bschultz Posted May 9, 2009 Share Posted May 9, 2009 I've got a php script that will take form fields, and write them to a database. Pretty simple, and working just fine. I, however, want the user typing in the form to be displayed the answers that they have typed...and be able to confirm that they typed everything properly. This is not working. Here's the code: <?php $md5_pass = md5($_POST[password]); $_SESSION["name"] = $_POST[name]; $_SESSION["address"] = $_POST[address]; $_SESSION["city"] = $_POST[city]; $_SESSION["state"] = $_POST[state]; $_SESSION["zip"] = $_POST[zip]; $_SESSION["age"] = $_POST[age]; $_SESSION["gender"] = $_POST[gender]; $_SESSION["email"] = $_POST[email]; $_SESSION["team"] = $_POST[team]; $_SESSION["team_name2"] = $_POST[team_name2]; $_SESSION["password"] = $md5_pass; mysql_connect($DBhost,$DBuser,$DBpass) or die("Unable to connect to database"); @mysql_select_db("$DBName") or die("Unable to select database $DBName"); $sqlquery = "INSERT INTO go100 VALUES('$_SESSION[name]', '$_SESSION[address]', '$_SESSION[city]', '$_SESSION[state]', '$_SESSION[zip]', '$_SESSION[age]', '$_SESSION[gender]', '$_SESSION[email]', '$_SESSION[password]', '$_SESSION[team]', '$_SESSION[team_name2]')"; echo "You have entered the following information. Please check it over for accuracy.<br /><br />"; echo "Name: <strong>$_SESSION[name]</strong><br />"; echo "Address: <strong>$_SESSION[address]</strong><br />"; echo "City: <strong>$_SESSION[city]</strong><br />"; echo "State: <strong>$_SESSION[state]</strong><br />"; echo "Zip: <strong>$_SESSION[zip]</strong><br />"; echo "Age: <strong>$_SESSION[age]</strong><br />"; echo "Gender: <strong>$_SESSION[gender]</strong><br />"; echo "Email: <strong>$_SESSION[email]</strong><br />"; echo "Team Name: <strong>$_SESSION[team]</strong><br />"; echo "Manually Entered Team Name: <strong>$_SESSION[team_name2]</strong><br /><br />"; echo "<form id='form1' name='form1' method='post' action=''> <strong>Is this information correct?</strong><br> <br> Yes <label> <input type='radio' name='radio' id='confirm' value='yes'> </label> No <label> <input type='radio' name='radio' id='confirm' value='no'> </label><br /> <br /> <label> <input type='submit' name='button2' id='button2' value='Submit' /> </label> <br /> </form>"; if ($_POST[confirm] == "yes") { $results = mysql_query($sqlquery); echo "The information has been entered"; } else echo $sqlquery; mysql_close (); ?> The echo of echo $sqlquery; in the last few lines of the code displays the correct info, but once the second submit button is checked, the data is lost (echo $sqlquery shows blank info) and the database isn't even populated with blank info. Any idea what I'm doing wrong? Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/ Share on other sites More sharing options...
gevans Posted May 9, 2009 Share Posted May 9, 2009 echo "Name: <strong>$_SESSION[name]</strong><br />"; the array needs to be wrapped in curly brackets when using it inside double quotes echo "Name: <strong>{$_SESSION['name']}</strong><br />"; Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830475 Share on other sites More sharing options...
bschultz Posted May 9, 2009 Author Share Posted May 9, 2009 Thanks for the help gevans... I changed the code, but it still doesn't insert anything into the database, and the second echo of $sqlquery shows this: INSERT INTO go100 VALUES('', '', '', '', '', '', '', '', 'd41d8cd98f00b204e9800998ecf8427e', '', '') while the first one shows this (as it should): INSERT INTO go100 VALUES('1', '2', '3', 'KS', '4', '5', 'male', '6', '8f14e45fceea167a5a36dedd4bea2543', 'other', '8') Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830479 Share on other sites More sharing options...
gevans Posted May 9, 2009 Share Posted May 9, 2009 Ok, I'm confused. Are you inserting the same data twice? As it looks like you run the insert query at the same time as reviewing the details. Surely you only want to insert after they confirm the details? Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830480 Share on other sites More sharing options...
Ken2k7 Posted May 9, 2009 Share Posted May 9, 2009 The second submit doesn't have any those $_POST data so when you submit it, you're overwriting the $_SESSION with empty data. Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830483 Share on other sites More sharing options...
bschultz Posted May 9, 2009 Author Share Posted May 9, 2009 I am only running the query after the second submit button is clicked. Just to make sure it wasn't running it twice, I moved the db connection to after the if statement. Here's the new code, which doesn't echo anything in the "echo $sqlquery;" line...so it isn't running the db query at all. <?php $md5_pass = md5($_POST[password]); $_SESSION["name"] = $_POST[name]; $_SESSION["address"] = $_POST[address]; $_SESSION["city"] = $_POST[city]; $_SESSION["state"] = $_POST[state]; $_SESSION["zip"] = $_POST[zip]; $_SESSION["age"] = $_POST[age]; $_SESSION["gender"] = $_POST[gender]; $_SESSION["email"] = $_POST[email]; $_SESSION["team"] = $_POST[team]; $_SESSION["team_name2"] = $_POST[team_name2]; $_SESSION["password"] = $md5_pass; echo "<img src='/shared/images/Go100forHealthLogo08_230.jpg' alt='go100' width='229' height='152' /> "; echo "<img src='/shared/images/all_stations.jpg' alt='all stations' width='339' height='156' /><br /><br />"; echo "You have entered the following information. Please check it over for accuracy.<br /><br />"; echo "Name: <strong>{$_SESSION['name']}</strong><br />"; echo "Address: <strong>{$_SESSION['address']}</strong><br />"; echo "City: <strong>{$_SESSION['city']}</strong><br />"; echo "State: <strong>{$_SESSION['state']}</strong><br />"; echo "Zip: <strong>{$_SESSION['zip']}</strong><br />"; echo "Age: <strong>{$_SESSION['age']}</strong><br />"; echo "Gender: <strong>{$_SESSION['gender']}</strong><br />"; echo "Email: <strong>{$_SESSION['email']}</strong><br />"; echo "Team Name: <strong>{$_SESSION['team']}</strong><br />"; echo "Manually Entered Team Name: <strong>{$_SESSION['team_name2']}</strong><br /><br />"; echo "<form id='form1' name='form1' method='post' action=''> <input type='hidden' name='name' id='name' value='{$_SESSION['name']}'/> <input type='hidden' name='address' id='address' value='{$_SESSION['address']}'/> <input type='hidden' name='city' id='city' value='{$_SESSION['city']}'/> <input type='hidden' name='state' id='state' value='{$_SESSION['state']}'/> <input type='hidden' name='zip' id='zip' value='{$_SESSION['zip']}'/> <input type='hidden' name='age' id='age' value='{$_SESSION['age']}'/> <input type='hidden' name='gender' id='gender' value='{$_SESSION['gender']}'/> <input type='hidden' name='email' id='email' value='{$_SESSION['email']}'/> <input type='hidden' name='password' id='password' value='{$_SESSION['password']}'/> <input type='hidden' name='team' id='name' team='{$_SESSION['team']}'/> <input type='hidden' name='team_name2' id='team_name2' value='{$_SESSION['team_name2']}'/> <strong>Is this information correct?</strong><br> <br> Yes <label> <input type='radio' name='radio' id='confirm' value='yes'> </label> No <label> <input type='radio' name='radio' id='confirm' value='no'> </label><br /> <br /> <label> <input type='submit' name='button2' id='button2' value='Submit' /> </label> <br /> </form>"; if ($_POST[confirm] == "yes") { $DBhost = "xxx"; $DBuser = "xxx"; $DBpass = "xxx"; $DBName = "xxx"; mysql_connect($DBhost,$DBuser,$DBpass) or die("Unable to connect to database"); @mysql_select_db("$DBName") or die("Unable to select database $DBName"); $sqlquery = "INSERT INTO go100 VALUES('$_SESSION[name]', '$_SESSION[address]', '$_SESSION[city]', '$_SESSION[state]', '$_SESSION[zip]', '$_SESSION[age]', '$_SESSION[gender]', '$_SESSION[email]', '$md5_pass', '$_SESSION[team]', '$_SESSION[team_name2]')"; $results = mysql_query($sqlquery); echo "The information has been entered"; } else echo $sqlquery; // mysql_close (); ?> Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830500 Share on other sites More sharing options...
bschultz Posted May 9, 2009 Author Share Posted May 9, 2009 The second submit doesn't have any those $_POST data so when you submit it, you're overwriting the $_SESSION with empty data. Since the insert query used the session variables, I thought that I wouldn't need them in the second form. Learn something new everyday, right? Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830502 Share on other sites More sharing options...
Ken2k7 Posted May 9, 2009 Share Posted May 9, 2009 YIKES! Talk about a mess. Well, there was an easier way to do it, but anyways, read gevans first post in this topic. The INSERT did use session variables, but if you think about it, when the page refreshes after the submit button is pressed on the first script you posted up, the SESSION variables are being over-written by $_POST['username'] which contains nothing because the second form doesn't have such data. So when you then use the session vars to build the query, they're no longer the values you wanted. Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830504 Share on other sites More sharing options...
bschultz Posted May 9, 2009 Author Share Posted May 9, 2009 I'm all for easier ways (and learning better ways). What would you do? Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830510 Share on other sites More sharing options...
Ken2k7 Posted May 9, 2009 Share Posted May 9, 2009 Nevermind that, let's just get yours working first. Please re-read gevans first post in this topic and apply that in your SQL. Also, use mysql_real_escape_string. Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830512 Share on other sites More sharing options...
bschultz Posted May 9, 2009 Author Share Posted May 9, 2009 Still no insertion into the DB <?php $md5_pass = md5($_POST[password]); $_SESSION["name"] = $_POST[name]; $_SESSION["address"] = $_POST[address]; $_SESSION["city"] = $_POST[city]; $_SESSION["state"] = $_POST[state]; $_SESSION["zip"] = $_POST[zip]; $_SESSION["age"] = $_POST[age]; $_SESSION["gender"] = $_POST[gender]; $_SESSION["email"] = $_POST[email]; $_SESSION["team"] = $_POST[team]; $_SESSION["team_name2"] = $_POST[team_name2]; $_SESSION["password"] = $md5_pass; echo "<img src='/shared/images/Go100forHealthLogo08_230.jpg' alt='go100' width='229' height='152' /> "; echo "<img src='/shared/images/all_stations.jpg' alt='all stations' width='339' height='156' /><br /><br />"; echo "You have entered the following information. Please check it over for accuracy.<br /><br />"; echo "Name: <strong>{$_SESSION['name']}</strong><br />"; echo "Address: <strong>{$_SESSION['address']}</strong><br />"; echo "City: <strong>{$_SESSION['city']}</strong><br />"; echo "State: <strong>{$_SESSION['state']}</strong><br />"; echo "Zip: <strong>{$_SESSION['zip']}</strong><br />"; echo "Age: <strong>{$_SESSION['age']}</strong><br />"; echo "Gender: <strong>{$_SESSION['gender']}</strong><br />"; echo "Email: <strong>{$_SESSION['email']}</strong><br />"; echo "Team Name: <strong>{$_SESSION['team']}</strong><br />"; echo "Manually Entered Team Name: <strong>{$_SESSION['team_name2']}</strong><br /><br />"; echo "<form id='form1' name='form1' method='post' action=''> <input type='hidden' name='name' id='name' value='{$_SESSION['name']}'/> <input type='hidden' name='address' id='address' value='{$_SESSION['address']}'/> <input type='hidden' name='city' id='city' value='{$_SESSION['city']}'/> <input type='hidden' name='state' id='state' value='{$_SESSION['state']}'/> <input type='hidden' name='zip' id='zip' value='{$_SESSION['zip']}'/> <input type='hidden' name='age' id='age' value='{$_SESSION['age']}'/> <input type='hidden' name='gender' id='gender' value='{$_SESSION['gender']}'/> <input type='hidden' name='email' id='email' value='{$_SESSION['email']}'/> <input type='hidden' name='password' id='password' value='{$_SESSION['password']}'/> <input type='hidden' name='team' id='team' value='{$_SESSION['team']}'/> <input type='hidden' name='team_name2' id='team_name2' value='{$_SESSION['team_name2']}'/> <strong>Is this information correct?</strong><br> <br> Yes <label> <input type='radio' name='radio' id='confirm' value='yes'> </label> No <label> <input type='radio' name='radio' id='confirm' value='no'> </label><br /> <br /> <label> <input type='submit' name='button2' id='button2' value='Submit' /> </label> <br /> </form>"; if ($_POST[confirm] == "yes") { $DBhost = "xxx"; $DBuser = "xxx"; $DBpass = "xxx"; $DBName = "xxx"; mysql_connect($DBhost,$DBuser,$DBpass) or die("Unable to connect to database"); @mysql_select_db("$DBName") or die("Unable to select database $DBName"); $sqlquery = "INSERT INTO go100 VALUES ('{$_SESSION[name]}', '{$_SESSION[address]}', '{$_SESSION[city]}', '{$_SESSION[state]}', '{$_SESSION[zip]}', '{$_SESSION[age]}', '{$_SESSION[gender]}', '{$_SESSION[email]}', '{$_SESSION[password]}', '{$_SESSION[team]}', '{$_SESSION[team_name2]}')"; $results = mysql_query($sqlquery); echo "The information has been entered"; } else echo $sqlquery; ?> I'll mess with mysql_real_escape_string once I get it to insert. Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830538 Share on other sites More sharing options...
Ken2k7 Posted May 9, 2009 Share Posted May 9, 2009 You really should use that now. It could be a character not being escaped. Replace $results = mysql_query($sqlquery); With $results = mysql_query($sqlquery) or die(mysql_error()); Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830539 Share on other sites More sharing options...
bschultz Posted May 9, 2009 Author Share Posted May 9, 2009 No insertion...and no error. <?php $md5_pass = md5($_POST[password]); $_SESSION["name"] = $_POST[name]; $_SESSION["address"] = $_POST[address]; $_SESSION["city"] = $_POST[city]; $_SESSION["state"] = $_POST[state]; $_SESSION["zip"] = $_POST[zip]; $_SESSION["age"] = $_POST[age]; $_SESSION["gender"] = $_POST[gender]; $_SESSION["email"] = $_POST[email]; $_SESSION["team"] = $_POST[team]; $_SESSION["team_name2"] = $_POST[team_name2]; $_SESSION["password"] = $md5_pass; echo "<img src='/shared/images/Go100forHealthLogo08_230.jpg' alt='go100' width='229' height='152' /> "; echo "<img src='/shared/images/all_stations.jpg' alt='all stations' width='339' height='156' /><br /><br />"; echo "You have entered the following information. Please check it over for accuracy.<br /><br />"; echo "Name: <strong>{$_SESSION['name']}</strong><br />"; echo "Address: <strong>{$_SESSION['address']}</strong><br />"; echo "City: <strong>{$_SESSION['city']}</strong><br />"; echo "State: <strong>{$_SESSION['state']}</strong><br />"; echo "Zip: <strong>{$_SESSION['zip']}</strong><br />"; echo "Age: <strong>{$_SESSION['age']}</strong><br />"; echo "Gender: <strong>{$_SESSION['gender']}</strong><br />"; echo "Email: <strong>{$_SESSION['email']}</strong><br />"; echo "Team Name: <strong>{$_SESSION['team']}</strong><br />"; echo "Manually Entered Team Name: <strong>{$_SESSION['team_name2']}</strong><br /><br />"; echo "<form id='form1' name='form1' method='post' action=''> <input type='hidden' name='name' id='name' value='{$_SESSION['name']}'/> <input type='hidden' name='address' id='address' value='{$_SESSION['address']}'/> <input type='hidden' name='city' id='city' value='{$_SESSION['city']}'/> <input type='hidden' name='state' id='state' value='{$_SESSION['state']}'/> <input type='hidden' name='zip' id='zip' value='{$_SESSION['zip']}'/> <input type='hidden' name='age' id='age' value='{$_SESSION['age']}'/> <input type='hidden' name='gender' id='gender' value='{$_SESSION['gender']}'/> <input type='hidden' name='email' id='email' value='{$_SESSION['email']}'/> <input type='hidden' name='password' id='password' value='{$_SESSION['password']}'/> <input type='hidden' name='team' id='team' value='{$_SESSION['team']}'/> <input type='hidden' name='team_name2' id='team_name2' value='{$_SESSION['team_name2']}'/> <strong>Is this information correct?</strong><br> <br> Yes <label> <input type='radio' name='radio' id='confirm' value='yes'> </label> No <label> <input type='radio' name='radio' id='confirm' value='no'> </label><br /> <br /> <label> <input type='submit' name='button2' id='button2' value='Submit' /> </label> <br /> </form>"; echo $sqlquery; if ($_POST[confirm] == "yes") { $DBhost = "xxx"; $DBuser = "xxx"; $DBpass = "xxx"; $DBName = "xxx"; mysql_connect($DBhost,$DBuser,$DBpass) or die("Unable to connect to database"); @mysql_select_db("$DBName") or die("Unable to select database $DBName"); $sqlquery = "INSERT INTO go100 VALUES('{$_SESSION[name]}', '{$_SESSION[address]}', '{$_SESSION[city]}', '{$_SESSION[state]}', '{$_SESSION[zip]}', '{$_SESSION[age]}', '{$_SESSION[gender]}', '{$_SESSION[email]}', '{$_SESSION[password]}', '{$_SESSION[team]}', '{$_SESSION[team_name2]}')"; mysql_real_escape_string($_SESSION["name"], $_SESSION["address"], $_SESSION["city"], $_SESSION["state"], $_SESSION["zip"], $_SESSION["age"], $_SESSION["gender"], $_SESSION["email"], $_SESSION["password"], $_SESSION["team"], $_SESSION["team_name2"]); $results = mysql_query($sqlquery) or die(mysql_error()); echo "The information has been entered"; } else echo $sqlquery; ?> Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830555 Share on other sites More sharing options...
Ken2k7 Posted May 9, 2009 Share Posted May 9, 2009 Read mysql_real_escape_string. Use it correctly. Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830559 Share on other sites More sharing options...
gevans Posted May 9, 2009 Share Posted May 9, 2009 swap all the $_SESSION in $sqlquery to $_POST. Also this is wrong mysql_real_escape_string($_SESSION["name"], $_SESSION["address"], $_SESSION["city"], $_SESSION["state"], $_SESSION["zip"], $_SESSION["age"], $_SESSION["gender"], $_SESSION["email"], $_SESSION["password"], $_SESSION["team"], $_SESSION["team_name2"]); mysql_real_escape_string() accepts only strings, and you're using it wrong anyway, it returns the escaped string which will need to be assigned to a variable and done before putting the variables into the $sqlquery variable Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830561 Share on other sites More sharing options...
bschultz Posted May 9, 2009 Author Share Posted May 9, 2009 Still no error and still not inserting <?php $md5_pass = md5($_POST[password]); $_SESSION["name"] = $_POST[name]; $_SESSION["address"] = $_POST[address]; $_SESSION["city"] = $_POST[city]; $_SESSION["state"] = $_POST[state]; $_SESSION["zip"] = $_POST[zip]; $_SESSION["age"] = $_POST[age]; $_SESSION["gender"] = $_POST[gender]; $_SESSION["email"] = $_POST[email]; $_SESSION["team"] = $_POST[team]; $_SESSION["team_name2"] = $_POST[team_name2]; $_SESSION["password"] = $md5_pass; echo "<img src='/shared/images/Go100forHealthLogo08_230.jpg' alt='go100' width='229' height='152' /> "; echo "<img src='/shared/images/all_stations.jpg' alt='all stations' width='339' height='156' /><br /><br />"; echo "You have entered the following information. Please check it over for accuracy.<br /><br />"; echo "Name: <strong>{$_SESSION['name']}</strong><br />"; echo "Address: <strong>{$_SESSION['address']}</strong><br />"; echo "City: <strong>{$_SESSION['city']}</strong><br />"; echo "State: <strong>{$_SESSION['state']}</strong><br />"; echo "Zip: <strong>{$_SESSION['zip']}</strong><br />"; echo "Age: <strong>{$_SESSION['age']}</strong><br />"; echo "Gender: <strong>{$_SESSION['gender']}</strong><br />"; echo "Email: <strong>{$_SESSION['email']}</strong><br />"; echo "Team Name: <strong>{$_SESSION['team']}</strong><br />"; echo "Manually Entered Team Name: <strong>{$_SESSION['team_name2']}</strong><br /><br />"; echo "<form id='form1' name='form1' method='post' action=''> <input type='hidden' name='name' id='name' value='{$_SESSION['name']}'/> <input type='hidden' name='address' id='address' value='{$_SESSION['address']}'/> <input type='hidden' name='city' id='city' value='{$_SESSION['city']}'/> <input type='hidden' name='state' id='state' value='{$_SESSION['state']}'/> <input type='hidden' name='zip' id='zip' value='{$_SESSION['zip']}'/> <input type='hidden' name='age' id='age' value='{$_SESSION['age']}'/> <input type='hidden' name='gender' id='gender' value='{$_SESSION['gender']}'/> <input type='hidden' name='email' id='email' value='{$_SESSION['email']}'/> <input type='hidden' name='password' id='password' value='{$_SESSION['password']}'/> <input type='hidden' name='team' id='team' value='{$_SESSION['team']}'/> <input type='hidden' name='team_name2' id='team_name2' value='{$_SESSION['team_name2']}'/> <strong>Is this information correct?</strong><br> <br> Yes <label> <input type='radio' name='radio' id='confirm' value='yes'> </label> No <label> <input type='radio' name='radio' id='confirm' value='no'> </label><br /> <br /> <label> <input type='submit' name='button2' id='button2' value='Submit' /> </label> <br /> </form>"; if ($_POST[confirm] == "yes") { $DBhost = "xxx"; $DBuser = "xxx"; $DBpass = "xxx"; $DBName = "xxx"; if (isset($_POST['confirm'])) { $link = mysql_connect($DBhost,$DBuser,$DBpass); @mysql_select_db("$DBName") or die("Unable to select database $DBName"); if(!is_resource($link)) { echo "Failed to connect to the server\n"; } else { $sqlquery = "INSERT INTO go100 VALUES('$_POST[name]', '$_POST[address]', '$_POST[city]', '$_POST[state]', '$_POST[zip]', '$_POST[age]', '$_POST[gender]', '$_POST[email]', '$_POST[password]', '$_POST[team]', '$_POST[team_name2]')"; mysql_real_escape_string($_POST["name"], $link); mysql_real_escape_string($_POST["name"], $link); mysql_real_escape_string($_POST["address"], $link); mysql_real_escape_string($_POST["city"], $link); mysql_real_escape_string($_POST["state"], $link); mysql_real_escape_string($_POST["zip"], $link); mysql_real_escape_string($_POST["age"], $link); mysql_real_escape_string($_POST["gender"], $link); mysql_real_escape_string($_POST["email"], $link); mysql_real_escape_string($_POST["password"], $link); mysql_real_escape_string($_POST["team"], $link); mysql_real_escape_string($_POST["team_name2"], $link); $results = mysql_query($sqlquery) or die(mysql_error()); echo "The information has been entered"; } } } ?> Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830578 Share on other sites More sharing options...
gevans Posted May 9, 2009 Share Posted May 9, 2009 you're still using mysql_escape_string wrong Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830580 Share on other sites More sharing options...
bschultz Posted May 9, 2009 Author Share Posted May 9, 2009 I REALLY appreciate the help! Still no insertion into the DB <?php $md5_pass = md5($_POST[password]); $_SESSION["name"] = $_POST[name]; $_SESSION["address"] = $_POST[address]; $_SESSION["city"] = $_POST[city]; $_SESSION["state"] = $_POST[state]; $_SESSION["zip"] = $_POST[zip]; $_SESSION["age"] = $_POST[age]; $_SESSION["gender"] = $_POST[gender]; $_SESSION["email"] = $_POST[email]; $_SESSION["team"] = $_POST[team]; $_SESSION["team_name2"] = $_POST[team_name2]; $_SESSION["password"] = $md5_pass; echo "<img src='/shared/images/Go100forHealthLogo08_230.jpg' alt='go100' width='229' height='152' /> "; echo "<img src='/shared/images/all_stations.jpg' alt='all stations' width='339' height='156' /><br /><br />"; echo "You have entered the following information. Please check it over for accuracy.<br /><br />"; echo "Name: <strong>{$_SESSION['name']}</strong><br />"; echo "Address: <strong>{$_SESSION['address']}</strong><br />"; echo "City: <strong>{$_SESSION['city']}</strong><br />"; echo "State: <strong>{$_SESSION['state']}</strong><br />"; echo "Zip: <strong>{$_SESSION['zip']}</strong><br />"; echo "Age: <strong>{$_SESSION['age']}</strong><br />"; echo "Gender: <strong>{$_SESSION['gender']}</strong><br />"; echo "Email: <strong>{$_SESSION['email']}</strong><br />"; echo "Team Name: <strong>{$_SESSION['team']}</strong><br />"; echo "Manually Entered Team Name: <strong>{$_SESSION['team_name2']}</strong><br /><br />"; echo "<form id='form1' name='form1' method='post' action=''> <input type='hidden' name='name' id='name' value='{$_SESSION['name']}'/> <input type='hidden' name='address' id='address' value='{$_SESSION['address']}'/> <input type='hidden' name='city' id='city' value='{$_SESSION['city']}'/> <input type='hidden' name='state' id='state' value='{$_SESSION['state']}'/> <input type='hidden' name='zip' id='zip' value='{$_SESSION['zip']}'/> <input type='hidden' name='age' id='age' value='{$_SESSION['age']}'/> <input type='hidden' name='gender' id='gender' value='{$_SESSION['gender']}'/> <input type='hidden' name='email' id='email' value='{$_SESSION['email']}'/> <input type='hidden' name='password' id='password' value='{$_SESSION['password']}'/> <input type='hidden' name='team' id='team' value='{$_SESSION['team']}'/> <input type='hidden' name='team_name2' id='team_name2' value='{$_SESSION['team_name2']}'/> <strong>Is this information correct?</strong><br> <br> Yes <label> <input type='radio' name='radio' id='confirm' value='yes'> </label> No <label> <input type='radio' name='radio' id='confirm' value='no'> </label><br /> <br /> <label> <input type='submit' name='button2' id='button2' value='Submit' /> </label> <br /> </form>"; $DBhost = "xxx"; $DBuser = "xxx"; $DBpass = "xxx"; $DBName = "xxx"; if ($_POST[confirm] == "yes") { $link = mysql_connect($DBhost,$DBuser,$DBpass); @mysql_select_db("$DBName") or die("Unable to select database $DBName"); if(!is_resource($link)) { echo "Failed to connect to the server\n"; } else { if(get_magic_quotes_gpc()) { $name = stripslashes($_POST['name']); $address = stripslashes($_POST['address']); $city = stripslashes($_POST['city']); $state = stripslashes($_POST['state']); $zip = stripslashes($_POST['zip']); $age = stripslashes($_POST['age']); $gender = stripslashes($_POST['gender']); $email = stripslashes($_POST['email']); $password = stripslashes($_POST['password']); $team = stripslashes($_POST['team']); $team_name2 = stripslashes($_POST['team)name2']); } else { $name = ($_POST['name']); $address = ($_POST['address']); $city = ($_POST['city']); $state = ($_POST['state']); $zip = ($_POST['zip']); $age = ($_POST['age']); $gender = ($_POST['gender']); $email = ($_POST['email']); $password = ($_POST['password']); $team = ($_POST['team']); $team_name2 = ($_POST['team)name2']); } $sqlquery = "INSERT INTO go100 VALUES('$_POST[name]', '$_POST[address]', '$_POST[city]', '$_POST[state]', '$_POST[zip]', '$_POST[age]', '$_POST[gender]', '$_POST[email]', '$_POST[password]', '$_POST[team]', '$_POST[team_name2]')"; mysql_real_escape_string($name, $link); mysql_real_escape_string($address, $link); mysql_real_escape_string($city, $link); mysql_real_escape_string($state, $link); mysql_real_escape_string($zip, $link); mysql_real_escape_string($age, $link); mysql_real_escape_string($gender, $link); mysql_real_escape_string($email, $link); mysql_real_escape_string($password, $link); mysql_real_escape_string($team, $link); mysql_real_escape_string($team_name2, $link); $results = mysql_query($sqlquery) or die(mysql_error()); echo "The information has been entered"; } } ?> {/code] Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830584 Share on other sites More sharing options...
gevans Posted May 9, 2009 Share Posted May 9, 2009 Do you get 'The information has been entered' on screen? If so add echo $sqlquery before echo "The information has been entered"; Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830586 Share on other sites More sharing options...
Ken2k7 Posted May 9, 2009 Share Posted May 9, 2009 1. It's pointless to use mysql_real_escape_string() after the SQL. 2. You should replace the variable to the value of mysql_real_escape_string. Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830591 Share on other sites More sharing options...
bschultz Posted May 9, 2009 Author Share Posted May 9, 2009 No, I didn't get that echoed back to me. Upon looking more closely at the manual, I changed a semicolon to a comma after the insert (like the manual says), and changed semicolons to commas after the mysql_real_escape_string. Now I get an "Parse error: syntax error, unexpected ',' write_to_registration.php on line 113" Line 113 is this: mysql_real_escape_string($name, $link), <?php $sqlquery = "INSERT INTO go100 VALUES('$_POST[name]', '$_POST[address]', '$_POST[city]', '$_POST[state]', '$_POST[zip]', '$_POST[age]', '$_POST[gender]', '$_POST[email]', '$_POST[password]', '$_POST[team]', '$_POST[team_name2]')", mysql_real_escape_string($name, $link), mysql_real_escape_string($address, $link), mysql_real_escape_string($city, $link), mysql_real_escape_string($state, $link), mysql_real_escape_string($zip, $link), mysql_real_escape_string($age, $link), mysql_real_escape_string($gender, $link), mysql_real_escape_string($email, $link), mysql_real_escape_string($password, $link), mysql_real_escape_string($team, $link), mysql_real_escape_string($team_name2, $link), $_POST['name']); Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830595 Share on other sites More sharing options...
gevans Posted May 9, 2009 Share Posted May 9, 2009 Ok, undo the cahnges you just made, all those should be semi-colons. and this bit; <input type='radio' name='radio' id='confirm' value='yes'> </label> No <label> <input type='radio' name='radio' id='confirm' value='no'> </label> should be <input type='radio' name='confirm' id='confirm' value='yes'> </label> No <label> <input type='radio' name='confirm' id='confirm' value='no'> </label> Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830598 Share on other sites More sharing options...
Ken2k7 Posted May 9, 2009 Share Posted May 9, 2009 Yeah, undo everything and can you put echo $sqlquery right after where you defined it? Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830599 Share on other sites More sharing options...
bschultz Posted May 9, 2009 Author Share Posted May 9, 2009 The radio buttons being labeled wrong might be the dumbest thing I've done all day! I put the semicolons back...and echoed $sqlquery...still nothing! <?php $md5_pass = md5($_POST[password]); $_SESSION["name"] = $_POST[name]; $_SESSION["address"] = $_POST[address]; $_SESSION["city"] = $_POST[city]; $_SESSION["state"] = $_POST[state]; $_SESSION["zip"] = $_POST[zip]; $_SESSION["age"] = $_POST[age]; $_SESSION["gender"] = $_POST[gender]; $_SESSION["email"] = $_POST[email]; $_SESSION["team"] = $_POST[team]; $_SESSION["team_name2"] = $_POST[team_name2]; $_SESSION["password"] = $md5_pass; echo "<img src='/shared/images/Go100forHealthLogo08_230.jpg' alt='go100' width='229' height='152' /> "; echo "<img src='/shared/images/all_stations.jpg' alt='all stations' width='339' height='156' /><br /><br />"; echo "You have entered the following information. Please check it over for accuracy.<br /><br />"; echo "Name: <strong>{$_SESSION['name']}</strong><br />"; echo "Address: <strong>{$_SESSION['address']}</strong><br />"; echo "City: <strong>{$_SESSION['city']}</strong><br />"; echo "State: <strong>{$_SESSION['state']}</strong><br />"; echo "Zip: <strong>{$_SESSION['zip']}</strong><br />"; echo "Age: <strong>{$_SESSION['age']}</strong><br />"; echo "Gender: <strong>{$_SESSION['gender']}</strong><br />"; echo "Email: <strong>{$_SESSION['email']}</strong><br />"; echo "Team Name: <strong>{$_SESSION['team']}</strong><br />"; echo "Manually Entered Team Name: <strong>{$_SESSION['team_name2']}</strong><br /><br />"; echo "<form id='form1' name='form1' method='post' action=''> <input type='hidden' name='name' id='name' value='{$_SESSION['name']}'/> <input type='hidden' name='address' id='address' value='{$_SESSION['address']}'/> <input type='hidden' name='city' id='city' value='{$_SESSION['city']}'/> <input type='hidden' name='state' id='state' value='{$_SESSION['state']}'/> <input type='hidden' name='zip' id='zip' value='{$_SESSION['zip']}'/> <input type='hidden' name='age' id='age' value='{$_SESSION['age']}'/> <input type='hidden' name='gender' id='gender' value='{$_SESSION['gender']}'/> <input type='hidden' name='email' id='email' value='{$_SESSION['email']}'/> <input type='hidden' name='password' id='password' value='{$_SESSION['password']}'/> <input type='hidden' name='team' id='team' value='{$_SESSION['team']}'/> <input type='hidden' name='team_name2' id='team_name2' value='{$_SESSION['team_name2']}'/> <strong>Is this information correct?</strong><br> <br> Yes <label> <input type='radio' name='confirmm' id='confirm' value='yes'> </label> No <label> <input type='radio' name='confirm' id='confirm' value='no'> </label><br /> <br /> <label> <input type='submit' name='button2' id='button2' value='Submit' /> </label> <br /> </form>"; $DBhost = "xxx"; $DBuser = "xxx"; $DBpass = "xxx"; $DBName = "xxx"; if ($_POST[confirm] == "yes") { $link = mysql_connect($DBhost,$DBuser,$DBpass); @mysql_select_db("$DBName") or die("Unable to select database $DBName"); if(!is_resource($link)) { echo "Failed to connect to the server\n"; } else { if(get_magic_quotes_gpc()) { $name = stripslashes($_POST['name']); $address = stripslashes($_POST['address']); $city = stripslashes($_POST['city']); $state = stripslashes($_POST['state']); $zip = stripslashes($_POST['zip']); $age = stripslashes($_POST['age']); $gender = stripslashes($_POST['gender']); $email = stripslashes($_POST['email']); $password = stripslashes($_POST['password']); $team = stripslashes($_POST['team']); $team_name2 = stripslashes($_POST['team)name2']); } else { $name = ($_POST['name']); $address = ($_POST['address']); $city = ($_POST['city']); $state = ($_POST['state']); $zip = ($_POST['zip']); $age = ($_POST['age']); $gender = ($_POST['gender']); $email = ($_POST['email']); $password = ($_POST['password']); $team = ($_POST['team']); $team_name2 = ($_POST['team)name2']); } $sqlquery = "INSERT INTO go100 VALUES('$_POST[name]', '$_POST[address]', '$_POST[city]', '$_POST[state]', '$_POST[zip]', '$_POST[age]', '$_POST[gender]', '$_POST[email]', '$_POST[password]', '$_POST[team]', '$_POST[team_name2]')"; echo $sqlquery; mysql_real_escape_string($name, $link); mysql_real_escape_string($address, $link); mysql_real_escape_string($city, $link); mysql_real_escape_string($state, $link); mysql_real_escape_string($zip, $link); mysql_real_escape_string($age, $link); mysql_real_escape_string($gender, $link); mysql_real_escape_string($email, $link); mysql_real_escape_string($password, $link); mysql_real_escape_string($team, $link); mysql_real_escape_string($team_name2, $link); $results = mysql_query($sqlquery, $link) or die(mysql_error()); echo "The information has been entered"; } } ?> Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830600 Share on other sites More sharing options...
gevans Posted May 9, 2009 Share Posted May 9, 2009 ok, lets check your getting past the first if statement; if ($_POST[confirm] == "yes") { echo 'we got this far'; Link to comment https://forums.phpfreaks.com/topic/157517-solved-session-and-form-problem/#findComment-830602 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.