simcoweb Posted April 17, 2007 Share Posted April 17, 2007 I have a form that, when no errors are present, is set to perform two functions. One is to insert the data into a database and the other is to email the results. Right now neither are happening even though I do not get an error message. The functions are contained in an 'include' file. Here's the code i'm using to execute the form parsing: <? include 'db_config.inc'; // make database connection $link = mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error()); mysql_select_db($dbname) or die(mysql_error()); // post our variables from the registration form $name = mysql_real_escape_string($_POST['name']); $phone = mysql_real_escape_string($_POST['phone']); $email = mysql_real_escape_string($_POST['email']); $facing_foreclosure = $_POST['name']; $referred_by = mysql_real_escape_string($_POST['referred_by']); $comments = mysql_real_escape_string($_POST['comments']); $today = date("F j, Y, g:i a"); // $secure = strtoupper(trim(strip_tags($_POST['secure']))); // $match = $_SESSION['secure']; // the code on the image $err = array(); // input error checking if ($name=="") { $err[] = "Please enter your name.<br/>"; } if ($phone==""){ $err[] = "Please enter your phone number.<br/>"; } if ($email=="") { $err[] = "Please provide your email address<br>"; } if ($email) { if (!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) { $err[] = $email. " is not a valid email address.<br/>"; } } if ($err=="") { // mail the results to admin send_ebook_mail(); // run the query ebook_insert(); } ?> The ebook_insert(); code is: <? // run our insert query if no errors and redirect to download page function ebook_insert() { // post variables global $name; global $phone; global $email; global $facing_foreclosure; global $referred_by; global $comments; global $today; $sql = "INSERT INTO ebook (name, phone, email, facing_foreclosure, referred_by, comments, date) VALUES ('$name', '$phone', '$email', '$facing_foreclosure', '$referred_by', '$comments', '$today')"; $results = mysql_query($sql) or die(mysql_error()); if (!$results){ header("Location: download.php?actionflag=registered"); exit(); } } ?> With my understanding of the basic premise, IF there's no errors reported in the form fields then it should run this function which would insert the data into the database. I didn't post the mail function simply because I feel that if I get this to work then the other will automatically work as it's probably something stupid that I don't know or didn't code properly ??? Thanks in advance! Quote Link to comment Share on other sites More sharing options...
boo_lolly Posted April 17, 2007 Share Posted April 17, 2007 how are you including the function.php page to the form? and do you have error_reporting set to E_ALL? Quote Link to comment Share on other sites More sharing options...
simcoweb Posted April 17, 2007 Author Share Posted April 17, 2007 It's this line at the top of my first post: include 'db_config.inc'; Which includes a whole host of stuff including a bunch of functions i'm summoning up. Quote Link to comment Share on other sites More sharing options...
boo_lolly Posted April 17, 2007 Share Posted April 17, 2007 gotcha. check out this function: function_exists() and see what happens. and do you have error_reporting(E_ALL); at the top of your page? Quote Link to comment Share on other sites More sharing options...
simcoweb Posted April 17, 2007 Author Share Posted April 17, 2007 Ok, I ran that function to check the existence of the other two functions and both exist. So, apparently they are present....but why they aren't performing the code is the question ??? Quote Link to comment Share on other sites More sharing options...
boo_lolly Posted April 17, 2007 Share Posted April 17, 2007 try this: function ebook_insert($name, $phone, $email, $facing_foreclosure, $referred_by, $comments, $today) { $sql = "INSERT INTO ebook (name, phone, email, facing_foreclosure, referred_by, comments, date) VALUES ('$name', '$phone', '$email', '$facing_foreclosure', '$referred_by', '$comments', '$today')"; $results = mysql_query($sql) or die(mysql_error()); if (!$results){ header("Location: download.php?actionflag=registered"); exit(); } } and execute it like this: ebook_insert($name, $phone, $email, $facing_foreclosure, $referred_by, $comments, $today); Quote Link to comment Share on other sites More sharing options...
boo_lolly Posted April 17, 2007 Share Posted April 17, 2007 also, are you checking your database, or are you just checking to see if the page redirects? because i think the logic is wrong in your if/header inside your function, but i could be wrong. Quote Link to comment Share on other sites More sharing options...
simcoweb Posted April 17, 2007 Author Share Posted April 17, 2007 Bummer, that didn't work. It's not inserting the data. But in the same token it's not producing an error either. Here's the code I have now for the function that's contained in the include file: <? // run our insert query if no errors and redirect to download page function ebook_insert($name, $phone, $email, $facing_foreclosure, $referred_by, $comments, $today) { // post variables $sql = "INSERT INTO ebook (name, phone, email, facing_foreclosure, referred_by, comments, date) VALUES ('$name', '$phone', '$email', '$facing_foreclosure', '$referred_by', '$comments', '$today')"; $results = mysql_query($sql) or die(mysql_error()); if ($results){ header("Location: download.php?actionflag=registered"); exit(); } } ?> Quote Link to comment Share on other sites More sharing options...
simcoweb Posted April 17, 2007 Author Share Posted April 17, 2007 Actually i'm checking both. The priority check is the database. No records have been inserted. Once I figure that out i'm sure i'll get the redirect done. But, if you spot an error there let me know. If we can get one of these two functions working then that would be encouraging. Thanks! Quote Link to comment Share on other sites More sharing options...
freakstyle Posted April 17, 2007 Share Posted April 17, 2007 hey there simcoweb, there's a few issues that are most likely the culprit in this. here's what i'd do to add some checks / fixes. first you're using mysql_real_escape_string() function with a missing resource link, see php.net/mysql_real_escape_string() for a more detailed explanation. so maybe your variables aren't being set, who knows? what you should do, is in your function ebook_insert(), follow boo_lolly's advice (but with one exception... ebook_insert($name, $phone, $email, $facing_foreclosure, $referred_by, $comments, $today); should be: ebook_insert($_POST['name']... (you don't need to use the mysql escape function really, its handy to used with a password validation function, but in general use you shouldn't need it. ) using post, is just getting you off of the old habit of relying on registered globals = on; this will be changing down the road so lets try to work with it. you could echo out the sql statement if there was an error in the function? good luck Quote Link to comment Share on other sites More sharing options...
boo_lolly Posted April 17, 2007 Share Posted April 17, 2007 try making your function global, like this: global function ebook_insert($name, $phone, $email, $facing_foreclosure, $referred_by, $comments, $today) { $sql = "INSERT INTO ebook (name, phone, email, facing_foreclosure, referred_by, comments, date) VALUES ('$name', '$phone', '$email', '$facing_foreclosure', '$referred_by', '$comments', '$today')"; $results = mysql_query($sql) or die(mysql_error()); if (!$results){ header("Location: download.php?actionflag=registered"); exit(); } } and see what happens. EDIT @freakstyle - i agree with pretty much everything except this: what you should do, is in your function ebook_insert(), follow boo_lolly's advice (but with one exception... ebook_insert($name, $phone, $email, $facing_foreclosure, $referred_by, $comments, $today); should be: ebook_insert($_POST['name']... the effect would be exactly the same. i think the cause is located elsewhere. Quote Link to comment Share on other sites More sharing options...
simcoweb Posted April 17, 2007 Author Share Posted April 17, 2007 hey there freakstyle. Thanks for the post! Couple of questions: 1. on the mysql_real_escape_string(), obviously I want to protect against some bozo abusing the form. What would I use in its place? Possibly stripslashes ? 2. The change in the function, would that be in defining the function or calling the function? Or both? Quote Link to comment Share on other sites More sharing options...
boo_lolly Posted April 17, 2007 Share Posted April 17, 2007 hey there freakstyle. Thanks for the post! Couple of questions: 1. on the mysql_real_escape_string(), obviously I want to protect against some bozo abusing the form. What would I use in its place? Possibly stripslashes ? 2. The change in the function, would that be in defining the function or calling the function? Or both? i would not use strip slashes. search google for 'php+sanitize function' and you'll find there are many ways of intrusion and protecting intrusion. it doesn't matter what you put as parameters for the function itself. they're just there to allow you to manipulate a specific parameter within the function. when you call the function itself, you can insert whatever you want. Quote Link to comment Share on other sites More sharing options...
simcoweb Posted April 17, 2007 Author Share Posted April 17, 2007 boo_lolly, I made that suggested change to this: <?php // run our insert query if no errors and redirect to download page global function ebook_insert($name, $phone, $email, $facing_foreclosure, $referred_by, $comments, $today) { $sql = "INSERT INTO ebook (name, phone, email, facing_foreclosure, referred_by, comments, date) VALUES ('$name', '$phone', '$email', '$facing_foreclosure', '$referred_by', '$comments', '$today')"; $results = mysql_query($sql) or die(mysql_error()); if ($results){ header("Location: download.php?actionflag=registered"); exit(); } } ?> All I did, actually,was add the word 'global' in front of the 'function'. In doing this it produced this error: Parse error: parse error, unexpected T_FUNCTION, expecting T_VARIABLE or '$' in /home/content/C/o/r/Corbaley8076/html/db_config.inc on line 353 Which is the 'global function insert_ebook(); line. Also, a quick note on the header/redirect. I think I may have misled you with the code you are using to post your changes as it states: if(!results) when it should be if($results). I changed it to (!results) to see if I could force the redirect if the insert query failed. Alas, it didn't do anything. That was to see if the query was failing but the redirect would succeed. If that was the case then it would isolate the query as the problem. However, neither are working. Quote Link to comment Share on other sites More sharing options...
simcoweb Posted April 17, 2007 Author Share Posted April 17, 2007 Ok, latest update. Basically I took all the function code and stuck it into the form page to see if the code was working. Everything chimes in just fine doing it that way. In other words, the query works (inserts the form data), and the mail works (sends me the results). Question is... WHY won't those work when I summon them as functions? Anyone? ??? Also, the redirect using the 'header' function is producing an error (premature blah blah) so if there's a better way to redirect to the results page then that would be a welcome site. Thanks! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.