Jump to content

Quick Form Submission Problem


klobking

Recommended Posts

Hello, I'm fairly new to PHP and usually I will keep reading and struggling away till I find my answer but, this one has me really stumped.

 

Basically, I'm submitting a form one of the post objects is "categories" I'm then storing "categories in $cat, to be used as a part mysql database reference so the data is submitted to the correct table in the database... My problem is it's just not working...

 

Could anybody give me any hints or tips on how to get this work... or am I going about this all wrong?

 

My code is:

 

<?php
$con = mysql_connect("localhost","username","password");
$cat = $_POST[category];
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("databasename", $con);

$sql="INSERT INTO gpc_'$cat ($cat_title, $cat_info)
VALUES
('$_POST[title]','$_POST[info]')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
echo "Working";

mysql_close($con);
?>

 

 

Any help would be wonderful!

 

mod edit: code in code tags please

Link to comment
Share on other sites

Apologies again :/

 

The error I'm receiving is as follows:

 

Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' ) VALUES ('title test','

content test

 

')' at line 1

Link to comment
Share on other sites

Print out the SQL query, and see how it looks. That should give you the problem, and lead you to what you need to do to fix it.

 

And you still need to validate all input and escape all output, otherwise you will be open for attackers. Even if you trust your users, you don't want to trust everything that goes on within their computers and/or other pages they visit at the same time.

Link to comment
Share on other sites

I've tried changing that but the error report is identical.

 

Very sorry for being a bit of a pain.

 

What would be the correct syntax to create a new variable that includes a variable followed by plaintext?

 

For example

 

$cat_title = $cat + Plain text ];    ~Obviously it's not "+ Plain text", that's the bit I'm stumped with

Link to comment
Share on other sites

I've tried changing that but the error report is identical.

[/quote[

Not possible, it would print at least the SQL: part even if somehow $sql was empty.

 

What would be the correct syntax to create a new variable that includes a variable followed by plaintext?

$cat_title = $cat.'Text';

 

Read the manual.

Link to comment
Share on other sites

You're welcome, and we're glad we could help.

 

However, I'd like to point out that neither of us are grumpy. We're just to the point, and trying to teach you how to figure these things out for yourself.

I strongly recommend that you read the excellent article How to ask questions the smart way, and pay especially close attention to the introduction. A small quote from it:

If you find this attitude obnoxious, condescending, or arrogant, check your assumptions...
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.