gabbymiles

Jacques1, thanks you are right, I just used $I and got duplicate ID error where increment wasn't working. However Mc_gyver saw this coming so I will need to change how I approach that. Thanks Mc_gyver. Now it is updating and emailing. Another Issue: Error handling is working on the front end and stripping "less than" symbol from string in the email, it is passing through to MySQL. Any ideas why error handling isn't stopping this. Again, I do realize updating to newer code would make it easier on myself and I will get to it but again, need a quick fix for the moment. Thanks again. Here is the updated code. (I know its ugly, but im trying) <?php error_reporting(E_ALL); ini_set('display_errors', 1); // Functions to filter user inputs function filterName($field) { // Sanitize user name $field = filter_var(trim($field), FILTER_SANITIZE_STRING); // Validate user name if(filter_var($field, FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>"/^[a-zA-Z\s]+/")))){ return $field; } else { return FALSE; } } function filterEmail($field) { // Sanitize e-mail address $field = filter_var(trim($field), FILTER_SANITIZE_EMAIL); // Validate e-mail address if(filter_var($field, FILTER_VALIDATE_EMAIL)){ return $field; } else { return FALSE; } } function filterString($field) { // Sanitize string $field = filter_var(trim($field), FILTER_SANITIZE_STRING); if(!empty($field)){ return $field; } else { return FALSE; } } // Define variables and initialize with empty values $txtaddressErr = ""; $txtmainErr = ""; $txtsubjectErr = ""; $txttitle2Err = ""; $txtbusinesstitleErr = ""; $txtaddress2Err =""; $txtaddress = ""; $txtmain = ""; $txtsubject = ""; $txttitle2 = ""; $txtbusinesstitle = ""; $txtaddress2 = ""; if($_SERVER["REQUEST_METHOD"] == "POST"){ // Processing form data when form is submitted include ("connect.php"); if(isset($_POST['submit'])){ // Validate user Keywords if(empty($_POST["txtaddress"])){ $txtaddressErr = 'Please enter your Keywords.'; } else { $txtaddress = filterName($_POST["txtaddress"]); if($txtaddress == FALSE){ $txtaddressErr = 'Please enter a valid Keywords.'; } } // Validate email address if(empty($_POST["txtmain"])){ $txtmainErr = 'Please enter your email address.'; } else { $txtmain = filterEmail($_POST["txtmain"]); if($txtmain == FALSE){ $txtmainErr = 'Please enter a valid email address.'; } } // Validate need if(empty($_POST["txtsubject"])){ $txtsubjectErr = 'Please enter your need.'; } else { $txtsubject = filterName($_POST["txtsubject"]); if($txtsubject == FALSE){ $txtsubjectErr = 'Please enter a need.'; } } // Validate Industry if(empty($_POST["txtaddress2"])){ $txtaddress2Err = "Please enter an Industry"; } else { $txtaddress2 = filterName($_POST["txtaddress2"]); if($txtaddress2 == FALSE){ $txtaddress2Err = 'Please enter an Industry.'; } } // Validate user offer if(empty($_POST["txttitle2"])){ $txttitle2Err = 'Please enter your offer.'; } else { $txttitle2 = filterName($_POST["txttitle2"]); if($txttitle2 == FALSE){ $txttitle2Err = 'Please enter a valid offer.'; } } // Validate user name if(empty($_POST["txtbusinesstitle"])){ $txtbusinesstitleErr = 'Please enter your name.'; } else { $txtbusinesstitle = filterName($_POST["txtbusinesstitle"]); if($txtbusinesstitle == FALSE){ $txtbusinesstitleErr = 'Please enter a valid name.'; } } $stuid = mysql_real_escape_string($_POST['txtid']); $address=preg_replace("/[^\`a-z,. \'\-\d]/i", "", $txtaddress); $address = mysql_real_escape_string($_POST['txtaddress']); $sub = mysql_real_escape_string($_POST['txtsubject']); $date = mysql_real_escape_string($_POST['txtdate']); $main = mysql_real_escape_string($_POST['txtmain']); $title2 = mysql_real_escape_string($_POST['txttitle2']); $address2 = mysql_real_escape_string($_POST['txtaddress2']); $agentid = mysql_real_escape_string($_POST['txtagentid']); $businesstitle = mysql_real_escape_string($_POST['txtbusinesstitle']); if(isset($_POST['submit'])){ include ("connect.php"); if(empty($txtaddressErr) && empty($txtmainErr) && empty($txttitle2Err) && empty($txsubject2Err) && empty($txtaddress2Err) && empty($txtbusinesstitleErr)){ $i = mysql_query( "INSERT INTO `unaction_partner`.`tbl_student` (`stuid`, `address`, `sub`, `date`, `main`, `title2`, `address2`, `agentid`, `businesstitle`) VALUES ('".$stuid."','".$address."','".$sub."','".$date."','".$main."','".$title2."','".$address2."','".$agentid."','".$businesstitle."')"); if ($i === TRUE){ echo "Success"; } else { echo('Error: ' . mysql_error()); } } // Check input errors before sending email if(empty($txtaddressErr) && empty($txtmainErr) && empty($txttitle2Err) && empty($txsubject2Err) && empty($txtaddress2Err) && empty($txtbusinesstitleErr)){ // Recipient email address $to = 'myemail@domain.org'; // Create email headers $headers = 'From: '. $txtmain . "\r\n" . 'Reply-To: '. $txtmain . "\r\n" . 'X-Mailer: PHP/' . phpversion(); // Sending email if(mail($to, $txtsubject, $txttitle2, $headers)){ echo '<p class="success">Your message has been sent successfully!</p>'; } }} } } // } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Contact Form</title> <style type="text/css"> .error{ color: red; } .success{ color: green; } </style> </head> <body> <div id=""> <table width="100%" border="0"> <?php $businesstitle= isset($row['businesstitle']) ? $row['businesstitle'] : ''; ?> <form method="post" action=""> <tr> <?php include ("connect.php"); $g = mysql_query("select max(stuid) from tbl_student"); while($id=mysql_fetch_array($g)) { ?> <td width="26%"> </td> <td width="74%"><input type="hidden" name="txtid" value="<?php echo $id[0]+1; ?>" readonly="readonly" /></td> </tr> <? } ?> <tr> <td><label for="txtaddress">Keywords:^*</label></td> <td><textarea cols="30px" rows="3" name="txtaddress" placeholder="Tip-Include Industry Name, Topic and City to Improve Search Standing" /><?php echo $txtaddress; ?> </textarea> <span class="error"><?php echo $txtaddressErr; ?></span></td> </tr> <tr> <td><label for="txtsubject2">Need:</label></td> <td><input name="txtsubject" type="text" id="txtsubject" value="<?php echo $txtsubject; ?>"> <span class="error"><?php echo $txtsubjectErr; ?></span></td> </tr> <tr> <td>Offer:^*</td> <td><textarea name="txttitle2" id="Comment" rows="5" cols="30"><?php echo $txttitle2; ?></textarea> <span class="error"><?php echo $txttitle2Err; ?></span></td> </tr> <tr> <td><label for="txtbusinesstitle">Your Name:</label></td> <td><input name="txtbusinesstitle" type="text" id="txtbusinesstitle" value="<?php echo $txtbusinesstitle; ?>"> <span class="error"><?php echo $txtbusinesstitleErr; ?></span></td> </tr> <tr> <td><label for="txtaddress2">Industry:</label></td> <td><input name="txtaddress2" type="text" id="txtaddress2" value="<?php echo $txtaddress2; ?>" placeholder="One Industry Name" /> <span class="error"><?php echo $txtaddress2Err; ?></span></td> </tr> <tr> <td><label for="txtmain">Email:^*</label></td> <td><input type="text" name="txtmain" id="txtmain" value="<?php echo $_SESSION['email']; ?>"> <span class="error"><?php echo $txtmainErr; ?></span></td> </tr> <tr> <td>Register Date</td> <td><input type="text" name="txtdate" value="<?php echo date("d/M/Y"); ?>" readonly="readonly" /></td> </tr> <tr> <td></td> <td><input type="hidden" name="txtagentid" placeholder="Type Name" /> <input type="hidden" name="txtmember" /></td> </tr> <tr> <td><input type="submit" name="submit" value="Send"></td> <td><input type="reset" value="Reset"></td> </tr> </form> </table> </div> </body> </html>

Jacques1, it came from my connection code. <?php error_reporting(E_ALL); ini_set('display_errors', 1); $con = mysql_connect("localhost","mydb","user") or die (mysql_error()); mysql_select_db ("mydb", $con); //echo "Connected"; ?> I'll just use $I and see.

ok Mac_gyver, I called the MySQL output however i'm sure it isn't correct. I coded it the best I could. I'm getting an error. Fatal error: Call to a member function query() on a non-object in /home/unaction/public_html/partnerupby2.com/post.php on line 141 line 41 starts at if ($con->query($... if(isset($_POST['submit'])){ include ("connect.php"); $i = mysql_query( "INSERT INTO `unaction_partner`.`tbl_student` (`stuid`, `address`, `sub`, `date`, `main`, `title2`, `address2`, `agentid`, `businesstitle`) VALUES ('".$stuid."','".$address."','".$sub."','".$date."','".$main."','".$title2."','".$address2."','".$agentid."','".$businesstitle."')"); if ($con->query($i) === TRUE){ echo "Success"; } else { echo('Error: ' . mysql_error()); }

Thanks Benamamen, If last resort I will, however if I could have someone review the code and point out what I'm missing. I'm happy to do the research and work. I'm just stuck at this point.

Thanks mac_gyver, I tried different ways to no avail. No errors. I used the same MySQL query from another working page. (just MySQL insert, not both insert and email). Any more ideas?

OK here is what I did. (sill not working bty) 1. Defined Err variables with ""'; 2. Removed duplicate submit and include 3. Used escape string 4. Cleaned up indention to the best of my limited knowledge. Below is the updated code. Again: 1. error functions work (nothing pass if form is not properly filled out) 2. if form is filled out correctly, the email sends however database insert does not work. 3. if I remove error and email functions, database insert work. <?php error_reporting(E_ALL); ini_set('display_errors', 1); // Functions to filter user inputs function filterName($field) { // Sanitize user name $field = filter_var(trim($field), FILTER_SANITIZE_STRING); // Validate user name if(filter_var($field, FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>"/^[a-zA-Z\s]+/")))){ return $field; } else { return FALSE; } } function filterEmail($field) { // Sanitize e-mail address $field = filter_var(trim($field), FILTER_SANITIZE_EMAIL); // Validate e-mail address if(filter_var($field, FILTER_VALIDATE_EMAIL)){ return $field; } else { return FALSE; } } function filterString($field) { // Sanitize string $field = filter_var(trim($field), FILTER_SANITIZE_STRING); if(!empty($field)){ return $field; } else { return FALSE; } } // Define variables and initialize with empty values $txtaddressErr = ""; $txtmainErr = ""; $txtsubjectErr = ""; $txttitle2Err = ""; $txtbusinesstitleErr = ""; $txtaddress2Err =""; $txtaddress = ""; $txtmain = ""; $txtsubject = ""; $txttitle2 = ""; $txtbusinesstitle = ""; $txtaddress2 = ""; // Processing form data when form is submitted if(isset($_POST['submit'])){ include ("connect.php"); // Validate user Keywords if(empty($_POST["txtaddress"])){ $txtaddressErr = 'Please enter your Keywords.'; } else { $txtaddress = filterName($_POST["txtaddress"]); if($txtaddress == FALSE){ $txtaddressErr = 'Please enter a valid Keywords.'; } } // Validate email address if(empty($_POST["txtmain"])){ $txtmainErr = 'Please enter your email address.'; } else { $txtmain = filterEmail($_POST["txtmain"]); if($txtmain == FALSE){ $txtmainErr = 'Please enter a valid email address.'; } } // Validate need if(empty($_POST["txtsubject"])){ $txtsubjectErr = 'Please enter your need.'; } else { $txtsubject = filterString($_POST["txtsubject"]); if($txtsubject == FALSE){ $txtsubjectErr = 'Please enter a need.'; } } // Validate Industry if(empty($_POST["txtaddress2"])){ $txtaddress2Err = "Please enter an Industry"; } else { $txtaddress2 = filterString($_POST["txtaddress2"]); if($txtaddress2 == FALSE){ $txtaddress2Err = 'Please enter an Industry.'; } } // Validate user offer if(empty($_POST["txttitle2"])){ $txttitle2Err = 'Please enter your offer.'; } else { $txttitle2 = filterString($_POST["txttitle2"]); if($txttitle2 == FALSE){ $txttitle2Err = 'Please enter a valid offer.'; } } // Validate user name if(empty($_POST["txtbusinesstitle"])){ $txtbusinesstitleErr = 'Please enter your name.'; } else { $txtbusinesstitle = filterString($_POST["txtbusinesstitle"]); if($txtbusinesstitle == FALSE){ $txtbusinesstitleErr = 'Please enter a valid name.'; } } // Check input errors before sending email if(empty($txtaddressErr) && empty($txtmainErr) && empty($txttitle2Err)){ // Recipient email address $to = 'myemail@domain.org'; // Create email headers $headers = 'From: '. $txtmain . "\r\n" . 'Reply-To: '. $txtmain . "\r\n" . 'X-Mailer: PHP/' . phpversion(); // Sending email if(mail($to, $txtsubject, $txttitle2, $headers)){ echo '<p class="success">Your message has been sent successfully!</p>'; $stuid = mysql_real_escape_string($_POST['txtid']); $address = mysql_real_escape_string($_POST['txtaddress']); $sub = mysql_real_escape_string($_POST['txtsubject']); $date = mysql_real_escape_string($_POST['txtdate']); $main = mysql_real_escape_string($_POST['txtmain']); $title2 = mysql_real_escape_string($_POST['txttitle2']); $address2 = mysql_real_escape_string($_POST['txtaddress2']); $agentid = mysql_real_escape_string($_POST['txtagentid']); $businesstitle = mysql_real_escape_string($_POST['txtbusinesstitle']); $i = mysql_query( "INSERT INTO `unaction_partner`.`tbl_student` (`stuid`, `address`, `sub`, `date`, `main`, `title2`, `address2`, `agentid`, `businesstitle`) VALUES ('".$stuid."','".$address."','".$sub."','".$date."','".$main."','".$title2."','".$address2."','".$agentid."','".$businesstitle."')"); } } } // } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Contact Form</title> <style type="text/css"> .error{ color: red; } .success{ color: green; } </style> </head> <body> <div id=""> <table width="100%" border="0"> <?php $businesstitle= isset($row['businesstitle']) ? $row['businesstitle'] : ''; ?> <form method="post" action=""> <tr> <?php //include ("connect.php"); $g = mysql_query("select max(stuid) from tbl_student"); while($id=mysql_fetch_array($g)) ?> <td width="26%"> </td> <td width="74%"><input type="hidden" name="txtid" value="<?php echo $id[0]+1; ?>" readonly="readonly" /></td> </tr> <tr> <td><label for="txtaddress">Keywords:^*</label></td> <td><textarea cols="30px" rows="3" name="txtaddress" placeholder="Tip-Include Industry Name, Topic and City to Improve Search Standing" /></textarea> <span class="error"><?php echo $txtaddressErr; ?></span></td> </tr> <tr> <td><label for="txtsubject2">Need:</label></td> <td><input type="text" name="txtsubject" id="txtsubject"> <span class="error"><?php echo $txtsubjectErr; ?></span></td> </tr> <tr> <td>Offer:^*</td> <td><textarea name="txttitle2" id="Comment" rows="5" cols="30"></textarea> <span class="error"><?php echo $txttitle2Err; ?></span></td> </tr> <tr> <td><label for="txtbusinesstitle">Your Name:</label></td> <td><input type="text" name="txtbusinesstitle" id="txtbusinesstitle"> <span class="error"><?php echo $txtbusinesstitleErr; ?></span></td> </tr> <tr> <td><label for="txtaddress2">Industry:</label></td> <td><input type="text" name="txtaddress2" id="txtaddress2" placeholder="One Industry Name" /> <span class="error"><?php echo $txtaddress2Err; ?></span></td> </tr> <tr> <td><label for="txtmain">Email:^*</label></td> <td><input type="text" name="txtmain" id="txtmain" value="<?php echo $_SESSION['email']; ?>"> <span class="error"><?php echo $txtmainErr; ?></span></td> </tr> <tr> <td>Register Date</td> <td><input type="text" name="txtdate" value="<?php echo date("d/M/Y"); ?>" readonly="readonly" /></td> </tr> <tr> <td></td> <td><input type="hidden" name="txtagentid" placeholder="Type Name" /> <input type="hidden" name="txtmember" /></td> </tr> <tr> <td><input type="submit" name="submit" value="Send"></td> <td><input type="reset" value="Reset"></td> </tr> </form> </table> </div> </body> </html>

I am attempting to post data to database and send email. code works separately with only email submit or database insert but combining actions are giving me fits. The combined code does send email, however does not insert into MySQL. Also, I am looking at updating code as this is old, however need this running now. Thanks in advance. Here is my code. <?php //error_reporting(E_ALL); //ini_set('display_errors', 1); // Functions to filter user inputs function filterName($field){ // Sanitize user name $field = filter_var(trim($field), FILTER_SANITIZE_STRING); // Validate user name if(filter_var($field, FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>"/^[a-zA-Z\s]+/")))){ return $field; }else{ return FALSE; } } function filterEmail($field){ // Sanitize e-mail address $field = filter_var(trim($field), FILTER_SANITIZE_EMAIL); // Validate e-mail address if(filter_var($field, FILTER_VALIDATE_EMAIL)){ return $field; }else{ return FALSE; } } function filterString($field){ // Sanitize string $field = filter_var(trim($field), FILTER_SANITIZE_STRING); if(!empty($field)){ return $field; }else{ return FALSE; } } // Define variables and initialize with empty values $txtaddressErr = $txtmainErr = $txtsubjectErr = $txttitle2Err = $txtbusinesstitleErr = $txtaddress2Err =""; $txtaddress = $txtmain = $txtsubject = $txttitle2 = $txtbusinesstitle = $txtaddress2 = ""; // Processing form data when form is submitted if(isset($_POST['submit'])){ include ("connect.php"); // Validate user name if(empty($_POST["txtaddress"])){ $txtaddressErr = 'Please enter your Keywords.'; }else{ $txtaddress = filterName($_POST["txtaddress"]); if($txtaddress == FALSE){ $txtaddressErr = 'Please enter a valid Keywords.'; } } // Validate email address if(empty($_POST["txtmain"])){ $txtmainErr = 'Please enter your email address.'; }else{ $txtmain = filterEmail($_POST["txtmain"]); if($txtmain == FALSE){ $txtmainErr = 'Please enter a valid email address.'; } } // Validate need if(empty($_POST["txtsubject"])){ $txtsubjectErr = 'Please enter your need.'; }else{ $txtsubject = filterString($_POST["txtsubject"]); if($txtsubject == FALSE){ $txtsubjectErr = 'Please enter a need.'; } } // Validate message subject if(empty($_POST["txtaddress2"])){ $txtaddress2Err = "Please enter an Industry"; }else{ $txtaddress2 = filterString($_POST["txtaddress2"]); if($txtaddress2 == FALSE){ $txtaddress2Err = 'Please enter an Industry.'; } } // Validate user comment if(empty($_POST["txttitle2"])){ $txttitle2Err = 'Please enter your offer.'; }else{ $txttitle2 = filterString($_POST["txttitle2"]); if($txttitle2 == FALSE){ $txttiele2Err = 'Please enter a valid offer.'; } } // Check input errors before sending email if(empty($txtaddressErr) && empty($txtmainErr) && empty($txttitle2Err)){ // Recipient email address $to = 'myemail@domain.org'; // Create email headers $headers = 'From: '. $txtmain . "\r\n" . 'Reply-To: '. $txtmain . "\r\n" . 'X-Mailer: PHP/' . phpversion(); // Sending email if(mail($to, $txtsubject, $txttitle2, $headers)){ echo '<p class="success">Your message has been sent successfully!</p>'; $stuid = $_POST['txtid']; $address = trim($_POST['txtaddress']); $sub = trim($_POST['txtsubject']); $date = trim($_POST['txtdate']); $main = trim($_POST['txtmain']); $title2 = trim($_POST['txttitle2']); $address2 = trim($_POST['txtaddress2']); $agentid = trim($_POST['txtagentid']); $businesstitle = trim($_POST['txtbusinesstitle']); if(isset($_POST['submit'])){ include ("connect.php"); $i = mysql_query( "INSERT INTO `unaction_partner`.`tbl_student` (`stuid`, `address`, `sub`, `date`, `main`, `title2`, `address2`, `agentid`, `businesstitle`) VALUES ('".$stuid."','".$address."','".$sub."','".$date."','".$main."','".$title2."','".$address2."','".$agentid."','".$businesstitle."')"); } } } } // } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Contact Form</title> <style type="text/css"> .error{ color: red; } .success{ color: green; } </style> </head> <body> <div id=""> <table width="100%" border="0"> <?php $businesstitle= isset($row['businesstitle']) ? $row['businesstitle'] : ''; ?> <form method="post" action=""> <tr> <?php include ("connect.php"); $g = mysql_query("select max(stuid) from tbl_student"); while($id=mysql_fetch_array($g)) ?> <td width="26%"> </td> <td width="74%"><input type="hidden" name="txtid" value="<?php echo $id[0]+1; ?>" readonly="readonly" /></td> </tr> <tr> <td><label for="txtaddress">Keywords:^*</label></td> <td><textarea cols="30px" rows="3" name="txtaddress" placeholder="Tip-Include Industry Name, Topic and City to Improve Search Standing" /></textarea> <span class="error"><?php echo $txtaddressErr; ?></span></td> </tr> <tr> <td><label for="txtsubject2">Need:</label></td> <td><input type="text" name="txtsubject" id="txtzubject"> <span class="error"><?php echo $txtsubjectErr; ?></span></td> </tr> <tr> <td>Offer:^*</td> <td><textarea name="txttitle2" id="Comment" rows="5" cols="30"></textarea> <span class="error"><?php echo $txttitle2Err; ?></span></td> </tr> <tr> <td><label for="txtbusinesstitle2">Your Name:</label></td> <td><input type="text" name="txtbusinesstitle" id="txtbusinesstitle"> <span class="error"><?php echo $txtbusinesstitleErr; ?></span></td> </tr> <tr> <td>Industry:</td> <td><input type="text" name="txtaddress2" placeholder="One Industry Name" /> <span class="error"><?php echo $txtaddress2Err; ?></span></td> </tr> <tr> <td><label for="txtmain">Email:^*</label></td> <td><input type="text" name="txtmain" id="txtmain" value="<?php echo $_SESSION['email']; ?>"> <span class="error"><?php echo $txtmainErr; ?></span></td> </tr> <tr> <td>Register Date</td> <td><input type="text" name="txtdate" value="<?php echo date("d/M/Y"); ?>" readonly="readonly" /></td> </tr> <tr> <td></td> <td><input type="hidden" name="txtagentid" placeholder="Type Name" /> <input type="hidden" name="txtmember" /></td> </tr> <tr> <td><input type="submit" name="submit" value="Send"></td> <td><input type="reset" value="Reset"></td> </tr> </form> </table> </div> </body> </html>