I'm using int type in my database, what I should put in order to catch the input data by users? mysql_real_escape_string is not working because I think he can cater only the string values.
here is my codes.
<?php
/*
NEW.PHP
Allows user to create a new entry in the database
*/
// creates the new record form
// since this form is used multiple times in this file, I have made it a function that is easily reusable
function renderForm($receiptNumber, $paymentDate, $ammount, $ammountPaid, $studentId, $errorL)
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>New Record</title>
</head>
<body>
<?php
// if there are any errors, display them
if ($errorL != '')
{
echo '<div style="padding:4px; border:1px solid red; color:red;">'.$errorL.'</div>';
}
?>
<form action="" method="post">
<div>
<strong>Receipt Number: *</strong> <input type="text" name="oicId" value="<?php echo $receiptNumber; ?>" /><br/>
<strong>Payment Date: *</strong> <input type="text" name="oicName" value="<?php echo $paymentDate; ?>" /><br/>
<strong>Ammount: *</strong> <input type="text" name="gender" value="<?php echo $ammount; ?>" /><br/>
<strong>Ammount Paid: *</strong> <input type="text" name="ssgposition" value="<?php echo $ammountPaid; ?>" /><br/>
<strong>Student ID: *</strong> <input type="text" name="ssgposition" value="<?php echo $studentId; ?>" /><br/>
<p>* required</p>
<input type="submit" name="submit" value="Submit">
</div>
</form>
</body>
</html>
<?php
}
// connect to the database
include('connect-db.php');
// check if the form has been submitted. If it has, start to process the form and save it to the database
if (isset($_POST['submit']))
{
// get form data, making sure it is valid
$receiptNumber = ($_POST['receiptNumber']);
$paymentDate = mysql_real_escape_string(htmlspecialchars($_POST['paymentDate']));
$ammount = mysql_real_escape_string(htmlspecialchars($_POST['ammount']));
$ammountPaid = mysql_real_escape_string(htmlspecialchars($_POST['ammountPaid']));
$studentId = mysql_real_escape_string(htmlspecialchars($_POST['studentId']));
// check to make sure both fields are entered
if ($receiptNumber == '' || $paymentDate== '' || $ammount == '' || $ammountPaid == '' || $studentId == '')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';
// if either field is blank, display the form again
renderForm($receiptNumber, $paymentDate, $ammount, $ammountPaid, $studentId, $error);
}
else
{
// save the data to the database
mysql_query("INSERT payments SET receiptNumber='$receiptNumber', paymentDate='$paymentDate', ammount='$ammount', ammountPaid='$ammountPaid', studentId='$studentId'")
or die(mysql_error());
// once saved, redirect back to the view page
header("Location: view.php");
}
}
else
// if the form hasn't been submitted, display the form
{
renderForm('','','','','','');
}
?>
it appears that Error! Notice: Undefined index: receiptNumber in C:\wamp\www\finals\payments\new.php on line 59 until line 63.
please help me guys.