[Scoobler]

Hi people, I have a problem, I have created a page that I want to use to insert data into a MySQL database, the database name is riflemans, and the table in question is called whatson. i created the following page to use to update the entries:

PHP Code:

<?php

//This is, if you like the index page, it will be shown by default:

function indi() {

echo '<title>--::The Riflemans Arms - Events Entry Page::--</title>';

echo '<p></p>';

echo '<p align=center><font size=6><u>Riflemans Arms</u></font></p>';

echo '<p></p>';

echo '<p align=center><font size=4>Events Entry Page</font></p>';

echo '<p></p>';

echo '**In order to add an event you will need to have the password. If you forget ';

echo 'the password, please contact the <a href=mailto:woody@scoobler.com>WebMaster</a>**';

echo '<p></p>';

echo '<form action=`events.php?function=process` method=POST>';

echo '<table>';

echo '<tr><td>';

echo '<p align=center><font size=4>Events Entry Page</font></p>';

echo '</tr></td>';

echo '<tr><td>';

echo 'User Password: <i><a href=events.php?function=password>Help</a></i>';

echo '</td><td>';

echo '<input type=password name=PASSWORD size=33>';

echo '</td></tr>';

echo '<tr><td>';

echo '<b>Event Date: <i><a href=events.php?function=date>Help</a></i></b>';

echo '</td><td>';

echo '<input type=text name=DATE size=33>';

echo '</td></tr>';

echo '<b>Event Name: <i><a href=events.php?function=name>Help</a></i></b>';

echo '</td><td>';

echo '<input type=text name=NAME size=33>';

echo '</td></tr>';

echo '<tr><td>';

echo '<b>Event Description: <i><a href=events.php?function=description>Help</a></i></b>';

echo '</td><td>';

echo '<textarea rows="6" name=DESCRIPTION cols="25"></textarea>';

echo '</td></tr>';

echo '<tr><td>';

echo '<b>Event Expiry Date: <i><a href=events.php?function=expiry>Help</a></i></b>';

echo '</td><td>';

echo '<input type=text name=EXPIRY size=33>';

echo '</td></tr>';

echo '<tr><td>';

echo '<input type=SUBMIT value=SUBMIT>';

echo '</td><td>';

echo '<input type=RESET value=`CLEAR FORM`>';

echo '</td></tr>';

echo '</table>';

echo '</form>';

}

//This is the page that processes the form results:

function one() {

echo '<title>--::The Riflemans Arms - Events Entry **SUCCESS** Page::--</title>';

echo '<p></p>';

echo '<p align=center><font size=6><u>Riflemans Arms</u></font></p>';

echo '<p></p>';



if ("$_POST[PASSWORD]" = 1989)



{

    $dbhost = 'localhost'; // access point to the database, normally "localhost"

    $dbusername = '****'; // The database user name.

    $dbpassword = '********'; // The database password.

    $dbname = 'riflemans'; // The database's name.

    $link = mysql_connect($dbhost, $dbusername, $dbpasswd)

          or die("Could not connect: " . mysql_error());

          print ("Connected to $dbhost successfully.......");

    $select = mysql_select_db($dbname)

          or die("Could not connect to database: " . mysql_error());

          print ("Connected to '$_POST[dbname]' successfully.......");

    

   $sql = 'INSERT INTO whatson VALUES ( `$_POST[DATE]`, `$_POST[NAME]`, `$_POST[DESCRIPTION]`, `$_POST[EXPIRY]`);';

    

    $result = mysql_query($sql);

    if ($result)

       {

       echo("Successfully executed the database manipulation!");

       }

       else

       {

       echo("Error executing you request, please check and try again! <a href=events.php>Events Entry Page</a>");

}

else

{

    echo("Sorry you entered a incorrect or inactive password, please check and try again <a href=events.php>Events Entery Page</a>");

}

}

// This is the help page for the password field:

function two() {

echo '<title>--::The Riflemans Arms - Events **HELP** Page::--</title>';

echo '<p></p>';

echo '<p align=center><font size=6><u>Riflemans Arms</u></font></p>';

echo '<p></p>';

echo '<b>The Password field:</b>';

echo '<br>This field has been added to stop unautherised personnel posting events.';

echo '<br></br>';

echo '<br>The password was issued by the <a href=mailto:woody@scoobler.com>WebMaster</a>.';

echo '<br>If you have forgotten the password please contact the <a href=mailto:woody@scoobler.com>WebMaster</a> via email.';

}

// This is the help page for the name field:

function three() {

echo '<title>--::The Riflemans Arms - Events **HELP** Page::--</title>';

echo '<p></p>';

echo '<p align=center><font size=6><u>Riflemans Arms</u></font></p>';

echo '<p></p>';

echo '<b>The Name field:</b>';

echo '<br>This field is where you give the up and goming event a simple name. E.G. `Disco Night`';

}

// This is the help page for the description field:

function three() {

echo '<title>--::The Riflemans Arms - Events **HELP** Page::--</title>';

echo '<p></p>';

echo '<p align=center><font size=6><u>Riflemans Arms</u></font></p>';

echo '<p></p>';

echo '<b>The Description field:</b>';

echo '<br>This field is where you can write a detailed description of the up and coming event.';

echo '<br>You can include HTML in your description to give the description more character.';

}

// This is the help page for the expiry field:

function three() {

echo '<title>--::The Riflemans Arms - Events **HELP** Page::--</title>';

echo '<p></p>';

echo '<p align=center><font size=6><u>Riflemans Arms</u></font></p>';

echo '<p></p>';

echo '<b>The Expiry field:</b>';

echo '<br>This field is where you give the up and goming event an EXPIRY date.';

echo '<br>The Events page works by asking the database of any events who`s Expiry date is after that days date.';

echo ' Therefore set the expiry date to the last day you want the event to be shown up to. After the Expiry date';

echo ' the event will no longer appear on the Events Page.';

}

// This is the help page for the date field:

function three() {

echo '<title>--::The Riflemans Arms - Events **HELP** Page::--</title>';

echo '<p></p>';

echo '<p align=center><font size=6><u>Riflemans Arms</u></font></p>';

echo '<p></p>';

echo '<b>The Date field:</b>';

echo '<br>This field is where you give the up and goming event an DATE.';

echo '<br>The Events page arranges the events by their up and coming date.';

echo ' Therefore set the date to the day when the event will occur.';

}

// This is the switch function which tells the page which section of code to display.

switch($function)

{

    default:

    indi();

    break;

    case "process":

    one();

    break;

    case "password":

    two();

    break;

    case "name":

    three();

    break;

    case "description":

    four();

    break;

    case "expiry":

    five();

    break;

    case "date":

    six();

}

?>

I think the main problems are:

if ("$_POST[PASSWORD]" = 1989)
I want the user to enter the 'password' so only people I want can enter details!

and:

PHP Code:

$sql = 'INSERT INTO whatson VALUES ( `$_POST[DATE]`, `$_POST[NAME]`, `$_POST[DESCRIPTION]`, `$_POST[EXPIRY]`);'; 

Because I was really just guessing!

The table details are set out like this:
Field, Type, Attributes, Null, Default, Extra,
id, double, , No, , auto_increment
ord, date, , No, 0000-00-00, ,
heading, varchar(100), , No, , ,
detail, text, , No, , ,
expiry, date, , No, 0000-00-00, ,

Can anyone help at all??

Thanks in advanced!

[blaw]

Hello,

What error did you get? If no error, how is it different from what you want?

Also, just so you know,

PHP Code:

if ("$_POST[PASSWORD]" = 1989) 

This line tells PHP If it is possible to assign the value 1989 to $_POST['PASSWORD'], then do so and excute the subsequent code block ( your codes surrounded with { and } ).

If you want to check whether this post var contains the value "1989" and nothing else, you need to use this instead of assignment operator (=):

PHP Code:

if ("$_POST[PASSWORD]" == 1989) 

Note the two ='s.

Finally, you should enclose the key of array variables with quotes (single or double) like this:

PHP Code:

$_POST['PASSWORD'] 

Hope this helps.

[Scoobler]

Yeah i did want to check the entry in the "password field", so i have changed the script so it now looks like:

PHP Code:

if ("$_POST[PASSWORD]" == 1989)







    $sql = 'INSERT INTO whatson VALUES ( `$_POST["DATE"]`, `$_POST["NAME"]`, `$_POST["DESCRIPTION"]`, `$_POST["EXPIRY"]`);'; 

Once I hit submit it is connecting to the datebase, but it isn't running the SQL command, i changed it to look like above but still isn't working, is it because i have not entered a value for the id filed which isan auto_int..?

If not can anyone see what would be wrong with that?

Thanks so far!

[NeverMind]

you didn't close the first IF statment block !!
so before this last else add another } and it should work ..

as for the SQL query, what you will insert is this :
$_POST["DATE"],$_POST["NAME"],$_POST["DESCRIPTION"] and `$_POST["EXPIRY"] but not their values !!

you want this to take it's values? you need to use double quotes here and use single quotes for the keys of the _POST array :

PHP Code:

$sql = "INSERT INTO whatson VALUES ('{$_POST['DATE']}', '{$_POST['NAME']}', '{$_POST['DESCRIPTION']}', '{$_POST['EXPIRY']}')";

#     OR     #

$sql = "INSERT INTO whatson VALUES ('".$_POST['DATE']."', '".$_POST['NAME']."', '".$_POST['DESCRIPTION']."', '".$_POST['EXPIRY']."')"; 

[Scoobler]

Cheers NeverMind and blaw, its working, thanks alot dudes!

[Scoobler]

Actually one last thing, how do I call a value from the database and display it on screen, so for example, how would I show the data they have just entered, if it was successfully entered into the database?

Presumably it would go into:

PHP Code:

$result = mysql_query($sql);

if ($result)

{

echo("Successfully executed the database manipulation!");

###THIS AREA###

} 

The main reason I ask, is I have a very similar page to this for notices, but instead of those being ordered by date, they are ordered by a number, so i was going to tell the user what the hihest entery is so far, so they know where the set the next notice?

[NeverMind]

you could use mysql_affected_rows()..
something like this should do :

PHP Code:

$result = mysql_query($sql); 

$num = mysql_affected_rows();



if ($num > 0) {

echo("Successfully executed the database manipulation!");

} else {

echo'Faild to insert the new record!';

} 

the ones you mentioned will work all the time I assume, because if the query failed, it will return 0 (False) !
so you may want to use empty() to make sure the value of $result is neither 0 (false) nor empty ..
so something like this should work :

PHP Code:

 $result = mysql_query($sql);

if (!empty($result))

{

echo("Successfully executed the database manipulation!");

###THIS AREA###

} else {

echo'Faild to insert the new record!';

} 

[tolga]

You can also use mysql_real_escape_string() function. Like:

PHP Code:

$date = mysql_real_escape_string($_POST['DATE']);

$name = mysql_real_escape_string($_POST['NAME']);

$description = mysql_real_escape_string($_POST['DESCRIPTIıON']);

$expiry = mysql_real_escape_string($_POST['EXPIRY']);

$sql = "INSERT INTO whatson VALUES ($date, $name,$description,$expiry)"; 

I hope this is right

[job0107]

I was examining your code and I noticed besides the other problems that were corrected,
you seem to have a few minor problems in your table design.
I reorganized you table code so it is easier to read.
One thing you should keep in mind when creating tables, is to keep all your <td></td> on one line.
As some browsers (IE) will add spaces where you don't want them.

Also you are echoing each line of code causing the PHP interpreter to work much harder than it has to.

And you had three functions with the same name.

I made some suggested corrections.

PHP Code:

<?php

//This is, if you like the index page, it will be shown by default:

function indi()

{

 echo '<title>--::The Riflemans Arms - Events Entry Page::--</title>

       <p></p>

       <p align=center><font size=6><u>Riflemans Arms</u></font></p>

       <p></p>

       <p align=center><font size=4>Events Entry Page</font></p>

       <p></p>

       **In order to add an event you will need to have the password. If you forget

       the password, please contact the <a href=mailto:woody@scoobler.com>WebMaster</a>**

       <p></p>

       <form action=`events.php?function=process` method=POST>

        <table>

         <tr>

          <td colspan=2><p align=center><font size=4>Events Entry Page</font></p></td>

         </tr>

         <tr>

          <td>User Password: <i><a href=events.php?function=password>Help</a></i></td>

          <td><input type=password name=PASSWORD size=33></td>

         </tr>

         <tr>

          <td><b>Event Date: <i><a href=events.php?function=date>Help</a></i></b></td>

          <td><input type=text name=DATE size=33></td>

         </tr>

         <tr>

          <td><b>Event Name: <i><a href=events.php?function=name>Help</a></i></b></td>

          <td><input type=text name=NAME size=33></td>

         </tr>

         <tr>

          <td valign="top"><b>Event Description: <i><a href=events.php?function=description>Help</a></i></b></td>

          <td><textarea rows="6" name=DESCRIPTION cols="25"></textarea></td>

         </tr>

         <tr>

          <td><b>Event Expiry Date: <i><a href=events.php?function=expiry>Help</a></i></b></td>

          <td><input type=text name=EXPIRY size=33></td>

         </tr>

         <tr>

          <td><input type=SUBMIT value=SUBMIT></td>

          <td><input type=RESET value=`CLEAR FORM`></td>

         </tr>

        </table>

       </form>';

 }



//This is the page that processes the form results:

function one()

{

 echo '<title>--::The Riflemans Arms - Events Entry **SUCCESS** Page::--</title>

       <p></p>

       <p align=center><font size=6><u>Riflemans Arms</u></font></p>

       <p></p>';

 if($_POST["PASSWORD"] == 1989)

 {

  $dbhost = 'localhost'; // access point to the database, normally "localhost"

  $dbusername = '****'; // The database user name.

  $dbpassword = '********'; // The database password.

  $dbname = 'riflemans'; // The database's name.

  $link = mysql_connect($dbhost, $dbusername, $dbpasswd) or die("Could not connect: " . mysql_error());

  print ("Connected to $dbhost successfully.......");

  $select = mysql_select_db($dbname) or die("Could not connect to database: " . mysql_error());

  print ("Connected to '$_POST[dbname]' successfully.......");

  $sql = "INSERT INTO whatson VALUES ('".$_POST["DATE"]."','".$_POST["NAME"]."','".$_POST["DESCRIPTION"]."','".$_POST["EXPIRY"]."')";

  $result = mysql_query($sql);

  if ($result)

  {

   echo("Successfully executed the database manipulation!");

   }

  else

  {

   echo("Error executing you request, please check and try again! <a href=events.php>Events Entry Page</a>");

   }

  }

 else

 {

  echo("Sorry you entered a incorrect or inactive password, please check and try again <a href=events.php>Events Entery Page</a>");

  }

 }



// This is the help page for the password field:

function two()

{

 echo '<title>--::The Riflemans Arms - Events **HELP** Page::--</title>

       <p></p>

       <p align=center><font size=6><u>Riflemans Arms</u></font></p>

       <p></p>

       <b>The Password field:</b>

       <br>This field has been added to stop unautherised personnel posting events.

       <br></br>

       <br>The password was issued by the <a href=mailto:woody@scoobler.com>WebMaster</a>.

       <br>If you have forgotten the password please contact the <a href=mailto:woody@scoobler.com>WebMaster</a> via email.';

 }

 

// This is the help page for the name field:

function three()

{

 echo '<title>--::The Riflemans Arms - Events **HELP** Page::--</title>

       <p></p>

       <p align=center><font size=6><u>Riflemans Arms</u></font></p>

       <p></p>

       <b>The Name field:</b>

       <br>This field is where you give the up and goming event a simple name. E.G. `Disco Night`';

 }

 

// This is the help page for the description field:

function four()

{

 echo '<title>--::The Riflemans Arms - Events **HELP** Page::--</title>

       <p></p>

       <p align=center><font size=6><u>Riflemans Arms</u></font></p>

       <p></p>

       <b>The Description field:</b>

       <br>This field is where you can write a detailed description of the up and coming event.

       <br>You can include HTML in your description to give the description more character.';

 }

 

// This is the help page for the expiry field:

function five()

{

 echo '<title>--::The Riflemans Arms - Events **HELP** Page::--</title>

       <p></p>

       <p align=center><font size=6><u>Riflemans Arms</u></font></p>

       <p></p>

       <b>The Expiry field:</b>

       <br>This field is where you give the up and goming event an EXPIRY date.

       <br>The Events page works by asking the database of any events who`s Expiry date is after that days date.

       Therefore set the expiry date to the last day you want the event to be shown up to. After the Expiry date

       the event will no longer appear on the Events Page.';

 }

 

// This is the help page for the date field:

function six()

{

 echo '<title>--::The Riflemans Arms - Events **HELP** Page::--</title>

       <p></p>

       <p align=center><font size=6><u>Riflemans Arms</u></font></p>

       <p></p>

       <b>The Date field:</b>

       <br>This field is where you give the up and goming event an DATE.

       <br>The Events page arranges the events by their up and coming date.

       Therefore set the date to the day when the event will occur.';

 }

 

// This is the switch function which tells the page which section of code to display.

switch($function)

{

 case "process":

  one();

  break;

 case "password":

  two();

  break;

 case "name":

  three();

  break;

 case "description":

  four();

  break;

 case "expiry":

  five();

  break;

 case "date":

  six();

  break;

 default:

  indi();

 }

?>

[UnrealEd]

No offence guys, but this topic is 4 years old. I think the OP already found his answer and isn't going to look for another suggestion now

Closing topic...