Everybody! This is important. In a few days, these forums will be moving over to using the totally sweet Discourse platform. To ensure this migration happens smoothly with no loss of content, these forums are currently in a read-only mode. I do apologize for the inconvenience.

There is never a good time to turn the forums off for an extended period of time, but I promise the new forums will be a billion times better. I'm pretty sure of it.

See you all on the other side in a few days, and if you have any (non-technical) questions, please e-mail me at kirupa@kirupa.com. For technical questions, try to find a tutorial that corresponds to what you are looking for and post in the comments section of that page.


Results 1 to 6 of 6

Thread: PHP Guestbook

  1. #1

    PHP Guestbook

    hi there,

    I've just followed a tutorial to create a PHP/MySQL guestbook which seemed to be working but it seems the entries aren't being added to the database as I check the contents of the table in phpmyadmin, each is empty apart from the id and date/time fields.

    you can view the guestbook here : http://www.predator-uk.net/naa/index.php?p=guestbook

    I was assuming it would be the script used to add the data to the database that is the problem but I can't seem to find whats wrong. This is the script used to process the form data :

    PHP Code:
    mysql_connect("$host""$username""$password")or die("cannot connect server ");
    mysql_select_db("$db_name")or die("cannot select DB");

    $datetime=date("y-m-d h:i:s");

    $sql="INSERT INTO $tbl_name(name, email, comment, datetime) VALUES 

    $name', '$email', '$comment', '$datetime')";

    "<a href='index.php?p=viewguestbook'>View guestbook</a>"

    else {

    Hope someone can help,



  2. #2
    I recommend you to use mysql_error() command, which returns you last error on query. See if
    PHP Code:
    $result mysql_query($sql)or die(mysql_error()); 
    gives you any errors

  3. #3
    I'm not so good at this sql thing, but could it be because you forgot to whrite $ in front of $sql="INSERT INTO $tbl_name(name, email, comment, datetime) VALUES ?

    EDIT: i mean in front of the variables
    name, email, comment and datetime
    Last edited by gonzolo; July 21st, 2009 at 06:06 PM.
    Catchy... eh?

  4. #4
    First thing, I dont know if you created the variable $name or $comment.. it should be..

    $name = $_POST['form_name_field'];
    $comment = $_POST['form_comment_field'];
    $email = $_POST['form_email_field'];

  5. #5
    thanks for that irkevin,

    I added that and it works fine now.

  6. Another bit of advice:

    Be sure to sanitize your input before sending it to your database. Don't want to deal with any nasty SQL injection attacks... even though you're not a prime target, you still may get some random trouble maker causing problems if they find out you're doing things the way you are.

    A quick read that should help you take the first step in your PHP / MySQL security journey:

    - http://www.tizag.com/mysqlTutorial/m...-injection.php
    "Give me the place to stand, and I shall move the earth" - Archimedes
    "The whole problem with the world is that fools and fanatics are always so certain of themselves, but wiser people so full of doubts." - Bertrand Russell

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Home About kirupa.com Meet the Moderators Advertise

 Link to Us


Copyright 1999 - 2012