Jump to content

Recommended Posts

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Dairy Farm Record Management</title>
<link rel="stylesheet" type="text/css" href="C:\Documents and Settings\satheesh\Desktop\dairy_records\styles\styles.css" />
</head>
<body bgcolor="#FFEBCC">
<?php
if ( isset($_POST["submit"])) {
// process form
//$db = mysql_connect("localhost", "root","TWINKLE1");
//mysql_select_db("c1_cattle_history",$db);
//$sql = "INSERT INTO cattle_rec (cattle_name,first_svc,second_svc,third_svc,calving_date,calf_sex,days_in_milk,milk_yld,dry_days,305_days_yld) VALUES
//('$cattle_name,$first_svc,$second_svc,$third_svc,$calving_date,$calf_sex,$days_in_milk,$milk_yld,$dry_days,$days_yld')";
//$result = mysql_query($sql);
require($_SERVER["DOCUMENT_ROOT"]."/dairy_logon.php");
$connection = mysql_connect($db_host, $db_user, $db_password) or die("error connecting");
mysql_select_db("$db_name");
    mysql_query("INSERT INTO cattle_det (cattle_n,first_s,second_s,third_s,calving_d,calf_s,days_m,m_yld,dry_d,d_yld) VALUES
('$_POST[cattle_name]','$_POST[first_svc]','$_POST[second_svc]','$_POST[third_svc]','$_POST[calving_date]','$_POST[calf_sex]','$_POST[days_in_milk]','$_POST[milk_yld]','$_POST[dry_days]','$_POST[days_yld]')");
echo "Cattle Information Updated Successfully !\n";
} else {
// display form
}
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>">
<table cellpadding="0" cellspacing="0" width="99%">
<tr><td align="center">
<font face="Franklin Gothic Medium" size="6" color="#FF8000">History Sheet</font></td></tr><br/>
<tr><td align="left"><font face="Franklin Gothic Medium" size="4" color="#FF8000">Cattle Name : </font>    <input type="text" size="15" name="cattle_name"></input><br/>
</td></tr><br/>
<table border="2" cellpadding="1" cellspacing="0" id="mytable">
  <tr>

 

The code given above is supposed to retrieve values from a form and update the respective columns in the MySQL database,but everytime I key-in the value and say "Submit" in the form the form is just reset and the values are also getting updated. Please do provide your valuable inputs.

 

Thanks a mil.

Satheesh P R

Link to comment
https://forums.phpfreaks.com/topic/230734-code-not-working/
Share on other sites

Few things..

#1.  Do NOT use (<?php echo $_SERVER['PHP_SELF'] ?>).  There are major major security flaws with it.

 

#2.  I think your quotes are off a little here...

mysql_query("INSERT INTO cattle_det (cattle_n,first_s,second_s,third_s,calving_d,calf_s,days_m,m_yld,dry_d,d_yld) VALUES
('$_POST[cattle_name]','$_POST[first_svc]','$_POST[second_svc]','$_POST[third_svc]','$_POST[calving_date]','$_POST[calf_sex]','$_POST[days_in_milk]','$_POST[milk_yld]','$_POST[dry_days]','$_POST[days_yld]')");

 

Instead do this..

$query = "INSERT INTO cattle_det (cattle_n,first_s,second_s,third_s,calving_d,calf_s,days_m,m_yld,dry_d,d_yld) VALUES
('{$_POST['cattle_name']}','{$_POST['first_svc']}','{$_POST['second_svc']}','{$_POST['third_svc']','{$_POST['calving_date']}','{$_POST['calf_sex']}','{$_POST['days_in_milk']}','{$_POST['milk_yld']}','{$_POST['dry_days']}','{$_POST['days_yld']}')"
if (mysql_query($query)
echo "SUCCESS!!\n";
else
echo "FAIL!!\n";

 

Also you really should be doing some variable sanitizing prior to you insert.

Link to comment
https://forums.phpfreaks.com/topic/230734-code-not-working/#findComment-1187895
Share on other sites

Also you really should be doing some variable sanitizing prior to you insert.

Yes, do not use raw POST, GET or any data that could possibly be manipulated by the user, directly in your query.  For sanitation, you can use mysql_real_escape_string.

Link to comment
https://forums.phpfreaks.com/topic/230734-code-not-working/#findComment-1187897
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.