slj90 Posted January 17, 2010 Share Posted January 17, 2010 Hello, I have a form were you enter details which then go through an action page to be added to a database. All the fields work apart from Category, Cat and Desc. I can't for the life of me see why these don't work and the rest do. The form... <body> <h1 align="center">Add Product</h1> <p> <form name="form1" method="post" action="addProduct.php"> <h2>Product Details</h2> <p>Product Name <input name="txtProductName" type="text" id="txtProductName"> </p> <p>Cat <input name="txtProductCat" type="text" id="txtProductCat"> </p> <p>Category <input name="txtProductCategory" type="text" id="txtProductCategory"> </p> <p>Image <input name="txtProductImage" type="text" id="txtProductImage"> </p> <p>Size <input name="txtProductSize" type="text" id="txtProductSize"> </p> <p>Description <input name="txtProductDesc" type="text" id="txtProductDesc"> </p> <p>Price <input name="txtProductPrice" type="text" id="txtProductPrice"> <p> <input type="submit" name="Submit" value="Submit"> </p> </form> </body> The action script <?php //Include the connection details, open $connection and select database include ("connection.php"); $newProductName = $_POST['txtProductName']; $newProductCat = $_POST['txtProductCat']; $newProductCategory = $_POST['txtProductCategory']; $newProductImage = $_POST['txtProductImage']; $newProductSize = $_POST['txtProductSize']; $newProductDesc = $_POST['txtProdectDesc']; $newProductPrice = $_POST['txtProductPrice']; $query = "INSERT INTO Product (ProductName, ProductCat, ProductCategory, ProductImage, ProductSize, ProductDesc, ProductPrice) VALUES ('$newProductName', '$ProductCat', '$ProductCategory', '$newProductImage', '$newProductSize', '$newProductDesc', '$newProductPrice')"; // (4) Run query through connection $result = mysql_query($query); // (5) print message with ID of inserted record header("Location: productReceipt.php?"."ProductID=". mysql_insert_id($connection)); // (6) close connection mysql_close($connection); ?> Thank you Quote Link to comment https://forums.phpfreaks.com/topic/188772-value-not-writing-to-database/ Share on other sites More sharing options...
Buddski Posted January 17, 2010 Share Posted January 17, 2010 Change $result = mysql_query($query); to $result = mysql_query($query) or trigger_error(mysql_error()); It will more than likely tell you what is wrong.. Quote Link to comment https://forums.phpfreaks.com/topic/188772-value-not-writing-to-database/#findComment-996608 Share on other sites More sharing options...
oni-kun Posted January 17, 2010 Share Posted January 17, 2010 Your query is suseptable to SQL query injection (A nasty nasty thing). ALWAYS make sure to sanitize the data once retrieved from POST. Place this above in your action script: include ("connection.php"); //Sanitize data for input if(get_magic_quotes_gpc()): $_POST = array_map('stripslashes', $_POST); } $_POST = array_map('mysql_real_escape_string', $_POST); //Retrieve clean $_POST data. $newProductName = $_POST['txtProductName']; $newProductCat = $_POST['txtProductCat']; $newProductCategory = $_POST['txtProductCategory']; $newProductImage = $_POST['txtProductImage']; $newProductSize = $_POST['txtProductSize']; $newProductDesc = $_POST['txtProdectDesc']; $newProductPrice = $_POST['txtProductPrice']; EDIT: Updated code. Quote Link to comment https://forums.phpfreaks.com/topic/188772-value-not-writing-to-database/#findComment-996610 Share on other sites More sharing options...
slj90 Posted January 17, 2010 Author Share Posted January 17, 2010 Thanks for the response.. Buddski - I tried your suggestion, it doesn't bring up an error or whats wrong, it just adds the other fields into the db. oni-kun - I add your suggested code and it still does the same. Thanks again Quote Link to comment https://forums.phpfreaks.com/topic/188772-value-not-writing-to-database/#findComment-996611 Share on other sites More sharing options...
oni-kun Posted January 17, 2010 Share Posted January 17, 2010 Thanks for the response.. Buddski - I tried your suggestion, it doesn't bring up an error or whats wrong, it just adds the other fields into the db. oni-kun - I add your suggested code and it still does the same. Thanks again I assumed the previous message would have brought it to light, But you should keep the code I stated as you're allowing people to directly post into your database if not. Quote Link to comment https://forums.phpfreaks.com/topic/188772-value-not-writing-to-database/#findComment-996614 Share on other sites More sharing options...
Buddski Posted January 17, 2010 Share Posted January 17, 2010 The problem is your query is calling variables that dont exist.. Your query is calling for '$ProductCat', '$ProductCategory' yet you have them defined as $newProductCat etc.. Edit: and your defining of the description has a typo.. Quote Link to comment https://forums.phpfreaks.com/topic/188772-value-not-writing-to-database/#findComment-996616 Share on other sites More sharing options...
slj90 Posted January 17, 2010 Author Share Posted January 17, 2010 I have made new columns named 'ProductC' and 'ProductD' and used them in the code just like the others and they are working fine. So I will just use them instead . Thanks for your help guys Quote Link to comment https://forums.phpfreaks.com/topic/188772-value-not-writing-to-database/#findComment-996618 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.