#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2013
    Posts
    30
    Rep Power
    2

    Upon loading , form autosubmits empty fields to database


    this is link to code

    http://jsbin.com/ixupuk/4/edit

    when my form is loaded into browser OR refreshed, all fields
    (whether empty or not) are auto-submitted to mysql database..

    i included at the bottom, an if(isset) statement that i couldnt get to work.
    PHP Code:
    //submit to database

    //  usable constants  
    define('DB_NAME''yyy_ContactForm');
    define('DB_USER''xxx');
    define('DB_PASSWORD''zzz');
    define('DB_HOST''localhost');

    $link mysql_connect (DB_HOSTDB_USERDB_PASSWORD);

    if(!
    $link) {
        die(
    'Could not connect: ' .mysql_error());
    }

    $db_selected mysql_select_db(DB_NAME,$link);

    if(!
    $db_selected) {
        die(
    'Can\'t use' DB_NAME ':' .mysql_error());
    }

    //echo 'Connected successfully';

    $fullname mysql_real_escape_string ($_POST['fullname']);
    $email mysql_real_escape_string ($_POST['email']);
    $comment mysql_real_escape_string ($_POST['comment']);

    /*~~~~  $error = array(); 
    if($_POST[$fullname, $email, $comment] == '') { 
        $error[] = ''; 
    }  ~~~~*/

    $sql "INSERT INTO admin_table (fullname, email, comment) VALUES ('$fullname', 
    '
    $email', '$comment')";

    if (!
    mysql_query($sql)) {
        die(
    'Error: ' mysql_error());
    }

    /* this below gave me syntax error
       on the first if() line  

    if(isset($_POST)){
      $sql = "INSERT INTO admin_table (fullname, email, comment) VALUES ('$fullname', 
    '$email', '$comment')";

    if (!mysql_query($sql)) {
        die('Error: ' . mysql_error());
    }
      

    */

    mysql_close(); 
    edit: i thought ppl rather view from well known jsbin.. ty
    thanx
    Last edited by Amkaos; May 24th, 2013 at 05:29 PM. Reason: as per directive
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Jul 2003
    Posts
    3,395
    Rep Power
    594
    Post your code here, using [ PHP ] tags. That is exactly what this forum is for. See the sticky at the top of this forum that says READ THIS BEFORE POSTING. Not many are willing to go to a 3rd site to look at your code and the formatter on this forum makes it much easier to read.
    There are 10 kinds of people in the world. Those that understand binary and those that don't.
  4. #3
  5. No Profile Picture
    Lost in code
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 2004
    Posts
    8,317
    Rep Power
    7170
    i included at the bottom, an if(isset) statement that i couldnt get to work.
    What part wasn't working about it?

    The fields are submitted to the database when the page loads precisely because you don't have the insert query wrapped in a conditional.
    PHP FAQ

    Originally Posted by Spad
    Ah USB, the only rectangular connector where you have to make 3 attempts before you get it the right way around
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Hi,

    the $_POST array is always set, because it's a core superglobal of PHP. What you wanna check is if it's empty: !$_POST

    The syntax error comes from that expression:

    PHP Code:
    $_POST[$fullname$email$comment] == '' 
    Whatever that is, it's not PHP. You can't put multiple keys into the [...] syntax. I'm not even sure what that is supposed to mean: All values are empty strings? Any value is an empty string? Change that to valid PHP with normal boolean expressions.

    Apart from that, I hope you realize you're running around with code from the last century.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2013
    Posts
    30
    Rep Power
    2
    Originally Posted by E-Oreo
    you don't have the insert query wrapped in a conditional.
    PHP Code:
    if(isset($_POST)){
      
    $sql "INSERT INTO admin_table (fullname, email, comment) VALUES ('$fullname', 
    '
    $email', '$comment')";

    if (!
    mysql_query($sql)) {
        die(
    'Error: ' mysql_error());
    }
      

    doesnt this do that?

    @Jacques1:: i want to make it mean Any are empty..
    youre right tho, and it is commented out because it didnt work.
    i did try first to use the newer php.. didnt work atall.
    i dont remember what errors i got..

    thanx for looking
  10. #6
  11. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Originally Posted by Amkaos
    doesnt this do that?
    No, as I already explained in the first paragraph of my posting.



    Originally Posted by Amkaos
    @Jacques1:: i want to make it mean Any are empty..
    Then do that:

    PHP Code:
    !$_POST['fullname'] || !$_POST['email'] || !$_POST['comment'


    Originally Posted by Amkaos
    i did try first to use the newer php.. didnt work atall.
    i dont remember what errors i got..
    Well, without the concrete code I can't help you with that. However, I strongly recommend using PDO or MySQLi for your database connection. The old mysql_* functions you're using will be officially deprecated in the next PHP version, and sooner or later they'll be killed off completely.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2013
    Posts
    30
    Rep Power
    2
    hi:
    well , i dont understand this change stops empty req'd fields from being submitted (even tho you did not state that it would) .. and it stops form from submitting upon loading or refreshing.. it seems like this simple solution is what worked ..

    i think everything is now working as it should, so far as i can tell ..


    if(isset($_POST['submit'])){'the rest of code'}

    i really appreciate the attention and replies..
    thanx for the help.

    i need to understand the pdo ..
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2013
    Posts
    30
    Rep Power
    2
    Originally Posted by Amkaos
    hi:
    well , i dont understand this change stops empty req'd fields from being submitted (even tho you did not state that it would) .. and it stops form from submitting upon loading or refreshing.. it seems like this simple solution is what worked ..

    i think everything is now working as it should, so far as i can tell ..


    if(isset($_POST['submit'])){'the rest of code'}

    i really appreciate the attention and replies..
    thanx for the help.

    i need to understand the pdo ..
    i was wrong.. turns out that either form submits in whatever state it is in ; upon loading or refreshing OR nothing submits to database atall..

    the email only is submitted if form filled out correctly..

    should i attempt to rewrite all code in PDO?

    ive tried for days and seems im beat..

    thanx

IMN logo majestic logo threadwatch logo seochat tools logo