hey well can some one helpme make this code work it won't INSERT INTO THE DATABSE



This post has been edited by miCRoSCoPiC^eaRthLinG: Nov 17 2005, 06:14 AM

Did I miss something in the above or did you connect to the database somewhere else? It needs to connect first then it can insert, do you get an error with the above.

Usually you would start with

thats where that is

So Houdini's question was the first one I had too the first time I looked at this. Next time be sure to include any external code that we may need to help debug.

Next I found another problem.
You run an mysql query on $sql but $sql doesn't exist.




You actually need to run the seperate querries on $sql9, $sql3, and $sql4!

I suggest writting a function that could be generic enough to handle any variable.

Maybe:


With the funtion call of:


Now keep in mind that that particular function will output "Thank you for sign up" 3 times if successful. It would be better to put the variables in an array and add a loop to the function then if all commands are successful, echo "Thank you for sign up"!

I'm not going to write the whole thing for you but this should at least get you back on track.

Hope This Helps!

vujsa

Yep, you're basically entering an empry query as $sql is not defined.

But a generic function for different types of queries might be a bit useless as the return values of mysql_query can be very different, ranging from simple boolean values of a say INSERT to big results of SELECT queries.


I don't if you meant to do it but although otherwise a possible thing to do would be to send multiple queries tot the databse at once, separated by semicolons this is not possible with PHP as it is considered a security threat. You code would miss the appending of the quesries anyways so you probably weren't thinking about this.

I didn't look closely enough to see that there was both INSERT and SELECT commands being sent as a result, the very least you should use a different function for each type unless you are pretty good with your function writing.

vujsa

I guess there could be alternative methods inside the function. It would check whether the query starts with SELECT or INSERT and the select the proper action. Would be a bit messy function but on the other hand the actual code would look neat with only single type of function calls for database queries.

I tend to write a perfectly good function for one use. Then later when I need a similar function, I just modify the first function. Then later, I need yet another similar function and repeat the process. I tend to write very complex functions as a result which are able to handle several different requests and then the function call is very simple to write as a result.

Since most of my database functions are all-in-one, I just need to use the same call each time with different variables. Then I tend to name my function something like deal_with_the_db() which is what it does and I don't have to think about the DB anymore. LOL

I tend to get frustrated with the mySQL commands so I remove myself a little.

By the way, why is it so difficult to get information out of the database even if you have all of the required information and you only want one entry.

vujsa

Your SQL Insert statement is wrong, you confused it with the UPDATE SQL Statement, the correct way to write it is:

I dont include the id field because i think it is an integer autonumeric field, let me know if im wrong about it, also you must verify all your data prior to your insertion, maybe using javascript in your forms page and another good practice to prevent sql injections is the use of the mysql_real_escape_string function if your system has the magic_quoutes_gpc off.

Best regards,

Actually you can do a traditional

But I think in mysql it'll let you address an insert statement as if you're updating, which isn't the same for postgres. Try it and let me know what you find out, but I'm pretty sure it's allowed. In this case he's wating to insert, not update. I was looking at a previous script that one of my professors wrote usuing a mysql database and his insert scripts looked a lot like the update statements. When we switched over to postgres we had to redo the insert statements to match to the traditional insert statement. It would probably be wise to stick with traditional unless you plan on staying with mysql.

Vujsa, you don't actually use a dbi? You just right your own code to supplement the use of db connections/queries? I was introduced to a dbi that's based on perl's standard dbi or something like that. I like it a lot better than all the php functions to deal with mysql/postgres. It standardizes everything, so whatever you want to do (use mysql, or postgres) you use same function call. You just change the inital connection's function to receieve a string argument of what database. I believe that's the way it's done, but with the script I'm working on there's about 10 different includes to every page in order to make it work right. Good experience tho.

After thinking about it I can see the advantage of writing a script that does what you're talking about vujsa. Have a function like build_db_query or something that builds the actually query and returns it as a string perhaps. You pass a table name, and an array of values in an assoc array indexing the related tables in the fields. You could make it even more flexible and add flag to determine whether it's a select, insert, update, or delete statement. Just have a switch on the flag, then build the appropriate sql statement.

I'm rather new to OOP and php, but can't this be done with polymorphism? (rather new to OOP in general)

This post has been edited by minnieadkins: May 8 2006, 04:31 PM