Help me with this! I have been tring for a while now and it still does work!

philvia

This is were the users can add a link... when they do it is supposed to insert it into the db. Then the db send it to a webpage...
I don't know how to get it to work...any help is greatly appricieated*.

<?
$pagetitle="Add a Level";
include("../include/head.php");
echo $harsss;
function auth($userid, $password) {
$sql="SELECT username FROM users WHERE username='$userid' AND userpass='$password'";
$result=mysql_query($sql);
if(!mysql_num_rows($result)) return 0;
else {
$query_data=mysql_fetch_row($result);
return $query_data[0];
}
}
$username=auth($uname,$pword);
if (!$username)
{
echo "<table border=1 cellspacing=0 width=100%>
<tr><td>You are not authorized to view this page.</td></tr>
</table>
";
include("../include/foot.php");
exit;
}
echo "<table border=1 cellspacing=0 width=100%>

<tr><td COLSPAN=3 align=center><font SIZE=6>Add a Link</font></td></tr>
<tr><td COLSPAN=3 CLASS=LITE ALIGN=center><font SIZE=3><i>Return to: <a HREF=\"../boards/index.php\" CLASS=MENU>Board List</a>";
if ($board) { echo " | <a HREF=\"../boards/gentopic.php?board=$board\" CLASS=MENU>Topic List</a>"; }
if ($topic) { echo " | <a HREF=\"../boards/genmessage.php?board=$board&topic=$topic\" CLASS=MENU>Message List</a>";
}
echo " | <a HREF=\"links.php";
echo "\" CLASS=MENU>Links</a>
</i></font></td></tr>";
if (($post) && ($linkid) && ($linkname) && ($linkdesc)) {
$sql="INSERT INTO link (linkid,linkname,linkdesc) VALUES ('".htmlentities($linkid)."','".nl2br($linkname)."','$linkdesc',')";
$result=mysql_query($sql);
echo "<tr><td align=center colspan=3><b>This link was added successfully.</b></td></tr>";
}
echo "<tr><td COLSPAN=3 CLASS=DARK ALIGN=CENTER><font SIZE=3>Add New Link</font></td></tr>";
echo "<form action=\"addlink.php";
if ($board) {echo "?board=$board"; }
if ($topic) {echo "&topic=$topic"; }
echo "\" method=\"post\">
<tr><td>Link Name:</td><td colspan=2><input type=\"text\" name=\"linkname\" value=\"\" size=\"30\" maxlength=\"255\"></td></tr>
<tr><td>Link Description:</td><td colspan=2><textarea cols=\"60\" rows=\"8\" name=\"rbody\" WRAP=\"virtual\"></textarea></td></tr>
<tr><td colspan=3><input type=\"submit\" name=\"post\" value=\"Add Link\"></td></tr>
</form>
</form>
</table>";
include("../include/foot.php");
?>

ofSHIZ

echo $harsss;

Does harsss have a variable?

stovellp

What sort of error message are you getting? Is it simply a parse error, or is it more than that?

if (($post) && ($linkid) && ($linkname) && ($linkdesc)) {

Do all these variables exist?

Also, you might do well to change

echo "<form action=\"addlink.php"; 
if ($board) {echo "?board=$board"; } 
if ($topic) {echo "&topic=$topic"; } 

--To--

echo '<form action="addlink.php" method="POST">';
if ($board) echo "<input type='hidden' name='board' value=\"$board\">";
if ($topic) echo "<input type='hidden' name='topic' value=\"$topic\">";

Because as far as memory serves me I think the values will be overridden with only the true ones, not the ones you add on to the and of the form (although I may be wrong).

It would be better if we knew what sort of errors you were getting though.

Edit:
Also, I see no calls to connect to the server and select the database, nor to close the connection. I trust you have those though. And may I suggest changing from using (\") to (') to make it easier for yourself and others to read? Its fine when in an editor that uses different colours, but here on the board as black text it can be a bit of a pain.

Edit #2:
Also, you have an extra comma/apostrophe at the end of your query, which may result in an error.

$sql="INSERT INTO link (linkid,linkname,linkdesc) VALUES ('".htmlentities($linkid)."','".nl2br($linkname)."','$linkdesc'[b][COLOR=blue],'[/COLOR][/b])";

~ Paul