Re: [PHP-DB] INSERT problem--Need help urgently
On Tuesday 30 March 2004 20:13, [EMAIL PROTECTED] wrote: > okay I have echoed $sql and before I did enter anything into the form, the > form is already inserting null values into the database. Maybe that is the > reason for the duplicate row of null values. Yes, that would be the reason. > Do you know how can I prevent this from happening??Hope to hear from you > soon. You're not performing any checks on the input you're getting from your form. The most simple check for whether the form was submitted is to use: if (!empty($_POST)) { // form was submitted } or if (!empty($_GET)) { // form was submitted } In addition you should always perform sanity checks on values of the individual form elements. Search the archives/web for 'sql injection' for more info. -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-db -- /* Place me on a BUFFER counter while you BELITTLE several BELLHOPS in the Trianon Room!! Let me one of your SUBSIDIARIES! */ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] INSERT problem--Need help urgently
Hi Jason: okay I have echoed $sql and before I did enter anything into the form, the form is already inserting null values into the database. Maybe that is the reason for the duplicate row of null values. Do you know how can I prevent this from happening??Hope to hear from you soon. Regards, Irin. --- On Tuesday 30 March 2004 19:46, [EMAIL PROTECTED] wrote: > sorie it was my typo error. actually in my code there is already {} with my > first if statement and there is also a space after VALUES... Whenever you post code, use copy and paste, or be extremely meticulous that you do not introduce typos. This will ensure that people can focus on your real problem and not on your erroneously introduced typos. > I still need some help here with my code...how can I prevent it from > inserting a duplicate row of null values>??? echo() your $sql statement just before you execute it. Are you doing any redirections or refreshing the page? -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-db -- /* I've read SEVEN MILLION books!! */ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] INSERT problem--Need help urgently
On Tuesday 30 March 2004 19:46, [EMAIL PROTECTED] wrote: > sorie it was my typo error. actually in my code there is already {} with my > first if statement and there is also a space after VALUES... Whenever you post code, use copy and paste, or be extremely meticulous that you do not introduce typos. This will ensure that people can focus on your real problem and not on your erroneously introduced typos. > I still need some help here with my code...how can I prevent it from > inserting a duplicate row of null values>??? echo() your $sql statement just before you execute it. Are you doing any redirections or refreshing the page? -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * -- Search the list archives before you post http://marc.theaimsgroup.com/?l=php-db -- /* I've read SEVEN MILLION books!! */ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] INSERT problem--Need help urgently
sorie it was my typo error. actually in my code there is already {} with my first if statement and there is also a space after VALUES... I still need some help here with my code...how can I prevent it from inserting a duplicate row of null values>??? Anyone can help ? Thanks in advance. Regards, Irin --- Hi, I'm not very good at reading other people code, but : there is no { } with your first if statement there is no space after VALUES Sorry I don't have time to test what I'm writing. hope it helps Chris >Hi all: > >I was having some problem with INSERT query here and do hope to get some help >real soon. > >I have a form whereby once the form is submitted, the values entered shall be >inserted into the database. Next I have also written a SELECT query >to view the >records which have just been inserted into the database. > >Data was able to insert into the database and I was also able to >retrieve these >data from database. However, my problem is, whenever a form was being >submitted, it actually INSERT another row of null values into the >database. And >so, when I clicked to view my data, i can see the previously >inserted values as >well as an empty row of records. > >Why is this so? How can I prevent the row of null value to be inserted? > >I have included a snip of my code below and hope to get some help real soon. >All help are greatly appreciated. Thanks in advance. > > > >$dsn = "mysql://root:[EMAIL PROTECTED]/databaseName"; > >$db = DB::connect ($dsn); >if (DB::isError ($db)) >die ($db->getMessage()); > >$tutor_name = $_POST["tutor_name"]; >$tutor_contact = $_POST["tutor_contact"]; >$tutor_email = $_POST["tutor_email"]; >$tutor_profile = $_POST["tutor_profile"]; > >$sql ="INSERT INTO tutor (tutor_name, tutor_contact, tutor_email, >tutor_profile) > >VALUES('$tutor_name','$tutor_contact','$tutor_email','$tutor_profile')"; > > >$result = $db->query($sql); > >if( DB::isError($result) ) { > die ($result->getMessage()); >} > >?> > > > >Is there anything wrong with my SELECT query ?? > >Thanks in advance. > >Regards, >Irin -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php