Lee Posted March 7, 2012 Share Posted March 7, 2012 Hi Larry, First let me thank you for a great book, out of the four I have I think I understand yours the most. I am trying to use your examples in my own work but I have stummbled across a problem that I cant figure out. I am sure the problem is a simple one but I have been banging my head against a brick wall for days and I cant see the answer, though I know what the problem is. The problem I have is with session information not being passed from the login page back to my index page. If I get the login page to display the session variables there all displayed. Once the page is redirected to the index page they are lost. I hope that all makes sense, it doesnt really to me Lee Link to comment Share on other sites More sharing options...
rob Posted March 7, 2012 Share Posted March 7, 2012 Have you got session_start() in the php code for your index page? 1 Link to comment Share on other sites More sharing options...
Lee Posted March 7, 2012 Author Share Posted March 7, 2012 No I didnt, I had it remarked out. I knew it was something stupid. Thanks for your help. Link to comment Share on other sites More sharing options...
Larry Posted March 7, 2012 Share Posted March 7, 2012 And thanks, Lee, for the nice words on my books! Link to comment Share on other sites More sharing options...
Lee Posted March 8, 2012 Author Share Posted March 8, 2012 Your most welcome Larry. How you guys ever become programmers I dont know. This is the most frustrating activity every!! Link to comment Share on other sites More sharing options...
Larry Posted March 9, 2012 Share Posted March 9, 2012 Programming can definitely be frustrating. It's best to know that from the get-go. Personally, I like the problem solving aspect of it. And if you program enough, there are so many problems to solve! Link to comment Share on other sites More sharing options...
Lee Posted March 10, 2012 Author Share Posted March 10, 2012 Hello me again!! I have come across something that I dont think is mentioned in your book, but I havent quite finished it yet. I would like to write a SQL insert line in my code that contains data from several select sources and a date from from three values and I am not sure how to do it. So i have the following the user_is pulled from $_SESSION from the login A couple of text fields filled in by the user A date field made from a three drop down select fields, like date of birth. I am nure sure how to write that into the single date SQL field. Another field with pulls information from another database and the user picks from the list in a select field. I hope the above makes sense. Link to comment Share on other sites More sharing options...
margaux Posted March 11, 2012 Share Posted March 11, 2012 It's really best to start a new topic for this as its not related to your original login.php query. Can you be a bit more specific where the data is coming from - if it is all coming from the same form, you can access it via the $_POST global array as long as you've set up the form fields with name attributes e.g. $q = "INSERT INTO table (user_id, email, address1, address2, city, postcode) VALUES ($_SESSION['user_id'], $_POST['email'], $_POST['city'], $_POST['postcode'])"; For the text fields you may want to consider assigning them to variables and using mysqli_real_escape_string for security reasons. For the date field, there are a couple of ways you could do this - look in the php manual for the different date functions it offers and consider the implode function. 1 Link to comment Share on other sites More sharing options...
Lee Posted March 12, 2012 Author Share Posted March 12, 2012 Thanks Margaux, your post helped me alot. I still seem to have a problem with dates getting inserted using the INSERT. I know I should start a new thread but seeing as I have started it here maybe I should continue. I have three drop down boxes using a select form. My array gets populated correctly, I then use the following code to make just a number $mdate = date("Ymd", mktime(0, 0, 0, $mn, $dt, $yr)); Looking in the array the above seems to work. Here is the insert command that I use, forget everything else other than mdate bit. $q = "INSERT INTO bird (user_id, bird_name, sex, species_id, ringno, dob) VALUES ($_SESSION[user_id], '$_POST[bird_name]', '$_POST[sex]', $_POST[species_id], '$_POST[ringno]', '$_POST[mdate]')"; The error I get is as below [page_title] => add_bird [bn] => Dorris [sex] => Female [sp] => 4 [dt] => 31 [mn] => 10 [yr] => 2011 [mdate] => 20111031 [md] => [rn] => THC3547 ) #0 my_error_handler(8, Undefined index: mdate, /home/sites/falconrylogs.co.uk/public_html/test_add_bird.php, 110, Array ([GLOBALS] => Array ( *RECURSION*,[_POST] => Array ([bird_name] => Dorris,[sex] => Female,[species_id] => 4,[day] => 31,[month] => 10,[year] => 2011,[ringno] => THC3547,[breeder] => ,[mentor] => ,[submit] => Add bird to database),[_GET] => Array (),[_COOKIE] => Array ([phpSESSID] => tnfk6q3pbn19fvhine0pgs8ho4),[_FILES] => Array (),[_SERVER] => Array ([PATH] => /usr/local/bin:/usr/bin:/bin,[HTTP_HOST] => www.falconrylogs.co.uk,[HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0.2) Gecko/20100101 Firefox/10.0.2,[HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8,[HTTP_ACCEPT_LANGUAGE] => en-gb,en;q=0.5,[HTTP_ACCEPT_ENCODING] => gzip, deflate,[HTTP_CONNECTION] => keep-alive,[HTTP_REFERER] => http://www.falconrylogs.co.uk/test_add_bird.php?,[HTTP_COOKIE] => PHPSESSID=tnfk6q3pbn19fvhine0pgs8ho4,[CONTENT_TYPE] => application/x-www-form-urlencoded,[CONTENT_LENGTH] => 126,[sERVER_SIGNATURE] => Apache/2 Server at www.falconrylogs.co.uk Port 80 Thank you for your help in this frustrating matter. Link to comment Share on other sites More sharing options...
margaux Posted March 12, 2012 Share Posted March 12, 2012 Thanks for the thanks. The error message is giving you some clues by reflecting the variables you've created, but these are variables and it looks like you're using a variable as a $_POST index. Have you set up a field in your form with the name mdate? The error handler shows you the $_POST variables - you have $_POST[bird_name}, $_POST[species_id], $_POST[day] etc. You have to pass mdate in another way or use your mysql statement to manipulate day, month, year. Since you already have a session, how about $_SESSION['dob'] = date("Ymd", mktime(0, 0, 0, $mn, $dt, $yr)); and then your insert statement could be $q = "INSERT INTO bird (user_id, bird_name, sex, species_id, ringno, dob) VALUES ($_SESSION['user_id], $_POST['bird_name'], $_POST['sex'], $_POST['species_id'], $_POST['ringno'], '$_SESSION['dob'])"; Also make sure you've got the quotes in the right place - e.g. instead of '$_POST[birdname]' it should be $_POST['bird_name'] 1 Link to comment Share on other sites More sharing options...
Lee Posted March 13, 2012 Author Share Posted March 13, 2012 Again thank you for your reply and for the way you have written it. As a newbie its good when it gets written in a way that is understood. However, the formatting of my INSERT command is the only way I can get it to work. Setting the INSERT command as you have suggested produces an error like this. Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING. Perhaps it would useful to show the code for the whole page. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Falconry Logs</title> <style type="text/css"> <!-- --> </style> <link href="styles/mystyles.css" rel="stylesheet" type="text/css" /> </head> <body> <div class="container"> <div class="header"><a href="#"><img src="Images/logo.jpg" width="961" height="100" alt="Logo" /></a> </div> <div class="sidebar1"> <?php // ob_start(); session_start(); if($_SESSION['user_id'] > '1'){ include('includes/navbar1.inc.php'); } else { include('includes/navbar.inc.php'); } ?> </div> <div class="content"> <?php require ('includes/config.inc.php'); require (MYSQL); $page_title = 'add_bird'; if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Handle the form. // Validate the Bird Name if (!empty($_POST['bird_name'])) { $bn = mysqli_real_escape_string ($dbc, $_POST['bird_name']); } else { $bn = FALSE; echo '<p class="error">You forgot to enter a birdname!</p>'; } // Validate the Sex if (!empty($_POST['sex'])) { $sex = mysqli_real_escape_string ($dbc, $_POST['sex']); } else { $sex = FALSE; echo 'p class="error">Please enter the birds sex!</p>'; } // Validate the birds species if (!empty($_POST['species_id'])) { $sp = mysqli_real_escape_string ($dbc, $_POST['species_id']); } else { $sp = FALSE; echo '<p class="error">You forgot to specify the species!</p>'; } // Validate the day if (!empty($_POST['day'])) { $dt = mysqli_real_escape_string ($dbc, $_POST['day']); } else { $dt = FALSE; echo '<p class="error"> You forgot to enter the day!</p>'; } // Validate the Month if (!empty($_POST['month'])) { $mn = mysqli_real_escape_string ($dbc, $_POST['month']); } else { $mn = FALSE; echo '<p class="error"> You forgot to enter the month!</p>'; } // Validate the Year if (!empty($_POST['year'])) { $yr = mysqli_real_escape_string ($dbc, $_POST['year']); } else { $yr = FALSE; echo '<p class="error">You forgot to enter the year!</p>'; } // Setup Date $_SESSION['dob'] = date("Ymd", mktime(0, 0, 0, $mn, $dt, $yr)); //if (($_POST['day'] > 0) and ($_POST['month'] > 0) and ($_POST['year'] > 0)) { //$mdate = "$_POST[$yr]-$_POST[$mn]-$_POST[$dt]"; //} else { // die("Invalid date values supplied."); //} // Validate Date if (!empty($_POST['$mdate'])) { $md = mysqli_real_escape_string ($dbc, $_POST['$mdate']); } else { $md = FALSE; echo '<p class="error">Date didnt work!!</p>'; } // Validate the Ring Number if (!empty($_POST['ringno'])) { $rn = mysqli_real_escape_string ($dbc, $_POST['ringno']); } else { $rn = FALSE; echo '<p class="error">You forgot to enter the Ring Number!</p>'; } // Check everything is okay if ($bn && $sex && $sp) { // Add the bird to the database: $mdate = date("Ymd", mktime(0, 0, 0, $mn, $dt, $yr)); //$q = "INSERT INTO bird (user_id, bird_name, sex, species_id, ringno, dob) VALUES ($_SESSION[user_id], '$_POST[bird_name]', '$_POST[sex]', $_POST[species_id], '$_POST[ringno]', '$_POST[dob]')"; $q = "INSERT INTO bird (user_id, bird_name, sex, species_id, ringno, dob) VALUES ($_SESSION['user_id], $_POST['bird_name'], $_POST['sex'], $_POST['species_id'], $_POST['ringno'], $_SESSION['dob'])"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); if (mysqli_affected_rows($dbc) == 1) { // If it ran OK. // Finish the page echo '<h3>Bird Added</h3>'; exit(); } else { // If it did not run OK. echo '<p class="error">Its gone horribly wrong!!.</p>'; } } else { // If one of the data tests failed. echo '<p class="error">Please try again.</p>'; } // mysqli_close($dbc); } // End of the main Submit conditional. ?> <h3 align="left" class="style2">Add your bird(s) to the database</h3> <form action="test_add_bird.php" method="post"> <p><b>Bird Name:</b> <input type="text" name="bird_name" size="30" maxlength="30" /></p> <p><b>Sex:</b> <select name="sex"> <option value="Female">Female</option> <option value="Male">Male</option> </select> <p><b>Species:</b> <?php $q1 = ("SELECT common_name, species_id FROM species"); $r1 = mysqli_query($dbc, $q1); ?> <select id="species_id" name="species_id"> <option value=''></option> <?php while ($row = mysqli_fetch_array($r1)) { echo "<option value=\"".$row['species_id']."\">".$row['common_name']."</option>\n "; } ?> </select> <p><b>Date of birth / Ownership:<br /> Day:</b><select name="day" > <option value='01'>01</option> <option value='02'>02</option> <option value='03'>03</option> <option value='04'>04</option> <option value='05'>05</option> <option value='06'>06</option> <option value='07'>07</option> <option value='08'>08</option> <option value='09'>09</option> <option value='10'>10</option> <option value='11'>11</option> <option value='12'>12</option> <option value='13'>13</option> <option value='14'>14</option> <option value='15'>15</option> <option value='16'>16</option> <option value='17'>17</option> <option value='18'>18</option> <option value='19'>19</option> <option value='20'>20</option> <option value='21'>21</option> <option value='22'>22</option> <option value='23'>23</option> <option value='24'>24</option> <option value='25'>25</option> <option value='26'>26</option> <option value='27'>27</option> <option value='28'>28</option> <option value='29'>29</option> <option value='30'>30</option> <option value='31'>31</option> </select> <b>Month:</b><select name="month" > <option value='01'>January</option> <option value='02'>February</option> <option value='03'>March</option> <option value='04'>April</option> <option value='05'>May</option> <option value='06'>June</option> <option value='07'>July</option> <option value='08'>August</option> <option value='09'>September</option> <option value='10'>October</option> <option value='11'>November</option> <option value='12'>December</option> </select> <b>Year:</b><input type="text" name="year" size=4 value=2011> </select> <p><b>Ring Number:</b> <input type="text" name="ringno" size="30" maxlength="30" /></p> <p><b>Breeder</b> (Optional): <input type="text" name="breeder" size="30" maxlength="30" /></p> <p><b>Mentor</b> (Optional):<input type="text" name="mentor" size="30" maxlength="30" /></p> </p> <div align="center"><input type="submit" name="submit" value="Add bird to database" /></div> </form> </div> <div class="footer"> <p> <?php include('./includes/footer.inc.php'); ?> </p> </div> </div> </body> </html> Link to comment Share on other sites More sharing options...
Lee Posted March 13, 2012 Author Share Posted March 13, 2012 I dont know if this is okay but I hav got it to work but changing the $_SESSION[dob] = ...... to $_POST[dob] =..... and the page now works. Is there any problem in doing this? Link to comment Share on other sites More sharing options...
margaux Posted March 13, 2012 Share Posted March 13, 2012 I'm a little confused by your code so maybe I didn't understand the original question. Is all this going on in the same test_add_bird.php file? Just before the insert you create $mdate and then don't use it. It looks like you've created a few variables that you're not using e.g. $rn, $bn which you've used real_escape_string on presumably to insert clean data in the database. Why don't you use these variables in your INSERT statement? If you've tested it thoroughly and it does what you want, then maybe I'm missing something. Also there was an error in my previous code, an extra single quote - apologies for that! 1 Link to comment Share on other sites More sharing options...
Lee Posted March 13, 2012 Author Share Posted March 13, 2012 The test_add_bird.php will become the add_bird.php once I have it working as intended. As I say I am very new to this so I have probably made many mistakes and I am probably not explaining myself very well due to my lack of understanding. I had copied the code from examples in the book and tried to modify it to my needs but I keep hitting brick walls because my understand is insufficient and I make many changes trying to fix things, so there is code that is not required. I would like to use the cleaned variables but I cant figure out how to get it to work and I am finding my lack of progress frustrating. If your happy to take the time to help me then I would be grateful because I clearly need a eurika moment. Here is my code that seems to do what I need but not using the cleaned variables. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Bird Registration - Page 1</title> <style type="text/css"> <!-- --> </style> <link href="styles/mystyles.css" rel="stylesheet" type="text/css" /> </head> <body> <div class="container"> <div class="header"><a href="#"><img src="Images/logo.jpg" width="961" height="100" alt="Logo" /></a> </div> <div class="sidebar1"> <?php // ob_start(); session_start(); if($_SESSION['user_id'] > '1'){ include('includes/navbar1.inc.php'); } else { include('includes/navbar.inc.php'); } ?> </div> <div class="content"> <?php require ('includes/config.inc.php'); require (MYSQL); $page_title = 'add_bird'; // Form Data Script if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Handle the form. // Validate the Bird Name if (!empty($_POST['bird_name'])) { $bn = mysqli_real_escape_string ($dbc, $_POST['bird_name']); } else { $bn = FALSE; echo '<p class="error">You forgot to enter a birdname!</p>'; } // Validate the Sex if (!empty($_POST['sex'])) { $sex = mysqli_real_escape_string ($dbc, $_POST['sex']); } else { $sex = FALSE; echo 'p class="error">Please enter the birds sex!</p>'; } // Validate the birds species if (!empty($_POST['species_id'])) { $sp = mysqli_real_escape_string ($dbc, $_POST['species_id']); } else { $sp = FALSE; echo '<p class="error">You forgot to specify the species!</p>'; } // Validate the day if (!empty($_POST['day'])) { $dt = mysqli_real_escape_string ($dbc, $_POST['day']); } else { $dt = FALSE; echo '<p class="error"> You forgot to enter the day!</p>'; } // Validate the Month if (!empty($_POST['month'])) { $mn = mysqli_real_escape_string ($dbc, $_POST['month']); } else { $mn = FALSE; echo '<p class="error"> You forgot to enter the month!</p>'; } // Validate the Year if (!empty($_POST['year'])) { $yr = mysqli_real_escape_string ($dbc, $_POST['year']); } else { $yr = FALSE; echo '<p class="error">You forgot to enter the year!</p>'; } // Setup Date $_POST['dob'] = date("Ymd", mktime(0, 0, 0, $mn, $dt, $yr)); // Validate Date if (!empty($_POST['dob'])) { $md = mysqli_real_escape_string ($dbc, $_POST['dob']); } else { $md = FALSE; echo '<p class="error">Date didnt work!!</p>'; } // Validate the Ring Number if (!empty($_POST['ringno'])) { $rn = mysqli_real_escape_string ($dbc, $_POST['ringno']); } else { $rn = FALSE; echo '<p class="error">You forgot to enter the Ring Number!</p>'; } // Check everything is okay if ($bn && $sex && $sp && $md) { // Add the bird to the database: $q = "INSERT INTO bird (user_id, bird_name, sex, species_id, ringno, dob) VALUES ($_SESSION[user_id], '$_POST[bird_name]', '$_POST[sex]', $_POST[species_id], '$_POST[ringno]', '$_POST[dob]')"; $r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc)); if (mysqli_affected_rows($dbc) == 1) { // If it ran OK. // Finish the page header('Location: test_add_bird_2.php'); exit(); } else { // If it did not run OK. echo '<p class="error">Its gone horribly wrong!!.</p>'; } } else { // If one of the data tests failed. echo '<p class="error">Please try again.</p>'; } // mysqli_close($dbc); } // End of the main Submit conditional. ?> <h3 align="left" class="style2">Add your bird(s) to the database</h3> <form action="test_add_bird.php" method="post"> <p><b>Bird Name:</b> <input type="text" name="bird_name" size="30" maxlength="30" /></p> <p><b>Sex:</b> <select name="sex"> <option value="Female">Female</option> <option value="Male">Male</option> </select> <p><b>Species:</b> <?php $q1 = ("SELECT common_name, species_id FROM species"); $r1 = mysqli_query($dbc, $q1); ?> <select id="species_id" name="species_id"> <option value=''></option> <?php while ($row = mysqli_fetch_array($r1)) { echo "<option value=\"".$row['species_id']."\">".$row['common_name']."</option>\n "; } ?> </select> <p><b>Date of birth / Ownership:<br /> Day:</b><select name="day" > <option value='01'>01</option> <option value='02'>02</option> <option value='03'>03</option> <option value='04'>04</option> <option value='05'>05</option> <option value='06'>06</option> <option value='07'>07</option> <option value='08'>08</option> <option value='09'>09</option> <option value='10'>10</option> <option value='11'>11</option> <option value='12'>12</option> <option value='13'>13</option> <option value='14'>14</option> <option value='15'>15</option> <option value='16'>16</option> <option value='17'>17</option> <option value='18'>18</option> <option value='19'>19</option> <option value='20'>20</option> <option value='21'>21</option> <option value='22'>22</option> <option value='23'>23</option> <option value='24'>24</option> <option value='25'>25</option> <option value='26'>26</option> <option value='27'>27</option> <option value='28'>28</option> <option value='29'>29</option> <option value='30'>30</option> <option value='31'>31</option> </select> <b>Month:</b><select name="month" > <option value='01'>January</option> <option value='02'>February</option> <option value='03'>March</option> <option value='04'>April</option> <option value='05'>May</option> <option value='06'>June</option> <option value='07'>July</option> <option value='08'>August</option> <option value='09'>September</option> <option value='10'>October</option> <option value='11'>November</option> <option value='12'>December</option> </select> <b>Year:</b><input type="text" name="year" size=4 value=2011> </select> <p><b>Ring Number:</b> <input type="text" name="ringno" size="30" maxlength="30" /></p> <p><b>Breeder</b> (Optional): <input type="text" name="breeder" size="30" maxlength="30" /></p> <p><b>Mentor</b> (Optional):<input type="text" name="mentor" size="30" maxlength="30" /></p> </p> <div align="center"><input type="submit" name="submit" value="Add bird to database" /></div> </form> </div> <div class="footer"> <p> <?php include('./includes/footer.inc.php'); ?> </p> </div> </div> </body> </html> Link to comment Share on other sites More sharing options...
margaux Posted March 13, 2012 Share Posted March 13, 2012 where possible I like to use my own variables as opposed to the global ones in mysql statements as I find it easier to read and to code. so this is how I would do it if ($bn && $sex && $sp && $md && $rn) { $q = "INSERT INTO bird (user_id, bird_name, sex, species_id, ringno, dob) VALUES ($uid, '$bn', '$sex', $sp, '$rn', '$md')"; at the top of the page where you check the $_SESSION['user_id'], set the $uid variable at the same time - if ($_SESSION['user_id'] > '1'){ $uid = $_SESSION['user_id]; include('includes/navbar1.inc.php'); } else { include('includes/navbar.inc.php'); } Depending on what you are using $_SESSION['user_id'] for you may also need to set the $uid variable in that else clause. A couple of other things - I think your session_start must be at the very top of the page even before your !DOCTYPE declaration or you will get problems with 'headers already sent'. Also you don't need $_POST['dob']. I originally suggested $_SESSION['dob'] as I thought the data was coming from a different page. The coding for the date validation is a little confusing, may I suggest the following starting with //Set up Date // Setup Date if ($mn && $dt && $yr) { $md = date("Ymd", mktime(0, 0, 0, $mn, $dt, $yr)); } else { $md = FALSE; echo '<p class="error">Please enter valid values in the date fields.</p>'; } Then you can delete the //Validate Date snippet. Finally the validation of sex doesn't check for valid data. I posted some code on another post which you may want to try - ch.2 review and pursue. 1 Link to comment Share on other sites More sharing options...
Lee Posted March 13, 2012 Author Share Posted March 13, 2012 Thank you Thank you Thank you. Your code snippits do EXACTLY what I was trying to achieve. I really appreciate your help as I think I know have a form that works just the way I wanted and a great point of reference for the rest of my rather simple site. Link to comment Share on other sites More sharing options...
margaux Posted March 14, 2012 Share Posted March 14, 2012 Great! Good luck with the rest of the site. If you have any more questions, this forum is helpful, just be sure to start a new topic. Link to comment Share on other sites More sharing options...
Larry Posted March 14, 2012 Share Posted March 14, 2012 Thanks, Margaux, for helping out. I really appreciate it! Link to comment Share on other sites More sharing options...
margaux Posted March 15, 2012 Share Posted March 15, 2012 Thanks Larry - I just passed on what I learned from your books. Link to comment Share on other sites More sharing options...
Recommended Posts