Hi All,
I’m trying to get some radio button values to insert into a database… now they are part of the group, and this is represented in the form… Everything else works fine apart from the MYSQL statement that handles the INSERT command.
The code for the HTML is shown below:
<td><input type="radio" name="choice" value="work"/> I want to wacth</td>
</tr>
<tr>
<td></td>
<td><input type="radio" name="choice" value="watch"/>I want to work</td>
Here is the PHP Script:
<?php
// Start the session
session_start();
// Fetch the configuration file for MYSQL connection
require_once('config.php');
// Array to store errors
$errmsg_arr = array();
// Validation error flag
$errflag = false;
// Connect to mysql server
$con = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$con) {
die ('Error connecting to server ' . mysql_error());
}
// Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die ('Cannot select database');
}
// Prevent SQL Injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
// Clean the POST values from the form
$name = clean($_POST['name']);
$email = clean($_POST['email']);
$option = $_POST['choice'];
$day = clean($_POST['day']);
$month = clean($_POST['month']);
$year = clean($_POST['year']);
// Input validations
if($name == '') {
$errmsg_arr[] = 'Name is missing';
$errflag = true;
}
if($email == '') {
$errmsg_arr[] = 'E-mail address is missing';
$errflag = true;
}
if($option == '') {
$errmsg_arr[] = 'Please select watch or work';
$errflag = true;
}
if($day == 'DD') {
$errmsg_arr[] = 'Please choose a day from 1-31';
$errflag = true;
}
if($day == 'MM') {
$errmsg_arr[] = 'Please choose a month from 1-12';
$errflag = true;
}
if($day == 'YYYY') {
$errmsg_arr[] = 'Please choose a year from 1936-1994';
$errflag = true;
}
// Check for duplicate e-mail address
if($email != '') {
$qry = "SELECT * FROM members WHERE email_address='$email'";
$result = mysql_query($qry) or die ('error' . mysql_error());
if($result) {
if(mysql_num_rows($result) > 0) {
$errmsg_arr[] = 'E-mail address already registered';
$errflag = true;
}
@mysql_free_result($result);
}
else {
die("Query Failed");
}
}
// If there are input errors send it back to the registration form
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: index.php");
exit();
}
// Create the SQL Query
$insrt_query = "INSERT INTO members (name, email_address, option, day, month, year) VALUES ('$name','$email','$_POST[choice]','$day','$month','$year')";
$result_qry = mysql_query($insrt_query) or die ('Error' . mysql_error());
// Create and Send an e-mail address
?>
I’ve got a feeling I need to perform an IF statement but unsure…
Any ideas please reply…
Thanks