Jump to content

Writing a review script from scratch, am I doing it correctly?

scm22ri

By scm22ri
in PHP Coding Help

 Share

Recommended Posts

scm22ri Member

scm22ri

Posted
Posted

Hi Everyone,

 

I'm trying to figure out how to write a review of a certain business.

 

If you click on the below URL and press "write a review" I'm passing all of my variables along with that business.

 

http://whatsmyowncarworth.com/practiceTemplate/practice1/33/loans/table3.php

 

I'm trying to figure out how to insert those variables into my mysql database. For the past few hours I've been trying to figure this out but not quite sure what I'm doing wrong. My syntax is below. Thanks for the help everyone!

 

table3.php syntax

 

>>>>>>>>>>>>>>>>>>>>>>>>>>>>

 

<?php
include('init.php');

/*$sql = "SELECT * FROM cars WHERE id='1' ORDER BY year ASC";*/

$sql = "SELECT * FROM dealers";
if ($result = mysql_query($sql)) {

echo "<table border='1'>";
echo "<tr> <th>ID</th> <th>Name</th> <th>Reviews</th> <th>Address</th> <th>State</th> <th>City</th> <th>Website</th> ";

// keeps getting the next row until there are no more to get
while ($row = mysql_fetch_array($result)){

$id = $row['id'];
$name = $row['name']; 
$address = $row['address'];
$state = $row['state'];
$city = $row['city'];
$website = $row['website'];
$maps = $row['maps'];
$lat = $row['lat'];
$lng = $row['lng'];


	echo("\t<tr>\n");
	/*echo("\t\t<td>" . "$id" . "</td>\n");*/
    /*echo("\t\t<td><a href='reviews2.php?id=" . $_GET['id'] . "'>" . "$id" . "</a>");*/
	/*echo("\t\t<td><a href='reviews2.php?$id='>" . "$id" . "</a>");*/
	/*echo "\t\t<td><a href='reviews2.php?$id'>$id</a>";*/
	echo "\t\t<td><a href='reviews2.php?id=$id'>$id</a>";
	/*echo("\t\t<td>" . "<a href='http://$website' target = '_blank'>" . "$name" . "</a></td>\n");*/
	echo("\t\t<td>" . "<a href='reviews2.php?id=$name'>$name ");
	/*echo("\t\t<td>" . "<a href='reviews2.php?id=$id'>Write Review ");*/
	echo("\t\t<td>" . "<a href='reviews2.php?id=$id&name=$name&address=$address&state=$state&city=$city&website=$website'>Write Review ");
	echo("\t\t<td>" . "$address" . "</td>\n");
	echo("\t\t<td>" . "$state" . "</td>\n");
	echo("\t\t<td>" . "$city" . "</td>\n");
	echo("\t\t<td>" . "<a href='http://$website' target = '_blank'>" . "$name" . "</a></td>\n");
	/*echo 'Error reporting: ' . ini_get('error_reporting') . '<br>Display errors: ' . ini_get('display_errors');*/


}
echo "</table>";
}
else {
trigger_error(mysql_error()); // for development only; remove when in production
}
?>

<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">

  

</body>
</html>

 

 

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

 

reviews2.php syntax

 

<?php
include('init.php');

$id = $_GET['id'];
    $name = $_GET['name'];
$address = $_GET['address'];
    $state = $_GET['state'];	
$city = $_GET['city'];
    $website = $_GET['website'];

?>

<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<b>Write a review of 
<?php echo $id; ?>
, 
<?php echo $name; ?>
</b> , <b> 
<?php echo $address; ?>
</b>, <b> 
<?php echo $state; ?>
</b>, <b> 
<?php echo $city; ?>
</b>, <b> 
<?php echo $website; ?>
<input type="text" name="website" value="<?php echo $website; ?>" />
</b><br>

<form action="insert.php" method="post" size="30" maxlength="40">
<br>
<TEXTAREA name="comment" rows="10" cols="125">

</TEXTAREA>
<br><br>
<td><input type="submit" name="submit" value="Submit"></td>
</form>


</body>
</html>

 

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

 

insert.php syntax

 

<?php
//Connect to the database through our include 
include_once "init.php";


$id = mysql_real_escape_string($_GET['id']); 
    $name = mysql_real_escape_string($_GET['name']);
    $address = mysql_real_escape_string($_GET['address']);
    $state = mysql_real_escape_string($_GET['state']);
$city = mysql_real_escape_string($_GET['city']);
$website = mysql_real_escape_string($_GET['website']);
$comment = mysql_real_escape_string($_POST['comment']);


$insert = 'INSERT INTO auto(id, name, address, state, city, website, comment)
VALUES("'.$id.'","'.$name.'","'.$address.'","'.$state.'","'.$city.'","'.$website.'","'.$comment.'")';

    mysql_query($insert);

echo 'Thanks for submitting your vehicle information.<br /><br />
    To return to the homepage, <a href="practiceTemplate/practice1/33/loans/table3.php">click here</a>';

?>

Link to comment
Share on other sites
rbrown Member

rbrown

Posted
Posted

Try this:

$insert = "INSERT INTO auto(id, name, address, state, city, website, comment)
VALUES('$id', '$name', '$address', '$state', '$city', '$website', '$comment')";

OR this

$insert = "INSERT INTO auto(id, name, address, state, city, website, comment)
VALUES('".$id."', '".$name."', '".$address."', '".$state."', '".$city."', '".$website."', '".$comment."')";

Both will work... pay attention to the quotes...

 

Link to comment
Share on other sites
hakimserwa Member

hakimserwa

Posted
Posted

you are using a $_get to catch values from the form that is using the Post method.

look at your code here



$id = mysql_real_escape_string($_GET['id']); 
    $name = mysql_real_escape_string($_GET['name']);
    $address = mysql_real_escape_string($_GET['address']);
    $state = mysql_real_escape_string($_GET['state']);



$city = mysql_real_escape_string($_GET['city']);



$website = mysql_real_escape_string($_GET['website']);

 

change get to post that might help.

Link to comment
Share on other sites
scm22ri Member

scm22ri

Posted
  • Author
Posted

Hi Guys,

 

Thanks for both of your responses. I appreciate that. I changed a few things around but only the comment and ID (auto increment) information is being inputted into the mysql database.

 

The name, address, state, city, website and not being inputted.

 

Do I need to pass all of the variable information when I hit the "Submit" button? (see below page)

http://whatsmyowncarworth.com/practiceTemplate/practice1/33/loans/reviews2.php?

 

How would I pass name, address, state, city, website when I hit submit?

 

Thanks everyone!

Link to comment
Share on other sites
Drummin Member

Drummin

Posted
Posted

Your form currently doesn't have input fields for the city etc.  You need to add those in.

Name: <input type="text" name="name" /><br />
Address: <input type="text" name="address" /><br />
City: <input type="text" name="city" /><br />
State: <input type="text" name="state" /><br />
Website: <input type="text" name="website" /><br />

Link to comment
Share on other sites
jcbones Newbie

jcbones

Posted
Posted

At the very top of your script (below the opening PHP tag), put:  

error_reporting(-1);
ini_set('display_errors',1);
echo '<pre>' . print_r($_POST,true) . '</pre>';

 

This will tell you if you are getting errors on the page (missing variables, etc), and what form information is reaching the page.

Link to comment
Share on other sites
scm22ri Member

scm22ri

Posted
  • Author
Posted

Hi Everyone,

 

I appreciate the replies but I'm still a little confused as to how to correct my problem. Here's where I'm at. When I hit "submit" all that's happening is the review is being submitted into the database. I'm not sure what I'm doing wrong.

 

I want to pass all of my variables. How would I do that by pressing one button? (That button, being "submit")

 

Below is my syntax for reviews2.php

http://whatsmyowncarworth.com/practiceTemplate/practice1/33/loans/reviews2.php?id=7&name=Online%20Auto%20Sales&address=45%20Main%20Street&state=Massachusetts&city=Worcester&website=www.onlineautosales.com

 

 

<?php
include('init.php');

error_reporting(-1);
ini_set('display_errors',1);
echo '<pre>' . print_r($_POST,true) . '</pre>';

$id = $_GET['id'];
    $name = $_GET['name'];
$address = $_GET['address'];
    $state = $_GET['state'];	
$city = $_GET['city'];
    $website = $_GET['website'];

?>

<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<b>Write a review of 
<?php echo $id; ?>
, 
<?php echo $name; ?>
</b> , <b> 
<?php echo $address; ?>
</b>, <b> 
<?php echo $state; ?>
</b>, <b> 
<?php echo $city; ?>
</b>, <b> 
<?php echo $website; ?>
</b><br>

<form action="insert.php" method="post" size="30" maxlength="40">
<br>
<TEXTAREA name="comment" "rows="10" cols="125">

</TEXTAREA>
<br><br>
<td><input type="submit" name="submit" value="Submit"></td>
</form>


</body>
</html>

Link to comment
Share on other sites
hakimserwa Member

hakimserwa

Posted
Posted

i dont think you need any help from anyone, looking into the code that you have posted its the same mistakes that you have been making and already ideas have been given on the issues but you have not made any effort to do any change.

 

first of all you are expecting values that you have not asked from the user or who ever filling the form.

your form is incomplete.

your form is using a post method and the value are being received using a get method thats wrong too

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.