Michael Bourbonnais Michael Bourbonnais - 6 months ago 14
SQL Question

Form does not submit properly -- PHP / MYSQL

I have a form that is not submitting properly. The form is submitted, and checks for required fields properly but when it gets to my if statement checking that there are no errors, it is supposed to input the form information into mysql and redirect to a different page, but instead it just clears the form and stays on the same page.

There is surely a simple answer for this, but I can't find it. I can't seem to find another instance of the same problem through searches, but I may just be searching in the wrong places. If you need any of the includes, I can provide them, but I feel like it's a problem on this page somewhere.

manage_inventory.php

<?php require_once("../includes/session.php"); ?>
<?php require_once("../includes/db_connection.php"); ?>
<?php require_once("../includes/functions.php"); ?>
<?php require_once("../includes/validation_functions.php"); ?>
<?php confirm_logged_in(); ?>

<?php
$admin_set = find_all_admins();
?>

<?php
if (isset($_POST['submit'])) {
// Process the form

// validations
$required_fields = array("type", "part_number");
validate_presences($required_fields);

if (empty($errors)) {
// Perform Create

$type = mysql_prep($_POST["type"]);
$part_number = mysql_prep($_POST["part_number"]);
$cat = mysql_prep($_POST["cat"]);
$desc = mysql_prep($_POST["desc"]);
$sales_price = mysql_prep($_POST["sales_price"]);
$tax = $_POST["tax"];
$purchace_price = mysql_prep($_POST["purchace_price"]);

$query = "INSERT INTO inventory (";
$query .= "type, part_number, cat, desc, sales_price, tax, purchace_price";
$query .= ") VALUES (";
$query .= "'{$type}', '{$part_number}', '{$cat}', '{$desc}', '{$sales_price}', '{$tax}', '{$purchace_price}'";
$query .= ")";
$result = mysqli_query($connection, $query);

if ($result) {
// Success
$_SESSION["message"] = "Inventory item created.";
redirect_to("inventory.php");
} else {
// Failure
$_SESSION["message"] = "Inventory item creation failed.";
}
}
} else {

}
?>

<?php $layout_context = "admin"; ?>

<?php include("../includes/layout/header.php"); ?>

<div id="nav">&nbsp;</div>
<div id="heading">
<h1>Inventory</h1>
</div>
<div id="sidebar">
<a href="admin.php">&laquo; Main menu</a>
<br />
<a href="inventory.php">&laquo; Back</a>
</div>
<div id="page">

<?php message(); ?>
<?php echo form_errors($errors); ?>
<br />
<form action="manage_inventory.php" method="post">
<p>Type
<select name="type">
<?php
$type_set = find_all_types();
while ($type = mysqli_fetch_assoc($type_set)){
?>
<option value= "<?php echo $type['type'] ?>"><?php echo $type ['type'] ?></option>
<?php } ?>
</select>
</p>
<p>Part Number
<input type="text" name="part_number" value="" />
</p>
<p>Category
<select name="cat">
<?php
$cat_set = find_all_cats();
while ($cat = mysqli_fetch_assoc($cat_set)){
?>
<option value= "<?php echo $cat ['category'] ?>"><?php echo $cat ['category'] ?></option>
<?php } ?>
</select>
</p>
<p>Description
<input type="text" name="desc" value="" />
</p>
<p>Sales Price
<input type="text" name="sales_price" value="" />
</p>
<p>Taxable?
<input type="radio" name="tax" value="0" /> No
&nbsp;
<input type="radio" name="tax" value="1" /> Yes
</p>
<p>Purchace Price
<input type="text" name="purchace_price" value="" />
</p>
<input type="submit" name="submit" value="Save" />
</form>
<br />
<a href="inventory.php">Cancel</a>
</div>


../includes/validation_functions.php

this is what creates $errors, this same code works well for other pages that use this same code.

<?php

$errors = array();

function fieldname_as_text($fieldname) {
$fieldname = str_replace("_", " ", $fieldname);
$fieldname = ucfirst($fieldname);
return $fieldname;
}

// * presence
// use trim() so empty spaces don't count
// use === to avoid false positives
// empty() would consider "0" to be empty
function has_presence($value) {
return isset($value) && $value !== "";
}

function validate_presences($required_fields) {
global $errors;
foreach($required_fields as $field) {
$value = trim($_POST[$field]);
if (!has_presence($value)) {
$errors[$field] = fieldname_as_text($field) . " can't be blank";
}
}
}

// * string length
// max length
function has_max_length($value, $max) {
return strlen($value) <= $max;
}

function validate_max_lengths($fields_with_max_lengths) {
global $errors;
// Expects an assoc. array
foreach($fields_with_max_lengths as $field => $max) {
$value = trim($_POST[$field]);
if (!has_max_length($value, $max)) {
$errors[$field] = fieldname_as_text($field) . " is too long";
}
}
}

// * inclusion in a set
function has_inclusion_in($value, $set) {
return in_array($value, $set);
}

?>

Answer

If your query is right change here, some column name are mysql reserved keyword

$query .= "`type`, `part_number`, `cat`, `desc`, `sales_price`, `tax`, `purchace_price`";