jduke6 Posted September 2, 2011 Share Posted September 2, 2011 Working on a project for school and I am trying to code a form that feeds into a DB. I have been studying the syntax, reading and doing everything I can to get this to work. A little help, pointers, direction would be greatly appreciated. It may be my database structure so I included a image for anyone to see... and the files. Thanks in advance [attachment deleted by admin] Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted September 2, 2011 Share Posted September 2, 2011 You haven't mentioned what the actual problem is, and you'd be better off to paste the code in to a post within the forum's . . . BBCode tags, as most people won't download an attachment. Quote Link to comment Share on other sites More sharing options...
jduke6 Posted September 2, 2011 Author Share Posted September 2, 2011 I am getting an error saying Notice: Undefined index: I really thought the code I wrote would work no problems but being new I have no real idea how to solve the problem. <form action="update.php" method="post"> <p>City:<br/> <input type="text" name="city" size="30" /></p> <p>Property Type:<br/> <select name="type"> <option value="single">Single Family Home</option> <option value="condo">Condo</option> <option value="duplex">Duplex</option> <option value="multi">Multi-Unit</option> <option value="rental">Rental</option> </select></p> <p> Radius:<br/> <select name="radius"> <option value="5">5</option> <option value="10">10</option> <option value="15">15</option> <option value="20">20</option> <option value="25">25</option> </select></p> <p> Price Range:<br/> <select name="price"> <option value="under">Under $200,000</option> <option value="2">$200,000 - $300,000</option> <option value="3">$300,001 - $400,000</option> <option value="4">$400,001 - $500,000</option> <option value="5plus">$500,000 plus</option> </select></p> <p> Number of Bedrooms:<br/> <select name="bedrooms"> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5 or more</option> </select></p> <p> Number of Bathrooms:<br/> <select name="bathrooms"> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5 or more</option> </select></p> <p> Garage Parking Preference:<br /> <input type="checkbox" name="parking" value="yes" /> Yes<br /> <input type="checkbox" name="parking" value="no" /> No </p> <p>Please give some details on your ideal property. This can include features of your ideal home including near an elementary school,<br/> parks, Close to Shopping. Feel free to describe anything you would like in the home that has not been covered.<br /> <textarea name="feedback" rows="20" cols="100" wrap="virtual" /></textarea></p> <p>First name:<br/> <input type="text" name="firstname" size="40" /></p> <p>Last name:<br/> <input type="text" name="lastname" size="40" /></p> <p>email address:<br/> <input type="text" name="email" size="40" /></p> <p>Phone Number<br/> <input type="text" name="phone" size="40" /></p> <p><input type="submit" value="Send feedback" /></p> </form> update.php <?php $city = $_POST['city']; $radius = $_POST['radius']; $type = $_POST['type']; $price = $_POST['price']; $bedrooms = $_POST['bedrooms']; $bathrooms = $_POST['bathrooms']; $parking = $_POST['parking']; $details = $_POST['details']; $firstname = $_POST['firstname']; $lastname = $_POST['lastname']; $email = $_POST['email']; $phone = $_POST['phone']; // 1. Create a database connection $connection = mysql_connect("localhost", "root", "maven777"); if(!$connection){ die("Database connection failed: " .mysql_error()); } // 2. Select a database to use $db_select = mysql_select_db("homesloans", $connection); if(!$db_select){ die("Database selection failed: " .mysql_error()); } $query="INSERT INTO leads (leadid, city, radius, type, price, bedrooms, bathrooms, parking, details, firstname, lastname, email, phone) VALUES('NULL', '[city]', '[radius]', '[type]', '[price]', '[bedrooms]', '[bathrooms]', '[parking]', '[details]', '[firstname]', '[lastname]', '[email]', '[phone]')"; mysql_query($query) or die ('Error updating database'); echo "Database Successfully Updated."; ?> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted September 2, 2011 Share Posted September 2, 2011 Paste the whole error. Error/warning/notice messages are some of the most helpful things when debugging, but not having the whole message is pretty much useless. Quote Link to comment Share on other sites More sharing options...
jduke6 Posted September 2, 2011 Author Share Posted September 2, 2011 ( ! ) Notice: Undefined index: details in C:\wamp\www\homesloans\update.php on line 21 Call Stack # Time Memory Function Location 1 0.0017 691304 {main}( ) ..\update.php:0 Error updating database Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted September 2, 2011 Share Posted September 2, 2011 Some things that stand out: Your form has a textarea named "feedback", but the processing code seems to be looking for a field named "details". This seems to be the cause of the notice you're getting. Your INSERT query doesn't make use of any of the variables you've defined and to which you've assigned the values from the $_POST array. '[city]' isn't a variable, but '$city' is. You have no protection from SQL injection; your form data isn't sanitized/validated at all. the DB field `leadid` should probably be an INT field, set as AUTO_INCREMENT, and used as the table's primary key index. EDIT: take care of the first 2 items and let's see if we can't at least get it inserting data, then start on the other things. Quote Link to comment Share on other sites More sharing options...
jduke6 Posted September 3, 2011 Author Share Posted September 3, 2011 Fixed - Your form has a textarea named "feedback", but the processing code seems to be looking for a field named "details". This seems to be the cause of the notice you're getting. Fixed - Your INSERT query doesn't make use of any of the variables you've defined and to which you've assigned the values from the $_POST array. '[city]' isn't a variable, but '$city' is. Fixed - the DB field `leadid` should probably be an INT field, set as AUTO_INCREMENT, and used as the table's primary key inde Still working on this part - I know what it is but how to effectively code is still a mystery.. You have no protection from SQL injection; your form data isn't sanitized/validated at all. Quote Link to comment Share on other sites More sharing options...
jduke6 Posted September 5, 2011 Author Share Posted September 5, 2011 Still working in the form but I am having trouble passing the data from drop down lists. The selections are listed in the form but when testing I see that the values are not being input into the database. How can I fix this? Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted September 6, 2011 Share Posted September 6, 2011 Post the revised code, plz. Quote Link to comment Share on other sites More sharing options...
jduke6 Posted September 6, 2011 Author Share Posted September 6, 2011 Still working on the sanitizing the input. Also I got the drop down menus to work by changing the the type of data being input to VARCHAR in the DB db structure link - http://i53.tinypic.com/15qrsk7.jpg <form action="update.php" method="post"> <p>City:<br/> <input type="text" name="city" size="30" /></p> <p>Property Type:<br/> <select name="type"> <option value="Single Family Home">Single Family Home</option> <option value="Condo">Condo</option> <option value="Duplex">Duplex</option> <option value="Multi-Unit">Multi-Unit</option> <option value="Rental">Rental</option> </select></p> <p> Radius:<br/> <select name="radius"> <option value="5 miles">5</option> <option value="10 miles">10</option> <option value="15 miles ">15</option> <option value="20 miles">20</option> <option value="25 miles">25</option> </select></p> <p> Price Range:<br/> <select name="price"> <option value="under $200,000">Under $200,000</option> <option value="$200,000 - $300,000">$200,000 - $300,000</option> <option value="$300,001 - $400,000">$300,001 - $400,000</option> <option value="$400,001 - $500,000">$400,001 - $500,000</option> <option value="Over $500,000">Over $500,000</option> </select></p> <p> Number of Bedrooms:<br/> <select name="bedrooms"> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5 or more</option> </select></p> <p> Number of Bathrooms:<br/> <select name="bathrooms"> <option value="1">1</option> <option value="2">2</option> <option value="3">3</option> <option value="4">4</option> <option value="5">5 or more</option> </select></p> <p> Garage Parking Preference:<br /> <select name="parking"> <option value="yes">Yes</option> <option value="no">No</option> </select> </p><br /> <p>Please give some details on your ideal property. This can include features of your ideal home including near an elementary school,<br/> parks, Close to Shopping. Feel free to describe anything you would like in the home that has not been covered.<br /> <textarea name="details" rows="20" cols="100" wrap="virtual" /></textarea></p> <p>First name:<br/> <input type="text" name="firstname" size="40" /></p> <p>Last name:<br/> <input type="text" name="lastname" size="40" /></p> <p>email address:<br/> <input type="text" name="email" size="40" /></p> <p>Phone Number<br/> <input type="text" name="phone" size="40" /></p> <p><input type="submit" value="Send feedback" /></p> </form> //PHP <?php error_reporting(E_ALL ^ E_NOTICE); ?> <?php $city = $_POST['city']; $radius = $_POST['radius']; $type = $_POST['type']; $price = $_POST['price']; $bedrooms = $_POST['bedrooms']; $bathrooms = $_POST['bathrooms']; $parking = $_POST['parking']; $details = $_POST['details']; $firstname = $_POST['firstname']; $lastname = $_POST['lastname']; $email = $_POST['email']; $phone = $_POST['phone']; // 1. Create a database connection $connection = mysql_connect("localhost", "root", "maven777"); if(!$connection){ die("Database connection failed: " .mysql_error()); } // 2. Select a database to use $db_select = mysql_select_db("homesloans", $connection); if(!$db_select){ die("Database selection failed: " .mysql_error()); } $query="INSERT INTO leads (leadid, city, radius, type, price, bedrooms, bathrooms, parking, details, firstname, lastname, email, phone) VALUES('NULL', '[$city]', '[$radius]', '[$type]', '[$price]', '[$bedrooms]', '[$bathrooms]', '[$parking]', '[$details]', '[$firstname]', '[$lastname]', '[$email]', '[$phone]')"; mysql_query($query) or die ('Error updating database'); echo "Database Successfully Updated."; ?> Quote Link to comment Share on other sites More sharing options...
jduke6 Posted September 6, 2011 Author Share Posted September 6, 2011 How Do I sanitize the input? FILTER_SANITIZE_EMAIL - for email but what about for regular strings ? also I need to know how to rest the form because when I load it and test it and even though I reload it the information is still there. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted September 6, 2011 Share Posted September 6, 2011 By sanitize, I mean that all string type data must be properly escaped before it is used in a DB query. If you're using MySQL, then php has mysql_real_escape_string for that purpose. Any numeric data should be validated/cast as the proper data type. Quote Link to comment Share on other sites More sharing options...
jduke6 Posted September 6, 2011 Author Share Posted September 6, 2011 I really do not know how to incorporate that into my code so it works properly - I am new to coding. Quote Link to comment Share on other sites More sharing options...
jduke6 Posted September 6, 2011 Author Share Posted September 6, 2011 Tried to implement the function and get this error Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\wamp\www\homesloans\update.php on line 48 <?php error_reporting(E_ALL ^ E_NOTICE); ?> <?php $city = $_POST['city']; $radius = $_POST['radius']; $type = $_POST['type']; $price = $_POST['price']; $bedrooms = $_POST['bedrooms']; $bathrooms = $_POST['bathrooms']; $parking = $_POST['parking']; $details = $_POST['details']; $firstname = $_POST['firstname']; $lastname = $_POST['lastname']; $email = $_POST['email']; $phone = $_POST['phone']; // 1. Create a database connection $connection = mysql_connect("localhost", "root", "maven777"); if(!$connection){ die("Database connection failed: " .mysql_error()); } // 2. Select a database to use $db_select = mysql_select_db("homesloans", $connection); if(!$db_select){ die("Database selection failed: " .mysql_error()); } $query="INSERT INTO leads (leadid, city, radius, type, price, bedrooms, bathrooms, parking, details, firstname, lastname, email, phone), $city = mysql_real_escape_string($_POST['city']), $details = mysql_real_escape_string($_POST['details']), $firstname = mysql_real_escape_string($_POST['firstname ']), $lastname = mysql_real_escape_string($_POST['lastname']), $email = mysql_real_escape_string($_POST['email']) $phone = mysql_real_escape_string($_POST['phone']), VALUES('NULL', '[$city]', '[$radius]', '[$type]', '[$price]', '[$bedrooms]', '[$bathrooms]', '[$parking]', '[$details]', '[$firstname]', '[$lastname]', '[$email]', '[$phone]')"; mysql_query($query) or die ('Error updating database'); echo "Database Successfully Updated."; ?> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted September 6, 2011 Share Posted September 6, 2011 You've tried to add the values into the query string, but not quite done it properly. I would do it in this order for the moment. There are other things that still need to be taken care of, but one step at a time, yes? <?php if( strtolower($_SERVER['REQUEST_METHOD']) === 'post' ) { // make sure the form has actually been submitted . . . // 1. Create a database connection $connection = mysql_connect("localhost", "root", "maven777"); if(!$connection){ die("Database connection failed: " .mysql_error()); } // 2. Select a database to use $db_select = mysql_select_db("homesloans", $connection); if(!$db_select){ die("Database selection failed: " .mysql_error()); } $radius = $_POST['radius']; $type = $_POST['type']; $price = $_POST['price']; $bedrooms = $_POST['bedrooms']; $bathrooms = $_POST['bathrooms']; $parking = $_POST['parking']; $city = mysql_real_escape_string($_POST['city']); $details = mysql_real_escape_string($_POST['details']); $firstname = mysql_real_escape_string($_POST['firstname ']); $lastname = mysql_real_escape_string($_POST['lastname']); $email = mysql_real_escape_string($_POST['email']); $phone = mysql_real_escape_string($_POST['phone']); $query="INSERT INTO leads (leadid, city, radius, type, price, bedrooms, bathrooms, parking, details, firstname, lastname, email, phone), VALUES('NULL', '$city', '$radius', '$type', '$price', '$bedrooms', '$bathrooms', '$parking', '$details', '$firstname', '$lastname', '$email', '$phone')"; mysql_query($query) or die ('Error updating database'); echo "Database Successfully Updated."; // not necessarily. The only way to know for sure is to check that mysql_affected_rows() > 0 } ?> Quote Link to comment Share on other sites More sharing options...
jduke6 Posted September 7, 2011 Author Share Posted September 7, 2011 I made the changes you suggested but I am not able to get the data to the DB now. I am getting the - error updating the database message Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.