First off, let me say I'm glad to see you persevering and the board giving you a little bit of help.
I sat here for about 25 minutes last night composing an excellent answer to your last post addressed to me, complete with a compliment on your language and expressed patient personality, links to articles about the need for data verification and several lines of code to help you see how it might be implemented, complete with comments, and so on.
And note that I said 25 minutes --- which is, apparently, longer than the session timeout for the forum these days. Since I'm using a "borrowed" old notebook at home, I don't have Lazarus installed here, so it was lost when I had to login after pushing the reply key. Now, as you might guess, I have a long session cookie set via the "keep me logged in" mechanism. Hint, hint to the owners: it could be that StackOverflow and FaceBook aren't the only reasons that there are less people on here than in the past; enough folks get bit by your absurdly short session timeout and the help will stop flowing 😉
ryanm353;11045593 wrote:I decided I dont need helpdesk verify as the form checks to see if the fields are filled out before the form can be submitted so thats ok.
I assume you mean via JavaScript, and that's a good thing; nonetheless, PHP server-side checks should generally also be implemented for a form that is actually on the WWW (and not an intranet) because any script kiddie can open Firebug (or its equivalent) and bypass the JS checks on a form. Why is a pretty good question, but for some of them it's irrelevant and they'll do it anyway, and one of the prime laws of security is that you plan everything to be secure whether you think you need to or not. Sooner or later someone will get into your system and do something they shouldn't; whether it's stealing an image, adding a malicious JavaScript to the footer of your site, or turning off your great-grandmother's life support, you're still going to wish you'd done a better job with security.
My main concern now is its not carrying out the query. I have no idea why, I must be doing something wrong. When I click submit I be directed to Helpdesk_Protected.php as per the header, but nothing is being input into the DB table so obviously the query isnt working. Why is this? The paste of code is below.
I have also included screenshots so you can see what I mean.
The Pastebin appears to have been removed, and I'm afraid I couldn't get much helpful information from the graphics ... it could be that long day working on the search engine and everything else the IT VP decided to throw my way, I guess...
If you do know why please make the answer as simple as possible as im not very knowledgeable about php fully yet. Any help would be great. Thanks.
You might try reading the "Debugging 101" thread that I think is still linked in my forum signature. Generally, if a DB insert is not working it's either a connection problem or a syntax problem with the SQL statement(s).
Bonesnap observed that you're using MysqlI --- so, you could simply do something like:
print_r( $the_mysqli_db_object );
and you'd get more info that we really want to see posted here 😉 --- including an error message if one was given. Of course, that assumes that the connection was successful in the first place and the MySQLi object actually was created. Once again, this is an issue of error checking:
$db_connect = mysqli_connect( 'localhost', $username, $pass, $db_name );
if ( !$db_connect ) {
echo "Program couldn't connect to Database Server!";
exit;
}
Notice that, once again, echo() followed by exit is pretty much the same as die() and you'd want some boilerplate code or a pretty-print error-handling system if you're actually going to put this code in front of the general public, from whom, we expect, you want money or prestige or at least some goodwill and a desire to use your site/program regularly.
HTH,
