Can view a form, can enter data, but won't post to database

Question

I'm attempting to work on this form, at this time it is showing me my form, but it is not allowing me to enter the information into the database. Now as far as I can tell everything is correct, but I can't be sure. The only thing I can think that is out of place or wrong is that the code pointing to entering the data into the database once entered into the form is wrong.

I know I haven't sanitized my fields yet, so please don't tell me I need to. I am attempting to get this script written first, and I will do the clean up of the script after.

If someone can find the error, tell me what it is, and how to fix it, it be greatly appreciated.

The website is here:

http://kaboomlabs.com/PDI/1-1.php?id=2

The code is this:

        <?php
  require_once('connectvars.php');
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  <title>PDI NCMR - View</title>
  <link rel="stylesheet" type="text/css" href="CSS/view.css" />
</head>
<body>
   <div id="logo">
    <img src="images/PDI_Logo_2.1.gif" alt="PDI Logo" />
</div>

<?php
  // Connect to the database
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

    if (isset($_POST['submit'])) {
    // Grab the profile data from the POST
    $ncmrsc = mysqli_real_escape_string($dbc, trim($_POST['ncmrsc']));
    $ncmrsr = mysqli_real_escape_string($dbc, trim($_POST['ncmrsr']));
    $error= false;
}
    // Update the form in the database
    if (!$error && !empty($ncmrsr) && !empty($ncmrsc)) {
        $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

    $query = "INSERT INTO ncmr ('ncmrsr', 'ncmrsc')  VALUES ('$ncmrsr', '$ncmrsc) WHERE id ='$id'";
    mysqli_query($dbc, $query);

    // Confirm success with the user
  echo 'Customer added.';
  mysqli_close($dbc);
        exit();
        }
  // Grab the profile data from the database
  if (!isset($_GET['id'])) {
    $query = "SELECT * FROM ncmr WHERE id = '$id'";
  }
  else {
    $query = "SELECT * FROM ncmr WHERE id = '" . $_GET['id'] . "'";
  }
  $data = mysqli_query($dbc, $query);

  if (mysqli_num_rows($data) == 1) {
    // The user row was found so display the user data
    $row = mysqli_fetch_array($data);
    echo'<h3 id="NCMR2">Non-Conforming Materials Report (NCMR:&nbsp;&nbsp;' . $row['NCMR_ID'] . ')</h3>';
        echo '<form id="all" method="post">';
            echo '<fieldset>';
                if (!empty($row['Added_By']) && empty($row['Added_By_Date'])) {
                    echo '<div id="ab"><span class="b">Added By:&nbsp;&nbsp;</span>' . $row['Added_By'] . '</div>';
                    echo '<div id="abd"><span class="b">On:&nbsp;&nbsp;</span>' . $row['Added_By_Date'] . '</div>';
                    }
        echo '<div id="box">';
            echo '<div id="box1">';
                if (!empty($row['Nexx_Part']) && !empty($row['Nexx_Rev']) && !empty($row['Nexx_Part_Description']) && !empty($row['NCMR_Qty'])) {
                    echo '<div id="np"><span class="b">Nexx Part:&nbsp;&nbsp;</span>' . $row['Nexx_Part'] . '</div>';
                    echo '<div id="nr"><span class="b">Nexx Rev:&nbsp;&nbsp;</span>' . $row['Nexx_Rev'] . '</div>';
                    echo '<div id="npd"><span class="b">Nexx Part Description:&nbsp;&nbsp;</span>' . $row['Nexx_Part_Description'] . '</div>';
                    echo '<div id="ncqt"><span class="b">NCMR Qty:&nbsp;&nbsp;</span>' . $row['NCMR_Qty'] . '</div>';
                    }
                echo '<div id ="JSI">';
                    if (!empty($row['JO']) && !empty($row['SN']) && !empty($row['INV'])) {
                    echo '<div id="JO"><span class="b">JO:&nbsp;&nbsp;</span><br />' . $row['JO'] . '</div>';
                    echo '<div id="SN"><span class="b">SN:&nbsp;&nbsp;</span><br />' . $row['SN'] . '</div>';
                    echo '<div id="INV"><span class="b">INV:&nbsp;&nbsp;</span><br />' . $row['INV'] . '</div>';
                    }
            echo '</div>';
        echo '</div>';
            echo '<div id="box4-1">';
// We know both $ncmrsr AND $ncmrsc are blank
$row['ncmrsr'] = trim($row['ncmrsr']);
$row['ncmrsc'] = trim($row['ncmrsc']);
if (empty($row['ncmrsr']) && empty($row['ncmrsc'])) {
     // add comments.
        echo '<div id="ncmrsr"><span class="b">NCMR Supplier Response:<br /></span><textarea name="ncmrsr" rows="6" cols="85" ></textarea></div><br />';
        echo '<div id="ncmrsc"><span class="b">NCMR Supplier Comment:<br /></span><textarea name="ncmrsr" rows="6" cols="85" ></textarea></div><br />'; 
        echo '<div id="button"><input type="submit" name="submit" value="Enter Comments" /></div>';


        }

else {
// echo the two fields.
                if (!empty($row['ncmrsr']) && !empty($row['ncmrsc'])) {
                    echo '<div id="ncmrsr"><span class="b">NCMR Supplier Response:&nbsp;&nbsp;</span>' . $row['ncmrsr'] . '</div>';
                    echo '<div id="ncmrsc"><span class="b">NCMR Supplier Comment:&nbsp;&nbsp;</span>' . $row['ncmrsc'] . '</div>';
                    }
                    echo '</div>';
echo '</div>';
        echo '</div>';
        echo '</fieldset>';

    echo '</form>';


}  
  mysqli_close($dbc);
}

?>
</body> 
</html>

*"it is not allowing me to enter the information into the database"* Why not? How do you know this? Is there an error message? Debug your code for you? — Mike B, Nov 18 '11 at 20:23
Where's your error checking????!!!!! The "immediate" problem is a syntax error. The *bigger* problem is that you're not checking for problems! — paulsm4, Nov 18 '11 at 20:26

score 2 · Accepted Answer · answered Nov 18 '11 at 20:23

2

Your query is missing a '

$query = "INSERT INTO ncmr ('ncmrsr', 'ncmrsc')  VALUES ('$ncmrsr', '$ncmrsc) WHERE id ='$id'";

Should be

$query = "INSERT INTO ncmr ('ncmrsr', 'ncmrsc')  VALUES ('$ncmrsr', '$ncmrsc') WHERE id ='$id'";

Notice the ' after $ncmrsc

answered Nov 18 '11 at 20:23

jprofitt

10,874
4
36
46

Just attempted the fix, and it's a no go still. – Matt Ridge Nov 18 '11 at 20:37
@Mike B & paulsm4, I know there is an error because nothing is posting to the database... so obviously there is an error. As for me not checking for problems, I am, but where are you thinking I am not? – Matt Ridge Nov 18 '11 at 20:38
Where should I put this? Putting it randomly in will not help, I know that much. – Matt Ridge Nov 18 '11 at 20:39
After the `mysqli_query()` performed for the INSERT call – jprofitt Nov 18 '11 at 20:42
no errors at all, I posted where you requested, it's just not sending the data for some reason, even with the line you suggested fixed. – Matt Ridge Nov 18 '11 at 20:45
@MattRidge Debug your code by dropping `die()` or `exit()` statements and follow the logic until you find where the problem is. – Mike B Nov 18 '11 at 21:22

Can view a form, can enter data, but won't post to database

1 Answers1