[stu26]

I just did this successfully a couple of days ago on another site, but for some reason I cannot get my current project to insert data into MySQL. I have thoroughly gone over it but cannot find a problem. Knowing that I just did the same thing a couple of days ago I would imagine it's some minor mistake that I am missing. Could someone take a look at the code for me and see if I am doing anything wrong?

Thanks!

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link type="text/css" rel="stylesheet" href="stylesheet.css" />
<title>My Great Beginnings - Add User</title>

<script type="text/javascript">
	function redirect(){
		alert('User Successfully Added');
		window.location="usermanagement.php";
		}
</script>

</head>

<body>
<p><b>Adding New User...</b></p>
<?php
	
	//Open Database and configuration
	include 'config.php';
	include 'opendb.php';

	//session_start();
	
	//Declare variables
	$userid = $_POST['newuserid'];
	$password = $_POST['newpassword'];
	$cam0 = $_POST['cam0'];
	$cam1 = $_POST['cam1'];
	$cam2 = $_POST['cam2'];
	$cam3 = $_POST['cam3'];
	
	$array[0] = "Camera 1";
	$array[1] = "Camera 2";
	$array[2] = "Camera 3";
	$array[3] = "Camera 4";
	$array[4] = "Camera 5";
	$array[5] = "Camera 6";
	$array[6] = "Camera 7";
	$array[7] = "Camera 8";
	$array[8] = "Camera 9";
	$array[9] = "Camera 10";
	$array[10] = "Camera 11";
	$array[11] = "Camera 12";
	$array[12] = "Camera 13";
	$array[13] = "Camera 14";
	$array[14] = "Camera 15";
	$array[15] = "Camera 16";
	
	$cam0 = array_search($cam0, $array);
	$cam1 = array_search($cam1, $array);
	$cam2 = array_search($cam2, $array);
	$cam3 = array_search($cam3, $array);
	
	echo $userid, '<br />';
	echo $password, '<br />';
	echo $cam0, '<br />';
	echo $cam1, '<br />';
	echo $cam2, '<br />';
	echo $cam3, '<br />';

	$query="INSERT INTO users (username, password) VALUES ('$userid', '$password')"; 
	mysql_query($query) or die('Error, Insert Failed'); 
	
	mysql_close($conn);
	
	//Confirm User Addition
	/*echo '<script type="text/javascript">alert("New User Added Successfully");</script>';*/
					
	echo '<script type="text/javascript">
				redirect();
			</script>';			
?>

</body>
</html>

[snoj]

try using mysql_error() instead of 'Error, Insert Failed', that may give you a hint at what's going wrong.

[stu26]

hotsnoj, on 2 Aug, 2007 - 07:20 AM, said:

try using mysql_error() instead of 'Error, Insert Failed', that may give you a hint at what's going wrong.

Thanks! It actually just started working inexplicably without me even doing anything to it, come to think of it I had the same problem with the other site I did. I had trouble with it and it just started working inexplicably too. I wonder if it was something on the server side?

Anyway, thanks for the help, mysql_error() will definitely come in handy.

[stu26]

Quick Update. I started receiving the same error again, so I used the mysql_error() instead of die("Error"). It works fine without any errors like that and as soon as I change it back to die I get the same error again. Not sure why this causes a problem but that appears to be the culprit.

Thanks again!

[snoj]

Put mysql_error() in die() if you're not doing so already.

[serializer]

stu26, on 2 Aug, 2007 - 10:56 AM, said:

Quick Update. I started receiving the same error again, so I used the mysql_error() instead of die("Error"). It works fine without any errors like that and as soon as I change it back to die I get the same error again. Not sure why this causes a problem but that appears to be the culprit.

Thanks again!

That's really very strange. The contents of the die() block shouldn't affect the outcome of the mysql_query() at all! My best guess is there's something else causing it, and it's just coincidence that it changed at the same time as you changed the die() call.

In all truth, I don't like die() calls at all. It means your entire script bombs out mid-flow and the user sees an unintelligable message with no clue as to what's gone wrong or where to go next. Much better to just print a "We are experiencing database problems, please try resubmitting in a minute or two" and redisplay the form containing whatever the user already inputted, so they haven't lost whatever they were trying to send. Any database insertion errors need to be handled in an intelligent way, because things can and will go wrong at any time.

Since I can't see your database structure, I can't suggest what could be causing the problem. Possibly you have some validation going on in your database (i.e. unique fields, that kind of thing) which is being violated by some of your test posts.

p.s. Instead of all that Javascript, try

header("Location: usermanagement.php?userAdded=true");

Then somehwere in usermanagement.php:

<? if(isset($_GET["userAdded"]) && $_GET["userAdded"]=="true") { ?>
<p>User successfully added</p>
<? } ?>

Again it's a matter of preference but I reckon that's much simpler, and alert boxes are pretty ugly...

p.p.s. You need to "escape" any values from form inputs before inserting them into MySQL; otherwise this is open to SQL Injection Attacks, which are a pretty easy way for anyone to destroy your database. Read: How to prevent SQL Injection Attacks with PHP and MySQL

--serializer

This post has been edited by serializer: 03 August 2007 - 01:31 PM

[Styx]

That php redirect using header() needs to be above everything else, including the html unless you use an output buffer.

Also, you can replace all those camera additions with a loop or manually putting them in:

<?php
$array = array();
for ($i = 1; $i <= 15; $i++)
{
  $array[] = "Camera $i";
}
?>

And die() is very helpful if you want the script to stop processing. Sometimes it's necessary that processing end if an error occurs somewhere. The error could be a vital part of the code. But if you don't like it, you can always use output buffering or similar methods to make your own die function.