1

Long time reader, first time poster. I am a novice PHP enthusiast, and I have a page that I have been working. Right now I have the DB connection working well and my SELECT statement is giving me the info needed. My problems are two fold (maybe more after this post; set your phasers to cringe):

  1. At one point, I had the INSERT working, but it suddenly stopped and no amount of tweaking seems to bring it back. I have verified that the INSERT statement works in a seperate PHP file without variables.

  2. When I did have the INSERT working, every refresh of the page would duplicate the last entry. I have tried tried several ways to clear out the $_POST array, but I think some of my experimenting lead back to problem #1.

<?php 
$dbhost = "REDACTED";
$dbuser = "REDACTED";
$dbpass = "REDACTED";
$dbname = "guest_list";
// Create a database connection
$connection = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);
// Test if connection succeeded
if(mysqli_connect_errno()) {
  die("DB's not here, man: " . 
      mysqli_connect_error() . 
      " (" . mysqli_connect_errno() . ")"
     );
}
// replacement for mysql_real_escape_string()
function html_escape($html_escape) {
  $html_escape =  htmlspecialchars($html_escape, ENT_QUOTES | ENT_HTML5, 'UTF-8');
  return $html_escape;
}

// Posting new data into the DB
if (isset($_POST['submit'])) {
  $first = html_escape($_POST['first']);
  $last = html_escape($_POST['last']);
  $contact = html_escape($_POST['contact']);
  $associate = html_escape($_POST['associate']);

  $insert = "INSERT INTO g_list (";
  $insert .= "g_fname, g_lname, g_phone, g_association) ";
  $insert .= "VALUES ('{$first}', '{$last}', '{$contact}', '{$associate}')";
  $insert .= "LIMIT 1";
  $i_result = mysqli_query($connection, $insert);
// I have verified that the above works by setting the varialble 
// in the VALUES area to strings and seeing it update
}

$query  = "SELECT * ";
$query .= "FROM g_list ";
$query .= "ORDER BY g_id DESC";
$q_result = mysqli_query($connection, $query);

?>

<!DOCTYPE html>
<html lang="en">
  <head>
    <title>Guest List</title>
    <link href="guest.css" media="all" rel="stylesheet" type="text/css" />
  </head>
  <body>
    <header>
      <h1>REDACTED</h1>
      <h2>Guest Registry</h2>
    </header>
    <div class="container">
      <div class="registry">
        <form name="formup" id="main_form" method="post">
          <fieldset>
            <legend>Please enter your name into the registry</legend>
            <p class="first">First Name: 
              <input type="text" name="first" value="" placeholder="One or more first names" size="64"></p>
            <p class="last">Last Name:
              <input type="text" name="last" value="" placeholder="Last name" size="64"></p>
            <p class="contact">Phone Number or Email:
              <input type="text" name="contact" value="" placeholder="" size="32"></p>
            <p class="associate">Your relation?
              <input type="text" name="associate" value="" placeholder="" size="128"></p>
            <p class="submit">
              <input type="submit" name="submit" title="add" value="submit" placeholder=""></p>
          </fieldset>
        </form>
      </div>
    </div>

    <h3>Guest List:</h3>            
    <table>
      <tr>
        <th>Firstname(s)</th><th>Lastname</th>
        <th>Phone or Email</th><th>Association</th>
      </tr>

      <?php while($guest = mysqli_fetch_assoc($q_result)) {
  echo "<tr>" . "<td>" . $guest["g_fname"] . "</td>"
    . "<td>" . $guest["g_lname"] . "</td>"
    . "<td>" . $guest["g_phone"] . "</td>"
    . "<td>" . $guest["g_association"] . "</td>" . "</tr>";
} ?>

    </table>
    <footer>
      <div>Copyright <?php echo date("Y"); ?>, REDACTED, LLC.</div>

      <?php
if (isset($connection)) {
  mysqli_close($connection);
}
      ?>
    </footer>
  </body>
</html>

Improve this question
2
  • 1
    You're not doing any error checking on your queries, you just assume they'll work. Check your error logs. Commented Jul 19, 2015 at 0:05
  • you can check your insert query for error like this $i_result = mysqli_query($connection, $insert) or trigger_error($connection->error."[$insert]"); Commented Jul 19, 2015 at 0:10

1 Answer 1

Reset to default
3

These two lines will fail:

$insert .= "VALUES ('{$first}', '{$last}', '{$contact}', '{$associate}')";
$insert .= "LIMIT 1";

Two problems here, all with the second line:

  • No SPACE between ) and LIMIT: )LIMIT 1 is your code;
  • LIMIT 1 in an INSERT is not allowed....
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Anyone have ideas on how to prevent the browser from resending the data for form entry? I have tried adding unset($_POST); $_POST = array(); to the bottom of the if statement to no avail.
You can not reset a POST since the browser will just generate it again. I would use a separate php script for processing the form (so just split your page in two scripts and use a window.location to load the form after the form has been processed).

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.