herghost Posted September 23, 2009 Share Posted September 23, 2009 Hi all, Been staring at this for too long and cannot see the problem: Post: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <link rel="stylesheet" href="../images/CoolWater.css" type="text/css" /> <script src="../include/ajaxpageload.js" type="text/javascript"></script> <?php include ('../include/auth.inc.php'); include ('../include/dbconnect.php'); ?> <title>Post Question</title> </head> <body> <!-- wrap starts here --> <div id="wrap"> <!--header --> <div id="header"> <h1 id="logo-text"><a href="index.html">coolwater</a></h1> <p id="slogan">put your site slogan here...</p> <div id="header-links"> <?php $query = 'SELECT credits FROM users_credits WHERE username = "' . mysql_real_escape_string($_SESSION['username'], $conn) . '"'; $result = mysql_query($query, $conn) or die(mysql_error($conn)); $row = mysql_fetch_array($result); extract($row); mysql_free_result($result); ?> <ul><li>Posting Credits: <span style="color: green; font-size: 16pt"> <?php echo $credits ?> </span></li></ul> <ul><li><a href="users/buycredits.php">Buy More Credits</a></li></ul> </div> </div> <!-- navigation --> <div id="menu"> <ul> <li><a href="/project/">Home</a></li> <li><a href="javascript:ajaxpage('about.php', 'main');">About</a></li> <li><a href="javascript:ajaxpage('register.php', 'main');">Register</a></li> <li><a href="javascript:ajaxpage('post.php', 'main');">Post Problem</a></li> <li><a href="javascript:ajaxpage('techs.php', 'main');">Find Tech</a></li> <li><a href="javascript:ajaxpage('solutions.php', 'main');">Solution Center</a></li> </ul> </div> <!-- content-wrap starts here --> <div id="content-wrap"> <div id="main"> <h1>Welcome to the Question Forum.</h1> <p> <h3>Post New Topic</h3></p> <form enctype="multipart/form-data" action="add_post.php" method="POST" name="postquestion"> <p> <label>Category</label> <label> <input type="radio" name="cat" value="Hardware" id="Hardware" /> Hardware</label> <label> <input type="radio" name="cat" value="Software" id="Software" /> Software</label> <label> <input type="radio" name="cat" value="Peripheral" id="Peripheral" /> Peripheral</label> <br /><label>Operating System</label> <input name="os" type="text" id="os" /> <label>MB of RAM</label> <input name="ram" type="text" id="ram" /> <label>Type & Size of Harddrive</label> <input name="harddrive" type="text" id="harddrive" /> <label>Graphics Card</label> <input name="graphics" type="text" id="graphics" /> <label>Your Problem Details</label> <textarea rows="20" cols="5" name="detail" id="detail"></textarea> <br /> <label>Upload Screenshot of Problem (Limit = 2mb)</label> <input name="screenshot" type="file" id="screenshot" /><br /> <input class="button" type="submit" /> </p> </form> </div> <div id="sidebar"> <?php if (isset($_SESSION['logged']) && $_SESSION['logged'] == 1) { ?> <p>Welcome Back, <b><?php echo $_SESSION['username'];?>.</b></p> <?php if ($_SESSION['admin_level'] > 0) { echo '<p><a href="admin_area.php">Click here</a> to access your ' . 'administrator tools.</p>'; } } else { ?> <h2>Member Login</h2> <?php session_start(); include ('include/dbconnect.php'); // filter incoming values $username = (isset($_POST['username'])) ? trim($_POST['username']) : ''; $password = (isset($_POST['password'])) ? $_POST['password'] : ''; $redirect = (isset($_REQUEST['redirect'])) ? $_REQUEST['redirect'] : 'account.php'; if (isset($_POST['submit'])) { $query = 'SELECT admin_level FROM users WHERE ' . 'username = "' . mysql_real_escape_string($username, $conn) . '" AND ' . 'password = PASSWORD("' . mysql_real_escape_string($password, $conn) . '")'; $result = mysql_query($query, $conn) or die(mysql_error($conn)); if (mysql_num_rows($result) > 0) { $row = mysql_fetch_assoc($result); $_SESSION['username'] = $username; $_SESSION['logged'] = 1; $_SESSION['admin_level'] = $row['admin_level']; header ('Refresh: 5; URL=' . $redirect); echo '<p>You will be redirected to your original page request.</p>'; echo '<p>If your browser doesn\'t redirect you properly automatically, ' . '<a href="' . $redirect . '">click here</a>.</p>'; mysql_free_result($result); mysql_close($conn); die(); } else { // set these explicitly just to make sure $_SESSION['username'] = ''; $_SESSION['logged'] = 0; $_SESSION['admin_level'] = 0; $error = '<p><strong>You have supplied an invalid username and/or ' . 'password!</strong> Please <a href="register.php">click here ' . 'to register</a> if you have not done so already.</p>'; } mysql_free_result($result); } ?> <?php if (isset($error)) { echo $error; } ?> <form action="login.php" method="post"> Username: <input type="text" name="username" maxlength="20" size="20" value="<?php echo $username; ?>"/></td> Password: <input type="password" name="password" maxlength="20" size="20" value="<?php echo $password; ?>"/></td> <input type="hidden" name="redirect" value="<?php echo $redirect ?>"/> <input type="submit" name="submit" value="Login" class="button"/> </form> <?php mysql_close($conn); ?> <?php } ?> </div> <!-- content-wrap ends here --> </div> <?php include('../include/footer.php'); ?> <!-- wrap ends here --> </div> </body> </html> add_post.php <?php session_start(); include('../include/dbconnect.php'); include('../include/auth.inc.php'); $redirect = ('../index.php'); $query = 'SELECT user_id, username FROM users_credits WHERE username = "' . mysql_real_escape_string($_SESSION['username'], $conn) . '"'; $result = mysql_query($query, $conn) or die(mysql_error($conn)); $row = mysql_fetch_array($result); extract($row); mysql_free_result($result); // get data that sent from form $cat=$_POST['cat']; $os=$_POST['os']; $ram=$_POST['ram']; $graphics=$_POST['graphics']; $hardrive=$_POST['harddrive']; $detail=$_POST['detail']; $datetime=date("d/m/y h:i:s"); //create date time $sql="INSERT INTO forum_question (id, user_id, cat, os, ram, graphics, harddrive, detail, username, datetime) VALUES('', '$user_id', '$cat', '$os', '$ram', '$graphics', '$harrdrive', '$detail', '$username', '$datetime')"; $result=mysql_query($sql); if($result){ $limit_size=200000; $path= "screens/$username/".$HTTP_POST_FILES['screenshot']['name']; if($screenshot !=none) { $file_size=$HTTP_POST_FILES['screenshot']['size']; if($file_size >= $limit_size){ echo "Your file size is over limit<BR>"; echo "Your file size = ".$file_size; echo " K"; echo "<BR>File size limit = 2 mb"; } else { if(copy($HTTP_POST_FILES['screenshot']['tmp_name'], $path)) { header ('Refresh: 0; URL=' . $redirect); } else { echo "Error Part 2"; } } } } else { echo "ERROR Part 1"; } mysql_close(); ?> The problem is the browser redirects to add_post.php and I am faced with a blank page, no errors, nothing in the database and no image uploaded! Can anyone see anything obvious? Cheers Link to comment https://forums.phpfreaks.com/topic/175186-form-help/ Share on other sites More sharing options...
herghost Posted September 23, 2009 Author Share Posted September 23, 2009 i have corrected the spelling mistake in harddrive but still no luck Link to comment https://forums.phpfreaks.com/topic/175186-form-help/#findComment-923336 Share on other sites More sharing options...
Bricktop Posted September 23, 2009 Share Posted September 23, 2009 Hi herghost, Have you corrected all of the harddrive typo's? i.e. $hardrive=$_POST['harddrive']; //Variable becomes $hardrive $sql="INSERT INTO forum_question (id, user_id, cat, os, ram, graphics, harddrive, detail, username, datetime) //Is "harddrive" definitely the name of the table in the DB? VALUES('', '$user_id', '$cat', '$os', '$ram', '$graphics', '$harrdrive', '$detail', '$username', '$datetime')"; $result=mysql_query($sql); //$harrdrive does not exist, you have declared the variable above as $hardrive Also, you are trying to insert the variable $username but you haven't declared this variable anywhere in your code. Hope this helps. Link to comment https://forums.phpfreaks.com/topic/175186-form-help/#findComment-923361 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.