[snip]
Greetings! First time posting. Hope this is the right place. Feel free
to
email directly or CC.
[/snip]
Welcome! Always reply to all so that the list can see the answers unless
you asked specifically to reply off-list.
[snip]
<?php
/* set up a function to accept 4 variables */
function GetSQLValueString($theValue, $theType, $theDefinedValue = "",
$theNotDefinedValue = "")
{
/* if magic quotes are not on add slashes to $theValue, else $theValue
is acceptable */
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) :
$theValue;
/* switch is a fancy IF statement, allowing you to pick from a list of
variables */
switch ($theType) {
/* if $theType is "text" */
case "text":
/*
** if $theValue is not blank place single quotes around it else
set to NULL...
** there are several checks for $theValue's type, changes are
made to $theValue
** preparing it to be placed in the database
*/
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" :
"NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue :
$theNotDefinedValue;
break;
}
/* return $theValue */
return $theValue;
}
/*
** sets $editFormAction, then check if the URL query string is set.
** If it is it concats that query string to the URL
*/
$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
}
if ((isset($HTTP_POST_VARS["MM_insert"])) &&
($HTTP_POST_VARS["MM_insert"]
== "form1")) {
/* creates the SQL query using a sprintf statement */
$insertSQL = sprintf("INSERT INTO comments (FIRST_NAME, LAST_NAME,
EMAIL,
COMMENTS) VALUES (%s, %s, %s, %s)",
GetSQLValueString($HTTP_POST_VARS['FIRST_NAME'],
"text"),
GetSQLValueString($HTTP_POST_VARS['LAST_NAME'],
"text"),
GetSQLValueString($HTTP_POST_VARS['EMAIL'],
"text"),
GetSQLValueString($HTTP_POST_VARS['COMMENTS'],
"text"));
/* connects to the database and performs the query */
mysql_select_db($database_connGlobal, $connGlobal);
$Result1 = mysql_query($insertSQL, $connGlobal) or die(mysql_error());
*** I KNOW THAT THE MAIL() WILL GO HERE***
/* convert form array into variables */
$myVariableFirstName = $HTTP_POST_VARS['FIRST_NAME'];
/* etc */
/* checks to see if a redirection can be accomplished and performs it if
possible */
$insertGoTo = "insertOK.php";
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $HTTP_SERVER_VARS['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
?>
Some FYI Howard. Please do not post large chunks of code like this for
explanation unless the code is not working. We are here to help, but you
are likely to get no responses if they are very time consuming. Please
spend some time with the PHP manual (you can type in things like
http://www.php.net/isset and be directed to the proper answer) and a
good PHP book (many here have their favorites...mine is Programming PHP
and PHP Cookbook from O'Reilley).
Also, go to Google (http://www.google.com) and type in "PHP tutorial".
You will be introduced to many finely produced articles. I also suggest
subscribing to PHP Architect http://www.phparchitect.com for
intermediate to advanced articles on PHP.
Happy holidays!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
