buzzern96 Posted April 19, 2012 Share Posted April 19, 2012 <?php $con = mysql_connect("localhost", "root", ""); $name = $_GET['jente_navn']; $name = mysql_real_escape_string($name); $ip = $_SERVER['REMOTE_ADDR']; mysql_select_db("name", $con); if ( preg_match("/^[^a-z]|[^A-Z]+/i", $name) ) { die ("Feil: Kan bare bruke gyldige tegn"); }else{ $sql = 'SELECT * FROM banned WHERE name= \'' . $name . '\' OR ip= \'' . $ip . '\''; $result = mysql_query($sql); if( mysql_num_rows($result) ){ print "That Name, or your ip adress is. BANNED!"; } } $sql = "INSERT INTO girl ('girl','accepted','ip') VALUES ('$name', '0', '$ip');"; if ( mysql_query($sql, $con) ){ mysql_close($con); header('http://localhost/takk.php'); }else{ mysql_close($con); header('http://localhost/error.php'); } ?> I don't get any errors, but it still doesn't post the name in the database, even though the name doesn't exist or ain't banned. :s Quote Link to comment Share on other sites More sharing options...
litebearer Posted April 19, 2012 Share Posted April 19, 2012 As a start, field names use back tick ` NOT single quotes ' Quote Link to comment Share on other sites More sharing options...
buzzern96 Posted April 19, 2012 Author Share Posted April 19, 2012 that have never been a problem before? :S Quote Link to comment Share on other sites More sharing options...
buzzern96 Posted April 19, 2012 Author Share Posted April 19, 2012 <?php $con = mysql_connect("localhost", "root", ""); $name = $_GET['jente_navn']; $name = mysql_real_escape_string($name); $ip = $_SERVER['REMOTE_ADDR']; mysql_select_db("name", $con); if ( preg_match("/^[^a-z]|[^A-Z]+/i", $name) ) { die ("Feil: Kan bare bruke gyldige tegn"); }else{ $cb = 'SELECT * FROM banned WHERE name= \'' . $name . '\' OR ip= \'' . $ip . '\''; $result = mysql_query($cb); if( mysql_num_rows($result) ){ print "That Name, or your ip adress is. BANNED!"; } } $sql = "INSERT INTO girl (`girl`,`accepted`,`ip`,`sex`) VALUES ('$name', '0', '$ip', 'Female');"; if ( mysql_query($sql, $con) ){ mysql_close($con); header('http://localhost/takk.php'); }else{ mysql_close($con); header('http://localhost/error.php'); } ?> still doesn't work. :s Even if I did this: <?php $con = mysql_connect("localhost", "root", ""); $name = $_GET['jente_navn']; $name = mysql_real_escape_string($name); $ip = $_SERVER['REMOTE_ADDR']; mysql_select_db("name", $con); if ( preg_match("/^[^a-z]|[^A-Z]+/i", $name) ) { die ("Feil: Kan bare bruke gyldige tegn"); }else{ $cb = 'SELECT * FROM banned WHERE name= \'' . $name . '\' OR ip= \'' . $ip . '\''; $result = mysql_query($cb); if( mysql_num_rows($result) ){ print "That Name, or your ip adress is. BANNED!"; } } $sql = "INSERT INTO girl (`girl`,`accepted`,`ip`,`sex`) VALUES (`$name`, `0`, `$ip`, `Female`);"; if ( mysql_query($sql, $con) ){ mysql_close($con); header('http://localhost/takk.php'); }else{ mysql_close($con); header('http://localhost/error.php'); } ?> Quote Link to comment Share on other sites More sharing options...
litebearer Posted April 19, 2012 Share Posted April 19, 2012 Not 100% certain; however, I believe your mysql_select_db has to occur BEFORE any mysql_real_escape_string's Quote Link to comment Share on other sites More sharing options...
batwimp Posted April 19, 2012 Share Posted April 19, 2012 You have a syntax error in your $cb string. Please post what the string is supposed to look like after the variables have been filled it. Quote Link to comment Share on other sites More sharing options...
buzzern96 Posted May 4, 2012 Author Share Posted May 4, 2012 It's not an error in the cb string? The cb string works perfectly? If the name is banned it tells me that the name is banned. Quote Link to comment Share on other sites More sharing options...
litebearer Posted May 4, 2012 Share Posted May 4, 2012 immediately after this... $sql = "INSERT INTO girl (`girl`,`accepted`,`ip`,`sex`) VALUES (`$name`, `0`, `$ip`, `Female`);"; add this... echo $sql; exit(); and tell us what you see Quote Link to comment Share on other sites More sharing options...
buzzern96 Posted May 4, 2012 Author Share Posted May 4, 2012 Sure This is what I see. INSERT INTO girl (`girl`,`accepted`,`ip`,`sex`) VALUES ('Angelica', '0', '127.0.0.1', 'Female'); Quote Link to comment Share on other sites More sharing options...
litebearer Posted May 4, 2012 Share Posted May 4, 2012 A) in your query, REMOVE the first semi-colon B) use back tics for your field names and single quotes for your variables test it and tell us what happens Quote Link to comment Share on other sites More sharing options...
Jessica Posted May 4, 2012 Share Posted May 4, 2012 B) use back tics for your field names and single quotes for your variables He already is... Quote Link to comment Share on other sites More sharing options...
litebearer Posted May 4, 2012 Share Posted May 4, 2012 @jesirose see post 5 second script - using back tics on the variables Quote Link to comment Share on other sites More sharing options...
buzzern96 Posted May 4, 2012 Author Share Posted May 4, 2012 @jesirose see post 5 second script - using back tics on the variables Yeah, I ain't using it on variables anymore, found some interesting facts about that on another website and felt like I was stupid.. lol, Quote Link to comment Share on other sites More sharing options...
buzzern96 Posted May 4, 2012 Author Share Posted May 4, 2012 T_STRING error o,o. Quote Link to comment Share on other sites More sharing options...
litebearer Posted May 4, 2012 Share Posted May 4, 2012 post most recent code Quote Link to comment Share on other sites More sharing options...
batwimp Posted May 4, 2012 Share Posted May 4, 2012 Uhhh... I never actually posted to this thread before. I have no idea what that entry above from me is about... Quote Link to comment Share on other sites More sharing options...
buzzern96 Posted May 4, 2012 Author Share Posted May 4, 2012 post most recent code Sure. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Navn-Databasen.NO</title> </head> <body> <?php $con = mysql_connect("localhost", "root", ""); mysql_select_db("name", $con); $name = $_GET['jente_navn']; $name = mysql_real_escape_string($name); $ip = $_SERVER['REMOTE_ADDR']; if ( preg_match("/^[^a-z]|[^A-Z]+/i", $name) ) { die ("Feil: Kan bare bruke gyldige tegn"); }else{ $cb = 'SELECT * FROM banned WHERE name = \'' . $name . '\' OR ip = \'' . $ip . '\''; $result = mysql_query($cb); if( mysql_num_rows($result) ){ print "That Name, or your ip adress is. BANNED!"; } } $sql = "INSERT INTO girl (`girl`,`accepted`,`ip`,`sex`) VALUES ('$name', '0', '$ip', 'Female');"; if ( mysql_query($sql, $con) ){ mysql_close($con); header('http://localhost/takk.php'); }else{ mysql_close($con); header('http://localhost/error.php'); } ?> </body> </html> Quote Link to comment Share on other sites More sharing options...
buzzern96 Posted May 4, 2012 Author Share Posted May 4, 2012 Grr double post. Quote Link to comment Share on other sites More sharing options...
litebearer Posted May 4, 2012 Share Posted May 4, 2012 try changing this... $sql = "INSERT INTO girl (`girl`,`accepted`,`ip`,`sex`) VALUES ('$name', '0', '$ip', 'Female');"; to this... $sql = "INSERT INTO girl (`girl`,`accepted`,`ip`,`sex`) VALUES ('$name', '0', '$ip', 'Female')"; Quote Link to comment Share on other sites More sharing options...
buzzern96 Posted May 4, 2012 Author Share Posted May 4, 2012 Still doesn't work. xD <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Navn-Databasen.NO</title> </head> <body> <?php $con = mysql_connect("localhost", "root", ""); mysql_select_db("name", $con); $name = $_GET['jente_navn']; $name = mysql_real_escape_string($name); $ip = $_SERVER['REMOTE_ADDR']; if ( preg_match("/^[^a-z]|[^A-Z]+/i", $name) ) { die ("Feil: Kan bare bruke gyldige tegn"); }else{ $cb = 'SELECT * FROM banned WHERE name = \'' . $name . '\' OR ip = \'' . $ip . '\''; $result = mysql_query($cb); if( mysql_num_rows($result) ){ print "That Name, or your ip adress is. BANNED!"; } } $sql = "INSERT INTO girl (`girl`,`accepted`,`ip`,`sex`) VALUES ('$name', '0', '$ip', 'Female')"; if ( mysql_query($sql, $con) ){ mysql_close($con); header('http://localhost/takk.php'); }else{ mysql_close($con); header('http://localhost/error.php'); } ?> </body> </html> Even though I think that might have been an valuable error. Quote Link to comment Share on other sites More sharing options...
DavidAM Posted May 6, 2012 Share Posted May 6, 2012 Sure This is what I see. INSERT INTO girl (`girl`,`accepted`,`ip`,`sex`) VALUES ('Angelica', '0', '127.0.0.1', 'Female'); That query looks fine to me. When you say "Still doesn't work." -- what exactly do you mean. Is it not putting the data in the database (did you check), or is it not redirecting you? Since you are serving out HTML above this code, the header redirect is NOT going to work. For debugging purposes only: add the following lines to the very beginning of that file (above the DOCTYPE and everything): <?php error_reporting(E_ALL); ini_set('display_errors', '1'); ?> Then add the "die" line below if ( mysql_query($sql, $con) ){ mysql_close($con); header('http://localhost/takk.php'); }else{ ## Add this line for DEBUGGING PURPOSES ONLY die(mysql_error() . '<BR>' . $sql); mysql_close($con); header('http://localhost/error.php'); } Those redirects are never going to work in the middle of the file like that. However, if you move ALL of the PHP above the DOCTYPE, and add exit(); after each header() call you should be very close to what you want. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.