Jump to content

problem with variables part II


justAnoob

Recommended Posts

Check out the commented lines

<?php
session_start();

include "connection.php";

mysql_connect("$host", "$username", "$password") or die("Could not connect.");
mysql_select_db("$db_name") or die("Could not find database");

$sendto = mysql_real_escape_string($_POST['sendto']);
$subject = mysql_real_escape_string($_POST['subject']);
$message = mysql_real_escape_string($_POST['message']);

$findit = $_SESSION['id'];  //if i comment this line out,, of course the user_id does not get inserted into the database
$from = $_SESSION['id'];  // so why wouldn't this line work, can i not use 2 variables from the same session variable

$result=mysql_query("SELECT id FROM members WHERE username = '$findit'");
$row=mysql_fetch_assoc($result);
$user_id = $row['id'];
$sql = "INSERT INTO member_messages(user_id, sendto, subject, message, from)VALUES('$findit', '$sendto','$subject','$message', '$from')";
mysql_query($sql) or die('There was an error.');

mysql_close();

?>

Link to comment
https://forums.phpfreaks.com/topic/153585-problem-with-variables-part-ii/
Share on other sites

i did the echo of $_SESSION['id'] and it came back as whatever user I am signed in as,, which is good. no problems there. When i echo $from, it comes back as the username also,,, great,,, but when I echo both $findit and $from,,,, nothing appears,,, just gives me my sql error. What is going on????

user_id in the database gets inserted just fine...... it's the from($from) that is getting the problem.. if i take out the $from variable of the script,, everthing works fine.. the "from" row in the database is varchar with more than enough characters. I don't understand what is going on.

instead of reassigning $_SESSION['id'], you try just simplifying and putting $_SESSION['id'] straight into your query?

$result=mysql_query("SELECT id FROM members WHERE username = '".$_SESSION['id']."'");
$row=mysql_fetch_assoc($result);
$user_id = $row['id'];
$sql = "INSERT INTO member_messages(user_id, sendto, subject, message, from)VALUES('".$_SESSION['id']."', '$sendto','$subject','$message', '".$_SESSION['id']."')";
mysql_query($sql) or die('There was an error.');

Here is all the code,,, form and script... Please remember that the $findit variable works just fine with getting inserted into the mysql row user_id.... that is not the problem... just getting the userid again for the mysql row "from"

 

<form id="form5" name="form5" method="post" action="sendnew.php">
          <table width="945" height="215" border="0" cellpadding="0" cellspacing="3">
            <tr>
              <td width="88"><div align="right">Send to:</div></td>
              <td width="481"><input name="sendto" type="text" id="sendto" size="35" /></td>
            </tr>
            <tr>
              <td><div align="right">Subject:</div></td>
              <td><input name="subject" type="text" id="subject" size="35" /></td>
            </tr>
            <tr>
              <td height="115"><div align="right">Message:</div></td>
              <td><textarea name="message" id="message" cols="65" rows="7"></textarea></td>
            </tr>
            <tr>
              <td height="19"><div align="right">From:</div></td>
              <td><?php echo $username; ?></td>
            </tr>
            <tr>
              <td height="19"> </td>
              <td>
                <div align="left">
                  <input type="submit" name="submit" id="submit" value="Send Message" />
                </div></td>
            </tr>
          </table>
          </form>

and the script

<?php
session_start();
include "connection.php";
mysql_connect("$host", "$username", "$password") or die("Could not connect.");
mysql_select_db("$db_name") or die("Could not find database");

$sendto = mysql_real_escape_string($_POST['sendto']);    
$subject = mysql_real_escape_string($_POST['subject']);  
$message = mysql_real_escape_string($_POST['message']);  

$findit = $_SESSION['id'];

$result=mysql_query("SELECT id FROM members WHERE username = '$findit'");
$row=mysql_fetch_assoc($result);
$user_id = $row['id'];
$sql = "INSERT INTO member_messages(user_id, sendto, subject, message, from)VALUES('$findit', '$sendto','$subject','$message', '".$_SESSION['id']."')";
mysql_query($sql) or die('There was an error.');
mysql_close();

?>

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.