I have the following script. It is displaying well in the browser but when I type in the text field it doesn't store it in the database. I have open the mysql_connect inside the connection.php <?php require_once("../includes/connection.php");?> <?php if(isset($_POST['Add Comment ' ])){ $comment = mysql_real_escape_string($_POST['author']); $author = mysql_real_escape_string($_POST['author']); $pros = mysql_real_escape_string($_POST['pros']); $cons = mysql_real_escape_string ($_POST['cons']); $id2 = (int) $_GET['id']; $query = "INSERT INTO `comments` (id created, author, pros, cons) VALUES ($id, NOW(), '$author', '$pros', '$cons')"; if(mysql_query($query)) { echo "Thanks for your comment"; } else { echo "Unable to add your comment"; //log mysql_error() here } } ?> <tr><td><table width="487" style="top:850px;" class="calamar"><td width="479" style=" line-height:3;"><strong>Comments:</strong></td> <tr></tr><td style="font-family:\'Times New Roman\', Times, serif; font-size:14px;"> <form id="itemcomments" action="itemdetails.php?id=<?php echo $id2;?>" method="post"> <fieldset> <legend>Make a comment on this item</legend> <div> <label for="nickname">Nickname:</label> <input type="text" name="nickname" id="nickname" maxlength="85" /> </div> <div> <label for="fullname">Full Name:</label> <input type="text" name="fullname" id="fullname" maxlength="85" /> </div> <div> <label for="pros">Pros:</label> <textarea name="pros" id="pros" cols="35" rows="5"></textarea> </div> <div> <label for="cons">Cons:</label> <textarea name="cons" id="cons" cols="35" rows="5"></textarea> </div> <input type="submit" name="submit" value="Add Comment"> <input type="reset" value="Reset Fields"> </fieldset> </form> </table> </td> </tr> <?php PHP:
I put the comma but still went to check the database and there was not information similar to what I input in the field.
I changed it but still now look at the error which are coming now Notice: Trying to get property of non-object in C:\wamp\www\shoes\stores\itemdetails.php on line 30 Notice: Undefined index: author in C:\wamp\www\shoes\stores\itemdetails.php on line 308
You have used 'author' twice, but in form, you've not used it anywhere. In place of $author = mysql_real_escape_string($_POST['author']); PHP: use $author = mysql_real_escape_string($_POST['fullname']); PHP:
I have moved this part of the script <?php if(isset($_POST['submit' ])){ $comment = mysql_real_escape_string($_POST['author']); $author = mysql_real_escape_string($_POST['author']); $pros = mysql_real_escape_string($_POST['pros']); $cons = mysql_real_escape_string ($_POST['cons']); $id2 = (int) $_GET['id']; $query = "INSERT INTO `comments` (appetizers_id,created, author, pros, cons) VALUES ($appetizers_id, NOW(), '$author', '$pros', '$cons')"; if(mysql_query($query)) { echo "Thanks for your comment"; } else { echo "Unable to add your comment"; //log mysql_error() here } } ?> PHP: to the top of the script in itemdetails.php and now the error don't come up but still not data in the database.
thank you YIAM i was doing that mistake plus I was not including the fields nickname and fullname in the table.
Still it is not inserting any comments. <?php require_once("../includes/connection.php");?> <?php if(isset($_POST['submit' ])){ $nickname = mysql_real_escape_string($_POST['nickname']); $fullname = mysql_real_escape_string($_POST['fullname']); $pros = mysql_real_escape_string($_POST['pros']); $cons = mysql_real_escape_string ($_POST['cons']); $id2 = (int) $_GET['id']; $query = "INSERT INTO `comments` (appetizers_id,created, nickname, fullname, pros, cons) VALUES ($appetizers_id, NOW(), '$nickname', '$fullname' '$pros', '$cons')"; if(mysql_query($query)) { echo "Thanks for your comment"; } else { echo "Unable to add your comment"; //log mysql_error() here } } ?> <tr><td><table width="487" style="top:850px;" class="calamar"><td width="479" style=" line-height:3;"><strong>Comments:</strong></td> <tr></tr><td style="font-family:\'Times New Roman\', Times, serif; font-size:14px;"> <form id="itemcomments" action="itemdetails.php?id=<?php echo $id2;?>" method="post"> <fieldset> <legend>Make a comment on this item</legend> <div> <label for="nickname">Nickname:</label> <input type="text" name="nickname" id="nickname" maxlength="85" /> </div> <div> <label for="fullname">Full Name:</label> <input type="text" name="fullname" id="fullname" maxlength="85" /> </div> <div> <label for="pros">Pros:</label> <textarea name="pros" id="pros" cols="35" rows="5"></textarea> </div> <div> <label for="cons">Cons:</label> <textarea name="cons" id="cons" cols="35" rows="5"></textarea> </div> <input type="submit" name="submit" value="Add Comment"> <input type="reset" value="Reset Fields"> </fieldset> </form> </table> </td> </tr> PHP: at this moment the table looks like this CREATE TABLE IF NOT EXISTS `comments` ( `id` int(11) NOT NULL AUTO_INCREMENT, `appetizers_id` int(11) NOT NULL, `created` datetime NOT NULL, `nickname` varchar(255) NOT NULL, `fullname` varchar(255) NOT NULL, `pros` text NOT NULL, `cons` text NOT NULL, PRIMARY KEY (`id`), KEY `appetizers_id` (`appetizers_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
$result = mysql_query($query) or die ("Unable to add your comment"); echo "Thanks for your comment"; PHP:
Also if your going to insert into every field anyway it would be probably easier not to name the fields so something like: $query = "INSERT INTO comments VALUES('','$appetizers_id', NOW(), '$author', '$pros', '$cons')"; mysql_query($query) or die(mysql_error()); Notice how i've left the first part blank because it's the auto_increment field
Hi I made changes but still is not working any other inputs? if(isset($_POST['submit' ])){ $nickname = mysql_real_escape_string($_POST['nickname']); $fullname = mysql_real_escape_string($_POST['fullname']); $pros = mysql_real_escape_string($_POST['pros']); $cons = mysql_real_escape_string ($_POST['cons']); $id2 = (int) $_GET['id']; $query = "INSERT INTO comments ($appetizers_id, NOW(), '$nickname', '$fullname' '$pros', '$cons')"; if(mysql_query($query)) { echo "Thanks for your comment"; } else { echo "Unable to add your comment"; //log mysql_error() here } } PHP:
Hi, 1. You are missing a comma between $fullname and $pros in your SQL Query 2. You are never actually running the query. Try something like this and report what the output is: if(isset($_POST['submit' ])){ //Sanitize and Store form data inside variables $nickname = mysql_real_escape_string($_POST['nickname']); $fullname = mysql_real_escape_string($_POST['fullname']); $pros = mysql_real_escape_string($_POST['pros']); $cons = mysql_real_escape_string ($_POST['cons']); $id2 = (int) $_GET['id']; //Insert data $query = "INSERT INTO comments ('', '$appetizers_id',NOW(),'$nickname','$fullname','$pros', '$cons')"; //Actually run the query or output an error $result = mysql_query($query) or die(mysql_error()); if($result) { echo "Thanks for your comment"; } else { "Sorry there was a problem processing your comment"; } } PHP:
wd_2k6 Thank you I have done exactly what you gave me but still is not submiting the comment in the database I have to say that I before this script: <?php if(isset($_POST['submit' ])){ $nickname = mysql_real_escape_string($_POST['nickname']); $fullname = mysql_real_escape_string($_POST['fullname']); $pros = mysql_real_escape_string($_POST['pros']); $cons = mysql_real_escape_string ($_POST['cons']); $id2 = (int) $_GET['id']; $query = "INSERT INTO comments('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')"; $result = mysql_query($query) or die (mysql_error()); if(result) { echo "Thanks for your comment"; } else { echo "Unable to add your comment"; //log mysql_error() here } } ?> PHP: I have this part of the whole script in the itemdetails.php on top of the script we have been working in this thread: <?php if( isset($_GET['id'])) { $id = $_GET['id']; } ?> PHP: which I use it for another query within the itemdetails.php file and it might be interfering with the $id2= (int) $_GET ['id'] PHP: on the script we have been working in the sanitation of variable part. I don't know if that might be the problem I am just analyzing why it is not inserting. the whole code would look like this. <?php if( isset($_GET['id'])) { $id = $_GET['id']; }?> <?php if(isset($_POST['submit' ])){ $nickname = mysql_real_escape_string($_POST['nickname']); $fullname = mysql_real_escape_string($_POST['fullname']); $pros = mysql_real_escape_string($_POST['pros']); $cons = mysql_real_escape_string ($_POST['cons']); $id2 = (int) $_GET['id']; $query = "INSERT INTO comments('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')"; $result = mysql_query($query) or die (mysql_error()); if(result) { echo "Thanks for your comment"; } else { echo "Unable to add your comment"; //log mysql_error() here } } ?> <?php PHP:
Sorry: $query = "INSERT INTO comments('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')"; PHP: should be: $query = "INSERT INTO comments VALUES('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')"; PHP: I forgot the VALUES keyword If there is an error or something please say what is being outputted
wd_2k6 caught it, it's missing the value. But another thing is that there's a reason I put the 'else' echo in die(). It won't even get to if !$result, it will stop and just print the mysql_error. Instead of mysql_error just put the "Unable to..." bit in it. You don't need to if/else it because again, if it fails it won't get there. I also just noticed you don't have $result, it's just "result". That'll fail. Also, if you have a problem after fixing the "values" bit, echo $query and run it, then paste the query it's trying to submit.
<?php if(isset($_POST['submit' ])){ $nickname = mysql_real_escape_string($_POST['nickname']); $fullname = mysql_real_escape_string($_POST['fullname']); $pros = mysql_real_escape_string($_POST['pros']); $cons = mysql_real_escape_string ($_POST['cons']); $id2 = (int) $_GET['id']; $query = "INSERT INTO comments VALUES ('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')"; $result = mysql_query($query) or die (mysql_error()); echo "Thanks for your comment"; } ?> PHP: I took out the if and else statement. I also fixed the VALUE and the $ sign in the $result variable. the out put is just the header of the page and then the rest is blank. I have a question I should put the script above right on top of the form? or it is ok if I put in on top of the whole script. It still doesn't work.
<?php if(isset($_POST['submit' ])){ $nickname = mysql_real_escape_string($_POST['nickname']); $fullname = mysql_real_escape_string($_POST['fullname']); $pros = mysql_real_escape_string($_POST['pros']); $cons = mysql_real_escape_string ($_POST['cons']); $id2 = (int) $_GET['id']; $query = "INSERT INTO comments VALUES ('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')"; $result = mysql_query($query) or die (mysql_error()); echo "Thanks for your comment"; } ?> PHP: I took out the if and else statement. I also fixed the VALUE and the $ sign in the $result variable. the output right after I click submit is just the header of the page and then the rest is blank and nothing is store in the database. I have a question I should put the script above right on top of the form? or it is ok if I put in on top of the whole script. <?php if(isset($_POST['submit' ])){ $nickname = mysql_real_escape_string($_POST['nickname']); $fullname = mysql_real_escape_string($_POST['fullname']); $pros = mysql_real_escape_string($_POST['pros']); $cons = mysql_real_escape_string ($_POST['cons']); $id2 = (int) $_GET['id']; $query = "INSERT INTO comments VALUES ('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')"; $result = mysql_query($query) or die (mysql_error()); echo "Thanks for your comment"; } ?> Some php code some html code then some php code and then <?php $query = 'SELECT * FROM menu WHERE id = '.intval($id). ' LIMIT 1 ;'; // execute query $result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); // see if any rows were returned if (mysql_num_rows($result) > 0) { $row = mysql_fetch_row($result); { echo '<table width="100%" border="0" cellspacing="0" cellpadding="0" class="itemdetails"> <tr><td width="1100" height="417" bgcolor="#FFFFFF" class="tento"> <table class="cafe"><tr><td width="547"> <a href="#"><h3 align="justify" style="position:relative; height:5px; top: 10px;">',$row[3] ,'</h3></a> </td> </tr> </table> <table width="1215" height="609" class="chencho" > <td class="largethumb" rowspan="8" align="center"> <a href="#"><img src=',$row[0] ,' width="270" height="160" alt="coloe"/></a></td> <td width="544" rowspan="8" padding="0" ><table width="252" style="font-size:12px; position:relative; top:-6px;"> <td width="1"> </td> <td width="54" bgcolor="#FFFFFF"><strong>Price:</strong></td> <td colspan="7">$<span class="style3">',$row[4] ,'</span></td> <tr> <td class="style1"> </td> <td colspan="7" class="style3"> </td> </tr> <tr><td> </td><td><strong>Raiting:</strong></td> <td width="18" class="rating2">*</td> <td width="18" class="rating2">*</td> <td width="18" class="rating2">*</td> <td width="18" class="rating2">*</td> <td width="18" class="rating2">*</td> <td width="71"></td> </tr><tr> <td width="12"><span class="style2">coloso</span></td> </tr> <tr> <td > </td> </tr></table> Â </td> <tr> <td width="224" height="40" rowspan="3"><strong>Details:</strong></td> </tr> <tr> <td width="106" height="28"><a href="#"><img src="../images/add to Car.gif" alt="df" width="99" height="28" /></a></td> </tr><tr> <td height="25"><a href="#"><img src="../images/viewcart.gif" alt="rt" width="99" height="28" /></a></td> </tr> <tr> <td width="224" height="29"><ul> <li>coloso mentiroso</li> </ul></td> </tr> <tr> <td width="224" height="29"><ul> <li>coloso mentiroso</li> </ul></td> </tr> <tr> <td width="224" height="21"><ul> <li>coloso mentiroso</li> </ul></td> </tr><tr> <td height="12" colspan="2"><img src="../images/line..gif" alt="as" width="300" height="7" /></td> </tr> <tr></tr><td rowspan="2"> <table width="162" align="center" class="smallthumbs"> <tr> <td width="46" height="65"><a href="#"><img src=',$row[0] ,' alt="df" width="50" height="50"/></a></td> <td width="36"><a href="#"><img src="../images/image1.jpg" alt="we" width="50" height="50" /></a></td> <td width="57"><a href="#"><img src="../images/launch.jpg" alt="bn" width="50" height="50" /></a></td> <td width="36"><a href="#"><img src="../images/image1.jpg" alt="we" width="50" height="50" /></a></td> </tr> </table></td> <td rowspan="4"> </td> <td height="49"><strong>Rating and Review:</strong></td><td align="center"><a href="#">Add Review</a></td> <tr> <td rowspan="1" height="4" ><table style="font-size:10; position:relative; left:26px;"> <td width="58">One star</td> <td width="40">*****</td> <td width="25">[23]</td> </table></td> </tr><td rowspan="2"></td> <tr><td height="4"><table style="font-size:10; position:relative; left:26px; "> <td width="58">One star</td> <td width="40">*****</td> <td width="25">[23]</td> </table></td> </tr> <td width="321" rowspan="7"></td> <td width="544" rowspan="7"> </td> <td width="224" height="4"><table style="font-size:10; position:relative; left:26px;"> <td width="58">One star</td> <td width="40">*****</td> <td width="25">[23]</td> </table></td> <tr><td width="224" height="4"><table style="font-size:10; position:relative; left:26px;"> <td width="58">One star</td> <td width="40">*****</td> <td width="25">[23]</td> </table></td></tr> <td width="224" height="4"><table style="font-size:10; position:relative; left:26px;"> <td width="58">One star</td> <td width="40">*****</td> <td width="25">[23]</td> </table></td> <tr> <td height="4" colspan="2"><img src="../images/line..gif" alt="df" width="330" height="7" /></td> </tr> <tr> <td width="224" height="52"><strong>Items Specifications:</strong></td> </tr> <td width="224" height="4" style="font-size:11;"><ul> <li>Lemon</li> </ul></td> <tr> <td width="224" height="4" style="font-size:11;"><ul> <li>Marincra</li> </ul></td> </tr> <td width="321" height="29" rowspan="5"> </td> <td width="544" height="29" rowspan="5"> </td> <td height="1" colspan="1" style="font-size:11;"><ul> <li>Sal</li> </ul></td> <tr> <td height="1" style="font-size:11;"><ul> <li>Tomatos</li> </ul></td> </tr> <tr> <td height="1" style="font-size:11;"><ul> <li>Plums</li> </ul></td> </tr> <tr> <td height="1" style="font-size:11;"><ul> <li>Saludos</li> </ul></td> </tr> <tr> <td height="1" style="font-size:11;"><ul> <li>Asucar</li> </ul></td> </tr> </table> ';} } ?> // This is the form where I am using the code if you notice the script we are working on is all the way on the top of the whole file is it ok to have all the way on the top or it's better to put it right here on top of this form instead? Look at the action of the form I want to submit it to the same page we are working in itemdetails.php and I want to be directed to itemdetails.php again how could I do that?// <tr><td><table width="487" style="top:850px;" class="calamar"><td width="479" style=" line-height:3;"><strong>Comments:</strong></td> <tr></tr><td style="font-family:\'Times New Roman\', Times, serif; font-size:14px;"> <form id="itemcomments" action="itemdetails.php?id=<?php echo $id2;?>" method="post"> <fieldset> <legend>Make a comment on this item</legend> <div> <label for="nickname">Nickname:</label> <input type="text" name="nickname" id="nickname" maxlength="85" /> </div> <div> <label for="fullname">Full Name:</label> <input type="text" name="fullname" id="fullname" maxlength="85" /> </div> <div> <label for="pros">Pros:</label> <textarea name="pros" id="pros" cols="35" rows="5"></textarea> </div> <div> <label for="cons">Cons:</label> <textarea name="cons" id="cons" cols="35" rows="5"></textarea> </div> <input type="submit" name="submit" value="Add Comment"> <input type="reset" value="Reset Fields"> </fieldset> </form> </table> </td> </tr> <?php echo'</td>'; echo'</tr>'; echo '</table>'; ?> PHP:
it's fine to put it on top of the page. The tick marks are wrong on the insert though haha. Seems all the little things are getting you, change to this: $query = "INSERT INTO comments VALUES ('','$appetizers_id', NOW(), '$nickname', '$fullname' ,'$pros', '$cons')"; Again though, if you have trouble add: echo $query; and post.