Variables not storing correct data?

Beginners - Learning PHP
#1

I’m not 100% positive that this is a PHP problem and not MySQL but I have gone back to different versions of this form and it was happening before the MySQL was introduced, I just did not notice it. I am making an HTML5 form that submits to a MySQL database (I am using 100webspace for my server and MyPhpAdmin) for a PHP/MySQL programming class.
My issue is the variables are not recording the correct data. I have no clue how or why this is happening. I have double checked my code to make sure that the name, and id from the HTML form matched what is passed into the variables in my validate function and they all match. I have made sure that the variables that are passed into each function are passed in the same order. What is stranger is that not all variables are affected. $firstname, $lastname, $email and $comments are ok. It is my $see (a radio button and gets the value of $look), $when(the date, which gets the $see value), $do (what they did, gets $many), $many (gets $length value) and $look (gets $do) variables. Has anyone else ever had this happen? It is affecting how data is entered into the database. I have attached my code for anyone to review too.
TIA!
[php]<?php
ini_set(‘display_errors’,1); error_reporting(E_STRICT);
include ‘header.html’;

$firstname="";
$lastname="";
$email="";
$when="";
$length="";
$many="";
$look="";
$do="";
$seen="";
$comments="";
$fnameError="";
$lnameError="";
$emailError="";
$seenError="";

if ($_SERVER[‘REQUEST_METHOD’] == ‘POST’) {
validateForm();
} else {
showForm($firstname, $lastname, $email, $when, $length, $many, $look, $do, $seen, $comments, $fnameError, $lnameError, $emailError, $seenError);}

//clean and validate data
function validateForm() {
include ‘cleanData.php’;

$firstname = $_POST['fname'];
if (!preg_match("/^[a-zA-Z ]*$/",$firstname)) {
		$firstname = null;
		$fnameError = '<p>Only letters and white space allowed</p>'; }

$lastname = $_POST['lname'];
if (!preg_match("/^[a-zA-Z ]*$/",$lastname)) {
	$lastname = null;
	$lnameError = '<p>Only letters and white space allowed</p>'; }

if (!empty($_POST['email'])) {
	$email = $_POST['email'];
} else {
	$email = NULL;
	$emailError = '<p>Sorry, you must provide an email address!</p>';
}

if (empty($_POST['seen'])) {
	$seen = NULL;
	$seenError = '<p>Sorry you have not told us if you saw Fluffy or not!</p>';
} else $seen = $_POST['seen'];

//get variables from form post
$when = $_POST[‘when’];
$length = $_POST[‘length’];
$look = $_POST[‘look’];
$do = $_POST[‘do’];
$comments = $_POST[‘comments’];
$many = $_POST[‘many’];

if(!($firstname && $lastname && $email && $seen)) {
	showform ($firstname,$lastname,$when,$length,$seen,$look,$do,$comments,$email,$many, $fnameError, $lnameError, $emailError, $seenError);
} else addData($firstname, $lastname, $email, $seen, $when, $length, $do, $many, $look, $comments);

}

//Connect to database,print confirmation
function addData($firstname, $lastname, $email, $when, $length, $many, $look, $do, $seen, $comments){
print <<< HERETEXT

The following has been added:


  • First name: $firstname
  • Last name: $lastname
  • Email: $email
  • Did you see fluffy: $seen
  • Date of Abduction: $when
  • How long you were gone: $length
  • What did they do: $do
  • How many did you see: $many
  • What did they look like: $look
  • Additional Comments: $comments
HERETEXT; require("mysqli_connect.php"); $query = "INSERT INTO alien_abduction (id, firstname, lastname, email, mmddyy, how_long, many, description, do, fluffy, other) VALUES (null, '$firstname', '$lastname', '$email', '$when', '$length', '$many', '$look', '$do', '$seen', '$comments')"; 
if (mysqli_query($db, $query)) {
	echo "<h2>Thank you, a new record was created successfully.</h2>";
} else {
	echo "Error: " . $query . "<br>" . $db->error;
}

}

// call function to connect to DB and confirm input
function confirm($firstname, $lastname, $email, $when, $length, $many, $look, $do, $seen, $comments) {
addData($firstname, $lastname, $email, $when, $length, $many, $look, $do, $seen, $comments);
}

//Show form include if/else statements to make radio button sticky
function showForm($firstname, $lastname, $email, $when, $length, $many, $look, $do, $seen, $comments, $fnameError, $lnameError, $emailError, $seenError)
{
if ($seen == “yes”) {
$fluffy = “<input class=“radio” type=“radio” name=“seen” value=“yes” checked=“checked”>
<label class=“radio2”>Yes   
<input class=“radio” type=“radio” name=“seen” value=“no”>
<label class=“radio2”> No”;
} else if ($seen == “no”) {
$fluffy = “<input class=“radio” type=“radio” name=“seen” value=“yes”>
<label class=“radio2”>Yes
<input class=“radio” type=“radio” name=“seen” value=“no” checked=“checked”>
<label class=“radio2”> No”;
} else {
$fluffy = “<input class=“radio” type=“radio” name=“seen” value=“yes”>
<label class=“radio2”>Yes
<input class=“radio” type=“radio” name=“seen” value=“no”>
<label class=“radio2”> No”; }
print <<< SOMETEXT

First Name:*$fnameError
Last Name:* $lnameError
What is your Email address?*$emailError
When did it happen?
How long were you gone?
How many did you see?
Describe them:
What did they do you to?
Have you seen my dog fluffy?*$seenError
$fluffy
Have you seen Fluffy?
Anything else you want to Add?


SOMETEXT; }

?>[/php]

#2

Take a look at what is going on:
addData is called wth the variables in the following order,
[php]addData($firstname, $lastname, $email, $seen, $when, $length, $do, $many, $look, $comments);[/php]

That functions signature,
[php]function addData($firstname, $lastname, $email, $when, $length, $many, $look, $do, $seen, $comments),[/php]
This insert,
[php]$query = “INSERT INTO alien_abduction (id, firstname, lastname, email, mmddyy, how_long, many, description, do, fluffy, other)
VALUES (null, ‘$firstname’, ‘$lastname’, ‘$email’, ‘$when’, ‘$length’, ‘$many’, ‘$look’, ‘$do’, ‘$seen’, ‘$comments’)”;[/php]

See anything wrong? I’d like to take this time to point out that you should be using PDO or mysqli_ for database interactions and not dropping a variable in the sql query. It is bad, dangerous, and in some circumstances with break the application.

I recognize the code from the Head First book. While it is useful, it is outdated as well.

#3

Creating all those useless and unnecessary variables is completely ridiculous. I command you to stop it right now and never do it again. That is total newbie 101 bad habit, and yeah, I used to do it too when I was a mini coder.

#4

Thank you guys. I should have seen that the id (null) wasn’t mentioned in the script until I sent it to the db.
Kevin rubio, do you mean I should out the form information into an…array?
This is an introductory class so I will assume that’s why we’re using so many variables. It is a pain in my ass though.
Could anyone suggest other learning resources for php for me to continue learning? I have ullman’s php and mysqli book and the dive into series book on php. Ifeel like the books become outdated far too quickly. I know about Code Academy and w3 schools but more resources are always good!
Thanks again!

#5

The entire thing is wrong. I am not the right guy to spend time educating someone on the basics. Perhaps [member=72272]astonecipher[/member] will guide you through it.

Fluffy is never going to make it home with that code. :’(

#6

Then why are you looking at a forum for beginners? Did I post in the wrong forum, is this actually the advanced forum?
I guess I just chose the wrong website to get assistance.

#7

You are in the right place. I just don’t have the time at the moment to go through everything. There is too much wrong with the code.

#8

For starters I wouldn’t be validating first or last names with regex, for I have seen some very very unique names over the years. Validating that way will most likely exclude those people. Second just checking to see if a variable is empty still leaves it vulnerable. I won’t show you the solution, but I give you a strong hint and that is look into using the trim() function.

A couple bits of advice:

  1. Think of using arrays it will save you time and code length.
  2. Don’t use HEREDOC in my opinion it’s a headache and in my opinion not a very good way to start learning PHP.

I am sure other people here will have advice and comments, probably even better than mine. :wink:

Sponsor our Newsletter | Privacy Policy | Terms of Service