Programming Forums

Programming Forums (http://www.programmingforums.org/forumindex.php)
-   PHP (http://www.programmingforums.org/forum29.html)
-   -   Problem Inserting Values into mySQL from PHP (http://www.programmingforums.org/showthread.php?t=2895)

stakeknife Mar 23rd, 2005 6:26 AM
Problem Inserting Values into mySQL from PHP
 
I used this code to take values from the user

function step1()
{
if (!isset($_POST['username'])) $_POST['username'] = '';
if (!isset($_POST['password'])) $_POST['password'] = '';
if (!isset($_POST['email'])) $_POST['email'] = '';

echo '<table border="0" cellspacing="4" cellpadding="0">';
echo '<tr><td><p><font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif"><Strong>Step 1: Create an administrator account</strong></font></p></td></tr>';
echo '<tr><td><font color="#FF0000" size="1" face="Verdana, Arial, Helvetica, sans-serif"><p>* required fields.</font></p></td></tr>';
echo '<form action="install.php" method="post">';
echo '<table border="0" cellspacing="4" cellpadding="0">';
echo '<tr><td><font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif">* Administrator Username: </font></td><td><input type="text" name="username" value="'.htmlspecialchars($_POST['username']).'"></td></tr>';
echo '<tr><td><font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif">* Administrator Password:</font> </td><td><input type="password" name="password" value="'.htmlspecialchars($_POST['password']).'"></td></tr>';
echo '<tr><td><font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif">* Administrator Email:</font> </td><td><input type="text" name="email" value="'.htmlspecialchars($_POST['email']).'"></td></tr>';
echo '<tr><td colspan="2"><input type="submit" value="submit" name="submit1"></td></tr>';
echo '<input type="hidden" name="step" value="2">';
echo '</table>';
echo '</form>';
echo '</table>';
}

and further down after two or three more steps which help the user create a connection to mySQL i call this code after the database has been setup

$adminsetup = "1, '".$_POST['username']."','".$_POST['password']."','".$_POST['email']."',14032005,1,1";
mysql_query ("INSERT INTO core_users VALUES ($adminsetup)");

in theory this should pop in the admin account into the user table...

but mySQL only records the following information

1 | | | | 14032005 | 1 | 1 |

In other words it doesnt take the username, password and email and insert them into the database....

any ideas?

Pizentios Mar 23rd, 2005 8:45 AM
your trying to fill the values right from user input? why have a value tag inside the html form elements? Also, with posts you don't need to use htmlspecialchars(), only for gets. At least that's what i have found in my experience. Also, IMHO your sql statment is wrong. It should be like:

[PHP] mysql_query ("INSERT INTO core_users (username, password, email) VALUES (" . $adminsetup . ")");[/PHP]

Well it should be like that if you want to meet the sql standards. You need to tell mysql what columns to put the data in. I am not sure if mysql needs this or not, but it's always a good idea to put it in.


All times are GMT -5. The time now is 6:02 PM.

Powered by vBulletin® Version 3.7.0, Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Copyright ©2007 DaniWeb® LLC