...

View Full Version : Variables will POST data won't insert into Database



Wolfetone00
12-03-2008, 11:17 PM
As Title says. I am trying to insert data that is held in a variable to my MySQL database, but won't. I can get it to work if I specifically add the string into the mysql_query(), but that kinda defeats the purpose of getting information from a form. Here is my code:



<?php
include 'databaseFunctions.php';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
</head>
<body>
<div id="commentContainer">
<h3><span><? countComments();?> Comments</span></h3>
<!-- Comments -->
<div id="comments">
<ol id="commentList">
<li id="comment">
<p>On (Date of comment; 24th Sept. 08)Name said . . .</p>
<blockquote>
<p>I am smart comment.</p>
</blockquote>
</li>
</ol>
</div>
<!-- End Comments -->

<h3><span>Post a Comment</span></h3>

<?php
if(isset($_POST['postComment'])){
$commentName = $_POST['commentName'];
$commentEmail = $_POST['commentEmail'];
$commentWebsite = $_POST['commentWebsite'];
$commentMessage = $_POST['commentMessage'];

$errors = array();

if (eregi("^[a-z0-9]{1,30}$", $commentName)){

}else{
$errors[] = ' Name';
}

if (eregi("^[a-z0-9._-]+@[a-z0-9-]+\.[a-z.]{2,5}$", $commentEmail)){

}else{
$errors[] = ' Email';
}

if (strlen($commentWebsite) > 0){
if (eregi("^[a-z0-9.-_\/?]+\.[a-z]{2,5}$", $commentWebsite)){

}else{
$errors[] = ' Website';
}
}

if (strlen($commentMessage) > 0 && strlen($commentMessage) < 300){

}else{
$errors[] = " Comment";
}

if (count($errors) > 0){
echo '<div id="erroreNote">';
echo '<h3>';
echo 'Your';
foreach ($errors as $value){echo $value;}
echo ' is/are not valid.';
echo '</h3>';
echo '</div>';
}else{
$address="10.6.186.112";
$user="*****";
$password="******";
$database="******";

mysql_connect($address,$user,$password);
@mysql_select_db($database) or die( "Unable to select database");

$query = "INSERT INTO comments(name, email, website, comment) VALUES ('$commentName','$commentEmail','$commentWebsite','$commentMessage')";
mysql_query($query);

mysql_close();
}
}
?>

<div id="form">
<form id="commentForm" name="commentForm" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"">
<p>Required fields are marked with an asterisk (*).
<fieldset id="pInfo">
<legend>Personal Information</legend>
<label for="commentName">*Name: &nbsp;</label>
<input type="text" name="commentName" id="commentName" size="30" maxlength="30" value=""/><br /><br />
<label for="commentEmail">*E-mail: &nbsp;</label>
<input type="text" name="commentEmail" id="commentEmail" size="30" value=""/><br /><br />
<label for="commentWebsite">Website: &nbsp;</label>
<input type="text" name="commentWebsite" id="commentWebsite" size="30" maxlength="30" value="" /><br />
</fieldset>

<fieldset id="comMessage">
<legend>Comment</legend>
<label for="commentMessage">*Comment (300 character limit): &nbsp;</label>
<textarea name="commentMessage" id="commentMessage" wrap="physical" rows="10" cols="50"></textarea><br />
</fieldset>
<br />
<input type="hidden" name="process" value="1">

<input type="submit" name="postComment" value="Post Comment">
</form>
</div>
<!-- End Form -->
</div>
</body>
</html>


The main problems seems to be line 78:


$query = "INSERT INTO comments(name, email, website, comment) VALUES ('$commentName','$commentEmail','$commentWebsite','$commentMessage')";


If I replace the variables with plain strings like I mention:


$query = "INSERT INTO comments(name, email, website, comment) VALUES ('name','a@b.com','blah.com','Hello')";

works fine.

I bet it something simple, but this has me stumped. Thanks in advance for any help:thumbsup:

ptmuldoon
12-03-2008, 11:26 PM
First.

Remove your username and password from the above. You don't want others seeing that.

Put all the variables in the query in {} braces such as

$query = "INSERT INTO comments(name, email, website, comment) VALUES ('{$commentName}','{$commentEmail}','{$commentWebsite}','{$commentMessage}')";

Fou-Lu
12-04-2008, 12:04 AM
This won't be a problem with the brackets. Since we're not using arrays variables will be parsed out without needing to be resolved.

Die off that mysql_query. My bet is on a whine for a syntactical error in you're SQL structure. Also post all of the data used to generate that error. Make sure you're error reporting is enabled as well.

The use of ereg is a little strange as well. Jumping to an else with no true processing is a little weird. Change it to if (false === (ereg... to evaluate a false statement instead of a true to drop to false.

Wolfetone00
12-04-2008, 12:22 AM
If it helps here is my form: http://http://www.barkingbean.net/tests/commentBark.php

Definitely something wrong because after I added
mysql_query($query) or die("Failure at line 79"); you can see, it stops at that line. (I assume that's what you meant by 'die off')

P.S.
I am good at HTML/CSS but this type of programming always gets me at the syntax. I guess it's sorta like the artist trying to be an engineer.

Fou-Lu
12-04-2008, 12:30 AM
That is what I meant yes.
Change it to: or die(mysql_error());

Wolfetone00
12-04-2008, 12:53 AM
Duplicate entry '0' for key 1

is what it says.

Fou-Lu
12-04-2008, 12:58 AM
This means you're using a surrogate key in you're database.
Check the table, you'll need to ensure that auto_increment has been set on the primary key so it will automatically generate a new record.

ptmuldoon
12-04-2008, 01:04 AM
I think there's better/easier way to setup the error reporting as well. Fou-Lu may be able to provide some insight, but the use of an if/else statement for each each error check seems to much



if (eregi("^[a-z0-9]{1,30}$", $commentName))
{
//What belongs here?
} else {
$errors[] = ' Name';
}


I think you may be able to do this


if (!eregi("^[a-z0-9]{1,30}$", $commentName))
{
$errors[] = ' Name';
}

Wolfetone00
12-04-2008, 11:39 PM
Thank you very much for the tips, I have solved my small problems.

ptmuldoon, I used your suggestion for cleaning up my code and I can get it to work correct except for the validation for the last entry:


if (strlen($commentMessage) > 0 && strlen($commentMessage) < 300){

}else{
$errors[] = ' Comment';
}

I replaced it with (switching the comparisons to their opposites):


if (strlen($commentMessage) < 0 && strlen($commentMessage) > 300){
$errors[] = ' Comment';
}

but that doesn't get caught as wrong when it's blank or greater than 300.

oesxyl
12-04-2008, 11:46 PM
Thank you very much for the tips, I have solved my small problems.

ptmuldoon, I used your suggestion for cleaning up my code and I can get it to work correct except for the validation for the last entry:


if (strlen($commentMessage) > 0 && strlen($commentMessage) < 300){

}else{
$errors[] = ' Comment';
}

I replaced it with (switching the comparisons to their opposites):


if (strlen($commentMessage) < 0 && strlen($commentMessage) > 300){
$errors[] = ' Comment';
}

but that doesn't get caught as wrong when it's blank or greater than 300.
the opposites of that:


if (strlen($commentMessage) > 0 && strlen($commentMessage) < 300){

}else{
$errors[] = ' Comment';
}

is that:


if (strlen($commentMessage) < 0 || strlen($commentMessage) > 300){
$errors[] = ' Comment';
}

note the change of && with ||.

regards

PappaJohn
12-05-2008, 12:10 AM
How is strlen($commentMessage) ever going to be less than 0?

oesxyl
12-05-2008, 12:22 AM
How is strlen($commentMessage) ever going to be less than 0?
I miss that ,good question, :)
in fact negation for


strlen($x) > 0

is


strlen($x) <= 0

the question remain the same, but in this case work, :)


same way for:


f($x) < a

become:


f($x) >= a

best regards



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum