tobimichigan Posted July 27, 2009 Share Posted July 27, 2009 Hi Gurus, Please code gurus, I need a sharp pointer to the php code below; whenever I click submit button of the html form, it inserts all data except for 'firstname', 'lastname', 'telephone' and 'user_level'. I've double checked the variable names on the html-form with the insert variables and also checked by using 'addslashes', or 'mysql_real_escape_string' but all to no avail as 'firstname', 'lastname', 'telephone' and 'user_level' colums are not inserted into the table 1. Here's the Table structure: CREATE TABLE `admin_table` ( `id` int(11) NOT NULL auto_increment, `login` varchar(40) NOT NULL, `password` varchar(46) NOT NULL, `firstname` varchar(50) NOT NULL, `oname` varchar(255) NOT NULL, `lastname` varchar(50) NOT NULL, `telephone` varchar(86) NOT NULL, `sex` varchar(255) default NULL, `email` varchar(255) NOT NULL, `user_level` int(10) NOT NULL, `date` date NOT NULL, `session` int(255) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=11 ; <form action='Admin.Register_Action.php' method='post' enctype="multipart/form-data" name='register'> <table width='28%' border='0' align='center' cellpadding='0' cellspacing='0'> <tr> <td colspan='2'><div align='center'> <p><font size='2' face='verdana'><strong>WELCOME TO THE ADMIN. REGISTRATION SECTION </strong></font></p> </div></td> </tr> <tr> <td width='31%'> </td> </tr> <tr> <td colspan='2'><hr></td> </tr> <tr> <td height='26'><font size='2' face='verdana'>LOGIN</font></td> <td><font size='2' face='verdana'> <input type='text' name='login'> </font></td> </tr> <tr> <td height='28'><font size='2' face='verdana'>PASSWORD.</font></td> <td><font size='2' face='verdana'> <input type='password' name='password'> </font></td> </tr> <tr> <td height='25'><font size='2' face='verdana'>FIRST NAME</font></td> <td><font size='2' face='verdana'> <input type='text' name='fname'> </font></td> </tr> <tr> <td height='25'><font size='2' face='verdana'>OTHER NAMES</font><font size='2' face='verdana'></td> <td><font size='2' face='verdana'> <input type='text' name='oname'> </font></td> </tr> <tr> <td height='25'><font size='2' face='verdana'>LAST NAME</font></td> <td><font size='2' face='verdana'> <input type='text' name='lname'> </font></td> </tr> <tr> <td height='25'><font size='2' face='verdana'>TEL. NO. </font></td> <td><font size='2' face='verdana'> <input type='text' name='telno'> </font></td> </tr> <tr> <td height='25'><font size='2' face='verdana'>SEX</font></td> <td><font size='2' face='verdana'> <input type='text' name='sex'> </font></td> </tr> <tr> <td height='25'><font size="2" face="verdana">E-MAIL</font></td> <td><font size='2' face='verdana'> <input type='text' name='email'> </font></td> </tr> <tr> <td height='25'><font size='2' face='verdana'>LEVEL</font></td> <td><font size='2' face='verdana'> <input type='text' name='level' /> </font></td> </tr> <tr> <td height='26'><font size="2" face="verdana"> </font></td> <td><font size='2' face='verdana'> <input type='hidden' name='date_reg'> </font></td> </tr> <tr> <td height='25'><font size='2' face='verdana'></font></td> <td><font size='2' face='verdana'> <input type='hidden' name='session_id' /> </font></td> </tr> <td> </td> <td><font size='2' face='verdana'> <input type='submit' name='Submit' value='Register Admin'> </font></td> </tr> <tr> <td colspan='2'><hr></td> </tr> <tr> <td> </td> <td> </td> </tr> </table> </form> //Finally the action script <?php //session_start(); include("cn.php"); if ($_GET["op"]=="reg") {$blnFlag=false; foreach ($_POST as $field) { if ($field=="") {$blnputflag=false; }else {$blnputflag=true; } } } if ($blnputflag==false) { die("Problem with your registration info." ."Please go back and try again."); } //mt_srand((double)microtime()*1000000 //$session_id=mt_rand();//create uniqiue sessionid $date_reg = mysql_real_escape_string($_POST['date']); $email=mysql_real_escape_string($_POST['email']); $fname=mysql_real_escape_string($_POST['firstname']); $lname =mysql_real_escape_string($_POST['lastname']); $login =mysql_real_escape_string($_POST['login']); $oname=mysql_real_escape_string($_POST['oname']); $password=mysql_real_escape_string($_POST['password']); $session_id=mysql_real_escape_string($_POST['session']); $sex=mysql_real_escape_string($_POST['sex']); $telno=mysql_real_escape_string($_POST['telephone']); $level=mysql_real_escape_string($_POST['user_level']); $sql= "Insert into admin_table(date,email,firstname,lastname,login,oname,password,session,sex,telephone,user_level) values('SYS','$email','$fname','$lname','$login','$oname','$password','','$sex','$telno','$level')"; if (!mysql_query($sql)) { die('Error: ' . mysql_error()." SQL: ".$sql); } echo ("1 record added"); ?> Any sharp pointer would be highly appreciated. Quote Link to comment Share on other sites More sharing options...
almightyegg Posted July 27, 2009 Share Posted July 27, 2009 $fname=mysql_real_escape_string($_POST['firstname']); $lname =mysql_real_escape_string($_POST['lastname']); $telno=mysql_real_escape_string($_POST['telephone']); $level=mysql_real_escape_string($_POST['user_level']); shouldbe: $fname=mysql_real_escape_string($_POST['fname']); $lname =mysql_real_escape_string($_POST['lname']); $telno=mysql_real_escape_string($_POST['telno']); $level=mysql_real_escape_string($_POST['level']); Your form elements had different names Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.