PHP / MsSQL - Page 4

willscarlet · 12-18-2012, 02:23 PM

I thought it was already POST. How do I change it, sir?

Fou-Lu · 12-18-2012, 02:32 PM

Add method="post" attribute to the form element.

willscarlet · 12-18-2012, 02:42 PM

I'm an idiot, I forgot that I had goten rid of that. now in submit, it is throwing this out on a solid white page:

Array ( [0] => Array ( [0] => IMSSP [SQLSTATE] => IMSSP [1] => -57 [code] => -57 [2] => String keys are not allowed in parameters arrays. [message] => String keys are not allowed in parameters arrays. ) )

Fou-Lu · 12-18-2012, 02:52 PM

Interesting choice of an error description. Not at all clear.
Try this: if (false === ($stmt = sqlsrv_query($conn, $sQry, array_values$aSubmitted)))) and see if that makes a difference. *Sounds* to me that it doesn't like associative arrays, which of course makes no sense.

willscarlet · 12-18-2012, 02:58 PM

That is throwing a generic 500 internal error.
Also tried taking the 4th ) away from the end. Same end result though.

Fou-Lu · 12-18-2012, 03:18 PM

You need the forth one. I was missing the opening here: array_values(

willscarlet · 12-18-2012, 08:18 PM

Fantastic, this is working great so far. you guys are awesome. I promise after this project I am never messing with PHP and MsSQL again, going back to MySQL, maybe I wont have to bug you guys as much then

anyways thanks a bunch. Ima go make a new post.

PHP Code:


			
<?php

include 'includes/db/connect.php';



error_reporting(E_ALL); 

ini_set("display_errors", "on");



/**

First thing, we create a function that will make your data safe! 

**/ 

function mssql_escape($data) { 

    if(is_numeric($data)) 

        return $data; 

    $unpacked = unpack('H*hex', $data); 

    return '0x' . $unpacked['hex']; 

} 



if (isset($_POST['LOWNUMBER'])) {

    

    $aAllowed = array(    'StreetPrefix', 

                        'StreetName', 

                        'StreetSuffix', 

                        'StreetPostDir', 

                        'COMMUNITY',

                        'LOWNUMBER',

                        'HighNumber',

                        'EOB',

                        'ESN',

                        'TELCO',

                        'PostOffice',

                        'ZONE',

                        'MAP',

                        'DateEntered',

                        'DateUpdated',

                        'Comment',

                        ); // all the allowed items.

function removeUnknowns(&$item, $key, array $aAllowed)

{

    if (!in_array($key, $aAllowed))

    {

        $item = "";

    }

}



$aSubmitted = $_POST;

array_walk($aSubmitted, 'removeUnknowns', $aAllowed);

$aSubmitted = array_filter($aSubmitted);



$sFields = implode('], [', array_keys($aSubmitted));

$sReplacement = rtrim(str_repeat('?, ', count($aSubmitted)), ', ');

$sQry = "INSERT INTO [MSAG] ([$sFields]) VALUES ($sReplacement)";



if (false === ($stmt = sqlsrv_query($conn, $sQry, array_values($aSubmitted))))

{

    die(print_r(sqlsrv_errors(), true));

}  



}

?>



<?php include 'includes/head/head_main.php'; ?> 



<div id = "top_content"> 

<body> 



<?php include 'includes/header/header_main.php'; ?> 



<h1>Add New Record</h1> 



<div id = "enter_record"> 



</center> 

<div id = "modify"> 



<form id="login" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method = "post" >



<table>

<tr>

<td>Pre Dir:    <br><input type="text" name="StreetPrefix"> <br></td>

<td>Street:     <br><input type="text" name="StreetName"> <br></td>

<td>Suffix:     <br><input type="text" name="StreetSuffix"> <br></td>

<td>Post Dir:   <br><input type="text" name="StreetPostDir"> <br></td>

<td>Community:  <br><input type="text" name="COMMUNITY"> <br></td>

</tr></table>

<br>



<table>

<tr>

<td>Low:    <br><input type="text" name="LOWNUMBER"> <br></td>

<td>High:   <br><input type="text" name="HighNumber"> <br></td>

<td>EOB:    <br><input type="text" name="EOB"> <br></td>

<td>ESN:    <br><input type="text" name="ESN"> <br></td>

</tr>

</table>

<br>



<table>

<tr>

<td>Telco:  <br><input type="text" name="TELCO"> <br></td>

<td>ZIP:    <br><input type="text" name="PostOffice"> <br></td>

<td>Zone:   <br><input type="text" name="ZONE"> <br></td>

<td>Map:    <br><input type="text" name="MAP"> <br></td>

</tr>

</table>

<br>



<table> 

<tr> 

<td>Entered:    <br><input type="text" name="DateEntered"> <br></td> 

<td>Modified:   <br><input type="text" name="DateUpdated"> <br></td> 

</tr> 

</table> 

<br> 



<table> 

<tr> 

<td>Comments:    <br><input type="text" name="Comment"> <br></td> 

</tr> 

</table> 

<br> 

</div> 



<input type="submit" align = "left" name="submit" value="Submit"/> 

</table> 



</form> 

<br>     



</div>

Fou-Lu · 12-18-2012, 08:44 PM

You can remove this since it's unused now:

PHP Code:


			
/**
First thing, we create a function that will make your data safe! 
**/ 
function mssql_escape($data) { 
    if(is_numeric($data)) 
        return $data; 
    $unpacked = unpack('H*hex', $data); 
    return '0x' . $unpacked['hex']; 
}

rajdeep01 · 12-24-2012, 08:40 AM

To create 'examples' database on your MSSQL Server you should run the following script:
CREATE DATABASE examples;
USE examples;
CREATE TABLE cars(
id int UNIQUE NOT NULL,
name varchar(40),
year varchar(50),
PRIMARY KEY(id)
);

INSERT INTO cars VALUES(1,'Mercedes','2000');
INSERT INTO cars VALUES(2,'BMW','2004');
INSERT INTO cars VALUES(3,'Audi','2001');