0

I'm having trouble getting the information submitted in my form to post into my database. I'm not sure what the issue is, no error is logged, but I get the message "There was an error that prevented the comment from being saved." which is what I set up as my failure message in my php code, so something's not working.

I've made a form like this only once before, so I'm not great at troubleshooting. I have three things that need to be submitted when the form posts: author, body, and the page_name (which is a hidden input type in the form that sends the current web address).

Here is the php code that submits the form:

<?php 
if (isset($_POST['submit'])) {
$required_fields = array("author", "body");
validate_presences($required_fields);

if (empty($errors)) {
    $author = mysql_prep($_POST['author']);
    $body = mysql_prep($_POST['body']); 
    $page_name = ($_POST['page_name']);

    $query  = "INSERT INTO comments (";
    $query .= "  $author, $body, $page_name";
    $query .= ") VALUES (";
    $query .= "  '{$author}', '{$body}', '{$page_name}'";
    $query .= ")";
    $result = mysqli_query($connection, $query);

    if ($result) {
        redirect_to("new_admin.php");
    } else {
            // Failure
            $_SESSION["message"] = "There was an error that prevented the comment from being saved.";
    }
}
} else {
    $author = "";
    $body = "";
}
?>

Here's the functions I use in the above code (it's stored on a separate page that's called at the beginning of the main page):

    function mysql_prep($string) {
    global $connection;

    $escaped_string = mysqli_real_escape_string($connection, $string);
    return $escaped_string;
}

    function redirect_to($new_location) {
    header("Location: " . $new_location);
    exit;
}

$connection is what I use for my database connection, which I've double checked is working

And here is the code for my form:

    <form action="new_admin.php" method="post">
    <input type="hidden" name="page_name" value="<?=$_SERVER['REQUEST_URI']?>" />
<table>
  <tr>
    <td>Your name:</td>
    <td><input type="text" name="author" value="<?php echo $author; ?>" /></td>
  </tr>
  <tr>
    <td>Your comment:</td>
    <td><textarea name="body" cols="40" rows="8"><?php echo $body; ?></textarea></td>
  </tr>
  <tr>
    <td>&nbsp;</td>
    <td><input type="submit" name="submit" value="Submit Comment" /></td>
  </tr>
</table>
</form>

I think that's everything. I'm just stumped right now and I don't know if it's something stupid I'm missing or if I did something bigger and set the whole thing up wrong.

Any help would be super appreciated!!

ScarletLark
  • 45
  • 7
  • You should get the error message from `mysqli` http://stackoverflow.com/questions/17053466/how-to-display-errors-for-my-mysqli-query – loveNoHate Jan 10 '14 at 00:46
  • Why was this question down voted? It looks well researched and organized. – coolpup Jan 10 '14 at 01:04
  • @coolpup The question is indeed very well formatted, but this is not the point. Checking the database connectivity, although an important step, is not "research effort". The error message is shown because `$result === false`, which indicates that [`mysqli_query()`](http://www.php.net/mysqli_query) failed. Not checking the error logs also demonstrates a lack of troubleshooting. (ScarletLark, don't get me wrong, I am not patronizing you, I trust you understand my point: there was insufficient troubleshooting from your end) – RandomSeed Jan 10 '14 at 01:24
  • @RandomSeed The way I interpreted the question was that there were no errors that showed up in the log, and that ScarletLark had checked, since they wrote "no error is logged" in their first paragraph. That seemed to me like research effort, and since they are new to php, it can be hard to troubleshoot when you don't have an error to go off of, but I guess to each their own – coolpup Jan 10 '14 at 01:28
  • I was thinking "mysqli_error()" and wrote "error log", my bad. It is a good thing that the voting system allows everyone to express their opinion (and judging by the score of the question, mine is not majority). – RandomSeed Jan 10 '14 at 01:35

1 Answers1

2

You are referencing variable values in the columns to insert into. It is a feature of PHP to replace $variable within double quotes with the value of the variable. If I put in the author name as "King" and body as "BestBody" then your query will be INSERT INTO comments (KING, BestBody, <page>) VALUES('King', 'BestBody', <page>)"

change this line: $query .= " $author, $body, $page_name"; with this line: $query .=" author, body, pagename"; or whatever your columns are named.

solidau
  • 3,976
  • 2
  • 25
  • 43
  • Thanks, I guess that did the trick, since it's actually trying to send now. I get the error "Warning: Cannot modify header information - headers already sent by (output started at /admin3/public/new_admin.php:7) in /admin3/includes/functions.php on line 10" now, but I guess that's an unrelated problem I have to look at seperately – ScarletLark Jan 10 '14 at 01:02