MYSQL help

brunoais · Dec 20, 2008

Oh! And don't forget the

PHP:

OR Mysqlerror();

it's useful to find sql syntax errors

vol7ron · Dec 20, 2008

brunoais said:
why not instead of:

PHP:

$submit=$_POST['submit']; if($submit=="Submit"){

you use this code?

PHP:

if($_POST['submit']=="Submit"){

Makes the code simpler
Edit:
the simpler it is the less probable is for you to get an error

or

PHP:

if (strtolower($_POST['submit'])=="submit") {...}

vol7ron · Dec 20, 2008

Code:

1) $con = mysql_connect("localhost","username","password");
2) mysql_select_db("Feedback", $con);
3) mysql_query("INSERT INTO Feedback (Name, Message) 
VALUES ('$firstname', '$message')");
}

1) make sure your username is in the form x10name_MySQLname (so like xcaliberse_username)
2) the same thing goes for your database name xcalibers_Feedback
3) make sure that there are no apostrophes insterted as a first name or any other SQL injection going on, if someone's name is O'Brien, that might terminate the string early and cause errors

xcaliberse · Dec 20, 2008

Ok 1 last problem, I fixed my script:

Code:

<?
$firstname=$_POST['Name'];
$message=$_POST['Message'];


$submit=$_POST['submit'];
if($submit=="Submit"){


$con = mysql_connect("localhost","username","password");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("databaseName", $con);

mysql_query("INSERT INTO Feedback (Name, Message) 
VALUES ('$firstname', '$message')");

echo "DONE";
}
echo "$firstname";
echo "$message";
?>

<form method="post">
Firstname: <input type="text" name="Name"><br />
Message: <input type="text" name="Message"> <br />
<input type="submit" name="submit" value="Submit">
</form>

One last problem is that, only the MESSAGE is saving but the NAME isnt saving in the table that I made...

vol7ron · Dec 21, 2008

well there may be a problem in naming the field "Name" because the attribute on the form is called "name". First, try calling it by something else, maybe something like:

PHP:

Firstname: <input type="text" name="Fname"><br />

If that doesn't work, check the database to make sure the variable type is correct.

Also does anyone know if ${variable} is acceptable in PHP like it is in Perl? If so, that's how you want to call your variable when directing to the database. This (at least in Perl) makes sure you don't have to escape anything inside the variable.

So it would be something like:

PHP:

VALUES ('${firstname}', '${message}')");

but make sure that's correct PHP syntax first

.

gomarc · Dec 21, 2008

vol7ron said:
...
If that doesn't work, check the database to make sure the variable type is correct.
...

As suggested by vol7ron, you may want to double check the structure of Feedback table since the last script you posted is working just fine...

This is the Structure that I used in my test:

blobtech · Dec 21, 2008

xcaliberse said:
and here is the pic of the database
http://i253.photobucket.com/albums/h...berse/blah.jpg

Yep, the name field is an integer number in your setup.
Change it to VARCHAR(255), TINYTEXT or another string-type.

Have a look here for an overview of mysql datatypes: http://www.htmlite.com/mysql003.php

vol7ron · Dec 21, 2008

oh i didn't even see he posted that. i would have said something sooner.

hope this solved your problems.

.

xPlozion · Dec 21, 2008

EDIT: ok, so i didn't see that this topic had legs (multiple pages), so what i said below could have already been covered.
----------

or even to if (isset($submit)). it'll check if $submit is set, and doesn't care what the value of it is. if it's set (pressed), it'll continue, else it will just parse anything outside of the if () or the else

again, if (isset($submit)) is the recommended way of checking if a submit button is pressed (or any button for that matter).

xcaliberse · Dec 22, 2008

My problem is still not fixed lol, it doesnt save it in the name part.

brunoais · Dec 22, 2008

vol7ron said:
...
Also does anyone know if ${variable} is acceptable in PHP like it is in Perl? If so, that's how you want to call your variable when directing to the database. This (at least in Perl) makes sure you don't have to escape anything inside the variable.

So it would be something like:

PHP:

VALUES ('${firstname}', '${message}')");

but make sure that's correct PHP syntax first
.

I don't think so. In PHP it has no problem but it must be usable so there is an other option. change the '' to `` that should do the trick

gomarc · Dec 22, 2008

xcaliberse said:
My problem is still not fixed lol, it doesnt save it in the name part.

In your table, did you change the Type of your field Name as suggested?

blobtech said:
Yep, the name field is an integer number in your setup.
Change it to VARCHAR(255), TINYTEXT or another string-type.

Have a look here for an overview of mysql datatypes: http://www.htmlite.com/mysql003.php

gomarc said:
As suggested by vol7ron, you may want to double check the structure of Feedback table since the last script you posted is working just fine...

This is the Structure that I used in my test:

Do so by going to your phpMyAdmin and change it there.

Your code will then work and save the data into your table.

vol7ron · Dec 23, 2008

brunoais said:
I don't think so. In PHP it has no problem but it must be usable so there is an other option. change the '' to `` that should do the trick

I don't think the `` are the correct thing to use in SQL syntax when referring to values. It is used elsewhere, however I don't think that's the case here.

What I was talking about is that in Perl you can do this:
take the string: like 'this' is it

If you wanted to use that in an SQL, you'd have to escape each apostrophe: like \'this\' is it

UPDATE tablename SET fieldname = 'like \'this\' is it';

otherwise the following would break because of incorrect syntax:
UPDATE tablename SET fieldname = 'like 'this' is it';

That means it's more proper to use :
my $variable = "like \'this\' is it";
instead of: my $variable = "like 'this' is it";

Well when inputting from a webpage, we can't trust users to escape it themselves, so the application has to.

In Perl, you don't have to.
my $formvariable = "like 'this' is it";

$sql = "UPDATE tablename SET fieldname = '${formvariable}';
No escape needed. Otherwise, we'd have to preprocess the string and add a \ before each invalid character. Get it?

So in his example for name, if the person's name was O'Brien, the variable would have to have \ added for it to work: O\'Brien

brunoais · Dec 23, 2008

no problemo

there's just the need to use

PHP:

addslashes ()

Function. like:

PHP:

VALUES ('addslashes ($firstname)', 'addslashes ($message)')");

That would solve the problem

edit:
I just found the instructions for this. It's right here
http://php.net/manual/en/function.addslashes.php

vol7ron · Dec 23, 2008

Terrific. That and some method of preventing SQL Injections and that's exactly what's needed.

xcaliberse · Dec 23, 2008

Somebody wanna just show me how my script is supposed to look like so i can copy and paste?
Edit:
Nevermind I got it to work and umm... Can someoen tell me how to display the table?

gomarc · Dec 23, 2008

xcaliberse said:
... Can someoen tell me how to display the table?

There are many good tutorials to do that.

Search our forums

Or start here http://www.w3schools.com/php/php_mysql_select.asp

vol7ron · Dec 24, 2008

xcaliberse said:
Somebody wanna just show me how my script is supposed to look like so i can copy and paste?
Edit:
Nevermind I got it to work and umm... Can someoen tell me how to display the table?

If after looking at gomarc's suggestion, please open a new thread.

MYSQL help

brunoais

New Member

vol7ron

New Member

vol7ron

New Member

xcaliberse

New Member

vol7ron

New Member

gomarc

Member

blobtech

New Member

vol7ron

New Member

xPlozion

New Member

xcaliberse

New Member

brunoais

New Member

gomarc

Member

vol7ron

New Member

brunoais

New Member

vol7ron

New Member

xcaliberse

New Member

gomarc

Member

vol7ron

New Member

Free Web Hosting

Our Community

Legal