Solved

PHP Help PLEASE

Posted on 2011-03-01
9
230 Views
Last Modified: 2012-05-11
I've worked with this code all morning & it was working earlier but I've screwed it up somehow! This code is supposed to display a form in a browser, the user inserts the data then submits it & it gets written to a mysql database. At this time, EVERYTIME I go to the htttp://mysite/add.php it goes straight to google & I do not see my form to insert the text in the fields anymore...please help!
<html>

<head>
<title> Update Database </title>
</head>

<?php
#	Page: add.php
##########################

#	Report all errors
##########################
ini_set('display_errors',1);
error_reporting(E_ALL);

#	db connection settings
##########################

#	server IP
$host	= "localhost";
#	sql user
$user	= "root";
#	sql pw
$pw	= "12ibtlalc25";
#	sql database
$db	= "psrflow";

#	get submitted values & escape the text string
#################################################
if ( isset( $_POST['offender_fname'] ) ){
	$offender_fname = addslashes( $_POST['offender_fname'] );
}
if ( isset( $_POST['offender_lname'] ) ){
	$offender_lname = addslashes( $_POST['offender_lname'] );
}
if ( isset( $_POST['location'] ) ){
	$location = addslashes( $_POST['location'] );
}

#	connect to db server
##########################
$conn = mysql_connect( $host, $user, $pw )
or die( "Error! Unable to connect to database server: <br/>" . mysql_error() );
#	connect to db
##########################
$rs = mysql_select_db( $db, $conn )
or die( "Error! Unable to connect to database:  <br/>" . mysql_error() );


$strSQL = "INSERT INTO psrinfo
	( offender_fname, offender_lname, location )
	VALUES
	( '" . $offender_fname . "', '" . $offender_lname . "', '" . $location . "' )";

#	execute db insert
##########################
if (!mysql_query( $strSQL, $conn )){
	echo( "Unable to save data to database: <br/>" . mysql_error() . "<br/>" . $strSQL . "</span><br/>" );
}
else{
	header( "Location: http://www.google.com" );
}
?>






<body>
<form method="post" action="add.php">

First Name: <br />

<input type="text" name="offender_fname" size="30" /><br />

Last Name: <br />

<input type="text" name="offender_lname" size="30" /><br />

Location: <br />

<input type="text" name="location" size="30" /><br />


<input type="submit" value="Submit" />


</form>
</body>
</html>

Open in new window

0
Comment
Question by:wantabe2
9 Comments
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 35010707
Get rid of the redirect to Google.  You have it set up so that if the PHP works properly, it goes to Google.  I don't think that's what you want.
0
 
LVL 13

Expert Comment

by:Arrow_1
ID: 35010713
Line 61:
header( "Location: http://www.google.com" );


That code automatically redirects you to google.
0
 
LVL 13

Expert Comment

by:Arrow_1
ID: 35010727
Also, be sure that is not your actual username and password for your db in that code... if so, you just posted that for all to see :-/
0
 
LVL 15

Author Comment

by:wantabe2
ID: 35010755
It's not the real UN & PW but thanks for checking that. I still can't get it to work, if I take the re-direct out I get a page can not be displayed & blank entry gets put in the mysql database.
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 15

Author Comment

by:wantabe2
ID: 35010840
I've narrowed it down to this simple code & it still will not insert the data into the mysql database.....what am I missing...I am very new to programming as you can see...
<html>

<?php
	$config["HOSTNAME"]		= "localhost";
	$config["USERNAME"]		= "root";
	$config["PASSWORD"] 	= "12ibtlalc25";
	$config["DBNAME"]      	= "psrflow";
	
	$dbconn = mysql_pconnect($config["HOSTNAME"], $config["USERNAME"], $config["PASSWORD"]) or  die(mysql_error());
	mysql_select_db($config["DBNAME"] , $dbconn);
?>

<head>
<title> Update Database </title>
</head>

<body>
<form method="post" action="" onSubmit="return checkme()">

 <b>First Name:</b> <br />

<input type="text" name="offender_fname" size="35" /><br />

<b>Last Name:</b> <br />

<input type="text" name="offender_lname" size="35" /><br />

<b>Location:</b> <br />

<input type="text" name="location" size="35" /><br />


<input type="submit" value="Submit" />

</form>
</body>
</html>

Open in new window

0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 35010872
Where you have this

$strSQL = "INSERT INTO psrinfo
	( offender_fname, offender_lname, location )
	VALUES
	( '" . $offender_fname . "', '" . $offender_lname . "', '" . $location . "' )";

#	execute db insert
##########################
if (!mysql_query( $strSQL, $conn )){
	echo( "Unable to save data to database: <br/>" . mysql_error() . "<br/>" . $strSQL . "</span><br/>" );
}
else{
	header( "Location: http://www.google.com" );
}
?>

Open in new window

You are ALWAYS executing the query. What you need to do is ONLY execute it on someone pressing the submit button. Start by giving your submit button a name

<input name='submit' type="submit" value="Submit" />

Then detect it in the code

if ( isset( $_POST['submit'] == "Submit" ) {
......code here
}

then insert your SQL statement where I wrote .....code here in the fragment above


$strSQL = "INSERT INTO psrinfo
	( offender_fname, offender_lname, location )
	VALUES
	( '" . $offender_fname . "', '" . $offender_lname . "', '" . $location . "' )";

if ( isset( $_POST['submit'] == "Submit" ) {
   #	execute db insert
   ##########################
   if (!mysql_query( $strSQL, $conn )){
   	   echo( "Unable to save data to database: <br/>" . mysql_error() . "<br/>" . $strSQL . "</span><br/>" );
   }
}

Open in new window


0
 
LVL 82

Accepted Solution

by:
hielo earned 500 total points
ID: 35010922
Try:
<?php
#	Page: add.php
##########################

#	Report all errors
##########################
ini_set('display_errors',1);
error_reporting(E_ALL);

if( isset($_POST) && !empty($_POST) )
{
     #	db connection settings
     ##########################
     
     #	server IP
     $host	= "localhost";
     #	sql user
     $user	= "root";
     #	sql pw
     $pw	= "12ibtlalc25";
     #	sql database
     $db	= "psrflow";
     
     
     #	connect to db server
     ##########################
     $conn = mysql_connect( $host, $user, $pw )
     or die( "Error! Unable to connect to database server: <br/>" . mysql_error() );
     #	connect to db
     ##########################
     $rs = mysql_select_db( $db, $conn )
     or die( "Error! Unable to connect to database:  <br/>" . mysql_error() );
     
     
     #	get submitted values & escape the text string
	foreach($_POST as $key=>$value)
	{
		${$key}=mysql_real_escape_string($value);
	}

     $strSQL = "INSERT INTO psrinfo
     	( offender_fname, offender_lname, location )
     	VALUES
     	( '" . $offender_fname . "', '" . $offender_lname . "', '" . $location . "' )";
     
     #	execute db insert
     ##########################
     if (!mysql_query( $strSQL, $conn )){
     	echo( "Unable to save data to database: <br/>" . mysql_error() . "<br/>" . $strSQL . "</span><br/>" );
     }
     else{
     	header( "Location: http://www.google.com" );
		exit;
     }
}
?>
<html>

<head>
<title> Update Database </title>
</head>
<body>
<form method="post" action="add.php">

First Name: <br />

<input type="text" name="offender_fname" size="30" /><br />

Last Name: <br />

<input type="text" name="offender_lname" size="30" /><br />

Location: <br />

<input type="text" name="location" size="30" /><br />


<input type="submit" value="Submit" />


</form>
</body>
</html>

Open in new window

0
 
LVL 15

Author Closing Comment

by:wantabe2
ID: 35011376
PERFECT! Thanks
0
 
LVL 108

Expert Comment

by:Ray Paseur
ID: 35011417
Get rid of addslashes().  See the note here about that, "It's highly recommended to use DBMS specific escape function (e.g. mysqli_real_escape_string() for MySQL..."

I think hielo has got you on the right track.  Going forward, it is usually easiest to write and debug your code in tiny bits.  First make sure you can get the form input and print it out (learn about http://us2.php.net/manual/en/function.var-dump.php), then make sure you can write the data into the data base.  When each part of the app works, add the next layer.

You might also want to learn about version control with GitHub or SubVersion.  Then you won't lose your old copies of code that worked!
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

This demonstration started out as a follow up to some recently posted questions on the subject of logging in: http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/Q_28634665.html and http://www.experts-exchange.com/Programming/…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
In this tutorial viewers will learn how to embed an audio file in a webpage using HTML5. Ensure your DOCTYPE declaration is set to HTML5: : The declaration should display (CODE) HTML5 is supported by the most recent versions of all major browsers…
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now