Can't Insert Data

I have a site hosted with an isp, they are using unix, apache, mysql, php.

I decided to try and setup the same locally, but I'm using windows 2000.

My scripts that read data from the database work fine with no issues, but
the scripts that insert data into the database, don't seem to work. I get no
data that is provided via a form. I do however get data into the database
that is like the system time etc that has '' in the insert.

I'm not sure how to trouble shoot this.. any ideas would be appreciated.

"entoone" <entoone@pacbell.net>
> I have a site hosted with an isp, they are using unix, apache, mysql, php.
>
> I decided to try and setup the same locally, but I'm using windows 2000.
>
> My scripts that read data from the database work fine with no issues, but
> the scripts that insert data into the database, don't seem to work. I get
no
> data that is provided via a form. I do however get data into the database
> that is like the system time etc that has '' in the insert.
>
> I'm not sure how to trouble shoot this.. any ideas would be appreciated.
>

Maybe can you provide some code where you try to insert data into the
database?

What kind of error do you get (use: error_reporting(E_ALL) )!

Michael

Hello Michael:

I get no error, I get the same indication that the data went into the
database as I do on the online system, but when you look at the data that
was inserted.. it's not there.

I do get the following columns populated with data
id, pword, dtestart, dteupdate

The information from the form is passed to a php file, which is as follows..
Again this all works while being hosted from my ISP online.
Thanks in advance for any suggestions.


<head>
<meta HTTP-EQUIV="refresh" content=1;url="recadd.htm">
</head>
<?php
mysql_connect("localhost", "xxx", "xxx") or die("Could not connect
to database server");
mysql_select_db("xxx") or die("Could not locate
database");

/* Check if user allready exists if not them add stuff */
$query = "SELECT * FROM contacts WHERE hcounty='$hcounty' AND
first='$first' AND last='$last'";
$result = mysql_query($query) or die("Failure to get infor from the
database");
$count = mysql_num_rows($result);
if($count == 0)
{
/* making stuff ready to insert and insert */
$pword = md5($pword);
$comments = substr($comments, 0,525);
$comments = htmlspecialchars($comments, ENT_QUOTES);
$query = "INSERT INTO contacts VALUES
('','$refcode','$first','$last','$address1','$addr ess2','$city','$state','$z
ip','$phone','$pager','$mobile','$fax','$email','$ web','$prefmethod','$comnu
mber','$comexpdte','$commexp','$fees','$travelmax' ,'$digdocs','$lang','$esrv
','$lprinter','$ascmember','$comments','$hcounty', '','$pword',NOW(),'')";
$result = mysql_query($query) or die("Failure to write to database");
print("<B><U><center><h2>Record Added - Database has been
updated</h2></center></u></b> ");
/* */
} else {
print("<B><U><center><h2>Duplicate > > Entry Found - Can Not Add
Listing</h2></center></u></b>");
}
/* */

mysql_close();

?>



"Michael Meckelein" <michael@go-on-line.de> wrote in message
news:bv5tke$ntc8j$1@ID-208606.news.uni-berlin.de...
> "entoone" <entoone@pacbell.net>
> > I have a site hosted with an isp, they are using unix, apache, mysql,
php.
> >
> > I decided to try and setup the same locally, but I'm using windows 2000.
> >
> > My scripts that read data from the database work fine with no issues,
but
> > the scripts that insert data into the database, don't seem to work. I
get
> no
> > data that is provided via a form. I do however get data into the
database
> > that is like the system time etc that has '' in the insert.
> >
> > I'm not sure how to trouble shoot this.. any ideas would be appreciated.
> >
>
> Maybe can you provide some code where you try to insert data into the
> database?
>
> What kind of error do you get (use: error_reporting(E_ALL) )!
>
> Michael
>

On 27-Jan-2004, "entoone" <entoone@pacbell.net> wrote:

> I get no error, I get the same indication that the data went into the
> database as I do on the online system, but when you look at the data that
> was inserted.. it's not there.
>
> I do get the following columns populated with data
> id, pword, dtestart, dteupdate
>
> The information from the form is passed to a php file, which is as
> follows..
> Again this all works while being hosted from my ISP online.
> Thanks in advance for any suggestions.
>
>
> <head>
> <meta HTTP-EQUIV="refresh" content=1;url="recadd.htm">
> </head>
> <?php
> mysql_connect("localhost", "xxx", "xxx") or die("Could not connect
> to database server");
> mysql_select_db("xxx") or die("Could not locate
> database");
>
> /* Check if user allready exists if not them add stuff */
> $query = "SELECT * FROM contacts WHERE hcounty='$hcounty' AND
> first='$first' AND last='$last'";
> $result = mysql_query($query) or die("Failure to get infor from the
> database");
> $count = mysql_num_rows($result);
> if($count == 0)
> {
> /* making stuff ready to insert and insert */
> $pword = md5($pword);
> $comments = substr($comments, 0,525);
> $comments = htmlspecialchars($comments, ENT_QUOTES);
> $query = "INSERT INTO contacts VALUES
> ('','$refcode','$first','$last','$address1','$addr ess2','$city','$state','$z
> ip','$phone','$pager','$mobile','$fax','$email','$ web','$prefmethod','$comnu
> mber','$comexpdte','$commexp','$fees','$travelmax' ,'$digdocs','$lang','$esrv
> ','$lprinter','$ascmember','$comments','$hcounty', '','$pword',NOW(),'')";
> $result = mysql_query($query) or die("Failure to write to database");
> print("<B><U><center><h2>Record Added - Database has been
> updated</h2></center></u></b> ");
> /* */
> } else {
> print("<B><U><center><h2>Duplicate > > Entry Found - Can Not Add
> Listing</h2></center></u></b>");
> }
> /* */
>
> mysql_close();
>
> ?>

Looks like register_globals is off and you need to get your data from
$_POST[]

--
Tom Thackrey
www.creative-light.com
tom (at) creative (dash) light (dot) com
do NOT send email to jamesbutler@willglen.net (it's reserved for spammers)

On 2004-01-27, entoone <entoone@pacbell.net> wrote:
> $query = "SELECT * FROM contacts WHERE hcounty='$hcounty' AND
> first='$first' AND last='$last'";

Where do $hcountry etc come from? Are they being posted/submitted?
Then you probably find them in $_GET['hcountry'] or $_POST['hcountry'].
More info: http://www.php.net/manual -> variables -> predefined variables

You should do some error checking on your input too.

> $result = mysql_query($query) or die("Failure to get infor from the
> database");
> $count = mysql_num_rows($result);
> if($count == 0)
> {
> /* making stuff ready to insert and insert */

You should leave the testing to mysql. Use the UNIQUE modifier to put
constraints on the values that can be inserted.

If you have more than one instance of this script running, there is a
chance you run into trouble.

fe: user1 sends 'country' -> select ... -> returns 0 rows
user2 sends 'country' -> select ... -> returns 0 rows
user1 -> insert country
user2 -> insert country -> problem!


--
http://home.mysth.be/~timvw

ah, thanks Tim!
"Tim Van Wassenhove" <euki@pi.be> wrote in message
news:bv69sf$o1ki9$2@ID-188825.news.uni-berlin.de...
> On 2004-01-27, entoone <entoone@pacbell.net> wrote:
> > $query = "SELECT * FROM contacts WHERE hcounty='$hcounty' AND
> > first='$first' AND last='$last'";
>
> Where do $hcountry etc come from? Are they being posted/submitted?
> Then you probably find them in $_GET['hcountry'] or $_POST['hcountry'].
> More info: http://www.php.net/manual -> variables -> predefined variables
>
> You should do some error checking on your input too.
>
> > $result = mysql_query($query) or die("Failure to get infor from the
> > database");
> > $count = mysql_num_rows($result);
> > if($count == 0)
> > {
> > /* making stuff ready to insert and insert */
>
> You should leave the testing to mysql. Use the UNIQUE modifier to put
> constraints on the values that can be inserted.
>
> If you have more than one instance of this script running, there is a
> chance you run into trouble.
>
> fe: user1 sends 'country' -> select ... -> returns 0 rows
> user2 sends 'country' -> select ... -> returns 0 rows
> user1 -> insert country
> user2 -> insert country -> problem!
>
>
> --
> http://home.mysth.be/~timvw

Thank you Tom. I'll see how I can turn that on.

"Tom Thackrey" <use.signature@nospam.com> wrote in message
news:1nwRb.16747$N16.3868@newssvr27.news.prodigy.c om...
>
> On 27-Jan-2004, "entoone" <entoone@pacbell.net> wrote:
>
> > I get no error, I get the same indication that the data went into the
> > database as I do on the online system, but when you look at the data
that
> > was inserted.. it's not there.
> >
> > I do get the following columns populated with data
> > id, pword, dtestart, dteupdate
> >
> > The information from the form is passed to a php file, which is as
> > follows..
> > Again this all works while being hosted from my ISP online.
> > Thanks in advance for any suggestions.
> >
> >
> > <head>
> > <meta HTTP-EQUIV="refresh" content=1;url="recadd.htm">
> > </head>
> > <?php
> > mysql_connect("localhost", "xxx", "xxx") or die("Could not connect
> > to database server");
> > mysql_select_db("xxx") or die("Could not locate
> > database");
> >
> > /* Check if user allready exists if not them add stuff */
> > $query = "SELECT * FROM contacts WHERE hcounty='$hcounty' AND
> > first='$first' AND last='$last'";
> > $result = mysql_query($query) or die("Failure to get infor from the
> > database");
> > $count = mysql_num_rows($result);
> > if($count == 0)
> > {
> > /* making stuff ready to insert and insert */
> > $pword = md5($pword);
> > $comments = substr($comments, 0,525);
> > $comments = htmlspecialchars($comments, ENT_QUOTES);
> > $query = "INSERT INTO contacts VALUES
> >
('','$refcode','$first','$last','$address1','$addr ess2','$city','$state','$z
> >
ip','$phone','$pager','$mobile','$fax','$email','$ web','$prefmethod','$comnu
> >
mber','$comexpdte','$commexp','$fees','$travelmax' ,'$digdocs','$lang','$esrv
> >
','$lprinter','$ascmember','$comments','$hcounty', '','$pword',NOW(),'')";
> > $result = mysql_query($query) or die("Failure to write to
database");
> > print("<B><U><center><h2>Record Added - Database has been
> > updated</h2></center></u></b> ");
> > /* */
> > } else {
> > print("<B><U><center><h2>Duplicate > > Entry Found - Can Not Add
> > Listing</h2></center></u></b>");
> > }
> > /* */
> >
> > mysql_close();
> >
> > ?>
>
> Looks like register_globals is off and you need to get your data from
> $_POST[]
>
> --
> Tom Thackrey
> www.creative-light.com
> tom (at) creative (dash) light (dot) com
> do NOT send email to jamesbutler@willglen.net (it's reserved for spammers)

I turned register_globals to on, and everything works fine now. I will work
on coverting to the other method while register_globals are off. As it looks
as everyone is suggesting for security a better method.
I'm still very new to php,mysql etc. So thanks for helping me.

I do have one other question if you could help me with I would greatly
appreciate it.

In my results, I have a button that links the button in the results to bring
up a more detailed page with information on that specific row.
When I click the button, to bring up the next page (via php page) it is
totally blank. I'm not sure what that would be, as it seems it's not passing
the information correctly?

Any ideas?

"Tom Thackrey" <use.signature@nospam.com> wrote in message
news:1nwRb.16747$N16.3868@newssvr27.news.prodigy.c om...
>
> On 27-Jan-2004, "entoone" <entoone@pacbell.net> wrote:
>
> > I get no error, I get the same indication that the data went into the
> > database as I do on the online system, but when you look at the data
that
> > was inserted.. it's not there.
> >
> > I do get the following columns populated with data
> > id, pword, dtestart, dteupdate
> >
> > The information from the form is passed to a php file, which is as
> > follows..
> > Again this all works while being hosted from my ISP online.
> > Thanks in advance for any suggestions.
> >
> >
> > <head>
> > <meta HTTP-EQUIV="refresh" content=1;url="recadd.htm">
> > </head>
> > <?php
> > mysql_connect("localhost", "xxx", "xxx") or die("Could not connect
> > to database server");
> > mysql_select_db("xxx") or die("Could not locate
> > database");
> >
> > /* Check if user allready exists if not them add stuff */
> > $query = "SELECT * FROM contacts WHERE hcounty='$hcounty' AND
> > first='$first' AND last='$last'";
> > $result = mysql_query($query) or die("Failure to get infor from the
> > database");
> > $count = mysql_num_rows($result);
> > if($count == 0)
> > {
> > /* making stuff ready to insert and insert */
> > $pword = md5($pword);
> > $comments = substr($comments, 0,525);
> > $comments = htmlspecialchars($comments, ENT_QUOTES);
> > $query = "INSERT INTO contacts VALUES
> >
('','$refcode','$first','$last','$address1','$addr ess2','$city','$state','$z
> >
ip','$phone','$pager','$mobile','$fax','$email','$ web','$prefmethod','$comnu
> >
mber','$comexpdte','$commexp','$fees','$travelmax' ,'$digdocs','$lang','$esrv
> >
','$lprinter','$ascmember','$comments','$hcounty', '','$pword',NOW(),'')";
> > $result = mysql_query($query) or die("Failure to write to
database");
> > print("<B><U><center><h2>Record Added - Database has been
> > updated</h2></center></u></b> ");
> > /* */
> > } else {
> > print("<B><U><center><h2>Duplicate > > Entry Found - Can Not Add
> > Listing</h2></center></u></b>");
> > }
> > /* */
> >
> > mysql_close();
> >
> > ?>
>
> Looks like register_globals is off and you need to get your data from
> $_POST[]
>
> --
> Tom Thackrey
> www.creative-light.com
> tom (at) creative (dash) light (dot) com
> do NOT send email to jamesbutler@willglen.net (it's reserved for spammers)

I fixed it.. syntax! :)

"entoone" <entoone@pacbell.net> wrote in message
news:gvyRb.6800$Dx6.19@newssvr29.news.prodigy.com. ..
> ah, thanks Tim!
> "Tim Van Wassenhove" <euki@pi.be> wrote in message
> news:bv69sf$o1ki9$2@ID-188825.news.uni-berlin.de...
> > On 2004-01-27, entoone <entoone@pacbell.net> wrote:
> > > $query = "SELECT * FROM contacts WHERE hcounty='$hcounty' AND
> > > first='$first' AND last='$last'";
> >
> > Where do $hcountry etc come from? Are they being posted/submitted?
> > Then you probably find them in $_GET['hcountry'] or $_POST['hcountry'].
> > More info: http://www.php.net/manual -> variables -> predefined
variables
> >
> > You should do some error checking on your input too.
> >
> > > $result = mysql_query($query) or die("Failure to get infor from
the
> > > database");
> > > $count = mysql_num_rows($result);
> > > if($count == 0)
> > > {
> > > /* making stuff ready to insert and insert */
> >
> > You should leave the testing to mysql. Use the UNIQUE modifier to put
> > constraints on the values that can be inserted.
> >
> > If you have more than one instance of this script running, there is a
> > chance you run into trouble.
> >
> > fe: user1 sends 'country' -> select ... -> returns 0 rows
> > user2 sends 'country' -> select ... -> returns 0 rows
> > user1 -> insert country
> > user2 -> insert country -> problem!
> >
> >
> > --
> > http://home.mysth.be/~timvw
>
>

On 2004-01-27, entoone <entoone@pacbell.net> wrote:
> I turned register_globals to on, and everything works fine now. I will work
> on coverting to the other method while register_globals are off. As it looks
> as everyone is suggesting for security a better method.
> I'm still very new to php,mysql etc. So thanks for helping me.

Correctly? What happens if you submit the value
belgium';DELETE * FROM contacts; for the country field ?

--
http://home.mysth.be/~timvw