-3

I have written a form with server side validation using php and now my aim is to insert all the input's from my form into my database (which already has its tables). Below is my syntax:

//Example of one of my validations (for postcode input)

if (empty($_POST["postcode"])) {
 $postcodeErr = "";
   } else {
 $postcode = test_input($_POST["postcode"]);
    if(!preg_match("/^[0-9]*$/", $postcode)) { 
    $postcodeErr = "Only numeric characters";      
  }
else if (strlen($postcode) != 4) {
 $postcodeErr = "Must be 4 digits in length";
   }
  }
 }  

//Connect to database server

$conn = mysql_connect("localhost", "-----", "------"); 
mysql_select_db("-------", $conn) 
or die ('Database not found ' . mysql_error() ); 

// The SQL statement is built

$sql = "INSERT INTO Customer (name, address, suburb, state, postcode)
        VALUES ('$_POST[name]', '$_POST[address]', '$_POST[suburb]', '$_POST[$state]', '$_POST[postcode]')";

    if (!mysql_query($sql,$conn))
    {
    die('Error: ' . mysql_error());
    }
    echo "1 record added";

    mysql_close($conn)


function test_input($data) {
   $data = trim($data);
   $data = stripslashes($data);
   $data = htmlspecialchars($data);
   return $data;
}
?> //end of my php tag

When I run my form, I get a parse error saying that I have an unexpected T_FUNCTION. I know there is a lot above (tried to make it as simple as I can) but I can't seem to word around fixing the error and if I do, I just get another error. Am I writing the code correctly? Normally it's best when other people look at your work. Help will be much appreciated!

sass
  • 87
  • 2
  • 13
  • 2
    One `}` too many just above `//Connect to database server` – Funk Forty Niner May 16 '14 at 03:53
  • 1
    copy/paste issue - `mysql_select_db("-------", $conn)` missing `;` at the end? – Sean May 16 '14 at 03:56
  • 2
    You're missing a ; on your mysql_close line – WillardSolutions May 16 '14 at 04:00
  • Visit http://www.php.net/manual/en/function.mysql-select-db.php for proper syntax. Then again, you shouldn't be using this code at all and for so many reasons. – Funk Forty Niner May 16 '14 at 04:02
  • @Sean look at the line below that ;) – ElefantPhace May 16 '14 at 04:02
  • @ElefantPhace, aahh, missed that. But it looks like it is missing on `mysql_close($conn)` – Sean May 16 '14 at 04:05
  • Add error reporting to the top of your file(s) `error_reporting(E_ALL); ini_set('display_errors', 1);` when in development. That would have signaled the error(s). – Funk Forty Niner May 16 '14 at 04:08
  • Missing semi-colon for `mysql_close($conn)` also. – Funk Forty Niner May 16 '14 at 04:09
  • When I put the semi-colon next to `mysql_close($conn);` I get another error: Parse error: syntax error, unexpected $end in I:\twa\twa122\practicals\prac2\task12.php on line 182. Line 182 is the last line in my form. – sass May 16 '14 at 04:12
  • You need to get an IDE and debug this yourself. That error says you have an extra or missing brace. – Funk Forty Niner May 16 '14 at 04:12
  • @Fred-ii- Okay so I add a brace under `mysql_close($conn);` and now i get a new error " Notice: Undefined index: -- in I:\twa\twa122\practicals\prac2\task12.php on line 94 Error: Incorrect integer value: '' for column 'customerID' at row 1. Line 94 is my VALUES ('$_POST[name]', etc. – sass May 16 '14 at 04:22
  • Make sure all your form elements are named and no typos. Letter-case is also important. `A!=a;` ;-) Plus, your column type too. – Funk Forty Niner May 16 '14 at 04:24

4 Answers4

1

The quotes for $_POST['name'] and all other variables was missing in the post variable.

Try with

$name=$_POST['name'];
$address=$_POST['address'];
$suburb=$_POST['suburb'];
$state=$_POST['$state'];
$postcode=$_POST['postcode'];
$sql = "INSERT INTO Customer (name, Address, suburb, state, postcode)
        VALUES ('$name', '$address', '$suburb', '$state', '$postcode')";
Jenz
  • 8,280
  • 7
  • 44
  • 77
  • 1
    You sure about that? Re-read the question over again, *very carefully* and see my comment under it. – Funk Forty Niner May 16 '14 at 03:54
  • *"When I run my form, I get a parse error saying that I have an unexpected T_FUNCTION"* – Funk Forty Niner May 16 '14 at 03:55
  • 1
    Plus, you're probably right. *But*, we'll wait and see what OP says about it. – Funk Forty Niner May 16 '14 at 03:57
  • I have already written the code you entered, like $postcode = test_input($_POST["postcode"]); shown in my postcode validation and the rest of the variables which I did not enter in the question. My form is way too long to implement. – sass May 16 '14 at 04:09
1

you also have one extra brace above database connection, use mysqli prepared statements for better security. 

$db = new mysqli('localhost', 'root', '', 'database');
if ($db->connect_errno) {
echo "failed to connect to the database"; die();
}

$name=$_POST['name'];
$address=$_POST['address'];
$suburb=$_POST['suburb'];
$state=$_POST['$state'];
$postcode=$_POST['postcode'];

$stmt = $db->prepare("insert into `Customer` (name, Address, suburb, state, postcode) VALUES (?,?,?,?,?)";
$stmt->bind_param('sssss', $name, $address, $suburb, $state, $postcode);
$stmt->execute();
echo $stmt->affected_rows."record added";
Magna
  • 598
  • 3
  • 13
  • 23
0

mysql_close($conn) Needs to have a ; after it...

That's why the function after it is unexpected

Stevish
  • 734
  • 5
  • 17
  • Did that, but now I am getting ther error "Parse error: syntax error, unexpected $end in I:\twa\twa122\practicals\prac2\task12.php on line 182". The line 182 is the last line in my entire form. – sass May 16 '14 at 04:05
  • Ok, now that one sounds like the wrong number of curly braces (more `{`'s than `}`'s. If you post the whole code I can help you look through it for parse errors. It's hard getting started in PHP and you end up with a lot of silly mistakes. Believe me, I've spent a _lot_ of time hunting down random parse errors – Stevish May 16 '14 at 04:10
-2

Agreed with Fred, there seems to be an extra ending brace just above //Connect to database server which is breaking the code.

If that doesn't fix it, please copy/paste your full error message.

EDIT:

else if (strlen($postcode) != 4) {

needs to be

} else if (strlen($postcode) != 4) {

And there are two extra braces at the end of that if statement (just above the //Connect to database server)

PavKR
  • 1,591
  • 2
  • 11
  • 26
  • 1
    You should copy/paste into you're favorite editor and see that you're incorrect in this. – ElefantPhace May 16 '14 at 04:06
  • Thanks for the mention, but questions like these always open up a great big can of worms. The OP has more code than shown and isn't debugging this him/herself. I always post comments before knowing the actual/full code instead of posting an answer itself till I'm 100% sure. You can either delete this, or ask OP for full code. – Funk Forty Niner May 16 '14 at 04:15
  • Yeah, I would like to comment but I can't till I have 50 rep – PavKR May 16 '14 at 04:21
  • You're not too far away from it. Continue reading the comments under the OP's question. That's where the "action" is ;-) – Funk Forty Niner May 16 '14 at 04:25