php-general Digest 3 Jun 2007 17:41:38 -0000 Issue 4827

Sun, 03 Jun 2007 10:43:51 -0700 

php-general Digest 3 Jun 2007 17:41:38 -0000 Issue 4827

Topics (messages 256021 through 256026):

Re: Cant set info in DB...HELP
        256021 by: K. Hayes
        256022 by: Stut
        256024 by: Tijnema
        256025 by: K. Hayes

Re: I cannot figure out why this is not working?
        256023 by: Jim Lucas
        256026 by: Jonesy

Administrivia:

To subscribe to the digest, e-mail:
        [EMAIL PROTECTED]

To unsubscribe from the digest, e-mail:
        [EMAIL PROTECTED]

To post to the list, e-mail:
        [EMAIL PROTECTED]


----------------------------------------------------------------------
--- Begin Message --- What "lists" are you referring to? Also this is how the examples show I've seen.
I know this is basic general stuff but I try many times before posting, and I have followed all directions given. 

So this is what I did, and nothing is set DB still :-(

===========================NEW CODE=========================================
$regName = trim(strip_tags($_POST['conName'])); $regAddress = trim(strip_tags($_POST['conAddress'])); $regCity = trim(strip_tags($_POST['conCity'])); $regState = trim(strip_tags($_POST['conState'])); $regZip = trim(strip_tags($_POST['conZip'])); $regPhone = trim(strip_tags($_POST['conPhone']));
$sclName = trim(strip_tags($_POST['schName'])); $sclAddress = trim(strip_tags($_POST['schAddress'])); $sclCity = trim(strip_tags($_POST['schCity'])); $sclState = trim(strip_tags($_POST['schState'])); 
  $sclZip = trim(strip_tags($_POST['schZip']));
$stoName = trim(strip_tags($_POST['strName'])); $stoCity = trim(strip_tags($_POST['strCity'])); 
  $stoState = trim(strip_tags($_POST['strState']));
//==============================Begin dbPopulation of Form info=============================================== 

$dbserver = "localhost";  // This will be where server name goes
$dbuser = "root";  // This will be where username goes
$dbpassword = ""; // This will be where password goes
$dbname = "theDB";  // This will be where database name goes
$connection = mysqli_connect($dbserver, $dbuser, $dbpassword, $dbname) or die (mysqli_error($connection)); 

$regName = mysqli_real_escape_string($connection, $regName);
$regAddress = mysqli_real_escape_string($connection, $regAddress);
$regCity = mysqli_real_escape_string($connection, $regCity);
$regState = mysqli_real_escape_string($connection, $regState);
$regZip = mysqli_real_escape_string($connection, $regZip);
$regPhone = mysqli_real_escape_string($connection, $regPhone);
$sclName = mysqli_real_escape_string($connection, $sclName);
$sclAddress = mysqli_real_escape_string($connection, $sclAddress);
$sclCity = mysqli_real_escape_string($connection, $sclCity);
$sclState = mysqli_real_escape_string($connection, $sclState);
$sclZip = mysqli_real_escape_string($connection, $sclZip);
$stoName = mysqli_real_escape_string($connection, $stoName);
$stoCity = mysqli_real_escape_string($connection, $stoCity);
$stoState = mysqli_real_escape_string($connection, $stoState);
$sql_query = "INSERT INTO contestants (conName, conAddress, conCity, conState, conZip, conPhone, schName, schAddress, schCity, schState, schZip, strName, strCity, strState) VALUES('$regName', '$regAddress', '$regCity', '$regState', '$regZip', '$regPhone', '$sclName', '$sclAddress', '$sclCity', '$sclState', '$sclZip', '$stoName', '$stoCity', '$stoState')"; 

mysqli_query($connection,$sql_query); ?>
===========================END NEW CODE=====================================
----- Original Message ----- From: "Stut" <[EMAIL PROTECTED]> 
To: "K.Hayes" <[EMAIL PROTECTED]>
Cc: "php-general" <[EMAIL PROTECTED]>
Sent: Saturday, June 02, 2007 9:52 PM
Subject: Re: [PHP] Cant set info in DB...HELP



Please include the list on all replies.

K.Hayes wrote:

I don't know if I'm escaping the 'vars correctly'.  If I'm wrong can you
give me an example?

<snip>

$sql_query = "INSERT INTO contestants (conName, conAddress, conCity,
conState, conZip, conPhone, schName, schAddress, schCity, schState, schZip, 
strName, strCity, strState) VALUES('$regName', '$regAddress', '$regCity',
'$regState', '$regZip', '$regPhone', '$sclName', '$sclName', '$sclCity',
'sclState', '$sclZip', '$stoName', '$stoCity', '$stoState')"; $insert_query = mysqli_real_escape_string($connection, $sql_query); 

mysqli_query($connection,$insert_query); ?>
No, this is not the right way. I suggest you read the manual page on mysqli_real_escape_string (http://php.net/mysqli_real_escape_string). You need to run it on every variable you are using *in* the SQL query, not on the SQL query itself.
Google for a php mysqli tutorial - all this stuff is very basic and should be covered by most tutorials you'll find.
-Stut

--- End Message ---
--- Begin Message --- 
K. Hayes wrote:
What "lists" are you referring to? Also this is how the examples show I've seen.
I mean hit "Reply to all" in your mail client. That way you include the email address of the PHP General mailing list so everyone, including the archives, can see your reply.
I know this is basic general stuff but I try many times before posting, and I have followed all directions given. 

Change the following line...


mysqli_query($connection,$sql_query); ?>


to...

mysqli_query($connection,$sql_query)
    or die("Query failed: ".mysqli_error($connection);
If you still get no output, check error_reporting and display_errors in your php.ini file to make sure you are seeing at least errors and warnings. 

-Stut
===========================END NEW CODE===================================== 


----- Original Message ----- From: "Stut" <[EMAIL PROTECTED]>
To: "K.Hayes" <[EMAIL PROTECTED]>
Cc: "php-general" <[EMAIL PROTECTED]>
Sent: Saturday, June 02, 2007 9:52 PM
Subject: Re: [PHP] Cant set info in DB...HELP



Please include the list on all replies.

K.Hayes wrote:

I don't know if I'm escaping the 'vars correctly'.  If I'm wrong can you
give me an example?

<snip>

$sql_query = "INSERT INTO contestants (conName, conAddress, conCity,
conState, conZip, conPhone, schName, schAddress, schCity, schState, schZip, strName, strCity, strState) VALUES('$regName', '$regAddress', '$regCity', 
'$regState', '$regZip', '$regPhone', '$sclName', '$sclName', '$sclCity',
'sclState', '$sclZip', '$stoName', '$stoCity', '$stoState')"; $insert_query = mysqli_real_escape_string($connection, $sql_query); 

mysqli_query($connection,$insert_query); ?>
No, this is not the right way. I suggest you read the manual page on mysqli_real_escape_string (http://php.net/mysqli_real_escape_string). You need to run it on every variable you are using *in* the SQL query, not on the SQL query itself.
Google for a php mysqli tutorial - all this stuff is very basic and should be covered by most tutorials you'll find.
-Stut

--- End Message ---
--- Begin Message --- 
On 6/3/07, Stut <[EMAIL PROTECTED]> wrote:

K. Hayes wrote:
> What "lists" are you referring to?  Also this is how the examples show
> I've seen.

I mean hit "Reply to all" in your mail client. That way you include the
email address of the PHP General mailing list so everyone, including the
archives, can see your reply.

> I know this is basic general stuff but I try many times before posting,
> and I have followed all directions given.

Change the following line...

> mysqli_query($connection,$sql_query); ?>

to...

mysqli_query($connection,$sql_query)
    or die("Query failed: ".mysqli_error($connection);


you're missing a ) here, it should be:
mysqli_query($connection,$sql_query)
or die("Query failed: ".mysqli_error($connection))

Tijnema


If you still get no output, check error_reporting and display_errors in
your php.ini file to make sure you are seeing at least errors and warnings.

-Stut

> ===========================END NEW
> CODE=====================================
>
>
> ----- Original Message ----- From: "Stut" <[EMAIL PROTECTED]>
> To: "K.Hayes" <[EMAIL PROTECTED]>
> Cc: "php-general" <[EMAIL PROTECTED]>
> Sent: Saturday, June 02, 2007 9:52 PM
> Subject: Re: [PHP] Cant set info in DB...HELP
>
>
>> Please include the list on all replies.
>>
>> K.Hayes wrote:
>>> I don't know if I'm escaping the 'vars correctly'.  If I'm wrong can you
>>> give me an example?
>> <snip>
>>> $sql_query = "INSERT INTO contestants (conName, conAddress, conCity,
>>> conState, conZip, conPhone, schName, schAddress, schCity, schState,
>>> schZip,
>>> strName, strCity, strState) VALUES('$regName', '$regAddress',
>>> '$regCity',
>>> '$regState', '$regZip', '$regPhone', '$sclName', '$sclName', '$sclCity',
>>> 'sclState', '$sclZip', '$stoName', '$stoCity', '$stoState')";
>>> $insert_query = mysqli_real_escape_string($connection, $sql_query);
>>>
>>> mysqli_query($connection,$insert_query); ?>
>>
>> No, this is not the right way. I suggest you read the manual page on
>> mysqli_real_escape_string (http://php.net/mysqli_real_escape_string).
>> You need to run it on every variable you are using *in* the SQL query,
>> not on the SQL query itself.
>>
>> Google for a php mysqli tutorial - all this stuff is very basic and
>> should be covered by most tutorials you'll find.
>>
>> -Stut

--- End Message ---
--- Begin Message --- 
Thanks All.

Made the changes and just like Ambien it worked like a Dream.

I found out that I had a typo in my DB and missing ")" I corrected it. All
is well.


"Tijnema" < wrote in message
news:[EMAIL PROTECTED]
> On 6/3/07, Stut <[EMAIL PROTECTED]> wrote:
>> K. Hayes wrote:
>> > What "lists" are you referring to?  Also this is how the examples show
>> > I've seen.
>>
>> I mean hit "Reply to all" in your mail client. That way you include the
>> email address of the PHP General mailing list so everyone, including the
>> archives, can see your reply.
>>
>> > I know this is basic general stuff but I try many times before posting,
>> > and I have followed all directions given.
>>
>> Change the following line...
>>
>> > mysqli_query($connection,$sql_query); ?>
>>
>> to...
>>
>> mysqli_query($connection,$sql_query)
>>     or die("Query failed: ".mysqli_error($connection);
>
> you're missing a ) here, it should be:
> mysqli_query($connection,$sql_query)
> or die("Query failed: ".mysqli_error($connection))
>
> Tijnema
>>
>> If you still get no output, check error_reporting and display_errors in
>> your php.ini file to make sure you are seeing at least errors and
>> warnings.
>>
>> -Stut
>>
>> > ===========================END NEW
>> > CODE=====================================
>> >
>> >
>> > ----- Original Message ----- From: "Stut" <[EMAIL PROTECTED]>
>> > To: "K.Hayes" <[EMAIL PROTECTED]>
>> > Cc: "php-general" <[EMAIL PROTECTED]>
>> > Sent: Saturday, June 02, 2007 9:52 PM
>> > Subject: Re: [PHP] Cant set info in DB...HELP
>> >
>> >
>> >> Please include the list on all replies.
>> >>
>> >> K.Hayes wrote:
>> >>> I don't know if I'm escaping the 'vars correctly'.  If I'm wrong can
>> >>> you
>> >>> give me an example?
>> >> <snip>
>> >>> $sql_query = "INSERT INTO contestants (conName, conAddress, conCity,
>> >>> conState, conZip, conPhone, schName, schAddress, schCity, schState,
>> >>> schZip,
>> >>> strName, strCity, strState) VALUES('$regName', '$regAddress',
>> >>> '$regCity',
>> >>> '$regState', '$regZip', '$regPhone', '$sclName', '$sclName',
>> >>> '$sclCity',
>> >>> 'sclState', '$sclZip', '$stoName', '$stoCity', '$stoState')";
>> >>> $insert_query = mysqli_real_escape_string($connection, $sql_query);
>> >>>
>> >>> mysqli_query($connection,$insert_query); ?>
>> >>
>> >> No, this is not the right way. I suggest you read the manual page on
>> >> mysqli_real_escape_string (http://php.net/mysqli_real_escape_string).
>> >> You need to run it on every variable you are using *in* the SQL query,
>> >> not on the SQL query itself.
>> >>
>> >> Google for a php mysqli tutorial - all this stuff is very basic and
>> >> should be covered by most tutorials you'll find.
>> >>
>> >> -Stut
>
>>

--- End Message ---
--- Begin Message --- 
Brad Sumrall wrote:

<?php

{

What?  why is this here?



$to =
("[EMAIL PROTECTED],[EMAIL PROTECTED]");

why parenthesis around string definition?



$subject = "online guestbook register";

$email = $_POST['email'] . "\n";

$headers = "Reply-To: " . $_POST['email'] . "\n";

$body = "Visitor Infomation: " . "\n" .
"Name: " . $_POST['name2'] . "\n" . 
"Email: " . $_POST['email2'] . "\n";

}

else

{

mail($to,$subject,$body,$headers);
This is so confusing... You are calling the mail() function before you are setting everything...
Is this really your code, or did you copy bits and pieces of you code to make this example? 



$to = ("$email2");

$subject = ("Thank you");

$email = $_POST['email'] . "\n";

$headers = "Reply-To: " . $_POST['email'] . "\n";

$body = "Thank you for signing our Guest Book and visiting our website. Feel
free to search our extensive property database, as this is the most current
up to date information in the Real Estate Market today. You will see the
latest listings the same time the Realtors do. Check out
http://www.Floridaonlineinvestments.com"; . "\n" .

Shouldn't there be a semi-colon here?  instead of a period?
Why are you closing your string and then concatenating another with just a newline? 



mail($to,$subject,$body,$headers);

}

?>

--- End Message ---
--- Begin Message --- 
On Sat, 2 Jun 2007 18:34:36 -0400, Brad Sumrall queried:

  "I cannot figure out why this is not working?"

Just as soon as the Crack gmane.comp.php.general Mind Reading Team
revealss your meaning of "not working", someone will get back to you.

--- End Message ---

Reply via email to