Hiya im having trouble adding the details into the database with this script
if someone could point me out in the right direction
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title>Add a Print</title>
</head>
<body>
<?php # Script 14.2 - add_print.php
// This page allows the administrator to add a print (product).
require_once ('../mysql_connect.php'); // Connect to the database.
if (isset($_POST['submitted'])) { // Check if the form has been submitted.
// Validate the print_name, image, artist (existing or first_name, last_name, middle_name), size, price, and description.
// Check for a track name.
if (!empty($_POST['track_name'])) {
$tn = escape_data($_POST['track_name']);
} else {
$tn = FALSE;
echo '<p class="red"><font color="red">Please enter the track\'s name!</font></p>';
}
// Check for an image.
if (is_uploaded_file ($_FILES['image']['tmp_name'])) {
if (move_uploaded_file($_FILES['image']['tmp_name'], "../uploads/{$_FILES['image']['name']}")) { // Move the file over.
echo '<p>The file has been uploaded!</p>';
} else { // Couldn't move the file over.
echo '<p><font color="red">The file could not be moved.</font></p>';
$i = FALSE;
}
$i = $_FILES['image']['name'];
} else {
$i = FALSE;
}
// Check for a size (not required).
if (!empty($_POST['track_label'])) {
$s = escape_data($_POST['track_label']);
} else {
$s = '<i>Size information not available.</i>';
}
// Check for a price.
//if (is_numeric($_POST['price'])) {
// $p = (float) $_POST['price'];
//} else {
//$p = FALSE;
//echo '<p><font color="red">Please enter the print\'s price!</font></p>';
//}
// Check for a description (not required).
if (!empty($_POST['track_credits'])) {
$d = escape_data($_POST['track_credits']);
} else {
$d = '<i>No description available.</i>';
}
// Validate the album.
if ($_POST['album'] == 'new') {
// If it's a new album, add the album to the database.
$query = 'INSERT INTO album (album_name) VALUES (';
if (!empty($_POST['album_name'])) {
$query .= "'" . escape_data($_POST['album_name']) . "')";
//} else {
//$query .= 'NULL, ';
//}
//if (!empty($_POST['middle_name'])) {
//$query .= "'" . escape_data($_POST['middle_name']) . "', ";
//} else {
// $query .= 'NULL, ';
// }
// Check for a last_name.
//if (!empty($_POST['last_name'])) {
//$query .= "'" . escape_data($_POST['last_name']) . "')";
// Improved MySQL Version:
$result = mysql_query($query);
$a = mysql_insert_id();
/* Standard MySQL Version:
$result = mysql_query ($query); // Run the query.
$a = mysql_insert_id(); // Get the artist ID.
*/
} else { // No last name value.
$a = FALSE;
echo '<p><font color="red">Please enter the artist\'s name!</font></p>';
}
} elseif ( ($_POST['album'] == 'existing') && ($_POST['existing'] > 0)) { // Existing album.
$a = (int) $_POST['existing'];
} else { // No artist selected.
$a = FALSE;
echo '<p><font color="red">Please enter or select the print\'s artist!</font></p>';
}
if ($tn && $a && $i) { // If everything's OK.
// Add the print to the database.
$query = "INSERT INTO track (album_id, track_name, track_label, track_credits, image_name) VALUES ($a, '$tn', '$s', '$d', '$i')";
if ($result = mysql_query($query)) { // Worked.
echo '<p>The print has been added.</p>';
} else { // If the query did not run OK.
echo '<p><font color="red">Your submission could not be processed due to a system error.</font></p>';
}
} else { // Failed a test.
echo '<p><font color="red">Please click "back" and try again.</font></p>';
}
} else { // Display the form.
?>
<form enctype="multipart/form-data" action="add_track.php" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="524288"/>
<fieldset><legend>Fill out the form to create a song:</legend>
<p><b>Track Name:</b> <input type="text" name="track_name" size="30" maxlength="100" /></p>
<p><b>Track:</b> <input type="file" name="image" /> <small>The file name should not include spaces or other invalid characters and should have a file extension.</small></p>
<p><b>Album:</b>
<p><input type="radio" name="album" value="existing" /> Existing =>
<select name="existing"><option>Select One</option>
<?php // Retrieve all the artists and add to the pull-down menu.
$query = "SELECT album_id,(' ', album_name) FROM album";
$result = mysql_query($query);
while ($row = mysql_fetch_array ($result,MYSQL_ASSOC)) {
echo "<option value=\"{$row['album_id']}\">{$row['name']}</option>\n";
}
mysql_close(); // Close the database connection.
?>
</select></p>
<p>
<input type="radio" name="album" value="new" /> New =>
Album Name: <input type="text" name="album_name" size="10" maxlength="60" />
</p>
<p><b>Genre:</b>
<select name="existing">
<option>Select One</option>
<?php // Retrieve all the artists and add to the pull-down menu.
$query = "SELECT genre_id, (' ', genre_name) FROM track_genre ORDER BY genre_name ASC";
$result = mysql_query($query);
while ($row = mysql_fetch_array ($result,MYSQL_ASSOC)) {
echo "<option value=\"{$row['genre_id']}\">{$row['name']}</option>\n";
}
mysql_close(); // Close the database connection.
?>
</select>
</p>
<p><b>Label:</b>
<input type="text" name="track_label" size="30" maxlength="255" /> </p>
<p><b>Track credits :</b>
<textarea name="track_credits" cols="40" rows="5"></textarea></p>
</fieldset>
<div align="center"><input type="submit" name="submit" value="Submit" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</form>
<?php
} // End of main conditional.
?>
</body>
</html>