dlyles Posted November 27, 2006 Share Posted November 27, 2006 Ok, once again I'm an extreme newbie. But being familiar with programming in general, I'm sure once I get past the basic hurdles, I can move forward. Now for one of the basic hurdles. I have a basic form that should be populating the database. Problem is, the form creates two entries and neither of which have any data from the fields in them. $sql = "insert into issueitems (IssueAmount, IssueNote, IssueTo, IssueWO, IssueDate) VALUES ('$issueamount', '$comments', '$issueto', '$IssueWO', '$issuedate')"; $result = mysql_query($sql);What am I doing wrong?Thanks in advance. Link to comment https://forums.phpfreaks.com/topic/28618-form-entry/ Share on other sites More sharing options...
kenrbnsn Posted November 27, 2006 Share Posted November 27, 2006 Not enough information for a meaningful answer.We need to see more of your script source, and the source for the form.Please surround all code with [b][nobbc][code][/code][/nobbc][/b] tags.Ken Link to comment https://forums.phpfreaks.com/topic/28618-form-entry/#findComment-130916 Share on other sites More sharing options...
dlyles Posted November 27, 2006 Author Share Posted November 27, 2006 Sorry. Here's the form:[code]<form method="post" action="issueaction.php"> <table width="600" border="0" class="style1" cellspacing="2" cellpadding="2"> <tr> <td width="20%" class="style1">Work Order:</td> <td width="20%"><input type="text" size="10" name="IssueWO"></td> <td width="20%">Issue Date: </td> <td width="20%"><input type="text" size="10" name="issuedate"></td> <td width="20%"> </td> <td width="20%"></td> </tr> <tr> <td>Group</td> <td><select name="group"><option value="DRL">DRL</option><option value="PM">PM</option></select></td> <td>Model</td> <td><select name="model"><option value="DRL">DRL</option><option value="PM">PM</option></select></td> <td>Part Number </td> <td><select name="part"><option value="DRL">DRL</option><option value="PM">PM</option></select></td> </tr> <tr> <td>Issued To </td> <td><select name="issueto"><option value="DRL">DRL</option><option value="PM">PM</option></select></td> <td></td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td>Amount Issued </td> <td><input type="text" size="10" name="issueamount"></td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td>Comments</td> <td colspan="3"><textarea name="comments" rows="10" cols="40"></textarea></td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> <tr> <td><input type="submit" name="Submit" value="Submit"></td> <td> </td> <td> </td> <td> </td> <td> </td> <td> </td> </tr> </table></form>[/code]And here's the form handler:[code]<?php$db = mysql_connect('localhost:/opt/data/rgbdata/mysql/mysql.sock', 'root', 'b33tlbug');mysql_select_db("inventory",$db);echo $IssueTo; $sql = "insert into issueitems (IssueAmount, IssueNote, IssueTo, IssueWO, IssueDate) VALUES ('$issueamount', '$comments', '$issueto', '$IssueWO', '$issuedate')"; $result = mysql_query($sql);if (!mysql_query($sql,$db)) { die('Error2: ' . mysql_error()); }echo "1 record added";mysql_close($db)?>[/code] Link to comment https://forums.phpfreaks.com/topic/28618-form-entry/#findComment-130921 Share on other sites More sharing options...
kenrbnsn Posted November 27, 2006 Share Posted November 27, 2006 You are assuming that [url=http://www.php.net/register_globals]register_globals[/url] is enabled, which it shouldn't be. If you are learning from a book that is more than 2 years old, most of them also assumed this and their examples are now incorrect.You need to explicitly reference the fields via the $_POST superglobal array. You should validate your input. At very least, use the function [url=http://www.php.net/mysql_real_escape_string]mysql_real_escape_string()[/url] on your input to avoid being hit with MySQL injection problems. Also, you are issueing the mysql_query() function twice with the same query.Change this:[code]<?php $sql = "insert into issueitems (IssueAmount, IssueNote, IssueTo, IssueWO, IssueDate) VALUES ('$issueamount', '$comments', '$issueto', '$IssueWO', '$issuedate')"; $result = mysql_query($sql);if (!mysql_query($sql,$db)) { die('Error2: ' . mysql_error()); }echo "1 record added";?>[/code]to[code]<?php $sql = "insert into issueitems (IssueAmount, IssueNote, IssueTo, IssueWO, IssueDate) VALUES ('" . mysql_real_escape_string($_POST['issueamount']) . "', '" . mysql_real_escape_string($_POST['comments']) . "', '" . mysql_real_escape_string($_POST['issueto']) . "', '" . mysql_real_escape_string($_POST['IssueWO']) . "', '" . mysql_real_escape_string($_POST['issuedate']) . "')"; $result = mysql_query($sql) or die("Error 2: query: $sql<br>" . mysql_error()); echo "1 record added";?>[/code]Ken Link to comment https://forums.phpfreaks.com/topic/28618-form-entry/#findComment-130926 Share on other sites More sharing options...
dlyles Posted November 27, 2006 Author Share Posted November 27, 2006 Thanks! ;D Link to comment https://forums.phpfreaks.com/topic/28618-form-entry/#findComment-130939 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.