Problem inserting string into database table

PHP
1

Hi guys,

I am new to PHP and SQL and I’m having a bit of a problem with something I am trying to do with Kevin Yank’s joke database. I am trying to alter the front end ‘add joke’ form so that a user can enter their name and email along with their joke. The joketext is successfully inserted into the ‘joke’ table of my database but I can’t get it to add the ‘name’ and ‘email’ to the ‘author’ table as well. I will include the relevant code excerpts below so hopefully someone can point out where I’ve gone wrong.

Excerpt from my jokelist/index.php:

if (isset($_POST['joketext']))
{
	include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
	
	$joketext = mysqli_real_escape_string($link, $_POST['joketext']);
	$sql = 'INSERT INTO joke SET
			joketext="' . $joketext . '",
			jokedate=CURDATE()';
	if (!mysqli_query($link, $sql))
	{
		$error = 'Error adding submitted joke: ' . mysqli_error($link);
		include 'error.html.php';
		exit();
	}
	
	header('Location: .');
	exit();
}

if (isset($_POST['name']))
{
	include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
	
	$name = mysqli_real_escape_string($link, $_POST['name']);
	$sql = 'INSERT INTO author SET
			name="' . $name . '"';
	if (!mysqli_query($link, $sql))
	{
		$error = 'Error adding author.';
		include 'error.html.php';
		exit();
	}
	
	header('Location: .');
	exit();
}

if (isset($_POST['email']))
{
	include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
	
	$email = mysqli_real_escape_string($link, $_POST['email']);
	$sql = 'UPDATE author SET
			email="' . $email . '"
			WHERE name="$name"';
	if (!mysqli_query($link, $sql))
	{
		$error = 'Error adding authors email.';
		include 'error.html.php';
		exit();
	}
	
	header('Location: .');
	exit();
}

Excerpt from my jokelist/form.html.php file:


<body>
	<form action="?" method="post">
		<div>
			<label for="joketext">Type your joke here:</label>
			<textarea id="joketext" name="joketext" rows="3" cols="40">
			</textarea>
		</div>
		<div>
			<label for="name">Name: <input type="text" name="name"
				id="name" </label>
		</div>
		<div>
			<label for="email">Email: <input type="text" name="email"
				id="email" </label>
		</div>
		<div><input type="submit" value="Add"/></div>
	</form>
</body>

The form displays correctly with text boxes for all three attributes. The joketext is successfully inserted into my table when i click the ‘add’ button but the author name and email are not added to the author table.

Thanks for your time.

2

your querys are wrong and you should only have to do one query for author name and email. so erase the name and email portion of your script and add the following.

they should be more along the lines of this.

 if (isset($_POST['name']) && isset($_POST['email']))
{
	include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
 
	$name = mysqli_real_escape_string($link, $_POST['name']);
	$email = mysqli_real_escape_string($link , $_POST['email'])
	$sql = 'INSERT INTO author(name , email) VALUES('.$name.','.$email.')';
	if (!mysqli_query($link, $sql))
	{
		$error = 'Error adding author.';
		include 'error.html.php';
		exit();
	}
 
	header('Location: .');
	exit();
}