...

View Full Version : MySQL Submition Problem



Element
06-09-2007, 08:22 PM
Well, it's been a very long time since I've been on these forums, and quite awhile since I've been coding. Anyways, I'm having problems with the script I'm currently making. It's simple, but there is a problem with submitting a new gift to the database. When you click the Add Gift button (for submitting gifts) it doesn't even seem to initiate the part of the script to add the crap to the DB, what's might be the issue here? :confused:

You can try the demo here: http://amerikanmetz.rave5.com/gifts/index.php?admin User: Demo Pass: letmein


<?php
error_reporting(E_ALL);

require_once('config.php');
require_once('functions.php');
require_once('ratingsystem.php');

mysql_connect($mysql_host, $mysql_user, $mysql_pass) or die('Unable to establish MySQL connection. Possible causes:<br /><br />' . "\n\n" . mysql_error());
mysql_select_db($mysql_db) or die('Unable to select MySQL database. Possible causes:<br /><br />' . "\n\n" . mysql_error());

$content = '';

if (isset($_GET['admin']) OR isset($_GET['id'])) {

$button = isset($_GET['id']) ? "Delete" : "Login";

$content .= '<br /><p align="center">';
$content .= '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">' . "\n";
$content .= '<table align="center" width="400" cellspacing="1" cellpadding="2" style="background-color:#474033;border:1px solid #060405;">' . "\n";
$content .= '<tr>' . "\n" . '<td align="center" width="100%" colspan="2" bgcolor="#2E2A21" width="50%">' . "\n";
$content .= '<strong>Admin Panel</strong></td></tr>' . "\n";
$content .= '<tr>' . "\n" . '<td width="30%" bgcolor="#353026">' . "\n";
$content .= 'User Name: ' . "\n";
$content .= '</td>' . "\n" . '<td width="70%" bgcolor="#3F3A2F">' . "\n";
$content .= '<input type="text" size="21" name="username"><br />' . "\n";
$content .= '</tr>' . '<tr>' . "\n" . '<td width="30%" bgcolor="#353026">' . "\n";
$content .= 'Password: ' . "\n";
$content .= '</td>' . "\n" . '<td width="70%" bgcolor="#3F3A2F">' . "\n";
$content .= '<input type="password" size="21" name="pass"><br />' . "\n";

if (isset($_GET['id']) && is_numeric($_GET['id'])) {
$content .= '</td>' . "\n" . '</tr>' . "\n" . '<tr>' . "\n" . '<td width="100%" colspan="2" bgcolor="#2E2A21">' . "\n";
$content .= '<input type="hidden" name="action" value="delete">' . "\n";
$content .= '<input type="hidden" name="id" value="' . $_GET['id'] . '">' . "\n";
$content .= '</td>' . "\n" . '</tr>' . "\n";
}

$content .= '</td>' . "\n" . '</tr>' . "\n" . '<tr>' . "\n" . '<td width="100%" colspan="2" bgcolor="#2E2A21">' . "\n";
$content .= '<input type="submit" name="submit" value="' . $button . '">' . "\n";
$content .= '</td>' . "\n" . '</tr>' . "\n" . '</table>' . "\n";
$content .= '</form>' . "\n";
$content .= '</p><br /><br />';

}

if (isset($_POST['add_submit'])) {

if ($_POST['username'] == $username && $_POST['pass'] == $password) {

foreach($_POST as $key => $val) {
${$key} = mysql_real_escape_string(trim($val));
}

if(isset($image_url) && isset($gift_by)) {
$query = "INSERT INTO " . $mysql_table . " (id, image_url, image_comment, gift_by, favorite, votes) VALUES (null, '" . $image_url . "', '" . $image_comment . "', '" . $gift_by . "', '" . $favorte . "', null)";

if ($result = mysql_query($query)) {
$content .= '<meta http-equiv=Refresh content="3; url=' . $_SEVER['HTTP_HOST'] . $script_folder . 'index.php">' . "\n";
$content .= '<p align="center">Your gift by <b>' . $gift_by . '</b> has been added!<br />One moment while we transfer you. . .</p>' . "\n";

} else {

$content .= '<p align="center">Your gift by <b>' . $gift_by . '</b> could not be submited!<br />We apologise for this inconvenience.<br /><br />' . mysql_error() . '</p>' . "\n";

}
}

} else {

$content .= '<p align="center"><font style="color:red;font-size:15px;font-weight:bold;letter-spacing:5px;">Incorrect login attempt</font><br />
<font style="color:#777777;font-size:12px;font-weight:bold;letter-spacing:8px;font-variant:inherit;">' . $_SERVER['REMOTE_ADDR'] . '</font></p>' . "\n";

}
}

if (isset($_POST['submit'])) {

if (isset($_POST['submit'])) {
if($_POST['username'] == $username && md5($_POST['pass']) == $password) {

if (isset($_POST['action']) && $_POST['action'] == 'delete') {

$id = trim($_POST['id']);
$query = "DELETE FROM " . $mysql_table . " WHERE id='" . $id . "'";

if ($result = mysql_query($query)) {

$content .= '<meta http-equiv=Refresh content="3; url=index.php">' . "\n";
$content .= '<p align="center">ID: ' . $id . ' has been deleted!<br>One moment while we transfer you. . .</p>' . "\n";

} else {

$content .= '<p align="center">ID: ' . $id . ' could not be deleted correctly!<br>We apologise for this inconvenience.<br /><br />' . mysql_error() . '</p>' . "\n";

}

} else {

$content .= '<br /><p align="center">';
$content .= '<form method="post" action="' . $_SERVER['PHP_SELF'] . '">' . "\n";
$content .= '<table align="center" width="400" cellspacing="1" cellpadding="2" style="background-color:#474033;border:1px solid #060405;">' . "\n";
$content .= '<tr>' . "\n" . '<td align="center" width="100%" colspan="2" bgcolor="#2E2A21" width="50%">' . "\n";
$content .= '<strong>Add a Gift</strong></td></tr>' . "\n";
$content .= '<tr>' . "\n" . '<td width="40%" bgcolor="#353026">' . "\n";
$content .= '<strong>Gift done By:</strong>' . "\n";
$content .= '</td>' . "\n" . '<td width="60%" bgcolor="#3F3A2F">' . "\n";
$content .= '<input type="text" size="40" name="gift_by"><br />' . "\n";
$content .= '</tr>' . '<tr>' . "\n" . '<td width="40%" bgcolor="#353026">' . "\n";
$content .= '<strong>Gift URL:</strong> ' . "\n";
$content .= '</td>' . "\n" . '<td width="60%" bgcolor="#3F3A2F">' . "\n";
$content .= '<input type="text" size="40" name="image_url;"><br />' . "\n";

$content .= '</tr>' . '<tr>' . "\n" . '<td width="40%" bgcolor="#353026">' . "\n";
$content .= '<strong>Comment your Gift:</strong><br>(HTML Enabled<br>Max 500 Chars)' . "\n";
$content .= '</td>' . "\n" . '<td width="60%" bgcolor="#3F3A2F">' . "\n";
$content .= '<textarea cols="25" row="3" name="image_comment"></textarea><br />' . "\n";
$content .= '</tr>' . '<tr>' . "\n" . '<td width="40%" bgcolor="#353026">' . "\n";
$content .= '<strong>Favorite?:</strong> ' . "\n";
$content .= '</td>' . "\n" . '<td width="60%" bgcolor="#3F3A2F">' . "\n";
$content .= '<select name="favorite"><option value="false">False</option><option value="true" style="color:gold;">True</option></select><br />' . "\n";

$content .= '</td>' . "\n" . '</tr>' . "\n" . '<tr>' . "\n" . '<td width="100%" colspan="2" bgcolor="#2E2A21">' . "\n";
$content .= '<input type="hidden" name="username" value="' . $_POST['username'] . '">' . "\n";
$content .= '<input type="hidden" name="pass" value="' . md5($_POST['pass']) . '">' . "\n";
$content .= '<input type="submit" name="add_submit" value="Add Gift!">' . "\n";
$content .= '</td>' . "\n" . '</tr>' . "\n" . '</table>' . "\n";
$content .= '</form>' . "\n";
$content .= '</p><br /><br />';

}

} else {

$content .= '<p align="center"><font style="color:red;font-size:15px;font-weight:bold;letter-spacing:5px;">Incorrect login attempt</font><br />
<font style="color:#777777;font-size:12px;font-weight:bold;letter-spacing:8px;font-variant:inherit;">' . $_SERVER['REMOTE_ADDR'] . '</font></p>' . "\n";

}
}

} else {

if (!(isset($_GET['favorites']))) {

$query = "SELECT * FROM " . $mysql_table . " ORDER BY id DESC";
$result = mysql_query($query);
$num = mysql_num_rows($result);

$content .= '<table width="850" align="center" cellspacing="5"><tr><td align="left"><img src="GIgifts.png" border="0" usemap="#Map"></td><td align="center"><img src="Menu.png" border="0" usemap="#Map2"></td><td width="100%" align="right"><p align="center" style="letter-spacing:2px;">' . $visible_username . ' has<br /><b>' . number_format($num) . '</b> Gift(s)</p></td></tr></table>' . "\n";

if ($num == 0) {

$content .= '<br /><p align="center">I don\'t have any gifts at this time. Please come back later!</p>' . "\n";

} else {

$i = 0;

$content .= '<p align="center"><table align="center" width="800" cellspacing="1" cellpadding="4" style="background-color:#474033;border:1px solid #060405;">' . "\n";

while($row = mysql_fetch_assoc($result)) {

$i++;
$hex = $i % 2 ? '#353026' : '#39342A';
$hex2 = $i % 2 ? '#3F3A2F' : '#433E33';

$content .= '<tr>' . "\n";
$content .= '<td bgcolor="#2E2A21" width="40%" style="border: 1px solid 343434;"><strong>By: ' . stripslashes($row['gift_by']) . '</strong></td>' . "\n";
$content .= '<td bgcolor="#2E2A21" width="80%" style="border: 1px solid 343434;">' . ratingsoutput($row['id']) . '</td>' . "\n";
$content .= '</tr>' . "\n";
$content .= '<tr>' . "\n";
$content .= '<td valign="top" width="40$" height="30" bgcolor="' . $hex . '" style="border: 1px solid 343434;">';
if ($row['image_comment'] != "" && $row['image_comment'] != " ") {
$content .= stripslashes($row['image_comment']) . "\n";
} else {
$content .= 'No Comment.' . "\n";
}
$content .= '</td>' . "\n";
$content .= '<td width="80%" bgcolor="' . $hex2 . '" align="center" style="border: 1px solid 343434;"><img src="' . $row['image_url'] . '" border="0"><br /><a href="' . $_SERVER['PHP_SELF'] . '?id=' . $row['id'] . '">Delete Gift</a></td>' . "\n";
$content .= '</tr>' . "\n";
$content .= '<tr>' . '<td colspan="2" bgcolor="#312D23" width="100%" style="border: 1px solid 343434;">&nbsp;</td>' . '</tr>' . "\n";

}

$content .= '</table></p><br /><br />' . "\n";

}

} else {

$query = "SELECT * FROM " . $mysql_table . " WHERE favorite='true' ORDER BY id DESC";
$result = mysql_query($query);
$num = mysql_num_rows($result);

$content .= '<table align="center" width="850" cellspacing="5"><tr><td align="left"><img src="GIgifts.png" border="0" usemap="#Map"></td><td align="center"><img src="Menu.png" border="0" usemap="#Map2"></td><td align="center" style="letter-spacing:2px;">' . $visible_username . ' has<br /><b>' . number_format($num) . '</b><br />Favorite Gift(s)</td></tr></table>' . "\n";

if ($num == 0) {

$content .= '<br /><p align="center">I don\'t have any favorite gifts at this time. Please come back later!</p>' . "\n";

} else {

$i = 0;

$content .= '<p align="center"><table align="center" width="800" cellspacing="1" cellpadding="4" style="background-color:#474033;border:1px solid C;">' . "\n";

while($row = mysql_fetch_assoc($result)) {

$i++;
$hex = $i % 2 ? '#353026' : '#39342A';
$hex2 = $i % 2 ? '#3F3A2F' : '#433E33';

$content .= '<tr>' . "\n";
$content .= '<td bgcolor="#2E2A21" width="40%" style="border: 1px solid 343434;"><strong>By: ' . stripslashes($row['gift_by']) . '</strong></td>' . "\n";
$content .= '<td bgcolor="#2E2A21" width="80%" style="border: 1px solid 343434;">' . ratingsoutput($row['id']) . '</td>' . "\n";
$content .= '</tr>' . "\n";
$content .= '<tr>' . "\n";
$content .= '<td valign="top" width="40$" height="30" bgcolor="' . $hex . '" style="border: 1px solid 343434;">';
if ($row['image_comment'] != "" && $row['image_comment'] != " ") {
$content .= stripslashes($row['image_comment']) . "\n";
} else {
$content .= 'No Comment.' . "\n";
}
$content .= '</td>' . "\n";
$content .= '<td width="80%" bgcolor="' . $hex2 . '" align="center" style="border: 1px solid 343434;"><img src="' . $row['image_url'] . '" border="0"><br /><a href="' . $_SERVER['PHP_SELF'] . '?id=' . $row['id'] . '">Delete Gift</a></td>' . "\n";
$content .= '</tr>' . "\n";
$content .= '<tr>' . '<td colspan="2" bgcolor="#312D23" width="100%" style="border: 1px solid 343434;">&nbsp;</td>' . '</tr>' . "\n";
}

$content .= '</table></p><br /><br />' . "\n";

}

}
}



?>
<html>
<head>
<title><?php echo $visible_username; ?>'s Gifts</title>
<style type="text/css">
<!--

BODY {
background: #342e22;
color: #807056;
font: 8pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;
margin: 0px;
padding: 0px;
}
a:link, body_alink {
color: #91895C;
}
a:visited, body_avisited {
color: #91895C;
}
a:hover, a:active, body_ahover {
color: #635A49;
}
td {
font: 10pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;
}
INPUTE, TEXTAREA, BUTTON {
background-color:#2E2A21;
border: 1px solid #2E2A21;
}

-->
</style></head>
<body>
<?php echo $content; ?>
<p align="center">&copy; Copyright 2007 AmerikanMetz</p>
<map name="Map2">
<area shape="rect" coords="39,59,215,101" href="<?php echo $_SERVER['PHP_SELF']; ?>?favorites">
<area shape="rect" coords="226,59,315,100" href="<?php echo $_SERVER['PHP_SELF']; ?>">
</map>
<map name="Map">
<area shape="rect" coords="117,57,327,101" href="http://guildinn.com">
<area shape="rect" coords="21,21,118,136" href="http://guildinn.com">
</map>
</body>

</html>

I'm pretty darn rusty at PHP.... :eek:



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum