Please help not able to resolve, trying since three days but not able to know what the reason its throwing me such message. (below is my complete code).
<!DOCTYPE html>
<html>
<head>
<title>Insert New Post</title>
</head>
<body>
<form method="post" action="insert_post.php" enctype="multipart/form-data">
<table align="center" border="10" width="600">
<tr>
<td align="center" colspan="5" bgcolor="yellow"><h1>Insert New Post Here</h1></td>
</tr>
<tr>
<td align="right">Post Title:</td>
<td><input type="text" name="title" size="40"></td>
</tr>
<tr>
<td align="right">Post Author:</td>
<td><input type="text" name="author"></td>
</tr>
<tr>
<td align="right">Post image:</td>
<td><input type="file" name="image_name"></td>
</tr>
<tr>
<td align="right">Post Content:</td>
<td><textarea name="content" cols="50" rows="20"></textarea></td>
</tr>
<tr>
<td align="center" colspan="5"><input type="submit" name="submit" value="Publish Now"></td>
</tr>
</table>
</form>
</body>
</html>
Above Form is to insert and submit data in Database
// PHP
<?php
include("includes/connect.php");
if (isset($_POST['submit'])) {
$title = $_POST['title'];
$datenow = date('Y/m/d');
$author = $_POST['author'];
$content = $_POST['content'];
$image_name = $_FILES['image_name']['name'];
$image_type = $_FILES['image_name']['type'];
$image_size = $_FILES['image_name']['size'];
$image_tmp = $_FILES['image_name']['tmp_name'];
if ($title =='' || $author =='' || $content =='') {
echo "<script>alert('Any feild is empty')</script>";
exit();
}
if ($image_type =='image/jpeg' || $image_type =='image/png' || $image_type =='image/gif') {
if ($image_size<=5000000000) {
move_uploaded_file($image_tmp, "images/$image_name");
}
else{
echo "<script>alert('Image is larger, only 50kb size is allowed') </script>";
}
}
else{
echo "<script>alert('image type is invalid')</script>";
}
// insert query
$sth = $con->prepare(" INSERT INTO posts (post_title, post_date, post_author, post_image, post_content) VALUE (:title,:datenow,:author,:image_name,:content) ");
$sth->bindParam(':post_title', $title);
$sth->bindParam(':post_date', $datenow);
$sth->bindParam(':post_author', $author);
$sth->bindParam(':post_image', $image_name);
$sth->bindParam(':post_content', $content);
$sth->execute();
echo "<h1>Form Submited Successfully</h1>";
}
?>
// $sth->execute(); is throwing error massage as above
You are binding wrong values.You haven't bind the post_* values. See below:
$sth = $con->prepare(" INSERT INTO posts (post_title, post_date, post_author, post_image, post_content) VALUES (:post_title,:post_date,:post_author,:post_image,:post_content) ");
$sth->bindParam(':post_title', $title);
$sth->bindParam(':post_date', $datenow);
$sth->bindParam(':post_author', $author);
$sth->bindParam(':post_image', $image_name);
$sth->bindParam(':post_content', $content);
Related
when i run the code it give error of object of class mysqli_connect could not be converted to string in line 135. please some one provide me the solution of this problem.
i tried searching for solution but no one worked for me. bellow is the code showing error.
$row = mysqli_connect("$con,$insert_product");
accepted to run but showing error in line 135. what mistake do i have make.full code is here
<?php require_once ("includes/db.php");
?>
<!DOCTYPE html>
<html>
<head>
<title> product</title>
</head>
<body>
<form method="post" action="insert_product.php" enctype="multipart/form-data">
<table width="700" align="center">
<tr>
<td><h2>insert new product</h2></td>
</tr>
<tr>
<td>Product title</td>
<td><input type="text" name="product_title"></td>
</tr>
<tr>
<td>Product category</td>
<td><select name="product_cat">
<option>Select a category</option>
<?php
$get_cats = "select * from category";
$run_cats= mysqli_query($con,$get_cats);
while ($row_cats=mysqli_fetch_array($run_cats))
{
$cat_id = $row_cats['cat_id'];
$cat_title=$row_cats['cat_title'];
echo "<option value='$cat_id'>$cat_title</option>";
}
?>
</select>
</td>
</tr>
<tr>
<td>Product brand</td>
<td><select name="product_brand">
<option>Select brand</option>
<?php
$get_brand = "select * from brand";
$run_brand= mysqli_query($con,$get_cats);
while ($row_brand=mysqli_fetch_array($run_brand))
{
$brand_id = $row_brand['brand_id'];
$brand_title=$row_brand['brand_title'];
echo "<option value='$cat_id'>$cat_title</option>";
}
?>
</select>
</td>
</tr>
<tr>
<td>product image1</td>
<td><input type="file" name="product_img1"></td>
</tr>
<tr>
<td>Product image2</td>
<td><input type="file" name="product_img2"></td>
</tr>
<tr>
<td>Product image3</td>
<td><input type="file" name="product_img3"></td>
</tr>
<
<tr>
<td>Product price</td>
<td><input type="number" name="product_price"></td>
</tr>
<tr>
<td>Product desceptration</td>
<td><input type="text" name="product_desc"></td>
</tr>
<tr>
<td>Product keyword</td>
<td><input type="number" name="product_keyword"></td>
</tr>
<tr>
<td><input type="submit" value="submit" name="submit"></td>
</tr>
</table>
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
$product_title=$_POST['product_title'];
$product_cat=$_POST['product_cat'];
$product_brand=$_POST['product_brand'];
$product_price=$_POST['product_price'];
$product_desc=$_POST['product_desc'];
$status='on';
$product_keyword=$_POST['product_keyword'];
//image name
$product_img1 = $_FILES['product_img1']['name'];
$product_img2 = $_FILES['product_img2']['name'];
$product_img3 = $_FILES['product_img3']['name'];
//image temp names
$temp_name1 = $_FILES['product_img1']['tmp_name'];
$temp_name2 = $_FILES['product_img2']['tmp_name'];
$temp_name3 = $_FILES['product_img3']['tmp_name'];
if($product_title=='' OR $product_cat=='' OR $product_brand=='' OR $product_price=='' OR $product_desc=='' OR $product_keyword=='' OR $product_img1=='' OR $product_img2=='' OR $product_img3=='')
{
echo "<script> alert ('please insert the data in the form')</script>";
exit();
}
else{
//uploadinimage to the folder
move_uploaded_file($temp_name1,"product_images/$product_img1");
move_uploaded_file($temp_name2, "product_images/$product_img2");
move_uploaded_file($temp_name3,"product_images/$product_img3");
}
$insert_product = "insert into products (cat_id,brand_id,date,product_title,product_img1,product_img2,product_img3,product_brand,product_price,product_desc,status) values ('$product_cat','$product_brand',NOW(),'$product_title','$product_img1','$product_img2',$product_img3,'product_brand','product_price','product_desc','product_keyword')";
$row = mysqli_connect("$con,$insert_product");
if($row)
{
echo "<script> alert('insert sucessfully')</script>";
}
else
{
echo "<script> alert(' unsucessfull to insert')</script>";
}
}
?>
I don't think you're meaning to connect again. Rather, it appears you may be trying to perform a query?
Your code:
$insert_product = "insert into products (cat_id,brand_id,date,product_title,product_img1,product_img2,product_img3,product_brand,product_price,product_desc,status) values ('$product_cat','$product_brand',NOW(),'$product_title','$product_img1','$product_img2',$product_img3,'product_brand','product_price','product_desc','product_keyword')";
$row = mysqli_connect("$con,$insert_product");
Not only are you referencing a variable never defined in the script (though it probably is in the file you require at the top), but you're passing a query right to mysqli_connect(). I imagine what you actually meant to do is:
$insert_product = "insert into products (cat_id,brand_id,date,product_title,product_img1,product_img2,product_img3,product_brand,product_price,product_desc,status) values ('$product_cat','$product_brand',NOW(),'$product_title','$product_img1','$product_img2',$product_img3,'product_brand','product_price','product_desc','product_keyword')";
$row = mysqli_query($con, $insert_product);
i am new to php and started developing one dynamic website, i have created few static pages and one news page.
For news page i have created database in phpmyadmin but i am not able to get any data in my database but i am getting images in images folder, please have look in my codes.
to insert post i have created this :
<html>
<head>
<title>Insert New Post</title>
</head>
<body>
<form method="post" action="insert_post.php" enctype="multipart/form-data">
<table allign="center" border="10" width="600">
<tr>
<td align="center" colspan="5" bgcolor="yellow">
<h1>Insert New Post Here</h1></td>
</tr>
<tr>
<td align="right">Post Title:</td>
<td><input type="text" name="title" size="40"></td>
</tr>
<tr>
<td align="right">Post Author:</td>
<td><input type="text" name="author"></td>
</tr>
<tr>
<td align="right">Post image:</td>
<td><input type="file" name="image"></td>
</tr>
<tr>
<td align="right">Post content:</td>
<td><textarea name="content" cols="40" rows="20"></textarea></td>
</tr>
<tr>
<td align="center" colspan="6"><input type="submit" name="submit" value="Publish Now"></td>
</tr>
</table>
</form>
</body>
</html>
<?php
include('includes/connect.php');
if(isset($_POST['submit'])){
$title = $_POST['title'];
$date = DATE('y-m-d');
$author = $_POST['author'];
$content = $_POST['content'];
$image_name = $_FILES['image']['name'];
$image_type = $_FILES['image']['type'];
$image_size = $_FILES['image']['size'];
$image_tmp = $_FILES['image']['tmp_name'];
if($title == '' or $author =='' or $content ==''){
echo "<script>alert('Any filed is empty')</script>";
exit();
}
if($image_type=="image/jpeg" or $image_type=="image/png" or $image_type=="image/gif"){
if($image_size<=50000){
move_uploaded_file($image_tmp,"images/$image_name");
}
else {
echo "<script>alert('image is larger, only 50kb size is allowed')</script>";
}
}
else {
echo "<script>alert('image type is invalid')</script>";
}
$query = "insert into post (post_title,post_date,post_author,post_image,post_content) values ('$title','$date','$author','$image_name','$content')";
if(mysql_query($query)){
echo "<center><h1>Post has been Published</h1></center>";
}
}
?>
Now i have created connect.php files, witch have following codes:
<?php
mysql_connect("localhost","root","");
mysql_select_db("rect");
?>
i am new to php so sorry if i did anything wrong in question and thank you in advance.
Note:
Make sure you have a table named post with this corresponding column names: post_title, post_date, post_author, post_image, post_content
And as suggested by #spencer7593, I'll try to convert your code to mysqli_* as their is a problem with your connection, and also to prevent SQL injections.
If you're gonna insert date into your database, instead of:
$date=DATE("y-m-d"); /* YY-MM-DD */
you should do:
$date=DATE("Y-m-d"); /* YYYY-MM-DD */
First is we fix your connection to your database (connect.php):
<?php
$mysqli = new mysqli("localhost", "root", "", "rect");
/* CHECK CONNECTION */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
?>
Then change your insert query like this simple example:
$stmt = $mysqli->prepare("INSERT INTO post (post_title, post_date, post_author, post_image, post_content) VALUES (?,?,?,?,?)");
$stmt->bind_param('sssss',$title,$date,$author,$image_name,$content); /* BIND VARIABLES TO THE QUERY */
$stmt->execute(); /* EXECUTE QUERY */
?>
I have this code in my form:
<form id="addForm" action="php/add-article.php" method="POST" enctype="multipart/form-data">
<table>
<tr>
<td class="tableLeft">Article Photo:</td>
<td class="tableRight"><input id="formPhoto" class="addTextInput" name="photo" type="file" /></td>
<td id="validatePhoto"></td>
</tr>
<tr>
<td class="tableLeft">Article Photo Alt:</td>
<td class="tableRight"><input id="formAlt" class="addTextInput" name="alt" type="text" /></td>
<td id="validateAlt"></td>
</tr>
<tr>
<td class="tableLeft">Article Title:</td>
<td class="tableRight"><input id="formTitle" class="addTextInput" name="title" type="text" /></td>
<td id="validateTitle"></td>
</tr>
<tr>
<td class="tableLeft">Article Body:</td>
<td class="tableRight"><textarea id="formArticle" class="addTextInput" rows="6" name="article"></textarea></td>
<td id="validateArticle"></td>
</tr>
<tr>
<td class="tableLeft"></td>
<td id="validateSending" class="tableRight"></td>
</tr>
<tr>
<td class="tableLeft"></td>
<td class="tableRight"><input id="formSubmit" class="addSubmitInput" type="submit" value="Add This" /></td>
</tr>
</table>
</form>
And this in a php file (add-article.php):
<?php
$time = time();
$id= time().''.mt_rand(1000, 9999);
$year = date("Y");
$path = "../images/$year/";
$title = ucwords($_POST['title']);
$article = $_POST['article'];
$alt = $_POST['alt'];
$extension = end(explode(".", $_FILES["photo"]["name"]));
$added = date("Y-m-d H:i:s");
$views = "0";
?>
<?php
$insert_post_sql = "INSERT INTO articles (id, photo, alt, title, article, added, views) VALUES('$id', '.$extension', '$alt', '$title', '$article', '$added', '$views')";
$insert_post_res = mysqli_query($con, $insert_post_sql);
if(mysqli_affected_rows($con)>0){
move_uploaded_file($_FILES["photo"]["tmp_name"],"$path" . $id . "." . $extension);
header("Location: ../article.php?id=$id");
exit();
}
else{
echo "0";
};
?>
When I run this on my localhost, everything works compltely fine yet when I do it on my live site it echo's 0 and says that photo, alt, title and article are uindefined.
Does anyone know what the reason for this might be?
The main reason should be the move_uploaded_file permission to write in the specified path on the production server.
The problem is from your sql statement... it couldnt find the photo, alt etc... on the table header that is why it returned 0 records, hence, echoing 0 as your program demands....
I edited the last <tr> of your form
<tr>
<td class="tableLeft"></td>
<td class="tableRight"><button id="formSubmit" class="addSubmitInput" type="submit" name="submit">Add This </button></td>
</tr>
Now try below PHP code:
<?php
$time = time();
$id = time() . '' . mt_rand(1000, 9999);
$year = date("Y");
$path = "../images/$year/";
if (isset($_POST['submit'])) {
$title = ucwords($_POST['title']);
$article = $_POST['article'];
$alt = $_POST['alt'];
$extension = end(explode(".", $_FILES["photo"]["name"]));
$added = date("Y-m-d H:i:s");
$views = "0";
$insert_post_sql = "INSERT INTO articles (id, photo, alt, title, article, added, views) VALUES('$id', '.$extension', '$alt', '$title', '$article', '$added', '$views')";
$insert_post_res = mysqli_query($con, $insert_post_sql);
if (mysqli_affected_rows($con) > 0) {
move_uploaded_file($_FILES["photo"]["tmp_name"], "$path" . $id . "." . $extension);
header("Location: ../article.php?id=$id");
exit();
} else {
echo "0";
};
}
?>
Let me know if its working for you now. Regards.
i am a beginner and am trying to make a form validation with PHP. i want to check if one of the inputs is empty, the form says that the empty input is required.
I show the php script behind.
<?php
$titleErr = $authorErr = $keywordsErr = $contentErr = "";
$title = $author = $keywords = $content = "";
if (empty($_POST["submit"])) {
if(empty($_POST["title"])){
$titleErr = "title is required";
}
if(empty($_POST["author"])){
$authorErr = "author name is required";
}
if(empty($_POST["keywords"])){
$keywordsErr = "keywords are required";
}
if(empty($_POST["content"])){
$contentErr = "This field is required";
}
}
?>
<form method="post" action="insert_post.php">
<table width="600" align="center" border="10">
<tr>
<td align="center" bgcolor="yellow" colspan="6"><h1>Insert New Post Here</h1></td>
</tr>
<tr>
<td align="right">Post Title:</td>
<td><input type="text" name="title" size="38">
<span style="color:red;"><?php echo $titleErr; ?></span>
</td>
</tr>
<tr>
<td align="right">Post Author:</td>
<td><input type="text" name="author" size="38">
<span style="color:red;"><?php echo $authorErr; ?></span>
</td>
</tr>
<tr>
<td align="right">Post Keywords:</td>
<td><input type="text" name="keywords" size="38">
<span style="color:red;"><?php echo $keywordsErr; ?></span>
</td>
</tr>
<tr>
<td align="right">Post Image:</td>
<td><input type="file" name="image"></td>
</tr>
<tr>
<td align="right">Post Content</td>
<td><textarea name="content" cols="30" rows="15"></textarea>
<span style="color:red;"><?php echo $contentErr; ?></span>
</td>
</tr>
<tr>
<td align="center" colspan="6"><input type="submit" name="submit" value="Publish Now"></td>
</tr>
</table>
</form>
</body>
</html>
<?php
include("includes/connect.php");
if(isset($_POST['submit'])){
$title = $_POST['title'];
$date = date('d-m-Y');
$author = $_POST['author'];
$keywords = $_POST['keywords'];
$content = $_POST['content'];
$image = $_FILES['image'] ['name'];
$image_tmp = $_FILES['image'] ['tmp_name'];
move_uploaded_file($image_tmp, "../images/$image");
$query = "INSERT INTO posts (post_title, post_date, post_author, post_keywords, post_image, post_content) VALUES('$title', '$date', '$author', '$keywords', '$image', '$content')";
$result = mysqli_query($conn, $query);
if($query){
echo"<center><h1>Post Published Succesfully!</h1></center>";
}
}
?>
The problem is i want to stop the scrit if the inputs are empty but i can't use functions like: exit() and break;.
and if i submit, the form sends empty values to the database :C.
how can i solve this problem?
We make use of session variables which temporarily stores data locally. To use sessions we must always start sessions by session_start() at the start of every page to be able to access the variables. Now we can store data and pass it to whatever page we want to without having to send it - we just store it and then grab it.
index.php
<?php
session_start();
$titleErr = $authorErr = $keywordsErr = $contentErr = "";
$title = $author = $keywords = $content = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if(empty($_POST["title"])){
$titleErr = "title is required";
}
if(empty($_POST["author"])){
$authorErr = "author name is required";
}
if(empty($_POST["keywords"])){
$keywordsErr = "keywords are required";
}
if(empty($_POST["content"])){
$contentErr = "This field is required";
}
if(!empty($_POST["title"]) && !empty($_POST["author"]) && !empty($_POST["keywords"]) && !empty($_POST["content"])){
$_SESSION["title"] = $_POST["title"];
$_SESSION["author"] = $_POST["author"];
$_SESSION["keywords"] = $_POST["keywords"];
$_SESSION["content"] = $_POST["content"];
$_SESSION["image"] = $_FILES["image"];
header("location: insert_post.php");
exit();
}
}
?>
<form method="POST" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<table width="600" align="center" border="10">
<tr>
<td align="center" bgcolor="yellow" colspan="6"><h1>Insert New Post Here</h1></td>
</tr>
<tr>
<td align="right">Post Title:</td>
<td><input type="text" name="title" size="38" value="<?php if(isset($_POST['title'])){ echo $_POST['title']; }; ?>">
<span style="color:red;"><?php echo $titleErr; ?></span>
</td>
</tr>
<tr>
<td align="right">Post Author:</td>
<td><input type="text" name="author" size="38" value="<?php if(isset($_POST['author'])){echo $_POST['author']; }; ?>">
<span style="color:red;"><?php echo $authorErr; ?></span>
</td>
</tr>
<tr>
<td align="right">Post Keywords:</td>
<td><input type="text" name="keywords" size="38" value="<?php if(isset($_POST['keywords'])){echo $_POST['keywords']; }; ?>">
<span style="color:red;"><?php echo $keywordsErr; ?></span>
</td>
</tr>
<tr>
<td align="right">Post Image:</td>
<td><input type="file" name="image"></td>
</tr>
<tr>
<td align="right">Post Content</td>
<td><textarea name="content" cols="30" rows="15" value="<?php if(isset($_POST['content'])){echo $_POST['content']; }; ?>"></textarea>
<span style="color:red;"><?php echo $contentErr; ?></span>
</td>
</tr>
<tr>
<td align="center" colspan="6"><input type="submit" name="submit" value="Publish Now"></td>
</tr>
</table>
</form>
</body>
</html>
insert_post.php
<?php
session_start();
include("includes/connect.php");
$title = $_SESSION['title'];
$author = $_SESSION['author'];
$keywords = $_SESSION['keywords'];
$content = $_SESSION['content'];
$date = date('d-m-Y');
$image = $_SESSION['image']['name'];
$image_tmp = $_SESSION['image']['tmp_name'];
move_uploaded_file($image_tmp, "../images/$image");
$query = "INSERT INTO posts (post_title, post_date, post_author, post_keywords, post_image, post_content) VALUES('$title', '$date', '$author', '$keywords', '$image', '$content')";
$result = mysqli_query($conn, $query);
if($query){
echo"<center><h1>Post Published Succesfully!</h1></center>";
}
else{
echo "<center><h1>Error! Post was not published!</h1></center>";
}
echo $title . " " . $author . " " . $keywords . " " . $content;
?>
Btw, you should be using prepared statements for your database inserts to prevent SQL-injections. Read more about it here.
You don't hAve to Break the Script using the Exit Funktion. Just prove if the error variables aren't empty and only in the Case when they aren't empty send a dB-request.
Chenge these lines:
include("includes/connect.php");
if(isset($_POST['submit'])){
to
include("includes/connect.php");
if( isset($_POST['submit']) //Fix here, it will only insert if all error message
&& empty($titleErr) //are empty.
&& empty($authorErr)
&& empty($keywordsErr)
&& empty($contentErr) ){
Edit
And also change this line
if (empty($_POST["submit"])) {
To
if (isset($_POST["submit"])) {
On the init of your script. The empty function will return true if you did not submit the page, that's why you are hving the error messages.
G'Day
I have a php page that I want to edit an entry but for the life of me I can not figure out why it is coming up with this erro.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '= po_postcode = '4060', email ='-', phone = '732997688', fax = '' WHERE id='1'' at line 1
HELP I am desperate and going insane. (Similar Code works on another page but not this one)....
Can someone PLEASE HELP.
{
<?php
/*
EDIT.PHP
Allows user to edit specific entry in database
*/
// creates the edit record form
// since this form is used multiple times in this file, I have made it a function that is easily reusable
function renderForm($id, $name, $po_street, $po_suburb, $po_state, $po_postcode, $email, $phone, $fax, $error)
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Edit Record</title>
</head>
<body>
<?php
// if there are any errors, display them
if ($error != '')
{
echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Edit Record</title>
</head>
<body>
<table width="347" border="0" align="center">
<tr valign="baseline">
<td align="right" nowrap="nowrap"><p align="center"><img src="hartwell_banner.JPG" width="624" height="134" /></p>
</tr>
</table>
<table align="center">
<tr valign="baseline">
<td width="290" align="right" nowrap="nowrap"><div align="left"><h2 align="left"><p align="left">Enter a New Contact</p></h2></div></td>
<td width="290" align="center" nowrap="nowrap"><div align="left"><h2 align="center"><p align="center">Return to Index</p>
</h2>
</div></td>
</tr>
</table>
<form action="" method="post">
<input type="hidden" name="id" value="<?php echo $id; ?>"/>
<table align="center">
<tr valign="baseline">
<td width="98" align="right" nowrap="nowrap"><div align="left">ID:</div></td>
<td width="329"><input type="text" name="id" value="<?php echo $id; ?>" size="40" readonly = "readonly" /> * </td>
</tr>
<tr valign="baseline">
<td width="98" align="right" nowrap="nowrap"><div align="left">Name:</div></td>
<td width="329"><input type="text" name="name" value="<?php echo $name; ?>" size="40" /> * </td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><div align="left">Postal Street </div></td>
<td><input type="text" name="po_street" value="<?php echo $po_street; ?>" size="40" /> * </td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><div align="left">Postal Suburb</div></td>
<td><Input type ="text" name="po_suburb" value="<?php echo $po_suburb; ?> " size="30" maxlength="50" >*</td>
<tr valign="baseline">
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><div align="left">State</div></td>
<td><Input type ="text" name="po_state" value="<?php echo $po_state; ?>" size="5" maxlength="3" /> * </td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><div align="left">Postal Postcode</div></td>
<td><Input type ="text" name="po_postcode" value="<?php echo $po_postcode; ?>" size="5" maxlength="4"/> * </td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><div align="left">Email:</div></td>
<td><input type="text" name="email" value="<?php echo $email; ?>" size="40" /> * </td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><div align="left">Phone:</div></td>
<td><input name="phone" type="text" value="<?php echo $phone; ?>" size="12" maxlength="10" /> * </td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"><div align="left">Fax:</div></td>
<td><input name="fax" type="text" value="<?php echo $fax; ?>" size="12" maxlength="10" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"> </td>
<td> <input type="submit" name="submit" value="Submit"> * Denotes Required Field<?php
// if there are any errors, display them
if ($error != '')
{
echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
}
?> </td>
</tr>
<tr valign="baseline">
<td colspan="2" align="right" nowrap="nowrap"><div align="center"><img src="hartwell_costs.JPG" alt="" width="340" height="147" /></div></td>
</tr>
</table>
</form>
</body>
</html>
<?php
}
// check if the form has been submitted. If it has, process the form and save it to the database
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (isset($_POST['id']))
{
// get form data, making sure it is valid
$id = mysql_real_escape_string(htmlspecialchars($_POST['id']));
$name = mysql_real_escape_string(htmlspecialchars($_POST['name']));
$po_street = mysql_real_escape_string(htmlspecialchars($_POST['po_street']));
$po_suburb = mysql_real_escape_string(htmlspecialchars($_POST['po_suburb']));
$po_state = mysql_real_escape_string(htmlspecialchars($_POST['po_state']));
$po_postcode = mysql_real_escape_string(htmlspecialchars($_POST['po_postcode']));
$email = mysql_real_escape_string(htmlspecialchars($_POST['email']));
$phone = mysql_real_escape_string(htmlspecialchars($_POST['phone']));
// check that firstname/lastname fields are both filled in
if ($id == '' || $name == '' || $po_street == '' || $po_suburb == ''|| $po_state == '' || $po_postcode == ''|| $email == '' || $phone == '')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';
//error, display form
renderForm($id, $name, $po_street, $po_suburb, $po_state, $po_postcode, $email, $phone, $fax, $error);
}
else
{
// save the data to the database
mysql_select_db($database_hartwell, $hartwell);
mysql_query("UPDATE contact SET id= '$id', name='$name', po_street ='$po_street', po_suburb = '$po_suburb', po_state = '$po_state', = po_postcode = '$po_postcode', email ='$email', phone = '$phone', fax = '$fax' WHERE id='$id'")
or die(mysql_error());
// once saved, redirect back to the view page
header("Location: view.php");
}
}
else
{
//if the 'id' isn't valid, display an error
echo 'ID Not Valid!';
}
}
else
// if the form hasn't been submitted, get the data from the db and display the form
{
// get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
if (isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0)
{
// query db
$id = $_GET['id'];
mysql_select_db($database_hartwell, $hartwell);
$result = mysql_query("SELECT * FROM contact WHERE id=$id")
or die(mysql_error());
$row = mysql_fetch_array($result);
// check that the 'id' matches up with a row in the databse
if($row)
{
// get data from db
$id = $row['id'];
$name = $row['name'];
$po_street = $row['po_street'];
$po_suburb = $row['po_suburb'];
$po_state = $row['po_state'];
$po_postcode = $row['po_postcode'];
$email = $row['email'];
$phone = $row['phone'];
$fax = $row['fax'];
// show form
renderForm($id, $name, $po_street, $po_suburb, $po_state, $po_postcode, $email, $phone, $fax,'');
}
else
// if no match, display result
{
echo "No results!";
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
{
echo 'No ID Value!';
}
}
?>
The error is right there in your query, just like the error message says:
, = po_postcode = '$po_postcode',
^
|
+ this doesn't belong here
remove the equal sign here:
'$po_state', = po_postcode
mysql_query("UPDATE contact SET id= '$id', name='$name', po_street ='$po_street', po_suburb = '$po_suburb', po_state = '$po_state', po_postcode = '$po_postcode', email ='$email', phone = '$phone', fax = '$fax' WHERE id='$id'")
So the problem is here = po_postcode = '$po_postcode',