OilSheikh Posted April 28, 2007 Share Posted April 28, 2007 Hi, This is the code for a Returns form where I am trying to implement these validations: 1. Check if fields aint empty 2. Check if SESSION_username = username from Customer table and get customer ID use that Customer ID to look up Orders table and find if the ORDER NO. that has been entered is = an order no. in the Orders table i.e. see if the oder no. entered was actually an order placed by the user b4 * Customer table has cust id and username. Order table has only cust ID. returns table will store username from Session so that it can display each user's individual returns. Here's the code of returns.php <?php session_start(); if(!session_is_registered(usern)) { header("location:home.php"); } include("menu.php"); include("SQL.php"); $sql = mysql_query("SELECT * FROM returns WHERE username = '$_SESSION[usern]'") or die(mysql_error()); ######### CHECKS THAT FIELDS ARE NOT EMPTY ########## if (isset($_POST ['submit'])) { if (!$_POST ['orderno'] | !$_POST ['pid'] | !$_POST ['reason'] | !$_POST ['details'] ) { die ('<br><br><br><font face="Verdana" size="4" color = red>ERROR: Please make sure that all Information is provided.</font> <br><br> <input type="button" value=" Retry " onClick="history.go(-1)"> '); } ######### CHECK THAT ORDER NO. IS VALID FOR THIS USER ########## $check = mysql_query(" SELECT o.orderno, o.custid, c.custid, c.username FROM order o, customer c WHERE '".$_POST['orderno']."' = o.orderno AND '$_SESSION[usern]' = c.username AND c.custid = o.custid ") or die(mysql_error()); $check2 = mysql_num_rows($check); if ($check2 !=0) { $sql = mysql_query(" UPDATE returns SET orderno='".$_POST['orderno']."', productid= '".$_POST['pid']."', reason= '".$_POST['reason']."' , details='".$_POST['details']."', username = '$_SESSION[usern]' ") or die(mysql_error()); echo '<font face="Verdana" size="4" color = red>Your Returns Request has been submittted. You should hear from us soon.</font>'; } else { die ('<br><br><br><font face="Verdana" size="4" color = red>ERROR: The Order Number that you have entered is not an Order placed by you.</font> <br><br> <input type="button" value=" Retry " onClick="history.go(-1)"> '); } } else { ?> <html> <head> <title>Your Account</title> <link rel="stylesheet" href="styler.css"> </head> <body> <br><br><br> <h1>MY ACCOUNT</h1> <table border="0" width="101%" cellspacing="0" id="table1" bordercolorlight="#0066FF" height="130" cellpadding="0"> <tr> <td width="741" height="27" colspan="2"> <a href="acc.php"><img border="0" src="det.jpg"></a> <a href="orders.php"> <img border="0" src="ord.jpg"></a> <a href="returns.php"> <img border="0" src="ret2.jpg"></a></td> </tr> </table> <h3> <u>Returns Requests made by you</u></h3> <table width="475" border="1" cellspacing="0" cellpadding="3"> <tr> <td width="123">Returns Number</td> <td width="108">Order Number</td> <td width="108">Product ID</td> <td width="112">Return Status</td> </tr> <?php while($rows=mysql_fetch_array($sql)){ ?> <tr> <td><? printf ("%04d", $rows['returnno']);?></td> <td><? echo $rows['orderno']; ?></td> <td><? echo $rows['productid']; ?></td> <td><? echo $rows['status']; ?></td> </tr> <?php } ?> </table> <br> <br> <h3> <u>Return an Item</u></h3> <br> <i>Please ensure that you provide all Information. Submit only ONE item at a time.</i> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <table border="0" width="84%" cellspacing="0" id="table1" bordercolorlight="#0066FF" height="318" cellpadding="0"> <tr> <td width="150" height="48" bgcolor="#DDDDDD">Order Number</td> <td height="48" width="432" bgcolor="#DDDDDD"><input type = "text" name = "orderno" size="34" maxlength ="4" style = "color:blue"></td> </tr> <tr> <td width="150" height="47" bgcolor="#DDDDDD">Product ID</td> <td height="47" width="432" bgcolor="#DDDDDD"><input type = "text" name = "pid" size="34" maxlength = "4" style = "color:blue"></td> </tr> <tr> <td width="150" height="47" bgcolor="#DDDDDD">Reason for Return</td> <td height="47" width="432" bgcolor="#DDDDDD"> <select name = "reason" size = "1" style = "color:blue"> <option value = "Faulty">Faulty</option> <option value = "DOA">Dead on Arrival</option> <option value = "Damaged">Damaged by Courier</option> </select> </td> </tr> <tr> <td width="150" bgcolor="#DDDDDD" height="108">Additional Details</td> <td width="432" bgcolor="#DDDDDD" height="108"> <textarea cols = "29" rows = "6" name = "details" style = "color:blue"></textarea></td> </tr> <tr> <td colspan="2" height="43"> *Please read our Returns Terms and Conditions before Submitting a Returns Request.</td> </tr> <tr> <td width="150" bgcolor="#FFFFFF"> </td> <td width="432" bgcolor="#FFFFFF"> <input type = "submit" name = "submit" value = " Submit "></tr> </table> </form> <br><br> </p> </body> <?php include("base.php"); ?> </html> <?php } ?> Can someone plz tell me why Form Data not stored into Database . I need it working urgently. Plz help guys. Quote Link to comment https://forums.phpfreaks.com/topic/49034-form-data-not-stored-in-database/ Share on other sites More sharing options...
MadTechie Posted April 28, 2007 Share Posted April 28, 2007 at first sight <?php $sql = mysql_query("SELECT * FROM returns WHERE username = '{$_SESSION['usern']}'") ?> <?php $sql = mysql_query(" UPDATE returns SET orderno='".$_POST['orderno']."', productid= '".$_POST['pid']."', reason= '".$_POST['reason']."' , details='".$_POST['details']."', username = '{$_SESSION['usern']}' ")?> <?php $check = mysql_query(" SELECT o.orderno, o.custid, c.custid, c.username FROM order o, customer c WHERE '".$_POST['orderno']."' = o.orderno AND '{$_SESSION['usern']}' = c.username AND c.custid = o.custid ") Quote Link to comment https://forums.phpfreaks.com/topic/49034-form-data-not-stored-in-database/#findComment-240218 Share on other sites More sharing options...
tauchai83 Posted April 28, 2007 Share Posted April 28, 2007 what error message you get? more likely is syntax error. Why don you assign $_SESSION[usern] to a new variable to make urself convenience? <?php $user=$_SESSION[usern]; $sql = mysql_query("SELECT * FROM returns WHERE username = '$user' ") try echo it out first to see what you get. ?> Quote Link to comment https://forums.phpfreaks.com/topic/49034-form-data-not-stored-in-database/#findComment-240219 Share on other sites More sharing options...
MadTechie Posted April 28, 2007 Share Posted April 28, 2007 PLEASE DON'T DOUBLE POST!!! Quote Link to comment https://forums.phpfreaks.com/topic/49034-form-data-not-stored-in-database/#findComment-240223 Share on other sites More sharing options...
OilSheikh Posted April 29, 2007 Author Share Posted April 29, 2007 Sorry about the double posting. Thats what happens when you are coding till 4 am ! :'( This is the error that I get: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order o, customer c WHERE '' = o.orderno AND 'mona' = c.username AND c' at line 2 *mona is the user who is logged in, i.e. her username. Any solutions, guys? ??? Quote Link to comment https://forums.phpfreaks.com/topic/49034-form-data-not-stored-in-database/#findComment-240737 Share on other sites More sharing options...
trq Posted April 29, 2007 Share Posted April 29, 2007 Do yourself a favor and save your queries to a local variable (eg $sql) then print that to the screen to see whats up. Looks to me like $_POST['orderno'] is empty, but its pretty hard to tell without some basic debugging in place. Quote Link to comment https://forums.phpfreaks.com/topic/49034-form-data-not-stored-in-database/#findComment-240740 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.