Fatal error: Function name must be a string

**dcr33** · 01-02-2012, 03:11 PM

When I run this program I am getting this error-
Fatal error: Function name must be a string in D:\wamp\www\...\add.php on line 11

PHP Code:


<html>

<head>

<title>Emp Add</title>

</head>

<body>

<?php

$eid=$_POST("eid");

$enm=$_POST('enm');

$sal=$_POST('sal');

?>

<form action="add.php" method="POST">

Enter emp id: <input type="text" name="eid"><br> 

Enter emp name: <input type="text" name="enm"><br>

Enter salary: <input type="text" name="sal"><br>

<input type="submit" value="Enter"><br>

</form>

<?php

$con=mysql_connect('localhost','root','');

 if(!$con)

 {

  die("Error:".mysql_error());

  }

 $db=mysql_select_db('db1',$con)

 or die("error:".mysql_error());

$sql="insert into emp(emp_id,ename,salary) values('$eid','$enm','$sal')";

if(!mysql_query($sql,$con))

{

 die('Error:'.mysql_error());

 }

 else

 {

  echo "Record Saved";

  }

  mysql_close($con);



?>

</body>

</html>

Line 11 is ok I think. I tried 'eid',then eid but none worked!!

Pls help me,I can't figure it out.

**baconDelta** · 01-02-2012, 04:48 PM

why don't you slap an if else statement in there so it doesn't run the php until submit is hit and see if that helps. something like:

PHP Code:


<html>

<head>

<title>Emp Add</title>

</head>

<body>



<form action="add.php" method="POST">

Enter emp id: <input type="text" name="eid"><br> 

Enter emp name: <input type="text" name="enm"><br>

Enter salary: <input type="text" name="sal"><br>

<input type="submit" value="Enter"><br>

</form>

<?php

if(!$_POST)

{

    break;

}

else{

$eid=$_POST("eid");

$enm=$_POST('enm');

$sal=$_POST('sal');



$con=mysql_connect('localhost','root','');

 if(!$con)

 {

  die("Error:".mysql_error());

  }

 $db=mysql_select_db('db1',$con)

 or die("error:".mysql_error());

$sql="insert into emp(emp_id,ename,salary) values('$eid','$enm','$sal')";

if(!mysql_query($sql,$con))

{

 die('Error:'.mysql_error());

 }

 else

 {

  echo "Record Saved";

  }

  mysql_close($con);

}

?>

</body>

</html>

otherwise my noobie eyes don't see an issue.

**dcr33** · 01-02-2012, 05:18 PM

Well@bacondelta,I tried your program & your code generates another fatal error!!

Fatal error: Cannot break/continue 1 level in D:\wamp\www\..\add.php on line 16

**traq** · 01-02-2012, 06:10 PM

Originally Posted by dcr33

When I run this program I am getting this error-
Fatal error: Function name must be a string in D:\wamp\www\...\add.php on line 11

PHP Code:


$eid=$_POST("eid");
$enm=$_POST('enm');
$sal=$_POST('sal');

You're using parenthesis () instead of square brackets [] for your array indices, so PHP thinks you're trying to use a function. Should be:

PHP Code:


$eid = $_POST['eid'];
$enm = $_POST['enm'];
$sal = $_POST['sal'];

Beyond that, you should never use user input directly in a SQL statement. Best case: errors. Worst case: completely hacked.

Always validate/ sanitize your data before querying your DB:

PHP Code:


$eid = mysql_real_escape_string( $_POST['eid'] );
$enm = mysql_real_escape_string( $_POST['enm'] );
$sal = mysql_real_escape_string( $_POST['sal'] );

.............................

btw, baconDelta, this:

PHP Code:


if(!$_POST) 
{ 
    break; 
} 
else{

makes no sense -since $_POST is a superglobal, it is always set (it's an array), and you'll always get the else{} and not the if{} (unless you do something like $_POST = FALSE beforehand)- use something like

PHP Code:


if(!empty( $_POST )){
/* code goes here */
}

instead.

**baconDelta** · 01-02-2012, 06:10 PM

oh wait, you're using parenthesis where you should be using brackets.

PHP Code:


$eid=$_POST("eid");
$enm=$_POST('enm');
$sal=$_POST('sal');

should be:

PHP Code:


$eid=$_POST["eid"];
$enm=$_POST["enm"];
$sal=$_POST["sal"];

**baconDelta** · 01-02-2012, 06:14 PM

lawls just saw the bracket issue.

yeah that if statement makes more sense ha. derpaherp! oh yeah and real escape. i'll get better i promise lol

edit: the !$_POST works in my code but yours is smarter lol so i'mma switch it :B

**traq** · 01-02-2012, 06:25 PM

Originally Posted by baconDelta

edit: the !$_POST works in my code but yours is smarter lol so i'mma switch it

well, it may appear to be working (i.e., does what you expect), but what's happening is probably not exactly what you think. this was my test case:

PHP Code:


if(!$_POST){ print 0; }else{ print 1; }
// this will always print "1"

if(!$_POST){ break; }else{ print 1; }
// likewise, always prints "1" - probably what you wanted.  
// however, this doesn't mean that $_POST['eid'] (et.al.) are set.

if(empty( $_POST ){ break; }else{ print 1; }
// using empty() makes sure there are actual _values_ in the $_POST array
// (though we _should_ take it a step further 
//   and test for the specific values we're going to use).

// furthermore:

$_POST = FALSE; // unlikely, but might happen
if(!$_POST){ break; }else{ print 1; }
// matches if{} condition
// break triggers an error: 
// "Fatal error: Cannot break/continue 1 level in ..."
// ...because break only works in for, foreach, while, do-while or switch.

// SO, best would be:

if(!empty( $_POST['eid'] ) && !empty( $_POST['enm'] ) && !empty( $_POST['sal'] )){
   /*  code goes here  */
}

**dcr33** · 01-02-2012, 07:54 PM

Ok Thank You Traq.
I tried the code as you suggested -

PHP Code:


<html>
<head>
<title>Emp Add</title>
</head>
<body>

<form action="add.php" method="POST">
Enter emp id: <input type="text" name="eid"><br> 
Enter emp name: <input type="text" name="enm"><br>
Enter salary: <input type="text" name="sal"><br>
<input type="submit" value="Enter"><br>
</form>
<?php
if(!empty( $_POST['eid'] ) && !empty( $_POST['enm'] ) && !empty( $_POST['sal'] )){
$eid = mysql_real_escape_string( $_POST['eid'] );
$enm = mysql_real_escape_string( $_POST['enm'] );
$sal = mysql_real_escape_string( $_POST['sal'] ); 
}
$con=mysql_connect('localhost','root','');
 if(!$con)
 {
  die("Error:".mysql_error());
  }
 $db=mysql_select_db('db1',$con)
 or die("error:".mysql_error());
$sql="insert into emp(emp_id,ename,salary) values('$eid','$enm','$sal')";
if(!mysql_query($sql,$con))
{
 die('Error:'.mysql_error());
 }
 else
 {
  echo "Record Saved";
  }
  mysql_close($con);
?>
</body>
</html>

Now one last hitch,i get this message first time I load the add.php page -
"Record Saved".
Subsequently this message keeps coming up -
Error: Duplicate entry '' for key 'PRIMARY'.

When I check my table 'emp' in 'db1' database ,I find that a blank entry has been added to the table the first time I loaded the 'add.php' page!!
The entry in the table 'emp' is as follows-
emp_id- blank(empty)
ename- blank(empty)
salary- 0

Can you please help further?

**traq** · 01-02-2012, 08:24 PM

that blank entry is probably from earlier tests. delete it, and then try the script again and see if it comes back.

However, note that a PRIMARY KEY must be unique - to avoid the error, you should check if the employee id exists before trying to enter it:

PHP Code:


<?php
if( mysql_num_rows( mysql_query( "SELECT `emp_id` FROM `emp` WHERE `emp_id`=$eid" ) ) !== 0 ){
   /* emp_id already exists, so give an error message */
}else{
   /* emp_id doesn't exist yet; insert the new record */
}

however however, it's much easier to simply make your primary key auto_increment.
can you show your DB structure?

**dcr33** · 01-03-2012, 03:16 AM

Sorry Traq this time u r wrong.
I tried ur code -

PHP Code:


<html>
<head>
<title>Emp Add</title>
</head>
<body>

<form action="add.php" method="POST">
Enter emp id: <input type="text" name="eid"><br> 
Enter emp name: <input type="text" name="enm"><br>
Enter salary: <input type="text" name="sal"><br>
<input type="submit" value="Enter"><br>
</form>
<?php
if(!empty( $_POST['eid'] ) && !empty( $_POST['enm'] ) && !empty( $_POST['sal'] )){
$eid = mysql_real_escape_string( $_POST['eid'] );
$enm = mysql_real_escape_string( $_POST['enm'] );
$sal = mysql_real_escape_string( $_POST['sal'] ); 

$con=mysql_connect('localhost','root','');
 if(!$con)
 {
  die("Error:".mysql_error());
  }
 $db=mysql_select_db('db1',$con)
 or die("error:".mysql_error());
  if( mysql_num_rows( mysql_query("SELECT 'emp_id' FROM 'emp' WHERE 'emp_id'=$eid" ) ) !== 0 )
  {
    echo "Employee id already exists";
  }
  else 
   {
    $sql="insert into emp(emp_id,ename,salary) values('$eid','$enm','$sal')";
   }
if(!mysql_query($sql,$con))
{
 die('Error:'.mysql_error());
 }
 else
 {
  echo "Record Saved";
  }
    mysql_close($con);
    }
?>
</body>
</html>

I get error when I try to submit data -
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in D:\wamp\www\..\add.php on line 26

p.s.: And you want to see my DB structure or emp table structure? But tell me how can I show here? still I try to show table structure this way (if u know any better way pls inform me)
dispaly DB structure
# Column Type Collation Attributes Null Default Extra Action
1 emp_id varchar(5) latin1_swedish_ci No None Change
2 ename varchar(30) latin1_swedish_ci Yes NULL Change
3 salary int(20) Yes NULL Change