Menu
Community /Pin to ProfileBookmark
Note you should NEVER place external data directly into a SQL query like that, else you will be open to[url=http://php.net/manual/en/security.database.sql-injection.php]SQL Injection[/url]
Also note, the entire mysql_* library is out of date and to be deprecated. You shjould instead use[url=http://php.net/PDO]PDO[/url] or [url=http://php.net/mysqli]mysqli[/url] . See [url=http://php.net/manual/en/mysqlinfo.api.choosing.php]API choosing[/url] for more information.
@NogDogNov 26.2012 — #For my personal tastes, I'll leave the quotes in there around the array indexes just to be consistent throughout the app. To do that, however, you either have to use "complex" variable notation (wrapping the entire array variable in curly braces) or use concatenation -- or use sprintf() and add the variables as the additional arguments.
I've taken your advice and used mysqli instead of the (previously unbeknownst to me) depreciated mysql_connect() method.
Below is my new code.
Is this any good?
(splitting it into two posts because the forum doesn't like the length)
clearly i'm doing something wrong because when I press submit, i get the following as the result:
@NogDogNov 27.2012 — #Try using [B]<?php[/B] (instead of [B]<?[/B]). (Looks like it's not being parsed as PHP, just outputting (malformed) HTML.)
So, now it's complaining about:
on line 22
the error is shown as:
despite the fact that i'm specifying the database as 127.0.0.1:3307, i'm not sure why it's throwing localhost in there.
Does it have something to do with how i'm applying the real escape string, versus how i'm trying to use "$stmt ->execute();" ?@NogDogNov 27.2012 — #If you're using the MySQL[b]i[/b] extension, then the mysql_*() function won't know anything about that DB connection, and so won't work. In any case, if you are using bound parameters for all the inputs, then you do not want to escape them separately anyway, since the bind_param() method automatically takes care of that, as doing so would result in double escaping. (However, it looks like you'll need a lot more place-holders in its first parameter: one for each place-holder to be bound).
I've commented out the mysql_real_escape_string piece and now it's progressing past that error.
The only thing that I don't seem to be handling correctly now are the checkboxes in my form.
I've got all the inputs looking for whether they are set or not by the master:
However, this isn't handling the checkboxes.
I get:
and so on, for all checkbox values.
by looking online, I believe i'd like to handle the checkbox insertion by either using a 1 or a 0 if they are checked or unchecked respectively.
I can see that this can be typically done by:
If this is the way to do it, I can't see how to handle that within my existing code due to the fact that i'm running an isset for all inputs as opposed to doing it for each input individually :
Unless I do something like:
but i'm not sure if this is the right way to go about it.[url=http://www.codingforums.com/showthread.php?p=1144368]here[/url] ), the $_POST['CheckBox'] will not be set unless it was checked, that's why the suggested way to check for it is with isset on the field itself.So, the only way to do it is to have 85 different isset statements?
[i]*Note: Not producing valid html, pseudo/example code.[/i]
I've refined (or is it bloated?) the code now to the below and fixed other errors that I spotted along the way.
The only issue i'm facing at the moment is that the insert doesn't seem to insert the date/time that I have set by a variable.
The error is:
Obviously this is the target mysql server notifying me that the destination column is not nullable (which is fine) and the underlying issue is that it's not being given the date/time correctly.
My code is now as below:
So, i've declared: $created = date("d-m-Y H:i:s");
but it doesn't seem to be inserting.
Is it because the declaration is in the wrong location?[url=http://dev.mysql.com/doc/refman/5.5/en/date-and-time-functions.html#function_now]NOW()[/url] .
I'm not concerned about that at the moment.
After adding in the question mark at the end (and removing one preceeding the INET_ATON), it now inserts data into mysql!
Yay!
However... ?
oddly enough, it's only inserting either 1 or 0 values across the board, as opposed to actual values.
I.E.:
I can't figure out why it's posting 1's and 0's...@NogDogNov 29.2012 — #Sounds like the "NOW()" is being interpreted as a PHP function call, which suggests it's not properly in your SQL string (you want it to be called as a MySQL function).
DO you think that's what's causing it to insert 1's and 0's instead of data from the form? If anyone would be able to take a look at the code and help me in figuring out why it seems to only insert 1's and 0's into the mysql server, i would be forever grateful.
I'm tearing my hair out at this point!
to understand why its inserting 1s and 0s try running this code:
What's happening is the TRUE and FALSE are constants that map to 1 and 0, respectively. So when you try to insert them into the database, you end up with 1 and 0.
Edit: I must be wrong about FALSE as its not outputting anything. But the true version is inputting 1.When I run that code it says:
Variable isset: 1Variable not isset:
Can’t find my stupid mistake!
Hi all,
I’m trying to create a form that will insert into a mysql database.
The code for the php file is below:
[code=php]
<?
//set database connection parameters
$hostname = “127.0.0.1:3307”; // database server name
$db_user = “testuser”; // change to your database password
$db_password = “testpass”; // change to your database password
$database = “testdb”; // provide your database name
$db_table = “form1”; // leave this as is
//database connection
$db = mysql_connect($hostname, $db_user, $db_password);
mysql_select_db($database,$db);
//Prepare prerequisites
$created = time();
$ip = $_SERVER[‘REMOTE_ADDR’];
$_POST = array_map(‘mysql_real_escape_string’,$_POST);
if(isset($_REQUEST[‘submit’]))
{
//inserting data order
$sql = “INSERT INTO $db_table(EmployeeName,EmployeeRef,WeeksPerYear,MonTownFrom,MonPostcodeFrom,MonTownTo,MonPostcodeTo,MonMiles,TueTownFrom,TuePostcodeFrom,TueTownTo,TuePostcodeTo,TueMiles,WedTownFrom,WedPostcodeFrom,WedTownTo,WedPostcodeTo,WedMiles,ThuTownFrom,ThuPostcodeFrom,ThuTownTo,ThuPostcodeTo,ThuMiles,FriTownFrom,FriPostcodeFrom,FriTownTo,FriPostcodeTo,FriMiles,SatTownFrom,SatPostcodeFrom,SatTownTo,SatPostcodeTo,SatMiles,SunTownFrom,SunPostcodeFrom,SunTownTo,SunPostcodeTo,SunMiles,SumMiles,MonCheck,TueCheck,WedCheck,ThuCheck,FriCheck,SatCheck,SunCheck,MonHours,TueHours,WedHours,ThuHours,FriHours,SatHours,SunHours,SumHours,MonTravel,TueTravel,WedTravel,ThuTravel,FriTravel,SatTravel,SunTravel,MonMealCheck,TueMealCheck,WedMealCheck,ThuMealCheck,FriMealCheck,SatMealCheck,SunMealCheck,MonEveningMealCheck,TueEveningMealCheck,WedEveningMealCheck,ThuEveningMealCheck,FriEveningMealCheck,SatEveningMealCheck,SunEveningMealCheck,MonOvernightCheck,TueOvernightCheck,WedOvernightCheck,ThuOvernightCheck,FriOvernightCheck,SatOvernightCheck,SunOvernightCheck,DeclarationCheck,ip,created)
VALUES (‘$_POST[‘EmployeeName’]’,’$_POST[‘EmployeeRef’]’,’$_POST[‘WeeksPerYear’]’,’$_POST[‘MonTownFrom’]’,’$_POST[‘MonPostcodeFrom’]’,’$_POST[‘MonTownTo’]’,’$_POST[‘MonPostcodeTo’]’,’$_POST[‘MonMiles’]’,’$_POST[‘TueTownFrom’]’,’$_POST[‘TuePostcodeFrom’]’,’$_POST[‘TueTownTo’]’,’$_POST[‘TuePostcodeTo’]’,’$_POST[‘TueMiles’]’,’$_POST[‘WedTownFrom’]’,’$_POST[‘WedPostcodeFrom’]’,’$_POST[‘WedTownTo’]’,’$_POST[‘WedPostcodeTo’]’,’$_POST[‘WedMiles’]’,’$_POST[‘ThuTownFrom’]’,’$_POST[‘ThuPostcodeFrom’]’,’$_POST[‘ThuTownTo’]’,’$_POST[‘ThuPostcodeTo’]’,’$_POST[‘ThuMiles’]’,’$_POST[‘FriTownFrom’]’,’$_POST[‘FriPostcodeFrom’]’,’$_POST[‘FriTownTo’]’,’$_POST[‘FriPostcodeTo’]’,’$_POST[‘FriMiles’]’,’$_POST[‘SatTownFrom’]’,’$_POST[‘SatPostcodeFrom’]’,’$_POST[‘SatTownTo’]’,’$_POST[‘SatPostcodeTo’]’,’$_POST[‘SatMiles’]’,’$_POST[‘SunTownFrom’]’,’$_POST[‘SunPostcodeFrom’]’,’$_POST[‘SunTownTo’]’,’$_POST[‘SunPostcodeTo’]’,’$_POST[‘SunMiles’]’,’$_POST[‘SumMiles’]’,’$_POST[‘MonCheck’]’,’$_POST[‘TueCheck’]’,’$_POST[‘WedCheck’]’,’$_POST[‘ThuCheck’]’,’$_POST[‘FriCheck’]’,’$_POST[‘SatCheck’]’,’$_POST[‘SunCheck’]’,’$_POST[‘MonHours’]’,’$_POST[‘TueHours’]’,’$_POST[‘WedHours’]’,’$_POST[‘ThuHours’]’,’$_POST[‘FriHours’]’,’$_POST[‘SatHours’]’,’$_POST[‘SunHours’]’,’$_POST[‘SumHours’]’,’$_POST[‘MonTravel’]’,’$_POST[‘TueTravel’]’,’$_POST[‘WedTravel’]’,’$_POST[‘ThuTravel’]’,’$_POST[‘FriTravel’]’,’$_POST[‘SatTravel’]’,’$_POST[‘SunTravel’]’,’$_POST[‘MonMealCheck’]’,’$_POST[‘TueMealCheck’]’,’$_POST[‘WedMealCheck’]’,’$_POST[‘ThuMealCheck’]’,’$_POST[‘FriMealCheck’]’,’$_POST[‘SatMealCheck’]’,’$_POST[‘SunMealCheck’]’,’$_POST[‘MonEveningMealCheck’]’,’$_POST[‘TueEveningMealCheck’]’,’$_POST[‘WedEveningMealCheck’]’,’$_POST[‘ThuEveningMealCheck’]’,’$_POST[‘FriEveningMealCheck’]’,’$_POST[‘SatEveningMealCheck’]’,’$_POST[‘SunEveningMealCheck’]’,’$_POST[‘MonOvernightCheck’]’,’$_POST[‘TueOvernightCheck’]’,’$_POST[‘WedOvernightCheck’]’,’$_POST[‘ThuOvernightCheck’]’,’$_POST[‘FriOvernightCheck’]’,’$_POST[‘SatOvernightCheck’]’,’$_POST[‘SunOvernightCheck’]’,’$_POST[‘DeclarationCheck’]’,’$_POST[‘ip’]’,’$_POST[‘created’]’)”;
//declare in the order variable
if($result = mysql_query($sql ,$db))
{
echo = “<br>Your Mileage form has been submitted successfully”;
}
else{
echo = “<br>Your Mileage form has not been submitted successfully. Please correct any errors and try again.”
“ERROR: “.mysql_error();
}
}
?>
My problem is:
When I click submit on the form, the only thing I get is:
[QUOTE]
Your Mileage form has been submitted successfully”; } else{ echo = “
Your Mileage form has not been submitted successfully. Please correct any errors and try again.” “ERROR: “.mysql_error(); } } ?>
Obviously my syntax is wrong somewhere, but I simply can’t find where!
I’ve tried everything and pulling my hair out is next. ?
I’d appreciate someone giving me a hand with this!
Thanks
Sign in
to post a comment24 Comments(s) ↴
0
@DerokorianNov 26.2012 — #You're trying to embed variables (namely post) into a string, but when you do this quotes around the array index are NOT correct.Note you should NEVER place external data directly into a SQL query like that, else you will be open to
Also note, the entire mysql_* library is out of date and to be deprecated. You shjould instead use
reply?
0
@NogDogNov 26.2012 — #For my personal tastes, I'll leave the quotes in there around the array indexes just to be consistent throughout the app. To do that, however, you either have to use "complex" variable notation (wrapping the entire array variable in curly braces) or use concatenation -- or use sprintf() and add the variables as the additional arguments.[code=php]
// both (ugh!) complex notation and concatenation:
$sql = "test {$_GET['foo']} test " . $_GET['bar'] . " test";
// or use sprintf with place-holders:
$sql = sprintf(
"test %s test %s test",
mysql_real_escape_string($_GET['foo']),
mysql_real_escape_string($_GET['bar'])
);
[/code]reply?
0
@LazarixauthorNov 27.2012 — #Thanks guys.I've taken your advice and used mysqli instead of the (previously unbeknownst to me) depreciated mysql_connect() method.
Below is my new code.
Is this any good?
(splitting it into two posts because the forum doesn't like the length)
[code=php]
<?
//set database connection parameters
$hostname = "127.0.0.1:3307"; // usually is localhost, but if not sure, check with your hosting company, if you are with webune leave as localhost
$db_user = "testuser"; // change to your database username
$db_password = "testpw"; // change to your database password
$database = "testdb"; // provide your database name
$db_table = "form1"; // leave this as is
//database connection
$db = new mysqli($hostname, $db_user, $db_password, $database);
if($db->connect_errno > 0)
{
die('Unable to connect to database [' . $db->connect_error . ']');
}
mysqli_report(MYSQLI_REPORT_ERROR);
//Prepare prerequisites
$created = time();
$ip = $_SERVER['REMOTE_ADDR'];
$_POST = array_map('mysql_real_escape_string',$_POST);
if(isset($_POST['submit']))
{
//get the form data
$EmployeeName = htmlentities($_POST['EmployeeName'], ENT_QUOTES);
$EmployeeRef = htmlentities($_POST['EmployeeRef'], ENT_QUOTES);
$WeeksPerYear = htmlentities($_POST['WeeksPerYear'], ENT_QUOTES);
$MonTownFrom = htmlentities($_POST['MonTownFrom'], ENT_QUOTES);
$MonPostcodeFrom = htmlentities($_POST['MonPostcodeFrom'], ENT_QUOTES);
$MonTownTo = htmlentities($_POST['MonTownTo'], ENT_QUOTES);
$MonPostcodeTo = htmlentities($_POST['MonPostcodeTo'], ENT_QUOTES);
$MonMiles = htmlentities($_POST['MonMiles'], ENT_QUOTES);
$TueTownFrom = htmlentities($_POST['TueTownFrom'], ENT_QUOTES);
$TuePostcodeFrom = htmlentities($_POST['TuePostcodeFrom'], ENT_QUOTES);
$TueTownTo = htmlentities($_POST['TueTownTo'], ENT_QUOTES);
$TuePostcodeTo = htmlentities($_POST['TuePostcodeTo'], ENT_QUOTES);
$TueMiles = htmlentities($_POST['TueMiles'], ENT_QUOTES);
$WedTownFrom = htmlentities($_POST['WedTownFrom'], ENT_QUOTES);
$WedPostcodeFrom = htmlentities($_POST['WedPostcodeFrom'], ENT_QUOTES);
$WedTownTo = htmlentities($_POST['WedTownTo'], ENT_QUOTES);
$WedPostcodeTo = htmlentities($_POST['WedPostcodeTo'], ENT_QUOTES);
$WedMiles = htmlentities($_POST['WedMiles'], ENT_QUOTES);
$ThuTownFrom = htmlentities($_POST['ThuTownFrom'], ENT_QUOTES);
$ThuPostcodeFrom = htmlentities($_POST['ThuPostcodeFrom'], ENT_QUOTES);
$ThuTownTo = htmlentities($_POST['ThuTownTo'], ENT_QUOTES);
$ThuPostcodeTo = htmlentities($_POST['ThuPostcodeTo'], ENT_QUOTES);
$ThuMiles = htmlentities($_POST['ThuMiles'], ENT_QUOTES);
$FriTownFrom = htmlentities($_POST['FriTownFrom'], ENT_QUOTES);
$FriPostcodeFrom = htmlentities($_POST['FriPostcodeFrom'], ENT_QUOTES);
$FriTownTo = htmlentities($_POST['FriTownTo'], ENT_QUOTES);
$FriPostcodeTo = htmlentities($_POST['FriPostcodeTo'], ENT_QUOTES);
$FriMiles = htmlentities($_POST['FriMiles'], ENT_QUOTES);
$SatTownFrom = htmlentities($_POST['SatTownFrom'], ENT_QUOTES);
$SatPostcodeFrom = htmlentities($_POST['SatPostcodeFrom'], ENT_QUOTES);
$SatTownTo = htmlentities($_POST['SatTownTo'], ENT_QUOTES);
$SatPostcodeTo = htmlentities($_POST['SatPostcodeTo'], ENT_QUOTES);
$SatMiles = htmlentities($_POST['SatMiles'], ENT_QUOTES);
$SunTownFrom = htmlentities($_POST['SunTownFrom'], ENT_QUOTES);
$SunPostcodeFrom = htmlentities($_POST['SunPostcodeFrom'], ENT_QUOTES);
$SunTownTo = htmlentities($_POST['SunTownTo'], ENT_QUOTES);
$SunPostcodeTo = htmlentities($_POST['SunPostcodeTo'], ENT_QUOTES);
$SunMiles = htmlentities($_POST['SunMiles'], ENT_QUOTES);
$SumMiles = htmlentities($_POST['SumMiles'], ENT_QUOTES);
$MonCheck = htmlentities($_POST['MonCheck'], ENT_QUOTES);
$TueCheck = htmlentities($_POST['TueCheck'], ENT_QUOTES);
$WedCheck = htmlentities($_POST['WedCheck'], ENT_QUOTES);
$ThuCheck = htmlentities($_POST['ThuCheck'], ENT_QUOTES);
$FriCheck = htmlentities($_POST['FriCheck'], ENT_QUOTES);
$SatCheck = htmlentities($_POST['SatCheck'], ENT_QUOTES);
$SunCheck = htmlentities($_POST['SunCheck'], ENT_QUOTES);
$MonHours = htmlentities($_POST['MonHours'], ENT_QUOTES);
$TueHours = htmlentities($_POST['TueHours'], ENT_QUOTES);
$WedHours = htmlentities($_POST['WedHours'], ENT_QUOTES);
$ThuHours = htmlentities($_POST['ThuHours'], ENT_QUOTES);
$FriHours = htmlentities($_POST['FriHours'], ENT_QUOTES);
$SatHours = htmlentities($_POST['SatHours'], ENT_QUOTES);
$SunHours = htmlentities($_POST['SunHours'], ENT_QUOTES);
$SumHours = htmlentities($_POST['SumHours'], ENT_QUOTES);
$MonTravel = htmlentities($_POST['MonTravel'], ENT_QUOTES);
$TueTravel = htmlentities($_POST['TueTravel'], ENT_QUOTES);
$WedTravel = htmlentities($_POST['WedTravel'], ENT_QUOTES);
$ThuTravel = htmlentities($_POST['ThuTravel'], ENT_QUOTES);
$FriTravel = htmlentities($_POST['FriTravel'], ENT_QUOTES);
$SatTravel = htmlentities($_POST['SatTravel'], ENT_QUOTES);
$SunTravel = htmlentities($_POST['SunTravel'], ENT_QUOTES);
$MonMealCheck = htmlentities($_POST['MonMealCheck'], ENT_QUOTES);
$TueMealCheck = htmlentities($_POST['TueMealCheck'], ENT_QUOTES);
$WedMealCheck = htmlentities($_POST['WedMealCheck'], ENT_QUOTES);
$ThuMealCheck = htmlentities($_POST['ThuMealCheck'], ENT_QUOTES);
$FriMealCheck = htmlentities($_POST['FriMealCheck'], ENT_QUOTES);
$SatMealCheck = htmlentities($_POST['SatMealCheck'], ENT_QUOTES);
$SunMealCheck = htmlentities($_POST['SunMealCheck'], ENT_QUOTES);
$MonEveningMealCheck = htmlentities($_POST['MonEveningMealCheck'], ENT_QUOTES);
$TueEveningMealCheck = htmlentities($_POST['TueEveningMealCheck'], ENT_QUOTES);
$WedEveningMealCheck = htmlentities($_POST['WedEveningMealCheck'], ENT_QUOTES);
$ThuEveningMealCheck = htmlentities($_POST['ThuEveningMealCheck'], ENT_QUOTES);
$FriEveningMealCheck = htmlentities($_POST['FriEveningMealCheck'], ENT_QUOTES);
$SatEveningMealCheck = htmlentities($_POST['SatEveningMealCheck'], ENT_QUOTES);
$SunEveningMealCheck = htmlentities($_POST['SunEveningMealCheck'], ENT_QUOTES);
$MonOvernightCheck = htmlentities($_POST['MonOvernightCheck'], ENT_QUOTES);
$TueOvernightCheck = htmlentities($_POST['TueOvernightCheck'], ENT_QUOTES);
$WedOvernightCheck = htmlentities($_POST['WedOvernightCheck'], ENT_QUOTES);
$ThuOvernightCheck = htmlentities($_POST['ThuOvernightCheck'], ENT_QUOTES);
$FriOvernightCheck = htmlentities($_POST['FriOvernightCheck'], ENT_QUOTES);
$SatOvernightCheck = htmlentities($_POST['SatOvernightCheck'], ENT_QUOTES);
$SunOvernightCheck = htmlentities($_POST['SunOvernightCheck'], ENT_QUOTES);
$DeclarationCheck = htmlentities($_POST['DeclarationCheck'], ENT_QUOTES);
$ip = htmlentities($_POST['ip'], ENT_QUOTES);
$created = htmlentities($_POST['created'], ENT_QUOTES);
[/code]reply?
0
@LazarixauthorNov 27.2012 — #part 2:[code=php]
//check that the required fields are not empty
if ($EmployeeName == '' || $EmployeeRef == '' || $DeclarationCheck == '')
{
$error = 'ERROR: Please fill in all required fields!';
renderForm($EmployeeName, $EmployeeRef, $DeclarationCheck, $error);
}
else
{
//Insert the new record
if ($stmt = $mysqli->prepare("INSERT mileageform (EmployeeName,EmployeeRef,WeeksPerYear,MonTownFrom,MonPostcodeFrom,MonTownTo,MonPostcodeTo,MonMiles,TueTownFrom,TuePostcodeFrom,TueTownTo,TuePostcodeTo,TueMiles,WedTownFrom,WedPostcodeFrom,WedTownTo,WedPostcodeTo,WedMiles,ThuTownFrom,ThuPostcodeFrom,ThuTownTo,ThuPostcodeTo,ThuMiles,FriTownFrom,FriPostcodeFrom,FriTownTo,FriPostcodeTo,FriMiles,SatTownFrom,SatPostcodeFrom,SatTownTo,SatPostcodeTo,SatMiles,SunTownFrom,SunPostcodeFrom,SunTownTo,SunPostcodeTo,SunMiles,SumMiles,MonCheck,TueCheck,WedCheck,ThuCheck,FriCheck,SatCheck,SunCheck,MonHours,TueHours,WedHours,ThuHours,FriHours,SatHours,SunHours,SumHours,MonTravel,TueTravel,WedTravel,ThuTravel,FriTravel,SatTravel,SunTravel,MonMealCheck,TueMealCheck,WedMealCheck,ThuMealCheck,FriMealCheck,SatMealCheck,SunMealCheck,MonEveningMealCheck,TueEveningMealCheck,WedEveningMealCheck,ThuEveningMealCheck,FriEveningMealCheck,SatEveningMealCheck,SunEveningMealCheck,MonOvernightCheck,TueOvernightCheck,WedOvernightCheck,ThuOvernightCheck,FriOvernightCheck,SatOvernightCheck,SunOvernightCheck,DeclarationCheck,ip,created)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"))
{
$stmt->bind_param("ss", $EmployeeName, $EmployeeRef, $WeeksPerYear, $MonTownFrom, $MonPostcodeFrom, $MonTownTo, $MonPostcodeTo, $MonMiles, $TueTownFrom, $TuePostcodeFrom, $TueTownTo, $TuePostcodeTo, $TueMiles, $WedTownFrom, $WedPostcodeFrom, $WedTownTo, $WedPostcodeTo, $WedMiles, $ThuTownFrom, $ThuPostcodeFrom, $ThuTownTo, $ThuPostcodeTo, $ThuMiles, $FriTownFrom, $FriPostcodeFrom, $FriTownTo, $FriPostcodeTo, $FriMiles, $SatTownFrom, $SatPostcodeFrom, $SatTownTo, $SatPostcodeTo, $SatMiles, $SunTownFrom, $SunPostcodeFrom, $SunTownTo, $SunPostcodeTo, $SunMiles, $SumMiles, $MonCheck, $TueCheck, $WedCheck, $ThuCheck, $FriCheck, $SatCheck, $SunCheck, $MonHours, $TueHours, $WedHours, $ThuHours, $FriHours, $SatHours, $SunHours, $SumHours, $MonTravel, $TueTravel, $WedTravel, $ThuTravel, $FriTravel, $SatTravel, $SunTravel, $MonMealCheck, $TueMealCheck, $WedMealCheck, $ThuMealCheck, $FriMealCheck, $SatMealCheck, $SunMealCheck, $MonEveningMealCheck, $TueEveningMealCheck, $WedEveningMealCheck, $ThuEveningMealCheck, $FriEveningMealCheck, $SatEveningMealCheck, $SunEveningMealCheck, $MonOvernightCheck, $TueOvernightCheck, $WedOvernightCheck, $ThuOvernightCheck, $FriOvernightCheck, $SatOvernightCheck, $SunOvernightCheck, $DeclarationCheck, $ip, $created);
$stmt->execute();
$stmt->close();
}
// show an error if the query has an error
else
{
echo "ERROR: Could not prepare SQL statement. Your Mileage form has not been submitted successfully.";
}
}
}
else
{
renderForm();
}
//declare in the order variable
$mysqli->close();
?>
[/code]reply?
0
@LazarixauthorNov 27.2012 — #Well,clearly i'm doing something wrong because when I press submit, i get the following as the result:
connect_errno > 0) { die('Unable to connect to database [' . $db->connect_error . ']'); } mysqli_report(MYSQLI_REPORT_ERROR); //Prepare prerequisites $created = time(); $ip = $_SERVER['REMOTE_ADDR']; $_POST = array_map('mysql_real_escape_string',$_POST); if(isset($_POST['submit'])) { //get the form data $EmployeeName = htmlentities($_POST['EmployeeName'], ENT_QUOTES); $EmployeeRef = htmlentities($_POST['EmployeeRef'], ENT_QUOTES); $WeeksPerYear = htmlentities($_POST['WeeksPerYear'], ENT_QUOTES); $MonTownFrom = htmlentities($_POST['MonTownFrom'], ENT_QUOTES); $MonPostcodeFrom = htmlentities($_POST['MonPostcodeFrom'], ENT_QUOTES); $MonTownTo = htmlentities($_POST['MonTownTo'], ENT_QUOTES); $MonPostcodeTo = htmlentities($_POST['MonPostcodeTo'], ENT_QUOTES); $MonMiles = htmlentities($_POST['MonMiles'], ENT_QUOTES); $TueTownFrom = htmlentities($_POST['TueTownFrom'], ENT_QUOTES); $TuePostcodeFrom = htmlentities($_POST['TuePostcodeFrom'], ENT_QUOTES); $TueTownTo = htmlentities($_POST['TueTownTo'], ENT_QUOTES); $TuePostcodeTo = htmlentities($_POST['TuePostcodeTo'], ENT_QUOTES); $TueMiles = htmlentities($_POST['TueMiles'], ENT_QUOTES); $WedTownFrom = htmlentities($_POST['WedTownFrom'], ENT_QUOTES); $WedPostcodeFrom = htmlentities($_POST['WedPostcodeFrom'], ENT_QUOTES); $WedTownTo = htmlentities($_POST['WedTownTo'], ENT_QUOTES); $WedPostcodeTo = htmlentities($_POST['WedPostcodeTo'], ENT_QUOTES); $WedMiles = htmlentities($_POST['WedMiles'], ENT_QUOTES); $ThuTownFrom = htmlentities($_POST['ThuTownFrom'], ENT_QUOTES); $ThuPostcodeFrom = htmlentities($_POST['ThuPostcodeFrom'], ENT_QUOTES); $ThuTownTo = htmlentities($_POST['ThuTownTo'], ENT_QUOTES); $ThuPostcodeTo = htmlentities($_POST['ThuPostcodeTo'], ENT_QUOTES); $ThuMiles = htmlentities($_POST['ThuMiles'], ENT_QUOTES); $FriTownFrom = htmlentities($_POST['FriTownFrom'], ENT_QUOTES); $FriPostcodeFrom = htmlentities($_POST['FriPostcodeFrom'], ENT_QUOTES); $FriTownTo = htmlentities($_POST['FriTownTo'], ENT_QUOTES); $FriPostcodeTo = htmlentities($_POST['FriPostcodeTo'], ENT_QUOTES); $FriMiles = htmlentities($_POST['FriMiles'], ENT_QUOTES); $SatTownFrom = htmlentities($_POST['SatTownFrom'], ENT_QUOTES); $SatPostcodeFrom = htmlentities($_POST['SatPostcodeFrom'], ENT_QUOTES); $SatTownTo = htmlentities($_POST['SatTownTo'], ENT_QUOTES); $SatPostcodeTo = htmlentities($_POST['SatPostcodeTo'], ENT_QUOTES); $SatMiles = htmlentities($_POST['SatMiles'], ENT_QUOTES); $SunTownFrom = htmlentities($_POST['SunTownFrom'], ENT_QUOTES); $SunPostcodeFrom = htmlentities($_POST['SunPostcodeFrom'], ENT_QUOTES); $SunTownTo = htmlentities($_POST['SunTownTo'], ENT_QUOTES); $SunPostcodeTo = htmlentities($_POST['SunPostcodeTo'], ENT_QUOTES); $SunMiles = htmlentities($_POST['SunMiles'], ENT_QUOTES); $SumMiles = htmlentities($_POST['SumMiles'], ENT_QUOTES); $MonCheck = htmlentities($_POST['MonCheck'], ENT_QUOTES); $TueCheck = htmlentities($_POST['TueCheck'], ENT_QUOTES); $WedCheck = htmlentities($_POST['WedCheck'], ENT_QUOTES); $ThuCheck = htmlentities($_POST['ThuCheck'], ENT_QUOTES); $FriCheck = htmlentities($_POST['FriCheck'], ENT_QUOTES); $SatCheck = htmlentities($_POST['SatCheck'], ENT_QUOTES); $SunCheck = htmlentities($_POST['SunCheck'], ENT_QUOTES); $MonHours = htmlentities($_POST['MonHours'], ENT_QUOTES); $TueHours = htmlentities($_POST['TueHours'], ENT_QUOTES); $WedHours = htmlentities($_POST['WedHours'], ENT_QUOTES); $ThuHours = htmlentities($_POST['ThuHours'], ENT_QUOTES); $FriHours = htmlentities($_POST['FriHours'], ENT_QUOTES); $SatHours = htmlentities($_POST['SatHours'], ENT_QUOTES); $SunHours = htmlentities($_POST['SunHours'], ENT_QUOTES); $SumHours = htmlentities($_POST['SumHours'], ENT_QUOTES); $MonTravel = htmlentities($_POST['MonTravel'], ENT_QUOTES); $TueTravel = htmlentities($_POST['TueTravel'], ENT_QUOTES); $WedTravel = htmlentities($_POST['WedTravel'], ENT_QUOTES); $ThuTravel = htmlentities($_POST['ThuTravel'], ENT_QUOTES); $FriTravel = htmlentities($_POST['FriTravel'], ENT_QUOTES); $SatTravel = htmlentities($_POST['SatTravel'], ENT_QUOTES); $SunTravel = htmlentities($_POST['SunTravel'], ENT_QUOTES); $MonMealCheck = htmlentities($_POST['MonMealCheck'], ENT_QUOTES); $TueMealCheck = htmlentities($_POST['TueMealCheck'], ENT_QUOTES); $WedMealCheck = htmlentities($_POST['WedMealCheck'], ENT_QUOTES); $ThuMealCheck = htmlentities($_POST['ThuMealCheck'], ENT_QUOTES); $FriMealCheck = htmlentities($_POST['FriMealCheck'], ENT_QUOTES); $SatMealCheck = htmlentities($_POST['SatMealCheck'], ENT_QUOTES); $SunMealCheck = htmlentities($_POST['SunMealCheck'], ENT_QUOTES); $MonEveningMealCheck = htmlentities($_POST['MonEveningMealCheck'], ENT_QUOTES); $TueEveningMealCheck = htmlentities($_POST['TueEveningMealCheck'], ENT_QUOTES); $WedEveningMealCheck = htmlentities($_POST['WedEveningMealCheck'], ENT_QUOTES); $ThuEveningMealCheck = htmlentities($_POST['ThuEveningMealCheck'], ENT_QUOTES); $FriEveningMealCheck = htmlentities($_POST['FriEveningMealCheck'], ENT_QUOTES); $SatEveningMealCheck = htmlentities($_POST['SatEveningMealCheck'], ENT_QUOTES); $SunEveningMealCheck = htmlentities($_POST['SunEveningMealCheck'], ENT_QUOTES); $MonOvernightCheck = htmlentities($_POST['MonOvernightCheck'], ENT_QUOTES); $TueOvernightCheck = htmlentities($_POST['TueOvernightCheck'], ENT_QUOTES); $WedOvernightCheck = htmlentities($_POST['WedOvernightCheck'], ENT_QUOTES); $ThuOvernightCheck = htmlentities($_POST['ThuOvernightCheck'], ENT_QUOTES); $FriOvernightCheck = htmlentities($_POST['FriOvernightCheck'], ENT_QUOTES); $SatOvernightCheck = htmlentities($_POST['SatOvernightCheck'], ENT_QUOTES); $SunOvernightCheck = htmlentities($_POST['SunOvernightCheck'], ENT_QUOTES); $DeclarationCheck = htmlentities($_POST['DeclarationCheck'], ENT_QUOTES); $ip = htmlentities($_POST['ip'], ENT_QUOTES); $created = htmlentities($_POST['created'], ENT_QUOTES); //check that the required fields are not empty if ($EmployeeName == '' || $EmployeeRef == '' || $DeclarationCheck == '') { $error = 'ERROR: Please fill in all required fields!'; renderForm($EmployeeName, $EmployeeRef, $DeclarationCheck, $error); } else { //Insert the new record if ($stmt = $mysqli->prepare("INSERT mileageform (EmployeeName,EmployeeRef,WeeksPerYear,MonTownFrom,MonPostcodeFrom,MonTownTo,MonPostcodeTo,MonMiles,TueTownFrom,TuePostcodeFrom,TueTownTo,TuePostcodeTo,TueMiles,WedTownFrom,WedPostcodeFrom,WedTownTo,WedPostcodeTo,WedMiles,ThuTownFrom,ThuPostcodeFrom,ThuTownTo,ThuPostcodeTo,ThuMiles,FriTownFrom,FriPostcodeFrom,FriTownTo,FriPostcodeTo,FriMiles,SatTownFrom,SatPostcodeFrom,SatTownTo,SatPostcodeTo,SatMiles,SunTownFrom,SunPostcodeFrom,SunTownTo,SunPostcodeTo,SunMiles,SumMiles,MonCheck,TueCheck,WedCheck,ThuCheck,FriCheck,SatCheck,SunCheck,MonHours,TueHours,WedHours,ThuHours,FriHours,SatHours,SunHours,SumHours,MonTravel,TueTravel,WedTravel,ThuTravel,FriTravel,SatTravel,SunTravel,MonMealCheck,TueMealCheck,WedMealCheck,ThuMealCheck,FriMealCheck,SatMealCheck,SunMealCheck,MonEveningMealCheck,TueEveningMealCheck,WedEveningMealCheck,ThuEveningMealCheck,FriEveningMealCheck,SatEveningMealCheck,SunEveningMealCheck,MonOvernightCheck,TueOvernightCheck,WedOvernightCheck,ThuOvernightCheck,FriOvernightCheck,SatOvernightCheck,SunOvernightCheck,DeclarationCheck,ip,created) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)")) { $stmt->bind_param("ss", $EmployeeName, $EmployeeRef, $WeeksPerYear, $MonTownFrom, $MonPostcodeFrom, $MonTownTo, $MonPostcodeTo, $MonMiles, $TueTownFrom, $TuePostcodeFrom, $TueTownTo, $TuePostcodeTo, $TueMiles, $WedTownFrom, $WedPostcodeFrom, $WedTownTo, $WedPostcodeTo, $WedMiles, $ThuTownFrom, $ThuPostcodeFrom, $ThuTownTo, $ThuPostcodeTo, $ThuMiles, $FriTownFrom, $FriPostcodeFrom, $FriTownTo, $FriPostcodeTo, $FriMiles, $SatTownFrom, $SatPostcodeFrom, $SatTownTo, $SatPostcodeTo, $SatMiles, $SunTownFrom, $SunPostcodeFrom, $SunTownTo, $SunPostcodeTo, $SunMiles, $SumMiles, $MonCheck, $TueCheck, $WedCheck, $ThuCheck, $FriCheck, $SatCheck, $SunCheck, $MonHours, $TueHours, $WedHours, $ThuHours, $FriHours, $SatHours, $SunHours, $SumHours, $MonTravel, $TueTravel, $WedTravel, $ThuTravel, $FriTravel, $SatTravel, $SunTravel, $MonMealCheck, $TueMealCheck, $WedMealCheck, $ThuMealCheck, $FriMealCheck, $SatMealCheck, $SunMealCheck, $MonEveningMealCheck, $TueEveningMealCheck, $WedEveningMealCheck, $ThuEveningMealCheck, $FriEveningMealCheck, $SatEveningMealCheck, $SunEveningMealCheck, $MonOvernightCheck, $TueOvernightCheck, $WedOvernightCheck, $ThuOvernightCheck, $FriOvernightCheck, $SatOvernightCheck, $SunOvernightCheck, $DeclarationCheck, $ip, $created); $stmt->execute(); $stmt->close(); } // show an error if the query has an error else { echo "ERROR: Could not prepare SQL statement. Your Mileage form has not been submitted successfully."; } } } else { renderForm(); } //declare in the order variable $mysqli->close(); ?>
[/QUOTE]
reply?
0
@NogDogNov 27.2012 — #Try using [B]<?php[/B] (instead of [B]<?[/B]). (Looks like it's not being parsed as PHP, just outputting (malformed) HTML.)reply?
0
@LazarixauthorNov 27.2012 — #Yep, you're dead right ?So, now it's complaining about:
[CODE]
$_POST = array_map('mysql_real_escape_string',$_POST);
[/CODE]on line 22
the error is shown as:
Warning: mysql_real_escape_string() [<a href='function.mysql-real-escape-string'>function.mysql-real-escape-string</a>]: Access denied for user ''@'localhost' (using password: NO)
[/QUOTE]
despite the fact that i'm specifying the database as 127.0.0.1:3307, i'm not sure why it's throwing localhost in there.
Does it have something to do with how i'm applying the real escape string, versus how i'm trying to use "$stmt ->execute();" ?
reply?
0
@NogDogNov 27.2012 — #If you're using the MySQL[b]i[/b] extension, then the mysql_*() function won't know anything about that DB connection, and so won't work. In any case, if you are using bound parameters for all the inputs, then you do not want to escape them separately anyway, since the bind_param() method automatically takes care of that, as doing so would result in double escaping. (However, it looks like you'll need a lot more place-holders in its first parameter: one for each place-holder to be bound).reply?
0
@LazarixauthorNov 27.2012 — #Thanks very much NogDog, I think i'm starting to get somewhere now!I've commented out the mysql_real_escape_string piece and now it's progressing past that error.
The only thing that I don't seem to be handling correctly now are the checkboxes in my form.
I've got all the inputs looking for whether they are set or not by the master:
[code=php]
if(isset($_POST['submit']))
[/code]However, this isn't handling the checkboxes.
I get:
Notice: Undefined index: MonCheck
[/QUOTE]
and so on, for all checkbox values.
by looking online, I believe i'd like to handle the checkbox insertion by either using a 1 or a 0 if they are checked or unchecked respectively.
I can see that this can be typically done by:
[code=php]
$MonCheck = (isset($_POST['MonCheck'])) ? 1 : 0;
[/code]If this is the way to do it, I can't see how to handle that within my existing code due to the fact that i'm running an isset for all inputs as opposed to doing it for each input individually :
[code=php]
$MonCheck = htmlentities($_POST['MonCheck'], ENT_QUOTES);
$TueCheck = htmlentities($_POST['TueCheck'], ENT_QUOTES);
[/code]Unless I do something like:
[code=php]
$MonCheck = htmlentities($_POST['MonCheck'], ENT_QUOTES) ? 1 : 0;
$TueCheck = htmlentities($_POST['TueCheck'], ENT_QUOTES) ? 1 : 0;
[/code]but i'm not sure if this is the right way to go about it.
reply?
0
@DerokorianNov 27.2012 — #Checkboxes are only POST when they are checked. So even though you check if the form was submitted, which you should do differently btw (see: reply?
0
@LazarixauthorNov 27.2012 — #reply?
0
@DerokorianNov 27.2012 — #If you have 85 checkboxes, in a way yes. You could however name those checkboxes something like name="Options[]" Value="unique values" and then just check the $_POST['Options'] is set and loop through looking for values, you could then have a predefined array of possible values, and then loop through them to determine which ones were checked and which ones weren't. I'm not going to do an 85 point but here's an example of what I mean:[code=php]<?php
$PossibleOptions = array('Ashley','Jack','John');
$Picks = array();
if( isset($_POST['Options']) && is_array($_POST['Options']) ) {
foreach( $PossibleOptions as $opt ) {
if( in_array($opt, $_POST['Options']) ) {
$Picks[$opt] = 1;
} else {
$Picks[$opt] = 0;
}
}
} else {
$Picks = array_combine($PossibleOptions, array_fill(0, count($PossibleOptions), 0));
}
$query = "Insert into Picks (Jack, John, Ashley) values (". implode(',', $Picks) .")";
echo $query;
?>
<form method="post" action="">
<input type="checkbox" value="Jack"> Jack<br>
<input type="checkbox" value="Ashley"> Ashley<br>
<input type="checkbox" value="John"> John<br>
<input type="submit" value="Submit">
</form>
[/code][i]*Note: Not producing valid html, pseudo/example code.[/i]
reply?
0
@LazarixauthorNov 28.2012 — #Thanks very much for the input Derokorian.I've refined (or is it bloated?) the code now to the below and fixed other errors that I spotted along the way.
The only issue i'm facing at the moment is that the insert doesn't seem to insert the date/time that I have set by a variable.
The error is:
Warning: mysqli_stmt::execute() [<a href='mysqli-stmt.execute'>mysqli-stmt.execute</a>]: (23000/1048): Column 'created' cannot be null
[/QUOTE]
Obviously this is the target mysql server notifying me that the destination column is not nullable (which is fine) and the underlying issue is that it's not being given the date/time correctly.
My code is now as below:
[code=php]
<?php
//set database connection parameters
$hostname = 'localhost:3307'; // usually is localhost, but if not sure, check with your hosting company, if you are with webune leave as localhost
$db_user = 'testuser'; // change to your database username
$db_password = 'testpass'; // change to your database password
$database = 'test'; // provide your database name
//$db_table = 'testform'; // leave this as is
//database connection
$db = new mysqli($hostname, $db_user, $db_password, $database);
if($db->connect_errno > 0)
{
die('Unable to connect to database [' . $db->connect_error . ']');
}
mysqli_report(MYSQLI_REPORT_ERROR);
//Prepare prerequisites
$created = date("d-m-Y H:i:s");
$ip = $_SERVER['REMOTE_ADDR'];
{
//get the form data
$EmployeeName = htmlentities(isset($_POST['EmployeeName']), ENT_QUOTES);
$EmployeeRef = htmlentities(isset($_POST['EmployeeRef']), ENT_QUOTES);
$WeeksPerYear = htmlentities(isset($_POST['WeeksPerYear']), ENT_QUOTES);
$MonTownFrom = htmlentities(isset($_POST['MonTownFrom']), ENT_QUOTES);
$MonPostcodeFrom = htmlentities(isset($_POST['MonPostcodeFrom']), ENT_QUOTES);
$MonTownTo = htmlentities(isset($_POST['MonTownTo']), ENT_QUOTES);
$MonPostcodeTo = htmlentities(isset($_POST['MonPostcodeTo']), ENT_QUOTES);
$MonMiles = htmlentities(isset($_POST['MonMiles']), ENT_QUOTES);
$TueTownFrom = htmlentities(isset($_POST['TueTownFrom']), ENT_QUOTES);
$TuePostcodeFrom = htmlentities(isset($_POST['TuePostcodeFrom']), ENT_QUOTES);
$TueTownTo = htmlentities(isset($_POST['TueTownTo']), ENT_QUOTES);
$TuePostcodeTo = htmlentities(isset($_POST['TuePostcodeTo']), ENT_QUOTES);
$TueMiles = htmlentities(isset($_POST['TueMiles']), ENT_QUOTES);
$WedTownFrom = htmlentities(isset($_POST['WedTownFrom']), ENT_QUOTES);
$WedPostcodeFrom = htmlentities(isset($_POST['WedPostcodeFrom']), ENT_QUOTES);
$WedTownTo = htmlentities(isset($_POST['WedTownTo']), ENT_QUOTES);
$WedPostcodeTo = htmlentities(isset($_POST['WedPostcodeTo']), ENT_QUOTES);
$WedMiles = htmlentities(isset($_POST['WedMiles']), ENT_QUOTES);
$ThuTownFrom = htmlentities(isset($_POST['ThuTownFrom']), ENT_QUOTES);
$ThuPostcodeFrom = htmlentities(isset($_POST['ThuPostcodeFrom']), ENT_QUOTES);
$ThuTownTo = htmlentities(isset($_POST['ThuTownTo']), ENT_QUOTES);
$ThuPostcodeTo = htmlentities(isset($_POST['ThuPostcodeTo']), ENT_QUOTES);
$ThuMiles = htmlentities(isset($_POST['ThuMiles']), ENT_QUOTES);
$FriTownFrom = htmlentities(isset($_POST['FriTownFrom']), ENT_QUOTES);
$FriPostcodeFrom = htmlentities(isset($_POST['FriPostcodeFrom']), ENT_QUOTES);
$FriTownTo = htmlentities(isset($_POST['FriTownTo']), ENT_QUOTES);
$FriPostcodeTo = htmlentities(isset($_POST['FriPostcodeTo']), ENT_QUOTES);
$FriMiles = htmlentities(isset($_POST['FriMiles']), ENT_QUOTES);
$SatTownFrom = htmlentities(isset($_POST['SatTownFrom']), ENT_QUOTES);
$SatPostcodeFrom = htmlentities(isset($_POST['SatPostcodeFrom']), ENT_QUOTES);
$SatTownTo = htmlentities(isset($_POST['SatTownTo']), ENT_QUOTES);
$SatPostcodeTo = htmlentities(isset($_POST['SatPostcodeTo']), ENT_QUOTES);
$SatMiles = htmlentities(isset($_POST['SatMiles']), ENT_QUOTES);
$SunTownFrom = htmlentities(isset($_POST['SunTownFrom']), ENT_QUOTES);
$SunPostcodeFrom = htmlentities(isset($_POST['SunPostcodeFrom']), ENT_QUOTES);
$SunTownTo = htmlentities(isset($_POST['SunTownTo']), ENT_QUOTES);
$SunPostcodeTo = htmlentities(isset($_POST['SunPostcodeTo']), ENT_QUOTES);
$SunMiles = htmlentities(isset($_POST['SunMiles']), ENT_QUOTES);
$SumMiles = htmlentities(isset($_POST['SunMiles']), ENT_QUOTES);
$MonCheck = htmlentities(isset($_POST['MonCheck']), ENT_QUOTES) ? 1 : 0;
$TueCheck = htmlentities(isset($_POST['TueCheck']), ENT_QUOTES) ? 1 : 0;
$WedCheck = htmlentities(isset($_POST['WedCheck']), ENT_QUOTES) ? 1 : 0;
$ThuCheck = htmlentities(isset($_POST['ThuCheck']), ENT_QUOTES) ? 1 : 0;
$FriCheck = htmlentities(isset($_POST['FriCheck']), ENT_QUOTES) ? 1 : 0;
$SatCheck = htmlentities(isset($_POST['SatCheck']), ENT_QUOTES) ? 1 : 0;
$SunCheck = htmlentities(isset($_POST['SunCheck']), ENT_QUOTES) ? 1 : 0;
$MonHours = htmlentities(isset($_POST['MonHours']), ENT_QUOTES);
$TueHours = htmlentities(isset($_POST['TueHours']), ENT_QUOTES);
$WedHours = htmlentities(isset($_POST['WedHours']), ENT_QUOTES);
$ThuHours = htmlentities(isset($_POST['ThuHours']), ENT_QUOTES);
$FriHours = htmlentities(isset($_POST['FriHours']), ENT_QUOTES);
$SatHours = htmlentities(isset($_POST['SatHours']), ENT_QUOTES);
$SunHours = htmlentities(isset($_POST['SunHours']), ENT_QUOTES);
$SumHours = htmlentities(isset($_POST['SumHours']), ENT_QUOTES);
$MonTravel = htmlentities(isset($_POST['MonTravel']), ENT_QUOTES);
$TueTravel = htmlentities(isset($_POST['TueTravel']), ENT_QUOTES);
$WedTravel = htmlentities(isset($_POST['WedTravel']), ENT_QUOTES);
$ThuTravel = htmlentities(isset($_POST['ThuTravel']), ENT_QUOTES);
$FriTravel = htmlentities(isset($_POST['FriTravel']), ENT_QUOTES);
$SatTravel = htmlentities(isset($_POST['SatTravel']), ENT_QUOTES);
$SunTravel = htmlentities(isset($_POST['SunTravel']), ENT_QUOTES);
$MonMealCheck = htmlentities(isset($_POST['MonMealCheck']), ENT_QUOTES) ? 1 : 0;
$TueMealCheck = htmlentities(isset($_POST['TueMealCheck']), ENT_QUOTES) ? 1 : 0;
$WedMealCheck = htmlentities(isset($_POST['WedMealCheck']), ENT_QUOTES) ? 1 : 0;
$ThuMealCheck = htmlentities(isset($_POST['ThuMealCheck']), ENT_QUOTES) ? 1 : 0;
$FriMealCheck = htmlentities(isset($_POST['FriMealCheck']), ENT_QUOTES) ? 1 : 0;
$SatMealCheck = htmlentities(isset($_POST['SatMealCheck']), ENT_QUOTES) ? 1 : 0;
$SunMealCheck = htmlentities(isset($_POST['SunMealCheck']), ENT_QUOTES) ? 1 : 0;
$MonEveningMealCheck = htmlentities(isset($_POST['MonEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
$TueEveningMealCheck = htmlentities(isset($_POST['TueEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
$WedEveningMealCheck = htmlentities(isset($_POST['WedEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
$ThuEveningMealCheck = htmlentities(isset($_POST['ThuEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
$FriEveningMealCheck = htmlentities(isset($_POST['FriEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
$SatEveningMealCheck = htmlentities(isset($_POST['SatEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
$SunEveningMealCheck = htmlentities(isset($_POST['SunEveningMealCheck']), ENT_QUOTES) ? 1 : 0;
$MonOvernightCheck = htmlentities(isset($_POST['MonOvernightCheck']), ENT_QUOTES) ? 1 : 0;
$TueOvernightCheck = htmlentities(isset($_POST['TueOvernightCheck']), ENT_QUOTES) ? 1 : 0;
$WedOvernightCheck = htmlentities(isset($_POST['WedOvernightCheck']), ENT_QUOTES) ? 1 : 0;
$ThuOvernightCheck = htmlentities(isset($_POST['ThuOvernightCheck']), ENT_QUOTES) ? 1 : 0;
$FriOvernightCheck = htmlentities(isset($_POST['FriOvernightCheck']), ENT_QUOTES) ? 1 : 0;
$SatOvernightCheck = htmlentities(isset($_POST['SatOvernightCheck']), ENT_QUOTES) ? 1 : 0;
$SunOvernightCheck = htmlentities(isset($_POST['SunOvernightCheck']), ENT_QUOTES) ? 1 : 0;
$DeclarationCheck = htmlentities(isset($_POST['DeclarationCheck']), ENT_QUOTES) ? 1 : 0;
[/code]reply?
0
@LazarixauthorNov 28.2012 — #Part 2:[code=php]
//check that the required fields are not empty
if ($EmployeeName == '' || $EmployeeRef == '' || $DeclarationCheck == '')
{
$error = 'ERROR: Please fill in all required fields!';
//renderForm($EmployeeName, $EmployeeRef, $DeclarationCheck, $error);
}
else
{
//Insert the new record
if ($stmt = $db->prepare("INSERT mileageform (EmployeeName,EmployeeRef,WeeksPerYear,MonTownFrom,MonPostcodeFrom,MonTownTo,MonPostcodeTo,MonMiles,TueTownFrom,TuePostcodeFrom,TueTownTo,TuePostcodeTo,TueMiles,WedTownFrom,WedPostcodeFrom,WedTownTo,WedPostcodeTo,WedMiles,ThuTownFrom,ThuPostcodeFrom,ThuTownTo,ThuPostcodeTo,ThuMiles,FriTownFrom,FriPostcodeFrom,FriTownTo,FriPostcodeTo,FriMiles,SatTownFrom,SatPostcodeFrom,SatTownTo,SatPostcodeTo,SatMiles,SunTownFrom,SunPostcodeFrom,SunTownTo,SunPostcodeTo,SunMiles,SumMiles,MonCheck,TueCheck,WedCheck,ThuCheck,FriCheck,SatCheck,SunCheck,MonHours,TueHours,WedHours,ThuHours,FriHours,SatHours,SunHours,SumHours,MonTravel,TueTravel,WedTravel,ThuTravel,FriTravel,SatTravel,SunTravel,MonMealCheck,TueMealCheck,WedMealCheck,ThuMealCheck,FriMealCheck,SatMealCheck,SunMealCheck,MonEveningMealCheck,TueEveningMealCheck,WedEveningMealCheck,ThuEveningMealCheck,FriEveningMealCheck,SatEveningMealCheck,SunEveningMealCheck,MonOvernightCheck,TueOvernightCheck,WedOvernightCheck,ThuOvernightCheck,FriOvernightCheck,SatOvernightCheck,SunOvernightCheck,DeclarationCheck,ip,created)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, INET_ATON(?))"))
{
$stmt->bind_param("sssssssssssssssssssssssssssssssssssssssiiiiiiisssssssssssssssiiiiiiiiiiiiiiiiiiiiiiss", $EmployeeName, $EmployeeRef, $WeeksPerYear, $MonTownFrom, $MonPostcodeFrom, $MonTownTo, $MonPostcodeTo, $MonMiles, $TueTownFrom, $TuePostcodeFrom, $TueTownTo, $TuePostcodeTo, $TueMiles, $WedTownFrom, $WedPostcodeFrom, $WedTownTo, $WedPostcodeTo, $WedMiles, $ThuTownFrom, $ThuPostcodeFrom, $ThuTownTo, $ThuPostcodeTo, $ThuMiles, $FriTownFrom, $FriPostcodeFrom, $FriTownTo, $FriPostcodeTo, $FriMiles, $SatTownFrom, $SatPostcodeFrom, $SatTownTo, $SatPostcodeTo, $SatMiles, $SunTownFrom, $SunPostcodeFrom, $SunTownTo, $SunPostcodeTo, $SunMiles, $SumMiles, $MonCheck, $TueCheck, $WedCheck, $ThuCheck, $FriCheck, $SatCheck, $SunCheck, $MonHours, $TueHours, $WedHours, $ThuHours, $FriHours, $SatHours, $SunHours, $SumHours, $MonTravel, $TueTravel, $WedTravel, $ThuTravel, $FriTravel, $SatTravel, $SunTravel, $MonMealCheck, $TueMealCheck, $WedMealCheck, $ThuMealCheck, $FriMealCheck, $SatMealCheck, $SunMealCheck, $MonEveningMealCheck, $TueEveningMealCheck, $WedEveningMealCheck, $ThuEveningMealCheck, $FriEveningMealCheck, $SatEveningMealCheck, $SunEveningMealCheck, $MonOvernightCheck, $TueOvernightCheck, $WedOvernightCheck, $ThuOvernightCheck, $FriOvernightCheck, $SatOvernightCheck, $SunOvernightCheck, $DeclarationCheck, $ip, $created);
$stmt->execute();
$stmt->close();
}
// show an error if the query has an error
else
{
echo "ERROR: Could not prepare SQL statement. Your Mileage form has not been submitted successfully.";
}
}
}
//declare in the order variable
$db->close();
?>
[/code]So, i've declared: $created = date("d-m-Y H:i:s");
but it doesn't seem to be inserting.
Is it because the declaration is in the wrong location?
reply?
0
@DerokorianNov 28.2012 — #You need another question mark after INET_ATON. Also instead of setting a PHP variable you can just use the mysql function reply?
0
@LazarixauthorNov 28.2012 — #If I use the function NOW() then it returns:
Fatal error: Call to undefined function NOW()
[/QUOTE]
I'm not concerned about that at the moment.
After adding in the question mark at the end (and removing one preceeding the INET_ATON), it now inserts data into mysql!
Yay!
However... ?
oddly enough, it's only inserting either 1 or 0 values across the board, as opposed to actual values.
I.E.:
idnumber;"employeename";"employeeref";"weeksperyear";"montownfrom";"monpostcodefrom";"montownto";"monpostcodeto";"monmiles";"tuetownfrom";"tuepostcodefrom";"tuetownto";"tuepostcodeto";"tuemiles";"wedtownfrom";"wedpostcodefrom";"wedtownto";"wedpostcodeto";"wedmiles";"thutownfrom";"thupostcodefrom";"thutownto";"thupostcodeto";"thumiles";"fritownfrom";"fripostcodefrom";"fritownto";"fripostcodeto";"frimiles";"sattownfrom";"satpostcodefrom";"sattownto";"satpostcodeto";"satmiles";"suntownfrom";"sunpostcodefrom";"suntownto";"sunpostcodeto";"sunmiles";"summiles";"moncheck";"tuecheck";"wedcheck";"thucheck";"fricheck";"satcheck";"suncheck";"monhours";"tuehours";"wedhours";"thuhours";"frihours";"sathours";"sunhours";"sumhours";"montravel";"tuetravel";"wedtravel";"thutravel";"fritravel";"sattravel";"suntravel";"monmealcheck";"tuemealcheck";"wedmealcheck";"thumealcheck";"frimealcheck";"satmealcheck";"sunmealcheck";"moneveningmealcheck";"tueeveningmealcheck";"wedeveningmealcheck";"thueveningmealcheck";"frieveningmealcheck";"sateveningmealcheck";"suneveningmealcheck";"monovernightcheck";"tueovernightcheck";"wedovernightcheck";"thuovernightcheck";"friovernightcheck";"satovernightcheck";"sunovernightcheck";"declarationcheck";"ip";"created"
2;"1";"1";"0000-00-00";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"0";"0";"0";"0";"0";"0";"1";"1";"1";"1";"1";"1";"1";"0";"1";"1";"1";"1";"1";"1";"1";"1";"0";"0";"0";"0";"0";"0";"1";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"1";"2140706433";"28"
3;"1";"1";"0000-00-00";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"1";"0";"0";"0";"0";"0";"0";"1";"1";"1";"1";"1";"1";"1";"0";"1";"1";"1";"1";"1";"1";"1";"1";"0";"0";"0";"0";"0";"0";"1";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"0";"1";"2140706433";"28"
[/QUOTE]
reply?
0
@LazarixauthorNov 28.2012 — #This last one is bugging the hell out of me ?I can't figure out why it's posting 1's and 0's...
reply?
0
@NogDogNov 29.2012 — #Sounds like the "NOW()" is being interpreted as a PHP function call, which suggests it's not properly in your SQL string (you want it to be called as a MySQL function).[code=php]
// correct
$sql = "INPUT INTO table_name (datetime_column) VALUES (NOW())";
// incorrect
$sql = "INPUT INTO table_name (datetime_column) VALUES (" . NOW() . ")";
[/code]reply?
0
@LazarixauthorNov 29.2012 — #reply?
0
@LazarixauthorNov 30.2012 — #I'm tearing my hair out at this point!
reply?
0
@DerokorianNov 30.2012 — #Hi Lazarix,to understand why its inserting 1s and 0s try running this code:
[code=php]<?php
$var = "something";
echo "Variable isset: " . isset($var);
echo "Variable not isset: " . isset($fake);
[/code]What's happening is the TRUE and FALSE are constants that map to 1 and 0, respectively. So when you try to insert them into the database, you end up with 1 and 0.
Edit: I must be wrong about FALSE as its not outputting anything. But the true version is inputting 1.
reply?
0
@LazarixauthorDec 01.2012 — #Variable isset: 1Variable not isset:
reply?
0
@LazarixauthorDec 03.2012 — #I'd really appreciate anyone's help at this point! i'm really stuck with this 1 and 0 problem ?reply?