HELP: "insert into" problem in PHP

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Whilst lounging around on 5 Aug 2003 12:50:24 -0700,
kw*****@yahoo.com (newbie_mw) amazingly managed to produce the
following with their Etch-A-Sketch:

Hi, I need urgent help with a novice problem. I would appreciate
any advice, suggestions... Thanks a lot in advance! Here it is:

I created a sign-up sheet (reg.html) where people fill in their
first name, last name, email, etc. The data are then sent to a PHP
script (reg.php). The data are then inserted into a table (reg) in
MS SQL server. I have declared the variables like this:

if (!(isset($_POST['FirstName']))) {
$FirstName = "" ;
} else {
$FirstName = $_POST['FirstName'] ;
}

Then I said the following to make sure people fill in all the info:

if(empty($FirstName) OR empty($LastName) OR empty($Email))
{
echo "Oops, you must complete the form to register. Please use the
browser back button to go back and complete the form.";
echo "</body></html>";
exit;
}

The statement that insert the data to the table is like this:

$qry = "insert into reg values
('$FirstName','$LastName','$Email')";

However, this doesn't work. I looked into examples online, but none
of the "insert into" statements handle varibles (they all insert
actual values such as "Hanna, Smith, hs@yahoo.com', etc.)

Could you tell me what went wrong with this script? I am pretty
sure the problem originates from the "insert" statement.

Thanks!

A PHP Newbie

And the error you received is?

I have an _idea_ what the problem _might_ be, but how can I tell for
sure without knowing what error I'm thinking about assisting you
with?

My initial thought / theory is that you've got more columns than just
those 3 (possibly an ID column amongst other things). Try something
like:
$sql = "
INSERT INTO reg
(
firstname,
lastname,
email
)
VALUES (
$FirstName,
$LastName,
$Email
)
";
I've obviously assumed that you have 'firstname', 'lastname' and
'email' as table columns, you may need to ammend to suit your exact
table structure.
HTH.

Regards,

Ian

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBPzAMGWfqtj251CDhEQIkbgCgo0niSW+WsOlaeRxB/IHiDtFUDtoAoJXp
BhNxNkv9wZcsnp/ce5ukS3ZI
=0C9T
-----END PGP SIGNATURE-----

--
Ian.H [Design & Development]
digiServ Network - Web solutions
www.digiserv.net | irc.digiserv.net | forum.digiserv.net
Programming, Web design, development & hosting.

Hi Ian,

Thanks for help! The columns and variables are exactly matched so it shouldn't
be the problem. Actually the original html and php files are pretty long. But
I guess a more detailed script should help you diagnose the problem. The error
message to the below script is:
---------------------------------
call someoneDB Error:
Warning: mssql_num_rows(): supplied argument is not a valid Sybase result
resource ... line 88
----------------------------------

//... is the folder this file is in//

Here is the (almost) full script:

<?php

// some MS SQL server connection thing that I can't show here :-) //
// below is the original script.//

if (!(isset($_POST['NetID']))) {
$NetID = "" ;
} else {
$NetID = $_POST['NetID'] ;
}

if (!(isset($_POST['FirstName']))) {
$FirstName = "" ;
} else {
$FirstName = $_POST['FirstName'] ;
}

if (!(isset($_POST['LastName']))) {
$LastName = "" ;
} else {
$LastName = $_POST['LastName'] ;
}

if (!(isset($_POST['Email']))) {
$Email = "" ;
} else {
$Email = $_POST['Email'] ;
}

if (!(isset($_POST['Major']))) {
$Major = "" ;
} else {
$Major = $_POST['Major'] ;
}

if (!(isset($_POST['Classification']))) {
$Classification = "" ;
} else {
$Classification = $_POST['Classification'] ;
}

if (!(isset($_POST['How']))) {
$How = "" ;
} else {
$How = $_POST['How'] ;
}

if (!(isset($_POST['Description']))) {
$Description = "" ;
} else {
$Description = $_POST['Description'] ;
}

if(empty($NetID) OR empty($FirstName) OR empty($LastName) OR empty($Email) OR
empty($Major) OR empty($Classification) OR empty($How) OR empty($Description))

{
echo "Oops, you must complete the form to register. Please use the browser
back button to go back and complete the form.";
echo "</body></html>";
exit;
}

$qry = "insert into reg values (";
$qry = $qry."'$NetID'";
$qry = $qry.",'$FirstName'";
$qry = $qry.",'$LastName'";
$qry = $qry.",'$Email'";
$qry = $qry.",'$Major'";
$qry = $qry.",'$Classification'";
$qry = $qry.",'$How'";
$qry = $qry.",'$Description'";
$qry = $qry.")";

$rs=$db->query ($qry);
if (DB::iserror($rs)){print"call someone"; print $rs->getMessage();}

$result = mssql_query("SELECT * FROM reg");
$num_rows = mssql_num_rows($result) ;

if ($num_rows > 10)
{
echo "Sorry, our registration is full. Please stay tuned till the next
one.";
}

else
{
echo "Congratulations, $FirstName! Your have registered for --- ";
echo "<p>";
}

?>

Hope it is clearer now. What's most frustrating is that it worked for a while,
but then when I expanded the columns from 3 to 8 and it just messed up. So
what went wrong?

Newbie

"Ian.H [dS]" wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Whilst lounging around on 5 Aug 2003 12:50:24 -0700,
kw*****@yahoo.com (newbie_mw) amazingly managed to produce the
following with their Etch-A-Sketch:

Hi, I need urgent help with a novice problem. I would appreciate
any advice, suggestions... Thanks a lot in advance! Here it is:

I created a sign-up sheet (reg.html) where people fill in their
first name, last name, email, etc. The data are then sent to a PHP
script (reg.php). The data are then inserted into a table (reg) in
MS SQL server. I have declared the variables like this:

if (!(isset($_POST['FirstName']))) {
$FirstName = "" ;
} else {
$FirstName = $_POST['FirstName'] ;
}

Then I said the following to make sure people fill in all the info:

if(empty($FirstName) OR empty($LastName) OR empty($Email))
{
echo "Oops, you must complete the form to register. Please use the
browser back button to go back and complete the form.";
echo "</body></html>";
exit;
}

The statement that insert the data to the table is like this:

$qry = "insert into reg values
('$FirstName','$LastName','$Email')";

However, this doesn't work. I looked into examples online, but none
of the "insert into" statements handle varibles (they all insert
actual values such as "Hanna, Smith, hs@yahoo.com', etc.)

Could you tell me what went wrong with this script? I am pretty
sure the problem originates from the "insert" statement.

Thanks!

A PHP Newbie

And the error you received is?

I have an _idea_ what the problem _might_ be, but how can I tell for
sure without knowing what error I'm thinking about assisting you
with?

My initial thought / theory is that you've got more columns than just
those 3 (possibly an ID column amongst other things). Try something
like:

$sql = "
INSERT INTO reg
(
firstname,
lastname,
email
)
VALUES (
$FirstName,
$LastName,
$Email
)
";

I've obviously assumed that you have 'firstname', 'lastname' and
'email' as table columns, you may need to ammend to suit your exact
table structure.

HTH.

Regards,

Ian

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBPzAMGWfqtj251CDhEQIkbgCgo0niSW+WsOlaeRxB/IHiDtFUDtoAoJXp
BhNxNkv9wZcsnp/ce5ukS3ZI
=0C9T
-----END PGP SIGNATURE-----

--
Ian.H [Design & Development]
digiServ Network - Web solutions
www.digiserv.net | irc.digiserv.net | forum.digiserv.net
Programming, Web design, development & hosting.