SQL is not retrieving the form data on certain fields.

Not sure why, but my sql statement is not retrieving what my form is sending out.  I have triple checked to make sure the variables are correct.  I'm not sure if it means anything, but the two that are not being retrieved are longtext strings in phpMyAdmin.

                   $strProviderservice = $_REQUEST['strProviderservice'];
            $strCompanyname = $_REQUEST['strCompanyname'];
            $strOwner = $_REQUEST['strOwner'];
            $strAddress = $_REQUEST['strAddress'];
            $strTown = $_REQUEST['strTown'];
            $strZipcode = $_REQUEST['strZipcode'];
            $strPhone = $_REQUEST['strPhone'];
            $str2ndphone = $_REQUEST['str2ndphone'];
            $strMobile = $_REQUEST['strMobile'];
            $strPager = $_REQUEST['strPager'];
            $strFax = $_REQUEST['strFax'];
            $strEmail = $_REQUEST['strEmail'];
            $strWebsite = $_REQUEST['strWebsite'];
            $strInbusiness_since = $_REQUEST['strInbusiness_since'];
            $strLicense = $_REQUEST['strLicense'];
            $strInsured = $_REQUEST['strInsured'];
            $strBonded = $_REQUEST['strBonded'];
            $strHours = $_REQUEST['strHours'];
            $str24houremerg = $_REQUEST['str24houremerg'];
            $strServicesoffered = $_REQUEST['strServicesoffered'];
            $strOtherservices = $_REQUEST['strOtherservices'];
            $strServicearea = $_REQUEST['strServicearea'];
            $strFreeestimate = $_REQUEST['strFreeestimate'];
            $strWorkguaranteed = $_REQUEST['strWorkguaranteed'];
            $strProvidertagline = $_REQUEST['strProvidertagline'];
            $strAd_size = $_REQUEST['strAd_size'];

$SQL = "INSERT INTO tblAdspace VALUES"
     . "("
     . "strProviderservice, strCompanyname, strOwner, strAddress, strTown, "
     . "strZipcode, strPhone, str2ndphone, "
     . "strMobile, strPager, strFax, "
     . "strEmail, strWebsite, strLicense, "
     . "strBonded, strHours, str24houremerg, strServicesoffered, "
     . "strOtherservices, strServicearea, strFreeestimate, strWorkguaranteed, strProvidertagline, strAd_size"
     . ") "
     . "VALUES("
     . "'" . $strProviderservice . "',"
     . "'" . $strCompanyname . "',"
     . "'" . $strOwner . "',"
     . "'" . $strAddress . "',"
     . "'" . $strTown . "',"
     . "'" . $strZipcode . "',"
     . "'" . $strPhone . "',"
     . "'" . $str2ndphone . "',"
     . "'" . $strMobile . "',"
     . "'" . $strPager . "',"
     . "'" . $strFax . "',"
     . "'" . $strEmail . "',"
     . "'" . $strWebsite . "',"
     . "'" . $strLicense . "',"
     . "'" . $strBonded . "',"
     . "'" . $strHours . "',"
     . "'" . $str24houremerg . "',"
     . "'" . str_replace("'", "''", $strOtherservices) . "',"
       . "'" . str_replace("'", "''", $strServicesoffered) . "', "
     . "'" . $strServicearea . "',"
     . "'" . $strFreeestimate . "',"
     . "'" . $strWorkguaranteed . "',"
     . "'" . str_replace("'", "''", $strProvidertagline) . "',"
     . "'" . $strAd_size . "'"
     . ") ";
      
       echo $SQL;
       die;
LVL 1
pingeyegAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

pingeyegAuthor Commented:
This is kind of bits and pieces of the whole page.  Didn't think you would need the entire page.
0
Vel EousResearch & Development ManagerCommented:
Have you tried changing the attribute type to VARCHAR() just to see if it is the data type that is causing an issue ?

Just out of curiosity, why are you concatinating all your attribute values into your DB ?
0
OscurochuCommented:
try doing this:
<?
print "<pre>";
print $SQL;
print "</pre>";
?>

at the end of your page and see if the variables are being passed correctly.

if they aren't, try this:

before assigning variables that use the $_REQUEST variable, assign the $_REQUEST variable yourself like this:

$_REQUEST = ( isset($_REQEST) && !empty($_REQUEST) ) ? $_REQUEST : array_merge($_GET, $_POST);
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

OscurochuCommented:
with further studying of your code, i've noticed something else. your sql is formatted incorrectly, and the syntax is wrong (line 1, char 24-29). this should be correct now:

$SQL = "INSERT INTO tblAdspace
     . "("
     . "strProviderservice, strCompanyname, strOwner, strAddress, strTown, "
     . "strZipcode, strPhone, str2ndphone, "
     . "strMobile, strPager, strFax, "
     . "strEmail, strWebsite, strLicense, "
     . "strBonded, strHours, str24houremerg, strServicesoffered, "
     . "strOtherservices, strServicearea, strFreeestimate, strWorkguaranteed, strProvidertagline, strAd_size"
     . ") "
     . "VALUES("
     . "'" . $strProviderservice . "',"
     . "'" . $strCompanyname . "',"
     . "'" . $strOwner . "',"
     . "'" . $strAddress . "',"
     . "'" . $strTown . "',"
     . "'" . $strZipcode . "',"
     . "'" . $strPhone . "',"
     . "'" . $str2ndphone . "',"
     . "'" . $strMobile . "',"
     . "'" . $strPager . "',"
     . "'" . $strFax . "',"
     . "'" . $strEmail . "',"
     . "'" . $strWebsite . "',"
     . "'" . $strLicense . "',"
     . "'" . $strBonded . "',"
     . "'" . $strHours . "',"
     . "'" . $str24houremerg . "',"
     . "'" . str_replace("'", "''", $strOtherservices) . "',"
       . "'" . str_replace("'", "''", $strServicesoffered) . "', "
     . "'" . $strServicearea . "',"
     . "'" . $strFreeestimate . "',"
     . "'" . $strWorkguaranteed . "',"
     . "'" . str_replace("'", "''", $strProvidertagline) . "',"
     . "'" . $strAd_size . "'"
     . ") ";
0
pingeyegAuthor Commented:
Oscurochu, with your code I am getting a parse error:  Line  . "("
0
pingeyegAuthor Commented:
Ok, Oscurochu, I found what was missing in your code, but it still isn't working.  I don't think the problem lies in the sql statement, I think the problem is in the $_REQUEST portion of the page, because most of the values are being brought in, only two aren't.  The two that aren't are formatted in phpMyAdmin as Longtext.
0
pingeyegAuthor Commented:
Tchuki, what do you mean by using the VARCHAR() ?
0
Vel EousResearch & Development ManagerCommented:
Why are you concatinating your vars into the DB ?

What are the column attribute names in your tblAdspace ?
0
pingeyegAuthor Commented:
I was told it would be easier to read the code towards troubleshooting.
0
Vel EousResearch & Development ManagerCommented:
In your DB, change the data type of the longtext attributes to VARCHAR()


<?PHP

$strProviderservice = $_POST['strProviderservice'];
$strCompanyname = $_POST['strCompanyname'];
$strOwner = $_POST['strOwner'];
$strAddress = $_POST['strAddress'];
$strTown = $_POST['strTown'];
$strZipcode = $_POST['strZipcode'];
$strPhone = $_POST['strPhone'];
$str2ndphone = $_POST['str2ndphone'];
$strMobile = $_POST['strMobile'];
$strPager = $_POST['strPager'];
$strFax = $_POST['strFax'];
$strEmail = $_POST['strEmail'];
$strWebsite = $_POST['strWebsite'];
$strInbusiness_since = $_POST['strInbusiness_since'];
$strLicense = $_POST['strLicense'];
$strInsured = $_POST['strInsured'];
$strBonded = $_POST['strBonded'];
$strHours = $_POST['strHours'];
$str24houremerg = $_POST['str24houremerg'];
$strServicesoffered = $_POST['strServicesoffered'];
$strOtherservices = $_POST['strOtherservices'];
$strServicearea = $_POST['strServicearea'];
$strFreeestimate = $_POST['strFreeestimate'];
$strWorkguaranteed = $_POST['strWorkguaranteed'];
$strProvidertagline = $_POST['strProvidertagline'];
$strAd_size = $_POST['strAd_size'];

$srtOtherservices = str_replace("'", "''", $strOtherservices);
$strServicesoffered = str_replace("'", "''", $strServicesoffered);
$strProvidertagline = str_replace("'", "''", $strProvidertagline);


$SQL = ("INSERT INTO tblAdspace
(strProviderservice, strCompanyname, strOwner, strAddress, strTown, strZipcode, strPhone, str2ndphone, strMobile, strPager, strFax, strEmail, strWebsite, strLicense, strBonded, strHours, str24houremerg, strServicesoffered, strOtherservices, strServicearea, strFreeestimate, strWorkguaranteed, strProvidertagline, strAd_size)
VALUES
('$strProviderservice', '$strCompanyname', '$strOwner', '$strAddress', '$strTown', '$strZipcode', '$strPhone', '$str2ndphone', '$strMobile', '$strPager', '$strFax, $strEmail', '$strWebsite', '$strLicense', '$strBonded', '$strHours', '$str24houremerg', '$strServicesoffered', '$strOtherservices', '$strServicearea', '$strFreeestimate', '$strWorkguaranteed', '$strProvidertagline', '$strAd_size')")
or die ("Could not insert values into DB tblAdspace: " . mysql_error());

        
?>
0
pingeyegAuthor Commented:
I tried making an update with field that is a regular text value and it works, but the two that are longtext aren't working.
0
Vel EousResearch & Development ManagerCommented:
Have you tried changing the fields to VARCHAR and seeing if any information is inserted ?!
0
pingeyegAuthor Commented:
Can you show me how to do that?  I don't know what VARCHAR is.
0
Vel EousResearch & Development ManagerCommented:
Go into phpMyAdmin, select your table and change the field type in there.
0
pingeyegAuthor Commented:
Ok, just out of curiosity, what would you change it to if the field needs to have 300 characters in it?
0
Vel EousResearch & Development ManagerCommented:
longtext should be the one you go for.

That said, try what I have suggested and see if the information is inserted.

We need to assertain if it is your PHP $_POST vars, SQL statement or DB itself that is having the issue.
0
pingeyegAuthor Commented:
RIght now the field type is already longtext for those two fields.
0
Vel EousResearch & Development ManagerCommented:
Yes, try changing it to VARCHAR and see if any information is collected that way ...
0
pingeyegAuthor Commented:
That didn't do the trick.
0
Vel EousResearch & Development ManagerCommented:
OK, which are the two fields that are not being inserted, what are their names ?
0
pingeyegAuthor Commented:
strServicesoffered and strOtherservices
0
Vel EousResearch & Development ManagerCommented:
Does strProvidertagline insert correctly ?
0
pingeyegAuthor Commented:
Apparently it does not.  Huh.
0
Vel EousResearch & Development ManagerCommented:
OK, think I see the issue now, its your str_replace function.

##--[ FIND ]--##

str_replace("'", "''", $strOtherservices);
str_replace("'", "''", $strServicesoffered);
str_replace("'", "''", $strProvidertagline);

##--[ REPLACE WITH ]--##

addslashes($strOtherservices);
addslashes($strServicesoffered);
addslashes($strProvidertagline);

Then try the script again.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pingeyegAuthor Commented:
Still nothing.  What was that supposed to do anyway?
0
pingeyegAuthor Commented:
Isn't that funtion supposed to work like that?  When people add text to these boxes they will most certainly be using apostrophes on certain word.  How will he addslashes function change that?
0
pingeyegAuthor Commented:
Nevermind, that did work.  I saw one other thing that I had extra that was conflicting with your statement.  It now works.  I don't know why, but now all of a sudden I can't change anything in phpMyAdmin without it kicking me out again.
0
Vel EousResearch & Development ManagerCommented:
Symbols and special characters such as ' @ " $ need to be escaped before being inserted into a database.  The addslashes() function basicaly escapes the characters so that they can be read correctly by apps such as PHP and MySQL by placing a \ in front of them.


For example:

$str = "This strings' been escaped";

$strEscaped = addslashes($str);

echo $str; // output: This string\'s been escaped


When you retreive the data from the DB you will need to remove the slashes using stripslashes()

$sql = ("SELECT * FROM tblAdspace");

$output = stripslashes($sql);

echo $output;


Both addslashes() and stripslashes() were designed to handle this sort of situation and in general, when ever you are inserting into a DB, you should always implement these functions.
0
Vel EousResearch & Development ManagerCommented:
Woops

echo $str; // output: This string\'s been escaped

Should be:

echo $str; // output: This strings\' been escaped


Also with regards to you being kicked from phpMyAdmin, you probably need to refresh your cookie or something.  Try logging out, closing the browser completely and then going back to phpMyAdmin.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.