<?
//simple insert page with basic error checking
//note I do not recommend storing pictures into a DB, too many
//downsides against it....suggest you store the path to the
//image ina text field and store the image in a folder
// You will need to decide what to do here, I won't code for the
//image part of the page
if ((!$year)&&(!$make)&&(!$model)&&(!$price)){
show_form();
}else{
//check to see if year is 4 digits and a number
if ((len($year) <>4)|| (!is_numeric($year)){
$err = 1;
}
if ((!$make)||(len($make)<3){
$err=2;
}
if ((!$model)||(len($model)<3)){
$err=3;
}
if((!$price)||(!is_numeric($price)){
$err=4;
}
require("dbconn.php"); //separate file containing database
//connection code
$sql = "insert into cars_table values ('$year', '$make','$model', '$price');
$result=mysql_query($sql,$conn) or die("Couldn't activate database!");
//addslashes returns a string with backslashes before
//characters that need to be quoted in database queries etc.
//These characters are single quote ('), double quote ("),
//backslash (\) and NUL (the NULL byte).
$make=addslashes($make);
$model=addslahes($model);
$year = addslashes($year);
$price=addslashes($price);
if($result){
echo "record addition successful!";
}
}
function show_form(){
echo "<html><body>
<script language = \"javascript\">
function show_erorr(){
if (forms.error.value==1){
alert("there is a problem with the year variable");
forms.year.focus;
}
if (forms.error.value==2){
alert("there is a problem with the make variable");
forms.make.focus;
}
if (forms.error.value==3){
alert("there is a problem with the model variable");
forms.model.focus;
}
if (forms.error.value==4){
alert("there is a problem with the price variable");
forms.price.focus;
}
}
</script>
<body onload="error();">
//PHP_SELF submits the form back to this page for processing
//can also be changed to another page
<form enctype="multipart/form-data" method="POST" action="PHP_SELF">
year
<input type="Text" name="year" size="25" value=\"$year\">
<br>
make
<input type="Text" name="make" size="25" value=\"$make\">
<br>
model
<input type="Text" name="model" size="25" value=\"$model\">
<br>
price
<input type="Text" name="price" size="25" value=\"$price\">
<br>
picture
<input name="picture" type="file">
<input type="submit" value="submit">
<input type="reset" value="clear">
</body></html>";
}
?>
realistically you would need more error checking to make sure al the variables conform to the standards of your DB.
when you figure out how to handle the images, insert that code below the insert into the DB statement. I suggest that the image name be stored and the image placed in a folder, then when showing the image, it is just a matter of writing the image name back to the browser like this
echo "<image name="car" src="/images/$imagename">;
hth
