PDA

View Full Version : PHP & MySQL Help (Kind of Urgent)



Medyman
08-26-2007, 09:26 PM
Hey all...

Two questions:

1) How would I do this in a better way? I know I'm not doing it right or at least at the highest effeciency.

2) How can I make it so that each time something is submitted, it overwrites whatever is in the first row of the MySQL (i.e. deletes what's there and replaces it with these).

3) Why isn't this working? A similar implementation has worked for me in the past. I suppose it might have something to do with the "id" fielt which is included in the MySQL but not accounted for here, perhaps.

It traces out "Entry Added" as it's supposed to but nothing shows up in the MySQL.


<?php
if(isset($_POST['save']))
{
$date = $_POST['date'];
$backgroud = $_POST['background'];

$mheadline = $_POST['mheadline'];
$mbody = $_POST['mbody'];
$mtxt1 = $_POST['mtxt1'];
$mlink1 = $_POST['mlink1'];
$mtxt2 = $_POST['mtxt2'];
$mlink2 = $_POST['mlink2'];
$mtxt3 = $_POST['mtxt3'];
$mlink3 = $_POST['mlink3'];

$nheadline = $_POST['nheadline'];
$nbody = $_POST['nbody'];
$ntxt1 = $_POST['ntxt1'];
$nlink1 = $_POST['nlink1'];
$ntxt2 = $_POST['ntxt2'];
$nlink2 = $_POST['nlink2'];
$ntxt3 = $_POST['ntxt3'];
$nlink3 = $_POST['nlink3'];

$cheadline = $_POST['cheadline'];
$cbody = $_POST['cbody'];
$ctxt1 = $_POST['ctxt1'];
$clink1 = $_POST['clink1'];
$ctxt2 = $_POST['ctxt2'];
$clink2 = $_POST['clink2'];
$ctxt3 = $_POST['ctxt3'];
$clink3 = $_POST['clink3'];

$wheadline = $_POST['wheadline'];
$wbody = $_POST['wbody'];
$wtxt1 = $_POST['wtxt1'];
$wlink1 = $_POST['wlink1'];
$wtxt2 = $_POST['wtxt2'];
$wlink2 = $_POST['wlink2'];
$wtxt3 = $_POST['wtxt3'];
$wlink3 = $_POST['wlink3'];

$sheadline = $_POST['sheadline'];
$sbody = $_POST['sbody'];
$stxt1 = $_POST['stxt1'];
$slink1 = $_POST['slink1'];
$stxt2 = $_POST['stxt2'];
$slink2 = $_POST['slink2'];
$stxt3 = $_POST['stxt3'];
$slink3 = $_POST['slink3'];

$stheadline = $_POST['stheadline'];
$stbody = $_POST['stbody'];
$sttxt1 = $_POST['sttxt1'];
$stlink1 = $_POST['stlink1'];
$sttxt2 = $_POST['sttxt2'];
$stlink2 = $_POST['stlink2'];
$sttxt3 = $_POST['sttxt3'];
$stlink3 = $_POST['stlink3'];

$dheadline = $_POST['dheadline'];
$dbody = $_POST['dbody'];
$dtxt1 = $_POST['dtxt1'];
$dlink1 = $_POST['dlink1'];
$dtxt2 = $_POST['dtxt2'];
$dlink2 = $_POST['dlink2'];
$dtxt3 = $_POST['dtxt3'];
$dlink3 = $_POST['dlink3'];

$gheadline = $_POST['gheadline'];
$gbody = $_POST['gbody'];
$gtxt1 = $_POST['gtxt1'];
$glink1 = $_POST['glink1'];
$gtxt2 = $_POST['gtxt2'];
$glink2 = $_POST['glink2'];
$gtxt3 = $_POST['gtxt3'];
$glink3 = $_POST['glink3'];

include 'config.php';
include 'opendb.php';

$query = " INSERT INTO design (date, background) ". " VALUES ('$date', '$background')";
$query = " INSERT INTO movies (mheadline, mbody, mtxt1, mlink1, mtxt2, mlink2, mtxt3, mlink3) ". " VALUES ('$mheadline', '$mbody', '$mtxt1', '$mlink1', '$mtxt2', '$mlink2', '$mtxt3', '$mlink3')";
$query = " INSERT INTO news (nheadline, nbody, ntxt1, nlink1, ntxt2, nlink2, ntxt3, nlink3) ". " VALUES ('$nheadline', '$nbody', '$ntxt1', '$nlink1', '$ntxt2', '$nlink2', '$ntxt3', '$nlink3')";
$query = " INSERT INTO concert (cheadline, cbody, ctxt1, clink1, ctxt2, clink2, ctxt3, clink3) ". " VALUES ('$cheadline', '$cbody', '$ctxt1', '$clink1', '$ctxt2', '$clink2', '$ctxt3', '$clink3')";
$query = " INSERT INTO works (wheadline, wbody, wtxt1, wlink1, wtxt2, wlink2, wtxt3, wlink3) ". " VALUES ('$wheadline', '$wbody', '$wtxt1', '$wlink1', '$wtxt2', '$wlink2', '$wtxt3', '$wlink3')";
$query = " INSERT INTO shelves (sheadline, sbody, stxt1, slink1, stxt2, slink2, stxt3, slink3) ". " VALUES ('$sheadline', '$sbody', '$stxt1', '$slink1', '$stxt2', '$slink2', '$stxt3', '$slink3')";
$query = " INSERT INTO stage (stheadline, stbody, sttxt1, stlink1, sttxt2, stlink2, sttxt3, stlink3) ". " VALUES ('$stheadline', '$stbody', '$sttxt1', '$stlink1', '$sttxt2', '$stlink2', '$sttxt3', '$stlink3')";
$query = " INSERT INTO display (dheadline, dbody, dtxt1, dlink1, dtxt2, dlink2, dtxt3, dlink3) ". " VALUES ('$dheadline', '$dbody', '$dtxt1', '$dlink1', '$dtxt2', '$dlink2', '$dtxt3', '$dlink3')";
$query = " INSERT INTO ground (gheadline, gbody, gtxt1, glink1, gtxt2, glink2, gtxt3, glink3) ". " VALUES ('$gheadline', '$gbody', '$gtxt1', '$glink1', '$gtxt2', '$glink2', '$gtxt3', '$glink3')";

mysql_query($query) or die('Error ,query failed');

include 'closedb.php';

echo "Entry Added";
}
?>

JShor
08-27-2007, 02:27 AM
1) That code will work, but there is a faster way to insert $_POST data into MySQL. You can use functions, which will speed up and save work and typing.

Here is an example:


<?php

// This will save alot of typing for your data!
function s($data){
$data = $_POST['$data'];
}

// And here, we insert the info using function "s"
$query = " INSERT INTO design (date, background) ". " VALUES 's(date)', 's(background)') ";

mysql_query($query) or die(mysql_error());

// I used that query just for an example, the rest you can cut and paste yourself


2) If you want to overwrite what is currently on the database, you will have to use mysql UPDATE, and you must specify what row of data you need to overwrite. Here is an example:



<?php

$query = " UPDATE design WHERE date=YOUR_DATA_ROW, AND background=YOUR_DATA_ROW) VALUES ('s(date)', 's(background)')";

?>



3) One of your variables contradict themselves



<?php
if(isset($_POST['save']))
{
$date = $_POST['date'];
$backgroud = $_POST['background'];


Variable $backgroud is probably a typo (Line 5)

However, on one of your queries, the variable for backgroud is spelled differently

Because of this, it probably through off the entire line of columns in mysql, where all of the strings will not be inserted. Now, you weren't specific in the nature of the problem as all you said was "".

4) Finally, I am not sure if this is actually valid in PHP, but I think you have an illegal character in your queries. You shouldn't have those quotations and the period before the VALUES and after the column names (highlighted in red):


$query = " INSERT INTO design (date, background) ". " VALUES ('$date', '$background')";


The code should look like this:


INSERT INTO design (date, background) VALUES ('$date', '$background')";


Hope this helps and good luck!

Medyman
08-27-2007, 03:05 AM
Thanks for the help.
I'm still having some kind of problem though.

The code now looks like this:


<?php
if(isset($_POST['save']))
{
function s($data){
$data = $_POST['$data'];
}

include 'config.php';
include 'opendb.php';

$query = " INSERT INTO design (date, background) VALUES 's(date)', 's(background)' ";
$query = " INSERT INTO movies (mheadline, mbody, mtxt1, mlink1, mtxt2, mlink2, mtxt3, mlink3) VALUES 's(mheadline)', 's(mbody)', 's(mtxt1)', 's(mlink1)', 's(mtxt2)', 's(mlink2)', 's(mtxt3)', 's(mlink3)' ";
$query = " INSERT INTO news (nheadline, nbody, ntxt1, nlink1, ntxt2, nlink2, ntxt3, nlink3) VALUES 's(nheadline)', 's(nbody)', 's(ntxt1)', 's(nlink1)', 's(ntxt2)', 's(nlink2)', 's(ntxt3)', 's(nlink3)' ";
$query = " INSERT INTO concert (cheadline, cbody, ctxt1, clink1, ctxt2, clink2, ctxt3, clink3) VALUES 's(cheadline)', 's(cbody)', 's(ctxt1)', 's(clink1)', 's(ctxt2)', 's(clink2)', 's(ctxt3)', 's(clink3)' ";
$query = " INSERT INTO works (wheadline, wbody, wtxt1, wlink1, wtxt2, wlink2, wtxt3, wlink3) VALUES 's(wheadline)', 's(wbody)', 's(wtxt1)', 's(wlink1)', 's(wtxt2)', 's(wlink2)', 's(wtxt3)', 's(wlink3)' ";
$query = " INSERT INTO shelves (sheadline, sbody, stxt1, slink1, stxt2, slink2, stxt3, slink3) VALUES 's(sheadline)', 's(sbody)', 's(stxt1)', 's(slink1)', 's(stxt2)', 's(slink2)', 's(stxt3)', 's(slink3)' ";
$query = " INSERT INTO stage (stheadline, stbody, sttxt1, stlink1, sttxt2, stlink2, sttxt3, stlink3) VALUES 's(stheadline)', 's(stbody)', 's(sttxt1)', 's(stlink1)', 's(sttxt2)', 's(stlink2)', 's(sttxt3)', 's(stlink3)' ";
$query = " INSERT INTO display (dheadline, dbody, dtxt1, dlink1, dtxt2, dlink2, dtxt3, dlink3) VALUES 's(dheadline)', 's(dbody)', 's(dtxt1)', 's(dlink1)', 's(dtxt2)', 's(dlink2)', 's(dtxt3)', 's(dlink3)' ";
$query = " INSERT INTO ground (gheadline, gbody, gtxt1, glink1, gtxt2, glink2, gtxt3, glink3) VALUES 's(gheadline)', 's(gbody)', 's(gtxt1)', 's(glink1)', 's(gtxt2)', 's(glink2)', 's(gtxt3)', 's(glink3)' ";

mysql_query($query) or die(mysql_error());

include 'closedb.php';

echo "Entry Added";
}
?>

And it's giving me this error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''s(gheadline)', 's(gbody)', 's(gtxt1)', 's(glink1)', 's(gtxt2)', 's(glink2)', 's' at line 1

boogyman
08-27-2007, 05:51 PM
in php... variables are preceeded by the dollar sign $ and you cannot use parenthesis to enclose them... use curly braces {}

Medyman
08-27-2007, 05:57 PM
I'm a little confused now...

Doesn't the function take care of adding the $?

And where exactly should I be using curly braces...

If you could provide one sample $query string so I can get a better idea, I'd aprpeciate it.

Twey
08-27-2007, 06:29 PM
function s($data) {
return $_POST[$data];
}
$query = sprintf("INSERT INTO design (date, background) VALUES '" . s(date) . "', '" . s(background) . "' ";Or:
$query = "INSERT INTO design (date, background) VALUES '&#37;s', '%s' ", $_POST['date'], $_POST['background']);Or:
"INSERT INTO design (date, background) VALUES '" . s(date) . "', '" . s(background) . "' ";Or:
$query = "INSERT INTO design (date, background) VALUES '{$_POST['date']}', '{$_POST['background']}' ";But, this code has a security flaw: you haven't escaped the query elements, so anyone can run whatever code they want against your database. As well, only the last query will be executed there: only one query can be executed at a time, and = assigns rather than appending strings. Your code style suggests that you've been familiar with another language -- VB perhaps? See the PHP tutorial (http://www.php.net/tutorial).

JShor
08-27-2007, 08:28 PM
Yes, thanks Twey and boogyman. Sorry, I forgot to mention to use braces.