </select>
      <br></td>
  </tr>
  <tr>
    <td>Year Formed</td>
    <td><input name="formed"  type="text" class="textfield" id="formed" /></td>
  </tr>
  </table>
  <br />
   <input type="submit" name="Submit" value="Update" />
</form>

 

and calls:

 

<?php
//Start session
session_start();

//Include database connection details
require_once('include/database.php');

//Array to store validation errors
$errmsg_arr = array();

//Validation error flag
$errflag = false;


//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
	$str = @trim($str);
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}

//Sanitize the POST values
$userid = $_SESSION['SESS_USERID'];
$bandname = $_SESSION['SESS_BANDNAME'];

$genre = clean($_POST['genre']);
$formed = clean($_POST['formed']);


//Input Validations


if($formed == '') {
	$errmsg_arr[] = 'Year Formed is Missing';
	$errflag = true;
}




//Create INSERT query
$qry = "INSERT INTO banddata(userid, bandname, genre, formed) VALUES('$userid','$bandname','$genre', '$formed' )";
$result = @mysql_query($qry);

//Check whether the query was successful or not
if($result) {
	header("location: member_home.php");
	exit();
}else {
	die("Query failed");
}
?>

 

databse is called bandinfo and is as follows userid, bandname, genre, formed

 

When this query is run it dies

 

I am guessing it is something to do with:

 

//Sanitize the POST values
$userid = $_SESSION['SESS_USERID'];
$bandname = $_SESSION['SESS_BANDNAME'];

 

these sessions are called from the original login script, I was guessing that I could create an array from session data but now I am not so sure, is this possible? and if so have i done it correctly?

 

Thanks

 

 

 

Link to comment
https://forums.phpfreaks.com/topic/153396-solved-add-to-database-woes/
Share on other sites

For all, this is the new copy:

 

<?php
//Start session
session_start();

//Include database connection details
require_once('include/database.php');

//Array to store validation errors
$errmsg_arr = array();

//Validation error flag
$errflag = false;


//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
	$str = @trim($str);
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}

//Sanitize the POST values
$userid = $_SESSION['SESS_USERID'];
$bandname = $_SESSION['SESS_BANDNAME'];

$genre = clean($_POST['genre']);
$formed = clean($_POST['formed']);


//Input Validations


if($formed == '') {
	$errmsg_arr[] = 'Year Formed is Missing';
	$errflag = true;
}



//Create INSERT query
$qry = "INSERT INTO banddata(userid, bandname, genre, formed) VALUES('$userid','$bandname','$genre', '$formed' )";
$result = @mysql_query($qry);

//Check whether the query was successful or not
if($result) {
	header("location: member_home.php");
	exit();
}else {
	die(mysql_error());

}
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.