Ok everyone, so basically what I want to do is make a script that will automatically create a new category into a SQL table, and after that show it with the other ones added in the table on screen. I've checked the scripts and they appear logical enough for the operation I want to do still the submit button will not work and neither the code that supposed to be sending the required info to the database doesn't seem to work. Also I get the following errors when I try to load the page: Notice: Undefined index: cat_name in C:\Program Files\EasyPHP-5.3.6.0\www\gportal\admin\admin_main.php on line 44 Notice: Undefined index: type in C:\Program Files\EasyPHP-5.3.6.0\www\gportal\admin\admin_main.php on line 45 Notice: Undefined index: addCat in C:\Program Files\EasyPHP-5.3.6.0\www\gportal\admin\admin_main.php on line 48 cannot query database Notice: Undefined variable: queryO in C:\Program Files\EasyPHP-5.3.6.0\www\gportal\admin\admin_main.php on line 69 cannot show data from the sql table Here is the code which seems to have issues for some unknown reason. I would first like to tell before I post it that I used a function before calling the original code. I had tried entering the code directly without using the function hoping it will solve the problem, but it does the same thing. First, the code from the function: <html> <head> <style type="text/css"> </style> </head> <body> <?php function new_cat(){ //creates new category echo "To create a new category please do the following:</br>1. Enter category's name in the field below:</br>";?> <input type="text" name="cat_name" value=""></br> <?php echo "2. Choose if this is a root category or a subcategory:</br>"; ?> <select name="type"> <option>Root category</option> <option name="subcat">Subcategory</option> </select> </br> <?php echo "3. Press the insert button, and you're done!"; } ?> </body> </html> PHP: and the code i'm trying to run: <html> <head> <title></title> </head> <body> <?php require_once 'include_admin.php'; require_once 'mysql_con.php'; echo "testing</br></br></br>"; new_cat(); ?> </br><input type='submit' name='addCat' method='post' value='New Category'> <?php $cat_name=$_POST['cat_name']; $cat_type=$_POST['type']; if($_POST['addCat']){ $query=mysql_query(" INSERT INTO categories (name,type) VALUES ('$cat_name','$cat_type') "); echo "succesfully added."; }else{ echo "cannot query database"; } if($query){ //get query result $scanAllCat=mysql_query(" SELECT name,type FROM categories "); //show query on screen $showAllCat=mysql_result($scanAllCat); echo "Here are all the categories currently available: ".$showAllCat; }else{ echo "cannot show data from the sql table"; } ?> </body> </html> PHP:
Hy, Try to add a default value for $cat_name if the $_POST['cat_name'] isn't defined: $cat_name= (isset($_POST['cat_name'])) ? $_POST['cat_name'] : 'default_value'; The same for $cat_type. The form elements (<input>, <select>) should be within a <form method="post" action="file.php">...</form>
That seemed to repair some part of the script, through it still seems I can't send data to the database. The script showed itself as working, through there is no change in the table.
That seemed to repair some part of the script, through it still seems I can't send data to the database. The script showed itself as working, through there is no change in the table.
Where is the FORM? There is no FORM in your scripts, without form action and method, it can not send the data over Post.. Also those are not errors, those are notices. You can get rid of them by setting error_reporting() to report only errors (E_ERROR) and warnings (E_WARNING)..
oops double posting, sry. if a moderator sees the double post, I'd like for them to delete the duplicate for me. that is if there is no delete button for the users(from what I know, there isnt).
yeah, did that and as I said in the previous post, works much better now. through I still can't get it to send data to the database table. And about the warning messages, I will try to do as you said.
Make sure that your submit button addCat is within the <form></form> element. Also change this: $query=mysql_query(" INSERT INTO categories (name,type) VALUES ('$cat_name','$cat_type') "); PHP: To this: $query=mysql_query(" INSERT INTO categories (name,type) VALUES ('$cat_name','$cat_type') ") or die(mysql_error()); PHP: And see if you are getting any mysql error..
@The Webby: this is what the mysql error function says: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''name','type') VALUES ('','')' at line 3 PHP:
The values are empty, you are not getting any post data.. Make sure you are getting post data.. Post the latest version of your scripts here, so I can take a look again.
The main script is this one: <html> <head> <title></title> </head> <body> <?php require_once 'include_admin.php'; require_once 'mysql_con.php'; echo "testing</br></br></br>"; new_cat(); ?> </br> <form method="post" name="cat_type"> <input type='submit' name='addCat' method='post' value='New Category'> </form> <?php $cat_name=isset($_POST['cat_name']); $cat_type=isset($_POST['type']); if(isset($_POST['addCat'])){ $query=mysql_query(" INSERT INTO categories ('name','type') VALUES ('$cat_name','$cat_type') ")or die(mysql_error()); echo "succesfully added."; }else{ echo "cannot query database"; } if(isset($query)){ //get query result $scanAllCat=mysql_query(" SELECT name,type FROM categories "); //show query on screen $showAllCat=mysql_result($scanAllCat,0,"name"); echo "Here are all the categories currently available: </br> <style=\"background-color:#5dddec;\">".$showAllCat."</style>"; }else{ echo "</br>cannot show data from the sql table"; } ?> </body> </html> PHP: and function : <html> <head> <style type="text/css"> </style> </head> <body> <?php function new_cat(){ //creeaza categorie noua echo "To create a new category please do the following:</br>1. Enter category's name in the field below:</br>";?> <input type="text" name="cat_name" value=""></br> <?php echo "2. Choose if this is a root category or a subcategory:</br>"; ?> <form method="post" name="cat_type"> <select name="type"> <option>Root category</option> <option name="subcat">Subcategory</option> </select> </form> </br> <?php echo "3. Press the insert button, and you're done!"; } ?> </body> </html> PHP:
Why are you using a php function to simply display a form? Every form element should be within <form></form> elements Use these scripts instead: <html> <head> <title></title> </head> <body> <?php require_once 'include_admin.php'; require_once 'mysql_con.php'; echo "testing</br></br></br>"; new_cat(); ?> </br> <input type='submit' name='addCat' method='post' value='New Category'> </form> <?php $cat_name=isset($_POST['cat_name']); $cat_type=isset($_POST['type']); if(isset($_POST['addCat'])){ $query=mysql_query(" INSERT INTO categories ('name','type') VALUES ('$cat_name','$cat_type') ")or die(mysql_error()); echo "succesfully added."; }else{ echo "cannot query database"; } if(isset($query)){ //get query result $scanAllCat=mysql_query(" SELECT name,type FROM categories "); //show query on screen $showAllCat=mysql_result($scanAllCat,0,"name"); echo "Here are all the categories currently available: </br> <style=\"background-color:#5dddec;\">".$showAllCat."</style>"; }else{ echo "</br>cannot show data from the sql table"; } ?> </body> </html> PHP: <html> <head> <style type="text/css"> </style> </head> <body> <?php function new_cat(){ //creeaza categorie noua echo "To create a new category please do the following:</br>1. Enter category's name in the field below:</br>";?> <form method="post" name="cat_type" action="<?=$_SERVER['PHP_SELF']?>"> <input type="text" name="cat_name" value=""></br> <?php echo "2. Choose if this is a root category or a subcategory:</br>"; ?> <select name="type"> <option>Root category</option> <option name="subcat">Subcategory</option> </select> </br> <?php echo "3. Press the insert button, and you're done!"; } ?> </body> </html> PHP: It should work.. But I must tell you that the codes you are using are really a lousy one and exposed to many kinds of abuse... If you are making it yourself then you should learn a little more about security and how to use functions efficiently.
@The Webby: I'm doing a large website and am in the process of writing the core scripts. I would like to know why do you think I have low security on it?
First of all, you should never enter any kind of user input directly in database, without filtering it.. second, you should not mix html and php in the way you do, specially if it is a large site.. Your code is not scalable, flexible and user friendly (or even developer friendly).. In Maurice's words - "Your code just gives me the heebiedabajeebies!!!"
Hi... First test with a simple form. Avoid using unnecessary php to output a form. What about the form action? For security... Use strip_tags(), mysql_real_escape_string() and "stop word" list preg_match / finding with foreach are the best ways. Stop word list is critical, you can put important SQL queries with punctuation to avoid matching with normal English words.
Let's just say that the code is too long and the web browser cannot really load it. But, I also agree with Silent.
never thought that might be possible. still i've seen applications like wordpress for example which have thousands of lines of code in one file and still work even with that much information in them.
Nah, code is not too long. Its not the problem.. Problem is with how you are displaying the form and how you are handling the data.. Make something simple like this: <?php require_once 'include_admin.php'; require_once 'mysql_con.php'; ?> <html> <head> <title></title> </head> <body> </br> <form method="post" name="cat_type" action="<?=$_SERVER['PHP_SELF']?>"> To create a new category please do the following:</br>1. Enter category's name in the field below:</br> <input type="text" name="cat_name" value=""></br> <br /> 2. Choose if this is a root category or a subcategory:</br> <select name="type"> <option>Root category</option> <option name="subcat">Subcategory</option> </select> 3. Press the insert button, and you're done!<br /> <input type='submit' name='addCat' method='post' value='New Category'> </form> <?php $cat_name=isset($_POST['cat_name']); $cat_type=isset($_POST['type']); if(isset($_POST['addCat'])){ $query=mysql_query(" INSERT INTO categories ('name','type') VALUES ('$cat_name','$cat_type') ")or die(mysql_error()); echo "succesfully added."; }else{ echo "cannot query database"; } if(isset($query)){ //get query result $scanAllCat=mysql_query(" SELECT name,type FROM categories "); //show query on screen $showAllCat=mysql_result($scanAllCat,0,"name"); echo "Here are all the categories currently available: </br> <style=\"background-color:#5dddec;\">".$showAllCat."</style>"; }else{ echo "</br>cannot show data from the sql table"; } ?> </body> </html> PHP: Also note that your query to get categories from database will not show all the categories available, it will only show the first row. To show all the categories you need this instead: //get query result $scanAllCat=mysql_query(" SELECT name,type FROM categories "); echo "Here are all the categories currently available: "; while($result = mysql_fetch_assoc($scanAllCat)){ echo "<p style=\"background-color:#5dddec;\">".$showAllCat."</p>"; } PHP: Also, you don't use Style tag the way you did in your code..
LOL, check the file permission of the page you are trying to access, make sure you have execution permission for it.. Using Linux or windows?