computernerd21 Posted December 23, 2013 Share Posted December 23, 2013 so i have problem with using mysql and php. i wanted to create a guestbook using a table which has: id,date, name,mail,txt and ip. and then i wrote this: <?PHP $connect = mysql_connect("localhost","",""); mysql_select_db("site1",$connect); mysql_query("SET NAMES utf8") or die(mysql_error()); $read = mysql_query('SELECT * FROM guestbook ORDER BY date ') or die(mysql_error()) ; $mass = mysql_fetch_array($read); ?> </head> <body> <form action='bb.php?click' method='post'> name:<input type="text" name="name" /><br /> mail:<input type="text" name="mail" /><br /> comment:<textarea name="txt" rows="7"></textarea><br /> adress <input type='submit' value='ENTER' /> </form> <?PHP if(isset($_GET['click'])) { $date = date("Y-m-d"); $mass['ip'] =$_SERVER['REMOTE_ADDR']; $_POST['mail'] = htmlspecialchars($_POST['mail']); $_POST['mail'] = stripslashes($_POST['mail']); $_POST['mail'] = trim($_POST['mail']); $ins = mysql_query("INSERT INTO guestbook(name,mail,txt) VALUES('$_POST[name]','$_POST[mail]','$_POST[txt]')"); if(isset($ins)) {echo $mass['name']." ";echo $mass['mail']." ";echo $mass['date']."<br />"; echo $mass['text']."<br />"; echo "<hr width=100% />"; } else echo mysql_error(); } ?> and after i insert and submit something it doesnt recognize the $_POST variables because the they dont exist anymore so what should i do??? Quote Link to comment Share on other sites More sharing options...
Solution Ch0cu3r Posted December 23, 2013 Solution Share Posted December 23, 2013 (edited) and after i insert and submit something it doesnt recognize the $_POST variables because the they dont exist anymore so what should i do??? Do you mean the new entry does show up after you insert a record? This is because you get the records from the database first and then insert a new record. What you should do is insert a record first and then get all the records afterwards. <?PHP $connect = mysql_connect("localhost","",""); mysql_select_db("site1",$connect); mysql_query("SET NAMES utf8") or die(mysql_error()); // Insert a new record if(isset($_GET['click'])) { $date = date("Y-m-d"); $mass['ip'] = $_SERVER['REMOTE_ADDR']; $name = mysql_real_escape_string($_POST['name']); $mail = mysql_real_escape_string($_POST['mail']); $txt = mysql_real_escape_string($_POST['txt']); $ins = mysql_query("INSERT INTO guestbook(name,mail,txt) VALUES('$name','$mail','$txt')"); if(!$ins) echo mysql_error(); } ?> <html> <head> <title>Guestbook</title> </head> <body> <form action='bb.php?click' method='post'> name:<input type="text" name="name" /><br /> mail:<input type="text" name="mail" /><br /> comment:<textarea name="txt" rows="7"></textarea><br /> adress <input type='submit' value='ENTER' /> </form> <?php // Get the records from the database $read = mysql_query('SELECT * FROM guestbook ORDER BY date ') or die(mysql_error()) ; while($mass = mysql_fetch_assoc($read)) { echo '<p>' . $mass['name']." " . $mass['mail'] . " " $mass['date']."<br />"; echo $mass['text']."</p>"; echo "<hr width=100% />"; } ?> </body> </html> Note I have used mysql_real_escape_string to protect against SQL injection attacks. Also I would recommend you to start changing your code over other php mysql libraries such as mysqli and pdo as the mysql_* function library is deprecated and could soon be removed. Edited December 23, 2013 by Ch0cu3r Quote Link to comment Share on other sites More sharing options...
computernerd21 Posted December 24, 2013 Author Share Posted December 24, 2013 thanks so much and i know mysql is old and i am using the newer version its just i still call it mysql soo .Anyways thank you so much it definetly worked Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.