Multi entry form not passing info to mysql database

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • skybluediver
    New Member
    • Jan 2012
    • 2
    #1

    Multi entry form not passing info to mysql database

    I am trying create a form for my club which takes info from a database to enable a sub selection of trainees from the database. Then additionally select a from a list of events and INSERT both back into a database. It writes to the database OK and loops through the correct number of times but doesnt pass $trainee value to the database
    What is failing is the passing of the info from
    print ' <input type="hidden" name="Trainee" value= ' . $trainee . ' />
    to the $query in the if(isset($_POST['formSubmit'])) loop.

    Anyone tell me where I am going wrong
    Attached Files
    Tags: None
    • dlite922
      Recognized Expert Top Contributor
      • Dec 2007
      • 1586
      #2
      you're using an @ sign in front of your mysql_query() function. You may have a bad query.

      do a die(var_dump($q uery)); before you run the query and manually run that query yourself in the DB to see if there's a problem with it if the issue is not obvious.

      Also SANITIZE your variables. Look into a little thing called SQL Injection. If this site is internet facing, I could totally sabotage your inputs by putting in malicious values. Start with mysql_real_esca pe_string() function. See the manual.


      Dan

        Comment

        • skybluediver
          New Member
          • Jan 2012
          • 2
          #3
          Thanks for the response. Your comments noted about security, I stripped all extra code for fault finding, but will investigate your suggestions. FYI, the form is accessed by a restricted encrypted login to the website.
          Removed the @ didnt make any difference. The query does work and posts all the info except the $trainee value which currently appears as / in the database field, which I believe to be the closing / of the /> in the <input type "hidden" name="Trainee" value= ' . $trainee . ' /> line.
          Any other thoughts or observations

            Comment

            • dlite922
              Recognized Expert Top Contributor
              • Dec 2007
              • 1586
              #4
              You just need to trace your code. Put in die(var_dump($v ariable_name_yo u_want)) at every step and you can see where it's failing or where there should be data in the variable but isn't.

              Do this for $_POST variable, $aTrainee, and $query. You don't have an else in the if(mysql_query( )) so you wouldn't know if the query failed at all and why. add an else and mysql_error().

              Dan

                Comment

                Previous template Next
                Working...