When I run this program I am getting this error-
Fatal error: Function name must be a string in D:\wamp\www\...\add.php on line 11

<html>
<head>
<title>Emp Add</title>
</head>
<body>
<?php
$eid=$_POST("eid");
$enm=$_POST('enm');
$sal=$_POST('sal');
?>
<form action="add.php" method="POST">
Enter emp id: <input type="text" name="eid"><br>
Enter emp name: <input type="text" name="enm"><br>
Enter salary: <input type="text" name="sal"><br>
<input type="submit" value="Enter"><br>
</form>
<?php
$con=mysql_connect('localhost','root','');
if(!$con)
{
die("Error:".mysql_error());
}
$db=mysql_select_db('db1',$con)
or die("error:".mysql_error());
$sql="insert into emp(emp_id,ename,salary) values('$eid','$enm','$sal')";
if(!mysql_query($sql,$con))
{
die('Error:'.mysql_error());
}
else
{
echo "Record Saved";
}
mysql_close($con);

?>
</body>
</html>
Line 11 is ok I think. I tried 'eid',then eid but none worked!! :(
Pls help me,I can't figure it out.

why don't you slap an if else statement in there so it doesn't run the php until submit is hit and see if that helps. something like:


<html>
<head>
<title>Emp Add</title>
</head>
<body>

<form action="add.php" method="POST">
Enter emp id: <input type="text" name="eid"><br>
Enter emp name: <input type="text" name="enm"><br>
Enter salary: <input type="text" name="sal"><br>
<input type="submit" value="Enter"><br>
</form>
<?php
if(!$_POST)
{
break;
}
else{
$eid=$_POST("eid");
$enm=$_POST('enm');
$sal=$_POST('sal');

$con=mysql_connect('localhost','root','');
if(!$con)
{
die("Error:".mysql_error());
}
$db=mysql_select_db('db1',$con)
or die("error:".mysql_error());
$sql="insert into emp(emp_id,ename,salary) values('$eid','$enm','$sal')";
if(!mysql_query($sql,$con))
{
die('Error:'.mysql_error());
}
else
{
echo "Record Saved";
}
mysql_close($con);
}
?>
</body>
</html>


otherwise my noobie eyes don't see an issue.

Well@bacondelta,I tried your program & your code generates another fatal error!! :rolleyes:

Fatal error: Cannot break/continue 1 level in D:\wamp\www\..\add.php on line 16

When I run this program I am getting this error-
Fatal error: Function name must be a string in D:\wamp\www\...\add.php on line 11


$eid=$_POST("eid");
$enm=$_POST('enm');
$sal=$_POST('sal');

You're using parenthesis () instead of square brackets [] for your array indices, so PHP thinks you're trying to use a function. Should be:
$eid = $_POST['eid'];
$enm = $_POST['enm'];
$sal = $_POST['sal'];

Beyond that, you should never use user input directly in a SQL statement. Best case: errors. Worst case: completely hacked.

Always validate/ sanitize your data before querying your DB:
$eid = mysql_real_escape_string( $_POST['eid'] );
$enm = mysql_real_escape_string( $_POST['enm'] );
$sal = mysql_real_escape_string( $_POST['sal'] );

.............................

btw, baconDelta, this:

if(!$_POST)
{
break;
}
else{ makes no sense -since $_POST is a superglobal, it is always set (it's an array), and you'll always get the else{} and not the if{} (unless you do something like $_POST = FALSE beforehand)- use something like
if(!empty( $_POST )){
/* code goes here */
}instead.

oh wait, you're using parenthesis where you should be using brackets.



$eid=$_POST("eid");
$enm=$_POST('enm');
$sal=$_POST('sal');


should be:



$eid=$_POST["eid"];
$enm=$_POST["enm"];
$sal=$_POST["sal"];

lawls just saw the bracket issue.

yeah that if statement makes more sense ha. derpaherp! oh yeah and real escape. i'll get better i promise lol :D:D:D

edit: the !$_POST works in my code but yours is smarter lol so i'mma switch it :B

edit: the !$_POST works in my code but yours is smarter lol so i'mma switch it

well, it may appear to be working (i.e., does what you expect), but what's happening is probably not exactly what you think. this was my test case:
if(!$_POST){ print 0; }else{ print 1; }
// this will always print "1"

if(!$_POST){ break; }else{ print 1; }
// likewise, always prints "1" - probably what you wanted.
// however, this doesn't mean that $_POST['eid'] (et.al.) are set.

if(empty( $_POST ){ break; }else{ print 1; }
// using empty() makes sure there are actual _values_ in the $_POST array
// (though we _should_ take it a step further
// and test for the specific values we're going to use).

// furthermore:

$_POST = FALSE; // unlikely, but might happen
if(!$_POST){ break; }else{ print 1; }
// matches if{} condition
// break triggers an error:
// "Fatal error: Cannot break/continue 1 level in ..."
// ...because break only works in for, foreach, while, do-while or switch.

// SO, best would be:

if(!empty( $_POST['eid'] ) && !empty( $_POST['enm'] ) && !empty( $_POST['sal'] )){
/* code goes here */
}

Ok Thank You Traq.
I tried the code as you suggested -

<html>
<head>
<title>Emp Add</title>
</head>
<body>

<form action="add.php" method="POST">
Enter emp id: <input type="text" name="eid"><br>
Enter emp name: <input type="text" name="enm"><br>
Enter salary: <input type="text" name="sal"><br>
<input type="submit" value="Enter"><br>
</form>
<?php
if(!empty( $_POST['eid'] ) && !empty( $_POST['enm'] ) && !empty( $_POST['sal'] )){
$eid = mysql_real_escape_string( $_POST['eid'] );
$enm = mysql_real_escape_string( $_POST['enm'] );
$sal = mysql_real_escape_string( $_POST['sal'] );
}
$con=mysql_connect('localhost','root','');
if(!$con)
{
die("Error:".mysql_error());
}
$db=mysql_select_db('db1',$con)
or die("error:".mysql_error());
$sql="insert into emp(emp_id,ename,salary) values('$eid','$enm','$sal')";
if(!mysql_query($sql,$con))
{
die('Error:'.mysql_error());
}
else
{
echo "Record Saved";
}
mysql_close($con);
?>
</body>
</html>
Now one last hitch,i get this message first time I load the add.php page -
"Record Saved".
Subsequently this message keeps coming up -
Error: Duplicate entry '' for key 'PRIMARY'.

When I check my table 'emp' in 'db1' database ,I find that a blank entry has been added to the table the first time I loaded the 'add.php' page!!
The entry in the table 'emp' is as follows-
emp_id- blank(empty)
ename- blank(empty)
salary- 0

Can you please help further?

that blank entry is probably from earlier tests. delete it, and then try the script again and see if it comes back.

However, note that a PRIMARY KEY must be unique - to avoid the error, you should check if the employee id exists before trying to enter it:
<?php
if( mysql_num_rows( mysql_query( "SELECT `emp_id` FROM `emp` WHERE `emp_id`=$eid" ) ) !== 0 ){
/* emp_id already exists, so give an error message */
}else{
/* emp_id doesn't exist yet; insert the new record */
}

however however, it's much easier to simply make your primary key auto_increment.
can you show your DB structure?

Sorry Traq this time u r wrong.
I tried ur code -

<html>
<head>
<title>Emp Add</title>
</head>
<body>

<form action="add.php" method="POST">
Enter emp id: <input type="text" name="eid"><br>
Enter emp name: <input type="text" name="enm"><br>
Enter salary: <input type="text" name="sal"><br>
<input type="submit" value="Enter"><br>
</form>
<?php
if(!empty( $_POST['eid'] ) && !empty( $_POST['enm'] ) && !empty( $_POST['sal'] )){
$eid = mysql_real_escape_string( $_POST['eid'] );
$enm = mysql_real_escape_string( $_POST['enm'] );
$sal = mysql_real_escape_string( $_POST['sal'] );

$con=mysql_connect('localhost','root','');
if(!$con)
{
die("Error:".mysql_error());
}
$db=mysql_select_db('db1',$con)
or die("error:".mysql_error());
if( mysql_num_rows( mysql_query("SELECT 'emp_id' FROM 'emp' WHERE 'emp_id'=$eid" ) ) !== 0 )
{
echo "Employee id already exists";
}
else
{
$sql="insert into emp(emp_id,ename,salary) values('$eid','$enm','$sal')";
}
if(!mysql_query($sql,$con))
{
die('Error:'.mysql_error());
}
else
{
echo "Record Saved";
}
mysql_close($con);
}
?>
</body>
</html>
I get error when I try to submit data -
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in D:\wamp\www\..\add.php on line 26


p.s.: And you want to see my DB structure or emp table structure? But tell me how can I show here? still I try to show table structure this way (if u know any better way pls inform me)
dispaly DB structure
# Column Type Collation Attributes Null Default Extra Action
1 emp_id varchar(5) latin1_swedish_ci No None Change
2 ename varchar(30) latin1_swedish_ci Yes NULL Change
3 salary int(20) Yes NULL Change

"SELECT 'emp_id' FROM 'emp' WHERE 'emp_id'=$eid"

You copied the query incorrectly. Note where I'm using single quotes ( ' ) and where I'm using backticks ( ` ):
"SELECT `emp_id` FROM `emp` WHERE `emp_id`='$eid'"single quotes enclose string literals, whereas backtics enclose db/table/col names (to indicate that they're not SQL commands - e.g., "SELECT * FROM select" would cause an error, while "SELECT * FROM `select`" would not - assuming your table name was "select"). It not always necessary to do this, but it's a good habit to build, and can save tons of headaches over an unexpected problem later on.

BTW, an error like this:
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given ...
means that the function returned FALSE (i.e., encountered an error) instead of returning a result, so you know to look for errors in the query.

As for you DB structure, is emp_id a random number (used by the database to id the record) or is it a number assigned by the company? If it's the latter, I would suggest making it a UNIQUE column and making another column (preferably an AUTO_INCREMENT col) to be the primary key.

Also, is there a reason it's varchar? if it's _only_ numbers, I'd recommend making it int.

interesting traq that may be why the if else statement i setup with the (!$_POST) isn't working, but always returning the same value no matter what. i'll experiment :B thanks man!


and dcr33 why not try changing those varchars to text? they take up just slightly more space but i believe they're a lot less picky about what you put in them. you should make an id column though that auto increments. then each entry will automatically have it's own row, regardless of whether it is the same data, because the id is bound to be different.

edit: grah i always post just a bit after you do traq >_< didn't see your new post.

edit2: take all my advice with like a barrel of salt dcr33 haha hey at least we both say go with auto increment :D w00t

You might also want to add single quotes around the $eid value in the event that a user submits a non-numerical value. If they submit a string (for example "two words"), then that will trigger an error.

You might also want to add single quotes around the $eid value in the event that a user submits a non-numerical value. If the submit a string (for example "two words"), then that will trigger an error.

yes - that was an oversight on my part. corrected