Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

0

Not Posting Variable To Database

Started by Steve Marcano, Feb 11 2009 12:18 AM

You cannot reply to this topic
Go to first unread post

1 reply to this topic

#1 Steve Marcano

Young Padawan

Members
31 posts

Gender:Male
Location:Tucson, Arizona

Posted 11 February 2009 - 12:18 AM

My problem here is that when the form submits it does not insert the country into it. It dawned on me that the variable doesn't get put inside the form so it's as if it's not apart of the form so how to I do that so that when the form submits it also includes the country name.

function addarena() 
{
	$country = $_GET['country'];
	print '<h1 class="backstage">Arena Management</h1><br />';
	print '<h2 class="backstage">Add New Arena</h2><br />';
	print '<form name="addarena" method="post" action="backstage.php" id="addarena">';
	print '<table width="100%" class="table2">';
	print '<tr>';
	print '<td width="120" class="rowheading" valign="center">Arena:</td><td class="row3"><input type="text" name="arena" class="fieldtext490"></td>';
	print '</tr>';
	print '<tr>';
	print '<td width="120" class="rowheading" valign="center">City, State:</td><td class="row3"><input type="text" name="citystate" class="fieldtext490"></td>';
	print '</tr>';
	print '<tr>';
	print '<td width="120" class="rowheading" valign="center">Capacity:</td><td class="row3"><input type="text" name="capacity" class="fieldtext140"></td>';
	print '</tr>';
	print '</table><br />';
	print '<input type="hidden" name="country" value="$country">';  
	print '<input type="submit" value="Save Arena" class="button" name="addarena"><br /><br />';
	print '<input type="button" value="Return to Arena List" class="button200"><br /><br />';
	print '<h2 class="backstage"><input type="button" value="Return to Main Menu" class="button200"></form></h2>';
}

//Form was submitted - determine the form
	if ( isset ( $_POST['addarena'] ) ) {
		// Define the query.
		$arena = $_POST['arena'];
		$capacity = $_POST['capacity'];
		$citystate = $_POST['citystate'];
		
		$query = "INSERT INTO `arenas` (`country`, `citystate`, `arena`, `capacity`) VALUES ('".addslashes($country)."','".addslashes($citystate)."', '".addslashes($arena)."', '".addslashes($capacity)."')";
		
		// Execute the query.
		if (@mysql_query ( $query )) {
			print '<p>The arena has been added.</p>';
		} else {
			print '<p>Could not add the entry because: <b>"' . mysql_error() . '"</b>. The query was '.$query.'.</p>';
		}
		
		//mysql_close ();
	
	}

Back to top

#2 rc69

PHP Master PD

P2L Staff
3,827 posts

Gender:Male
Location:Here
Interests:Web Development

Posted 11 February 2009 - 01:09 AM

Looks to me as though you simply forgot to define the variable $country.

Two other tips while i'm here though:
1. You should use mysql_real_escape_string(), not addslashes() for securing your mysql queries.
2. You may as well "addslashes" when you define the varaible.

i.e.

		$arena = mysql_real_escape_string($_POST['arena']);
		$capacity = mysql_real_escape_string($_POST['capacity']);
		$citystate = mysql_real_escape_string($_POST['citystate']);
		$country = mysql_real_escape_string($_POST['country']); // This line was missing.

		$query = "INSERT INTO `arenas` (`country`, `citystate`, `arena`, `capacity`) VALUES ('".$country."','".$citystate."', '".$arena."', '".$capacity."')";

Edited by rc69, 11 February 2009 - 01:09 AM.

Back to top

Back to Programming and General Web Design · Next Unread Topic →

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users