I am trying to build a completely dynamic website that will automatically build the following line of information for me:

Static Version #1 - Works

$insertSQL = sprintf("INSERT INTO main (sid, serial, servername, manufacturer, model, type, cpuqty, cpuspeed, phymem, totaldisk, os, sp, builtby) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['sid'], "int"), GetSQLValueString($_POST['serial'], "string"), GetSQLValueString($_POST['servername'], "string"), GetSQLValueString($_POST['manufacturer'], "string"), GetSQLValueString($_POST['model'], "string"), GetSQLValueString($_POST['type'], "string"), GetSQLValueString($_POST['cpuqty'], "int"), GetSQLValueString($_POST['cpuspeed'], "int"), GetSQLValueString($_POST['phymem'], "int"), GetSQLValueString($_POST['totaldisk'], "int"), GetSQLValueString($_POST['os'], "string"), GetSQLValueString($_POST['sp'], "string"), GetSQLValueString($_POST['builtby'], "string"));


Dynamic - Version #2 - Displays Errors
"Warning: sprintf(): Too few arguments - Query was empty"


$insertSQL = sprintf("INSERT INTO main (".$headers.") VALUES (".$svalues.")", $sqlvalues);



I had the values of $headers, $svalues, and $sqlvalues printed below:

Headers:
sid, serial, servername, manufacturer, model, type, cpuqty, cpuspeed, phymem, totaldisk, os, sp, builtby

Svalues:
%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s

SQLValues:
GetSQLValueString($_POST['sid'], "int"), GetSQLValueString($_POST['serial'], "string"), GetSQLValueString($_POST['servername'], "string"), GetSQLValueString($_POST['manufacturer'], "string"), GetSQLValueString($_POST['model'], "string"), GetSQLValueString($_POST['type'], "string"), GetSQLValueString($_POST['cpuqty'], "int"), GetSQLValueString($_POST['cpuspeed'], "int"), GetSQLValueString($_POST['phymem'], "int"), GetSQLValueString($_POST['totaldisk'], "int"), GetSQLValueString($_POST['os'], "string"), GetSQLValueString($_POST['sp'], "string"), GetSQLValueString($_POST['builtby'], "string")

if your $sqlvalues string contains all the field-values, then you don't all the %s in $svalues.

You seem to be using printf for the sake of it, it's not really doing you much good...

if your $sqlvalues string contains all the field-values, then you don't all the %s in $svalues.

You seem to be using printf for the sake of it, it's not really doing you much good...


How would you format the line to insert the data into the database? the only reason I'm even fighting with this is because I created a static page using Dreamweaver and then tried to turn it into a dynamic page by rebuilding all of the lines of code dynamically. Since it was using printf(), I am using printf....

I don't know enough about it to know what I can take out and leave in...basically I just want all my data to be entered into the correct fields.

Bottom line: How would I do this without the %s's and without printf()?

You can continue to use sprintf()... I personally use it occasionally when there are a lot of parameters. However you could just build the string using the concantenation operator (".") but sprintf is fine to use.

Your error is probably because you have 13 "%s"s but only one replacement argument ($sqlvalues). Assuming $sqlvalues is an array, you can use list() to separate the elements... Assuming it's a string delimited by commas, you can use explode() to separate each string value.

You can continue to use sprintf()... I personally use it occasionally when there are a lot of parameters. However you could just build the string using the concantenation operator (".") but sprintf is fine to use.

Your error is probably because you have 13 "%s"s but only one replacement argument ($sqlvalues). Assuming $sqlvalues is an array, you can use list() to separate the elements... Assuming it's a string delimited by commas, you can use explode() to separate each string value.

If I use explode() to pull out several instances of the following line, how would I do that using explode when there is a comma in the middle of the data as well. in the example below you'll see one comma immediately after ['sid'] as well as after "int") .

I looked up the syntax for explode() and it appears as though I would use the following format:


$insertSQL = sprintf("INSERT INTO main (".$headers.") VALUES (".$svalues.")", explode(",", $sqlvalues);


GetSQLValueString($_POST['sid'], "int"),

I'm guessing in my case it would be safer to build an array and use list() instead. Would that be an accurate assumption?

Well actually I was mistaken regarding list(), it doesn't explode array elements. I'm not sure how you'd do that, actually.

I'm assuming you are building the value of $sqlvalues somewhere else? If this is the case, then simply use another delimiter rather than a comma to separate the strings. You could use three commas in a row, or a character you wouldn't ever use anywhere else, or 10 dashes in a row... just something unique.

Well actually I was mistaken regarding list(), it doesn't explode array elements. I'm not sure how you'd do that, actually.

I'm assuming you are building the value of $sqlvalues somewhere else? If this is the case, then simply use another delimiter rather than a comma to separate the strings. You could use three commas in a row, or a character you wouldn't ever use anywhere else, or 10 dashes in a row... just something unique.

Here is my code...and I apologize for not being able to apply your help very effectively. I'm only on my second week of using PHP and it's been a bumpy road trying to build this database insertion page. Half of the things you've said in the previous posts, I've had to spend several minutes looking up just to understand what was being said. What is so frustrating is that I can script just about anything I want in Perl and PHP seems to be just like it in a lot of ways, with only some very minor differences that keep making this task a nightmare.

Anyway, below is the entire section of code I'm working with. It shows you how I'm getting the data from the database and trying to use it to put the data into the database from the form.


<?php require_once('Connections/Sysadmin.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

// =======================================================
$dbtable="main";
mysql_select_db($dbname);
$querymain = mysql_query("select * from " . $dbtable);
$i=0;

if (!$querymain)
{
die($dbtable . "Query failed: " . mysql_error());
}

while ($i < mysql_num_fields($querymain))
{
$meta = mysql_fetch_field($querymain, $i);
if ($i <> 0)
{
$headers = $headers . ", ".$meta->name."";
$svalues = $svalues . ", %s";
$sqlvalues = $sqlvalues . ", GetSQLValueString(\$_POST['".$meta->name."'], \"".$meta->type."\")--";
}
else
{
$headers = "".$meta->name."";
$svalues = "%s";
$sqlvalues = "GetSQLValueString(\$_POST['".$meta->name."'], \"".$meta->type."\")--";
}
$i++;
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {

// The line immediately below gives me an error now as follows:
// Parse error: parse error, expecting `T_VARIABLE' or `'$'' in . . .
$insertSQL = sprintf("INSERT INTO main (".$headers.") VALUES (".$svalues.")", explode("--", $sqlvalues);

//Static $insertSQL Line that works...
//$insertSQL = sprintf("INSERT INTO main (sid, serial, servername, manufacturer, model, type, cpuqty, cpuspeed, phymem, totaldisk, os, sp, builtby) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['sid'], "int"), GetSQLValueString($_POST['serial'], "string"), GetSQLValueString($_POST['servername'], "string"), GetSQLValueString($_POST['manufacturer'], "string"), GetSQLValueString($_POST['model'], "string"), GetSQLValueString($_POST['type'], "string"), GetSQLValueString($_POST['cpuqty'], "int"), GetSQLValueString($_POST['cpuspeed'], "int"), GetSQLValueString($_POST['phymem'], "int"), GetSQLValueString($_POST['totaldisk'], "int"), GetSQLValueString($_POST['os'], "string"), GetSQLValueString($_POST['sp'], "string"), GetSQLValueString($_POST['builtby'], "string"));


mysql_select_db($dbname, $dbconnect);
$Result1 = mysql_query($insertSQL, $dbconnect) or die(mysql_error());

}

mysql_select_db($dbname, $dbconnect);
$query_Recordset1 = "SELECT * FROM main";
$Recordset1 = mysql_query($query_Recordset1, $dbconnect) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);

// The HTML form below will be built dynamically after fixing the above code.
// I did this to remove it as a variable from my issue at hand.
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>SysAdmin - Add Hardware</title>
</head>

<body>
<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
<table align="center">
<tr valign="baseline">
<td nowrap align="right">Sid:</td>
<td><input type="text" name="sid" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Servername:</td>
<td><input type="text" name="servername" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Manufacturer:</td>
<td><input type="text" name="manufacturer" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Model:</td>
<td><input type="text" name="model" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Type:</td>
<td><input type="text" name="type" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Cpuqty:</td>
<td><input type="text" name="cpuqty" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Cpuspeed:</td>
<td><input type="text" name="cpuspeed" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Phymem:</td>
<td><input type="text" name="phymem" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Totaldisk:</td>
<td><input type="text" name="totaldisk" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Os:</td>
<td><input type="text" name="os" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Sp:</td>
<td><input type="text" name="sp" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Builtby:</td>
<td><input type="text" name="builtby" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">Serial:</td>
<td><input type="text" name="serial" value="" size="32"></td>
</tr>
<tr valign="baseline">
<td nowrap align="right">&nbsp;</td>
<td><input type="submit" value="Insert record"></td>
</tr>
</table>
<input type="hidden" name="MM_insert" value="form1">
</form>

This line:

$sqlvalues = $sqlvalues . ", GetSQLValueString(\$_POST['".$meta->name."'], \"".$meta->type."\")--";


Should replace the delimiting comma with another string ("--" will do fine).

$sqlvalues = $sqlvalues . "-- GetSQLValueString(\$_POST['".$meta->name."'], \"".$meta->type."\")";


Remove the "--" from the other $sqlvalues assignment line.

Your explode statement should then work.

I also just noticed you are missing a right parenthesis on that line.

//should be:
$insertSQL = sprintf("INSERT INTO main (".$headers.") VALUES (".$svalues.")", explode("--", $sqlvalues));

Ok, I've implemented explode and placed the "--" where you suggested along with adding the extra ")" at the end of the appropriate line. Now I'm back to square one though with it giving me the following error:

Warning: sprintf(): Too few arguments in /var/www/html/sysadmin/addserver2.php on line 69
Query was empty


$insertSQL = sprintf("INSERT INTO main (".$headers.") VALUES (".$svalues.")", explode("--", $sqlvalues));

thnks