Jump to content

Recommended Posts

Hi everyone,

 

I am having problems getting this newsletter script I created to write to a table in the database. I know my connection is good and it seems to be executing several anti-sql injection functions correctly and reading stuff from another table just fine, but won't write to it. I am getting an error that it "Cannot write to database!" and am just redirected to the error page without adding a line to the db table.

 

The code in question is this line:

 

// insert data into database
$sql = "INSERT INTO $tbl_name1(confirm_code, name, email)VALUES('$confirm_code', '$name', '$email') LIMIT 1";
$result = mysql_query($sql) or trigger_error("Cannot write to database!");

 

This server is running PHP version 5.2.17 and MySQL 5.0.96.

 

Any comments or suggestions to illuminate my problem would help.

 

More code for the script up to that point is below.

 

Thanks,

 

kaiman

 

CREATE TABLE `temp_subscribers` (
`confirm_code` varchar(65) NOT NULL default '',
`name` varchar(65) NOT NULL default '',
`email` varchar(65) NOT NULL default ''
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

 

// connects to server and selects database
include ("../includes/dbconnect.inc.php");

// table names
$tbl_name1 = "temp_subscribers";
$tbl_name2 = "newsletter_subscribers";

// random confirmation code
$confirm_code = md5(uniqid(rand()));

// removes magic_quotes_gpc slashes
function stripQuotes($arg) {
if (get_magic_quotes_runtime()) {
return stripslashes($arg);
} else {
return $arg;
}
}

// protect against mysql injection
function cleanString($string){
htmlentities(mysql_real_escape_string($string));
return $string;
}

// values sent from form
$name = stripQuotes($_POST['name']);
$name = cleanString($name);
$email = stripQuotes($_POST['email']);
$email = cleanString($email);

// check for empty fields
if (empty($name) || empty($email)) {
header("Location: http://www.mysite.com/newsletter/error/");
exit ;
}

// sanitize and validate email address
$email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL) ;
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header( "Location: http://www.mysite.com/newsletter/error/" ) ;
exit;
}

//account check
$sql = "SELECT count(*) FROM $tbl_name2 WHERE email='$email' LIMIT 1";
$result = mysql_query($sql) or trigger_error("Cannot read from database!");
$num = mysql_result($result,0);
//check to see if email exists or not.
if($num > 0){
header("Location: http://www.mysite.com/newsletter/error/");
exit ;
}

// insert data into database
$sql = "INSERT INTO $tbl_name1(confirm_code, name, email)VALUES('$confirm_code', '$name', '$email') LIMIT 1";
$result = mysql_query($sql) or trigger_error("Cannot write to database!");

Link to comment
https://forums.phpfreaks.com/topic/270163-cant-write-to-database-help/
Share on other sites

Hi everyone,

 

I am having problems getting this newsletter script I created to write to a table in the database. I know my connection is good and it seems to be executing several anti-sql injection functions correctly and reading stuff from another table just fine, but won't write to it. I am getting an error that it "Cannot write to database!" and am just redirected to the error page without adding a line to the db table.

 

The code in question is this line:

 

// insert data into database
$sql = "INSERT INTO $tbl_name1(confirm_code, name, email)VALUES('$confirm_code', '$name', '$email') LIMIT 1";
$result = mysql_query($sql) or trigger_error("Cannot write to database!");

....

LIMIT 1?? How many times do you think it would try to insert if that wasn't there?

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.