Hello all pls I'm new to php and been battling with this error on my form for adding data to the database. The code is below, pls help.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title>Add a Print</title>
</head>
<body>
<?php
// This page allows the administrator to add a print (product).
// Connect to the database.
$linkme = mysql_connect("localhost","dire","dream");
if (!$linkme)
die ("Could Not Connect to the Database");
mysql_select_db ("mdb_dire", $linkme);
if (isset($_POST['submitted'])) { // Check if the form has been submitted.
// Validate the bag_name, image, designer (existing or first_name, last_name, middle_name), size, price, and description.
// Check for a print name.
if (!empty($_POST['bag_name'])) {
$bn = escape_data($_POST['bag_name']);
} else {
$pn = FALSE;
echo '<p><font color="red">Please enter the bag\'s name!</font></p>';
}
// Check for an image.
if (is_uploaded_file ($_FILES['image']['tmp_name'])) {
if (move_uploaded_file($_FILES['image']['tmp_name'], "../../uploads/{$_FILES['image']['name']}")) { // Move the file over.
echo '<p>The file has been uploaded!</p>';
$i = $_FILES['image']['name'];
} else { // Couldn't move the file over.
echo '<p><font color="red">The file could not be moved.</font></p>';
$i = FALSE;
}
} else {
$i = FALSE;
}
// Check for a size (not required).
if (!empty($_POST['size'])) {
$s = escape_data($_POST['size']);
} else {
$s = '<i>Size information not available.</i>';
}
// Check for a price.
if (is_numeric($_POST['price'])) {
$p = (float) $_POST['price'];
} else {
$p = FALSE;
echo '<p><font color="red">Please enter the print\'s price!</font></p>';
}
// Check for a description (not required).
if (!empty($_POST['description'])) {
$d = escape_data($_POST['description']);
} else {
$d = '<i>No description available.</i>';
}
// Validate the designer.
if ($_POST['designer'] == 'new') {
// If it's a new designer, add the designer to the database.
$query = 'INSERT INTO Designer (first_name, middle_name, last_name) VALUES (';
if (!empty($_POST['first_name'])) {
$query .= "'" . escape_data($_POST['first_name']) . "', ";
} else {
$query .= 'NULL, ';
}
if (!empty($_POST['middle_name'])) {
$query .= "'" . escape_data($_POST['middle_name']) . "', ";
} else {
$query .= 'NULL, ';
}
// Check for a last_name.
if (!empty($_POST['last_name'])) {
$query .= "'" . escape_data($_POST['last_name']) . "')";
// Improved MySQL Version:
$result = mysqli_query($dbc, $query);
$a = mysqli_insert_id($dbc);
/* Standard MySQL Version:
$result = mysql_query ($query); // Run the query.
$a = mysql_insert_id(); // Get the artist ID.
*/
} else { // No last name value.
$a = FALSE;
echo '<p><font color="red">Please enter the designer\'s name!</font></p>';
}
} elseif ( ($_POST['designer'] == 'existing') && ($_POST['existing'] > 0)) { // Existing artist.
$a = (int) $_POST['existing'];
} else { // No designer selected.
$a = FALSE;
echo '<p><font color="red">Please enter or select the designer\'s artist!</font></p>';
}
if ($pn && $p && $a && $i) { // If everything's OK.
// Add the bag to the database.
$query = "INSERT INTO Bags (designer_id, bag_name, price, size, description, image_name) VALUES ($a, '$pn', $p, '$s', '$d', '$i')";
if ($result = mysqli_query ($dbc, $query)) { // Worked.
echo '<p>The bag has been added.</p>';
} else { // If the query did not run OK.
echo '<p><font color="red">Your submission could not be processed due to a system error.</font></p>';
}
} else { // Failed a test.
echo '<p><font color="red">Please click "back" and try again.</font></p>';
}
} else { // Display the form.
?>
<form enctype="multipart/form-data" action="addbags.php" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="524288"/>
<fieldset><legend>Fill out the form to add a bag to the catalog:</legend>
<p><b>Bag Name:</b> <input type="text" name="bag_name" size="30" maxlength="60" /></p>
<p><b>Image:</b> <input type="file" name="image" /> <small>The file name
should not include spaces or other invalid characters and should have a
file extension.</small></p>
<p><b>Designer:</b>
<p><input type="radio" name="designer" value="existing" /> Existing =
<select name="existing"><option>Select One</option>
<?
$linkme = mysql_connect("localhost","dire","dream");
if (!$linkme)
die ("Could Not Connect to the Database");
mysql_select_db ("mdb_dire", $linkme);
$designerid= $_GET['designerid'];
$result = mysql_query("SELECT * FROM Designer WHERE designerid = $designerid",$linkme);
$row = mysql_fetch_array($result);
?>
<? $result = mysql_query("SELECT * FROM course order by designerid ",$linkme);
while($row = mysql_fetch_array($result))
{?>
<option value = "<?php echo $row['designerid'] ?>"> <? echo $row['last_name']; ?> </option>
<? } mysql_close(linkme)
?>
</select>
</p>
<p>
<input type="radio" name="artist" value="new" /> New => First Name: <input type="text" name="first_name" size="10" maxlength="20" />
Middle Name: <input type="text" name="middle_name" size="10" maxlength="20" />
Last Name: <input type="text" name="last_name" size="10" maxlength="30" />
</p>
<p><b>Price:</b> <input type="text" name="price" size="10" maxlength="10" /> <small>
Do not include the dollar sign or commas.</small></p>
<p><b>Size:</b> <input type="text" name="size" size="30" maxlength="60" /></p>
<p><b>Description:</b> <textarea name="description" cols="40" rows="5"></textarea></p>
</fieldset>
<div align="center"><input type="submit" name="submit" value="Submit" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</form>
<?php
} // End of main conditional.
?>
</body>
</html>
