Jump to content

Using Php To Insert Into Database, No Data Going

neverforget98

By neverforget98
in PHP Coding Help

 Share

Recommended Posts

neverforget98 Member

neverforget98

Posted
Posted

I just made a topic a little big ago about another error I was getting but now I'm getting another one...well...this time I'm not even getting any error, no matter what I do. The script says that the "User was sucessfully added" but when I check the database and return to the user list, the new user doesn't show up and isn't actually in the database. Can somebody help? I have included the code below! Thanks. :)

 

<?php
session_start();
require("inc/mysql.php");
require("inc/Membership.class.php");
$Member = new Membership($DBH);
require("inc/membership.php");
//test user permissions
if(!$Member->test_perms(2))
{
//No perms, echo error or forward or something
header( 'Location: nopermission.php' ) ;
}
?>

<html>
<head>
<title>Users | OUB's Integrated Services</title>
<meta name="description" content="">
<meta name="author" content="Brandin Arsenault, OUB">
   <meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
   <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<script src="./ajax/libs/jquery/1/jquery.min.js"></script>
<link rel="stylesheet" href="css/960.css" />
<link rel="stylesheet" href="style.css" />
<script src="js/scripts.js"></script>
<script type="text/javascript" language="javascript" src="jquery-1.2.6.min.js"></script>
<div id="message_box">
 <?php {
echo "Hello, " . $Member->get_field("real_name");

}?>
</div>
</head>
<body>
<br /><br /><br /><br />
<?php
include 'header.php';
?>
<br /><br />
<center><h5>INTEGRATED SERVICES USERS</center>
<br />
<center>
<?php
//including the database connection file
include_once("inc/usersdb.php");
?>
<form method="post">
<table>
<tr>
 <td>Username:</td>
 <td><input type="text" name="username" /></td>
</tr>
<tr>
 <td>Password:</td>
 <td><input type="password" name="passwordHash" /></td>
</tr>
<tr>
 <td>Real Name (Last, First):</td>
 <td><input type="text" name="real_name" /></td>
</tr>
<tr>
 <td>Position:</td>
 <td><select name="position">
 <option value="Founding President">Founding President</option>
 <option value="Relief President">Relief President</option>
 <option value="Social Media Manager">Social Media Manager</option>
 <option value="Other">Other</option></td>
</tr>
<tr>
 <td>Email:</td>
 <td><input type="text" name="email" /></td>
</tr>
<tr>
 <td>Alternate Email:</td>
 <td><input type="text" name="altemail" /></td>
</tr>
<tr>
 <td>Home Number (XXX-XXX-XXXX):</td>
 <td><input type="text" name="hnumber" /></td>
</tr>
<tr>
 <td>Mobile Number (XXX-XXX-XXXX):</td>
 <td><input type="text" name="mnumber" /></td>
</tr>
<tr>
 <td>System Username:</td>
 <td><input type="text" name="sysusername" /></td>
</tr>
<tr>
 <td>System Password:</td>
 <td><input type="password" name="syspassword" /></td>
</tr>
<tr>
 <td>Non-Disclosure Agreement:</td>
 <td><select name="nondisclosure">
 <option value="Yes">Yes</option>
 <option value="No">No</option></td>
</tr>
<tr>
 <td>Proper Conduct Agreement:</td>
 <td><select name="properconduct">
 <option value="Yes">Yes</option>
 <option value="No">No</option></td>
</tr>
<tr>
 <td>Terms of Use:</td>
 <td><select name="termsofuse">
 <option value="Yes">Yes</option>
 <option value="No">No</option></td>
</tr>
<tr>
 <td>Permissions (ROOT USER ONLY):</td>
 <td><input type="text" name="perms" value="1.0.1" /></td>
</tr>
<tr>
 <td> </td>
 <td><br/ ><input type="submit" name="submit" value="Add User" /></td>
</tr>
</table>
</form>
<?php Echo mysql_error() ?>
<?php
if(isset($_POST['submit']))
{

$username=$_POST['username'];
$passwordHash=$_POST['passwordHash'];
$real_name=$_POST['real_name'];
$position=$_POST['position'];
$email=$_POST['email'];
$altemail=$_POST['altemail'];
$hnumber=$_POST['hnumber'];
$mnumber=$_POST['mnumber'];
$sysusername=$_POST['sysusername'];
$syspassword=$_POST['syspassword'];
$nondisclosure=$_POST['nondisclosure'];
$properconduct=$_POST['properconduct'];
$termsofuse=$_POST['termsofuse'];
$perms=$_POST['perms'];

// checking empty fields
if(empty($username) || empty($passwordHash) || empty($real_name))
{
 //if name field is empty
 if(empty($username))
 {
  echo "<font color='red'>Username field is empty.</font><br/>";
 }
 //if age field is empty
 if(empty($passwordHash))
 {
  echo "<font color='red'>Password field is empty.</font><br/>";
 }
 //if email field is empty
 if(empty($real_name))
 {
  echo "<font color='red'>Name field is empty.</font><br/>";
 }

 //link to the previous page
 echo "<br/><a href='javascript:self.history.back();'>Go Back</a>";
}
else // if all the fields are filled (not empty)
{
 //insert data to database
 $result=mysql_query("INSERT INTO users(username,passwordHash,real_name,position,email,altemail,hnumber,mnumber,sysusername,sysnumber,nondisclosure,properconduct,termsofuse,perms) VALUES('$username','$passwordHash','$real_name','$position','$email','$altemail','$hnumber','$mnumber','$sysusername','$syspassword','$nondisclosure','$properconduct','$termsofuse','$perms')");

 //display success message
 echo "<font color='green'>User account added successfully.";
 echo "<br/><a href='ausers.php'>Return to Users List</a>";
}
}
?>
</center>

<?php
include 'logout.php';
?>
</body>
</html>

neverforget98 Member

neverforget98

Posted
  • Author
Posted (edited)

you use only mysql_query without a connection to database like using mysql_connect

There is a line in the script (50-53):

<?php
//including the database connection file
include_once("inc/usersdb.php");
?>

That opens the config file for the database connection...so that launches the connection at the beginning of the file. Shouldn't this be enough? (If I'm wrong, please correct me and let me know what I have to add, thanks!)

Edited by neverforget98
JohnTipperton Newbie

JohnTipperton

Posted
Posted (edited)

try this

$result="INSERT INTO users(username,passwordHash,real_name,position,email,altemail,hnumber,mnumber,sysusername,sysnumber,nondisclosure,properconduct,termsofuse,perms) VALUES('$username','$passwordHash','$real_name','$position','$email','$altemail','$hnumber','$mnumber','$sysusername','$syspassword','$nondisclosure','$properconduct','$termsofuse','$perms')";
mysql_query($result,$con);

 

the $con is the connection from the database its up to you on how to declare it

Edited by JohnTipperton
neverforget98 Member

neverforget98

Posted
  • Author
Posted

try this

$result="INSERT INTO users(username,passwordHash,real_name,position,email,altemail,hnumber,mnumber,sysusername,sysnumber,nondisclosure,properconduct,termsofuse,perms) VALUES('$username','$passwordHash','$real_name','$position','$email','$altemail','$hnumber','$mnumber','$sysusername','$syspassword','$nondisclosure','$properconduct','$termsofuse','$perms')";
mysql_query($result,$con);

 

the $con is the connection from the database its up to you on how to declare it

So, how would I represent $con in my file? If I'm including another file how would I represent it? How would I represent it if I had it IN the file? Sorry, I'm not really good with this. /: As much as I think I am, haha.

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

You are unconditionally outputting the success message without testing if the query did anything. Since you are assigning the result from the query to $result, add the following code to test what the query actually did -

 

if(!$result){
   // query failed with an error of some kind, do some error reporting here -
   die('INSERT query failed. ' . mysql_error());
} else {
   // query executed, test if it actually inserted the row
   if(!mysql_affected_rows()){
       // row was not inserted. This is rare and would generally require the use of the IGNORE keyword in the query to cause a query error to become a warning only.
       die('INSERT query ran, but did not insert the row.');
   } else {
       // query ran and did insert the row -
       echo "<font color='green'>User account added successfully.";
       echo "<br/><a href='ausers.php'>Return to Users List</a>";
   }
}

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

P.S. Your login check/permission code is not secure and won't stop anyone from accessing your 'protected' pages. You need an exit; statement after the header() redirect to prevent the rest of the code on your page from running while the browser is requesting the new page in the the redirect.

neverforget98 Member

neverforget98

Posted
  • Author
Posted 

$con = mysql_connect("localhost","mysql_user","mysql_pwd");if (!$con) { die('Could not connect: ' . mysql_error()); }

 

I have included both of your codes and PFMaBiSmAd's and it's still saying success but it's not going in...

neverforget98 Member

neverforget98

Posted
  • Author
Posted

^^^ I don't believe you :) What is your current code?

I'm getting no database selected error :o How do I select a database in one of my codes? This is my connection code:

$con = mysql_connect("localhost","root","");if (!$con)  {  die('Could not connect: ' . mysql_error());  }

 

And this is the other part of the code:

<?php
if(isset($_POST['submit']))
{

$username=$_POST['username'];
$passwordHash=$_POST['passwordHash'];
$real_name=$_POST['real_name'];
$position=$_POST['position'];
$email=$_POST['email'];
$altemail=$_POST['altemail'];
$hnumber=$_POST['hnumber'];
$mnumber=$_POST['mnumber'];
$sysusername=$_POST['sysusername'];
$syspassword=$_POST['syspassword'];
$nondisclosure=$_POST['nondisclosure'];
$properconduct=$_POST['properconduct'];
$termsofuse=$_POST['termsofuse'];
$perms=$_POST['perms'];

if(empty($name) || empty($age) || empty($email))
 if(empty($username))
 {
  echo "<font color='red'>Username field is empty.</font><br/>";
 }
 if(empty($password))
 {
  echo "<font color='red'>Password field is empty.</font><br/>";
 }
 if(empty($real_name))
 {
  echo "<font color='red'>Name field is empty.</font><br/>";
 }
else
{
 $result=mysql_query("INSERT INTO users(username,passwordHash,real_name,position,email,altemail,hnumber,mnumber,sysusername,sysnumber,nondisclosure,properconduct,termsofuse,perms) VALUES('$username','$passwordHash','$real_name','$position','$email','$altemail','$hnumber','$mnumber','$sysusername','$syspassword','$nondisclosure','$properconduct','$termsofuse','$perms')");

if(!$result){
    // query failed with an error of some kind, do some error reporting here -
    die('INSERT query failed. ' . mysql_error());
} else {
    // query executed, test if it actually inserted the row
    if(!mysql_affected_rows()){
		    // row was not inserted. This is rare and would generally require the use of the IGNORE keyword in the query to cause a query error to become a warning only.
		    die('INSERT query ran, but did not insert the row.');
    } else {
		    // query ran and did insert the row -
		    echo "<font color='green'>User account added successfully.";
		    echo "<br/><a href='ausers.php'>Return to Users List</a>";
    }
}
}
}

?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.