John R. Sims, Jr. wrote: > <?php [snip * - not even gunna bother] > </HTML>
Okay, quick/proper fixes 1 - 4:
1) you never open a <FORM> element, you only close it - you'll be wanting one, probably with a method="POST".
2) you should quote your array indices... just because php will evaluate them as themselves doesn't mean it's a good thing to rely on.
wrong: ($_POST[master_id] == "")) {
right: ($_POST['master_id'] == "")) {
3) you should similarly quote and curly group for the mysql queries.
wrong:
$add_master = "insert into client values ($_POST[fname]', '$_POST[lname]')";
right:
$add_master = "insert into client values ('{$_POST['fname']}',
'{$_POST['lname']}')";4) also, all of your queries are doing inserts - they're not specifying the fields they are to insert into, and I'm sure many of them should in fact be UPDATE statements. You'll want to fix that before your data gets *too* sparse.
....
Once that's all fixed, go to step 5.
....
5) rewrite all the database accesses to prevent people from doing sql injection attacks and ruining everything.
cheers,
--
- Martin Norland, Sys Admin / Database / Web Developer, International Outreach x3257
The opinion(s) contained within this email do not necessarily represent those of St. Jude Children's Research Hospital.
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
