building catalog with errors

Question

Imratzio 0 Light Poster

13 Years Ago

Hi all :), im towards the end of the php for dummies book and it telling me how to build a e-commece style pet Catalog. I show the code

<?php

/* Program: addpet.php
   Description: adds new pet to the databse.  
   A confirmation page is sent to the user.
   
 */
 
 if(@$_POST['newbutton'] == "Cancel")
 {
	 header("Location: choosepetcat.php");
 }
 
 require_once("config.php");
 
 
 	foreach($_POST as $field => $value)
	{
		if(empty($value))
		{
			if($field == "petName" or $field == "petDescription")
			{
				$blank_array[] = $field;
			}
		}
		
		else
		{
			if($field != "category")
			
		  {
				if(!preg_match("/^[A-Za-z0-9., _ -]+$/",$value))
			{
				$error_array[] = $field;
			}
			
				if($field == "newCat")
				{
					$clean_data['petType']=trim(strip_tags($value));
				}
				
				else
				{
					$clean_data[$field] = trim(strip_tags($value));
				}
		  }
		}
	}


if(@sizeof($blank_array)>0 or @sizeof($error_array)>0)
	{
		if(@sizeof(blank_array) > 0)
		{
			echo "<p><b> The following fields have incorrect information.
				  Only letters, numbers, spaces, underscores and hyphens 
				  are allowed:</b><br />\n";
				  
				 foreach($error_array as $value)
				 {
					 echo"&nbsp; &nbsp; $value<br />\n";
				 }
		}
		
		extract($clean_data);
		include("NewName_form.inc");
		exit();
	}
	
		foreach($clean_data as $field => $value)
		{
			if(!empty ($value) and $field != "petColor")
			{
				$fields_form[$field] =
				ucfirst(strtolower(strip_tags(trim($value))));
				$fields_form[$field] =
				mysqli_real_escape_string($cxn,$fields_form[$field]);
				
					if($field == "price")
					{
						$fields_form[$field]=
						(float) $fields_form[$field];
						
					}
			}
			
			if(!empty($_POST['petColor']))
			{
				$petColor = strip_tags(trim($_POST['petColor']));
				$petColor = ucfirst(strtolower($petColor));
				$petColor = mysqli_real_escape_string($cxn, $petColor);
			}
		}
		
	
?>

<html>
<head>
<title>Add Pet</title>
<body>

<?php

	$field_array = array_keys($fields_form);
	$fields=implode(",",$field_array);
	$query = "INSERT INTO Pet ($fields) VALUES (";
	foreach($fields_form as $field => $value)
		{
			if($field == "price")
			{
				$query .="$value ,";
				
			}
			
			else
			{
				$query .="$value ,";
				
			}
		}
		
		$query .= ") ";
	    $query = preg_replace("/.\)/",")", $query);
		$result = mysqli_query($cxn, $query)
			or die ("could not execute query");
		$petID = mysqli_insert_id($cxn);
		$query = "SELECT * from Pet WHERE petID='$petID'";
		$result = mysqli_query($cxn, $query)
			or die("could not execute query");
			
			
		$row = mysqli_fetch_assoc($result);
		extract($row);
		echo"The following pet has been added to the Pet catalog:<br />
		<ul>
		<li>Category: $petType</li>
		<li>Pet Name: $petName</li>
		<li>Pet Description: $petDescription</li>
		<li>Price: \$$price</li>
		<li>Picture file: $pix</li>\n";
		
	if (@$petColor != "")
		{
			$query = "SELECT petName FROM Color
					  WHERE petName='$petName'
					  AND petColor='$petColor'";
			$result = mysqli_query($cxn, $query)
					or die ("Could not execute the F'ing query!!!");
					
					$num = mysqli_num_rows($result);
					if ($num < 1)
					{
					
					 $query = "INSERT INTO Color (petName, petColor,pix)
					 		   VALUES ('$petName', '$petColor', '$pix')";
					 $result = mysqli_query($cxn, $query)
					 or die ("could not execute the shitty query, shitty programming F'ing twat!!.".
							 mysqli_error($cxn));
					 echo "<li>Color: $petColor</li>\n";
		
		}
	}
	
	echo "</ul>\n";
	echo "<a href='choosepetcat.php'>Add Another Pet</a>\n";

?>
</body></head>

The error

Warning: Invalid argument supplied for foreach() in C:\xampp\htdocs\petstore2\addpet.php  on line 70

Warning: array_keys() expects parameter 1 to be array, null given in C:\xampp\htdocs\petstore2\addpet.php on line 105

Warning: implode() [function.implode]: Invalid arguments passed in C:\xampp\htdocs\petstore2\addpet.php on line 106

Warning: Invalid argument supplied for foreach() in C:\xampp\htdocs\petstore2\addpet.php on line 108
could not execute query

I definatly know its related to my databse connection, I have been having this problem for a long time now and the die messages aren't so good from the book.

I hope you guys can solve this problem, just nearly to the end :)

cheeers

php

2 Contributors
4 Replies
151 Views
6 Days Discussion Span
Latest Post 13 Years Ago Latest Post by Imratzio

jkon 636 Posting Whiz in Training

13 Years Ago

Don’t deprecate prior variables (don’t use @) and then u will see from where the error comes from. My first guess is that you never post this data ….

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Imratzio 0 Light Poster · Answer 1 · 2011-01-11T21:23:20+00:00

Hi forgive me for my lack of brain power but I did not fully understand what you mean. I noticed I have @ in my code but that what the book shows me what to write.

If you can show me an example I would be utmost appreciated :)

If you noticed my die message I forgot to change the message so sorry if it any offence to any of you :)

jkon 636 Posting Whiz in Training Featured Poster · Answer 2 · 2011-01-12T13:52:48+00:00

In PHP the symbol @ means that you suppress errors and warnings. As php.net states : “When prepended to an expression in PHP, any error messages that might be generated by that expression will be ignored”.

There are really few situations in PHP where you need to use @. Most of the cases if you suppress an error it will result that if your code don’t work in one other statement you will not get easy why this is happening. For example in your code instead of writing if(@$_POST == "Cancel") you could write if(isset($_POST) && $_POST == "Cancel") . It is a bit bigger but it is really cleaner.

Your code needs rewriting considering all the logical possibilities. Let’s see an example. In line 70 you use $clean_data as if it where an array without being sure that it has declared. One short solution could be to have a logical operator before that (e.g. if(isset($clean_data) && is_array($clean_data)). But that would be a shortcut and possible would cause an error somewhere else.

The key is to understand why this is happening. The first time you mention $clean_data in your code is in line 40 inside a larger foreach encapsulation foreach($_POST as $field => $value) . If $_POST is an empty array (meaning that nothing have posted) then it will not even enter this.

You mentioned that you have copied the example from a book. If it is so , my advice is not continue with this book. There are plenty tutorials for PHP out there that most of them follow basic programming principles.

Imratzio 0 Light Poster · Answer 3 · 2011-01-12T21:34:36+00:00

I see its a shame I spent nearly a month finishing the book but thank you very much, I appreciated the help you have given me :)