Hi
i would like to know how I can enter the data from the recordset into your insert query without using a hidden field.
thanks
------------------------------------------------------------------------------------Below is the code------------------------------------------------------------------------------------------
<?php require_once('../../Connections/ezzyConn.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "frmpostComment")) {
$insertSQL = sprintf("INSERT INTO comments (com_topic, com_user, title, com_content, com_date, online_id) VALUES (%s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['com_topic'], "int"),
GetSQLValueString($_POST['commentby'], "int"),
GetSQLValueString($_POST['title'], "text"),
GetSQLValueString($_POST['com_content'], "text"),
GetSQLValueString($_POST['com_date'], "text"),
GetSQLValueString($_POST['online_id'], "int"));
mysql_select_db($database_ezzyConn, $ezzyConn);
$Result1 = mysql_query($insertSQL, $ezzyConn) or die(mysql_error());
$insertGoTo = "index.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
$colname_rsCommentby = "-1";
if (isset($_SESSION['MM_Username'])) {
$colname_rsCommentby = $_SESSION['MM_Username'];
}
mysql_select_db($database_ezzyConn, $ezzyConn);
$query_rsTopics = "SELECT topic_id, topic FROM topics ORDER BY topic_date DESC";
$rsTopics = mysql_query($query_rsTopics, $ezzyConn) or die(mysql_error());
$row_rsTopics = mysql_fetch_assoc($rsTopics);
$totalRows_rsTopics = mysql_num_rows($rsTopics);
mysql_select_db($database_ezzyConn, $ezzyConn);
$query_rsOnline = "SELECT online_id, `online` FROM `online` ORDER BY online_id DESC";
$rsOnline = mysql_query($query_rsOnline, $ezzyConn) or die(mysql_error());
$row_rsOnline = mysql_fetch_assoc($rsOnline);
$totalRows_rsOnline = mysql_num_rows($rsOnline);
$colname_rsCommentby = "-1";
if (isset($_SESSION['MM_Username'])) {
$colname_rsCommentby = $_SESSION['MM_Username'];
}
mysql_select_db($database_ezzyConn, $ezzyConn);
$query_rsCommentby = sprintf("SELECT user_id, username FROM users WHERE username = %s", GetSQLValueString($colname_rsCommentby, "text"));
$rsCommentby = mysql_query($query_rsCommentby, $ezzyConn) or die(mysql_error());
$row_rsCommentby = mysql_fetch_assoc($rsCommentby);
$totalRows_rsCommentby = mysql_num_rows($rsCommentby);
?>
<?php include("../includes/access.php"); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>ezzybay - easy click, ezzy shopping</title>
<link href="../css/global.css" rel="stylesheet" type="text/css" />
<link href="../css/navigation.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="wrapper">
<?php include("../includes/top.php"); ?>
<div id="content">
<div id="pageTitle">
<h2>CMS Section:</h2>
<p>Comment Topics Page</p>
</div>
<?php include("../includes/leftnav.php"); ?>
<div id="mainContent">
<form action="<?php echo $editFormAction; ?>" method="post" name="frmpostComment" id="frmpostComment">
<table align="center">
<caption>Post Comment</caption>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Topic:</td>
<td><select name="com_topic" class="listbox" id="com_topic">
<?php
do {
?>
<option value="<?php echo $row_rsTopics['topic_id']?>"><?php echo $row_rsTopics['topic']?></option>
<?php
} while ($row_rsTopics = mysql_fetch_assoc($rsTopics));
$rows = mysql_num_rows($rsTopics);
if($rows > 0) {
mysql_data_seek($rsTopics, 0);
$row_rsTopics = mysql_fetch_assoc($rsTopics);
}
?>
</select></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Title:</td>
<td><input name="title" type="text" class="textfield" value="" size="32" /></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right" valign="top">Comment:</td>
<td><textarea name="com_content" cols="50" rows="5" class="textarea"></textarea></td>
</tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right">Status:</td>
<td><select name="online_id" class="smalllistbox">
<?php
do {
?>
<option value="<?php echo $row_rsOnline['online_id']?>" <?php if (!(strcmp($row_rsOnline['online_id'], 2))) {echo "SELECTED";} ?>><?php echo $row_rsOnline['online']?></option>
<?php
} while ($row_rsOnline = mysql_fetch_assoc($rsOnline));
?>
</select></td>
</tr>
<tr> </tr>
<tr valign="baseline">
<td nowrap="nowrap" align="right"> </td>
<td><input type="submit" class="button" value="Insert record" /></td>
</tr>
</table>
<input name="commentby" type="hidden" id="commentby" value="<?php echo $row_rsCommentby['user_id']; ?>" />
<input type="hidden" name="com_date" value="<?php echo date("d/m/y : H:i:s", time()) ?>" />
<input type="hidden" name="MM_insert" value="frmpostComment" />
</form>
</div>
</div>
<?php include("../includes/footer.php"); ?>
</div>
</body>
</html>
<?php
mysql_free_result($rsTopics);
mysql_free_result($rsOnline);
mysql_free_result($rsCommentby);
?>
1
Reply
AdChoices