3

Any ideas why the following code is not adding anything into the database once the user fills out the form? I'd really appreciate it.

Thank you!

    if($_SESSION['loginSuccess']==1) {

        // ============================================================
        // = Create the table of current tasks stored in the database =
        // ============================================================
        $userID = $_SESSION['userID'];
        $result = mysql_query("SELECT * FROM Tasks WHERE userID = '$userID'");
        echo "<div id=\"draggable\" class=\"ui-widget-content\"><table border='5'><tr class=\"ui-widget-header\"><td><u>Task Name:</u></td><td><u>Class:</u></td><td><u>Due Date:</u></td><td><u>Task Type:</u></td></tr>";
        echo $_SESSION['userID'];
        while($row = mysql_fetch_array($result)) {
            $taskName = $row[1];

            $class = $row[2];

            $taskDueDate = $row[3];

            $taskType = $row[4];


            echo "<tr><td>'$taskName'</td><td>'$class'</td><td>'$taskDueDate'</td><td>'$taskType'</td></tr>";
        }
        echo "</table>";

        function addNewTask ($name, $class, $dueDate, $type) {
            mysql_query("INSERT INTO Tasks VALUES ('$userID','$name', '$class', '$dueDate', '$type')");
        }

    if($_POST['taskName'] != NULL) {
            addNewTask($_POST['taskName'], $_POST['class'], $_POST['dueDate'], $_POST['dueDate']);
        }

?>


<!-- <img border="1" alt="New" src="/newTask.png" id="newTask" onmouseClick="showTaskField"/> -->
<p><form name="newTask" method="post" action="index.php" id="newTask"><br>
    Task Name: <input name="taskName" type="text"> (necessary)<br>
    Class: <input name="class" type="text"><Br>
    Due Date: <input name="dueDate" type="text" id="datepicker"><Br>
    Type: 
    <input type="submit"></p></div>
Improve this question
4
  • 6
    Whoa, whoa, whoa! SQL Injection alert! Please read up on securing your queries (I think using PDO and prepared statements is the best solution, but there are a few), then check 1) is addNewTask being run? 2) is the query returning an error? (print mysql_error() to find out) Commented Dec 2, 2010 at 3:03
  • Debug your mysql_query call by checking if it returns true or not and using mysql_error to figure out what went wrong if it returns false. Commented Dec 2, 2010 at 3:03
  • You really should escape the strings you pass to SQL. Commented Dec 2, 2010 at 3:11
  • Read the comments below about the mysql error thing. And haha about forgetting to escape the quotes. Thanks for the reminder. Commented Dec 2, 2010 at 3:15

1 Answer 1

Reset to default
4

Try getting rid of the ' around the variables in the insert statement. If that does nothing echoing mysql_error().

Improve this answer
Sign up to request clarification or add additional context in comments.

10 Comments

In previous INSERT INTO statements (that work), I had to put single-quotes around the variables.
The error mysql_error() is giving me is: Duplicate entry '0' for key 'PRIMARY'. I had primary keys in the beginning but removed them. Now I don't have a primary key.
@joshim Well, obviously you do have primary keys in your database.
Actually, I realize now I don't have a way to delete the primary key from it. Do you need a primary key in every table?
@joshim5: you don't need a primary key, but it's highly recommended if you ever plan to refer to a specific task. You probably will once it comes time to edit or delete. Regardless, it seems like you may have somehow removed the ID column but left the primary key index in place.
|

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.