开发者

What is wrong with my SQL Insert code?

问答 作者:

I'm struggling with trying to find out why this code isn't working for me. I have tables: albums (albumid, albumname), composers (composerid, composername) and tracks (trackid, tracktitle, albumid, composerid).

When I use my form to add a track and link it to a composer and an album from this:

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<p>Enter the new track:<br />
<textarea name="tracktitle" rows="1" cols="20"></textarea></p>
<p>Composer:    <select name="cid" size="1">
<option selected value="">Select One</option>
<option value="">---------</option>
<?php     while ($composer= mysql_fetch_array($composers)) {
 $cid = $composer['composerid'];
 $cname = htmlspecialchars($composer['composername']);
 echo "<option value='$cid'>$cname</option>\n";} ?>
 </select></p&g开发者_开发知识库t;
 <p>Place in albums:<br />
 <?php      while ($alb = mysql_fetch_array($albs)) {
  $aid = $alb['albumid'];
  $aname = htmlspecialchars($alb['albumname']);
  echo "<label><input type='checkbox' name='albs[]' 
  value='$aid' />$aname</label><br />\n";
  } ?>
  </p>
  <input type="submit" value="SUBMIT" />
  </form>
  <?php endif; ?>

I get this message:

New track added

Error inserting track into album 2:

Track was added to 0 albums.

The php code that precedes the form is:

if (isset($_POST['tracktitle'])): 
 // A new track has been entered
 // using the form.
$tracktitle = mysql_real_escape_string($tracktitle);
$cid= $_POST['cid'];
$tracktitle = $_POST['tracktitle'];
$albs = $_POST['albs'];
if ($cid == '') {
exit('<p>You must choose an composer for this track. Click

"Back" and try again.

');}

$sql = "INSERT INTO tracks (tracktitle)
 VALUES ('$tracktitle')" ;
if (@mysql_query($sql)) {
echo '<p>New track added</p>';
 } else {
exit('<p>Error adding new track' . mysql_error() . '</p> 
echo mysql_error() ');}
$trackid = mysql_insert_id();
if (isset($_POST['albs'])) {
$albs = $_POST['albs'];
} else {
$albs = array();
}
$numAlbs = 0;
foreach ($albs as $albID) {
$sql = "INSERT IGNORE INTO tracks (trackid, albumid, 
composerid) VALUES " .
"($trackid, $albs, $cid)";
if ($ok) {
  $numAlbs = $numAlbs + 1;
} else {
  echo "<p>Error inserting track into album $albID: " .
      mysql_error() . '</p>';    }}?>
<p>Track was added to <?php echo $numAlbs; ?> albums.</p>

<?php
else: // Allow the user to enter a new track
$composers = @mysql_query('SELECT composerid, composername 
FROM composers');
if (!$composers) {
 exit('<p>Unable to obtain composer list from the database.</p>');
}
$albs = @mysql_query('SELECT albumid, albumname FROM albums');
if (!$albs) {
  exit('<p>Unable to obtain album list from the database.</p>');}?>

I keep searching for why this is failing and I keep hitting brick walls. I also know that at present it's not very secure which will be the next thing I sort out. I just want to get the actual function working first.

@paj: Change

if ($ok) {

to

if (mysql_query($sql)) {

-

I also suggest you update your SQL statements to

$sql = "INSERT INTO tracks (tracktitle) VALUES ('" . $tracktitle . "')";

$sql = "INSERT IGNORE INTO tracks (trackid, albumid, composerid) VALUES (" . $trackid . ", " . $albID . ", " . $cid . ")";

Looks to me like $ok doesn't exist except in the if ($ok) { line. It needs to be defined somewhere prior, otherwise it will always read false because it doesn't exist.

Actually you can skip the $ok which doesn't exist and put in if (@mysql_query($sql)) { for that line like you have above. I do have to agree with the comments that the code needs some love, but if you want to know why it's breaking down, it appears this is why.

继续阅读:phpsql

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9