affordit Posted January 15, 2008 Share Posted January 15, 2008 I use the code below to verify fields are not empty and then insert the data into the proper tables. The insert worked fine untill I added the code at the top to verify that the fields where not empty. Now when I run it it inserts everything EXCEPT "SPHONE", "CATEGORY", "UPC", AND "BRAND". Can someone see somthing I can't? <?php $bname=$_POST['bname']; if (empty($bname)) { echo"<a href='addproducts.php'>Enter Your Store Name</a>"; exit(); // stop exec here } $sphone=$_POST['sphone']; if (empty($sphone)) { echo"<a href='addproducts.php'>Enter Your Store Phone</a>"; exit(); // stop exec here } $category=$_POST['category']; if (empty($category)) { echo"<a href='addproducts.php'>Enter a Category</a>"; exit(); // stop exec here } $brand=$_POST['brand']; if (empty($brand)) { echo"<a href='addproducts.php'>Enter a Brand</a>"; exit(); // stop exec here } if (isset($_POST['bname']) &&!empty($_POST['bname'])&& isset($_SESSION['sphone']) &&!empty($_SESSION['sphone'])&& isset($_POST['category']) &&!empty($_POST['category'])&& isset($_POST['brand']) &&!empty($_POST['brand']) ) // don't worry about ID, it is checked for numeric ONLY $bname=mysql_real_escape_string($bname) ; $sphone=mysql_real_escape_string($sphone) ; $category=mysql_real_escape_string($category) ; $brand=mysql_real_escape_string($brand) ; include("k_falls_dbinfo2.inc.php"); mysql_connect(mysql,$username,$password); @mysql_select_db($database) or die( "Unable to select database"); $query = "INSERT INTO products VALUES ('','$bname','$sphone','$category','$upc','$brand','$model','$description','$extra','$price','$website')"; mysql_query($query); # if the user submitted a CATEGORY if( isset($category) ) { # get the user id $id = mysql_insert_id( ); # and insert the CATEGORY details $query = "INSERT INTO categories VALUES ('','$category')"; mysql_query($query); } if( isset($brand) ) { # get the user id $id = mysql_insert_id( ); $query = "INSERT INTO brands VALUES ('','$brand')"; $result = mysql_query( $query ); } mysql_free_result( $result ); mysql_close(); // ----------------------------- (header("location: addproducts.php")); if($result) { echo "Your information has been successfully added to the database."; } else { echo"hmm I sc...up!"; } ?> <edit> fixed a {} </edit> Quote Link to comment Share on other sites More sharing options...
adam291086 Posted January 15, 2008 Share Posted January 15, 2008 you haven't posted any code Quote Link to comment Share on other sites More sharing options...
affordit Posted January 15, 2008 Author Share Posted January 15, 2008 Sorry got ahead of myself Quote Link to comment Share on other sites More sharing options...
revraz Posted January 15, 2008 Share Posted January 15, 2008 You should be getting a mysql error saying it can't perform a mysql_real_escape_string before you connect to the DB. Also, you are checking if the fields are empty twice, why? Quote Link to comment Share on other sites More sharing options...
affordit Posted January 15, 2008 Author Share Posted January 15, 2008 Not sure I was helped by a friend that knows a little more than I do. Is there a way to fix it Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.