inserting data into my tables using a form

[dazz_club]

Hi there,I think i am getting somewhere, i have mangaed to combine the script (enquiry.php) with the form (contact-us.php), so instead of having the two individual files to insert the details in the database, its is now all on contact.php.the problem i seem to behaving is that the script will not insert the data in the tables at all.here is what the script looks like

<?php require_once("includes/connection.php"); if(isset($_POST['submit'])){$first_name=$_POST['first_name'];$last_name=$_POST['last_name'];$email=$_POST['email'];$telephone=$_POST['telephone'];$company=$_POST['company'];$address=$_POST['address'];$address_a=$_POST['address_a'];$address_b=$_POST['address_b'];$address_c=$_POST['address_c'];$town=$_POST['town'];$city=$_POST['city'];$postal_zip_code=$_POST['postal_zip_code'];$state=$_POST['state'];$country=$_POST['country'];$product_of_interest=$_POST['product_of_interest'];$comments=$_POST['comments'];if(!get_magic_quotes_gpc()){$first_name = addslashes($first_name);$last_name = addslashes($last_name);$email = addslashes($email);$telephone= addslashes($telephone);$company= addslashes($company);$address= addslashes($address);$address_a= addslashes($address_a);$address_b= addslashes($address_b);$address_c= addslashes($address_c);$town= addslashes($town);$city= addslashes($city);$postal_zip_code= addslashes($postal_zip_code);$state= addslashes($state);$country= addslashes($country);$product_of_interest= addslashes($product_of_interest);$comments= addslashes($comments);$errors .= (empty($first_name)) ? "<br />You have forgotton to include your first name." : "";$errors .= (empty($last_name)) ? "<br />You have forgotton to include your surname." : "";$errors .= (empty($email)) ? "<br />To help you, we require your email." : "";}else{$query = " INSERT INTO enquiries  (first_name, last_name, email, telephone, company, address, address_a, address_b, address_c, town, city, postal_zip_code, state, country, product_of_interest, comments ) VALUES ('".$first_name."', '".$last_name."', '".$email."', '".$telephone."', '".$company."', '".$address."', '".$address_a."', '".$address_b."', '".$address_c."', '".$town."', '".$city."', '".$postal_zip_code."', '".$state."', '".$country."', '".$product_of_interest."', '".$comments."')";$result = $db->query($query);if ($result)	echo $db->affected_rows. 'enquiry entered';}@ $db = new mysqli('localhost', 'root', 'xx, 'xx');if (mysqli_connect_errno()){echo 'error';exit;	$db->close();}}?>

Any ideas on what i have done wrong??kind regardsDazzclub

[jeffg]

Well, if you indented your code properly, you'd see that the query is in the else clause of if(!get_magic_quotes_gpc()), so that if get_magic_quotes_gpc() returns false, you won't execute the query.The second problem is that your error checking won't get done unless you go down the addslashes route.

[dazz_club]

Well, if you indented your code properly, you'd see that the query is in the else clause of if(!get_magic_quotes_gpc()), so that if get_magic_quotes_gpc() returns false, you won't execute the query.The second problem is that your error checking won't get done unless you go down the addslashes route.

all done nowHere is the final code

<?php require_once("includes/connection.php"); if(isset($_POST['submit'])){$first_name=$_POST['first_name'];$last_name=$_POST['last_name'];$email=$_POST['email'];$telephone=$_POST['telephone'];$company=$_POST['company'];$address=$_POST['address'];$address_a=$_POST['address_a'];$address_b=$_POST['address_b'];$address_c=$_POST['address_c'];$town=$_POST['town'];$city=$_POST['city'];$postal_zip_code=$_POST['postal_zip_code'];$state=$_POST['state'];$country=$_POST['country'];$product_of_interest=$_POST['product_of_interest'];$comments=$_POST['comments'];$errors .= (empty($first_name)) ? "<span class=\"emptyFields\">First Name.</span>" : "";$errors .= (empty($last_name)) ? "<span class=\"emptyFields\">Last name.</span>" : "";$errors .= (empty($email)) ? "<span class=\"emptyFields\">To help you, we require your email.</span>" : "";//need to add country, product and stateif (!$errors){if(!get_magic_quotes_gpc()){$first_name = addslashes($first_name);$last_name = addslashes($last_name);$email = addslashes($email);$telephone= addslashes($telephone);$company= addslashes($company);$address= addslashes($address);$address_a= addslashes($address_a);$address_b= addslashes($address_b);$address_c= addslashes($address_c);$town= addslashes($town);$city= addslashes($city);$postal_zip_code= addslashes($postal_zip_code);$state= addslashes($state);$country= addslashes($country);$product_of_interest= addslashes($product_of_interest);$comments= addslashes($comments);}@ $db = new mysqli('localhost', 'root', 'x', 'x');if (mysqli_connect_errno()){echo 'error';}$query = " INSERT INTO enquiries  (first_name, last_name, email, telephone, company, address, address_a, address_b, address_c, town, city, postal_zip_code, state, country, product_of_interest, comments ) VALUES ('".$first_name."', '".$last_name."', '".$email."', '".$telephone."', '".$company."', '".$address."', '".$address_a."', '".$address_b."', '".$address_c."', '".$town."', '".$city."', '".$postal_zip_code."', '".$state."', '".$country."', '".$product_of_interest."', '".$comments."')";$result = $db->query($query);if($result)	echo 'well done';}}?>

[Synook]

Couldn't you have written this

$first_name=$_POST['first_name'];$last_name=$_POST['last_name'];$email=$_POST['email'];$telephone=$_POST['telephone'];$company=$_POST['company'];$address=$_POST['address'];$address_a=$_POST['address_a'];$address_b=$_POST['address_b'];$address_c=$_POST['address_c'];$town=$_POST['town'];$city=$_POST['city'];$postal_zip_code=$_POST['postal_zip_code'];$state=$_POST['state'];$country=$_POST['country'];$product_of_interest=$_POST['product_of_interest'];$comments=$_POST['comments'];

As this:

foreach ($_POST as $name => $value) {$$name = $value;}

And this

$first_name = addslashes($first_name);$last_name = addslashes($last_name);$email = addslashes($email);$telephone= addslashes($telephone);$company= addslashes($company);$address= addslashes($address);$address_a= addslashes($address_a);$address_b= addslashes($address_b);$address_c= addslashes($address_c);$town= addslashes($town);$city= addslashes($city);$postal_zip_code= addslashes($postal_zip_code);$state= addslashes($state);$country= addslashes($country);$product_of_interest= addslashes($product_of_interest);$comments= addslashes($comments);

Again using the $_POST array, as this:

foreach ($_POST as $name => $value) {$$name = addslashes($$name);}

Of course, that wouldn't work if you had more form fields than what was processed there. Then you would need to construct a seperate array of the fields being used.