JBrom Posted May 9, 2011 Share Posted May 9, 2011 Hi, This is my first post and below is my first bash at a php script. I have set up IIS on my PC and created a web form using HTML form fields. I want the form fields to be used to update an Access database which is in my root folder. The ODBC connection seems to work but for some reason the update isn't working. I dont receive any error messages but dont get the desired result of updating my db. Can you help - please go easy on me? My code is below. HTML code is: <form action= "update_script.php" method="post" enctype="text/plain" name="SubmitQuery" onsubmit="return formValidator()"> Please type your name in the field below: </br></br> <input type="text" class ="details" tabindex="1" size="37" name="Name of person submitting the query" id="req1"/> </br><hr/> Select the subject of your query from the drop down list: </br></br> <select class="formtextboxes" name="Subject of the Query" tabindex="2" id="selection2"/> <option value="Please choose">Please choose</option> <<option value="C.Tax">C.Tax</option> <option value="Capital">Capital</option> <option value="Change of address">Change of address</option> <option value="Dates">Dates</option> <option value="E.Payment">E.Payment</option> <option value="ED Bens">ED Bens</option> <option value="Eligibility">Eligibility</option> <option value="In & out of work">In & out of work</option> <option value="Income">Income</option> <option value="Other-Please state">Other-Please state</option> <option value="Overpayments">Overpayments</option> <option value="P/Credits">P/Credits</option> <option value="Payments">Payments</option> <option value="PFA's">PFA's</option> <option value="Rent">Rent</option> <option value="Revision/Supersession">Revision/Supersession</option> <option value="Students">Students</option> <option value="Training">Training</option> </select> <hr/> Describe your query in detail so that we can answer in the best way: </br></br> <TEXTAREA name="Details of the query" value="" tabindex="3" cols ="6" rows ="4" id="req2"></TEXTAREA> <hr/> <input class="formbuttons" type="submit" value="Send"/> <input class="formbuttons" type="reset" value="Reset"/> <input type="hidden" size="20" id="date" Name="Contact type" value ="Email"> <input type="hidden" size="20" id="date" Name="Date the query was sent" value =" "> <script type="text/javascript"> window.onload=function() {var output=document.getElementById('date'); output.disabled=false; var mydate=new Date(), month=mydate.getMonth()+ 1, day=mydate.getDate(), year=mydate.getYear(); output.value = (day<10?'0'+day:day)+'-'+(month<10?'0'+month:month)+'-'+year; } </script> </form> update_script.php is as follows: <html> <head> <title>Update script</title> <head> <body> <link href ="P&Q CTax web page.css" rel="stylesheet" type="text/css"/> <style type ="text/CSS"> </style> </head> <body> <div id="container"> <img STYLE="position:absolute; TOP:25px; LEFT:250px; WIDTH:550px; HEIGHT:35px" src="Logo.jpg" alt="Bolton Logo"/> <div id="menu"> </div> <div id="content"> </br></br></br></br></br></br></br></br> <?php $conn=odbc_connect('MyDSN','',''); if (!$conn) {exit("Connection Failed: " . $conn);} $sql = "INSERT INTO Phone_log(Name of Person, Subject, Details, Contact type, Date of Query, In procedure manual, Time taken) VALUES (`{$_POST['Name of person submitting the query']}`, `{$_POST['Subject of the Query']}`, `{$_POST['Details of the query']}`, `{$_POST['Contact type']}`, `{$_POST['Date the query was sent']}` `{['Awaiting update']}`, `{['Awaiting update']}`)"; if (!$sql) { print "Error in SQL"; } else { print "<h3>Thank you for sumitting your query to the Policy & Quality team</h3><p>\n"; echo $_POST["Name of person submitting the query"]; echo $_POST["Subject of the Query"]; echo $_POST["Details of the query"]; echo $_POST["Contact type"]; echo $_POST["Date the query was sent"]; } odbc_close($conn); echo '<pre> 1. All GET and POST'; print_r($_REQUEST); echo '<br>2. Only GET'; print_r($_GET); echo '<br>2. Only POST'; print_r($_POST); echo '</pre>'; echo phpinfo() ?> </body> </html> Quote Link to comment Share on other sites More sharing options...
mrant Posted May 9, 2011 Share Posted May 9, 2011 Hi, In script.php I can see odbc_connect, you then build the SQL statement to be executed into $sql and the next step is the odbc_close. At no point are you executing the SQL statement say with odbc_exec or with a prepare and execute. Of course you need to seriously sanitise that data as it is horribly wide open at the moment - but then you know that already Ant Quote Link to comment Share on other sites More sharing options...
Maq Posted May 9, 2011 Share Posted May 9, 2011 In the future, please place tags around your code. Quote Link to comment Share on other sites More sharing options...
spiderwell Posted May 9, 2011 Share Posted May 9, 2011 your sql statement is incorrect also use the backticks on the column names, not the values, place the values in single quotes instead INSERT INTO `mytable` (`somecolumn`) VALUES ('somevalue') Quote Link to comment Share on other sites More sharing options...
JBrom Posted May 12, 2011 Author Share Posted May 12, 2011 Thanks very much for the feedback. I have amended the script based on your suggestion and it worked. Then had a nighmare with the php.ini reading from c:Windows/ instead of c:PHP. Eventually sorted that and set global variables to on. But still when I post my form even though the script appends to the db, nothing posts. Used the following to check for output and nothing. echo '<pre> 1. All GET and POST'; print_r($_REQUEST); echo '<br>2. Only GET'; print_r($_GET); echo '<br>2. Only POST'; print_r($_POST); Re-checked all my HTML field names and they are correctly typed in the $POST_['Name'] funtion. When submitting the form I get the message 'PHP Notice: Undefined index:'. Then tried Get rather than Post and the form values are sent to the receiving php page, but when I changed php to use $GET_['Name'] again no update in my db. I never realised PHP this was this much fun!!!! Again, any help would be appreciated, feels like when I resolve one issue another rasies its head. Code below. <?php //odbc connection $conn=odbc_connect('MyDSN','',''); if (!$conn) {exit("Connection Failed: " . $conn);} foreach ($_POST AS $k => $v) { // ..trim, slash, escape... $$k= mysql_real_escape_string( stripslashes( trim( $v ) ) ); } //sql declaration $jbsql= "INSERT INTO Phone_log(`Name of Person`, `Subject`, `Details`, `Contact type`, `Date of Query`, `In procedure manual`, `Time taken`) VALUES ('{$_POST['Name']}','{$_POST['Subject']}','{$_POST['Details']}','{$_POST['Contact']}','20/05/2011','Awaiting update','Awaiting update')"; //execute sql $result = odbc_exec($conn, $jbsql); echo '<pre> 1. All GET and POST'; print_r($_REQUEST); echo '<br>2. Only GET'; print_r($_GET); echo '<br>2. Only POST'; print_r($_POST); echo '</pre>'; //close connection odbc_close($conn); ?> Any help would very much appreciated. Thanks again Quote Link to comment Share on other sites More sharing options...
fugix Posted May 12, 2011 Share Posted May 12, 2011 im not sure that i follow your logic for doing this...but try this echo '<pre> 1. All GET and POST'; print_r($_REQUEST[]); echo '<br>2. Only GET'; print_r($_GET[]); echo '<br>2. Only POST'; print_r($_POST[]); echo '</pre>'; Quote Link to comment Share on other sites More sharing options...
Maq Posted May 13, 2011 Share Posted May 13, 2011 @JBrom, in the future, please place tags around your code. Quote Link to comment Share on other sites More sharing options...
azdrian21 Posted May 13, 2011 Share Posted May 13, 2011 these "backticks" errors usually comes via copy and paste from examples in the book your learning from.check over your code when copying example from books. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.