Jump to content

Recommended Posts

ok, here's the problem...

i have created a php page that works...sort of... i dont think that the problem is in the php, but even if it isnt, ill post it here too:

[code]<?
$hostname="mysql.someserver.net";
$username="pass";
$password="word";
$dbname="dbname";
$usertable="a table";
$first=$_POST['name'];
$last=$_POST['type'];
$phone=$_POST['phone'];
$mobile=$_POST['city'];
$fax=$_POST['county'];
$email=$_POST['email'];
$web=$_POST['web'];
$description=$_POST['description'];

mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect to database! Please try again later.");
mysql_select_db($dbname);

$query = "INSERT INTO customers VALUES ('$name','$type','$phone','$city','$county','$email','$web','description')";
$result = mysql_query($query) or die(mysql_error());

mysql_close();
?>[/code]

the problem i am having is when i use the php file it places a row in the mysql db, but it is blank.......
any idea what is going on?
Link to comment
https://forums.phpfreaks.com/topic/34022-solved-php-mysql-confusion/
Share on other sites

when testing the form i just put in gibberish into the fields.

i thought that the script should have put the randomness into the rows on the db, but it didnt...

using phpadmin (i think thats what it is...) i tried to manually input some data in another db...it didnt come up with anything...
then i changed something (i dont remember, i think it had something to do with ascii) and it placed the data into the table...

i was just toying around with the db because it was my first time.

thanks for the input.
changed to
[code]$query = "INSERT INTO db (name, type, phone, city, county, email, web, description) VALUES ('$name', '$type', '$phone', '$city', '$county', '$email', '$web', '$description')";
$result = mysql_query($query) or die(mysql_error());
[/code]
still doesnt place values into db....

also tried this
[code]$query = "INSERT INTO db ('name', 'type', 'phone', 'city', 'county', 'email', 'web', 'description') VALUES ('$name', '$type', '$phone', '$city', '$county', '$email', '$web', '$description')";
$result = mysql_query($query) or die(mysql_error());
[/code]
Try this first, please tell us the results:
[code]
<?php
$query = "INSERT INTO db (name, type, phone, city, county, email, web, description) VALUES ('$name', '$type', '$phone', '$city', '$county', '$email', '$web', '$description')";
$result = mysql_query($query) or die(mysql_error());
echo $query;
?>[/code]

If it shows something like [quote]INSERT INTO db (name, type, phone, city, county, email, web, description) VALUES ('', '', '', '', '', '', '', '')[/quote] Try this next one:

[code]
<?php
$query = "INSERT INTO `db` (name, type, phone, city, county, email, web, description) VALUES ('".$name."', '".$type."', '".$phone."', '".$city."', '".$county."', '".$email."', '".$web."', '".$description."')";
$result = mysql_query($query) or die(mysql_error());
echo $query;
?>[/code]
first one echoed INSERT INTO customers (name, type, phone, city, county, email, web, description) VALUES ('', '', '', '', '', '', '', '')

the second returns this error:
Duplicate entry '' for key 1

i changed the second to this:
[code]VALUES ('.$name.', '.$type.', '.$phone.', '.$city.', '.$county.', '.$email.', '.$web.', '.$description.')";
$result = mysql_query($query) or die(mysql_error());[/code]

and it echoed this:
INSERT INTO `customers` (name, type, phone, city, county, email, web, description) VALUES ('..', '..', '..', '..', '..', '..', '..', '..')

for some reason it isnt finding the variables....
The variable names you are using here

[code=php:0]$first=$_POST['name'];
$last=$_POST['type'];
$phone=$_POST['phone'];
$mobile=$_POST['city'];
$fax=$_POST['county'];
$email=$_POST['email'];
$web=$_POST['web'];
$description=$_POST['description'];[/code]


don't match the variable names you are using here:

[code=php:0]$query = "INSERT INTO customers VALUES ('$name','$type','$phone','$city','$county','$email','$web','description')";[/code]


If you say [code=php:0]$first = $_POST['name'][/code] then you must use [code=php:0]$first[/code] in your query, not [code=php:0]$name[/code]
used this
[code]$query = "INSERT INTO `customers` (name, type, phone, city, county, email, web, description) VALUES ({$name}, {$type}, {$phone}, {$city}, {$county}, {$email}, {$web}, {$description})";
[/code]

got this
You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ' , , , , , , )' at line 1

used this
[code]$query = "INSERT INTO `customers` (name, type, phone, city, county, email, web, description) VALUES ('{$name}', '{$type}', '{$phone}', '{$city}', '{$county}', '{$email}', '{$web}', '{$description}')";
[/code]

got this
INSERT INTO `customers` (name, type, phone, city, county, email, web, description) VALUES ('', '', '', '', '', '', '', '')
still inserting blanks...

[code]      <p align="left"><form action="../insert.php" method="post">
        <p>Company Name:
          <input type="text" name="name">
          <br>
Company Type:
<input type="text" name="type">
<br>Phone:
          <input type="text" name="phone">
          <br>
City:
<input type="text" name="city">
<br>
County:

<input type="text" name="county">
<br>

E-mail: 
<input type="text" name="email">
<br>
Web:
<input type="text" name="web">
<br>
Company Description:
<textarea name="description" cols="50">Type your description here!</textarea>
<br>
<input type="Submit">
      </form></p>
[/code]
the form:
[code]
Input your information</h1>
      <p align="left"><form action="../insert.php" method="post">
        <p>Company Name:
          <input type="text" name="name">
          <br>
Company Type:
<input type="text" name="type">
<br>Phone:
          <input type="text" name="phone">
          <br>
City:
<input type="text" name="city">
<br>
County:
<input type="text" name="county">
<br>

E-mail: 
<input type="text" name="email">
<br>
Web:
<input type="text" name="web">
<br>
Company Description:
<textarea name="description" cols="50">Type your description here!</textarea>
<br>
<input type="Submit">
[/code]

the script:
[code]<?
$hostname="mysql.someserver.net";
$username="pass";
$password="word";
$dbname="database";
$usertable="table";
$name=$_POST['"name"'];
$type=$_POST['"type"'];
$phone=$_POST['"phone"'];
$city=$_POST['"city"'];
$county=$_POST['"county"'];
$email=$_POST['"email"'];
$web=$_POST['"web"'];
$description=$_POST['"description"'];

mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect to database! Please try again later.");
mysql_select_db($dbname);
$query = "INSERT INTO `customers` (name, type, phone, city, county, email, web, description) VALUES ('{$name}', '{$type}', '{$phone}', '{$city}', '{$county}', '{$email}', '{$web}', '{$description}')";
$result = mysql_query($query) or die(mysql_error());
echo $query;mysql_close();
[/code]

on the mysql forum this guy said that the variables were being lost somewhere and i could echo somewhere earlier, but i dont know where...all that i have is the query and the result...should i echo the result also? or would that do nothing....ill try before you say anything...

by the way, thanks for all of the help.
ok i dont know what i did...

i thought that i had tried all combinations of everything, but i was just adding and deleting and it came up...

i will post the code.

the form i didnt change at all...

the script:
[code]<?
$hostname="mysql.someserver.net";
$username="pass";
$password="word";
$dbname="database";
$usertable="table";
$name=$_POST['name'];
$type=$_POST['type'];
$phone=$_POST['phone'];
$city=$_POST['city'];
$county=$_POST['county'];
$email=$_POST['email'];
$web=$_POST['web'];
$description=$_POST['description'];

mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect to database! Please try again later.");
mysql_select_db($dbname);
$query = "INSERT INTO `customers` (name, type, phone, city, county, email, web, description) VALUES ('{$name}', '{$type}', '{$phone}', '{$city}', '{$county}', '{$email}', '{$web}', '{$description}')";
$result = mysql_query($query) or die(mysql_error());
echo $query;mysql_close();
?>
[/code]
please tell me what i did.....

thanks again for all of the help! ;D
also, i am planning to password protect the entire directory that the form resides in with  .htaccess... i am using this to allow my prospective clients to upload their information themselves.  that way i wouldnt have to really do anything. 

the question i have in regards to this is: should i put some code in there to prevent an injection attack?  they will all be customers of mine, and it will  be password protected.

another question...can i use a list/menu box instead of the normal text box?
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.