×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Jobs

thread434-1760928 Hello, Was

thread434-1760928 Hello, Was

thread434-1760928 Hello, Was

(OP)
thread434-1760928: Form Not Inserting Data

Hello,

Was there ever a resolution to the thread above?
I have exactly the same problem---both on a development test server and VPS, this is the only piece of the pie that doesn't work. Fill out the form and submit it---nothing happens, no post to the database or confirmation to the user and no write to append the recipe with the star rating and comment.

The code is in a file that will allow a user to vote and comment on a recipe. You could give up to 5 stars and write a comment. The app was free from mfscripts.com All in all everything works and I've been able to customize it very much to my liking. Since it was "free" mfscripts.com offers no support, alas.

If okay here is the the content of the file view.html, Thanks in advance and BTW the name of the database is world and the data is to go into comments.

johnvins

<?php

include_once("config.php");

// get vars
$id = $_REQUEST['id'];
$id = sanitize(1, 11, $id);

// start session for captcha
session_start();

$vote = $_REQUEST['vote'];
if($submitme) {

$yourname = formatField($_POST['yourname']);
$comment = formatField($_POST['comment']);

// validation
if(strlen($yourname) == 0) $error = "Please enter your name.";
elseif(strlen($yourname) > 50) $error = "Maximum name length is 50 characters.";
elseif(strlen($comment) == 0) $error = "Please enter your comments.";
elseif(strlen($comment) > 500) $error = "Maximum comment length is 500 characters.";
elseif($_SESSION["captcha"] != $_POST['captcha']) $error = "Your confirmation text does not match, only enter the black characters.";

if(strlen($error) == 0) {

$ip = $REMOTE_ADDR;
$insert_comment = mysql_query("INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES ('".mysql_real_escape_string($yourname)."', '".mysql_real_escape_string($comment)."', ".$id.", NOW(), '".mysql_real_escape_string($ip)."')");
$hideform = TRUE;

if(strlen($vote) > 0) {
$lookup_field = "votestar".$vote;
$get_values = mysql_query("SELECT votestar1, votestar2, votestar3, votestar4, votestar5 FROM recipes WHERE id = ".$id." LIMIT 1");
$votestar1 = mysql_result($get_values, 0, votestar1);
$votestar2 = mysql_result($get_values, 0, votestar2);
$votestar3 = mysql_result($get_values, 0, votestar3);
$votestar4 = mysql_result($get_values, 0, votestar4);
$votestar5 = mysql_result($get_values, 0, votestar5);
if($vote == 1) $votestar1 = $votestar1+1;
elseif($vote == 2) $votestar2 = $votestar2+1;
elseif($vote == 3) $votestar3 = $votestar3+1;
elseif($vote == 4) $votestar4 = $votestar4+1;
elseif($vote == 5) $votestar5 = $votestar5+1;
$total = ($votestar1 * 1)+($votestar2 * 2)+($votestar3 * 3)+($votestar4 * 4)+($votestar5 * 5);
$total = $total/($votestar1+$votestar2+$votestar3+$votestar4+$votestar5);
$update_joke = mysql_query("UPDATE recipes SET ".$lookup_field." = ".$$lookup_field.", votestartotal = ".$total." WHERE id = ".$id." LIMIT 1");
}
}
}

$temp = mysql_query("SELECT * FROM recipes WHERE id = ".$id." LIMIT 1");
$title = UCWords(mysql_result($temp, 0, title));
$category = mysql_result($temp, 0, category);
$subcategory = mysql_result($temp, 0, category2);
$recipe = mysql_result($temp, 0, recipe);
$recipe = trim(str_replace(array("<h1>", "</h1>"), "", $recipe));
$votestartotal = mysql_result($temp, 0, votestartotal);

$ptitle = "Recipe for ".$title;
$pkeys = $title.", italian recipe, lasagna recipe, low carb recipe, low fat recipe";
$pdesc = $title." food recipe";

// get comments
$get_comments = mysql_query("SELECT name, comment, recipeid, dateadded, userip FROM comments WHERE recipeid = ".$id." ORDER BY dateadded DESC");

include_once("header_view.php");

?>
<tr>
<td height="100%" background="images/captext.gif" valign="top" style="padding-left:100px;padding-top:11px">
<table width="900" height="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="160" height="100%" valign="top">
<?php
include("mainmenu.php");
?>
</td>

<td width="525" align="right" style="padding-right:3px" valign="top">
<table width="388" border="0" cellspacing="0" cellpadding="0">
<?php
include("toptext.php");
?>
<tr>
<td height="29" background="#FFFFFF" style="padding-left:23px"><strong>RECIPE FOR <?php echo strtoupper($title); ?></strong></td>
</tr>
<tr>
<td bgcolor="#FFFFFF" height="100%" style="padding-top:2px;" valign="top">
<table width="100%" height="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="100%" style="padding-left:11px;padding-top:3px;" valign="top">

<table width='100%' cellpadding='0' cellspacing='0'>
<?php
echo "<tr><td valign='top'><b>Title:</b></td><td width='280'>$title</td></tr>";
if(strlen($category) > 0) echo "<tr><td><b>Category:</b></td><td>".UCWords($category)."</td></tr>";
if(strlen($subcategory) > 0) echo "<tr><td><b>Sub-Category:</b></td><td>".UCWords($subcategory)."</td></tr>";

if(number_format($votestartotal, 0) == 0) $rating = "not yet rated";
else $rating = number_format($votestartotal, 0)." stars";
echo "<tr><td style='padding-top:4px;' height='35'><b>Rating:</b></td><td style='padding-top:4px;'><img src='images/small-stars-".number_format($votestartotal, 0).".gif' width='52' height='8' alt='".$rating."'>";
echo "</td></tr>";

echo "</table>";


echo "<b>Instructions:</b><br><br>";
echo $recipe."<br><br>";

?>


</td>
</tr>
<tr>
<td style="padding-left:11px;padding-top:3px;" valign="top" bgcolor="#FFFFFF">
&nbsp;
</td>
</tr>

<?php
if(mysql_numrows($get_comments) > 0) {
?>
<tr><td style="padding-left:11px;padding-top:9px;" valign="top" bgcolor="#FFFFFF">
<table width='100%' cellpadding='0' cellspacing='0'>
<tr><td class="commentlabel"><b>User Comments:</b><br><br></td></tr>
<?php
while($row = mysql_fetch_array($get_comments)) {
$date_com = substr($row['dateadded'], 8, 2)."/".substr($row['dateadded'], 5, 2)."/".substr($row['dateadded'], 0, 4);
echo "<tr><td style='color:#999999;'>".$date_com." - ".$row['name']."</td></tr>";
echo "<tr><td style='color:#999999; border-bottom:1'>\"".$row['comment']."\"<br><br></td></tr>";
}
echo "</table>";

?>
</td>
</tr>
<tr>
<td style="padding-left:11px;padding-top:3px;" valign="top" bgcolor="#FFFFFF">
&nbsp;
</td>
</tr>
<?php
}
?>
<?php

if(!$hideform) {
?>
<tr>
<td style="padding-left:11px;padding-top:3px;" valign="top" bgcolor="#FFFFFF">
<?php
if(strlen($error) > 0) echo "<br><font style='color:red;'>ERROR: ".$error."</font><br><br>";
?>
<table width='100%' cellpadding='0' cellspacing='0'>
<form method='POST' action='view.html?id=<?php echo $id; ?>'>
<tr><td colspan="2" height="25" class="commentlabel"><b>Add A Comment/Rating:</b></td></tr>
<tr><td width="90" class="commentlabel">Your Name:</td><td><input name="yourname" value="<?php echo $yourname; ?>" type="text" class="smallform"></td></tr>
<?php
echo "<tr><td height='25' class='commentlabel'>Rating:</td><td>";
echo "<select name='vote' class='smallform'><option value=''>< rate ></option><option value='1'>1 out of 5</option><option value='2'>2 out of 5</option><option value='3'>3 out of 5</option><option value='4'>4 out of 5</option><option value='5'>5 out of 5</option></select>";
echo "</td></tr>";
?>
<tr><td valign="top" class="commentlabel">Comment:</td><td><textarea name="comment" class="smallform" cols="41" rows="5"><?php echo $comment; ?></textarea></td></tr>
<tr><td height="25" class="commentlabel">Confirm Code:</td><td>

<table width='100%' cellpadding='0' cellspacing='0'>
<tr><td width="65"><img src="captcha.php" alt="captcha image" width="60" height="20"></td><td><input type="text" name="captcha" size="3" maxlength="3" class="smallform"> (black characters only)</td></tr>
</table>

</td></tr>
<tr><td height="25"></td><td><input name='submit' type='submit' value='add comment' class='smallform'></td></tr>
<input name='submitme' type='hidden' value='1'>
</form>
</table><br>
<?php
}
?>

</td>
</tr>


</table>
</td>
</tr>
<tr>
<td height="3"><img src="images/spacer.gif" width="1" height="3"></td>
</tr>
</table>
</td>

<?php
include("menuright.php");
?>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<tr><td height="10" background="#FFFFFF"><img src="images/spacer.gif" width="1" height="1"></td></tr>

<?php
include("footer.php");
?>

RE: thread434-1760928 Hello, Was

Same comment to you;


USE the code tags so we can read the thread and differentiate question from supporting information.

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.

Never mind this jesus character, stars had to die for me to live.

RE: thread434-1760928 Hello, Was

(OP)
I'm sorry that I don't know what you mean? I'm just asking for a few ideas on how to correct the code so it submits the data to the database in the appropriate column. Do you only want to see my php code and not html? Is my post not appropriate for this forum?

Why doesn't this form connect to the database, is that what you mean by---differentiate question from supporting information?

johnvins

RE: thread434-1760928 Hello, Was

What I mean is to use the forum code formatting 'tags', it's the button with <> on it. click the 'help' button [next to 'preview'] to see how to use it

The forum then puts the code in a separate block.

e.g:

CODE --> php

echo ("this is in a code box"); 

so the code isn't cramped up with all the other text, is formatted differently, and is therefore readable.

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.

Never mind this jesus character, stars had to die for me to live.

RE: thread434-1760928 Hello, Was

Besides that, which for me is forgivable, it would be nice of you to concentrate on the essential parts. Formatting HTML is unnecessary. And to know the structure of your database would be very essential to answer.
Even though your sample code might be complete, without any database it can't be run, it can't be a test case we can mend or extend. To get help, get all necesssary informations needed for it.

Bye, Olaf.

RE: thread434-1760928 Hello, Was

As was said in the other thread. Use the mysql_error() function to specifically ask mysql if there was an error. Print your final query, and try it directly on the DB to rule out any query errors.

CODE

$get_values = mysql_query("SELECT votestar1, votestar2, votestar3, votestar4, votestar5 FROM recipes WHERE id = ".$id." LIMIT 1") or die(mysql_error()); 

CODE

echo "SELECT votestar1, votestar2, votestar3, votestar4, votestar5 FROM recipes WHERE id = ".$id." LIMIT 1"; 


It is alway highly recommended to include error handling in queries. So if something goes wrong you can return a message and gracefully continue, not just stop the script without a hint of what went worng. Your code assumes your queries will always always work, and does not address any case where they may not.




----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

RE: thread434-1760928 Hello, Was

Quote (vacunita)

It is alway highly recommended to include error handling in queries.

With the added proviso of:

While you are testing and 'debugging'.

When you move to a production model, particularly in a 'public facing' scenario, you should make your error messages be of the "Something went wrong" variety, so you do not provide any 'hints' to the 'crackers' out there trying to 'crack'/'break' your server..

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.

Never mind this jesus character, stars had to die for me to live.

RE: thread434-1760928 Hello, Was

Quote:


When you move to a production model, particularly in a 'public facing' scenario, you should make your error messages be of the "Something went wrong" variety, so you do not provide any 'hints' to the 'crackers' out there trying to 'crack'/'break' your server..

Ttue, but there should still be some type of error handling even in production. If only to not have the entire page just die. The traditional "Ooops!, something went wrong..." with a redirection to say the home page or something is generally a good thing.

Otherwise the page may just be blank or have unexpected data popping up.

----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

RE: thread434-1760928 Hello, Was

(OP)
Here is updated and clean information with my comments at the end of the code:

<?php

include_once("config.php");

// get vars
$id = $_REQUEST['id'];
$id = sanitize(1, 11, $id);

// start session for captcha
session_start();

$vote = $_REQUEST['vote'];
if($submitme) {

$yourname = formatField($_POST['yourname']);
$comment = formatField($_POST['comment']);

// validation
if(strlen($yourname) == 0) $error = "Please enter your name.";
elseif(strlen($yourname) > 50) $error = "Maximum name length is 50 characters.";
elseif(strlen($comment) == 0) $error = "Please enter your comments.";
elseif(strlen($comment) > 500) $error = "Maximum comment length is 500 characters.";
elseif($_SESSION["captcha"] != $_POST['captcha']) $error = "Your confirmation text does not match, only enter the black characters.";

if(strlen($error) == 0) {

$ip = $REMOTE_ADDR;
$insert_comment = mysql_query("INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES ('".mysql_real_escape_string($yourname)."', '".mysql_real_escape_string($comment)."', ".$id.", NOW(), '".mysql_real_escape_string($ip)."')");
$hideform = TRUE;

if(strlen($vote) > 0) {
$lookup_field = "votestar".$vote;
$get_values = mysql_query("SELECT votestar1, votestar2, votestar3, votestar4, votestar5 FROM recipes WHERE id = ".$id." LIMIT 1");
$votestar1 = mysql_result($get_values, 0, votestar1);
$votestar2 = mysql_result($get_values, 0, votestar2);
$votestar3 = mysql_result($get_values, 0, votestar3);
$votestar4 = mysql_result($get_values, 0, votestar4);
$votestar5 = mysql_result($get_values, 0, votestar5);
if($vote == 1) $votestar1 = $votestar1+1;
elseif($vote == 2) $votestar2 = $votestar2+1;
elseif($vote == 3) $votestar3 = $votestar3+1;
elseif($vote == 4) $votestar4 = $votestar4+1;
elseif($vote == 5) $votestar5 = $votestar5+1;
$total = ($votestar1 * 1)+($votestar2 * 2)+($votestar3 * 3)+($votestar4 * 4)+($votestar5 * 5);
$total = $total/($votestar1+$votestar2+$votestar3+$votestar4+$votestar5);
$update_joke = mysql_query("UPDATE recipes SET ".$lookup_field." = ".$$lookup_field.", votestartotal = ".$total." WHERE id = ".$id." LIMIT 1");
}
}
}

$temp = mysql_query("SELECT * FROM recipes WHERE id = ".$id." LIMIT 1");
$title = UCWords(mysql_result($temp, 0, title));
$category = mysql_result($temp, 0, category);
$subcategory = mysql_result($temp, 0, category2);
$recipe = mysql_result($temp, 0, recipe);
$recipe = trim(str_replace(array("<h1>", "</h1>"), "", $recipe));
$votestartotal = mysql_result($temp, 0, votestartotal);

$ptitle = "Recipe for ".$title;
$pkeys = $title.", italian recipe, lasagna recipe, low carb recipe, low fat recipe";
$pdesc = $title." food recipe";

// get comments
$get_comments = mysql_query("SELECT name, comment, recipeid, dateadded, userip FROM comments WHERE recipeid = ".$id." ORDER BY dateadded DESC");

include_once("header_view.php");
?>

<?php
include("mainmenu.php");
?>

<?php
include("toptext.php");
?>

<?php echo strtoupper($title);
?>

<?php echo "<tr><td valign='top'><b>Title:</b></td><td width='280'>$title</td></tr>";
if(strlen($category) > 0) echo "<tr><td><b>Category:</b></td><td>".UCWords($category)."</td></tr>";
if(strlen($subcategory) > 0) echo "<tr><td><b>Sub-Category:</b></td><td>".UCWords($subcategory)."</td></tr>";
if(number_format($votestartotal, 0) == 0) $rating = "not yet rated";
else $rating = number_format($votestartotal, 0)." stars";
echo "<tr><td style='padding-top:4px;' height='35'><b>Rating:</b></td><td style='padding-top:4px;'><img src='images/small-stars-".number_format($votestartotal, 0).".gif' width='52' height='8' alt='".$rating."'>";
echo "</td></tr>";
echo "</table>";
echo "<b>Instructions:</b><br><br>";
echo $recipe."<br><br>";
?>

<?php if(mysql_numrows($get_comments) > 0) {
?>

<?php while($row = mysql_fetch_array($get_comments)) {
$date_com = substr($row['dateadded'], 8, 2)."/".substr($row['dateadded'], 5, 2)."/".substr($row['dateadded'], 0, 4);
echo "<tr><td style='color:#999999;'>".$date_com." - ".$row['name']."</td></tr>";
echo "<tr><td style='color:#999999; border-bottom:1'>\"".$row['comment']."\"<br><br></td></tr>";
}
echo "</table>";

?>
<?php
}
?>

<?php
if(!$hideform) {
?>

<?php
if(strlen($error) > 0) echo "<br><font style='color:red;'>ERROR: ".$error."</font><br><br>";
?>

<form method='POST' action='view.html?id=<?php echo $id; ?>'>
<tr><td colspan="2" height="25" class="commentlabel"><b>Add A Comment/Rating:</b></td></tr>
<tr><td width="90" class="commentlabel">Your Name:</td><td><input name="yourname" value="<?php echo $yourname; ?>" type="text" class="smallform"></td></tr>
<?php echo "<tr><td height='25' class='commentlabel'>Rating:</td><td>";
echo "<select name='vote' class='smallform'><option value=''>< rate ></option><option value='1'>1 out of 5</option><option value='2'>2 out of 5</option><option value='3'>3 out of 5</option><option value='4'>4 out of 5</option><option value='5'>5 out of 5</option></select>";
echo "</td></tr>";
?>
<tr><td valign="top" class="commentlabel">Comment:</td><td><textarea name="comment" class="smallform" cols="41" rows="5"><?php echo $comment; ?></textarea></td></tr>
<tr><td height="25" class="commentlabel">Confirm Code:</td><td>
<table width='100%' cellpadding='0' cellspacing='0'>
<tr><td width="65"><img src="captcha.php" alt="captcha image" width="60" height="20"></td><td><input type="text" name="captcha" size="3" maxlength="3" class="smallform"> (black characters only)</td></tr>
</table>
</td></tr>
<tr><td height="25"></td><td><input name='submit' type='submit' value='add comment' class='smallform'></td></tr>
<input name='submitme' type='hidden' value='1'>
</form>
</table><br>
<?php
}
?>
<?php
include("menuright.php");
?>

<?php
include("footer.php");
?>

the database name is---world it has 4 tables
(1 categories)---contains all the different titles of what recipe it is classified as:i.e. chicken, shrimp, beef, pizza, pasta, etc.
(2 comments)this where the users vote/comment is stored,
(3 searches) I believe this is recent keyword searches
(4recipes) all 20,000 recipes are here with title, instructions, category, category2, votestar1, votestar2, votestar3, votestar4, votestar5, votestartotal. I have enabled php
error logging on the production server but don't get any errors that pop up. rather nothing happens after submitting the form and no confirmation of submission shows---nothing is updated.
I hope this is what you all said I should have posted in the first place? I don't think it's allowed in this forum to give the actual website so you can see it for yourself OR is it?





RE: thread434-1760928 Hello, Was

Knowing names and meanings of your tables is only a starter. Use MySQL Workbench to create statements, which create the database. Also learn to use TGML code tags. Click the (?) icon just left to the Preview/Submit buttons to learn how to format text and code here at tek-tips.

Bye, Olaf.

RE: thread434-1760928 Hello, Was

Quote:

Ttue, but there should still be some type of error handling even in production. If only to not have the entire page just die.

Of course, which is why I advocated a generic error message for the error handler. Sure, too generic an error message can be slightly annoying if you are a user with geek tendencies, but for the average user, showing them a technical 'debugging' error message is just so much gibberish and of no use. If I want to buy something from a website, knowing that;

"error 110008765dfc1: record does not exist in db.table"

Just occurred isn't useful, but "Sorry, cannot find that item" tells the user all they need to know.

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.

Never mind this jesus character, stars had to die for me to live.

RE: thread434-1760928 Hello, Was

Quote:

I have enabled php
error logging on the production server but don't get any errors that pop up. rather nothing happens after submitting the form and no confirmation of submission shows---nothing is updated.
I hope this is what you all said I should have posted in the first place?

Then you'll need to add some more aggressive step debugging.

Debugging 101: If you get no php errors, then try to introduce some yourself just to make sure error logging is working and everything is as it should. In other words add echo statements to print out variables,through the code so you can see there values and verify they have what they are supposed to have. Add an actual PHP error you know will show up and see if it does. You need to get in there and work with the code.

Again output the complete query and try to run it directly in mysql, either through an DB IDE, or directly on the command line. Take PHP out of the loop so to speak and make sure the query as is being constructed works as you expect it to work on mysql.

There is no magic "turn this switch and it will work" answer if that is what you expect, you will need to get in there and follow the code and see where it may be going wrong.

You need error handling, you have not checked that your queries are actually returning what you think they are. At least while you figure out what is happening, you can remove it once it works.



----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

RE: thread434-1760928 Hello, Was

(OP)
Here I go again, FYI---I've been a chef all my life who has had a website since 1995, that focuses on food etc. I'm self taught using MySql, html, PHP and some java script. I'm here in this forum to be guided to learn how to fix my issue and not here for someone to fix it for me, all thought that would be nice.

Let me rephrase my issue, I have a free app from mfscripts that has a MySql database with 22,000 recipes. With html and php a user on my website can select ones to display and or even comment on. All is configured and works well on a test server and on my VPS---both the test server and VPS have identical OS, MySql and PHP versions.

My only problem is that the html form page doesn't post the user input to the database, nor does it provide the user with an acknowledgement of submission or failure. In theory, the recipe that was comment on, should refresh showing the comment and star rating. This is the only issue I face.

So here is the code on the page again...I clicked the 'clean' button but I don't know if that did what I was told to do, I'm sorry if I did something wrong again? Is it OK to give my website address so you might see this app work???

John V.

<?php

include_once("config.php");

// get vars
$id = $_REQUEST;
$id = sanitize(1, 11, $id);

// start session for captcha
session_start();

$vote = $_REQUEST;
if($submitme) {

$yourname = formatField($_POST);
$comment = formatField($_POST);

// validation
if(strlen($yourname) == 0) $error = "Please enter your name.";
elseif(strlen($yourname) > 50) $error = "Maximum name length is 50 characters.";
elseif(strlen($comment) == 0) $error = "Please enter your comments.";
elseif(strlen($comment) > 500) $error = "Maximum comment length is 500 characters.";
elseif($_SESSION != $_POST) $error = "Your confirmation text does not match, only enter the black characters.";

if(strlen($error) == 0) {

$ip = $REMOTE_ADDR;
$insert_comment = mysql_query("INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES ('".mysql_real_escape_string($yourname)."', '".mysql_real_escape_string($comment)."', ".$id.", NOW(), '".mysql_real_escape_string($ip)."')");
$hideform = TRUE;

if(strlen($vote) > 0) {
$lookup_field = "votestar".$vote;
$get_values = mysql_query("SELECT votestar1, votestar2, votestar3, votestar4, votestar5 FROM recipes WHERE id = ".$id." LIMIT 1");
$votestar1 = mysql_result($get_values, 0, votestar1);
$votestar2 = mysql_result($get_values, 0, votestar2);
$votestar3 = mysql_result($get_values, 0, votestar3);
$votestar4 = mysql_result($get_values, 0, votestar4);
$votestar5 = mysql_result($get_values, 0, votestar5);
if($vote == 1) $votestar1 = $votestar1+1;
elseif($vote == 2) $votestar2 = $votestar2+1;
elseif($vote == 3) $votestar3 = $votestar3+1;
elseif($vote == 4) $votestar4 = $votestar4+1;
elseif($vote == 5) $votestar5 = $votestar5+1;
$total = ($votestar1 * 1)+($votestar2 * 2)+($votestar3 * 3)+($votestar4 * 4)+($votestar5 * 5);
$total = $total/($votestar1+$votestar2+$votestar3+$votestar4+$votestar5);
$update_joke = mysql_query("UPDATE recipes SET ".$lookup_field." = ".$$lookup_field.", votestartotal = ".$total." WHERE id = ".$id." LIMIT 1");
}
}
}

$temp = mysql_query("SELECT * FROM recipes WHERE id = ".$id." LIMIT 1");
$title = UCWords(mysql_result($temp, 0, title));
$category = mysql_result($temp, 0, category);
$subcategory = mysql_result($temp, 0, category2);
$recipe = mysql_result($temp, 0, recipe);
$recipe = trim(str_replace(array("<h1>", "</h1>"), "", $recipe));
$votestartotal = mysql_result($temp, 0, votestartotal);

$ptitle = "Recipe for ".$title;
$pkeys = $title.", italian recipe, lasagna recipe, low carb recipe, low fat recipe";
$pdesc = $title." food recipe";

// get comments
$get_comments = mysql_query("SELECT name, comment, recipeid, dateadded, userip FROM comments WHERE recipeid = ".$id." ORDER BY dateadded DESC");

include_once("header_view.php");
?>

<?php
include("mainmenu.php");
?>

<?php
include("toptext.php");
?>

<?php echo strtoupper($title);
?>

<?php echo "<tr><td valign='top'><b>Title:</b></td><td width='280'>$title</td></tr>";
if(strlen($category) > 0) echo "<tr><td><b>Category:</b></td><td>".UCWords($category)."</td></tr>";
if(strlen($subcategory) > 0) echo "<tr><td><b>Sub-Category:</b></td><td>".UCWords($subcategory)."</td></tr>";
if(number_format($votestartotal, 0) == 0) $rating = "not yet rated";
else $rating = number_format($votestartotal, 0)." stars";
echo "<tr><td style='padding-top:4px;' height='35'><b>Rating:</b></td><td style='padding-top:4px;'><img src='images/small-stars-".number_format($votestartotal, 0).".gif' width='52' height='8' alt='".$rating."'>";
echo "</td></tr>";
echo "</table>";
echo "<b>Instructions:</b><br><br>";
echo $recipe."<br><br>";
?>

<?php if(mysql_numrows($get_comments) > 0) {
?>

<?php while($row = mysql_fetch_array($get_comments)) {
$date_com = substr($row, 8, 2)."/".substr($row, 5, 2)."/".substr($row, 0, 4);
echo "<tr><td style='color:#999999;'>".$date_com." - ".$row."</td></tr>";
echo "<tr><td style='color:#999999; border-bottom:1'>\"".$row."\"<br><br></td></tr>";
}
echo "</table>";

?>
<?php
}
?>

<?php
if(!$hideform) {
?>

<?php
if(strlen($error) > 0) echo "<br><font style='color:red;'>ERROR: ".$error."</font><br><br>";
?>

<form method='POST' action='view.html?id=<?php echo $id; ?>'>
<tr><td colspan="2" height="25" class="commentlabel"><b>Add A Comment/Rating:</b></td></tr>
<tr><td width="90" class="commentlabel">Your Name:</td><td><input name="yourname" value="<?php echo $yourname; ?>" type="text" class="smallform"></td></tr>
<?php echo "<tr><td height='25' class='commentlabel'>Rating:</td><td>";
echo "<select name='vote' class='smallform'><option value=''>< rate ></option><option value='1'>1 out of 5</option><option value='2'>2 out of 5</option><option value='3'>3 out of 5</option><option value='4'>4 out of 5</option><option value='5'>5 out of 5</option></select>";
echo "</td></tr>";
?>
<tr><td valign="top" class="commentlabel">Comment:</td><td><textarea name="comment" class="smallform" cols="41" rows="5"><?php echo $comment; ?></textarea></td></tr>
<tr><td height="25" class="commentlabel">Confirm Code:</td><td>
<table width='100%' cellpadding='0' cellspacing='0'>
<tr><td width="65"><img src="captcha.php" alt="captcha image" width="60" height="20"></td><td><input type="text" name="captcha" size="3" maxlength="3" class="smallform"> (black characters only)</td></tr>
</table>
</td></tr>
<tr><td height="25"></td><td><input name='submit' type='submit' value='add comment' class='smallform'></td></tr>
<input name='submitme' type='hidden' value='1'>
</form>
</table><br>
<?php
}
?>
<?php
include("menuright.php");
?>

<?php
include("footer.php");
?>

RE: thread434-1760928 Hello, Was

Yes, you can post the URL, but it will not help us much since we won't be able to see the PHP code or actually debug it.

It seems the debugging part is what is getting at you. ie You are not entirely sure how to debug. Perhaps this is what you should have said to start with. O.K, add the parts in red to your code, and post back with what you see when you try to run the code:

CODE

<?php

include_once("config.php");

// get vars
$id = $_REQUEST;
echo "id=[ " . $id . " ]==";
$id = sanitize(1, 11, $id);

// start session for captcha
session_start();

$vote = $_REQUEST;
if($submitme) {

$yourname = formatField($_POST);
$comment = formatField($_POST);

// validation
if(strlen($yourname) == 0) $error = "Please enter your name.";
elseif(strlen($yourname) > 50) $error = "Maximum name length is 50 characters.";
elseif(strlen($comment) == 0) $error = "Please enter your comments.";
elseif(strlen($comment) > 500) $error = "Maximum comment length is 500 characters.";
elseif($_SESSION != $_POST) $error = "Your confirmation text does not match, only enter the black characters.";

if(strlen($error) == 0) {

$ip = $REMOTE_ADDR;
$insert_comment = mysql_query("INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES ('".mysql_real_escape_string($yourname)."', '".mysql_real_escape_string($comment)."', ".$id.", NOW(), '".mysql_real_escape_string($ip)."')") or die(mysql_error());

echo "MYSQL QUERY = " . "INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES ('".mysql_real_escape_string($yourname)."', '".mysql_real_escape_string($comment)."', ".$id.", NOW(), '".mysql_real_escape_string($ip)."')";

$hideform = TRUE;

if(strlen($vote) > 0) {
$lookup_field = "votestar".$vote;
$get_values = mysql_query("SELECT votestar1, votestar2, votestar3, votestar4, votestar5 FROM recipes WHERE id = ".$id." LIMIT 1") or die(mysql_error());
$votestar1 = mysql_result($get_values, 0, votestar1);
$votestar2 = mysql_result($get_values, 0, votestar2);
$votestar3 = mysql_result($get_values, 0, votestar3);
$votestar4 = mysql_result($get_values, 0, votestar4);
$votestar5 = mysql_result($get_values, 0, votestar5);
if($vote == 1) $votestar1 = $votestar1+1;
elseif($vote == 2) $votestar2 = $votestar2+1;
elseif($vote == 3) $votestar3 = $votestar3+1;
elseif($vote == 4) $votestar4 = $votestar4+1;
elseif($vote == 5) $votestar5 = $votestar5+1;
$total = ($votestar1 * 1)+($votestar2 * 2)+($votestar3 * 3)+($votestar4 * 4)+($votestar5 * 5);
$total = $total/($votestar1+$votestar2+$votestar3+$votestar4+$votestar5);
$update_joke = mysql_query("UPDATE recipes SET ".$lookup_field." = ".$$lookup_field.", votestartotal = ".$total." WHERE id = ".$id." LIMIT 1") or die(mysql_error());
}
}
}

$temp = mysql_query("SELECT * FROM recipes WHERE id = ".$id." LIMIT 1") or die(mysql_error());
$title = UCWords(mysql_result($temp, 0, title));
$category = mysql_result($temp, 0, category);
$subcategory = mysql_result($temp, 0, category2);
$recipe = mysql_result($temp, 0, recipe);
$recipe = trim(str_replace(array("<h1>", "</h1>"), "", $recipe));
$votestartotal = mysql_result($temp, 0, votestartotal);

$ptitle = "Recipe for ".$title;
$pkeys = $title.", italian recipe, lasagna recipe, low carb recipe, low fat recipe";
$pdesc = $title." food recipe";

// get comments
$get_comments = mysql_query("SELECT name, comment, recipeid, dateadded, userip FROM comments WHERE recipeid = ".$id." ORDER BY dateadded DESC") or die(mysql_error());

include_once("header_view.php");
?>

<?php
include("mainmenu.php");
?>

<?php
include("toptext.php");
?>

<?php echo strtoupper($title);
?>

<?php echo "<tr><td valign='top'><b>Title:</b></td><td width='280'>$title</td></tr>";
if(strlen($category) > 0) echo "<tr><td><b>Category:</b></td><td>".UCWords($category)."</td></tr>";
if(strlen($subcategory) > 0) echo "<tr><td><b>Sub-Category:</b></td><td>".UCWords($subcategory)."</td></tr>";
if(number_format($votestartotal, 0) == 0) $rating = "not yet rated";
else $rating = number_format($votestartotal, 0)." stars";
echo "<tr><td style='padding-top:4px;' height='35'><b>Rating:</b></td><td style='padding-top:4px;'><img src='images/small-stars-".number_format($votestartotal, 0).".gif' width='52' height='8' alt='".$rating."'>";
echo "</td></tr>";
echo "</table>";
echo "<b>Instructions:</b><br><br>";
echo $recipe."<br><br>";
?>

<?php if(mysql_numrows($get_comments) > 0) {
?>

<?php while($row = mysql_fetch_array($get_comments)) {
$date_com = substr($row, 8, 2)."/".substr($row, 5, 2)."/".substr($row, 0, 4);
echo "<tr><td style='color:#999999;'>".$date_com." - ".$row."</td></tr>";
echo "<tr><td style='color:#999999; border-bottom:1'>\"".$row."\"<br><br></td></tr>";
}
echo "</table>";

?>
<?php
}
?>

<?php
if(!$hideform) {
?>

<?php
if(strlen($error) > 0) echo "<br><font style='color:red;'>ERROR: ".$error."</font><br><br>";
?>

<form method='POST' action='view.html?id=<?php echo $id; ?>'>
<tr><td colspan="2" height="25" class="commentlabel"><b>Add A Comment/Rating:</b></td></tr>
<tr><td width="90" class="commentlabel">Your Name:</td><td><input name="yourname" value="<?php echo $yourname; ?>" type="text" class="smallform"></td></tr>
<?php echo "<tr><td height='25' class='commentlabel'>Rating:</td><td>";
echo "<select name='vote' class='smallform'><option value=''>< rate ></option><option value='1'>1 out of 5</option><option value='2'>2 out of 5</option><option value='3'>3 out of 5</option><option value='4'>4 out of 5</option><option value='5'>5 out of 5</option></select>";
echo "</td></tr>";
?>
<tr><td valign="top" class="commentlabel">Comment:</td><td><textarea name="comment" class="smallform" cols="41" rows="5"><?php echo $comment; ?></textarea></td></tr>
<tr><td height="25" class="commentlabel">Confirm Code:</td><td>
<table width='100%' cellpadding='0' cellspacing='0'>
<tr><td width="65"><img src="captcha.php" alt="captcha image" width="60" height="20"></td><td><input type="text" name="captcha" size="3" maxlength="3" class="smallform"> (black characters only)</td></tr>
</table>
</td></tr>
<tr><td height="25"></td><td><input name='submit' type='submit' value='add comment' class='smallform'></td></tr>
<input name='submitme' type='hidden' value='1'>
</form>
</table><br>
<?php
}
?>
<?php
include("menuright.php");
?>

<?php
include("footer.php");
?> 


Add them all together or one by one and ets each time. This is the debugging we've been suggesting. You need to step through your code, and test that things work as the are expected to work.



Do you understand what I mean by "Run your query directly on MYSQL"?

----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

RE: thread434-1760928 Hello, Was

(OP)
www.goodcooking.com/recipe is where it resides

No, I don't know how to debug. I did run it from the command line and the result was seeing all the information from the includes, such as all the information in the database about category names.

I also went to phpcodechecker and ran the code, it said---Warning: There are 3 functions in your code that have been deprecated in the current version of PHP
◦mysql_query()
◦ mysql_real_escape_string()
◦ mysql_result()

https://www.piliapp.com/php-syntax-check/ said---no errors in code

This is what I put in which includes the line you had in red____

<?php

include_once("config.php");

// get vars
$id = $_REQUEST;
echo "id===";
$id = sanitize(1, 11, $id);

// start session for captcha
session_start();

$vote = $_REQUEST;
if($submitme) {

$yourname = formatField($_POST);
$comment = formatField($_POST);

// validation
if(strlen($yourname) == 0) $error = "Please enter your name.";
elseif(strlen($yourname) > 50) $error = "Maximum name length is 50 characters.";
elseif(strlen($comment) == 0) $error = "Please enter your comments.";
elseif(strlen($comment) > 500) $error = "Maximum comment length is 500 characters.";
elseif($_SESSION != $_POST) $error = "Your confirmation text does not match, only enter the black characters.";

if(strlen($error) == 0) {

$ip = $REMOTE_ADDR;
$insert_comment = mysql_query("INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES ('".mysql_real_escape_string($yourname)."', '".mysql_real_escape_string($comment)."', ".$id.", NOW(), '".mysql_real_escape_string($ip)."')");

echo "MYSQL QUERY = " . "INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES ('".mysql_real_escape_string($yourname)."', '".mysql_real_escape_string($comment)."', ".$id.", NOW(), '".mysql_real_escape_string($ip)."')";
$hideform = TRUE;

if(strlen($vote) > 0) {
$lookup_field = "votestar".$vote;
$get_values = mysql_query("SELECT votestar1, votestar2, votestar3, votestar4, votestar5 FROM recipes WHERE id = ".$id." LIMIT 1");
$votestar1 = mysql_result($get_values, 0, votestar1);
$votestar2 = mysql_result($get_values, 0, votestar2);
$votestar3 = mysql_result($get_values, 0, votestar3);
$votestar4 = mysql_result($get_values, 0, votestar4);
$votestar5 = mysql_result($get_values, 0, votestar5);
if($vote == 1) $votestar1 = $votestar1+1;
elseif($vote == 2) $votestar2 = $votestar2+1;
elseif($vote == 3) $votestar3 = $votestar3+1;
elseif($vote == 4) $votestar4 = $votestar4+1;
elseif($vote == 5) $votestar5 = $votestar5+1;
$total = ($votestar1 * 1)+($votestar2 * 2)+($votestar3 * 3)+($votestar4 * 4)+($votestar5 * 5);
$total = $total/($votestar1+$votestar2+$votestar3+$votestar4+$votestar5);
$update_joke = mysql_query("UPDATE recipes SET ".$lookup_field." = ".$$lookup_field.", votestartotal = ".$total." WHERE id = ".$id." LIMIT 1");
}
}
}

$temp = mysql_query("SELECT * FROM recipes WHERE id = ".$id." LIMIT 1");
$title = UCWords(mysql_result($temp, 0, title));
$category = mysql_result($temp, 0, category);
$subcategory = mysql_result($temp, 0, category2);
$recipe = mysql_result($temp, 0, recipe);
$recipe = trim(str_replace(array("<h1>", "</h1>"), "", $recipe));
$votestartotal = mysql_result($temp, 0, votestartotal);

$ptitle = "Recipe for ".$title;
$pkeys = $title.", italian recipe, lasagna recipe, low carb recipe, low fat recipe";
$pdesc = $title." food recipe";

// get comments
$get_comments = mysql_query("SELECT name, comment, recipeid, dateadded, userip FROM comments WHERE recipeid = ".$id." ORDER BY dateadded DESC");

RE: thread434-1760928 Hello, Was

(OP)
Hello again, thank you---I'm learning a lot. So I ran the code in my browser without the suggest "red" additions w/ file named testing.php and the result was---
Notice: Undefined index: id in /var/www/html/recipe_db/testing.php on line 4 Fatal error: Call to undefined function sanitize() in /var/www/html/recipe_db/testing.php on line 5

John V.

RE: thread434-1760928 Hello, Was


When I said run the code, I meant run it as you would normally on the website, except with the extra bits I added in red. I never suggested the command line. Also in the command line it may not be able to find and include the config.php which likely has the sanitize function declared inside it so its generating errors it otherwise would not have.

Let's do this step by step:


Add the first echo to the code, without any other red parts, and run it on the website as you would normally, and see if you see anything.

CODE

<?php

include_once("config.php");

// get vars
$id = $_REQUEST['id'];
echo "id=[ " . $id . " ]==";
$id = sanitize(1, 11, $id);

// start session for captcha
session_start();

... 

Add it as it is above. do not change anything about it. Just add it in, and then run it normally on the website as you have done when the commenting and voting did not work.

See if you get the expected ID there echoed to the screen between the brackets and equal signs.










----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

RE: thread434-1760928 Hello, Was

(OP)
I clicked on the Chicken Curry recipe and then, in the very upper left top of the page that displays, is--- id=[12746]==

Which is the # of the recipe in the database and in browser address bar localhost/recipe_db/12746-recipe-Chicken-Curry.html

John V.

RE: thread434-1760928 Hello, Was

I would suspect just a linefeed and/or carriage return in the comment breaks your code. Your insert statement will split into two lines where it shouldn't. You better make use of parameterized statements.
Also using mysql_query is using a deprecated feature of PHP, at least when you use a newer version it will get a deprecation warning. In PHP 7.0 mysql_query is not part of the PHP langauge any more.

Use PDO or at least MySQLi, use a parameterized query:

CODE

$dsn = 'mysql:host=localhost;dbname=myDb';
$user = 'userName';
$password = 'xxxx';
$pdo = new PDO($dsn, $user, $password);

$sql = "INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES (:name, :comment, :recipeid, NOW(), :userip)";
$stmt = $pdo->prepare($sql);
                                              
$stmt->bindParam(':name', $yourname, PDO::PARAM_STR);  
$stmt->bindParam(':comment', $comment, PDO::PARAM_STR);     
$stmt->bindParam(':recipeid', $id, PDO::PARAM_INT); 
$stmt->bindParam(':userip', $ip, PDO::PARAM_STR);   
                                      
$stmt->execute(); 

Bye, Olaf.

RE: thread434-1760928 Hello, Was

(OP)
Olaf,

Thank you for your patience and insight! I'll continue to plug away until I solve it. Something interesting just happened though, even if you enter an incorrect Captcha sequence, it doesn't throw back to say it wasn't correct. It goes along with the same old, same old that it's been doing all along---is this odd to you or anyone else?

Thanks

RE: thread434-1760928 Hello, Was

Quote:

I clicked on the Chicken Curry recipe and then, in the very upper left top of the page that displays, is--- id=[12746]==

O.K. That means the recipe ID is getting sent. Which means that part is o.k. Remove the part in red, you added and lets check the next part.

Next section, add the red part, and test again as before:

CODE

$ip = $REMOTE_ADDR;
$insert_comment = mysql_query("INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES ('".mysql_real_escape_string($yourname)."', '".mysql_real_escape_string($comment)."', ".$id.", NOW(), '".mysql_real_escape_string($ip)."')");

echo "MYSQL QUERY = " . "INSERT INTO comments (name, comment, recipeid, dateadded, userip) VALUES ('".mysql_real_escape_string($yourname)."', '".mysql_real_escape_string($comment)."', ".$id.", NOW(), '".mysql_real_escape_string($ip)."')";


$hideform = TRUE;

if(strlen($vote) > 0) {

... 


This should let us see how the query looks like after all the variable replacements have been done. And we can see if there's an error there.

----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

RE: thread434-1760928 Hello, Was

(OP)
Phil,

I added, copy and pasted, as instructed above. It made no difference to what has been happening, same old nothing.

John V.

RE: thread434-1760928 Hello, Was

It should have echoed the query.

If it did not, it means its not getting to that point in the code. Which points to a problem with the validation portion which stops the rest of the code from running if an error is issued.


Add the following:

CODE

if(strlen($yourname) == 0) $error = "Please enter your name.";
elseif(strlen($yourname) > 50) $error = "Maximum name length is 50 characters.";
elseif(strlen($comment) == 0) $error = "Please enter your comments.";
elseif(strlen($comment) > 500) $error = "Maximum comment length is 500 characters.";
elseif($_SESSION["captcha"] != $_POST['captcha']) $error = "Your confirmation text does not match, only enter the black characters.";

echo "The error was: "  . $error;

if(strlen($error) == 0) {

... 

Run it and post back. I have a feeling the captcha is not actually working as evidenced by your previous post.



Also your original code looks like this:

CODE

if(strlen($yourname) == 0) $error = "Please enter your name.";
elseif(strlen($yourname) > 50) $error = "Maximum name length is 50 characters.";
elseif(strlen($comment) == 0) $error = "Please enter your comments.";
elseif(strlen($comment) > 500) $error = "Maximum comment length is 500 characters.";
elseif($_SESSION["captcha"] != $_POST['captcha']) $error = "Your confirmation text does not match, only enter the black characters.";

if(strlen($error) == 0) { 


But somewhere down the line it changed to this:

CODE

// validation
if(strlen($yourname) == 0) $error = "Please enter your name.";
elseif(strlen($yourname) > 50) $error = "Maximum name length is 50 characters.";
elseif(strlen($comment) == 0) $error = "Please enter your comments.";
elseif(strlen($comment) > 500) $error = "Maximum comment length is 500 characters.";
elseif($_SESSION != $_POST) $error = "Your confirmation text does not match, only enter the black characters.";

if(strlen($error) == 0) { 


If it currently looks like the second block, then your captcha will never validate as $_POST will never ever be equal to $_SESSION.


----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

RE: thread434-1760928 Hello, Was

(OP)
The code is still the same on the captcha, I just checked the live site and production server.

nothing happened with echo "The error was: " . $error;

John V.

RE: thread434-1760928 Hello, Was

hmm, that's very strange, it should have at least displayed the text: "The error was:" even if the error variable was empty.

Something is not right.

The echo function simply prints to screen whatever you tell it. Since there is nothing preventing the code from running up to that point it should have displayed something.



----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

RE: thread434-1760928 Hello, Was

Sorry to jump in, but there might be the unlikely case the echo goes into a div or any html tag which is in display:hidden mode. Right click and view page source, the error message might only be seen there.
You could also try and put die() after the echos, to see whether the rest of the script hits a timeout or crashes so nothing is returned. die() would end the script at the point and so you see what's output. Also check out, whether you're in output buffering, this would even be more likely and simpler than assuming output to a hidden tag.

Bye, Olaf.

RE: thread434-1760928 Hello, Was

Quote (johnvins)

if you enter an incorrect Captcha sequence, it doesn't throw back to say it wasn't correct.

CODE

elseif($_SESSION["captcha"] != $_POST['captcha']) $error = "Your confirmation text does not match, only enter the black characters."; 
This check only runs if previous checks are passed. Like vacunita already said it's strange you don't see any output, but the reasoning might be something afterwards failing, the output doesn't get out, maybe because of buffering.

Bye, Olaf.

RE: thread434-1760928 Hello, Was

(OP)
Hi all,

I cleared the cache in the browser and tried -the error was- still nothing on the screen?
Right clicked view source, didn't reveal anything there.
I tried the ()die after every echo, one at a time, it did die on the line where I put it; all the way to the end.
I cleaned up the html, removed all white space, At least I know how to do that!

Might it be the form itself?
Here are the lines of code just before the form---

CODE -->

<?php
}
?>
<?php								
if(!$hideform) {
?>
<tr>
<td style="padding-left:11px;padding-top:3px;" valign="top" bgcolor="#FFFFFF">
<?php
if(strlen($error) > 0) echo "<br><font style='color:red;'>ERROR: ".$error."</font><br><br>";
?>
<table width='100%' cellpadding='0' cellspacing='0'> 

And now the form:

CODE -->

<form method='POST' action='view.html?id=<?php echo $id; ?>'>
<tr><td colspan="2" height="25" class="commentlabel"><b>Add A Comment/Rating:</b></td></tr>
<tr><td width="90" class="commentlabel">Your Name:</td><td><input name="yourname" value="<?php echo $yourname; ?>" type="text" class="smallform"></td></tr>
<?php
echo "<tr><td height='25' class='commentlabel'>Rating:</td><td>";
echo "<select name='vote' class='smallform'><option value=''>< rate ></option><option value='1'>1 out of 5</option><option value='2'>2 out of 5</option><option value='3'>3 out of 5</option><option value='4'>4 out of 5</option><option value='5'>5 out of 5</option></select>";
echo "</td></tr>";
?>

John V.
<tr><td valign="top" class="commentlabel">Comment:</td><td><textarea name="comment" class="smallform" cols="41" rows="5"><?php echo $comment; ?></textarea></td></tr>
<tr><td height="25" class="commentlabel">Confirm Code:</td><td>
										
<table width='100%' cellpadding='0' cellspacing='0'>
<tr><td width="65"><img src="captcha.php" alt="captcha image" width="60" height="20"></td><td><input type="text" name="captcha" size="3" maxlength="3" class="smallform"> (black characters only)</td></tr>
</table>
										
</td></tr>
<tr><td height="25"></td><td><input name='submit' type='submit' value='add comment' class='smallform'></td></tr>
<input name='submitme' type='hidden'value='1'>
</form> 

John V.

RE: thread434-1760928 Hello, Was

What is $hideform? If it is true while you test, anything in that branch isn't executed of course, including any echo of errors.

Bye, Olaf.

RE: thread434-1760928 Hello, Was

$hideform being true or false should not affect the code before it, unless as Olaf points out there's a buffer catch somewhere before (but the code does not show it, its possible it may be in config.php), which seems strange.

The position of the hideform validation is so far down the code, the rest of it should at least produce something.

More so because the previous echo of the $id being received was shown.

Maybe the html is hiding it somewhere.


Try in the same place:

CODE

echo '<div style="display:block; position:absolute; background-color:#000; color:#dd2200; height:300px; width:300px; top:0; left:0;">The error was: ' . $error . '</div>'; 


This should produce a black box with orange text visible in the top left corner of the browser.


If this still is not shown, then there's some type of error going on. Check the error logs since your production server does not have errors turned on.


----------------------------------
Phil AKA Vacunita
----------------------------------
OS-ception: Running Linux on a Virtual Machine in Windows which itself is running in a Virtual Machine on Mac OSx.

Web & Tech

RE: thread434-1760928 Hello, Was

(OP)
I think there maybe something to the buffer cache, I just read a lot about it. Once again I got this scrip free from the developer, who in the instructions said to---Set the following permissions on directories:
CHMOD 777 - /cache

In reading I can't tell where the cache file should be located---any thoughts on this as the problem?

John V.

RE: thread434-1760928 Hello, Was

Output buffering is happening, when your config.php script includes ob_start(), it's done in memory and has nothing to do with file system.

Anyway, you might simply add more echo lines to see when they stop coming through, which is the essential line. Also read error.log as Vacunita said, the logs are typically in webroot /logs/ a couple of gz archives and a current error.log and access.log. phpinfo() will also tell about the location of logs.

Bye, Olaf.

RE: thread434-1760928 Hello, Was

(OP)
I'll do all the above and get back to both of you soon. Thanks again, John V.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close