I have the following sections of code :- $date = $_POST['fldYear'] . '-' . $_POST['fldMonth'] . '-' . $_POST['fldDay']; PHP: To set a date from three drop down boxes. <input name="datefished" type="hidden" id="datefished" value="<?php echo $date ?>" /> PHP: To set a hidden field to accept this new date. if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1") && $word_ok=="yes") { $insertSQL = sprintf("INSERT INTO catches (fldYear, fldMonth, fldDay, datefished, name, pegno, nofishca, specie, largewght, catchwght) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['fldYear'], "int"), GetSQLValueString($_POST['fldMonth'], "int"), GetSQLValueString($_POST['fldDay'], "int"), GetSQlValueString($_POST['datefished'], "date"), GetSQLValueString($_POST['name'], "text"), GetSQLValueString($_POST['pegno'], "int"), GetSQLValueString($_POST['nofishca'], "int"), GetSQLValueString($_POST['specie'], "text"), GetSQLValueString($_POST['largewght'], "int"), GetSQLValueString($_POST['catchwght'], "int")); mysql_select_db($database_roughamlake, $roughamlake); $Result1 = mysql_query($insertSQL, $roughamlake) or die(mysql_error()); $insertGoTo = "catch.php"; if (isset($_SERVER['QUERY_STRING'])) { $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?"; $insertGoTo .= $_SERVER['QUERY_STRING']; } header(sprintf("Location: %s", $insertGoTo)); } PHP: To post this (plus my other fields), into a mysql table. The problem is that the hidden field (name datefished), is posting as 0000-00-00 and not accepting any date. Where am I going wrong with this? Its driving me nuts. Any help would be gratefully received.
There are several issues with this code. 1. You do not validate the input submitted by user. Yes, even if it is hidden field, you should always validate your input otherwise you are opening up your system for abuse. 2. If you want to see what is the values that you get do print_r($_POST); PHP: This will show you what input element has what value. To me looks like there are many errors in your code, which can not be pointed out using just the snippets. If you could post a file, then I look at it and give you exact answer. Also, I don't know if you are using javascript to update the value of the hidden element. If not then this is your problem too.
The full code for this page is as below, I am not using any javascript with this particular element. I'd be very interested in what parts of the previously posted code was incorrect, as most of it was auto generated by dreamweaver (I'm not all that proficient at php programming). The code has large amounts of code created for a CAPTCHA system, which I use on the site, this has been created by someone else, but I know this works well as I use it on 2 other pages on the same site (I've had problems previously with spammers, but this system stopped them). Many thanks for your help. <? /************************************************************\ * * freeCap v1.4.1 Copyright 2005 Howard Yeend * www.puremango.co.uk * * This file is part of freeCap. * * freeCap is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * freeCap is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with freeCap; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * * \************************************************************/ // this is the 'form' side of the script. // I suggest making the user fill in the main form // then take them here and update the information with a 'freecap_passed' flag if they enter the // correct word. This way, if they don't enter the right word, they don't lose all their data // and you don't have to code a form that remembers all their data // also, if someone is spamming you, you've got a log of all the failed attempts // which might prove useful for legal action or just for amusement, plus you'll be able to see // if you're stopping spammers or if the majority of failed registrations are valid users who // just can't read the word properly... // To avoid blocking out partially sighted users, I'd suggest having a 'submit without entering word' // button, which sends the info to you for manual verification. It's a lot simpler than trying to // implement a secure audio-captcha. session_start(); if(!empty($_SESSION['freecap_word_hash']) && !empty($_POST['word'])) { // all freeCap words are lowercase. // font #4 looks uppercase, but trust me, it's not... if($_SESSION['hash_func'](strtolower($_POST['word']))==$_SESSION['freecap_word_hash']) { // reset freeCap session vars // cannot stress enough how important it is to do this // defeats re-use of known image with spoofed session id $_SESSION['freecap_attempts'] = 0; $_SESSION['freecap_word_hash'] = false; // now process form // now go somewhere else // header("Location: somewhere.php"); $word_ok = "yes"; } else { $word_ok = "no"; } } else { $word_ok = false; } ?> <?php require_once('../Connections/roughamlake.php'); ?> <?php function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue; switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } $date = $_POST['fldYear'] . '-' . $_POST['fldMonth'] . '-' . $_POST['fldDay']; if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1") && $word_ok=="yes") { $insertSQL = sprintf("INSERT INTO catches (fldYear, fldMonth, fldDay, datefished, name, pegno, nofishca, specie, largewght, catchwght) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['fldYear'], "int"), GetSQLValueString($_POST['fldMonth'], "int"), GetSQLValueString($_POST['fldDay'], "int"), GetSQlValueString($_POST['datefished'], "date"), GetSQLValueString($_POST['name'], "text"), GetSQLValueString($_POST['pegno'], "int"), GetSQLValueString($_POST['nofishca'], "int"), GetSQLValueString($_POST['specie'], "text"), GetSQLValueString($_POST['largewght'], "int"), GetSQLValueString($_POST['catchwght'], "int")); mysql_select_db($database_roughamlake, $roughamlake); $Result1 = mysql_query($insertSQL, $roughamlake) or die(mysql_error()); $insertGoTo = "catch.php"; if (isset($_SERVER['QUERY_STRING'])) { $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?"; $insertGoTo .= $_SERVER['QUERY_STRING']; } header(sprintf("Location: %s", $insertGoTo)); } ?> <html> <head> <script language="javascript"> <!-- function new_freecap() { // loads new freeCap image if(document.getElementById) { // extract image name from image source (i.e. cut off ?randomness) thesrc = document.getElementById("freecap").src; thesrc = thesrc.substring(0,thesrc.lastIndexOf(".")+4); // add ?(random) to prevent browser/isp caching document.getElementById("freecap").src = thesrc+"?"+Math.round(Math.random()*100000); } else { alert("Sorry, cannot autoreload freeCap image\nSubmit the form and a new freeCap will be loaded"); } } //--> </script> <style type="text/css"> body{ font-family: verdana; font-size: 14px; background: #CCC; background-color: #FFFFFF; } td{ font-family: verdana; font-size: 10px; } body,td,th { font-family: Arial; } .style5 {font-family: Arial; font-size: 14px; } .style6 {font-size: 14px} </style> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>Rougham Lake Catch Entry</title></head> <body> <table border="0" width="689" cellpadding="0" cellspacing="0"> <tr> <td width="687"><img src="images/spacer.gif" height="5" width="14"></td> </tr> </table> <table border="0" cellpadding="0" cellspacing="0" width="100%" bgcolor="#004E49" height="74"> <tr> <td width="14" rowspan="3" height="74" bgcolor="#00A5CE"><img src="images/spacer.gif" height="74" width="14"></td> <td width="140" rowspan="3"><img border="0" src="images/fish2.jpg" width="140" height="70"></td> <td width="100%" bgcolor="#00A5CE" height="52" align=center> <div align="center"> <center> <pre align="center"><i><b><font color="#FFFFFF" size="3" face="Arial Black">Rougham Lake Carp Fishery, Bury St Edmunds, Suffolk</font></b></i></pre> </center> </div></td> </tr> <tr> <td width="100%" height="14"><img border="0" src="images/bar2.jpg" width="524" height="14"></td> </tr> <tr> <td width="100%" height="8"><img border="0" src="images/bar1.jpg" width="522" height="8"></td> </tr> <tr> <td width="100%" colspan="3" bgcolor="white"><img src="images/spacer.gif" height="5" width="14"></td> </tr> </table> <div align="left"> <p><u><b><font size="4" face="Arial">ADD NEW CATCH </font></b></u></p> <p>Please leave your catch details below and click the "Add Catch" button to submit to the catch table.</p> <p>To stop spammers from automatically posting to our catch table, can we ask that you enter the word shown below in the box provided, if successful you will be taken back to the catch table, if you are unsuccessful you will have to re-enter your details and code again.</p> <p>If the code is not easily readable, please click the "click here" link to obtain a more easily readable word. <br /> </p> </div> <form action="<?php echo $editFormAction; ?>" name="form1" method="POST"> <table width="515" cellpadding="0" cellspacing="0"> <tr> <td><span class="style5">Date Fished </span></td> <td><select name="fldDay" id="fldDay"> <option value="01">01</option> <option value="02">02</option> <option value="03">03</option> <option value="04">04</option> <option value="05">05</option> <option value="06">06</option> <option value="07">07</option> <option value="08">08</option> <option value="09">09</option> <option value="10">10</option> <option value="11">11</option> <option value="12">12</option> <option value="13">13</option> <option value="14">14</option> <option value="15">15</option> <option value="16">16</option> <option value="17">17</option> <option value="18">18</option> <option value="19">19</option> <option value="20">20</option> <option value="21">21</option> <option value="22">22</option> <option value="23">23</option> <option value="24">24</option> <option value="25">25</option> <option value="26">26</option> <option value="27">27</option> <option value="28">28</option> <option value="29">29</option> <option value="30">30</option> <option value="31">31</option> </select> <select name="fldMonth" id="fldMonth"> <option value="01">01</option> <option value="02">02</option> <option value="03">03</option> <option value="04">04</option> <option value="05">05</option> <option value="06">06</option> <option value="07">07</option> <option value="08">08</option> <option value="09">09</option> <option value="10">10</option> <option value="11">11</option> <option value="12">12</option> </select> <select name="fldYear" id="fldYear"> <option value="2006">2006</option> <option value="2007">2007</option> <option value="2008">2008</option> <option value="2009">2009</option> <option value="2010">2010</option> <option value="2011">2011</option> <option value="2012">2012</option> <option value="2013">2013</option> <option value="2014">2014</option> <option value="2015">2015</option> <option value="2016">2016</option> <option value="2017">2017</option> <option value="2018">2018</option> <option value="2019">2019</option> <option value="2020">2020</option> </select> <input name="datefished" type="hidden" id="datefished" value="<?php echo $date ?>" /> </td> </tr> <tr> <td width="216"><span class="style5">Name</span></td> <td width="297"><input name="name" type="text" id="name" size="40"></td></tr> <tr> <td><span class="style6">Peg Number </span></td> <td><select name="pegno" size="1" id="pegno"> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5</option> <option value="6">6</option> <option value="7">7</option> <option value="8">8</option> <option value="9">9</option> <option value="10">10</option> <option value="11">11</option> <option value="13">12</option> <option value="14">14</option> <option value="15">15</option> <option value="16">16</option> <option value="17">17</option> <option value="18">18</option> <option value="19">19</option> <option value="20">20</option> <option value="21">21</option> <option value="22">22</option> <option value="23">23</option> <option value="24">24</option> </select></td> </tr> <tr> <td><span class="style6">No. Fish Caught </span></td> <td><input name="nofishca" type="text" id="nofishca" size="4" maxlength="4"></td> </tr> <tr> <td><span class="style6">Fish Specie </span></td> <td><select name="specie" size="1" id="specie"> <option value="Mirror Carp">Mirror Carp</option> <option value="Common Carp">Common Carp</option> <option value="Leather Varp">Leather Varp</option> <option value="Koi Carp">Koi Carp</option> <option value="Bream">Bream</option> <option value="Roach">Roach</option> <option value="Rudd">Rudd</option> <option value="Tench">Tench</option> <option value="Pike">Pike</option> </select></td> </tr> <tr> <td class="style6">Weight Of Largest Fish (lb)</td> <td><input name="largewght" type="text" id="largewght" size="6" maxlength="6"></td> </tr> <tr> <td class="style6">Total Catch Weight (lb)</td> <td><input name="catchwght" type="text" id="catchwght" size="6" maxlength="6"></td> </tr> <tr><td> </td> <td><img src="freecap.php" id="freecap"></td> </tr> <tr><td colspan="2"><span class="style5">If you can't read the word, <a href="#" onClick="this.blur();new_freecap();return false;">click here</a></span></td> </tr> <tr> <td><span class="style5">Word above</span></td> <td><input type="text" name="word"></td></tr> <tr><td colspan="2"><input type="submit" value="Add Catch"></td></tr> </table> <br /><br /> <input type="hidden" name="MM_insert" value="form1"> </form> </body> </html> PHP:
I've been able to pass a value to the hidden field by setting in the session_start() the following :- $_SESSION['datefished'] = $datefished; $datefished = $_POST['fldYear'] . '-' . $_POST['fldMonth'] . '-' . $_POST['fldDay']; PHP: And on the hidden field line, the following :- <input name="datefished" type="hidden" id="datefished" value="<?php echo $_SESSION['datefished']; ?>" /> PHP: Unfortunately the date that is hitting the mysql table is the date from the previous entry, and not the one entered on this entry !! Can anyone please help me with this ???