|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
Generate data entry and reporting .NET Web apps in minutes, straight from your database. Read our FREE whitepaper “Build Web 2.0 Applications Without Hand-Coding” Download now! |
|
#1
April 22nd, 2006, 05:21 PM
|
|||
|
|||
|
Login and Insert statement.
Hi, I'm trying to allow users to logon to my WAP site and insert some data into a MySQL DB all in one submit. I can successfully get the login to work and it to echo the (Welcome $username) but I can't seem to be able to Insert the data into the database.
I'm posting $u (username) $p(password and $a(answer) from login.wml, and passing this to login1.php. login1.php Code:
<?php
// send wml headers
header("Content-type: text/vnd.wap.wml");
echo "<?xml version=\"1.0\"?>";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.1//EN\""
. " \"http://www.wapforum.org/DTD/wml_1.1.xml\">";
?>
<wml>
<card id="login" title="login">
<p>
<?php
$link = mysql_connect("localhost", "giben2_collymore", "password")
or die("Could not connect to database!");
mysql_select_db("giben2_Fitness")
or die("Could not select database!");
$username = $_GET['u'];
$password = $_GET['p'];
$answer = $_GET['a];
$query = "SELECT * FROM user_info WHERE username = '$Username' AND password = '$Password'";
$result = @mysql_query($query);
if (mysql_num_rows($result) != 5) :
$stmt = "INSERT INTO week1 (username, answer)";
$stmt .= " VALUES ('".$username."', '".$answer."')";
$qry = $db->query($stmt);
echo "<center>Thankyou " . '$username'; "</center>";
echo ", Your answer has been logged:";
// if no information fitting the query is found,
// display relevant message.
else:
echo "Wrong username or password";
endif;
?>
</p>
</card>
</wml>
Any help would be greatly appreciated. thanks Rusty
|
|
#2
April 23rd, 2006, 06:18 AM
|
||||
|
||||
|
Hi Rusty,
Welcome to Dev Shed. Enjoy your stay. As with any PHP / MySQL related problem, during debugging remove the supressors (@) and stick an mysql_error() after your queries - this function is really helpful when debugging. I know wml is picky with syntax, so maybe or die(mysql_error()) is too much, but you could check that there are no errors I also assume that "$db->query($stmt);" does the same as mysql_query($stmt); I notice that you have $Username in your first query, this of course may just be a typo, but $Username != $username
__________________
Cheers, Jamie # skiFFie | Home of the 'accessibility module' for Drupal # Jamie Burns [me] Accessibility Module [drupal] # guidelines | search | wap resources | not getting help | fold to cure # Any form of employment is strictly prohibited ...... __________________ Let the might of your compassion arise to bring a quick end to the flowing stream of the blood and tears ..... Please hear my anguished words of truth. __________________
|
|
#3
April 23rd, 2006, 06:26 PM
|
|||
|
|||
|
Thanks for your reply jabba
 mysql_query($stmt); is what I should have been using thanks. As for the uppercase vairables, I've realised that infact it has been ignoring the SELECT statement as well as the INSERT! It was echoing any username that was entered and not checking with the database. I'm quite new to PHP/MySQL so not sure what you mean by "remove the supressors (@)" Also is it right that you don't use the { } with the IF statements with WML? Code:
<?php
// send wml headers
header("Content-type: text/vnd.wap.wml");
echo "<?xml version=\"1.0\"?>";
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.1//EN\""
. " \"http://www.wapforum.org/DTD/wml_1.1.xml\">";
?>
<wml>
<card id="login" title="login">
<p>
<?php
$link = mysql_connect("localhost", "giben2_collymore", "carling")
or die("Could not connect to database!");
mysql_select_db("giben2_Fitness")
or die("Could not select database!");
$username = $_GET['u'];
$password = $_GET['p'];
$answer = $_GET['a'];
$query = "SELECT * FROM user_info WHERE username = '$username' AND password = '$password'";
$result = @mysql_query($query);
if (mysql_num_rows($result) != 5) :
// echo "success!";
$stmt = "INSERT INTO week1 (username, answer)";
$stmt .= " VALUES ('".$username."', '".$answer."')";
$qry = $db->query($stmt);
mysql_query($stmt);
echo "<center>Thankyou " . '$username'; "</center>";
echo ", Your answer has been logged:"; }
// if no information fitting the query is found,
// display relevant message.
else:
echo "Wrong username or password";
endif;
?>
</p>
</card>
</wml>
|
|
#4
April 23rd, 2006, 07:48 PM
|
||||
|
||||
|
Quote:
PHP Code:
Quote:
So, from the beginning again  Is your form actually using GET method? As alternative to the or die() method, you could something like: PHP Code:
Last edited by jabba_29 : April 23rd, 2006 at 07:58 PM. Reason: errors in code
|
|
#5
April 24th, 2006, 07:04 AM
|
||||
|
||||
|
PHP Code:
I know you're new to PHP but check out some of the stuff written by SimonGreenhill in the PHP and security forums to understand why it's bad practice to do what you're doing.
__________________
Andy Moore << oh no it's got a blog..... Word Press WAP Plugin with Ad Mob Advertising revenue PHP developer deploying ringtones, mp3 downloads and realtones I'm a geek who's obsessed with stats and gadgets
|
|
#6
April 24th, 2006, 07:29 AM
|
||||
|
||||
|
True, also check out the examples at the manual, mysql_real_escape_string...
|
|
| Viewing: Dev Shed Forums > Programming Languages - More > WAP Programming > Login and Insert statement. |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
