webguync Posted April 16, 2010 Share Posted April 16, 2010 Hi, I am using PHP and JQuery to submit info from a form into a MySQL DB. One of the fields in not picking up the data correctly as simply displays 'undefined'. The info is being stored in PHP via Sessions. I think this problem occurred before and was fixed, but now is happening again for some reason. The field is question is called 'editor_name'. <?php session_start(); $con = mysql_connect("localhost","user_name","pw") or die('Could not connect: ' . mysql_error()); mysql_select_db("DBName") or die(mysql_error()); $_SESSION['editor_name'] = $row->editor_name; $editor_name = $_SESSION['editor_name']; $editor_name=mysql_real_escape_string($_POST['editor_name']); //This value has to be the same as in the HTML form file $A1=mysql_real_escape_string($_POST['Answer1']); //This value has to be the same as in the HTML form file $A2=mysql_real_escape_string($_POST['Answer2']); //This value has to be the same as in the HTML form file $A3=mysql_real_escape_string($_POST['Answer3']); //This value has to be the same as in the HTML form file $A4=mysql_real_escape_string($_POST['Answer4']); //This value has to be the same as in the HTML form file $A5=mysql_real_escape_string($_POST['Answer5']); //This value has to be the same as in the HTML form file $A6=mysql_real_escape_string($_POST['Answer6']); //This value has to be the same as in the HTML form file $A7=mysql_real_escape_string($_POST['Answer7']); //This value has to be the same as in the HTML form file $A8=mysql_real_escape_string($_POST['Answer8']); //This value has to be the same as in the HTML form file $A9=mysql_real_escape_string($_POST['Answer9']); //This value has to be the same as in the HTML form file $A10=mysql_real_escape_string($_POST['Answer10']); //This value has to be the same as in the HTML form file $A11=mysql_real_escape_string($_POST['Answer11']); //This value has to be the same as in the HTML form file $A12=mysql_real_escape_string($_POST['Answer12']); //This value has to be the same as in the HTML form file $sql="INSERT INTO Responses (`username`,`Answer1`,`Answer2`,`Answer3`,`Answer4`,`Answer5`,`Answer6`,`Answer7`,`Answer8`,`Answer9`,`Answer10`,`Answer11`,`Answer12`) VALUES ('$editor_name','$A1','$A2','$A3','$A4','$A5','$A6','$A7','$A8','$A9','$A10','$A11','$A12')"; /*form_data is the name of the MySQL table where the form data will be saved. name and email are the respective table fields*/ if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } else{ echo "Your information has been submitted successfully."; } mysql_close($con); ?> the form code <?php ini_set("display_errors","1"); ERROR_REPORTING(E_ALL); session_start(); $con = mysql_connect("localhost","uname","pw") or die('Could not connect: ' . mysql_error()); mysql_select_db("DBName") or die(mysql_error()); // Same checking stuff all over again. if(isset($_POST['submit'])) { if(empty($_POST['username']) || empty($_POST['password']) ) { echo "<h2 style='color:#FF0000;font-weight:bold;font-family:arial, helvetica, sans-serif;font-size:'12px';>Please fill in both your username and password to access the editor exam.<br /> You will be redirected back to the login screen in 5 seconds.</h2>"; echo "<meta http-equiv='refresh' content='5; url=EditorLogin.php'>"; exit; } // Create the variables again. $username = mysql_real_escape_string($_POST['username']); $password = $_POST['password']; // Encrypt the password again with the md5 hash. // This way the password is now the same as the password inside the database. //$pwid = md5($pwid); // Store the SQL query inside a variable. // ONLY the username you have filled in is retrieved from the database. $query = "SELECT username,password,editor_name FROM Editor_Candidates WHERE password = '$password' AND username='$username'"; $result = mysql_query($query) or die(mysql_error()); if(mysql_num_rows($result) == 0) { // Gives an error if the username/pw given does not exist. // or if something else is wrong. echo "<h2 style='color:#ff0000;font-weight:bold;font-family:arial, helvetica, sans-serif;font-size:'11px';>You have entered a username or password that does not match our database records. please try again.<br /> You will be redirected back to the login screen in 5 seconds.</h2> " . mysql_error(); echo "<meta http-equiv='refresh' content='5; url=EditorLogin.php'>"; exit(); /* this would benefit from a redirect to a page giving better information to the user and maybe logging some errors. */ } else { // Now create an object from the data you've retrieved. $row = mysql_fetch_object($result); // You've now created an object containing the data. // You can call data by using -> after $row. // For example now the password is checked if they're equal. // By storing data inside the $_SESSION superglobal, // you stay logged in until you close your browser. $_SESSION['editor_name'] = $row->editor_name; $_SESSION['username'] = $username; $_SESSION['sid'] = session_id(); // Make it more secure by storing the user's IP address. $_SESSION['ip'] = $_SERVER['REMOTE_ADDR']; // Now give the success message. // $_SESSION['username'] should print out your username. //move this to after your redirect further below.. //Update record with current time IF the account has never logged in before $dat = time() + 3600; $query = "UPDATE Editor_Candidates SET login_timestamp = DATE_ADD(NOW(), INTERVAL 2 HOUR) WHERE username = '$username' AND password = '$password'"; //echo $query; //for debugging test $result = mysql_query($query) or die(mysql_error()); //Check if query ran successfully } } // Start a session. If not logged in will be redirected back to login screen. if(!isset($_SESSION['username'])){ header("Location:EditorLogin.php"); exit; } ?> and the JQuery stuff $(function() { $('.error').hide(); $(".button").click(function() { // validate and process form // first hide any error messages $('.error').hide(); var editor_name = $("input#editor_name").val(); var Answer1 = $("textarea#Answer1").val(); if (Answer1 == "") { $("label#Q1_error").show(); $("textarea#Answer1").focus(); return false; } var Answer2 = $("textarea#Answer2").val(); if (Answer2 == "") { $("label#Q2_error").show(); $("textarea#Answer2").focus(); return false; } var Answer3 = $("textarea#Answer3").val(); if (Answer3 == "") { $("label#Q3_error").show(); $("textarea#Answer3").focus(); return false; } var Answer4 = $("textarea#Answer4").val(); if (Answer4 == "") { $("label#Q4_error").show(); $("textarea#Answer4").focus(); return false; } var Answer5 = $("textarea#Answer5").val(); if (Answer5 == "") { $("label#Q5_error").show(); $("textarea#Answer5").focus(); return false; } var Answer6 = $("textarea#Answer6").val(); if (Answer6 == "") { $("label#Q6_error").show(); $("textarea#Answer6").focus(); return false; } var Answer7 = $("textarea#Answer7").val(); if (Answer7 == "") { $("label#Q7_error").show(); $("textarea#Answer7").focus(); return false; } var Answer8 = $("textarea#Answer8").val(); if (Answer8 == "") { $("label#Q8_error").show(); $("textarea#Answer8").focus(); return false; } var Answer9 = $("textarea#Answer9").val(); if (Answer9 == "") { $("label#Q9_error").show(); $("textarea#Answer9").focus(); return false; } var Answer10 = $("textarea#Answer10").val(); if (Answer10 == "") { $("label#Q10_error").show(); $("textarea#Answer10").focus(); return false; } var Answer11 = $("textarea#Answer11").val(); if (Answer11 == "") { $("label#Q11_error").show(); $("textarea#Answer11").focus(); return false; } var Answer12 = $("textarea#Answer12").val(); if (Answer12 == "") { $("label#Q12_error").show(); $("textarea#Answer12").focus(); return false; } var dataString = 'editor_name='+ editor_name + '&Answer1='+ Answer1 + '&Answer2=' + Answer2 + '&Answer3=' + Answer3 + '&Answer4=' + Answer4 + '&Answer5=' + Answer5 + '&Answer6=' + Answer6 + '&Answer7=' + Answer7 + '&Answer8=' + Answer8 + '&Answer9=' + Answer9 + '&Answer10=' + Answer10 + '&Answer11=' + Answer11 + '&Answer12=' + Answer12; $.ajax({ type: "POST", url: "bin/process.php", data: dataString, success: function() { $('#contact_form').html("<div id='message'></div>"); $('#message').html("<h2>Your answers were successfully submitted!</h2>") .append("<p>We will be in touch.</p>") .hide() .fadeIn(1500, function() { $('#message').append("<img id='checkmark' src='images/check.png' />"); }); } }); return false; }); }); runOnLoad(function(){ $("textarea#Q1").select().focus(); }); Quote Link to comment Share on other sites More sharing options...
Mchl Posted April 16, 2010 Share Posted April 16, 2010 'undefined' is being displayed by JavaScript when variable contains no value. Quote Link to comment Share on other sites More sharing options...
ChemicalBliss Posted April 16, 2010 Share Posted April 16, 2010 Check your browser error log, in firefox its under tools-.error console. It will probably say this line is the culprit: var editor_name = $("input#editor_name").val(); In the form HTML (which i cant see from the code u posted), is there an <INPUT tag named with the id "editor_name'? try an alert(editor_name); see what it says. -cb- Quote Link to comment Share on other sites More sharing options...
webguync Posted April 16, 2010 Author Share Posted April 16, 2010 no there isn't currently an input field, b/c I am extracting the editor_name from the DB using SQL and storing it in a Session. I tried using a hidden field with input and assigning it an id 'editor_name', but that didn't seem to work either. Quote Link to comment Share on other sites More sharing options...
ChemicalBliss Posted April 16, 2010 Share Posted April 16, 2010 Ok well from the code it suggests you get the editor name from a method of $row. $row->editor_name what is $row, why is it coming from there? 2-- var editor_name = $("input#editor_name").val(); This is looking for a field you said isnt there, so its not needed if you are using a predifined editor name in php. -cb- Quote Link to comment Share on other sites More sharing options...
webguync Posted April 19, 2010 Author Share Posted April 19, 2010 when I take this line out of the JS validation the form doesn't submit. var editor_name = $("input#editor_name").val(); apparently I need to have a var for every var in the datastring, but since I am not actually using input#editor name, not sure what I should do. I don't think I needed this line so I took it out. $_SESSION['editor_name'] = $row->editor_name; Quote Link to comment Share on other sites More sharing options...
webguync Posted April 19, 2010 Author Share Posted April 19, 2010 should a hidden field work in this case? If so how would I code that? Quote Link to comment Share on other sites More sharing options...
ChemicalBliss Posted April 20, 2010 Share Posted April 20, 2010 Ok well from the code it suggests you get the editor name from a method of $row. $row->editor_name what is $row, why is it coming from there? -cb- Tell us everything. -cb- Quote Link to comment Share on other sites More sharing options...
webguync Posted April 20, 2010 Author Share Posted April 20, 2010 here is the php part that processes the data and selects from MySQL <?php ini_set("display_errors","1"); ERROR_REPORTING(E_ALL); session_start(); $con = mysql_connect("localhost","uname","pw") or die('Could not connect: ' . mysql_error()); mysql_select_db("DBName") or die(mysql_error()); // Same checking stuff all over again. if(isset($_POST['submit'])) { if(empty($_POST['username']) || empty($_POST['password']) ) { echo "<h2 style='color:#FF0000;font-weight:bold;font-family:arial, helvetica, sans-serif;font-size:'12px';>Please fill in both your username and password to access the editor exam.<br /> You will be redirected back to the login screen in 5 seconds.</h2>"; echo "<meta http-equiv='refresh' content='5; url=EditorLogin.php'>"; exit; } // Create the variables again. $username = mysql_real_escape_string($_POST['username']); $password = $_POST['password']; // Encrypt the password again with the md5 hash. // This way the password is now the same as the password inside the database. //$pwid = md5($pwid); // Store the SQL query inside a variable. // ONLY the username you have filled in is retrieved from the database. $query = "SELECT username,password,editor_name FROM Editor_Candidates WHERE password = '$password' AND username='$username'"; $result = mysql_query($query) or die(mysql_error()); if(mysql_num_rows($result) == 0) { // Gives an error if the username/pw given does not exist. // or if something else is wrong. echo "<h2 style='color:#ff0000;font-weight:bold;font-family:arial, helvetica, sans-serif;font-size:'11px';>You have entered a username or password that does not match our database records. please try again.<br /> You will be redirected back to the login screen in 5 seconds.</h2> " . mysql_error(); echo "<meta http-equiv='refresh' content='5; url=EditorLogin.php'>"; exit(); /* this would benefit from a redirect to a page giving better information to the user and maybe logging some errors. */ } else { // Now create an object from the data you've retrieved. $row = mysql_fetch_object($result); // You've now created an object containing the data. // You can call data by using -> after $row. // For example now the password is checked if they're equal. // By storing data inside the $_SESSION superglobal, // you stay logged in until you close your browser. $_SESSION['editor_name'] = $row->editor_name; $_SESSION['username'] = $username; $_SESSION['sid'] = session_id(); // Make it more secure by storing the user's IP address. $_SESSION['ip'] = $_SERVER['REMOTE_ADDR']; // Now give the success message. // $_SESSION['username'] should print out your username. //move this to after your redirect further below.. //Update record with current time IF the account has never logged in before $dat = time() + 3600; $query = "UPDATE Editor_Candidates SET login_timestamp = DATE_ADD(NOW(), INTERVAL 2 HOUR) WHERE username = '$username' AND password = '$password'"; //echo $query; //for debugging test $result = mysql_query($query) or die(mysql_error()); //Check if query ran successfully } } // Start a session. If not logged in will be redirected back to login screen. if(!isset($_SESSION['username'])){ header("Location:EditorLogin.php"); exit; } ?> I am storing the value of editor_name in a SESSION Var, and want to have that info submit into the DB when the form is submitted. Quote Link to comment Share on other sites More sharing options...
ChemicalBliss Posted April 20, 2010 Share Posted April 20, 2010 remove ths line from your original script: $_SESSION['editor_name'] = $row->editor_name; -cb- Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.