I have a form which will submit information that inserts a row into a database (company details). The submission works ok but I also find that going to the page containing the form will insert a blank row in the database. Any idea why this may be? Code is as below:
<?php
echo "<form action='addnew.php' method='post'>";
echo "<input type='text' name='categoryAdd' value='Travel'/><br/>";
echo "<input type='text' name='EstablishmentNameAdd' value='EstablishmentName'/><br/>";
echo "<input type='text' name='Address1Add' value='Address1'/><br/>";
echo "<input type='text' name='Address2Add' value='Address2'/><br/>";
echo "<input type='text' name='Address3Add' value='Address3'/><br/>";
echo "<input type='text' name='Address4Add' value='Address4'/><br/>";
echo "<input type='text' name='PostcodeAdd' value='Postcode'/><br/>";
echo "<input type='text' name='NearestStationAdd' value='NearestStation'/><br/>";
echo "<input type='text' name='TelAdd' value='Tel'/><br/>";
echo "<input type='text' name='FaxAdd' value='Fax'/><br/>";
echo "<input type='text' name='EmailAdd' value='Email'/><br/>";
echo "<input type='text' name='WebsiteAdd' value='Website'/><br/>";
echo "<input type='text' n开发者_如何转开发ame='DescriptionAdd' value='Description'/><br/>";
echo "<input type='submit' value='test'/>";
echo "</form>";
$EstablishmentNameAdd = mysql_real_escape_string($_POST['EstablishmentNameAdd']);
$CategoryAdd = $_POST['categoryAdd'];
$Address1Add = mysql_real_escape_string($_POST['Address1Add']);
$Address2Add = mysql_real_escape_string($_POST['Address2Add']);
$Address3Add = mysql_real_escape_string($_POST['Address3Add']);
$Address4Add = mysql_real_escape_string($_POST['Address4Add']);
$PostcodeAdd = $_POST['PostcodeAdd'];
$NearestStationAdd = mysql_real_escape_string($_POST['NearestStationAdd']);
$TelAdd = $_POST['TelAdd'];
$FaxAdd = $_POST['FaxAdd'];
$EmailAdd = mysql_real_escape_string($_POST['EmailAdd']);
$WebsiteAdd = mysql_real_escape_string($_POST['WebsiteAdd']);
$DescriptionAdd = mysql_real_escape_string($_POST['DescriptionAdd']);
$result1 = mysql_query("INSERT into establishment_id (EstablishmentName) values ('$EstablishmentNameAdd')");
$result2 = mysql_query("SELECT * from establishment_id where EstablishmentName = '$EstablishmentNameAdd'");
while($row = mysql_fetch_array($result2))
{
$ID = $row['EstablishmentID'];
$NAME = $row['EstablishmentName'];
};
$result3 = mysql_query("INSERT into establishmentdetails (EstablishmentID, EstablishmentName, category, Address1, Address2, Address3, Address4, Postcode, NearestStation, Tel, Fax,
Email, Website, Description) values('$ID', '$EstablishmentNameAdd', '$CategoryAdd', '$Address1Add', '$Address2Add', '$Address3Add', '$Address4Add', '$PostcodeAdd', '$NearestStationAdd', '$TelAdd', '$FaxAdd', '$EmailAdd',
'$WebsiteAdd', '$DescriptionAdd')");
?>
Add this after all the echos:
if(!empty($_POST)){
...
}
Wrap all the bottom code in that, so that way only if there is a post it will do the insert.
This is happening because you are echoing out the form.. and then immediately inserting things into your database that don't exist yet.
You can try this:
if(count($_POST) > 0 && in_array('EstablishmentNameAdd',$_POST)) {
$EstablishmentNameAdd = mysql_real_escape_string($_POST['EstablishmentNameAdd']);
$CategoryAdd = $_POST['categoryAdd'];
$Address1Add = mysql_real_escape_string($_POST['Address1Add']);
$Address2Add = mysql_real_escape_string($_POST['Address2Add']);
$Address3Add = mysql_real_escape_string($_POST['Address3Add']);
$Address4Add = mysql_real_escape_string($_POST['Address4Add']);
$PostcodeAdd = $_POST['PostcodeAdd'];
$NearestStationAdd = mysql_real_escape_string($_POST['NearestStationAdd']);
$TelAdd = $_POST['TelAdd'];
$FaxAdd = $_POST['FaxAdd'];
$EmailAdd = mysql_real_escape_string($_POST['EmailAdd']);
$WebsiteAdd = mysql_real_escape_string($_POST['WebsiteAdd']);
$DescriptionAdd = mysql_real_escape_string($_POST['DescriptionAdd']);
$result1 = mysql_query("INSERT into establishment_id (EstablishmentName) values ('$EstablishmentNameAdd')");
$result2 = mysql_query("SELECT * from establishment_id where EstablishmentName = '$EstablishmentNameAdd'");
while($row = mysql_fetch_array($result2))
{
$ID = $row['EstablishmentID'];
$NAME = $row['EstablishmentName'];
};
$result3 = mysql_query("INSERT into establishmentdetails (EstablishmentID, EstablishmentName, category, Address1, Address2, Address3, Address4, Postcode, NearestStation, Tel, Fax,
Email, Website, Description) values('$ID', '$EstablishmentNameAdd', '$CategoryAdd', '$Address1Add', '$Address2Add', '$Address3Add', '$Address4Add', '$PostcodeAdd', '$NearestStationAdd', '$TelAdd', '$FaxAdd', '$EmailAdd',
'$WebsiteAdd', '$DescriptionAdd')");
}
精彩评论