i need to add data to my database and when i added everything after isset the page stopped working...i get this error...
Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in /home/students/got5758/public_html/hmwk7.php on line 35
ive been looking for my error for hours...maybe someone here can find it..it wud be greatly appreciated..oh and before asked..yes i am connected to my db..just left it out of this code

<html>
<head>
<title>
</title>
</head>
<body>
<h3>Add a new product to the Inventory</h3>
<form method="post" action="<?php $_SERVER['php_self'];?>">

Enter Category<br />
<input type="text" name="category" size="20"><p />

Enter Product Name<br />
<input type="text" name="pro_name" size="20"><p />

Enter Price<br />
<input type="text" name="price" size="20"><p />

Enter Amount On-Hand<br />
<input type="text" name="onhand" size="20"><p />

<input type="hidden" name="do_php" value="true">
<input type="submit" value="Add Product">
</form>
<?php
if( isset($_POST['do_php'] ) )
{
$in_query = "insert into Inventory values(";
$in_query .= "NULL,'" .$_POST['category']. "',";
$in_query .= "'" .$_POST['pro_name'] ."','" . $_POST['price'] ."'";
$in_query .= "," . $_POST['onhand']")";

$in_result = mysql_query( $in_query )
or die("Could not connect" . mysql_error() );

if( !$in_result )
echo "Sorry, an error occurred\n";
else
echo "New Inventory was successfully added to the database!";
}
?>
</body>
</html>

Fresh set of eyes:

$in_query .= "," . $_POST['onhand']")";

You're missing a '.' right after the onhand index access:

$in_query .= "," . $_POST['onhand'] . ")";


Also, this won't work: <?php $_SERVER['php_self'];?>. The first is because you're missing an echo to actually print it out, but also because php_self doesn't exist - its PHP_SELF you're looking for; however, don't use PHP_SELF since its XSS exploitable, use $_SERVER['SCRIPT_NAME'] instead which will take the currently executing script. If you include this into another file, you could use basename(__FILE__) instead.

thank you soo much for catching that!! and php_self does work and thats what we use...but thanks for finding that missing echo as well...wudda driven me crazy!!

now im wondering if i could get some more help...i have to check if the data being added already exists and if it does then dont add it..if it doesnt add it...i've been googling it and cant understand most of whats out there...im just learning sql

thank you soo much for catching that!! and php_self does work and thats what we use...but thanks for finding that missing echo as well...wudda driven me crazy!!

Check you're source, I'd suspect that the action on you're form is "" when using $_SERVER['php_self']. It will still work since no action defaults to self.

MySQL actually has a REPLACE command which will either insert or update without needing to determine if it exists first. But you need to be handling it based on you're primary key, and from the looks of this I'd suspect that is what the NULL value is representing? Without knowing that, I would have to assume that each entry should be unique.

my primary key is the null field...its idnum...and auto incrementing...how would i use the replace command?? what more info would u need to help me??

http://dev.mysql.com/doc/refman/5.1/en/replace.html

REPLACE INTO table (col1, ...coln) VALUES (val1, ...valn)

But, without knowing the primary key before hand, there isn't really anyway to determine if the record already exists.
That said, there really isn't a way to determine if this exists. Unless one of the other fields is actually responsible for controlling what is unique, in which case that should probably be you're primary key and a replace would work. Note that a replace updates any values that have changed as opposed to actually rejecting an insertion.

well i guess what would be unique would be product name thats basically what we dont want repeated

Mkay, what you can do for that then without changing you're structure is to first query for the productName, and insert only if the count is 0.

$sQry = 'SELECT idnum FROM Inventory WHERE productName = \'' . $_POST['pro_name'] . '\'';
if ($result = mysql_query($sQry))
{
if (mysql_num_rows($result) > 0)
{
// This indicates that a record exists
die('Cannot insert a new product with name ' . $_POST['pro_name']);
}
else
{
// Proceed with the insertion
}
}

The other option would be to alter you're table and flag pro_name as the primary key.

Also, normally I wouldn't give this much help for a homework assignment since I just noticed it was one. For that reason, I'll say you shouldn't be too worried about SQL injections by this point unless thats already been covered in you're course.

its a really long story..yes it is a hmwk assignment..no the teacher hasnt gone over some of this yet...and he encourages us to find the answer whereever we can...and most of the sql we were suppose to learn in a different class..but that teacher decided he doesnt know sql and is not going to teach it to us...go figure...but i really do appreciate your help

i think i may have done something wrong...i get this Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in /home/students/got5758/public_html/hmwk7.php on line 32

<html>
<head>
<title>
</title>
</head>
<body>
<h3>Add a new product to the Inventory</h3>
<form method="post" action="<?php $_SERVER['php_self'];?>">

Enter Category<br />
<input type="text" name="category" size="20"><p />

Enter Product Name<br />
<input type="text" name="pro_name" size="20"><p />

Enter Price<br />
<input type="text" name="price" size="20"><p />

Enter Amount On-Hand<br />
<input type="text" name="onhand" size="20"><p />

<input type="hidden" name="do_php" value="true">
<input type="submit" value="Add Product">
</form>
<?php
if( isset($_POST['do_php'] ) )
{
$sQry*=*"select***from*Inventory*where*product_name='"*.*$_POST['pro_name']*.*"'";
if*($result*=*mysql_query($sQry))
{
**** if*(mysql_num_rows($result)*>*0)
****
******** die('Cannot*insert*a*new*product*with*name*'*.*$_POST['pro_name']);
****
**** else
**** {
*****
$in_query = "insert into Inventory values(";
$in_query .= "NULL,'" .$_POST['category']. "',";
$in_query .= "'" .$_POST['pro_name'] ."','" . $_POST['price'] ."'";
$in_query .= "," . $_POST['onhand'] .")";

$in_result = mysql_query( $in_query )
or die("Could not connect" . mysql_error() );

if( !$in_result )
echo "Sorry, an error occurred\n";
else
echo "New Inventory was successfully added to the database!";
**** }
}

}
?>
</body>
</html>

there are no * in my code...i dont know why they showed up here

While it shouldn't be based on the *'s (that would trigger the error at line 28 from the looks of it), I'm not certain what the problem is. Mine is almost identical (I shifted some things so that I could actually use some data, you'll need to rename to match you're tables):

<html>
<head>
<title>
</title>
</head>
<body>
<h3>Add a new product to the Inventory</h3>
<form method="post" action="<?php $_SERVER['php_self'];?>">

Enter Category<br />
<input type="text" name="category" size="20"><p />

Enter Product Name<br />
<input type="text" name="pro_name" size="20"><p />

Enter Price<br />
<input type="text" name="price" size="20"><p />

Enter Amount On-Hand<br />
<input type="text" name="onhand" size="20"><p />

<input type="hidden" name="do_php" value="true">
<input type="submit" value="Add Product">
</form>
<?php

$con = mysql_connect('localhost', 'root', 'root');
mysql_select_db('productDatabase');
if( isset($_POST['do_php'] ) )
{
$sQry = "SELECT idnum FROM Inventory WHERE pro_name='" . $_POST['pro_name'] . "'";
if ($result = mysql_query($sQry) or die(mysql_error()))
{
if (mysql_num_rows($result) > 0)

printf('A product with the name %s already exists!', $_POST['pro_name']);

else
{

$in_query = "INSERT INTO Inventory VALUES (";
$in_query .= "NULL,'" .$_POST['category']. "',";
$in_query .= "'" .$_POST['pro_name'] ."', '" . (float)$_POST['price'] . "'";
$in_query .= "," . (int)$_POST['onhand'] .")";
$in_result = mysql_query( $in_query )
or die("Could not connect " . mysql_error() );

if( !$in_result ) //btw, this will never be true since you died in the line above.
echo "Sorry, an error occurred\n";
else
echo "New Inventory was successfully added to the database!";
}
}

}
?>
</body>
</html>

And this worked fine:

<html>
<head>
<title>
</title>
</head>
<body>
<h3>Add a new product to the Inventory</h3>
<form method="post" action="">

Enter Category<br />
<input type="text" name="category" size="20"><p />

Enter Product Name<br />
<input type="text" name="pro_name" size="20"><p />

Enter Price<br />
<input type="text" name="price" size="20"><p />

Enter Amount On-Hand<br />
<input type="text" name="onhand" size="20"><p />

<input type="hidden" name="do_php" value="true">
<input type="submit" value="Add Product">
</form>
A product with the name test prod already exists!</body>
</html>

Notice the source of the form action, I have my error reporting disabled on this, but the notice is: Notice: /test.php line 8 - Undefined index: php_self

is printf the same as echo??

i copied urs exactly and its still coming up with an error at line 29

Sorta, printf takes variables and replaces them based on datatypes.

$var = 'hello';
echo $var . ' world'; // prints 'hello world'
printf('%s world', $var); // Interprets $var as a string and prints hello world

sprintf is identical except it stores its result in a variable instead of printing it. Something retained from C.


Got you're last post in there. Check to make sure that the file is being saved as plain text. I don't know where the problem is coming up (mind you, I left my mysql connection string in there, but I assume you already have that in there somewhere).

Wait you said you're error is on line 29? That does correspond to the *'s. Ensure that they are not actually in there, or BOM of some sorts hindering it.

whats BOM?? and i dont think its corresponding to the *s...this is driving me crazy!!!! lol...but i really do appreciate all the help

what do u mean plain text?? its saved as a .php file

BOM = byte order markers, generally within the first 4 bytes of a file saved as unicode.
I don't know how to change it in linux, in windows its a matter of opening it and saving as ANSI in notepad. All I can suggest is dump you're IDE and use a plain text editor like kate.

you just used a lot of big words that i didnt understand...lol

Are you using a particular environment to write code? If so, abandon it and use a plain text editor (vi from the command line or kate if you're using kde).

im using textwrangler...im on a mac...does that make a difference

No clue I'm afraid, I know nothing about macs >.<
Best I can tell, you should have an application called TextEdit. Looks like you'll need to change you're preferences to ignore rich text. Beyond that I'm afraid I can't help, but I'm betting you'll get some interesting characters to show up.

If you are using TextEdit you have to be careful how it processes line breaks... Sometimes it works when you make it plain text other times it keeps the format of the original file on the line breaks. I used to run into problems with it when editing .htaccess files that were accidently started as rich texts then converted over because the line breaks stayed in the wrong format.

Here is a link someone gave me from the MacForums.


http://hayne.net/MacDev/Notes/unixFAQ.html

The 12th item down is about the end line. It's sad to say but Notepad on Windows :eek: is about the most reliable thing without going through a file conversion. Sometimes I get TextEdit to work and others not so that's about the extent of my knowledge on that.

thanks for all the help...after hours of trying i still couldnt get this to work on text wrangler...im just gonna go sit at my dads computer and copy everything into notepad++ and hope to dear god that works...if not ill be back

Just be sure to check the line endings in the original Notepad... Notepad 2 uses different line endings than the original... I don't know about Notepad++ though. I'd copy paste all your code over when your done to double check it.

Indeed, it may be appear as a single line in notepad. If thats the case, open it first in wordpad than choose save as a new filename. Than open in notepad, I think thats how I used to fix it between the Linux and M$ machines.