inserting multipage form into mysql

LegionSmith · 2008-12-18T04:21:59+00:00

Hi Everyone! I'm hoping someone here can help me. I have a 5 page form with roughly 175 fields/checkboxes that I'm trying to get inserted into a mysql datab...

inserting multipage form into mysql

djjjozsi

i check the error, see the comments (sorry but i missed a basic syntax):


    if($key!="Submit")
    {
            $first.="`$key`,";  //    <-----   use ` in field names
            $second.="'{". mysql_real_escape_string($var)."}',";   //   <-----  use ' on values.

        echo '<input type="hidden" name="' . $key . '" value="'    .  htmlentities($var, ENT_QUOTES)   . '" />' . "\r\n";
    }

LegionSmith

Ok, I just straight copied your last code block into my code, because I didn't quite follow what you meant in the comments, I assumed you put the correct code before the comments.

here's what I have now:

<?php
mysql_connect("localhost", "myusername", "mypass") or die(mysql_error());
mysql_select_db("westoco6_app") or die(mysql_error());

if(!empty($_POST))
{

$first="";
   $second.="'".mysql_real_escape_string($var)."',";
    $insert="INSERT INTO application (";
    foreach ($_POST as $key => $var)
    {
        if($key!="Submit")
        {
                $first.="`$key`,";  //    <-----   use ` in field names
                $second.="'{". mysql_real_escape_string($var)."}',";   //   <-----  use ' on values.

        echo '<input type="hidden" name="' . $key . '" value="'    .  htmlentities($var, ENT_QUOTES)   . '" />' . "\r\n";
    } 
}
$query=$insert.$first.") VALUES (".$second.");";
$query=str_replace(",)",")", $query) ;

  mysql_query($insert) OR die(mysql_error()) ; 
	   }
?>

I'm still getting the syntax error and my editor (PHP Designer) is telling me that the final }
right before the closing php tag is invalid.

LegionSmith

ok, I got my editor to stop throwing the error, the code reall hasn't changed I just removed some white space. here's the code now:

<?php
mysql_connect("localhost", "myuser", "mypass") or die(mysql_error());
mysql_select_db("westoco6_app") or die(mysql_error());

if(!empty($_POST))
{

$first="";
   $second.="'".mysql_real_escape_string($var)."',";
    $insert="INSERT INTO application (";
    foreach ($_POST as $key => $var)
    {
        if($key!="Submit")
        {
                $first.="`$key`,";  //    <-----   use ` in field names
                $second.="'{". mysql_real_escape_string($var)."}',";   //   <-----  use ' on values.

        echo '<input type="hidden" name="' . $key . '" value="'    .  htmlentities($var, ENT_QUOTES)   . '" />' . "\r\n";
    } 
}
$query=$insert.$first.") VALUES (".$second.");";
$query=str_replace(",)",")", $query) ;
mysql_query($insert) OR die(mysql_error()) ; 
}  
?>

but I still get the syntax error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

and the best news is I actually understand what we're doing here. but apparently not enough to know why I get the syntax error. And just a side note, nothing has actually submitted to the database yet.

Thanks,
Michael

djjjozsi

i've count the } { brackets and it looks OK.

<?php
	mysql_connect("localhost", "myuser", "mypass") or die(mysql_error());
	mysql_select_db("westoco6_app") or die(mysql_error());

if(!empty($_POST))
{

	$first="";
	$second="";
	$insert="INSERT INTO application (";
	foreach ($_POST as $key => $var)
	{
		if($key!="Submit")
		{
			$first.=$key.",";  //    <-----   use ` in field names if you want to make this better
			$second.="'". mysql_real_escape_string($var)."',";   //   <-----  use ' on values.

			echo '<input type="hidden" name="' . $key . '" value="'    .  htmlentities($var, ENT_QUOTES)   . '" />' . "\r\n";
		}
	}
	$query=$insert.$first.") VALUES (".$second.");";
	$query=str_replace(",)",")", $query) ;
	mysql_query($insert) OR die(mysql_error()) ;
}
?>

LegionSmith

Yeah I counted the brackets too, got my editor to recognize them. I think it was just some extra whitespace.

Alright, I noticed that my submit button name and type were "submit" and in your code you had:

if($key!="Submit")

So I changed my "submit" to "Submit".

still getting the error though and no submission to db.

Michael

djjjozsi

test my previos code please.

and submit button's value might be Submit

LegionSmith

ok I just tested the code you most recently posted. Still getting the error. here's that code:

<?php
mysql_connect("localhost", "myuser", "mypass") or die(mysql_error());
mysql_select_db("westoco6_app") or die(mysql_error());

 if(!empty($_POST))
    {

    $first="";
    $second="";
    $insert="INSERT INTO application (";
    foreach ($_POST as $key => $var)
    {
        if($key!="Submit")
        {
            $first.=$key.",";  //    <-----   use ` in field names if you want to make this better
            $second.="'". mysql_real_escape_string($var)."',";   //   <-----  use ' on values.

            echo '<input type="hidden" name="' . $key . '" value="'    .  htmlentities($var, ENT_QUOTES)   . '" />' . "\r\n";
        }
    }
    $query=$insert.$first.") VALUES (".$second.");";
    $query=str_replace(",)",")", $query) ;
    mysql_query($insert) OR die(mysql_error()) ;
}
?>

Here's the code from page 5 that goes to the process page:

<form action="process.php" method="post" enctype="multipart/form-data" name="employment_form" id="employment_form">
 <?php foreach ($_POST as $key => $val) {
  echo '<input type="hidden" name="' . $key . '" value="' 
    . htmlentities($val, ENT_QUOTES) . '" />' . "\r\n";
} 
?>
<input name="Applicant_Signature" type="text" />
  &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
  <input name="Signature_Date" type="text" />
  <br />
  Signature of Applicant&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Date </p>
<p align="center">
  <input name="Submit" type="Submit" value="Submit my Application" />
</p>

</form>

Just to tell you, in the connection I've tried it with localhost, the ip, and also the domain url just to see if it made any difference. so far it hasn't. any of the 3 should work...

Thanks,

Michael

djjjozsi

i found the problem (we must use $query and not $insert in the mysql_query ):

        $query=str_replace(",)",")", $query) ;
        mysql_query($query) OR die(mysql_error()) ;

i will happy if it works 🙂

jjozsi

LegionSmith

Ok I had to step out for a few minutes, sorry for the delay.

Ok, you were totally right on that last one, and it was really obvious, I should have seen that myself.

Now, the only problem is it's trying to insert the Submit buttons value into the database:

Unknown column 'submit' in 'field list'

so we need to remove that from the array.

I was thinking something like this:

$submit_btn = array_keys($_POST, 'submit');
array_splice($_POST, $submit_btn, 1, "");

What do you think?

Michael

djjjozsi

change in your code a Submit into submit with lowercase.

  if($key!="submit")     

...
...

if the posted key not equal with submit, then add the
key and value to the mysql insert query

Hello,
jjozsi

LegionSmith

Ok, wait I gotcha. it already was a lowercase:

 $first="";
        $second="";
        $insert="INSERT INTO application (";
        foreach ($_POST as $key => $var)
        {
            if($key!="submit")
            {
                $first.=$key.",";  //    <-----   use ` in field names if you want to make this better
                $second.="'". mysql_real_escape_string($var)."',";   //   <-----  use ' on values.

            echo '<input type="hidden" name="' . $key . '" value="'    .  htmlentities($var, ENT_QUOTES)   . '" />' . "\r\n";
        }
    }

I changed every submit in the entire site to lowercase just now

LegionSmith

SUCCESS!!!

Ok sweet, that totally worked. I had to clear my cache.

ok, one last thing. I need the user to be sent to a success page. right now page 5 posts to process.php. which ultimately is a blank page for the user.
I already have a success.php page. so my question is, should I just put the processing script at the top of success.php or should I still go to process.php and then put some sort of redirect in it that sends the user to success.php?

For future viewers of this post, here is all the working code we used for passing form values through several pages and then finally posting into a database after completion of form:

Use this code in all form pages except your first form page:

<?php foreach ($_POST as $key => $val) {
  echo '<input type="hidden" name="' . $key . '" value="' 
    . htmlentities($val, ENT_QUOTES) . '" />' . "\r\n";
} 
?>

place the code above just inside your form begin tag. example:

<form method="POST" action="employment3.php" enctype="application/x-www-form-urlencoded" name="employment_form" id="employment_form">
   <?php foreach ($_POST as $key => $val) {
  echo '<input type="hidden" name="' . $key . '" value="' 
    . htmlentities($val, ENT_QUOTES) . '" />' . "\r\n";
} 
?>

Then in your final processing script use the code below. change the database values to match your own:

<?php
mysql_connect("myhost", "myusername", "mypass") or die(mysql_error());
mysql_select_db("mydatabase") or die(mysql_error());

 if(!empty($_POST))
    {

    $first="";
    $second="";
    $insert="INSERT INTO mydbtable (";
    foreach ($_POST as $key => $var)
    {
        if($key!="submit")
        {
            $first.=$key.",";  //    <-----   use ` in field names if you want to make this better
            $second.="'". mysql_real_escape_string($var)."',";   //   <-----  use ' on values.

            echo '<input type="hidden" name="' . $key . '" value="'    .  htmlentities($var, ENT_QUOTES)   . '" />' . "\r\n";
        }
    }
    $query=$insert.$first.") VALUES (".$second.");";
     $query=str_replace(",)",")", $query) ;
    mysql_query($query) OR die(mysql_error()) ; 
}
?>

And that's what worked for us!

LegionSmith

Thank you soooo much for all your effort djjjozsi. I owe you a beer big time. If you ever need anything just let me know. I really, really appreciate all your help.

Thanks!

Michael Smith

djjjozsi

Your welcome.
i think redirect the user is better then you keep the user at the last page,
just for one thing, if the user refresh that page that will insert his/hes quiz once.