Anyone gimme some help? This is my code



<?
ob_start();
include("config.php");
if ($logged[username])
{
if(!$_POST[auction])
{


echo ("<div align=\"center\"><p><b>Add A New Auction</b><br/>
You are logged in as $logged[username].</p>


<form method=\"POST\">
<p>Auction Name:<br/>
<input type=\"text\" size=\"40\" maxlength=\"70\" name=\"aname\" ><br /><br />

Time Limit (days):<br/>
<input type=\"text\" size=\"40\" maxlength=\"70\" name=\"timel\" ><br/><br/>

Category:<br/>
<select name=\"category\" id=\"type\" width=\"40\" style=\"border: 1px solid grey;\">

<option>Rares</option>
<option>Super Rares</option>
<option>Posters</option>
<option>Plants</option>
<option>Other</option>
</select><br /><br />

Starting Price:<br/>
<input type=\"text\" size=\"40\" maxlength=\"70\" name=\"sprice\" ><br /><br />

Buy It Now Price:<br/>
<input type=\"text\" size=\"40\" maxlength=\"70\" name=\"bin\" ><br /><br />

Item Description:<br/>
<input type=\"text\" size=\"40\" name=\"desc\" style=\"height: 200px;\"><br /><br />

<input type=\"submit\" name=\"auction\" value=\"Submit\"></form> ");

}else {
$aname = htmlspecialchars($_POST[aname]);
$category = htmlspecialchars($_POST[category]);
$sprice = htmlspecialchars($_POST[sprice]);
$bin = htmlspecialchars($_POST[bin]);
$desc = htmlspecialchars($_POST[disc]);
$timel = htmlspecialchars($_POST[timel]);
// the above lines get rid of all html.
echo ("$_GET[user] you have posted a new auction. Please wait for our Administrators to verify it.");
$query = mysql_query("INSERT INTO auction (username, aname, category, sprice, bin, desc, timel) VALUES ($logged[username], $aname, $category, $sprice, $bin, $desc, $timel");
// updates the information in the database.
}
}
else {
echo ("Your not logged in.");
}

?>

Thanks for any help.

Anyone gimme some help? This is my code



<?
ob_start();
include("config.php");
if ($logged[username])
{
if(!$_POST[auction])
{


echo ("<div align=\"center\"><p><b>Add A New Auction</b><br/>
You are logged in as $logged[username].</p>


<form method=\"POST\">
<p>Auction Name:<br/>
<input type=\"text\" size=\"40\" maxlength=\"70\" name=\"aname\" ><br /><br />

Time Limit (days):<br/>
<input type=\"text\" size=\"40\" maxlength=\"70\" name=\"timel\" ><br/><br/>

Category:<br/>
<select name=\"category\" id=\"type\" width=\"40\" style=\"border: 1px solid grey;\">

<option>Rares</option>
<option>Super Rares</option>
<option>Posters</option>
<option>Plants</option>
<option>Other</option>
</select><br /><br />

Starting Price:<br/>
<input type=\"text\" size=\"40\" maxlength=\"70\" name=\"sprice\" ><br /><br />

Buy It Now Price:<br/>
<input type=\"text\" size=\"40\" maxlength=\"70\" name=\"bin\" ><br /><br />

Item Description:<br/>
<input type=\"text\" size=\"40\" name=\"desc\" style=\"height: 200px;\"><br /><br />

<input type=\"submit\" name=\"auction\" value=\"Submit\"></form> ");

}else {
$aname = htmlspecialchars($_POST[aname]);
$category = htmlspecialchars($_POST[category]);
$sprice = htmlspecialchars($_POST[sprice]);
$bin = htmlspecialchars($_POST[bin]);
$desc = htmlspecialchars($_POST[disc]);
$timel = htmlspecialchars($_POST[timel]);
// the above lines get rid of all html.
echo ("$_GET[user] you have posted a new auction. Please wait for our Administrators to verify it.");
$query = mysql_query("INSERT INTO auction (username, aname, category, sprice, bin, desc, timel) VALUES ($logged[username], $aname, $category, $sprice, $bin, $desc, $timel");
// updates the information in the database.
}
}
else {
echo ("Your not logged in.");
}

?>

Thanks for any help.


Heya. It would've helped if you told us the error. Anyway the problem is...

You have said

if(!$_POST[auction])

??

You have not named your form...

<form method=\"POST\"> <----- SEE. The server doesn't know thats the auction form ;P

Heres the edited code:



<?
ob_start();
include("config.php");
if ($logged[username])
{
if(!$_POST[auction])
{


echo ("<div align=\"center\"><p><b>Add A New Auction</b><br/>
You are logged in as $logged[username].</p>


<form method=\"POST\" name=\"auction\">
<p>Auction Name:<br/>
<input type=\"text\" size=\"40\" maxlength=\"70\" name=\"aname\" ><br /><br />

Time Limit (days):<br/>
<input type=\"text\" size=\"40\" maxlength=\"70\" name=\"timel\" ><br/><br/>

Category:<br/>
<select name=\"category\" id=\"type\" width=\"40\" style=\"border: 1px solid grey;\">

<option>Rares</option>
<option>Super Rares</option>
<option>Posters</option>
<option>Plants</option>
<option>Other</option>
</select><br /><br />

Starting Price:<br/>
<input type=\"text\" size=\"40\" maxlength=\"70\" name=\"sprice\" ><br /><br />

Buy It Now Price:<br/>
<input type=\"text\" size=\"40\" maxlength=\"70\" name=\"bin\" ><br /><br />

Item Description:<br/>
<input type=\"text\" size=\"40\" name=\"desc\" style=\"height: 200px;\"><br /><br />

<input type=\"submit\" name=\"auction\" value=\"Submit\"></form> ");

}else {
$aname = htmlspecialchars($_POST[aname]);
$category = htmlspecialchars($_POST[category]);
$sprice = htmlspecialchars($_POST[sprice]);
$bin = htmlspecialchars($_POST[bin]);
$desc = htmlspecialchars($_POST[disc]);
$timel = htmlspecialchars($_POST[timel]);
// the above lines get rid of all html.
echo ("$_GET[user] you have posted a new auction. Please wait for our Administrators to verify it.");
$query = mysql_query("INSERT INTO auction (username, aname, category, sprice, bin, desc, timel) VALUES ($logged[username], $aname, $category, $sprice, $bin, $desc, $timel");
// updates the information in the database.
}
}
else {
echo ("Your not logged in.");
}

?>

There you go ;)

You also need a action= in the <form> part.

it needs to know where to post it too:

<form method=\"POST\" name=\"auction\" action=\"page.php\">

Just change the page.php part, to the namke of this page.

and you will also want a hidden field in the form, so that once they have posted it, the $auction, variable is set up, so the second time round it skips the form, and does the sql stuff.

(hope that made sense)

Primal

Heya. It would've helped if you told us the error. Anyway the problem is...

You have said

if(!$_POST[auction])

??

You have not named your form...

<form method=\"POST\"> <----- SEE. The server doesn't know thats the auction form ;P
Um, no.

$_POST[auction] refers to <input type="submit" name="auction">

Does the form go back to the form? (once submitted), or load a blank page? Or not perform the mysql query. Be specifc please.

Very sorry. Didn't notice it. I think they should try it my way though.

I was assuming that the form goes back on itself. -- so you need the action="nameofpage.php" part in the form header.

This would make sense, as it checks whether variable AUCTION has a value, if it doews then it shows the page (second visit), if not then it shows the form (first visit).

Primal

Also i would've thoght that u'd need to name the form in the opening tag.
Because u surely cant use $_POST[username] etc. when u define name in submit..
Ur just naming the submit button?

Um, no.

$_POST[auction] refers to <input type="submit" name="auction">

Does the form go back to the form? (once submitted), or load a blank page? Or not perform the mysql query. Be specifc please.

I think he is right cos what I have heard from Joe he can do nearly anythin.. And believe me, he probs can

lol. Well i never do it that way. U probs can do it his way. I dunno ;)

Ok let me break it down.

The name of the form is unimportant. Basically this part:

action="page.php"

tell the system where to send the variables. (You could have 5 forms on the page all with the same name, its doesnt matter)

Looking at your script it seems that it first look at a variable AUCTION, which if not present loads the form, and if it is present skips the form and does the rest.

This means you need to ahve a hidden field on your form of name AUCTION. So when the form is sent, then the next time the AUCTION variable has been set, and it skips the form this time, and does the rest.

goodLuck, hope it s working now.

Primal

oh yeah rofl.


I assumed it was there

Um, no.

$_POST[auction] refers to <input type="submit" name="auction">

Does the form go back to the form? (once submitted), or load a blank page? Or not perform the mysql query. Be specifc please.

Also, thats is just naming the Submit Button, the variable AUCTION in the code, refers to a variable in the form, youl ahve tto make a hiddne field like isaid to set it once the form is submitted.

and yeah i think the form is sposed to send it back or whats the point in the rest of the code.

Primal

This should be fun..


I was assuming that the form goes back on itself. -- so you need the action="nameofpage.php" part in the form header.

This would make sense, as it checks whether variable AUCTION has a value, if it doews then it shows the page (second visit), if not then it shows the form (first visit).

Primal
Forms without an action defined assume the action is the page it's on, which in this case is correct. Un needed, but to conform to W3C standards it's needed. Either way, not the problem.

Also i would've thoght that u'd need to name the form in the opening tag.
Because u surely cant use $_POST[username] etc. when u define name in submit..
Ur just naming the submit button?
Forms don't need names. You're defining the ID of a input, in this case the submit button, that's how forms are handled, via the names which are in turn the variables.

I think he is right cos what I have heard from Joe he can do nearly anythin.. And believe me, he probs can
If you're referring to me, who the hell is Joe?

Also, thats is just naming the Submit Button, the variable AUCTION in the code, refers to a variable in the form, youl ahve tto make a hiddne field like isaid to set it once the form is submitted.

and yeah i think the form is sposed to send it back or whats the point in the rest of the code.

Primal
Dude that doesn't even make sense.

When submitting a form, ALL input's are put as an array in $_POST, labelled by the input name. Why the hell would he need to set a variable himself, when if (!$_POST[auction]) checks if it has or not anyway?

Ok let me break it down.

The name of the form is unimportant. Basically this part:

action="page.php"

tell the system where to send the variables. (You could have 5 forms on the page all with the same name, its doesnt matter)

Looking at your script it seems that it first look at a variable AUCTION, which if not present loads the form, and if it is present skips the form and does the rest.

This means you need to ahve a hidden field on your form of name AUCTION. So when the form is sent, then the next time the AUCTION variable has been set, and it skips the form this time, and does the rest.

goodLuck, hope it s working now.

Primal
Submit is auction.

I forgot what else I was gonna say now.

Well played mate! Thanks for that lol.

Never used forms that way before

Shouldnt $_POST[auction] be $_POST['auction']?

It doesn't matter ;)

With the ' '

It just looks a bit neater

Shouldnt $_POST[auction] be $_POST['auction']?
No, it can be either. Its usually better to use single quotes, but sometimes that will clash when echoing and other stuff I can't remember. So it's users choice really.

Firstly, dont we all want to conform to W3C.

And secondly, making the hidden "auction" field would defenatelly work. And it does make sense ==> make a hidden field call it auction and give it a value. When the form is submitted there will be a value in $_POST['auction'] and it will complete the second part of the code then.

Theres more than one way to skin a cat, neither way is right or wrong.

Primal