Hi there people,

I'm just starting to learn PHP inbetween my normal job as a hobby, followed a tutorial and wrote my first comment box but one of the aspects of the script isn't working.. well two of them.

its a comment box script with a form for inputting, the script then takes info and is meant to insert it in my database and then retrieve it so it can be displayed on screen!

heres my problem, i fill the form in with no errors, send it with no errors, but the data does not get inserted into my db therefore does not display the data back on the page, so i went into mysql and inserted test data, went back to my form page and refreshed.. and voila it displayed the inserted data, so im assuming theres something wrong with my insert query or something along those lines?

can someone have a look at my code and let me know please?

<?php
//connecting to mysql & database
if(mysql_connect('localhost','root','') && mysql_select_db('comments')) {

$time = time();
$errors = array();

if(isset($_POST['name'], $_POST['email'], $_POST['location'], $_POST['word1'], $_POST['word2'], $_POST['word3'])){

	$name = mysql_real_escape_string(htmlentities($_POST['name']));
	$email = mysql_real_escape_string(htmlentities($_POST['email']));
	$location = mysql_real_escape_string(htmlentities($_POST['location']));
	$word1 = mysql_real_escape_string(htmlentities($_POST['word1']));
	$word2 = mysql_real_escape_string(htmlentities($_POST['word2']));
	$word3 = mysql_real_escape_string(htmlentities($_POST['word3']));


	if(empty($name) || empty($email) || empty($location) || empty($word1) || empty($word2) || empty($word3)){

		$errors[] = 'All fields are required!.';

	}
		if(strlen ($name)>25 || strlen($email)>255 || strlen($location)>20 || strlen($word1)>15 || strlen($word2)>15 || strlen($word3)>15){

		$errors[] = 'One of the fields exceeded the given chars limit.';

		}

		if (empty($errors)) {

		 $insert = "INSERT INTO `3words` ('name','email','location','word1','word2','word3') VALUES ('$name','$email','$location','$word1','$word2','$word3')";

		 if($insert = mysql_query($insert)) {

			header ('Location: '.$_SERVER['PHP_SELF']);

		 }else{
			$errors[] = 'Something has screwed up please try again later!';
		 }

		}else {
			foreach($errors as $error){

				echo'<p><strong>'.$error.'</strong></p>';

			}
		}

}

$entries = mysql_query("SELECT `timestamp`,`name`, `email`, `location`,`word1`,`word2`, `word3` FROM `3words` ORDER BY `timestamp` DESC");

	if(mysql_num_rows($entries) ==0){

		echo'No entries yet';
    }else {
		while ($entries_row = mysql_fetch_assoc($entries)) {

			$timestamp = $entries_row['timestamp'];
			$name = $entries_row['name'];
			$email = $entries_row['email'];
			$location = $entries_row['location'];
			$word1 = $entries_row['word1'];
			$word2 = $entries_row['word2'];
			$word3 = $entries_row['word3'];

			echo "<br/><b>Posted by $name on:  </b>";
			echo "$timestamp</b><br/>";
			echo "$word1 $word2 $word3<br/>";


		}
	}


//display comments

} else {
	echo 'Could not connect at this time.';
}


?>

<html>
<head>
<LINK rel="stylesheet" type="text/css" href="./form.css" />
</head>
<hr>
<div id="form">
<form action="<?php echo $_SERVER['PHP_SELF'];?>" method="POST">
<h2>Name:*</h2><p><input class="info" type="text" name="name"></p>
<h2>Email:*</h2><p><input class="info" type="text" name="email"></p>
<h2>Location:*</h2><p><input class="info" type="text" name="location"></p>
<input class="word" type="text" name="word1">
<input class="word" type="text" name="word2">
<input class="word" type="text" name="word3">
<input class="button" type="submit" name="submit" value="Send">
</form>
</div><!--form-->

    I added an opening "<?php" tag in your code so that the syntax highlighting would work here. Just to be sure: you do have it in the actual code, right? 😉

      I believe this:

      <?

         $insert = "INSERT INTO `3words` ('name','email','location','word1','word2','word3') VALUES ('$name','$email','$location','$word1','$word2','$word3')"; 

         if($insert = mysql_query($insert)) { 

// Should be this

         $insert = "INSERT INTO `3words` ('name','email','location','word1','word2','word3') VALUES ('$name','$email','$location','$word1','$word2','$word3')"; 

         if(mysql_query($insert)) {

      I believe its saying if this variable is succesfully set as opposed to if the query executes successfully. I could be wrong

        @: As far as the if() statement goes, the two versions are actually equivalent. The result of an assignment expression (e.g. if evaluated in an if() statement) is the right-hand side of the expression, so the first version will overwrite the value of $insert with the result of the mysql_query() call and evaluate to that same result as well.

          Well, what you should always be doing when debugging, is output/log any error messages, which in the case of mysql_query are handled like this

          if ($rsult = mysql_query($some_query))
{

}
# error
else
{
	# or error_log()
	echo mysql_errno() . ': ' . mysql_error();
	# optionally, echo / log the whole query
	echo $some_query;
}

          You should get an error message about your use of single quoted indentifiers (no idea what that message actually says). According to the SQL standard, single quotes are used to delimit string literals, while double quotes are used to delimit identifiers (fields, tables etc). Double quotes are only needed if you use an identifier which is also a SQL reserved word, such as "select". However, MySql for some reason uses backticks `to delimit identifiers.

            Write a Reply...