I have just tested a new support ticket and the general ticket info is added to the first db table and the files are being stored in the second db table but the ticket_id is not being stored in the second db table. Below is the whole code I have <?php // Initialize the session session_start(); $username = $_SESSION['user_name']; $customername = $_SESSION['customer_name']; $customeremail = $_SESSION['customer_email']; ini_set('display_startup_errors', 1); ini_set('display_errors', 1); error_reporting(-1); require_once "registerconfig.php"; if (isset($_POST['submit'])) { // File upload configuration $targetDir = "support-ticket-images/"; $allowTypes = array('pdf','doc','docx','jpg','png','jpeg','gif'); $statusMsg = $errorMsg = $insertValuesSQL = $errorUpload = $errorUploadType = ''; // Escape user inputs for security $ticket_subject = htmlentities($_POST['ticket_subject'], ENT_QUOTES); $ticket_message = strip_tags($_POST['ticket_message'], ENT_QUOTES); $ticket_status ='PENDING SUPPORT'; $ticket_id = htmlentities($_POST["ticket_id"], ENT_QUOTES); $username = htmlentities($_SESSION["user_name"], ENT_QUOTES); $user_id = htmlentities($_SESSION["user_id"], ENT_QUOTES); $fileNames = array_filter($_FILES['files']['name']); if(!empty($fileNames)){ foreach($_FILES['files']['name'] as $key=>$val){ // File upload path $fileName = basename($_FILES['files']['name'][$key]); $targetFilePath = $targetDir . $fileName; // Check whether file type is valid $fileType = pathinfo($targetFilePath, PATHINFO_EXTENSION); if(in_array($fileType, $allowTypes)){ // Upload file to server if(move_uploaded_file($_FILES["files"]["tmp_name"][$key], $targetFilePath)){ // Image db insert sql $insertValuesSQL .= "('".$fileName."','".$username."','".$ticket_id."','".$user_id."'),"; }else{ $errorUpload .= $_FILES['files']['name'][$key].' | '; } }else{ $errorUploadType .= $_FILES['files']['name'][$key].' | '; } } if(!empty($insertValuesSQL)){ $insertValuesSQL = trim($insertValuesSQL, ','); // Insert image file name into database $insert = "INSERT INTO support_tickets (ticket_subject, ticket_message, ticket_status, user_name, user_id) VALUES ('$ticket_subject', '$ticket_message', '$ticket_status', '$username', '$user_id');"; $insert .= "INSERT INTO support_ticket_files (file_name, ticket_id, user_name, user_id) VALUES $insertValuesSQL";?> PHP: I enabled error reporting and it says the following error Notice: Undefined index: ticket_id in /home/itdonerightco/public_html/account/create-support-ticket.php on line 45 Line 45 is $ticket_id = htmlentities($_POST["ticket_id"], ENT_QUOTES); PHP:
Just managed to solve it by removing the code on line 45 and amending the line below from $insertValuesSQL .= "('".$fileName."','".$username."','".$ticket_id."','".$user_id."'),"; PHP: to $insertValuesSQL .= "('".$fileName."',LAST_INSERT_ID(),'".$username."','".$user_id."'),"; PHP:
When you have some time look up filter_input as a better way of getting the values from $_POST $endpoint = filter_input(INPUT_POST, 'endpoint', FILTER_DEFAULT); Code (markup):
Ahh ok thank you, is that better than the following? $ticket_subject = htmlentities($_POST['ticket_subject'], ENT_QUOTES); $ticket_message = strip_tags($_POST['ticket_message'], ENT_QUOTES); PHP:
ok just looking it up on php.net, going by the example I have and amending it to suit my coding, would the new lines look like the following? $ticket_subject = filter_input(INPUT_GET, 'ticket_subject', FILTER_SANITIZE_STRING); $ticket_message = filter_input(INPUT_GET, 'ticket_message', FILTER_SANITIZE_STRING); PHP:
Oh right ok, have you got a link to a example I can look it or is it ok to keep it as the code I put above? Hopefully will work all ok still when I test it again haha
Just tested it and it did not enter the ticket subject and message into the db table so will need to look into it further and amend the lines I think. Is there a example I can look at to see how to do it or could the following work? $ticket_subject = filter_input(INPUT_GET, 'ticket_subject', FILTER_SANITIZE_SPECIAL_CHARS); $ticket_message = filter_input(INPUT_GET, 'ticket_message', FILTER_SANITIZE_SPECIAL_CHARS); PHP:
Just tried again and it worked this time after using the same lines as the first filter input but instead of INPUT_GET I used INPUT_POST and has worked $ticket_subject = filter_input(INPUT_POST, 'ticket_subject', FILTER_SANITIZE_STRING); $ticket_message = filter_input(INPUT_POST, 'ticket_message', FILTER_SANITIZE_STRING); PHP:
Getting those the right way around certainly makes a difference. Use php.net as your reference for things like filter_input - there's so much information and so many code examples. I had some jquery code that I thought was using put to send but wasn't coming through. My browser's developer tools was able to show me that I was actually using get.
Will use php.net as a reference from now and learn it more and if get stuck on anything I'll post on here if ok