Good morning everybody,
my name is Daniel, I’m from Italy and this is my first post in here.
Hope not to bother you too much..:-)
LEt’s start: I am creating a php page to insert data on a mysql table using a form. The form is basically a mix of free text fields and drop down lists.
This is the structure of the mysql table:
[CODE]
Campo Tipo Collation Attributi Null Predefinito Extra Azione
id int(11) No None AUTO_INCREMENT
nome varchar(128) latin1_swedish_ci No None
cognome varchar(128) latin1_swedish_ci No None
sesso varchar(120) latin1_swedish_ci No None
codfis varchar(128) latin1_swedish_ci No None
città varchar(128) latin1_swedish_ci No None
titolo varchar(128) latin1_swedish_ci No None
reato varchar(120) latin1_swedish_ci No None
giustizia varchar(120) latin1_swedish_ci No None
note varchar(120) latin1_swedish_ci No None
This is the main insert page:
insert.php
[CODE]
<?php
session_start();
?>
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″ />
<title>Inserimento scheda</title>
<link href=”loginmodule.css” rel=”stylesheet” type=”text/css” />
<style type=”text/css”>
.auto-style1 {
text-align: center;
}
.auto-style2 {
color: #FF9900;
text-align: center;
font-size: small;
}
.auto-style3 {
border: 1px solid #000000;
}
.auto-style4 {
margin-bottom: 0px;
}
</style>
</head>
<body>
<?php
if( isset($_SESSION[‘ERRMSG_ARR’]) && is_array($_SESSION[‘ERRMSG_ARR’]) && count($_SESSION[‘ERRMSG_ARR’]) >0 ) {
echo ‘<ul class=”err”>’;
foreach($_SESSION[‘ERRMSG_ARR’] as $msg) {
echo ‘<li>’,$msg,'</li>’;
}
echo ‘</ul>’;
unset($_SESSION[‘ERRMSG_ARR’]);
}
$sesso = array(
‘uomo’ => 1,
‘donna’ => 2
);
$città = array(
‘Siena’ => 1,
‘Catania’ => 2
);
$titolo = array(
‘Licenza elementare’ => 1,
‘Licenza media’ => 2,
‘Diploma’ => 3,
‘Laurea’ => 4,
‘Nessuno’ => 5
);
$reato = array(
‘Contro il patrimonio’ => 1,
‘Contro la persona’ => 2,
‘Contro L. 309/90’ => 3,
‘ALTRO’ => 4,
‘N.S.’ => 5
);
$giustizia = array(
‘Detenuti’ => 1,
‘Semiliberi’ => 2,
‘Detenuti domiciliari’ => 3,
‘Affidati in prova ai s.s.’ => 4,
‘Ex detenuti’ => 5,
‘Arresti domiciliari’ => 6,
‘Misure di sicurezza’ => 7,
‘Sospensione pena’ => 8
);
function generateSelect($name = ”, $options = array()) {
$html = ‘<select name=”‘.$name.'”>’;
foreach ($options as $option => $value) {
$html .= ‘<option value=’.$value.’>’.$option.'</option>’;
}
$html .= ‘</select>’;
return $html;
};
?>
<form id=”schedainserimento” name=”schedainserimento” method=”post” action=”insert-exec.php”>
<p class=”auto-style1″>
<img alt=”” height=”113″ src=”minilogo.jpg” width=”103″><img alt=”” height=”94″ src=”sole.jpg” width=”583″></p>
<p class=”auto-style2″> </p>
<p class=”auto-style2″> </p>
<p class=”auto-style2″><strong>Inserimento scheda nuovo utente</strong></p>
<p class=”auto-style2″> </p>
<table align=”center” cellpadding=”2″ cellspacing=”0″ style=”width: 813″ class=”auto-style3″>
<tr>
<th style=”width: 144px”>Nome </th>
<td style=”width: 76px”>
<input name=”Nome” type=”text” class=”textfield” id=”nome” style=”width: 160px” /></td>
<td style=”width: 130px”><strong>Cognome</strong> </td>
<td style=”width: 282px”>
<input name=”Cognome” type=”text” class=”textfield” id=”cognome” style=”width: 297px” /></td>
</tr>
<tr>
<th style=”width: 144px”>Sesso</th>
<td style=”width: 76px”>
<select name=”sesso”>
<option value=”1″>Uomo</option>
<option value=”2″>Donna</option>
</select>
<td><strong>Codice Fiscale</strong></td>
<td>
<input name=”Codfis” type=”text” class=”textfield” id=”codfis” style=”width: 297px; height: 17px” /></td>
</tr>
<tr>
<th style=”width: 144px”>Città</th>
<td style=”width: 76px”>
<select name=”Città”>
<option value=”1″>Siena</option>
<option value=”2″>Catania</option>
</select>
<td><strong>Titolo di Studio</strong></td>
<td>
<select name=”Titolo”>
<option value=”1″>Licenza elementare</option>
<option value=”2″>Licenza media</option>
<option value=”3″>Diploma</option>
<option value=”4″>Laurea</option>
<option value=”5″>Nessuno</option>
</select>
</tr>
<tr>
<th style=”width: 144px”>Tipologia Reato</th>
<td>
<select name=”Reato”>
<option value=”1″>Contro il patrimonio</option>
<option value=”2″>Contro la persona</option>
<option value=”3″>Contro L. 309/90</option>
<option value=”4″>ALTRO</option>
<option value=”5″>N.S.</option>
</select>
</tr>
<td>
<strong>Giustizia Adulti</strong></tr>
<td>
<select name=”Giustizia”>
<option value=”1″>Detenuti</option>
<option value=”2″>Semiliberi</option>
<option value=”3″>Detenuti domiciliari</option>
<option value=”4″>Affidati in prova ai s.s.</option>
<option value=”5″>Ex detenuti</option>
<option value=”6″>Arresti domiciliari</option>
<option value=”7″>Misure di sicurezza</option>
<option value=”8″>Sospensione pena</option>
</select>
</tr>
<tr>
<td style=”width: 144px”><strong>Note</strong></td>
<td colspan=”3″>
<input name=”Note” type=”text” class=”textfield” id=”note” style=”width: 618px; height: 78px” /></td>
</tr>
<tr>
<td class=”auto-style1″ colspan=”4″><br><br><br><br><br><br>
<input type=”submit” name=”Inserisci” value=”Inserisci” class=”auto-style4″ /></td>
</tr>
</table>
</form>
<p class=”auto-style1″> </p>
<div>
</div>
</body>
</html>
This is the page that processes the data inserted on the main insert page:
insert_exec.php
[CODE]
<?php
//Start session
session_start();
//Include database connection details
require_once(‘config.php’);
//Array to store validation errors
$errmsg_arr = array();
//Validation error flag
$errflag = false;
//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die(‘Failed to connect to server: ‘ . mysql_error());
}
//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die(“Unable to select database”);
}
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$nome = clean($_POST[‘nome’]);
$cognome = clean($_POST[‘cognome’]);
$sesso = clean($_POST[‘sesso’]);
$codfis = clean($_POST[‘codfis’]);
$città = clean($_POST[‘città’]);
$titolo = clean($_POST[‘titolo’]);
$reato = clean($_POST[‘reato’]);
$giustizia = clean($_POST[‘giustizia’]);
$note = clean($_POST[‘note’]);
//Input Validations
if($nome == ”) {
$errmsg_arr[] = ‘Nome mancante!’;
$errflag = true;
}
if($cognome == ”) {
$errmsg_arr[] = ‘Cognome mancante!’;
$errflag = true;
}
if($sesso == ”) {
$errmsg_arr[] = ‘Sesso mancante!’;
$errflag = true;
}
if($codfis == ”) {
$errmsg_arr[] = ‘Codice Fiscale mancante!’;
$errflag = true;
}
if($città == ”) {
$errmsg_arr[] = ‘Città mancante!’;
$errflag = true;
}
if($titolo == ”) {
$errmsg_arr[] = ‘Titolo di studio mancante!’;
$errflag = true;
}
if($reato == ”) {
$errmsg_arr[] = ‘Tipologia reato mancante!’;
$errflag = true;
}
if($giustizia == ”) {
$errmsg_arr[] = ‘Settore giudiziario mancante!’;
$errflag = true;
}
if($note == ”) {
$errmsg_arr[] = ‘note mancanti!’;
$errflag = true;
}
$qry=”INSERT INTO utenti (nome, cognome, sesso, codfis, città, titolo, reato, giustizia, note) VALUES(‘$nome’,’$cognome’,’$sesso’,’$codfis’,’$città’,’$titolo’,’$reato’,’$giustizia,’$note’)”;
$result = @mysql_query($qry);
//Check whether the query was successful or not
if($result) {
header(“location: insert-ok.php”);
exit();
}else {
die(“Query failed”);
}
?>
Finally we have the result page:
insert-ok.php
[CODE]
<!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Transitional//EN” “http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd”>
<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=iso-8859-1″ />
<title>Operazione completata</title>
<link href=”loginmodule.css” rel=”stylesheet” type=”text/css” />
</head>
<body>
<h1>Inserimento scheda effettuato correttamente!</h1>
<p><a href=”insert.php”>Clicca qui</a> per effettuare un altro inserimento.</p>
</body>
</html>
After inserting all the datta on the requested field (free text or drop list) and pressing Submit button…I get a QUERY FAILED message (with no further details).
I’m just wondering if you can help me tracking down the error(s).
Thanks for your help!!
Daniel