Jump to content
2old2learn?

Adding data...

Recommended Posts

I think I forgot a closing paren on the next line. Can you show us the whole code as updates/changes have been made?edit: birbal does bring up a good point about empty. the foreach can be used to check for either case however.
I think this is right, I went birbal's way for now..for now just want to make it easy for me to understand..once I really know alot more then I can get more into it..Hope this is rightMy form_validation.php
<html><head><title>form_validation</title></head><body><?phpif (isset($_POST['id'],$_POST['srnumber'],$_POST['tenant'],$_POST['floor'],$_POST['tower'],$_POST['job_description'],$_POST['labour_cost'],$_POST['material_cost'],$_POST['date_twa_sent_to_tenant'],$_POST['date_twa_approved'],$_POST['date_parts_ordered'],$_POST['supplier'],$_POST['date_job_completed'],$_POST['date_billing_given_to_accounting'])  echo "succesful form submission. initialize DB connection .....";  $con = mysql_connect("localhost","root","");  mysql_select_db("tecicc", $con);}  if (!$con){ { die('Could not connect: ' . mysql_error()); }; echo "connection initialized....."; };?></body></html>

So is this right or did I do it wrong again..??

Share this post


Link to post
Share on other sites

sure. the foreach loop means it will check every member of POST for you, so you don't have to write out such a long if statement.edit: but when using isset, you would want to write it this way

$formValid = true;<?phpforeach($_POST as $key => $value){  if(!isset($_POST[$key])){	$formValid = false;  };};?>

Edited by thescientist

Share this post


Link to post
Share on other sites
sure. the foreach loop means it will check every member of POST for you, so you don't have to write out such a long if statement.
Understood..okay tested and get error message of >>> " Parse error: syntax error, unexpected T_ECHO in C:\xampp\htdocs\icc\form_validation.php on line 9 "this is line 9
echo "succesful form submission. initialize DB connection .....";

Share this post


Link to post
Share on other sites
Understood..okay tested and get error message of >>> " Parse error: syntax error, unexpected T_ECHO in C:\xampp\htdocs\icc\form_validation.php on line 9 "this is line 9
echo "succesful form submission. initialize DB connection .....";

show the whole code. Often the errors are on the line before. (because the interpreter ignores whitespace, and get's flumuxed when it gets to the next line without having run into an expected ending quote, paren, curly brace, semicolon, etc and gives that line number as the line with the error, silly but it kind of makes since. :) ).edit: btw, I noticed this is on form_validation.php. For now you should just being doing this on one page, unless you were creating some sort of library/class for form validating and you wanted to include that into the code. what we've got right now is enough to go in one script. Edited by thescientist

Share this post


Link to post
Share on other sites
show the whole code. Often the errors are on the line before. (because the interpreter ignores whitespace, and get's flumuxed when it gets to the next line without having run into an expected ending quote, paren, curly brace, semicolon, etc and gives that line number as the line with the error, silly but it kind of makes since. :) ).edit: btw, I noticed this is on form_validation.php. For now you should just being doing this on one page, unless you were creating some sort of library/class for form validating and you wanted to include that into the code. what we've got right now is enough to go in one script.
Okay here is my form_validation.php code...
<html><head><title>form_validation</title></head><body><?phpif (isset($_POST['id'],$_POST['srnumber'],$_POST['tenant'],$_POST['floor'],$_POST['tower'],$_POST['job_description'],$_POST['labour_cost'],$_POST['material_cost'],$_POST['date_twa_sent_to_tenant'],$_POST['date_twa_approved'],$_POST['date_parts_ordered'],$_POST['supplier'],$_POST['date_job_completed'],$_POST['date_billing_given_to_accounting'])  echo "succesful form submission. initialize DB connection .....";  $con = mysql_connect("localhost","root","");  mysql_select_db("tecicc", $con);}  if (!$con){ { die('Could not connect: ' . mysql_error()); }; echo "connection initialized....."; };?></body></html>

Share this post


Link to post
Share on other sites

yeah, you don't have an opening curly brace at the end of the long if statement. look like you have further down, after

if(!$con){

I'm not sure you are including the script in the way you think you are. It's a little awkward to be including more (opening) HTML tags into it, because you had HTML tags in your main script. For now, I would make it less confusing by having this entire script be in one script file.

Share this post


Link to post
Share on other sites
yeah, you don't have an opening curly brace at the end of the long if statement. look like you have further down, after
if(!$con){

I'm not sure you are including the script in the way you think you are. It's a little awkward to be including more (opening) HTML tags into it, because you had HTML tags in your main script. For now, I would make it less confusing by having this entire script be in one script file.

okay...thanks

Share this post


Link to post
Share on other sites
yeah, you don't have an opening curly brace at the end of the long if statement. look like you have further down, after
if(!$con){

I'm not sure you are including the script in the way you think you are. It's a little awkward to be including more (opening) HTML tags into it, because you had HTML tags in your main script. For now, I would make it less confusing by having this entire script be in one script file.

Okay I have been at this all day so..I guess I just can't see it.." { " as you say..where should it go.???
<html><head><title>form_validation</title></head><body><?phpif (isset($_POST['id'],$_POST['srnumber'],$_POST['tenant'],$_POST['floor'],$_POST['tower'],$_POST['job_description'],$_POST['labour_cost'],$_POST['material_cost'],$_POST['date_twa_sent_to_tenant'],$_POST['date_twa_approved'],$_POST['date_parts_ordered'],$_POST['supplier'],$_POST['date_job_completed'],$_POST['date_billing_given_to_accounting'])  echo "succesful form submission. initialize DB connection .....";  $con = mysql_connect("localhost","root","");  mysql_select_db("tecicc", $con);}  if (!$con){ { die('Could not connect: ' . mysql_error()); }; echo "connection initialized....."; };?></body></html>

after this I am in need of a big computer break....gonna watch Hockey Playoffs..for couple of hours..thanks..

Share this post


Link to post
Share on other sites

actually, I think you have some other odd placements of things as well.

<?phpif (isset($_POST['id'],$_POST['srnumber'],$_POST['tenant'],$_POST['floor'],$_POST['tower'],$_POST['job_description'],$_POST['labour_cost'],$_POST['material_cost'],$_POST['date_twa_sent_to_tenant'],$_POST['date_twa_approved'],$_POST['date_parts_ordered'],$_POST['supplier'],$_POST['date_job_completed'],$_POST['date_billing_given_to_accounting']) ){  // missing a closing paren ) and opening curly brace { here  echo "succesful form submission. initialize DB connection .....";  $con = mysql_connect("localhost","root","");  mysql_select_db("tecicc", $con);} // there's an extra } here//and an extra { here  if (!$con){	die('Could not connect: ' . mysql_error());  };  echo "connection initialized.....";};?>

the whole thing fixed

<?phpif(isset($_POST['id'],$_POST['srnumber'],$_POST['tenant'],$_POST['floor'],$_POST['tower'],$_POST['job_description'],$_POST['labour_cost'],$_POST['material_cost'],$_POST['date_twa_sent_to_tenant'],$_POST['date_twa_approved'],$_POST['date_parts_ordered'],$_POST['supplier'],$_POST['date_job_completed'],$_POST['date_billing_given_to_accounting'])){  echo "succesful form submission. initialize DB connection .....";  $con = mysql_connect("localhost","root","");  mysql_select_db("tecicc", $con);  if (!$con){	die('Could not connect: ' . mysql_error());  };  echo "connection initialized.....";};?>

Edited by thescientist

Share this post


Link to post
Share on other sites
actually, I think you have some other odd placements of things as well.
<?phpif (isset($_POST['id'],$_POST['srnumber'],$_POST['tenant'],$_POST['floor'],$_POST['tower'],$_POST['job_description'],$_POST['labour_cost'],$_POST['material_cost'],$_POST['date_twa_sent_to_tenant'],$_POST['date_twa_approved'],$_POST['date_parts_ordered'],$_POST['supplier'],$_POST['date_job_completed'],$_POST['date_billing_given_to_accounting']) ){  // missing a closing paren ) and opening curly brace { here  echo "succesful form submission. initialize DB connection .....";  $con = mysql_connect("localhost","root","");  mysql_select_db("tecicc", $con);} // there's an extra } here//and an extra { here  if (!$con){	die('Could not connect: ' . mysql_error());  };  echo "connection initialized.....";};?>

the whole thing fixed

<?phpif(isset($_POST['id'],$_POST['srnumber'],$_POST['tenant'],$_POST['floor'],$_POST['tower'],$_POST['job_description'],$_POST['labour_cost'],$_POST['material_cost'],$_POST['date_twa_sent_to_tenant'],$_POST['date_twa_approved'],$_POST['date_parts_ordered'],$_POST['supplier'],$_POST['date_job_completed'],$_POST['date_billing_given_to_accounting'])){  echo "succesful form submission. initialize DB connection .....";  $con = mysql_connect("localhost","root","");  mysql_select_db("tecicc", $con);  if (!$con){	die('Could not connect: ' . mysql_error());  };  echo "connection initialized.....";};?>

Thanks..added your fix..it probably would have taken me days to see it..thanks...tested and no error's..I knew this was the right place to learn...Cheers....now will take that break away from computer...

Share this post


Link to post
Share on other sites

LOL okay did a test of my form and pressed submit " Button " and it adds a empty row..even though no entries of data were entered...Also someone mentioned that I should not enter data via _$POST unless doing this. First thing never input data into a database directly from $_POST without applying mysql_real_escape_string on each $_POST element.

$safe_to_enter = mysql_real_escape_string($_POST['field']);

Any answers...

Share this post


Link to post
Share on other sites
LOL okay did a test of my form and pressed submit " Button " and it adds a empty row..even though no entries of data were entered...Also someone mentioned that I should not enter data via _$POST unless doing this. First thing never input data into a database directly from $_POST without applying mysql_real_escape_string on each $_POST element.
$safe_to_enter = mysql_real_escape_string($_POST['field']);

Any answers...

please post your full code each time things have changed and a new problem presents itself. Edited by thescientist

Share this post


Link to post
Share on other sites
please post your full code each time things have changed and a new problem presents itself.
Okay will do that from now on...

Share this post


Link to post
Share on other sites

Okay its not that I'm getting an error message..what happens is when I go to say my entry form and click " Submit " it then says " 1 Record Added " even though nothing has been entered into any of the fields..

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><title>insert.php</title><link rel="stylesheet" type="text/css" href="/icc/skins/My_Start_Style.css" /></head><body><?php $con = mysql_connect("localhost","root",""); if (!$con)   {   die('Could not connect: ' . mysql_error());   } mysql_select_db("tecicc", $con); $sql="INSERT INTO twal ( id, srnumber, tenant, floor, tower, job_description, labour_cost, material_cost, date_twa_sent_to_tenant, date_twa_approved, date_parts_ordered, supplier, date_job_completed, date_billing_given_to_accounting) values ('$_POST[id]','$_POST[srnumber]','$_POST[tenant]','$_POST[floor]','$_POST[tower]','$_POST[job_description]','$_POST[labour_cost]','$_POST[material_cost]','$_POST[date_twa_sent_to_tenant]','$_POST[date_twa_approved]','$_POST[date_parts_ordered]','$_POST[supplier]','$_POST[date_job_completed]','$_POST[date_billing_given_to_accounting]')";if (!mysql_query($sql,$con))   {   die('Error: ' . mysql_error());   } echo "1 record added"; mysql_close($con); ?> </body></html>

I think that unless someone fills in all the data into to all the fields it should return and error telling user input missing or something like that...

Share this post


Link to post
Share on other sites
Okay its not that I'm getting an error message..what happens is when I go to say my entry form and click " Submit " it then says " 1 Record Added " even though nothing has been entered into any of the fields.....I think that unless someone fills in all the data into to all the fields it should return and error telling user input missing or something like that...
yeah, that's kind of what I've been trying to tell you.
you should show us the form, but basically what everyone is trying to get is you need to be validating your inputs. you are just assuming they are coming over the wire. the best thing you can do when testing forms is to verify the data. The simplest way is to add this at the top of your insert script (ideallu right after <?php).
var_dump($_POST);

Make sure you are getting what you expect first. After that, you should be checking that all your inputs have been filled out. The best way is to usually write a script on the client side (i.e. javascript) as an initial form of validation to make sure all inputs have been filled out, that they are all numbers if they need to be numbers, are certain lengths, etc. Catching it at this point means you can give feedback before the form is even sent to the insert script.The next way to validate is to go through each member of the $_POST array and check that none of them are empty. For example, you could use a loop

$formValid = true;foreach($_POST as $key => $value){  if(empty($_POST[$key]){	$formValid = false;  };};if($formValid){  //create query and execute call to the database}else{  echo ' sorry, there was a problem with the form.  please try again';};

something like that. either way, after you verify that your form is actually submitting the data correctly, you should be checking for the integrity of that data somehow before just sending it off to the database.

I was thinking more like my post
$formValid = true;<?phpforeach($_POST as $key => $value){  if(empty($_POST[$key]){	$formValid = false;  };};if($formValid){  //create query and execute call to the database}else{  echo ' sorry, there was a problem with the form.  please try again';};?>

where if formValid == true if($formValid), then you would want to execute your database connection/insert code. For the sake of an example, I just used a comment.edit: the point is that you validate everything first, if it passes whatever criteria you deem passable, then do the database stuff, else you send a message back to the user.

sure. the foreach loop means it will check every member of POST for you, so you don't have to write out such a long if statement.edit: but when using isset, you would want to write it this way
$formValid = true;<?phpforeach($_POST as $key => $value){  if(!isset($_POST[$key])){	$formValid = false;  };};?>

Share this post


Link to post
Share on other sites
yeah, that's kind of what I've been trying to tell you.
I should've know to listen to you...lol Okay is the last code the one that works...that I can use in my form_validation.php file????

Share this post


Link to post
Share on other sites

like I've been saying, it's probably just easier to keep this all in one script. the foreach loop is only a few extra lines of code.

Share this post


Link to post
Share on other sites
like I've been saying, it's probably just easier to keep this all in one script. the foreach loop is only a few extra lines of code.
yea I hear you on that..but I think for me to easily learn and remember I like to do several doc's..
$formValid = true;<?phpforeach($_POST as $key => $value){  if(!isset($_POST[$key])){	$formValid = false;  };};?>

is this one the correct one to use???

Share this post


Link to post
Share on other sites
yea I hear you on that..but I think for me to easily learn and remember I like to do several doc's..
$formValid = true;<?phpforeach($_POST as $key => $value){  if(!isset($_POST[$key])){	$formValid = false;  };};?>

is this one the correct one to use???

ok, I'm not sure how the code spread over multiple pages would allow you to see the bigger picture, but to each his own I suppose, just make sure you understand exactly how include works. (it literally puts the code right in, so it won't need any html or anything, just scripts.) but yes, that snippet should be fine. So I guess from now on make sure you include both scripts when posting if you are having any problems.

Share this post


Link to post
Share on other sites

how significant is this ???

$safe_to_enter = mysql_real_escape_string($_POST['field']);

Share this post


Link to post
Share on other sites
ok, I'm not sure how the code spread over multiple pages would allow you to see the bigger picture, but to each his own I suppose, just make sure you understand exactly how include works. (it literally puts the code right in, so it won't need any html or anything, just scripts.) but yes, that snippet should be fine. So I guess from now on make sure you include both scripts when posting if you are having any problems.
okay gotcha..

Share this post


Link to post
Share on other sites

very significant. you want to use it on all data that will be put in a query. Let's just take it one step at a time. let's just get your script to check that all the inputs are there and to report an error if it isn't. In the part of the code that makes the connection and creates the query, right before the $_POST values get used is where you want to use mysql_real_escape string.

Share this post


Link to post
Share on other sites

okay clicking " Submit " still add a record even though no entries made into the fieldsForm_Validation

<?php$formValid = false;?><?phpforeach($_POST as $key => $value){  if(!isset($_POST[$key])){	$formValid = false;  };};?>

Insert code

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><title>insert.php</title><link rel="stylesheet" type="text/css" href="/icc/skins/My_Start_Style.css" /></head><body><?php $con = mysql_connect("localhost","root",""); if (!$con)   {   die('Could not connect: ' . mysql_error());   } mysql_select_db("tecicc", $con); $sql="INSERT INTO twal ( id, srnumber, tenant, floor, tower, job_description, labour_cost, material_cost, date_twa_sent_to_tenant, date_twa_approved, date_parts_ordered, supplier, date_job_completed, date_billing_given_to_accounting) values ('$_POST[id]','$_POST[srnumber]','$_POST[tenant]','$_POST[floor]','$_POST[tower]','$_POST[job_description]','$_POST[labour_cost]','$_POST[material_cost]','$_POST[date_twa_sent_to_tenant]','$_POST[date_twa_approved]','$_POST[date_parts_ordered]','$_POST[supplier]','$_POST[date_job_completed]','$_POST[date_billing_given_to_accounting]')";if (!mysql_query($sql,$con))   {   die('Error: ' . mysql_error());   } echo "1 record added"; mysql_close($con); ?> </body></html>

Share this post


Link to post
Share on other sites
very significant. you want to use it on all data that will be put in a query. Let's just take it one step at a time. let's just get your script to check that all the inputs are there and to report an error if it isn't. In the part of the code that makes the connection and creates the query, right before the $_POST values get used is where you want to use mysql_real_escape string.
yea, i understand baby steps...first

Share this post


Link to post
Share on other sites

Just to show you I am trying my best and too show that..I found what I believe what you are trying to show me what the file should do..tell me if I am correct with this script..found this while reading up Php&MySQL book

<?phpforeach ($_POST as $value){ if( $value == ** ) {  echo "You have not filled in all the fields<br>\n";  display the form;  exit(); }}echo "Welcome";

is this what you are saying

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...