Re: [PHP-DB] INSERT problem--Need help urgently
On Tuesday 30 March 2004 20:13, [EMAIL PROTECTED] wrote:
> okay I have echoed $sql and before I did enter anything into the form, the
> form is already inserting null values into the database. Maybe that is the
> reason for the duplicate row of null values.
Yes, that would be the reason.
> Do you know how can I prevent this from happening??Hope to hear from you
> soon.
You're not performing any checks on the input you're getting from your form.
The most simple check for whether the form was submitted is to use:
if (!empty($_POST)) { // form was submitted }
or
if (!empty($_GET)) { // form was submitted }
In addition you should always perform sanity checks on values of the
individual form elements. Search the archives/web for 'sql injection' for
more info.
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-db
--
/*
Place me on a BUFFER counter while you BELITTLE several BELLHOPS in the
Trianon Room!! Let me one of your SUBSIDIARIES!
*/
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] INSERT problem--Need help urgently
Hi Jason:
okay I have echoed $sql and before I did enter anything into the form, the form
is already inserting null values into the database. Maybe that is the reason
for the duplicate row of null values.
Do you know how can I prevent this from happening??Hope to hear from you soon.
Regards,
Irin.
---
On Tuesday 30 March 2004 19:46, [EMAIL PROTECTED] wrote:
> sorie it was my typo error. actually in my code there is already {} with my
> first if statement and there is also a space after VALUES...
Whenever you post code, use copy and paste, or be extremely meticulous that
you do not introduce typos. This will ensure that people can focus on your
real problem and not on your erroneously introduced typos.
> I still need some help here with my code...how can I prevent it from
> inserting a duplicate row of null values>???
echo() your $sql statement just before you execute it. Are you doing any
redirections or refreshing the page?
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-db
--
/*
I've read SEVEN MILLION books!!
*/
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] INSERT problem--Need help urgently
On Tuesday 30 March 2004 19:46, [EMAIL PROTECTED] wrote:
> sorie it was my typo error. actually in my code there is already {} with my
> first if statement and there is also a space after VALUES...
Whenever you post code, use copy and paste, or be extremely meticulous that
you do not introduce typos. This will ensure that people can focus on your
real problem and not on your erroneously introduced typos.
> I still need some help here with my code...how can I prevent it from
> inserting a duplicate row of null values>???
echo() your $sql statement just before you execute it. Are you doing any
redirections or refreshing the page?
--
Jason Wong -> Gremlins Associates -> www.gremlins.biz
Open Source Software Systems Integrators
* Web Design & Hosting * Internet & Intranet Applications Development *
--
Search the list archives before you post
http://marc.theaimsgroup.com/?l=php-db
--
/*
I've read SEVEN MILLION books!!
*/
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] INSERT problem--Need help urgently
sorie it was my typo error. actually in my code there is already {} with my
first if statement and there is also a space after VALUES...
I still need some help here with my code...how can I prevent it from inserting
a duplicate row of null values>???
Anyone can help ?
Thanks in advance.
Regards,
Irin
---
Hi,
I'm not very good at reading other people code, but :
there is no { } with your first if statement
there is no space after VALUES
Sorry I don't have time to test what I'm writing.
hope it helps
Chris
>Hi all:
>
>I was having some problem with INSERT query here and do hope to get some help
>real soon.
>
>I have a form whereby once the form is submitted, the values entered shall be
>inserted into the database. Next I have also written a SELECT query
>to view the
>records which have just been inserted into the database.
>
>Data was able to insert into the database and I was also able to
>retrieve these
>data from database. However, my problem is, whenever a form was being
>submitted, it actually INSERT another row of null values into the
>database. And
>so, when I clicked to view my data, i can see the previously
>inserted values as
>well as an empty row of records.
>
>Why is this so? How can I prevent the row of null value to be inserted?
>
>I have included a snip of my code below and hope to get some help real soon.
>All help are greatly appreciated. Thanks in advance.
>
>
>
>$dsn = "mysql://root:[EMAIL PROTECTED]/databaseName";
>
>$db = DB::connect ($dsn);
>if (DB::isError ($db))
>die ($db->getMessage());
>
>$tutor_name = $_POST["tutor_name"];
>$tutor_contact = $_POST["tutor_contact"];
>$tutor_email = $_POST["tutor_email"];
>$tutor_profile = $_POST["tutor_profile"];
>
>$sql ="INSERT INTO tutor (tutor_name, tutor_contact, tutor_email,
>tutor_profile)
>
>VALUES('$tutor_name','$tutor_contact','$tutor_email','$tutor_profile')";
>
>
>$result = $db->query($sql);
>
>if( DB::isError($result) ) {
> die ($result->getMessage());
>}
>
>?>
>
>
>
>Is there anything wrong with my SELECT query ??
>
>Thanks in advance.
>
>Regards,
>Irin
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
