Insert error

[joefox]

I keep getting this error below when i try to insert data into my db any ideas?

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'damaged beyond repair.)' at line 1INSERT INTO home_app(MBlock_Part_Number,MBlock_Ref,MBlock_Defect) VALUES (WEy73473,242342,Block is damaged beyond repair.)

</table>
<?php
if(isset($_POST['submitted'])){$errors = array();
}

if(empty($_POST['partnumber'])){$errors[] = 'You forgot a part number. ';
}else{$partnumber = trim($_POST['partnumber']);
}

if(empty($_POST['refnumber'])){$errors[] = 'You forgot a ref number. ';
}else{$refnumber = trim($_POST['refnumber']);
}

if(empty($_POST['partcomments'])){$errors[] = 'You forgot part comments. ';
}else{$partcomments = trim($_POST['partcomments']);
}

require_once ('mysql_connect.php');

$query = "INSERT INTO home_app(MBlock_Part_Number,MBlock_Ref,MBlock_Defect) VALUES ($partnumber,$refnumber,$partcomments)";
$result = @mysql_query($query);

if($result){echo 'Information entered into DB';
}else{echo '<p>'. mysql_error(). $query . '</p>';
include("DSS_Footer.php");
exit();
}
?>
<?php include("DSS_Footer.php"); ?>

[kows]

put quotes around your string values that have spaces, or better yet, all of them.

PHP Code:

$query = "INSERT INTO home_app (MBlock_Part_Number,MBlock_Ref,MBlock_Defect) VALUES('$partnumber', '$refnumber', '$partcomments')"; 


[joefox]

i had to put the query string like this"
$query = "INSERT INTO dss(MBlock_Part_Number,MBlock_Ref,MBlock_Defect) VALUES ('$partnumber','$refnumber','$partcomments')";

Ok for some reason, i go to my page it gives me these errors, i dont want it to search the db right when someone goes to the page, only run the code when someon hits the "enter button".

Notice: Undefined variable: partnumber in C:\Inetpub\jf1\php\testing2.php on line 27

Notice: Undefined variable: refnumber in C:\Inetpub\jf1\php\testing2.php on line 27

Notice: Undefined variable: partcomments in C:\Inetpub\jf1\php\testing2.php on line 27
Information entered into DB

Code:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>DSS Returns</title>
<link rel="stylesheet" type="text/css" href="../css/test1.css" />
</head>

<body>
<?php 
if(isset($_POST['submitted'])){$errors = array();
}

if(empty($_POST['partnumber'])){$errors[] = 'You forgot a part number. ';
}else{$partnumber = trim($_POST['partnumber']);
}

if(empty($_POST['refnumber'])){$errors[] = 'You forgot a ref number. ';
}else{$refnumber = trim($_POST['refnumber']);
}

if(empty($_POST['partcomments'])){$errors[] = 'You forgot part comments. ';
}else{$partcomments = trim($_POST['partcomments']);
}

require_once ('mysql_connect.php');

$query = "INSERT INTO dss(MBlock_Part_Number,MBlock_Ref,MBlock_Defect) VALUES ('$partnumber','$refnumber','$partcomments')";
$result = @mysql_query($query);

if($result){echo 'Information entered into DB';
}else{echo '<p>'. mysql_error(). $query . '</p>';
include("DSS_Footer.php");
exit(); 
}
?>
<?php include("DSS_Header.php"); ?>
<table cellspacing="2" cellpadding="2" border="0">
<tr>
    <td><form action="testing2.php" method="post">
<fieldset>
<span style="font-size:small;font:sans serif;">Part Number:</span><br><input type="text" name="partnumber" size="20" maxlenght="20" /><br>
<span style="font-size:small;font:sans serif;">Ref #:</span><br><input type="text" name="refnumber" size="20" maxlenght="20" /></td>
    <td valign="top"><fieldset>Date: <?php echo date('M n, Y'); ?></td>
    <td rowspan="2" valign="top" width="510"><fieldset><span style="font-size:small;font:sans serif;">DSS Overview:</span>
<li><span style="font-size:small;font:sans serif;">0 : Massage Blocks Pending</span>
<li><span style="font-size:small;font:sans serif;">0 : Inverters Pending</span>
<li><span style="font-size:small;font:sans serif;">0 : Total Items Pending</span>
<li><span style="font-size:small;font:sans serif;">Open PO's</span>
<ul>
<li><span style="font-size:small;font:sans serif;">60415-0045-4L01</li>
<li><span style="font-size:small;font:sans serif;">60415-0045-4L02</li>
<li><span style="font-size:small;font:sans serif;">60415-0045-4L03</li></ul>
</fieldset>
</td>
</tr>
<tr>
    <td colspan="2"><fieldset><span style="font-size:small;font:sans serif;">Part Comments:</span><br> <textarea name="partcomments" rows="6" cols="40">
</textarea><br><input type="submit" name="submit" value="Enter" />
</fieldset>
</form></td>
</tr>
</table>
<?php include("DSS_Footer.php"); ?>
</body>
</html>

[joefox]

everytime i refresh the page it runs the query, or even if i am going to the page through a link it run a query and puts blank values into the db

[joefox]

right now, when you go to the page it says the 3 errors, i dont want that, i wanted it so when you forget something or 1 of the fields, it will say the error, and the users data still stays on the screen, but it seems disapear.

VB Code:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>DSS Returns</title>
<link rel="stylesheet" type="text/css" href="../css/test1.css" />
</head>
 
<body>
 
<?php include("DSS_Header.php"); ?>
<table cellspacing="2" cellpadding="2" border="0">
<tr>
    <td><form action="testing2.php" method="post">
<fieldset>
<span style="font-size:small;font:sans serif;">Part Number:</span><br><input type="text" name="partnumber" size="20" maxlenght="20" /><br>
<span style="font-size:small;font:sans serif;">Ref #:</span><br><input type="text" name="refnumber" size="20" maxlenght="20" /></td>
    <td valign="top"><fieldset>Date: <?php echo date('M n, Y'); ?></td>
    <td rowspan="2" valign="top" width="510"><fieldset><span style="font-size:small;font:sans serif;">DSS Overview:</span>
<li><span style="font-size:small;font:sans serif;">0 : Massage Blocks Pending</span>
<li><span style="font-size:small;font:sans serif;">0 : Inverters Pending</span>
<li><span style="font-size:small;font:sans serif;">0 : Total Items Pending</span>
<li><span style="font-size:small;font:sans serif;">Open PO's</span>
<ul>
<li><span style="font-size:small;font:sans serif;">60415-0045-4L01</li>
<li><span style="font-size:small;font:sans serif;">60415-0045-4L02</li>
<li><span style="font-size:small;font:sans serif;">60415-0045-4L03</li></ul>
</fieldset>
</td>
</tr>
<tr>
    <td colspan="2"><fieldset><span style="font-size:small;font:sans serif;">Part Comments:</span><br> <textarea name="partcomments" rows="6" cols="40">
</textarea><br><input type="submit" name="submit" value="Enter" />
</fieldset>
</form></td>
</tr>
</table>
<?php 
 
if(isset($_POST['submitted'])){$errors = array();
}
 
if(empty($_POST['partnumber'])){$errors[] = 'You forgot a part number. ';
}else{$partnumber = trim($_POST['partnumber']);
}
 
if(empty($_POST['refnumber'])){$errors[] = 'You forgot a ref number. ';
}else{$refnumber = trim($_POST['refnumber']);
}
 
if(empty($_POST['partcomments'])){$errors[] = 'You forgot part comments. ';
}else{$partcomments = trim($_POST['partcomments']);
}
 
foreach($errors as $msg){echo " - $msg<br />\n";
}
IF (empty($errors)){
 
require_once ('mysql_connect.php');
 
$query = "INSERT INTO dss(MBlock_Part_Number,MBlock_Ref,MBlock_Defect,MBlock_Date) VALUES ('$partnumber','$refnumber','$partcomments',NOW())";
$result = @mysql_query($query);
 
if($result){echo 'Information entered into DB';
mysql_close();
}else{echo '<p>'. mysql_error(). $query . '</p>';
include("DSS_Footer.php");
exit(); 
}}?>
<?php include("DSS_Footer.php"); ?>
</body>
</html>

[kows]

first of all (and in my opinion of course), you're going about creating a submittable form all wrong. you should calculate the errors at the top of script, and then if the form does have errors you can reprint the entire form and give the error messages, otherwise you just need to print out the output given when submitting to the database. You're also using the wrong input name when you're checking if the form has been submitted, you reference "submitted" in your code but the input button has a name of "submit."

so, now.. to what you were asking: if I understand what you mean, you want previously entered information that concluded to an error to be showing in your fields when you submit.. if so, you can try putting this at the top of your script:

PHP Code:

<?php
  if(isset($_POST['submitted'])){
    //store the previously submitted information if needed
    $prev['partnumber'] = $_POST['partnumber'];
    $prev['refnumber'] = $_POST['refnumber'];
    $prev['partcomments'] = $_POST['partcomments'];
  }
?>

Then, for each of your input fields, add this:

PHP Code:

value="<?=$prev['partnumber'];?>"

So, for example.. your new part number field would be:

PHP Code:

<span style="font-size:small;font:sans serif;">Part Number:</span><br><input type="text" name="partnumber" size="20" maxlenght="20" value="<?=$prev['partnumber'];?>" /><br>

For what I mentioned in the start of my post, here's a simple untested rewrite of the structure of your page, no HTML included, but it gives you an idea of what to do/where to put it.

PHP Code:

<?php
  $prev = array();
  $errors = array();
  //check if the form has been submitted
  if(isset($_POST['submitted'])){
    //form has been submitted, so let's validate the information
    // --> and find out if we need to print the form again or not
    if($_POST['partnumber'] == ""){
      $errors[] = "You forgot a part number.";
    }
    if($_POST['refnumber'] == ""){
      $errors[] = "You forgot a reference number.";
    }
    if($_POST['partcomments'] == ""){
      $errors[] = "You didn't enter any comments.";
    }
    if(count($errors) == 0){
      //no errors found! don't print the form, and print output instead
      $printform = false;
    }else{
      //there were errors when submitting, print the form and fill in the blank fields
      $printform = true;
      $prev['partnumber'] = $_POST['partnumber'];
      $prev['refnumber'] = $_POST['refnumber'];
      $prev['partcomments'] = $_POST['partcomments'];
    }
  }else{
    //user hasn't submitted/visited yet, so print the form
    $printform = true;
  }
?>
<!-- put the header (html above your form) HTML here -->
<?php
  if($printform){
    if(count($errors) > 0){
      //print out the previous errors we found
      for($i = 0; $i < count($errors); $i++){
        echo "<font color='red'><strong> - " . $errors[$i] . "</strong></font><br />\n";
      }
    }
?>
<!-- put your form here, remember to add the value="<?=$prev[];?>" thing to each input field -->
<!-- also, remember to name your submit button "submitted" instead of "submit" -->
<?php
  }else{
    //what the user submitted was fine, so submit the inputs to the database
    require_once ('mysql_connect.php');
    $query = "blahblah";
    @mysql_query($query) or die(mysql_error());
    mysql_close();
    echo "Information entered into database\n";
  }
?>
<!-- enter your footer stuff here -->

also, since you're posting PHP code it's better if you used the PHP tags instead of the VBCODE tags.

Edit: fixed a few syntax errors I saw when looking over my post

[kows]

forgot to mention: you're getting those "call to undefined variable" errors because you're checking if the variables are empty using empty(), but the variables are not defined and in your PHP ini file you most likely have all error/warning reporting on. This means, that unless a variable is created, you can't check if it's empty. Since a user hasn't submitted yet, no $_POST variables exist, and since you're still checking if they're empty even though the user might not have submitted, you get the warning. To avoid this, using isset() is a lot better. You can combine isset() and empty() in the same if() statement if you like as well.

[penagate]

Use if($_SERVER['REQUEST_METHOD'] === 'POST') instead of naming the submit button.