Jump to content

form help

herghost

By herghost
in PHP Coding Help

 Share

Recommended Posts

herghost Advanced Member

herghost

Posted
Posted

Hi all,

 

I am having some problems with getting my form to work.

 

Here is my code

<?php
session_start();
include('../../config/connect.php');

$name = (isset($_POST['name'])) ? trim($_POST['name']) : '';

$query0="INSERT INTO product_features (name) VALUES ('$name')";
if (!mysql_query($query0))
  		{
		die('Error: ' . mysql_error());
	}
  
else
		{
			echo $query0;
			$name =  mysql_fetch_row($name); 
			$savedname = $name[0]; 
			$query1 =" SELECT id FROM product_features WHERE name = '$savedname'";
			$result = mysql_query($query1);
			echo $result;
			while($row = mysql_fetch_array($result));

				{
					$id = $row['id'];
					$_SESSION['id'] = $id; 
				}

$checkBoxes = array( 'changemx', 'traceaddy', 'addoncgi', 'addondomains', 'zoneedit', 'advguest', 'agora', 'analog', 'handlers', 'autoresponders', 'awstats', 'backup', 'backupwizard', 'bandwidth', 'boxtrapper', 'cgi', 'csvimport', 'setlang', 'style', 'chat', 'statselect', 'counter', 'cron', 'errpgs', 'defaultaddress', 'dirselector', 'diskusageviewer', 'popaccts', 'emailauth', 'emaildomainfwd', 'blockers', 'emailscripts', 'entropybanner', 'entropysearch', 'errlog', 'fantastico', 'Fantastico_De_Luxe', 'filemanager', 'forwarders', 'frontpage', 'ftpaccts', 'ftpsetup', 'getstart', 'hotlink', 'ipdeny', 'cpanelpro_images', 'indexmanager', 'modules_php_pear', 'modules_perl', 'modules_ruby', 'interchange', 'clock', 'lastvisits', 'cpanelproleechprotect', 'lists', 'mime', 'mysql', 'nettools', 'pgp', 'bbs', 'parkeddomains', 'password', 'phpmyadmin', 'phppgadmin', 'postgres', 'randhtml', 'rawlog', 'redirects', 'ror', 'ssh', 'sslinstall', 'sslmanager', 'searchsubmit', 'php_config', 'serverstatus', 'scgiwrap', 'simplezoneedit', 'guest', 'spamassassin', 'spambox', 'statmanager', 'subdomains', 'subdomainstats', 'cpanelpro_support', 'updatecontact', 'updatenotificationprefs', 'videotut', 'clamavconnector_scan', 'webdisk', 'webalizer', 'webmail', 'webprotect'); 
foreach ($checkBoxes as $key) 

	{
		$data[$key] = isset($_POST[$key])?trim($_POST[$key]) : '';
	}
   

$formBoxes = implode(', ', $checkBoxes);
$formData = implode(', ', $data);
$id = $_SESSION['id'];


$query = "INSERT INTO product_features WHERE id = '$id'($formBoxes) VALUES ($formData)";
echo $query;


if (!mysql_query($query))
  {
  die('Error: ' . mysql_error());
  }
else
{
$_SESSION['featureadd'] = 'featureadd';
header("Location: $adminbase/viewfeaturelist.php");
}
		}
?>

 

And the echo return is:

INSERT INTO product_features (name) VALUES ('uu')
Warning: mysql_fetch_row() expects parameter 1 to be resource, string given in C:\wamp\www\jolly\office\formactions\featureadd.php on line 16
Resource id #5INSERT INTO product_features WHERE id = ''(changemx, traceaddy, addoncgi, addondomains, zoneedit, advguest, agora, analog, handlers, autoresponders, awstats, backup, backupwizard, bandwidth, boxtrapper, cgi, csvimport, setlang, style, chat, statselect, counter, cron, errpgs, defaultaddress, dirselector, diskusageviewer, popaccts, emailauth, emaildomainfwd, blockers, emailscripts, entropybanner, entropysearch, errlog, fantastico, Fantastico_De_Luxe, filemanager, forwarders, frontpage, ftpaccts, ftpsetup, getstart, hotlink, ipdeny, cpanelpro_images, indexmanager, modules_php_pear, modules_perl, modules_ruby, interchange, clock, lastvisits, cpanelproleechprotect, lists, mime, mysql, nettools, pgp, bbs, parkeddomains, password, phpmyadmin, phppgadmin, postgres, randhtml, rawlog, redirects, ror, ssh, sslinstall, sslmanager, searchsubmit, php_config, serverstatus, scgiwrap, simplezoneedit, guest, spamassassin, spambox, statmanager, subdomains, subdomainstats, cpanelpro_support, updatecontact, updatenotificationprefs, videotut, clamavconnector_scan, webdisk, webalizer, webmail, webprotect) VALUES (1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1)Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id = ''(changemx, traceaddy, addoncgi, addondomains, zoneedit, advguest, a' at line 1

 

Whats causing the 2 errors:

Warning: mysql_fetch_row() expects parameter 1 to be resource, string given in C:\wamp\www\jolly\office\formactions\featureadd.php on line 16

 

and

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id = ''(changemx, traceaddy, addoncgi, addondomains, zoneedit, advguest, a' at line 1

 

Thanks :)

 

 

 

 

Link to comment
Share on other sites
herghost Advanced Member

herghost

Posted
  • Author
Posted

Ignore most of that,

 

I somehow managed not to see a lot of what crap I was posting!

 

I now have this which clears the 1st error:

<?php
session_start();
include('../../config/connect.php');

$name = (isset($_POST['name'])) ? trim($_POST['name']) : '';

$query0="INSERT INTO product_features (name) VALUES ('$name')";
$result = mysql_query($query0) or die(mysql_error());
echo $query0;


			$query2 ="SELECT * FROM product_features";
			$result = mysql_query($query2) or die(mysql_error());
			$row = mysql_fetch_array($result) or die(mysql_error());
			$savedname =  $row['name'];


			$query1 ="SELECT id FROM product_features WHERE name = '$savedname'";
			$result = mysql_query($query1);
			echo $result;
			while($row = mysql_fetch_array($result));

				{
					$id = $row['id'];
					$_SESSION['id'] = $id; 
				}

$checkBoxes = array( 'changemx', 'traceaddy', 'addoncgi', 'addondomains', 'zoneedit', 'advguest', 'agora', 'analog', 'handlers', 'autoresponders', 'awstats', 'backup', 'backupwizard', 'bandwidth', 'boxtrapper', 'cgi', 'csvimport', 'setlang', 'style', 'chat', 'statselect', 'counter', 'cron', 'errpgs', 'defaultaddress', 'dirselector', 'diskusageviewer', 'popaccts', 'emailauth', 'emaildomainfwd', 'blockers', 'emailscripts', 'entropybanner', 'entropysearch', 'errlog', 'fantastico', 'Fantastico_De_Luxe', 'filemanager', 'forwarders', 'frontpage', 'ftpaccts', 'ftpsetup', 'getstart', 'hotlink', 'ipdeny', 'cpanelpro_images', 'indexmanager', 'modules_php_pear', 'modules_perl', 'modules_ruby', 'interchange', 'clock', 'lastvisits', 'cpanelproleechprotect', 'lists', 'mime', 'mysql', 'nettools', 'pgp', 'bbs', 'parkeddomains', 'password', 'phpmyadmin', 'phppgadmin', 'postgres', 'randhtml', 'rawlog', 'redirects', 'ror', 'ssh', 'sslinstall', 'sslmanager', 'searchsubmit', 'php_config', 'serverstatus', 'scgiwrap', 'simplezoneedit', 'guest', 'spamassassin', 'spambox', 'statmanager', 'subdomains', 'subdomainstats', 'cpanelpro_support', 'updatecontact', 'updatenotificationprefs', 'videotut', 'clamavconnector_scan', 'webdisk', 'webalizer', 'webmail', 'webprotect'); 
foreach ($checkBoxes as $key) 

	{
		$data[$key] = isset($_POST[$key])?trim($_POST[$key]) : '';
	}
   

$formBoxes = implode(', ', $checkBoxes);
$formData = implode(', ', $data);
$id = $_SESSION['id'];


$query = "INSERT INTO product_features WHERE id = '$id'($formBoxes) VALUES ($formData)";
echo $query;


if (!mysql_query($query))
  {
  die('Error: ' . mysql_error());
  }
else
{
$_SESSION['featureadd'] = 'featureadd';
header("Location: $adminbase/viewfeaturelist.php");
}

?>

 

So now I will look at the insert query.

 

Link to comment
Share on other sites
herghost Advanced Member

herghost

Posted
  • Author
Posted

Got it :)

<?php
session_start();
include('../../config/connect.php');

$name = (isset($_POST['name'])) ? trim($_POST['name']) : '';

$query0="INSERT INTO product_features (name) VALUES ('$name')";
$result = mysql_query($query0) or die(mysql_error());
echo $query0;


			$query2 ="SELECT * FROM product_features";
			$result = mysql_query($query2) or die(mysql_error());
			$row = mysql_fetch_array($result) or die(mysql_error());
			$savedname =  $row['name'];


			$query1 ="SELECT id FROM product_features WHERE name = '$savedname'";
			$result = mysql_query($query1);
			echo $result;
			while($row = mysql_fetch_array($result));

				{
					$id = $row['id'];
					$_SESSION['id'] = $id; 
				}

$checkBoxes = array( 'changemx', 'traceaddy', 'addoncgi', 'addondomains', 'zoneedit', 'advguest', 'agora', 'analog', 'handlers', 'autoresponders', 'awstats', 'backup', 'backupwizard', 'bandwidth', 'boxtrapper', 'cgi', 'csvimport', 'setlang', 'style', 'chat', 'statselect', 'counter', 'cron', 'errpgs', 'defaultaddress', 'dirselector', 'diskusageviewer', 'popaccts', 'emailauth', 'emaildomainfwd', 'blockers', 'emailscripts', 'entropybanner', 'entropysearch', 'errlog', 'fantastico', 'Fantastico_De_Luxe', 'filemanager', 'forwarders', 'frontpage', 'ftpaccts', 'ftpsetup', 'getstart', 'hotlink', 'ipdeny', 'cpanelpro_images', 'indexmanager', 'modules_php_pear', 'modules_perl', 'modules_ruby', 'interchange', 'clock', 'lastvisits', 'cpanelproleechprotect', 'lists', 'mime', 'mysql', 'nettools', 'pgp', 'bbs', 'parkeddomains', 'password', 'phpmyadmin', 'phppgadmin', 'postgres', 'randhtml', 'rawlog', 'redirects', 'ror', 'ssh', 'sslinstall', 'sslmanager', 'searchsubmit', 'php_config', 'serverstatus', 'scgiwrap', 'simplezoneedit', 'guest', 'spamassassin', 'spambox', 'statmanager', 'subdomains', 'subdomainstats', 'cpanelpro_support', 'updatecontact', 'updatenotificationprefs', 'videotut', 'clamavconnector_scan', 'webdisk', 'webalizer', 'webmail', 'webprotect'); 
foreach ($checkBoxes as $key) 

	{
		$data[$key] = isset($_POST[$key])?trim($_POST[$key]) : '';
	}
   

$formBoxes = implode(', ', $checkBoxes);
$formData = implode(', ', $data);
$id = $_SESSION['id'];


$query = "INSERT INTO product_features (name, $formBoxes) VALUES ('$savedname', $formData)";
echo $query;


if (!mysql_query($query))
  {
  die('Error: ' . mysql_error());
  }
else
{
$_SESSION['featureadd'] = 'featureadd';
header("Location: $adminbase/viewfeaturelist.php");
}

?>

 

Thanks all,

 

Sometimes just need a reminder :)

 

Link to comment
Share on other sites
herghost Advanced Member

herghost

Posted
  • Author
Posted

In fact, I dont need half that code!

<?php
session_start();
include('../../config/connect.php');

$name = (isset($_POST['name'])) ? trim($_POST['name']) : '';


$checkBoxes = array( 'changemx', 'traceaddy', 'addoncgi', 'addondomains', 'zoneedit', 'advguest', 'agora', 'analog', 'handlers', 'autoresponders', 'awstats', 'backup', 'backupwizard', 'bandwidth', 'boxtrapper', 'cgi', 'csvimport', 'setlang', 'style', 'chat', 'statselect', 'counter', 'cron', 'errpgs', 'defaultaddress', 'dirselector', 'diskusageviewer', 'popaccts', 'emailauth', 'emaildomainfwd', 'blockers', 'emailscripts', 'entropybanner', 'entropysearch', 'errlog', 'fantastico', 'Fantastico_De_Luxe', 'filemanager', 'forwarders', 'frontpage', 'ftpaccts', 'ftpsetup', 'getstart', 'hotlink', 'ipdeny', 'cpanelpro_images', 'indexmanager', 'modules_php_pear', 'modules_perl', 'modules_ruby', 'interchange', 'clock', 'lastvisits', 'cpanelproleechprotect', 'lists', 'mime', 'mysql', 'nettools', 'pgp', 'bbs', 'parkeddomains', 'password', 'phpmyadmin', 'phppgadmin', 'postgres', 'randhtml', 'rawlog', 'redirects', 'ror', 'ssh', 'sslinstall', 'sslmanager', 'searchsubmit', 'php_config', 'serverstatus', 'scgiwrap', 'simplezoneedit', 'guest', 'spamassassin', 'spambox', 'statmanager', 'subdomains', 'subdomainstats', 'cpanelpro_support', 'updatecontact', 'updatenotificationprefs', 'videotut', 'clamavconnector_scan', 'webdisk', 'webalizer', 'webmail', 'webprotect'); 
foreach ($checkBoxes as $key) 

	{
		$data[$key] = isset($_POST[$key])?trim($_POST[$key]) : '';
	}
   

$formBoxes = implode(', ', $checkBoxes);
$formData = implode(', ', $data);
$id = $_SESSION['id'];


$query = "INSERT INTO product_features (name, $formBoxes) VALUES ('$savedname', $formData)";



if (!mysql_query($query))
  {
  die('Error: ' . mysql_error());
  }
else
{
$_SESSION['featureadd'] = 'featureadd';
header("Location: $adminbase/viewfeaturelist.php");
}

?>

 

Link to comment
Share on other sites
herghost Advanced Member

herghost

Posted
  • Author
Posted

This is driving me mad,

 

I now have this error::

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1' at line 1

 

From this:

<?php
session_start();
include('../../config/connect.php');

$name = (isset($_POST['name'])) ? trim($_POST['name']) : '';
$checkBoxes = array( 'changemx', 'traceaddy', 'addoncgi', 'addondomains', 'zoneedit', 'advguest', 'agora', 'analog', 'handlers', 'autoresponders', 'awstats', 'backup', 'backupwizard', 'bandwidth', 'boxtrapper', 'cgi', 'csvimport', 'setlang', 'style', 'chat', 'statselect', 'counter', 'cron', 'errpgs', 'defaultaddress', 'dirselector', 'diskusageviewer', 'popaccts', 'emailauth', 'emaildomainfwd', 'blockers', 'emailscripts', 'entropybanner', 'entropysearch', 'errlog', 'fantastico', 'Fantastico_De_Luxe', 'filemanager', 'forwarders', 'frontpage', 'ftpaccts', 'ftpsetup', 'getstart', 'hotlink', 'ipdeny', 'cpanelpro_images', 'indexmanager', 'modules_php_pear', 'modules_perl', 'modules_ruby', 'interchange', 'clock', 'lastvisits', 'cpanelproleechprotect', 'lists', 'mime', 'mysql', 'nettools', 'pgp', 'bbs', 'parkeddomains', 'password', 'phpmyadmin', 'phppgadmin', 'postgres', 'randhtml', 'rawlog', 'redirects', 'ror', 'ssh', 'sslinstall', 'sslmanager', 'searchsubmit', 'php_config', 'serverstatus', 'scgiwrap', 'simplezoneedit', 'guest', 'spamassassin', 'spambox', 'statmanager', 'subdomains', 'subdomainstats', 'cpanelpro_support', 'updatecontact', 'updatenotificationprefs', 'videotut', 'clamavconnector_scan', 'webdisk', 'webalizer', 'webmail', 'webprotect'); 
foreach ($checkBoxes as $key) 

	{
		$data[$key] = isset($_POST[$key])?trim($_POST[$key]) : '';
	}
   

$formBoxes = implode(', ', $checkBoxes);
$formData = implode(', ', $data);



$query = "INSERT INTO product_features (name, $formBoxes) VALUES ('$name', $formData)";
if (!mysql_query($query))
  {
  die('Error: ' . mysql_error());
  }
else
{
$_SESSION['featureadd'] = 'featureadd';
header("Location: $adminbase/viewfeaturelist.php");
}

?>

 

 

Link to comment
Share on other sites
herghost Advanced Member

herghost

Posted
  • Author
Posted

Thank you,

 

It  appears that somehow an extra comma is being created, I guess its something todo with the array, just not sure how to remove the 1st one.

 ('Max', , 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1)

 

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

It would appear to be the value from the form that corresponds to the 'changemx' field. I don't think removing it would solve anything. You would need to find out why it is not being set from the form field.

 

Your code needs to -

A) validate the data being put into the query so that you only execute the query when all expected data is present,

B) escape any string data that is being put into the query to prevent sql injection,

C) cast any integer data as an INT that is being put into the query to prevent sql injection, and

D) put single-quotes around any string data.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.