Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 13 of 13
  1. #1
    New Coder
    Join Date
    May 2003
    Posts
    76
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Submission form help

    I have created a form that adds data into different tables in the same DB. Lets say that I want to add a new book title, I type in the data, click submit, the data is submitting, BUT it's submitted into all 4 tables.

    What am I doing wrong?
    PHP Code:
    <? include('../includes/config.php'); ?>
    <? 
    include('../includes/connect.php'); ?>
    <? 
    include('../../includes/doctype.html'); ?><head>
       <title>x</title>
    <? include('../../includes/header.php'); ?>

       <? include('../../includes/nav_iedb.php'); ?>

       <!-- page description -->
       <? include('../../includes/pi_iedb.php'); ?>
       <!-- / page description -->

       <!-- left div box -->
       <div id="left_content">
       <!-- #### ADD MOVIE #### -->
       <?
       
    if (isset($_POST['title'])) { //Check for a field that is mandatory to do the inserted
          
    $system mysql_escape_string($_POST['system']);
          
    $title mysql_escape_string($_POST['title']);
          
    $keyword mysql_escape_string($_POST['keyword']);
          
    $rating mysql_escape_string($_POST['rating']);
          
    $genre mysql_escape_string($_POST['genre']);
          
    $year mysql_escape_string($_POST['year']);
          
    $purchased mysql_escape_string($_POST['purchased']);
          
    $ISBN mysql_escape_string($_POST['ISBN']);
          
    $serial mysql_escape_string($_POST['serial']);
       
    $sql "INSERT INTO movies (system, title, keyword, rating, genre, year, purchased, ISBN, serial)
                    VALUES('$system','$title','$keyword','$rating','$genre','$year','$purchased','$ISBN','$serial')"
    ;
       
    mysql_query($SQL);
       if (@
    mysql_query($sql)) {
          echo 
    '<em>Your data has been submitted</em><br />';
             } else {
          echo 
    '<p>Error adding submitted info: ' mysql_error(). '</p>';
          }
       }
       
    ?>
       <h3>Submit a movie</h3>
       <br />
       <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
       <label>
       <table>
       <tr>
           <td>System:</td><td><select name="system"><optgroup label="Media System:"><option value="DVD" name="DVD">DVD</option></optgroup></select></td>
       </tr>
       <tr>
           <td>Title:</td><td><input class="forms" type="text" size="50" maxlength="50" name="title" /></td>
       </tr>
       <tr>
           <td>Keyword(s):</td><td><input class="forms" type="text" size="50" maxlength="50" name="keyword" /></td>
       <tr>
           <td>Rating:</td><td><select name="rating"><optgroup label="Select a Rating:"><option value="-1" name="-1">Select one</option><option value="G" name="G">G</option><option value="PG" name="PG">PG</option><option value="PG-13" name="PG">PG-13</option><option value="R" name="R">R</option><option value="NR" name="NR">NR</option></optgroup></select><td>
       </tr>
       <tr>
           <td>Genre:</td><td><input class="forms" type="text" size="50" maxlength="50" name="genre" /></td>
       </tr>
       <tr>
           <td>Year:</td><td><input class="forms" value="0000-00-00" type="text" size="50" maxlength="50" name="year" /><td>
       </tr>
       <tr>
           <td>Purchased:</td><td><input class="forms" value="<? echo date ("Y-m-d"); ?>" type="text" size="50" maxlength="50" name="purchased" /><td>
       </tr>
       <tr>
           <td>ISBN:</td><td><input class="forms" type="int" size="50" maxlength="50" name="ISBN" /><td>
       </tr>
       <tr>
           <td>Serial:</td><td><input class="forms" type="int" size="50" maxlength="50" name="serial" /><td>
       </tr>
       </table>
       </label>
       <br /><input type="submit" value="Submit movie" />
       </form>

       <!-- #### ADD TV/DVD #### -->
       <?
       
    if (isset($_POST['title'])) { //Check for a field that is mandatory to do the inserted
          
    $system mysql_escape_string($_POST['system']);
          
    $title mysql_escape_string($_POST['title']);
          
    $keyword mysql_escape_string($_POST['keyword']);
          
    $season mysql_escape_string($_POST['season']);
          
    $genre mysql_escape_string($_POST['genre']);
          
    $year mysql_escape_string($_POST['year']);
          
    $purchased mysql_escape_string($_POST['purchased']);
          
    $ISBN mysql_escape_string($_POST['ISBN']);
          
    $serial mysql_escape_string($_POST['serial']);
       
    $sql "INSERT INTO tvdvd (system, title, keyword, season, genre, year, purchased, ISBN, serial)
                    VALUES('$system','$title','$keyword','$season','$genre','$year','$purchased','$ISBN','$serial')    "
    ;
       
    mysql_query($SQL);
       if (@
    mysql_query($sql)) {
          echo 
    '<em>Your data has been submitted</em><br />';
             } else {
          echo 
    '<p>Error adding submitted info: ' mysql_error(). '</p>';
          }
       }
       
    ?>
       <h3>Submit a TV / DVD</h3>
       <br />
       <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
       <label>
       <table>
       <tr>
           <td>System:</td><td><select name="system"><optgroup label="Media System:"><option value="TV/DVD" name="TV/DVD">TV/DVD</option></optgroup></select></td>
       </tr>
       <tr>
           <td>Title:</td><td><input class="forms" type="text" size="50" maxlength="50" name="title" /></td>
       </tr>
       <tr>
           <td>Keyword(s):</td><td><input class="forms" type="text" size="50" maxlength="50" name="keyword" /></td>
       </tr>
       <tr>
           <td>Season:</td><td><input class="forms" type="text" size="50" maxlength="50" name="season" /><td>
       </tr>
       <tr>
           <td>Genre:</td><td><input class="forms" type="text" size="50" maxlength="50" name="genre" /></td>
       </tr>
       <tr>
           <td>Year:</td><td><input class="forms" value="0000-00-00" type="text" size="50" maxlength="50" name="year" /><td>
       </tr>
       <tr>
           <td>Purchased:</td><td><input class="forms" value="<? echo date ("Y-m-d"); ?>" type="text" size="50" maxlength="50" name="purchased" /><td>
       </tr>
       <tr>
           <td>ISBN:</td><td><input class="forms" type="int" size="50" maxlength="50" name="ISBN" /><td>
       </tr>
       <tr>
           <td>Serial:</td><td><input class="forms" type="int" size="50" maxlength="50" name="serial" /><td>
       </tr>
       </table>
       </label>
       <br /><input type="submit" value="Submit TV/DVD" />
       </form>

       <!-- #### ADD GAME #### -->
       <?
       
    if (isset($_POST['title'])) { //Check for a field that is mandatory to do the inserted
          
    $system mysql_escape_string($_POST['system']);
          
    $title mysql_escape_string($_POST['title']);
          
    $keyword mysql_escape_string($_POST['keyword']);
          
    $publisher mysql_escape_string($_POST['publisher']);
          
    $year mysql_escape_string($_POST['year']);
          
    $purchased mysql_escape_string($_POST['purchased']);
          
    $developer mysql_escape_string($_POST['developer']);
          
    $genre mysql_escape_string($_POST['genre']);
          
    $ISBN mysql_escape_string($_POST['ISBN']);
          
    $serial mysql_escape_string($_POST['serial']);
       
    $sql "INSERT INTO games (system, title, keyword, publisher, year, purchased, developer, genre, ISBN, serial)
                    VALUES('$system','$title','$keyword','$publisher','$year','$purchased','$developer','$genre','$ISBN','$serial')    "
    ;
       
    mysql_query($SQL);
       if (@
    mysql_query($sql)) {
          echo 
    '<em>Your data has been submitted</em><br />';
             } else {
          echo 
    '<p>Error adding submitted info: ' mysql_error(). '</p>';
       }
       }
       
    ?>
       <h3>Submit a game</h3>
       <br />
       <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
       <label>
       <table>
       <tr>
           <td>System:</td><td><select name="system"><optgroup label="Game Systems:"><option value="-1" name="-1">Select one</option><option value="GC" name="GC">Game Cube</option><option value="PC" name="PC">PC</option><option value="Xbox" name="Xbox">Xbox</option><option value="Xbox 360" name="Xbox 360">Xbox 360</option></optgroup></select></td>
       </tr>
       <tr>
           <td>Title:</td><td><input class="forms" type="text" size="50" maxlength="50" name="title" /></td>
       </tr>
       <tr>
          <td>Keyword(s):</td><td><input class="forms" type="text" size="50" maxlength="50" name="keyword" /></td>
       </tr>
       <tr>
           <td>Developer:</td><td><input class="forms" type="text" size="50" maxlength="50" name="developer" /><td>
       </tr>
       <tr>
           <td>Publisher:</td><td><input class="forms" type="text" size="50" maxlength="50" name="publisher" /></td>
       </tr>
       <tr>
           <td>Year:</td><td><input class="forms" value="0000-00-00" type="text" size="50" maxlength="50" name="year" /><td>
       </tr>
       <tr>
           <td>Purchased:</td><td><input class="forms" value="<? echo date ("Y-m-d"); ?>" type="text" size="50" maxlength="50" name="purchased" /><td>
       </tr>
       <tr>
           <td>Genre:</td><td><input class="forms" type="text" size="50" maxlength="50" name="genre" /><td>
       </tr>
       <tr>
           <td>ISBN:</td><td><input class="forms" type="int" size="50" maxlength="50" name="ISBN" /><td>
       </tr>
       <tr>
           <td>Serial:</td><td><input class="forms" type="int" size="50" maxlength="50" name="serial" /><td>
       </tr>
       </table>
       </label>
       <br /><input type="submit" value="Submit game" />
       </form>

       <!-- #### ADD BOOK #### -->
       <?
       
    if (isset($_POST['title'])) { //Check for a field that is mandatory to do the inserted
          
    $title mysql_escape_string($_POST['title']);
          
    $author mysql_escape_string($_POST['author']);
          
    $genre mysql_escape_string($_POST['genre']);
          
    $cover mysql_escape_string($_POST['cover']);
          
    $purchased mysql_escape_string($_POST['purchased']);
          
    $published mysql_escape_string($_POST['published']);
          
    $ISBN mysql_escape_string($_POST['ISBN']);
          
    $serial mysql_escape_string($_POST['serial']);
       
    $sql "INSERT INTO books (title, author, genre, cover, purchased, published, ISBN, serial)
                    VALUES('$title','$author','$genre','$cover','$purchased','$published','$ISBN','$serial')"
    ;
       
    mysql_query($SQL);
       if (@
    mysql_query($sql)) {
          echo 
    '<em>Your data has been submitted</em><br />';
             } else {
          echo 
    '<p>Error adding submitted info: ' mysql_error(). '</p>';
          }
       }
       
    ?>
       <h3>Submit a book</h3>
       <br />
       <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
       <label>
       <table>
       <tr>
          <td>Title:</td><td><input class="forms" type="text" size="50" maxlength="50" name="title" /></td>
       </tr>
       <tr>
           <td>Author:</td><td><input class="forms" type="text" size="50" maxlength="50" name="author" /></td>
       <tr>
           <td>Genre:</td><td><input class="forms" type="text" size="50" maxlength="50" name="genre" /><td>
       </tr>
       <tr>
           <td>Cover:</td><td><input class="forms" type="text" size="50" maxlength="50" name="cover" /></td>
       </tr>
       <tr>
           <td>Published:</td><td><input class="forms" value="0000-00-00" type="text" size="50" maxlength="50" name="published" /><td>
       </tr>
       <tr>
           <td>Purchased:</td><td><input class="forms" value="<? echo date ("Y-m-d"); ?>" type="text" size="50" maxlength="50" name="purchased" /><td>
       </tr>
       <tr>
           <td>ISBN:</td><td><input class="forms" type="int" size="50" maxlength="50" name="ISBN" /><td>
       </tr>
       <tr>
           <td>Serial:</td><td><input class="forms" type="int" size="50" maxlength="50" name="serial" /><td>
       </tr>
       </table>
       </label>
       <br /><input type="submit" value="Submit book" />
       </form>
       <img src="../../../i/clear.gif" alt="clear.gif" title="" width="1" height="75" />
       </div>
       <!-- / left div box -->

       <!-- right div box -->
       <div id="right_content">
       <div id="sidebar_blog">
          <? include('../includes/sidebar.php'); ?>
       </div>
       </div>
       <!-- / right div box -->

       <? include('../../includes/footer.php'); ?>
    Need tech support? Are you a techie?
    Then check out TechieHQ - Your Tech Support HeadQuarters

  • #2
    Senior Coder chump2877's Avatar
    Join Date
    Dec 2004
    Location
    the U.S. of freakin' A.
    Posts
    2,778
    Thanks
    19
    Thanked 155 Times in 146 Posts
    and the million dollar question is: what is your script doing that it shouldn;t be doing? Or what is your script not doing?

    It's not clear what the problem is....you should clearly state that somewhere
    Regards, R.J.

    ---------------------------------------------------------

    Help spread the word! Like my YouTube-to-Mp3 Conversion Script on Facebook !! :)
    [Related videos and tutorials are also available at my YouTube channel and on Dailymotion]
    Get free updates about new software version releases, features, and bug fixes!

  • #3
    New Coder
    Join Date
    May 2003
    Posts
    76
    Thanks
    0
    Thanked 0 Times in 0 Posts
    The data is being submited into all for tables, it should only be submitted to the book table.
    Need tech support? Are you a techie?
    Then check out TechieHQ - Your Tech Support HeadQuarters

  • #4
    Senior Coder
    Join Date
    Sep 2005
    Posts
    1,791
    Thanks
    5
    Thanked 36 Times in 35 Posts
    Try changing your tests from using isset() to using !empty().

  • #5
    New Coder
    Join Date
    May 2003
    Posts
    76
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Same thing is happening, the data is getting submitted to all 4 tables.
    Need tech support? Are you a techie?
    Then check out TechieHQ - Your Tech Support HeadQuarters

  • #6
    UE Antagonizer Fumigator's Avatar
    Join Date
    Dec 2005
    Location
    Utah, USA, Northwestern hemisphere, Earth, Solar System, Milky Way Galaxy, Alpha Quadrant
    Posts
    7,691
    Thanks
    42
    Thanked 637 Times in 625 Posts
    You've got four forms, none are uniquely named. You're checking the same field four times to see if it's set, and inserting into a table each time. It's doing exactly what you're telling it to do. Remember PHP processes ALL of the php commands on the page.

    You have four input fields named "title"... how does PHP know which field you are referring to? You need to give unique names to each element, then PHP can distinguish between them.

  • #7
    New Coder
    Join Date
    May 2003
    Posts
    76
    Thanks
    0
    Thanked 0 Times in 0 Posts
    So what you're saying is that I need to either have a different form/page for each table OR name each field differently for each table or change the code?

    Which would be the best way? I do not want separate pages.
    Need tech support? Are you a techie?
    Then check out TechieHQ - Your Tech Support HeadQuarters

  • #8
    Master Coder felgall's Avatar
    Join Date
    Sep 2005
    Location
    Sydney, Australia
    Posts
    6,639
    Thanks
    0
    Thanked 649 Times in 639 Posts
    You could test the value of the submit button to determine which of the four forms was used.
    Stephen
    Learn Modern JavaScript - http://javascriptexample.net/
    Helping others to solve their computer problem at http://www.felgall.com/

    Don't forget to start your JavaScript code with "use strict"; which makes it easier to find errors in your code.

  • #9
    New Coder
    Join Date
    May 2003
    Posts
    76
    Thanks
    0
    Thanked 0 Times in 0 Posts
    How would I do that? I am fairly new to PHP, getting this form to work took a lot.
    Need tech support? Are you a techie?
    Then check out TechieHQ - Your Tech Support HeadQuarters

  • #10
    New Coder
    Join Date
    May 2003
    Posts
    76
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I have updated the code and gave every field a unique name to the table, such as for the books table: btitle, bauthor, etc. I have updated the submission form, but when I add something at the book section, it submits blank data to the DB.
    PHP Code:
    <? include('../includes/config.php'); ?>
    <? 
    include('../../includes/doctype.html'); ?><head>
       <title>Add an item</title>
    <? include('../../includes/header.php'); ?>

       <? include('../../includes/nav_iedb.php'); ?>

       <!-- page description -->
       <? include('../../includes/pi_iedb.php'); ?>
       <!-- / page description -->

       <!-- left div box -->
       <div id="left_content">
       <!-- #### ADD MOVIE #### -->
       <?
       
    if (isset($_POST['mtitle'])) { //Check for a field that is mandatory to do the inserted
          
    $system mysql_escape_string($_POST['msystem']);
          
    $title mysql_escape_string($_POST['mtitle']);
          
    $keyword mysql_escape_string($_POST['mkeyword']);
          
    $rating mysql_escape_string($_POST['mrating']);
          
    $genre mysql_escape_string($_POST['mgenre']);
          
    $year mysql_escape_string($_POST['myear']);
          
    $purchased mysql_escape_string($_POST['mpurchased']);
          
    $ISBN mysql_escape_string($_POST['mISBN']);
          
    $serial mysql_escape_string($_POST['mserial']);
       
    $sql "INSERT INTO movies (msystem, mtitle, mkeyword, mrating, mgenre, myear, mpurchased, mISBN, mserial)
                    VALUES('$msystem','$mtitle','$mkeyword','$mrating','$mgenre','$myear','$mpurchased','$mISBN','$mserial')"
    ;
       
    mysql_query($SQL);
       if (@
    mysql_query($sql)) {
          echo 
    '<em><hr />Your data has been submitted</em><br />';
             } else {
          echo 
    '<p>Error adding submitted info: ' mysql_error(). '</p>';
          }
       }
       
    ?>
       <h3>Submit a movie</h3>
       <br />
       <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
       <label>

       <table>
       <tr>
           <td>System:</td>
           <td><select name="msystem"><optgroup label="Media System:"><option value="DVD" name="mDVD">DVD</option></optgroup></select></td>
       </tr>
       <tr>
           <td>Title:</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="mtitle" /></td>
       </tr>
       <tr>
           <td>Keyword(s):</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="mkeyword" /></td>
       <tr>
           <td>Rating:</td>
           <td><select name="mrating"><optgroup label="Select a Rating:"><option value="-1" name="-1">Select one</option><option value="G" name="G">G</option><option value="PG" name="PG">PG</option><option value="PG-13" name="PG">PG-13</option><option value="R" name="R">R</option><option value="NR" name="NR">NR</option></optgroup></select><td>
       </tr>
       <tr>
           <td>Genre:</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="mgenre" /></td>
       </tr>
       <tr>
           <td>Year:</td>
           <td><input class="forms" value="0000-00-00" type="text" size="50" maxlength="50" name="myear" /><td>
       </tr>
       <tr>
           <td>Purchased:</td>
           <td><input class="forms" value="<? echo date ("Y-m-d"); ?>" type="text" size="50" maxlength="50" name="mpurchased" /><td>
       </tr>
       <tr>
           <td>ISBN:</td>
           <td><input class="forms" type="int" size="50" maxlength="50" name="mISBN" /><td>
       </tr>
       <tr>
           <td>Serial:</td>
           <td><input class="forms" type="int" size="50" maxlength="50" name="mserial" /><td>
       </tr>
       </table>

       </label>
       <br /><input type="submit" value="Submit movie" />
       </form>


       

       <!-- #### ADD TV/DVD #### -->
       <?
       
    if (isset($_POST['tdtitle'])) { //Check for a field that is mandatory to do the inserted
          
    $system mysql_escape_string($_POST['tdsystem']);
          
    $title mysql_escape_string($_POST['tdtitle']);
          
    $keyword mysql_escape_string($_POST['tdkeyword']);
          
    $season mysql_escape_string($_POST['tdseason']);
          
    $genre mysql_escape_string($_POST['tdgenre']);
          
    $year mysql_escape_string($_POST['tdyear']);
          
    $purchased mysql_escape_string($_POST['tdpurchased']);
          
    $ISBN mysql_escape_string($_POST['tdISBN']);
          
    $serial mysql_escape_string($_POST['tdserial']);
       
    $sql "INSERT INTO tvdvd (tdsystem, tdtitle, tdkeyword, tdseason, tdgenre, tdyear, tdpurchased, tdISBN, tdserial)
                    VALUES('$tdsystem','$tdtitle','$tdkeyword','$tdseason','$tdgenre','$tdyear','$tdpurchased','$tdISBN','$tdserial')    "
    ;
       
    mysql_query($SQL);
       if (@
    mysql_query($sql)) {
          echo 
    '<em><hr />Your data has been submitted</em><br />';
             } else {
          echo 
    '<p>Error adding submitted info: ' mysql_error(). '</p>';
          }
       }
       
    ?>
       <h3>Submit a TV / DVD</h3>
       <br />
       <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
       <label>
       
       <table>
       <tr>
           <td>System:</td>
           <td><select name="tdsystem"><optgroup label="Media System:"><option value="TV/DVD" name="TV/DVD">TV/DVD</option></optgroup></select></td>
       </tr>
       <tr>
           <td>Title:</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="tdtitle" /></td>
       </tr>
       <tr>
           <td>Keyword(s):</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="tdkeyword" /></td>
       </tr>
       <tr>
           <td>Season:</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="tdseason" /><td>
       </tr>
       <tr>
           <td>Genre:</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="tdgenre" /></td>
       </tr>
       <tr>
           <td>Year:</td><td><input class="forms" value="0000-00-00" type="text" size="50" maxlength="50" name="tdyear" /><td>
       </tr>
       <tr>
           <td>Purchased:</td>
           <td><input class="forms" value="<? echo date ("Y-m-d"); ?>" type="text" size="50" maxlength="50" name="tdpurchased" /><td>
       </tr>
       <tr>
           <td>ISBN:</td>
           <td><input class="forms" type="int" size="50" maxlength="50" name="tdISBN" /><td>
       </tr>
       <tr>
           <td>Serial:</td>
           <td><input class="forms" type="int" size="50" maxlength="50" name="tdserial" /><td>
       </tr>
       </table>

       </label>
       <br /><input type="submit" value="Submit TV/DVD" />
       </form>




       <!-- #### ADD GAME #### -->
       <?
       
    if (isset($_POST['gtitle'])) { //Check for a field that is mandatory to do the inserted
          
    $system mysql_escape_string($_POST['gsystem']);
          
    $title mysql_escape_string($_POST['gtitle']);
          
    $keyword mysql_escape_string($_POST['gkeyword']);
          
    $publisher mysql_escape_string($_POST['gpublisher']);
          
    $year mysql_escape_string($_POST['gyear']);
          
    $purchased mysql_escape_string($_POST['gpurchased']);
          
    $developer mysql_escape_string($_POST['gdeveloper']);
          
    $genre mysql_escape_string($_POST['ggenre']);
          
    $ISBN mysql_escape_string($_POST['gISBN']);
          
    $serial mysql_escape_string($_POST['gserial']);
       
    $sql "INSERT INTO games (gsystem, gtitle, keyword, gpublisher, gyear, gpurchased, gdeveloper, ggenre, gISBN, gserial)
                    VALUES('$system','$gtitle','$gkeyword','$gpublisher','$gyear','$gpurchased','$gdeveloper','$ggenre','$gISBN','$gserial')    "
    ;
       
    mysql_query($SQL);
       if (@
    mysql_query($sql)) {
          echo 
    '<em><hr />Your data has been submitted</em><br />';
             } else {
          echo 
    '<p>Error adding submitted info: ' mysql_error(). '</p>';
       }
       }
       
    ?>
       <h3>Submit a game</h3>
       <br />
       <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
       <label>

       <table>
       <tr>
           <td>System:</td>
           <td><select name="gsystem"><optgroup label="Game Systems:"><option value="-1" name="-1">Select one</option><option value="GC" name="GC">Game Cube</option><option value="PC" name="PC">PC</option><option value="Xbox" name="Xbox">Xbox</option><option value="Xbox 360" name="Xbox 360">Xbox 360</option></optgroup></select></td>
       </tr>
       <tr>
           <td>Title:</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="gtitle" /></td>
       </tr>
       <tr>
          <td>Keyword(s):</td>
          <td><input class="forms" type="text" size="50" maxlength="50" name="gkeyword" /></td>
       </tr>
       <tr>
           <td>Developer:</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="gdeveloper" /><td>
       </tr>
       <tr>
           <td>Publisher:</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="gpublisher" /></td>
       </tr>
       <tr>
           <td>Year:</td>
           <td><input class="forms" value="0000-00-00" type="text" size="50" maxlength="50" name="gyear" /><td>
       </tr>
       <tr>
           <td>Purchased:</td>
           <td><input class="forms" value="<? echo date ("Y-m-d"); ?>" type="text" size="50" maxlength="50" name="gpurchased" /><td>
       </tr>
       <tr>
           <td>Genre:</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="ggenre" /><td>
       </tr>
       <tr>
           <td>ISBN:</td>
           <td><input class="forms" type="int" size="50" maxlength="50" name="gISBN" /><td>
       </tr>
       <tr>
           <td>Serial:</td>
           <td><input class="forms" type="int" size="50" maxlength="50" name="gserial" /><td>
       </tr>
       </table>

       </label>
       <br /><input type="submit" value="Submit game" />
       </form>



       <!-- #### ADD BOOK #### -->
       <?
       
    if (isset($_POST['btitle'])) { //Check for a field that is mandatory to do the inserted
          
    $title mysql_escape_string($_POST['btitle']);
          
    $author mysql_escape_string($_POST['bauthor']);
          
    $genre mysql_escape_string($_POST['gbenre']);
          
    $cover mysql_escape_string($_POST['bcover']);
          
    $purchased mysql_escape_string($_POST['bpurchased']);
          
    $published mysql_escape_string($_POST['bpublished']);
          
    $ISBN mysql_escape_string($_POST['bISBN']);
          
    $serial mysql_escape_string($_POST['bserial']);
       
    $sql "INSERT INTO books (btitle, bauthor, bgenre, bcover, bpurchased, bpublished, bISBN, bserial)
                    VALUES('$btitle','$bauthor','$bgenre','$bcover','$bpurchased','$bpublished','$bISBN','$bserial')"
    ;
       
    mysql_query($SQL);
       if (@
    mysql_query($sql)) {
          echo 
    '<em><hr />Your data has been submitted</em><br />';
             } else {
          echo 
    '<p>Error adding submitted info: ' mysql_error(). '</p>';
          }
       }
       
    ?>
       <h3>Submit a book</h3>
       <br />
       <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
       <label>

       <table>
       <tr>
          <td>Title:</td>
          <td><input class="forms" type="text" size="50" maxlength="50" name="btitle" /></td>
       </tr>
       <tr>
           <td>Author:</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="bauthor" /></td>
       <tr>
           <td>Genre:</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="bgenre" /><td>
       </tr>
       <tr>
           <td>Cover:</td>
           <td><input class="forms" type="text" size="50" maxlength="50" name="bcover" /></td>
       </tr>
       <tr>
           <td>Published:</td>
           <td><input class="forms" value="0000-00-00" type="text" size="50" maxlength="50" name="bpublished" /><td>
       </tr>
       <tr>
           <td>Purchased:</td>
           <td><input class="forms" value="<? echo date ("Y-m-d"); ?>" type="text" size="50" maxlength="50" name="bpurchased" /><td>
       </tr>
       <tr>
           <td>ISBN:</td>
           <td><input class="forms" type="int" size="50" maxlength="50" name="bISBN" /><td>
       </tr>
       <tr>
           <td>Serial:</td>
           <td><input class="forms" type="int" size="50" maxlength="50" name="bserial" /><td>
       </tr>
       </table>

       </label>
       <br /><input type="submit" value="Submit book" />
       </form>
       <img src="../../../i/clear.gif" alt="clear.gif" title="" width="1" height="75" />
       </div>
       <!-- / left div box -->

       <!-- right div box -->
       <div id="right_content">
       <div id="sidebar_blog">
          <? include('../includes/sidebar.php'); ?>
       </div>
       </div>
       <!-- / right div box -->

       <? include('../../includes/footer.php'); ?>
    Need tech support? Are you a techie?
    Then check out TechieHQ - Your Tech Support HeadQuarters

  • #11
    New Coder
    Join Date
    May 2003
    Posts
    76
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Anyone?
    Need tech support? Are you a techie?
    Then check out TechieHQ - Your Tech Support HeadQuarters

  • #12
    Regular Coder
    Join Date
    Jan 2003
    Posts
    867
    Thanks
    4
    Thanked 8 Times in 8 Posts
    PHP Code:
       if (isset($_POST['mtitle'])) { //Check for a field that is mandatory to do the inserted
          
    $system mysql_escape_string($_POST['msystem']);
          
    $title mysql_escape_string($_POST['mtitle']);
          
    $keyword mysql_escape_string($_POST['mkeyword']);
          
    $rating mysql_escape_string($_POST['mrating']);
          
    $genre mysql_escape_string($_POST['mgenre']);
          
    $year mysql_escape_string($_POST['myear']);
          
    $purchased mysql_escape_string($_POST['mpurchased']);
          
    $ISBN mysql_escape_string($_POST['mISBN']);
          
    $serial mysql_escape_string($_POST['mserial']);
       
    $sql "INSERT INTO movies (msystem, mtitle, mkeyword, mrating, mgenre, myear, mpurchased, mISBN, mserial)
                    VALUES('$msystem','$mtitle','$mkeyword','$mrating','$mgenre','$myear','$mpurchased','$mISBN','$mserial')"

    You set the value of $system but your SQL statement inserts the value of $msystem. Same for $title and $mtitle, and so on.

  • #13
    New Coder
    Join Date
    May 2003
    Posts
    76
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Ugh, I completley over looked that! Thank you for pointing it out.
    Need tech support? Are you a techie?
    Then check out TechieHQ - Your Tech Support HeadQuarters


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •