Ok, I've been working on this code for longer than I care to imagine, especially with how many revisions I've had to make with it, and now I am working on this code comes up when attempting to access the server: This error starts and ends between the brackets of if (isset($_POST['submit'])) My Hosting service says that my script is causing the issues, yet I can't see how or where... I use Aptana Studio and Notepad++ both don't show any errors. Here is my code: <?php require_once('connectvars.php'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>PDI Non-Conforming Materials Report</title> <link rel="stylesheet" type="text/css" href="CSS/postie.css" /> </head> <body> <div id="logo"> <img src="images/PDI_Logo_2.1.gif" alt="PDI Logo" /> </div> <div id="title"> <h3 id="NCMR2">Non-Conforming Materials Report (NCMR)</h3> </div> <?php //Post Data if (isset($_POST['submit'])) { $ab = mysql_real_escape_string($_POST['ab']); $date = mysql_real_escape_string(date('Y-m-d',strtotime ($_POST['date']))); $part = mysql_real_escape_string($_POST['part']); $rev = mysql_real_escape_string($_POST['rev']); $partdesc = mysql_real_escape_string($_POST['partdesc']); $ncmrqty = mysql_real_escape_string($_POST['ncmrqty']); $comp = mysql_real_escape_string($_POST['comp']); $ncmrid = mysql_real_escape_string($_POST['ncmrid']); $rma = mysql_real_escape_string($_POST['rma']); $jno = mysql_real_escape_string($_POST['jno']); $fdt = mysql_real_escape_string($_POST['fdt']); $cof = mysql_real_escape_string($_POST['cof']); $fab1= mysql_real_escape_string($_POST['fab1']); $fab2= mysql_real_escape_string($_POST['fab2']); $fab3= mysql_real_escape_string($_POST['fab3']); $non= mysql_real_escape_string($_POST['non']); $dis= mysql_real_escape_string($_POST['dis']); $comm= mysql_real_escape_string($_POST['comm']); $caad= mysql_real_escape_string($_POST['caad']); $po= mysql_real_escape_string($_POST['po']); $pod = mysql_real_escape_string(date('Y-m-d',strtotime($_POST['pod']))); $dri = mysql_real_escape_string(date('Y-m-d',strtotime($_POST['dri']))); $output_form = 'no'; if (empty($ab) || empty($date) || empty($part) || empty($partdesc) || empty($ncmrid) || empty($non) || empty($dis) || empty($po) || empty($pod) || empty($dri)) { // We know at least one of the input fields is blank echo 'Please fill out all of the required NCMR information.<br />'; $output_form = 'yes'; } } else { $output_form = 'yes'; } //Access the Database if (!empty($ab) && !empty($date) && !empty($pod)) { $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) or die('Error connecting to MySQL server.'); $query = "INSERT INTO ncmr (ab, date, part, rev, partdesc, ncmrqty, comp, ncmrid, rma, jno, fdt, cof, fab1, fab2, fab3, non, dis, comm, caad, po, pod, dri) VALUES ('$ab', '$date', '$part', '$rev', '$partdesc', '$ncmrqty', '$comp', '$ncmrid', '$rma', '$jno', '$fdt','$cof', '$fab1', '$fab2', '$fab3', '$non', '$dis', '$comm', '$caad', '$po', '$pod', '$dri')"; mysqli_query($dbc, $query) or die ('Data not inserted.'); // Confirm success with the user echo '<tr><td class="thank">'; echo '<p>Thank you for adding the NCRM, the correct person will be informed.</p>'; echo '<p><a href="post.php"><< Back to the form</a></p>'; echo '</td></tr>'; mysqli_close($dbc); } if ($output_form == 'yes') { echo "<form action='".$_SERVER['PHP_SELF']."' method='post'>"; echo '<fieldset>'; //Part, Rev, Part Description, NCMR Qty echo '<div id="box1">'; echo '<div id="ab"><span class="b">Added By: </span><input type="text" name="ab" value="" /></div>'; echo '<div id="date"><span class="b">Date Filed: </span><input type="text" name="date" value="" /></div>'; echo '<div id="part"><span class="b">Part Number: </span><input type="text" name="part" value="" /></div>'; echo '<div id="rev"><span class="b">Part Revision: </span><input type="text" name="rev" value="" /></div>'; echo '<div id="partdesc"><span class="b">Part Description: </span><textarea name="partdesc" rows="3" cols="22" ></textarea></div>'; echo '<div id="ncmrqty"><span class="b">NCMR Qty: </span><input type="text" name="ncmrqty" value="" /></div>'; echo '</div>'; //Inventory On Hand, Inventory Check, Supplier Name, Supplier Number, Manufacturer Part Number, Manufactuer Serial Number and NCMR ID echo '<div id="box2">'; echo'<div id="comp">'; echo '<span class="b">Company: </span>'; $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $mysqli->select_db('comp'); $result = $mysqli->query("SELECT * FROM comp"); $i = 0; echo "<SELECT name='comp'>\n"; while($row = $result->fetch_assoc()) { if ($i == 4) echo '<option value="lines">-----</option>'; echo "<option value='{$row['user_id']}'>{$row['name']}</option>\n"; $i++; } echo "</select>\n"; echo '</div>'; echo '<div id="ncmrid"><span class="b">Customer NCMR ID: </span><input type="text" name="ncmrid" value="" /></div>'; echo '<div id="rma"><span class="b">Internal RMA #: </span><input type="text" name="rma" value="" /></div>'; echo '<div id="jno"><span class="b">Job #: </span><input type="text" name="jno" value="" /></div>'; echo '</div>'; //Type of Failure and Class of Failure echo '<div id="box3">'; echo '<h2>Fabricators</h2>'; echo '<div id="fdt">'; echo '<span class="b">Failure Due To: </span><br />'; echo '<select name="fdt">'; echo '<option value="none">----None----</option>'; echo '<option value="In House">In House</option>'; echo '<option value="Third Party">Third Party</option>'; echo '</select>'; echo '</div>'; echo'<div id="cof">'; echo '<span class="b">Class of Failure: </span><br />'; echo '<select name="cof">'; echo '<option value="none">----None----</option>'; echo '<option value="Materials">Materials</option>'; echo '<option value="Fabrication">Fabrication</option>'; echo '<option value="Drawing">Drawing</option>'; echo '<option value="Assembly">Assembly</option>'; echo '<option value="Testing">Testing</option>'; echo '<option value="Electrical">Electrical</option>'; echo '<option value="Programming">Programming</option>'; echo '<option value="Machining">Machining</option>'; echo '<option value="Inspection">Inspection</option>'; echo '<option value="Purchasing">Purchasing</option>'; echo '<option value="Administrator">Administrator</option>'; echo '</select>'; echo '</div>'; echo '</div>'; //Fabricators echo '<div id="box4">'; echo '<h2>Fabricators</h2>'; echo'<div id="fab1">'; $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $mysqli->select_db('user'); $result = $mysqli->query("SELECT * FROM user"); echo "<SELECT name='fab1'>\n"; while($row = $result->fetch_assoc()) { echo "<option value='{$row['user_id']}'>{$row['user']}</option>\n";} echo "</select>\n"; echo '</div>'; echo'<div id="fab2">'; $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $mysqli->select_db('user'); $result = $mysqli->query("SELECT * FROM user"); echo "<SELECT name='fab2'>\n"; while($row = $result->fetch_assoc()) { echo "<option value='{$row['user_id']}'>{$row['user']}</option>\n";} echo "</select>\n"; echo '</div>'; echo'<div id="fab3">'; $mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $mysqli->select_db('user'); $result = $mysqli->query("SELECT * FROM user"); echo "<SELECT name='fab3'>\n"; while($row = $result->fetch_assoc()) { echo "<option value='{$row['user_id']}'>{$row['user']}</option>\n";} echo "</select>\n"; echo '</div>'; echo '</div>'; //Nonconformity, Disposition, Comments and Comments & Additional Details echo '<div id="box5">'; echo '<div id="non"><span class="b">Nonconformity: </span><br /><textarea name="non" rows="3" cols="110" ></textarea><br /></div>'; echo '<div id="dis"><span class="b">Disposition: </span><br /><textarea name="dis" rows="3" cols="110" ></textarea></div>'; echo '<div id="comm"><span class="b">Comments: </span><br /><textarea name="comm" rows="3" cols="110" ></textarea></div>'; echo '<div id="caad"><span class="b">Comments and/or Additional Details: </span><br /><textarea name="caad" rows="3" cols="110" ></textarea></div>'; //PO, PO Date, and Date Recieved echo '<div id="podr">'; echo '<div id="po"><span class="b">PO: </span><input type="text" name="po" size="7" value="" /></div>'; echo '<div id="pod"><span class="b">PO Date: </span><input type="text" name="pod" size="7" value="" /></div>'; echo '<div id="dri"><span class="b">Date Received: </span><input type="text" name="dri" size="7" value=""'; echo '</div>'; echo '<div id="button"><input type="submit" value="Submit NCMR" name="submit" /></div>'; echo '</div>'; echo '</fieldset>'; echo '</form>'; } ?> </body> </html> Code (markup): This is as simple as I can make the code, I can't imagine where the error is, because this looks like it should work without any issues. Can someone help me please trying to figure out where this error is?
mysql_real_escape_string() is a function based on a mysql connection, meaning you should have an active connection before calling that function.. just like you can't call mysql_query() so you can't call the escape before establishing the connection. In your code, just move the line that connects to your server above the line where you escape also, as a general rule of thumb, always connect to your mysql server at the top of your script so you'll avoid problems like this one
So how would you have it? I'm curious because I've been reading books etc, and everyone seems to have different views on this...most have it the way I have it set up in the script.
Ok, this is on the back burner. It may be something in where it's beyond my control. My hosting site seems to be having database issues. In where the name/pass for the database is correct but not accurate. I spent 2 hours trying to talk to them, and so far they opened a ticket... so we will see what happens.