aviddread Posted October 10, 2010 Share Posted October 10, 2010 Hi, I'm new to php and just trying to make sense of things by trying stuff. I'm trying to make a very rudimentary CMS where form values are added to a mysql database. One of the inputs in the form ($body) is a textarea. I've messed around with this but there's a glitch somewhere-when I press the submit button I just get a blank page (the page for the form processing script). My guess is there's something not right with the "safety measures" I'm taking: trim,stripslashes,etc. Any help would be appreciated <?phpsession_start();if(!isset($_POST['Submit'])){header("Location: home_manage.php");exit();}else{$headline=$_POST['headline'];$author=$_POST['author'];$body=$_POST['body'];$headline=trim($headline);$author=trim($author);$body=trim($body);$message=array(); if((strlen($headline)!=0)&&(strlen($author)!=0)&&(strlen($body)!=0)){ $time=time(); $date=date('Y-m-d H:i:s',$time); $headline=strip_tags($headline); $author=strip_tags($author); $body="<p>".$body."</p>"; $order=array("\r\n", "\n", "\r"); $replace='</p><p>'; $body=str_ireplace($order,$replace,$body); $body=strip_tags($body,'<p><br />'); if(get_magic_quotes_gpc()) { $headline=stripslashes($headline); $author=stripslashes($author); $body=stripslashes($body); } $headline=htmlentities(mysql_real_escape_string($headline)); $author=htmlentities(mysql_real_escape_string($author)); $body=htmlentities(mysql_real_escape_string($body)); require('storage.inc'); $link = mysql_connect($host,$user,$db_password); $db = mysql_select_db($post_database,$link); $query= "INSERT INTO entry (entry_date,entry_head,entry_author,entry_text) VALUES ('$date','$headline','$author','$body')"; mysql_query($query); $message[]="<p class='announce'><b>Post titled ".$headline." has been added to the database.</b></p>"; }else{if(strlen($headline)<1){$message[]="<p class='announce'><b>You must include a headline for this post.</b></p>";}if(strlen($author)<1){$message[]="<p class='announce'><b>You must include an author name for this post.</b></p>";}if(strlen($body)<1){$message[]="<p class='announce'><b>You must include some body text for this post.</b></p>";}}$_SESSION['msg']['up_err']=implode($message);header("Location: home_manage.php");exit();}?> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted October 10, 2010 Share Posted October 10, 2010 You should be developing with error reporting set to on. Quote Link to comment Share on other sites More sharing options...
Oziam Posted October 10, 2010 Share Posted October 10, 2010 Find your php.ini file and make sure you have error reporting on and set to error_reporting = E_ALL | E_STRICT this is about line 515 in my ini file. This will report all errors and help you trouble shoot your code! Quote Link to comment Share on other sites More sharing options...
aviddread Posted October 11, 2010 Author Share Posted October 11, 2010 Thanks for the responses. I turned on error reporting as you suggested and what I'm seeing there is: [11-Oct-2010 00:23:57] PHP Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING, expecting ')' in /.../.../.../.../.../home_handler.php on line 23 Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted October 11, 2010 Share Posted October 11, 2010 where is the code for home_handler.php? the code as posted compiles, so I suspect that code is not home_handler.php. Quote Link to comment Share on other sites More sharing options...
aviddread Posted October 11, 2010 Author Share Posted October 11, 2010 Thanks for your response. This is the form: <?php print "<form action='./home_handler.php' method='POST' style='margin-top:1em;'>"; print "<label>Headline:</label><br /><input name='headline' class='text' style='width:520px;' /><br />"; print "<label>Author:</label><br /><input name='author' class='text' style='width:520px;' /><br />"; print "<label>Body Text:</label><br /><textarea name='body' class='text' style='width:520px;height:12em;'></textarea><br />"; print "<input type='submit' class='button' name='Submit' value='Submit' />"; print "</form>"; ?> The only other thing I have going on is some code to display error messages: <?php print ($_SESSION['msg']['up_err']); unset($_SESSION['msg']['up_err']); ?> I used that message-display set-up on a different page and it worked fine.... Quote Link to comment Share on other sites More sharing options...
aviddread Posted October 11, 2010 Author Share Posted October 11, 2010 Well, trial and error paid off. As I suspected, some of the safety measures were gumming things up- specifically the array to replace new lines and returns with paragraphs, and the magic quotes conditional. Not sure why they didn't work, but when I deleted the magic quotes bit and took the array apart and put each value in it's own str_replace statement, everything started working. Thanks to Oziam and Pikachu2000 for the heads up about the error reporting. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.