Jump to content

Spot the stupidity in this simple code!

delphi123

By delphi123
in PHP Coding Help

 Share

Recommended Posts

delphi123 Member

delphi123

Posted
Posted

Hi,

 

I'm creating an incredibly simple script to insert values into a database as a test to get used to php, however I'm baffled as to why the following script doesn't work - it all seems fine and I get no errors, except the title, description and link text are inserted blank into the database.

 

On submit new table rows are created, just nothing comes through!

 

Any ideas?

:confused:

news.php

<?php

$username = "root";
$password = "";
$hostname = "localhost"; 

//connection to the database
$dbhandle = mysql_connect($hostname, $username, $password)
  or die("Unable to connect to MySQL");


//select a database to work with
$selected = mysql_select_db("newsmanagement",$dbhandle)
  or die("Could not select database");

//execute the SQL query and return records
$result = mysql_query("SELECT * FROM articles");
//fetch tha data from the database
echo "<ul>";
while (
$row = mysql_fetch_array($result)) { 
   echo "<li><a href='article.php?id=".$row{'newsid'}."'>".$row{'title'}."</a></li>";
}
echo "</ul>";
//close the connection
mysql_close($dbhandle);
?>
<form action="news_insert.php" method="post" enctype="text/plain">
<table>
<tr>
<td>News Title: </td><td><input type="text" name="title"></td>
</tr>
<tr>
<td>News Description: </td><td><input type="text" name="description"></td>
</tr>
<tr>
<td>News Link: </td><td><input type="text" name="link"></td>
</tr>
</table>
<input type="submit" value="Submit news">
</form>

 

news_insert.php

<?php
$username = "root";
$password = "";
$hostname = "localhost"; 

//connection to the database
$con = mysql_connect($hostname, $username, $password)
  or die("Unable to connect to MySQL");

mysql_select_db("newsmanagement", $con);

$sql="INSERT INTO articles 
(
title, 
description, 
link
) 
VALUES (
'$_POST[title]',
'$_POST[description]',
'$_POST[link]'
)";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "1 record added";

mysql_close($con)
?>

 

Link to comment
Share on other sites
Psycho Prolific Member

Psycho

Posted
Posted

Aslo, you need to modify your INSERT query. You reference the POST values with the field names NOT enclosed in quotes. This, may cause the interpreter to assume you are referencing a static variable as the index instead of the field name:

 

$sql="INSERT INTO articles 
(title, description, link) 
VALUES ('{$_POST['title']}', '{$_POST['description']}', '{$_POST['link']}')";

Link to comment
Share on other sites
delphi123 Member

delphi123

Posted
  • Author
Posted

great help folks! Thanks very much - could I ask what do the { } brackets do exactly?

 

Having come from asp it's all fairly familiar, so had tried the sql statement with quotes around the values, but it spat an error - didn't realise I needed to also curly bracket them - have seen the curly brackets being used elsewhere so would be great to have an explanation!

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

See the Variable parsing section at this link - http://us2.php.net/manual/en/language.types.string.php

 

Basically, you can help the parser determine where a variable starts and ends when it is within a double-quoted string. This allows arrays to use the same syntax inside of a string that you would use outside of a string and it allows you to delimit a variable where there are characters adjacent to the variable that are part of the string but also could define a valid variable name. $var_text could mean you want $var followed by _text or that you mean a variable named $var_text. By using {$var}_text you can accomplish the first form.

Link to comment
Share on other sites
Catfish Member

Catfish

Posted
Posted

If you use double quotes to define strings, single quotes are taken literally inside the double quotes and don't need to be escaped. This would be why:

$sql="INSERT INTO articles 
(
title, 
description, 
link
) 
VALUES (
'$_POST['title']',
'$_POST['description']',
'$_POST['link']'
)";

 

probably didn't work. There is no such variable called $_POST[. Another option is to close the string when inserting variables like:

 

$string = "Double quoted strings are 'sometimes' ".$_POST['variable']." 'confusing'.";

 

My info is probably no entirely accurate so you should check out the PHP manual. Best manual ever I reckon.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.