Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    Banned
    Join Date
    Mar 2007
    Posts
    1,523
    Thanks
    116
    Thanked 0 Times in 0 Posts

    can someone please check my code?

    the code below should submit new values into database from a form but it doesn't work?!


    Code:
    <?php
    include_once('config.php');
    $Assessor = mysql_real_escape_string(stripslashes($_POST['Assessor']));
    $page = mysql_real_escape_string(stripslashes($_POST['page']));
    $Dateadded = mysql_real_escape_string(stripslashes($_POST['Dateadded']));
    $Assessment = mysql_real_escape_string(stripslashes($_POST['Assessment']));
    $assignedto = mysql_real_escape_string(stripslashes($_POST['assignedto']));
    $section = mysql_real_escape_string(stripslashes($_POST['section']));
    $grade = mysql_real_escape_string(stripslashes($_POST['grade']));
    $action = mysql_real_escape_string(stripslashes($_POST['action']));
    $priority = mysql_real_escape_string(stripslashes($_POST['priority']));
    $sql = "INSERT INTO assessment (Assessor,Page,Assessment,assignedto,section,grade,action,priority) 
    Values ('$Assessor', '$page', '$Assessment','$assignedto','$section','$grade','$action','$priority')";
    $result = mysql_query($sql,$link) or die('Error: ' . mysql_error() . '<br>SQL: ' . $sql);
    header("Location: display.php"); 
    mysql_close($link);
    ?>

  • #2
    Master Coder
    Join Date
    Dec 2007
    Posts
    6,682
    Thanks
    436
    Thanked 890 Times in 879 Posts
    replace in $sql, after "values (" for each variable:
    PHP Code:
    '$Assessor' 
    with:
    PHP Code:
    '".$Assessor."' 
    see if work and post feedback if not.

    regards

  • #3
    Banned
    Join Date
    Mar 2007
    Posts
    1,523
    Thanks
    116
    Thanked 0 Times in 0 Posts
    I have fixed it!

  • #4
    bdl
    bdl is offline
    Regular Coder
    Join Date
    Apr 2007
    Location
    Camarillo, CA US
    Posts
    590
    Thanks
    4
    Thanked 83 Times in 82 Posts
    Define "doesn't work". What does it do / not do that you otherwise expect? Does any of the data make it into the database? Does it throw an error? Does it just show a blank page and sit there? Please be as specific as possible.

    Comment out the call to header(), and display the value of the $sql statement string to the page, see what it shows.

    Does the form actually POST to the script? At the top of the script, do this:
    PHP Code:
    print_r($_POST); 
    I do notice that you expect and escape 9 strings coming from POST, but only insert 8. Your column / data count is correct and as far as I can tell, the SQL statement is fine.


    Something else I notice, you're using a variation of uppercase and lowercase column and variable names. You need to keep these consistent. Having consistency when it comes to variable naming and assignment conventions will really pay off in the long run.

    Something else I should point out, you can eliminate all that reassignment code with a simple loop, e.g.
    PHP Code:
    // check to see if the form was POSTed
    // ( note the submit button counts for one element)
    if ( sizeof($_POST) > ) {
      
    // undo magic_quotes in one fell swoop
      
    $POSTDATAarray_map('stripslashes'$_POST);
      foreach( 
    $POSTDATA AS $k => $v ) {
        
    // reassign the index name to the value, escaping as we go
        
    $$k mysql_real_escape_string($v);
      }
      
    // submit to database
    } else {
      
    // form wasn't POSTed

    That's it. A couple of simple lines of code, nice and neat.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •