I NEED help with an INSERT form comments

I have the following script. It is displaying well in the browser but when I type in the text field it doesn't store it in the database.
I have open the mysql_connect inside the connection.php

<?php require_once("../includes/connection.php");?>
<?php
if(isset($_POST['Add Comment ' ])){ 

$comment = mysql_real_escape_string($_POST['author']);

$author = mysql_real_escape_string($_POST['author']);

$pros = mysql_real_escape_string($_POST['pros']);

$cons = mysql_real_escape_string ($_POST['cons']);

$id2 = (int) $_GET['id']; 
$query = "INSERT INTO `comments` 

(id created, author, pros, cons) 

VALUES

($id, NOW(), '$author', '$pros', '$cons')";

if(mysql_query($query)) {

    echo "Thanks for your comment";

}

else {

    echo "Unable to add your comment";

    //log mysql_error() here

}
}
?>

<tr><td><table width="487" style="top:850px;" class="calamar"><td width="479" style=" line-height:3;"><strong>Comments:</strong></td>

<tr></tr><td style="font-family:\'Times New Roman\', Times, serif; font-size:14px;">

<form id="itemcomments" action="itemdetails.php?id=<?php echo $id2;?>" method="post">

  <fieldset>

    <legend>Make a comment on this item</legend>

    <div>

      <label for="nickname">Nickname:</label>

      <input type="text" name="nickname" id="nickname" maxlength="85" />

    </div>

    <div>

      <label for="fullname">Full Name:</label>

      <input type="text" name="fullname" id="fullname" maxlength="85" />

    </div>

    <div>

      <label for="pros">Pros:</label>

      <textarea name="pros" id="pros" cols="35" rows="5"></textarea>

    </div>

    <div>

      <label for="cons">Cons:</label>

      <textarea name="cons" id="cons" cols="35" rows="5"></textarea>

    </div>  

    <input type="submit" name="submit" value="Add Comment">

    <input type="reset" value="Reset Fields">   

  </fieldset>

</form>
</table>
</td>
</tr>


<?php

PHP:

 

(id created, author, pros, cons)

You forgot the comma between id and created

 

I put the comma but still went to check the database and there was not information similar to what I input in the field.

 

if(isset($_POST['Add Comment ' ]))


change that code to this:

if(isset($_POST['submit']))

 

I changed it but still

now look at the error which are coming now


Notice: Trying to get property of non-object in C:\wamp\www\shoes\stores\itemdetails.php on line 30

Notice: Undefined index: author in C:\wamp\www\shoes\stores\itemdetails.php on line 308

 

You have used 'author' twice,

but in form, you've not used it anywhere.

In place of

$author = mysql_real_escape_string($_POST['author']);

PHP:

use

$author = mysql_real_escape_string($_POST['fullname']);

PHP:

 

I have moved this part of the script

<?php
if(isset($_POST['submit' ])){ 

$comment = mysql_real_escape_string($_POST['author']);

$author = mysql_real_escape_string($_POST['author']);

$pros = mysql_real_escape_string($_POST['pros']);

$cons = mysql_real_escape_string ($_POST['cons']);

$id2 = (int) $_GET['id']; 
$query = "INSERT INTO `comments` 

(appetizers_id,created, author, pros, cons) 

VALUES

($appetizers_id, NOW(), '$author', '$pros', '$cons')";

if(mysql_query($query)) {

    echo "Thanks for your comment";

}

else {

    echo "Unable to add your comment";

    //log mysql_error() here

}
}
?>

PHP:

to the top of the script in itemdetails.php and now the error don't come up but still not data in the database.

 

thank you YIAM i was doing that mistake plus I was not including the fields nickname and fullname in the table.

 

Still it is not inserting any comments.

<?php require_once("../includes/connection.php");?>
<?php
if(isset($_POST['submit' ])){ 

$nickname = mysql_real_escape_string($_POST['nickname']);

$fullname = mysql_real_escape_string($_POST['fullname']);

$pros = mysql_real_escape_string($_POST['pros']);

$cons = mysql_real_escape_string ($_POST['cons']);

$id2 = (int) $_GET['id']; 
$query = "INSERT INTO `comments` 

(appetizers_id,created, nickname, fullname, pros, cons) 

VALUES

($appetizers_id, NOW(), '$nickname', '$fullname' '$pros', '$cons')";

if(mysql_query($query)) {

    echo "Thanks for your comment";

}

else {

    echo "Unable to add your comment";

    //log mysql_error() here

}
}
?>

<tr><td><table width="487" style="top:850px;" class="calamar"><td width="479" style=" line-height:3;"><strong>Comments:</strong></td>

<tr></tr><td style="font-family:\'Times New Roman\', Times, serif; font-size:14px;">

<form id="itemcomments" action="itemdetails.php?id=<?php echo $id2;?>" method="post">

  <fieldset>

    <legend>Make a comment on this item</legend>

    <div>

      <label for="nickname">Nickname:</label>

      <input type="text" name="nickname" id="nickname" maxlength="85" />

    </div>

    <div>

      <label for="fullname">Full Name:</label>

      <input type="text" name="fullname" id="fullname" maxlength="85" />

    </div>

    <div>

      <label for="pros">Pros:</label>

      <textarea name="pros" id="pros" cols="35" rows="5"></textarea>

    </div>

    <div>

      <label for="cons">Cons:</label>

      <textarea name="cons" id="cons" cols="35" rows="5"></textarea>

    </div>  

    <input type="submit" name="submit" value="Add Comment">

    <input type="reset" value="Reset Fields">   

  </fieldset>

</form>
</table>
</td>
</tr>

PHP:

at this moment the table looks like this

CREATE TABLE IF NOT EXISTS `comments` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`appetizers_id` int(11) NOT NULL,
`created` datetime NOT NULL,
`nickname` varchar(255) NOT NULL,
`fullname` varchar(255) NOT NULL,
`pros` text NOT NULL,
`cons` text NOT NULL,
PRIMARY KEY (`id`),
KEY `appetizers_id` (`appetizers_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;

 

$result = mysql_query($query) or die ("Unable to add your comment");
echo "Thanks for your comment";

PHP:

 

Thank you Goromba

 

Also if your going to insert into every field anyway it would be probably easier not to name the fields so something like:

$query = "INSERT INTO comments VALUES('','$appetizers_id', NOW(), '$author', '$pros', '$cons')";
mysql_query($query) or die(mysql_error());

Notice how i've left the first part blank because it's the auto_increment field

 

Hi I made changes but still is not working any other inputs?

if(isset($_POST['submit' ])){ 

$nickname = mysql_real_escape_string($_POST['nickname']);

$fullname = mysql_real_escape_string($_POST['fullname']);

$pros = mysql_real_escape_string($_POST['pros']);

$cons = mysql_real_escape_string ($_POST['cons']);

$id2 = (int) $_GET['id']; 
$query = "INSERT INTO comments

($appetizers_id, NOW(), '$nickname', '$fullname' '$pros', '$cons')";

if(mysql_query($query)) {

    echo "Thanks for your comment";

}

else {

    echo "Unable to add your comment";

    //log mysql_error() here

}
}

PHP:

 

Hi,

1. You are missing a comma between $fullname and $pros in your SQL Query
2. You are never actually running the query.

Try something like this and report what the output is:

if(isset($_POST['submit' ])){
	
	//Sanitize and Store form data inside variables
	$nickname = mysql_real_escape_string($_POST['nickname']);
	$fullname = mysql_real_escape_string($_POST['fullname']);
	$pros = mysql_real_escape_string($_POST['pros']);
	$cons = mysql_real_escape_string ($_POST['cons']);
	$id2 = (int) $_GET['id'];
	
	//Insert data
	$query = "INSERT INTO comments ('', '$appetizers_id',NOW(),'$nickname','$fullname','$pros', '$cons')";
	//Actually run the query or output an error
	$result = mysql_query($query) or die(mysql_error());
	if($result) { echo "Thanks for your comment"; }
	else { "Sorry there was a problem processing your comment"; }
}

PHP:

 

wd_2k6

Thank you I have done exactly what you gave me

but still is not submiting the comment in the database I have to say that I before this script:

<?php

if(isset($_POST['submit' ])){ 

$nickname = mysql_real_escape_string($_POST['nickname']);

$fullname = mysql_real_escape_string($_POST['fullname']);

$pros = mysql_real_escape_string($_POST['pros']);

$cons = mysql_real_escape_string ($_POST['cons']);

$id2 = (int) $_GET['id']; 
$query = "INSERT INTO comments('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')";
$result = mysql_query($query) or die (mysql_error());
if(result) {

    echo "Thanks for your comment";

}

else {

    echo "Unable to add your comment";

    //log mysql_error() here

}
}
?>

PHP:

I have this part of the whole script in the itemdetails.php on top of the script we have been working in this thread:

<?php 
if( isset($_GET['id']))
{
    $id = $_GET['id'];
}
?> 

PHP:

which I use it for another query within the itemdetails.php file and it might be interfering with the

$id2= (int) $_GET ['id'] 

PHP:

on the script we have been working in the sanitation of variable part.

I don't know if that might be the problem I am just analyzing why it is not inserting.

the whole code would look like this.

<?php 
if( isset($_GET['id']))
{
    $id = $_GET['id'];
}?>
<?php

if(isset($_POST['submit' ])){ 

$nickname = mysql_real_escape_string($_POST['nickname']);

$fullname = mysql_real_escape_string($_POST['fullname']);

$pros = mysql_real_escape_string($_POST['pros']);

$cons = mysql_real_escape_string ($_POST['cons']);

$id2 = (int) $_GET['id']; 

$query = "INSERT INTO comments('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')";
$result = mysql_query($query) or die (mysql_error());
if(result) {

    echo "Thanks for your comment";

}

else {

    echo "Unable to add your comment";

    //log mysql_error() here

}
}
?>
<?php

PHP:

 

Sorry:

$query = "INSERT INTO comments('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')";

PHP:

should be:

$query = "INSERT INTO comments VALUES('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')";

PHP:

I forgot the VALUES keyword

If there is an error or something please say what is being outputted

 

wd_2k6 caught it, it's missing the value. But another thing is that there's a reason I put the 'else' echo in die(). It won't even get to if !$result, it will stop and just print the mysql_error. Instead of mysql_error just put the "Unable to..." bit in it. You don't need to if/else it because again, if it fails it won't get there.

I also just noticed you don't have $result, it's just "result". That'll fail.

Also, if you have a problem after fixing the "values" bit, echo $query and run it, then paste the query it's trying to submit.

 

<?php

if(isset($_POST['submit' ])){ 

$nickname = mysql_real_escape_string($_POST['nickname']);

$fullname = mysql_real_escape_string($_POST['fullname']);

$pros = mysql_real_escape_string($_POST['pros']);

$cons = mysql_real_escape_string ($_POST['cons']);

$id2 = (int) $_GET['id']; 
$query = "INSERT INTO comments VALUES ('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')";
$result = mysql_query($query) or die (mysql_error());

    echo "Thanks for your comment";

}

?>

PHP:

I took out the if and else statement. I also fixed the VALUE and the $ sign in the $result variable. the out put is just the header of the page and then the rest is blank. I have a question I should put the script above right on top of the form? or it is ok if I put in on top of the whole script.

It still doesn't work.

 

<?php

if(isset($_POST['submit' ])){ 

$nickname = mysql_real_escape_string($_POST['nickname']);

$fullname = mysql_real_escape_string($_POST['fullname']);

$pros = mysql_real_escape_string($_POST['pros']);

$cons = mysql_real_escape_string ($_POST['cons']);

$id2 = (int) $_GET['id']; 
$query = "INSERT INTO comments VALUES ('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')";
$result = mysql_query($query) or die (mysql_error());

    echo "Thanks for your comment";

}

?>

PHP:

I took out the if and else statement. I also fixed the VALUE and the $ sign in the $result variable. the output right after I click submit is just the header of the page and then the rest is blank and nothing is store in the database. I have a question I should put the script above right on top of the form? or it is ok if I put in on top of the whole script.

<?php

if(isset($_POST['submit' ])){ 

$nickname = mysql_real_escape_string($_POST['nickname']);

$fullname = mysql_real_escape_string($_POST['fullname']);

$pros = mysql_real_escape_string($_POST['pros']);

$cons = mysql_real_escape_string ($_POST['cons']);

$id2 = (int) $_GET['id']; 
$query = "INSERT INTO comments VALUES ('',$appetizers_id,' NOW(), '$nickname', '$fullname' ,'$pros', '$cons')";
$result = mysql_query($query) or die (mysql_error());

    echo "Thanks for your comment";

}

?>
Some php code

some html code

then some php code and then 

<?php 


$query = 'SELECT * FROM menu WHERE id = '.intval($id). '  LIMIT 1 ;'; 

// execute query 
$result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); 

// see if any rows were returned 
if (mysql_num_rows($result) > 0) { 
$row = mysql_fetch_row($result); {
echo '<table width="100%"  border="0" cellspacing="0" cellpadding="0" class="itemdetails">
<tr><td width="1100" height="417" bgcolor="#FFFFFF" class="tento">
<table class="cafe"><tr><td width="547">
<a href="#"><h3 align="justify" style="position:relative;  height:5px;  top: 10px;">',$row[3] ,'</h3></a>
</td>
</tr>
</table>
<table width="1215" height="609" class="chencho" >
 <td class="largethumb" rowspan="8" align="center">
<a href="#"><img src=',$row[0] ,' width="270" height="160" alt="coloe"/></a></td>
<td width="544" rowspan="8" padding="0"  ><table width="252" style="font-size:12px; position:relative; top:-6px;">
  <td width="1">&nbsp;</td>
  <td width="54" bgcolor="#FFFFFF"><strong>Price:</strong></td>
  <td colspan="7">$<span class="style3">',$row[4] ,'</span></td>
<tr>
  <td class="style1">&nbsp;</td>
  <td colspan="7" class="style3">&nbsp;</td>
</tr>
<tr><td>&nbsp;</td><td><strong>Raiting:</strong></td>
  <td width="18" class="rating2">*</td>
  <td width="18" class="rating2">*</td>
  <td width="18" class="rating2">*</td>
  <td width="18" class="rating2">*</td>
  <td width="18" class="rating2">*</td>
    <td width="71"></td>
</tr><tr>
  <td width="12"><span class="style2">coloso</span></td>
  
</tr>
  <tr>
  <td >&nbsp;</td>
</tr></table>
 </td>
<tr>
  <td width="224" height="40" rowspan="3"><strong>Details:</strong></td>
</tr>
<tr>
  <td width="106" height="28"><a href="#"><img src="../images/add to Car.gif" alt="df" width="99" height="28" /></a></td>
</tr><tr>
  <td height="25"><a href="#"><img src="../images/viewcart.gif" alt="rt" width="99" height="28" /></a></td>
</tr>
<tr>
  <td width="224" height="29"><ul>
    <li>coloso mentiroso</li>
  </ul></td>
</tr>
<tr>
  <td width="224" height="29"><ul>
    <li>coloso mentiroso</li>
  </ul></td>
</tr>
<tr>
  <td width="224" height="21"><ul>
    <li>coloso mentiroso</li>
  </ul></td>
</tr><tr>
  <td height="12" colspan="2"><img src="../images/line..gif" alt="as" width="300" height="7" /></td>
</tr>

<tr></tr><td rowspan="2">
<table width="162" align="center" class="smallthumbs">
<tr>

<td width="46" height="65"><a href="#"><img src=',$row[0] ,' alt="df" width="50" height="50"/></a></td>
<td width="36"><a href="#"><img src="../images/image1.jpg" alt="we" width="50" height="50" /></a></td>
<td width="57"><a href="#"><img src="../images/launch.jpg" alt="bn" width="50" height="50" /></a></td>
<td width="36"><a href="#"><img src="../images/image1.jpg" alt="we" width="50" height="50" /></a></td>
</tr>
</table></td> 
<td rowspan="4">&nbsp;</td> 
<td height="49"><strong>Rating and Review:</strong></td><td align="center"><a href="#">Add Review</a></td>
<tr>
  <td rowspan="1" height="4" ><table style="font-size:10; position:relative; left:26px;">
  <td width="58">One star</td>
  <td width="40">*****</td>
  <td width="25">[23]</td>
  </table></td>
</tr><td rowspan="2"></td>
<tr><td height="4"><table style="font-size:10; position:relative; left:26px; ">
  <td width="58">One star</td>
  <td width="40">*****</td>
  <td width="25">[23]</td>
  </table></td>
</tr>
<td width="321" rowspan="7"></td>

<td width="544" rowspan="7">&nbsp;</td>
  <td width="224" height="4"><table style="font-size:10; position:relative; left:26px;">
  <td width="58">One star</td>
  <td width="40">*****</td>
  <td width="25">[23]</td>
  </table></td>
  <tr><td width="224" height="4"><table style="font-size:10; position:relative; left:26px;">
  <td width="58">One star</td>
  <td width="40">*****</td>
  <td width="25">[23]</td>
  </table></td></tr>




  <td width="224" height="4"><table style="font-size:10; position:relative; left:26px;">
  <td width="58">One star</td>
  <td width="40">*****</td>
  <td width="25">[23]</td>
  </table></td>
  <tr>
    <td height="4" colspan="2"><img src="../images/line..gif" alt="df" width="330" height="7" /></td>
  </tr>



<tr>
  <td width="224" height="52"><strong>Items Specifications:</strong></td>
</tr>
    <td width="224" height="4" style="font-size:11;"><ul>
      <li>Lemon</li>
    </ul></td>
<tr>
  <td width="224" height="4" style="font-size:11;"><ul>
    <li>Marincra</li>
  </ul></td>
</tr>
  <td width="321" height="29" rowspan="5">&nbsp; </td>
<td width="544" height="29" rowspan="5">&nbsp;</td>







    <td height="1" colspan="1" style="font-size:11;"><ul>
      <li>Sal</li>
    </ul></td>
    <tr>
      <td height="1" style="font-size:11;"><ul>
        <li>Tomatos</li>
      </ul></td>
    </tr> <tr>
      <td height="1" style="font-size:11;"><ul>
        <li>Plums</li>
      </ul></td>
    </tr> <tr>
      <td height="1" style="font-size:11;"><ul>
        <li>Saludos</li>
      </ul></td>
    </tr> <tr>
      <td height="1" style="font-size:11;"><ul>
        <li>Asucar</li>
      </ul></td>
    </tr>
  
</table>	
';}
}
?>

// This is the form where I am using the code if you notice the script we are working on is all the way on the top of the whole file is it ok to have all the way on the top or it's better to put it right here on top of this form instead? 
Look at the action of the form I want to submit it to the same page we are working in itemdetails.php and I want to be directed to itemdetails.php again how could I do that?//


<tr><td><table width="487" style="top:850px;" class="calamar"><td width="479" style=" line-height:3;"><strong>Comments:</strong></td>

<tr></tr><td style="font-family:\'Times New Roman\', Times, serif; font-size:14px;">

<form id="itemcomments" action="itemdetails.php?id=<?php echo $id2;?>" method="post">

  <fieldset>

    <legend>Make a comment on this item</legend>

    <div>

      <label for="nickname">Nickname:</label>

      <input type="text" name="nickname" id="nickname" maxlength="85" />

    </div>

    <div>

      <label for="fullname">Full Name:</label>

      <input type="text" name="fullname" id="fullname" maxlength="85" />

    </div>

    <div>

      <label for="pros">Pros:</label>

      <textarea name="pros" id="pros" cols="35" rows="5"></textarea>

    </div>

    <div>

      <label for="cons">Cons:</label>

      <textarea name="cons" id="cons" cols="35" rows="5"></textarea>

    </div>  

    <input type="submit" name="submit" value="Add Comment">

    <input type="reset" value="Reset Fields">   

  </fieldset>

</form>
</table>
</td>
</tr>


<?php
echo'</td>';
echo'</tr>';
echo '</table>';
?>

PHP:

 

it's fine to put it on top of the page. The tick marks are wrong on the insert though haha. Seems all the little things are getting you, change to this:

$query = "INSERT INTO comments VALUES ('','$appetizers_id', NOW(), '$nickname', '$fullname' ,'$pros', '$cons')";

Again though, if you have trouble add: echo $query; and post.