SitePoint Sponsor

User Tag List

Results 1 to 14 of 14
  1. #1
    SitePoint Enthusiast
    Join Date
    Nov 2010
    Posts
    80
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PHP Mess on My Hands.

    I'm in my third week ever of writing in PHP for school. Last week we had to make a PHP RSVP form that validated every field. I got a B despite my form not functioning properly. This week we need to take the info from the form and input it into a database. I keep getting this error:

    Parse error: syntax error, unexpected T_STRING in ....../test/test.php on line 77

    Here is the code.... I feel like it's horrible, but the professor isn't much help. Any idea why I am getting that error?

    This is line 77 & 78:
    $connectID = mysql_connect($host, $username, $password) or die(mysql_error(Sorry, cannot connect to the database.));
    mysql_select_db('mverminski', $connectID) or die(mysql_error(Unable to connect to database.));


    Code:
    <?php
    // show form fields when submitted
    if ($_POST['submitted']) {
    
    	$first_name = @$_POST['first_name'];
    	$last_name = @$_POST['last_name'];
    	$address = @$_POST['address'];
    	$city = @$_POST['city'];
    	$state = @$_POST['state'];
    	$postal_code = @$_POST['postal_code'];
    	$phone_number = @$_POST['phone_number'];
    	$rsvp = @$_POST['rsvp'];
    	$image = @$_POST['image'];
    	
    
    	// validate
    	$error_msg=array();
    	
    	if ($first_name=="") {
    	$error_msg[] ="You must enter your first name<br />";
    	}
    		
    	if ($last_name=="") {
    	$error_msg[] ="You must enter your last name<br />";
    	}
    	
    	if ($address=="") {
    	$error_msg[] ="You must enter your address<br />";
    	}
    	
    	if ($city=="") {
    	$error_msg[] ="You must enter your city<br />";
    	}
    	
    	if ($state=="") {
    	$error_msg[] ="You must enter your state<br />";
    	}
    	
    	if (strlen($state)>2) {
    	$error_msg[] ="State must contain only two letters<br/>";
    	}
    
    	
    	if (!strlen($postal_code)<5) {
    	$error_msg[] ="You must enter a valid 5 digit postal code<br />";
    	}
    	
    	if (!eregi('^[[:digit:]]+$',$postal_code)) {
    	$error_msg[] ="You must enter a valid postal code<br />";
    	}
    	
    	if (eregi('^([[:digit:]]| |-)+$', $phone_number)) {
    	$error_msg[] = ("Please enter a valid phone number");
    }
    
    	if ($image=="") {
    	$error_msg[] ="You must upload an image.<br />";
    	}
    	
    	foreach ($error_msg as $err) {
    	echo ("$err <br />");
    	
    	if (!error_msg) {
    	header ('Location: thanks.php');
    	exit();
    	}
    	}
    	
    		//database variables
    	$host="mverminski.db.3327979.hostedresource.com";
    	$username="xxxxxxxxx";
    	$password="xxxxxxxx";
    	$db_name="xxxxxxxx";
    	$tbl_name="Christmas Party";
    	
    	//Connect to database
    	$connectID = mysql_connect($host, $username, $password) or die(mysql_error(Sorry, cannot connect to the database.));
    	mysql_select_db('mverminski', $connectID) or die(mysql_error(Unable to connect to database.));
    	
    	//insert data into database
    	$query="INSERT INTO $tbl_name (first name, last name, address, city, state, postal code, phone number, rsvp, image) VALUES ('$first_name', '$last_name', '$address', '$city', '$state', '$postal_code', '$phone_number', '$rsvp', '$image')";
    	
    	If ($result) {
    	echo "Success!";
    	echo "<br>";
    	echo "<a href='data.php'>View your form</a>";
    	}
    	else
    	echo "ERROR";
    	}
    	
    	mysql_close();
    	
    	}
    
    ?>
    
    <html>
    <head>
    <title>Christmas Party</title>
    </head>
    
    <body>
    <form action="<?php $_SERVER['PHP_SELF'] ?>" method="POST">
    	<h4>Company Christmas Party!</h4>
        
    <?php
    if ($error_msg) {
    echo "<ul>\n";
    	foreach ($error_msg as $err) {
    	echo "<li>".$err."</li>\n";
    	}
    echo "</ul>\n";
    }
    ?>
        
    <label for="first_name">First Name*</label><br />
    	<input name="first_name" type="text" size="20" id="first_name" value="<?php echo $first_name ?>"/><br/>
        
    <label for="last_name">Last Name*</label><br />
    	<input name="last_name" type="text" size="20" id="last_name" value="<?php echo $last_name ?>" /><br/>
        
    <label for="first_name">Address*</label><br />
    	<input name="address" type="text" size="40" id="address" value="<?php echo $address ?>" /><br/>
        
    <label for="first_name">City*</label><br />
    	<input name="city" type="text" size="20" id="city" value="<?php echo $city ?>" /><br/>
        
    <label for="first_name">State*</label><br />
    	<input name="state" type="text" size="2" id="state" value="<?php echo $state ?>" /><br/>
        
    <label for="first_name">Postal Code*</label><br />
    	<input name="postal_codee" type="text" size="5" id="postal_code" value="<?php echo $postal_code ?>" /><br/>
        
    <label for="first_name">Phone Number*</label><br />
    	<input name="phone_number" type="text" size="10" id="phone_number" value="<?php echo $phone_number ?>" />
        
    <form action="./result.php" method="post">
      <p>Will you be attending?<br/>
    <label for="rsvp_yes">Yes</label> <input type="radio" name="rsvp_yes" value="yes" /><br />
    <label for="rsvp_no">No</label> <input type="radio" name="rsvp_no" value="no"  /><br />
        
    <form action="./upload.php" method="post" enctype="multipart/form-data">
       <p>
          <label for="image">Select an image:</label> <input name="image" type="file" id="image" value="<?php echo $image ?>"> <br />
          
       <p>
    </form>
    
        
    <input type="hidden" name="submitted" value="1" />
    <input type="submit" value="Submit" />
        
    </form>
    </body>
    </html>
    Last edited by ScallioXTX; Apr 8, 2011 at 07:48. Reason: keep private info private

  2. #2
    SitePoint Wizard cranial-bore's Avatar
    Join Date
    Jan 2002
    Location
    Australia
    Posts
    2,634
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP Code:
    die(mysql_error(Sorrycannot connect to the database.)); 
    This makes no sense. Why would you pass a string into the mysql_error function? Actually because you haven't put quotes around your message, it's not a string either.

    The only argument mysql_error takes is the connection to the DB (which is optional).

    If you want to die with an error you pass a string to die
    PHP Code:
    die('I am dead'); 
    If you want to die with the error from mysql (and for some reason display that for your users to see) you'd use
    PHP Code:
    die(mysql_error()); 

  3. #3
    SitePoint Enthusiast
    Join Date
    Nov 2010
    Posts
    80
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Your second example is what my professor showed us in class, but I added the message to it, which I guess is wrong. That is line 78 though, and line 77 is the one with the error on it. Or is this causing that line to error? I can't check to see if that is the resolution because I am at work and my project is at home, but thanks for the help. I will change it later.

  4. #4
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,500
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Quote Originally Posted by MVerminski View Post
    Your second example is what my professor showed us in class, but I added the message to it, which I guess is wrong. That is line 78 though, and line 77 is the one with the error on it. Or is this causing that line to error? I can't check to see if that is the resolution because I am at work and my project is at home, but thanks for the help. I will change it later.
    You want to show a message as well? Concatenate it to the mysql error:
    Code:
    die(mysql_error() . 'Your message here');
    By the way, it looks to me like your script will reach the "insert into database" part only if errors are found...

  5. #5
    SitePoint Enthusiast
    Join Date
    Nov 2010
    Posts
    80
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    My validation is backwards?

    I fixed the mysql_error, but it still doesn't work correctly.

  6. #6
    Community Advisor silver trophy

    Join Date
    Nov 2006
    Location
    UK
    Posts
    2,551
    Mentioned
    40 Post(s)
    Tagged
    1 Thread(s)
    Mysql column names with spaces
    No protection against sql injection
    Incorrect use of error array

  7. #7
    SitePoint Enthusiast
    Join Date
    Nov 2010
    Posts
    80
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I dropped the validation since this weeks project focuses on inserting data into a database, and I started over. I have a form.php that contains only HTML for the form and

    Code:
    <form method="post" action="update.php">
    which links to update.php (obviously). Now at least the page loads correctly, but now I get "Error updating database". Do you see anything obviously wrong here?

    Code:
    <?php
    // show form fields when submitted
    	$first_name = $_POST['first_name'];
    	$last_name = $_POST['last_name'];
    	$address = $_POST['address'];
    	$city = $_POST['city'];
    	$state = $_POST['state'];
    	$postal_code = $_POST['postal_code'];
    	$phone_number = $_POST['phone_number'];
    
    //connect to database
    mysql_connect ("..../hostedresource.com", "mverminski", "Password")
    	or die ('Error: ' . mysql_error());
    	
    //Insert data into database
    $query="INSERT INTO Christmas_Party (ID, first_name, last_name, address, city, state, postal_code, phone_number)VALUES ('NULL', '".$first_name."', '".$last_name."', '".$address."', '".$city."', '".$state."', '".$postal_code."', '".$phone_number."')";
    
    //execute query
    mysql_query($query) or die ('Error updating database');
    	echo "Database Updated With: " .$first_name. " ".$last_name." ".$address." ".$city." ".$state." ".$postal_code." ".$phone_number ;
    	
    ?>
    The project is due Sunday and I have enough code written to pull out a B, but I really want it to work and to get an A.

  8. #8
    SitePoint Enthusiast
    Join Date
    Nov 2010
    Posts
    80
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by EastCoast View Post
    Mysql column names with spaces
    No protection against sql injection
    Incorrect use of error array
    This is my second week writing PHP, I don't know what you mean.

  9. #9
    Theoretical Physics Student bronze trophy Jake Arkinstall's Avatar
    Join Date
    May 2006
    Location
    Lancaster University, UK
    Posts
    7,062
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    I thought it was third?

    Your best bet is to really look at what your code is doing, and maybe look up what was mentioned.
    1. MySQL Column names with spaces - if a column name has a space in (which you really should avoid for the sake of ease) then it needs to be enclosed in backquotes:
      Code sql:
      INSERT INTO $tbl_name (`first name`...
      Otherwise, with what you have above, it would try to find a value in a column `first` and give it an alias `name`. This is only really useful in larger queries involving multiple tables.
    2. No protection against SQL injection - At current someone could enter a value in a textbox which screws up the entire query - be it malicious or unintentional. Think about this scenario:
      PHP Code:
      <?php
      $Name 
      $_POST['name'];
      $Query MySQL_Query("SELECT * FROM users WHERE name='{$Name}'");
      If a user posted something to change that query, they could manipulate that query, for example if $_POST['name'] was:
      Code:
      ' OR 1='1
      The query would look like:
      Code sql:
      SELECT * FROM users WHERE name='' OR 1 = '1'
      Which would select all users. Obviously there are much more serious cases, but you get the point. So to protect against this, use the mysql_real_escape_string function.


    Go through your code. Whenever you're not using a { because of a single-line statement, slap yourself hard (optional) and put one in. You have braces all over the place ending or starting things which haven't been started or ended, and in some cases in completely wrong places - For example:
    PHP Code:
    foreach ($error_msg as $err) {
        echo (
    "$err <br />");
        
        if (!
    error_msg) {
        
    header ('Location: thanks.php');
        exit();
        }
        } 
    You have a (invalid) method of seeing if the error message array is empty INSIDE a foreach loop - if it's empty, that statement won't have ever run because the foreach wouldn't have run.

    eregi functions are outdated. Read the manual before using any new function

    Also relying on the @ is a bad move. It is a silencing method which is like telling PHP to walk on broken glass but not to say 'ouch'. Use proper validation techniques to verify that something has been posted:
    PHP Code:
    $first_name array_key_exists('first_name'$_POST) ? $_POST['first_name'] : ''
    All these things you will pick up. Remember what you've learned and you can do well. Though I think it has to be said that any developer often spends long hours trying their own projects, making their own mistakes and learning from them. Though I can guarantee you, you will do much better if you learn PHP as a hobby instead of focusing just on what you're supposed to do for school (do that too, of course). Most importantly, don't learn what to use in certain situations. Learn WHY things are used, and mess around with other ideas which may work better in certain situations.
    Jake Arkinstall
    "Sometimes you don't need to reinvent the wheel;
    Sometimes its enough to make that wheel more rounded"-Molona

  10. #10
    SitePoint Enthusiast
    Join Date
    Nov 2010
    Posts
    80
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks. I have been playing with this from 5-11 each night since Wednesday and making little progress. The eregi function was in my book which I followed for most of this project. It's from 2007 so maybe it wasn't outdated when it was written.

    When I started over I removed the @ so it now reads $_POST, like in my second post that contains code, and I also removed the space and everything reads as first_name, last_name, etc.

    As for the { } mistakes I got those lines straight from my professor in our live chat session for class. He doesn't give us much help, but instead just runs through powerpoint presentations. The whole class feels like it is teaching itself how to write this stuff which is overwhelming when you have a week to learn and complete the project.

    I've started looking into validation functions that I've downloaded from the internet, but that was last weeks assignment so I sort of it put it to the side to try to at least have all the code written for this week even if the form doesn't function properly.

    The thing is I found and altered a simple PHP form with validation to use for a website I made for a family friend and I understood it fine. Now this all seems like Russian to me.

  11. #11
    SitePoint Member
    Join Date
    May 2011
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question

    Quote Originally Posted by MVerminski View Post
    I'm in my third week ever of writing in PHP for school. Last week we had to make a PHP RSVP form that validated every field. I got a B despite my form not functioning properly. This week we need to take the info from the form and input it into a database. I keep getting this error:

    Parse error: syntax error, unexpected T_STRING in ....../test/test.php on line 77

    Here is the code.... I feel like it's horrible, but the professor isn't much help. Any idea why I am getting that error?

    This is line 77 & 78:
    $connectID = mysql_connect($host, $username, $password) or die(mysql_error(Sorry, cannot connect to the database.));
    mysql_select_db('mverminski', $connectID) or die(mysql_error(Unable to connect to database.));


    Code:
    <?php
    // show form fields when submitted
    if ($_POST['submitted']) {
    
    	$first_name = @$_POST['first_name'];
    	$last_name = @$_POST['last_name'];
    	$address = @$_POST['address'];
    	$city = @$_POST['city'];
    	$state = @$_POST['state'];
    	$postal_code = @$_POST['postal_code'];
    	$phone_number = @$_POST['phone_number'];
    	$rsvp = @$_POST['rsvp'];
    	$image = @$_POST['image'];
    	
    
    	// validate
    	$error_msg=array();
    	
    	if ($first_name=="") {
    	$error_msg[] ="You must enter your first name<br />";
    	}
    		
    	if ($last_name=="") {
    	$error_msg[] ="You must enter your last name<br />";
    	}
    	
    	if ($address=="") {
    	$error_msg[] ="You must enter your address<br />";
    	}
    	
    	if ($city=="") {
    	$error_msg[] ="You must enter your city<br />";
    	}
    	
    	if ($state=="") {
    	$error_msg[] ="You must enter your state<br />";
    	}
    	
    	if (strlen($state)>2) {
    	$error_msg[] ="State must contain only two letters<br/>";
    	}
    
    	
    	if (!strlen($postal_code)<5) {
    	$error_msg[] ="You must enter a valid 5 digit postal code<br />";
    	}
    	
    	if (!eregi('^[[:digit:]]+$',$postal_code)) {
    	$error_msg[] ="You must enter a valid postal code<br />";
    	}
    	
    	if (eregi('^([[:digit:]]| |-)+$', $phone_number)) {
    	$error_msg[] = ("Please enter a valid phone number");
    }
    
    	if ($image=="") {
    	$error_msg[] ="You must upload an image.<br />";
    	}
    	
    	foreach ($error_msg as $err) {
    	echo ("$err <br />");
    	
    	if (!error_msg) {
    	header ('Location: thanks.php');
    	exit();
    	}
    	}
    	
    		//database variables
    	$host="mverminski.db.3327979.hostedresource.com";
    	$username="xxxxxxxxx";
    	$password="xxxxxxxx";
    	$db_name="xxxxxxxx";
    	$tbl_name="Christmas Party";
    	
    	//Connect to database
    	$connectID = mysql_connect($host, $username, $password) or die(mysql_error(Sorry, cannot connect to the database.));
    	mysql_select_db('mverminski', $connectID) or die(mysql_error(Unable to connect to database.));
    	
    	//insert data into database
    	$query="INSERT INTO $tbl_name (first name, last name, address, city, state, postal code, phone number, rsvp, image) VALUES ('$first_name', '$last_name', '$address', '$city', '$state', '$postal_code', '$phone_number', '$rsvp', '$image')";
    	
    	If ($result) {
    	echo "Success!";
    	echo "<br>";
    	echo "<a href='data.php'>View your form</a>";
    	}
    	else
    	echo "ERROR";
    	}
    	
    	mysql_close();
    	
    	}
    
    ?>
    
    <html>
    <head>
    <title>Christmas Party</title>
    </head>
    
    <body>
    <form action="<?php $_SERVER['PHP_SELF'] ?>" method="POST">
    	<h4>Company Christmas Party!</h4>
        
    <?php
    if ($error_msg) {
    echo "<ul>\n";
    	foreach ($error_msg as $err) {
    	echo "<li>".$err."</li>\n";
    	}
    echo "</ul>\n";
    }
    ?>
        
    <label for="first_name">First Name*</label><br />
    	<input name="first_name" type="text" size="20" id="first_name" value="<?php echo $first_name ?>"/><br/>
        
    <label for="last_name">Last Name*</label><br />
    	<input name="last_name" type="text" size="20" id="last_name" value="<?php echo $last_name ?>" /><br/>
        
    <label for="first_name">Address*</label><br />
    	<input name="address" type="text" size="40" id="address" value="<?php echo $address ?>" /><br/>
        
    <label for="first_name">City*</label><br />
    	<input name="city" type="text" size="20" id="city" value="<?php echo $city ?>" /><br/>
        
    <label for="first_name">State*</label><br />
    	<input name="state" type="text" size="2" id="state" value="<?php echo $state ?>" /><br/>
        
    <label for="first_name">Postal Code*</label><br />
    	<input name="postal_codee" type="text" size="5" id="postal_code" value="<?php echo $postal_code ?>" /><br/>
        
    <label for="first_name">Phone Number*</label><br />
    	<input name="phone_number" type="text" size="10" id="phone_number" value="<?php echo $phone_number ?>" />
        
    <form action="./result.php" method="post">
      <p>Will you be attending?<br/>
    <label for="rsvp_yes">Yes</label> <input type="radio" name="rsvp_yes" value="yes" /><br />
    <label for="rsvp_no">No</label> <input type="radio" name="rsvp_no" value="no"  /><br />
        
    <form action="./upload.php" method="post" enctype="multipart/form-data">
       <p>
          <label for="image">Select an image:</label> <input name="image" type="file" id="image" value="<?php echo $image ?>"> <br />
          
       <p>
    </form>
    
        
    <input type="hidden" name="submitted" value="1" />
    <input type="submit" value="Submit" />
        
    </form>
    </body>
    </html>
    Hello, it sounds like we have the same class and same professor only you took it earlier than me. I am not going through the same situation entering into the 4th week of class and still stuck on assignment from week 2. I made the form and all and followed the book and did my own research online and still not able to get it working like it supposed to. I have a big D in this class because im still waiting on grades from professor as he is regrading my Unit 2 assignment. Anyways I really want to make this work not only to pass the class but for my sanity as this is driving me crazy. (also first time handling PHP ever) Professor just keeps telling me to troubleshoot my errors and being zero help. Can you help me? Any help will be appreciate it.

  12. #12
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,500
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    Quote Originally Posted by florestime8 View Post
    Professor just keeps telling me to troubleshoot my errors.
    Well, did you?
    If not, why not? Do you know what troubleshooting is? How to do it? Do you get any errors?

    Don't ask us (me at least ) to do your homework for you. Of course you can ask anything about problems that you can't solve, but you'll have to show what you've done so far, and explain what specific thing is beyond your reach.

  13. #13
    SitePoint Member
    Join Date
    May 2011
    Posts
    2
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Thumbs down

    Quote Originally Posted by guido2004 View Post
    Well, did you?
    If not, why not? Do you know what troubleshooting is? How to do it? Do you get any errors?

    Don't ask us (me at least ) to do your homework for you. Of course you can ask anything about problems that you can't solve, but you'll have to show what you've done so far, and explain what specific thing is beyond your reach.
    With all due respect Mr. Guido2004, my post was directed to MVerminski. I am not trying to get anyone to do my homework as I can do that myself. To answer your question yes I have troubleshooted my work and yes I know what it means. I showed profesor what I am getting for errors and every time I change something or take something apart it just gives me a new error. I got rid of the part professor said to get rid of to see if that was what was giving me the problem; however the problem still there and a few more. I came to this blog to seek help not to be insulted or being harrased, but thanks for the concern!

  14. #14
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,500
    Mentioned
    163 Post(s)
    Tagged
    4 Thread(s)
    If you felt insulted I apologize. I meant to say that you can find lots of help here, but you'll have to be more specific in your questions. My questions weren't meant to insult you, they were to understand a bit more of your programming capabilities.

    And the comment about homework may have sounded harsh to you, but there are often people that ask exactly that. So it wasn't an accusation, but to warn you not to ask that (because reading your post it sounded a bit like that).

    I showed profesor what I am getting for errors and every time I change something or take something apart it just gives me a new error. I got rid of the part professor said to get rid of to see if that was what was giving me the problem; however the problem still there and a few more.
    Feel free to post your code and the errors you're getting.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •