4 Replies - 715 Views - Last Post: 16 January 2013 - 05:35 PM Rate Topic: -----

#1 xuany  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 23
  • Joined: 03-March 10

data not stored in db

Posted 13 January 2013 - 06:23 AM

Dear all,
is there any wrong with my codes? the data is not stored in the db, but when i click submit, it come out the message form successfully registered.
Please help.

thank you.

<?php
include "layout.php" ;?>
<html>

<head>
<title>Registration</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script type="text/Javascript">
<!--
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}

function MM_validateForm() { //v4.0
  var i,p,q,nm,test,num,min,max,errors='',args=MM_validateForm.arguments;
  for (i=0; i<(args.length-2); i+=3) { test=args[i+2]; val=MM_findObj(args[i]);
    if (val) { nm=val.name; if ((val=val.value)!="") {
      if (test.indexOf('isEmail')!=-1) { p=val.indexOf('@');
        if (p<1 || p==(val.length-1)) errors+='- '+nm+' must contain an e-mail address.\n';
      } else if (test!='R') { num = parseFloat(val);
        if (isNaN(val)) errors+='- '+nm+' must contain a number.\n';
        if (test.indexOf('inRange') != -1) { p=test.indexOf(':');
          min=test.substring(8,p); max=test.substring(p+1);
          if (num<min || max<num) errors+='- '+nm+' must contain a number between '+min+' and '+max+'.\n';
    } } } else if (test.charAt(0) == 'R') errors += '- '+nm+' is required.\n'; }
  } if (errors) alert('*****  Invalid:  *****\n'+errors);
  document.MM_returnValue = (errors == '');
}
//-->
</script>
<style type="text/css">
<!--
body {
	font: 100%/1.4 Verdana, Arial, Helvetica, sans-serif;
	background: #fdfbfb;
	margin: 0;
	padding: 0;
	color: #000;
	font-size:14px; 
}
ul, ol, dl { 
	padding: 0;
	margin: 0;
}
h1, h2, h3, h4, h5, h6, p {
	margin-top: 0;	
	padding-right: 15px;
	padding-left: 15px; 
}
a img { 
	border: none;
}
a:link {
	color: #03F;
	text-decoration: none;
	
}
a:visited {
	color: #6E6C64;
	text-decoration: none;
}
a:hover, a:active, a:focus { 
	text-decoration: none;
	color: #F00;
}

.container {
	width: 99%;
	background: #FFF;
	margin: auto auto; 
	overflow: hidden; 
}

.content {
	width: 100%;
	float: right;
	padding-top: 0px;
	padding-right: 0;
	padding-bottom: 10px;
	padding-left: 0;
	background-color:#fdfbfb;
}
.style9 {color: #FFFFFF;
	font-family: Verdana, Arial, Helvetica, sans-serif;
	font-size: 12px;
	font-weight: bold;
}
.style1 {font-size: large;
	font-weight: bold;
	font-family: Verdana, Arial, Helvetica, sans-serif;
}
.style13 {font-size: medium;
	color: #FFFFFF;
}
.style2 {font-size: medium}
.style15 {color: #CC0000; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bold; }
.style17 {color: #3300FF; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bold; }
.style27 {color: #FFFF00}
}
NRA{font-family: Arial; font-size: 16pt;}
.style21 {font-size: medium;
	color: #FFFFFF;
}
-->
</style>
</head>

<body>
<div class="container">
  <div class="content">
   <table width="100%" border="1">
      <tr>
      <td align="left" valign="middle"><table width="100%" border="0">
        <tr>
         <td width="25" align="left" valign="middle">&nbsp;</td>
          <td width="666" align="left" valign="middle"><strong><font color="#990000" size="3">Registration Status</font></strong></td>
          <td width="407" align="right"><span class="style7"><strong>User :</strong></span><font size="2"><font color="#000000" > <? print "$msg"; ?></font></font> </td>
          <!---  <font color="#000000" size="2"><? print "$msg2"; ?></font></span>-->
         <!-- <font color="#000000"><? print "$msg1"; ?>-->
        </tr>
      </table></td>
      </tr>
</table>
<table width="86%" height="310" border="0" align="center" cellpadding="0" cellspacing="0">
  &nbsp; 
  <tr align="center"> 
    <td height="308" colspan="9" valign="top"> <div align="center"> 
        <table width="100%" border="0" cellpadding="0" cellspacing="0">
          <!--DWLayoutTable-->
          <tr align="center" valign="middle"> 
            <td width="13%" height="1"></td>
            <td width="10%"></td>
            <td width="9%"></td>
            <td width="9%"></td>
            <td width="8%"></td>
            <td width="8%"></td>
            <td width="10%"></td>
            <td width="11%"></td>
            <td width="10%"></td>
            <td width="12%"></td>
          </tr>
        </table>
        <p><strong>
                  
<?php
include "connection.php";

		$bahagian=$_POST["country"];
		$daerah=$_POST["state"];
		$bertugas=$_POST["city"];
		$nama=$_POST["txtnama"];
		$gred=$_POST["lstgred"];
		$procedure=$_POST["lstprosidur"];
		$tarikh=$_POST["date5"];
		$sijil=$_POST["txtsijil"];
		
		$sql = "INSERT into master(id,bahagian,daerah,bertugas,nama,gred,prosedure,tarikh,nosijil)VALUES('','$bahagian','$daerah','$bertugas','$nama','$gred','$procedure','$tarikh','$sijil')";
		$result=mysql_query($query) or die (mysql_error());
 				
	echo "Form Successfully Registered";
	echo "<br /> <META HTTP-EQUIV = 'Refresh' Content = '4; URL =registration.php'>";	

?>
        </p>
          
       
    </div>
      <div align="center"> </div>
      <blockquote> 
        <div align="center"><strong> </strong></div>
      </blockquote></td>
  <tr> 
    <td width="54" height="2"></td>
    <td width="54"></td>
    <td width="97"></td>
    <td width="4"></td>
    <td width="148"></td>
    <td width="148"></td>
    <td width="30"></td>
    <td width="303"></td>
    <td width="124"></td>
</tr>
<!-- end .content --></div>
  <!-- end .container --></div>
</body>
</html>


Is This A Good Question/Topic? 0
  • +

Replies To: data not stored in db

#2 Atli  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 3719
  • View blog
  • Posts: 5,994
  • Joined: 08-June 10

Re: data not stored in db

Posted 13 January 2013 - 08:52 AM

View Postxuany, on 13 January 2013 - 01:23 PM, said:

is there any wrong with my codes? the data is not stored in the db, but when i click submit, it come out the message form successfully registered.

Why ask the question when your next sentence answers it? :D

First of all, your code is wide open to SQL Injection. Fixing that is a top priority. The details about how that is done are on the page I linked to, but just to quickly point out the "best" way to do that: Drop the mysql_* functions and use prepared statements instead.

And second, you are trying to insert the POST data without verifying that it was actually sent. That is a huge mistake. Always use empty() or isset() to verify that input data is there before trying to use it.

Once that is taken care of, and if the problem is still happening to you, then I would start trying to figure out a way to fix it.
Was This Post Helpful? 2
  • +
  • -

#3 andrewsw  Icon User is online

  • It's just been revoked!
  • member icon

Reputation: 3640
  • View blog
  • Posts: 12,613
  • Joined: 12-December 12

Re: data not stored in db

Posted 13 January 2013 - 08:59 AM

.. in addition, don't supply a value (even empty) for an auto-incremented ID:

$sql = "INSERT into master(bahagian,daerah,bertugas,nama,gred,prosedure,tarikh,nosijil)VALUES('$bahagian','$daerah','$bertugas','$nama','$gred','$procedure','$tarikh','$sijil')";

Was This Post Helpful? 3
  • +
  • -

#4 ZevhEr  Icon User is offline

  • New D.I.C Head

Reputation: 9
  • View blog
  • Posts: 38
  • Joined: 18-July 09

Re: data not stored in db

Posted 15 January 2013 - 01:21 AM

Try this:
Change $query to $sql
$sql = "INSERT into master(id,bahagian,daerah,bertugas,nama,gred,prosedure,tarikh,nosijil)VALUES('','$bahagian','$daerah','$bertugas','$nama','$gred','$procedure','$tarikh','$sijil')";
		$result=mysql_query($sql) or die (mysql_error());


This post has been edited by ZevhEr: 15 January 2013 - 01:23 AM

Was This Post Helpful? 1
  • +
  • -

#5 publicFunction  Icon User is offline

  • New D.I.C Head

Reputation: 10
  • View blog
  • Posts: 10
  • Joined: 06-October 10

Re: data not stored in db

Posted 16 January 2013 - 05:35 PM

Beyond the SQL Query, your core logic is flawed, that page it will always return your success message.

Try running a check against your current table to get the last entry and then check that var against the same sql select and see if the ID is the same or not. Also you really need to separate your code out into separate files, it will make it way easier to manage and debug any errors.

A quick personal preference try not to use die and/or echo out your mysql_error() functions to screen. Its a big security issue. If you do the above approach it will allow you more control over your code, debugging and security.
Was This Post Helpful? 4
  • +
  • -

Page 1 of 1