1

for some reason, my stuff isn't inserting into my database, and I've overlooked it a plethora of times..

AJAX Handler: 

<?php
require_once('../../blog/inc/config.php');

$form_name = htmlspecialchars($_GET['form_name']);
$form_commentid = $_GET['form_commentid'];
$date = date('M jS Y | g:i a T');
$ip = $_SERVER['REMOTE_ADDR'];

 if($form_name == '') {
    echo("Name");

} else if($form_commentid == '') {
    echo("Comment ID");

} else {
mysql_query("INSERT INTO reportcomment (id, name, commentid, date, ip) VALUES     (NULL,'{$_GET['id']}','{$form_name}','{$form_commentid}','{$date}','{$ip}')");

    // output comment
    echo "success brah";
}
?>

Reporting.php file:

<script type="text/javascript">
$(function() {

 $('#reset_form').click(function() {
 $('#name,#commentid').val('');
 });
 $('#submit').click(function() {

var name = $('#name').val();
var commentid = $('#commentid').val();

$.ajax({
url: '../../_lib/forms/report_ajax.php?id=<?php echo $_GET['id']; ?>',
data: { form_name: name, form_commentid: commentid },
success: function(data) {
    $('#report_comment').append(data);
    $(document).trigger('close.facebox');
}
});
});
});
</script>


      Name: <br />
      <input type="text" id="name" class="userpass"/>

      <input  type="text" id="commentid" class="userpass""/>


      <input type="submit" id="submit" value="Report" class="button" />
  <input type="reset" id="reset_form" name="submit" value="Reset" class="button" />

I'm also using facebox to open up the reporting.php file.

This is my SQL table http://screensnapr.com/v/2pZMN7.png

I seriously do not know what it is that I'm doing wrong. Could anyone help me?

Improve this question
4
  • 1
    Please debug your code: mysql_query($your_query) or die(mysql_error()); Commented Dec 2, 2012 at 4:31
  • Avoid the mysql_* functions. Use mysqli or PDO instead. Commented Dec 2, 2012 at 4:32
  • 1
    You should at least run $form_commentid through mysql_real_escape_string() to prevent sql injection. Commented Dec 2, 2012 at 4:43
  • 1
    In doubt, escape everything. And check mysql_query() return value, and don't use mysql_ functions. Commented Dec 2, 2012 at 4:53

1 Answer 1

Reset to default
3

You are trying to insert 6 values into a 5 column table

INSERT INTO reportcomment (id, name, commentid, date, ip) VALUES
                            1     2          3     4   5
  (NULL,'{$_GET['id']}','{$form_name}','{$form_commentid}','{$date}','{$ip}')") 
      1               2              3                   4         5       6

Remove the NULL value

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thank you man, I love you! I can't believe I didn't see that.. haha!

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.