0

Hi, i'm doing a website where the user can add his favourite bands in his profile. But not every band is in the DB, so if the band isn't in the DB it adds the name in the column.

this is what i have:

if(mysql_query("INSERT INTO bandas_fav(band_fav_id_user, band_fav_id_banda) VALUES('".$_GET['iduser']."', '".$bands_name['banda_id']."')"))
    {        
        //Record was successfully inserted, respond result back to index page
        $my_id = mysql_insert_id(); //Get ID of last inserted row from MySQL

        $query_band_add=mysql_query("SELECT * FROM bandas WHERE banda_id='".$my_id."'", $con);
        $band_add=mysql_fetch_assoc($query_band_add);

        if(mysql_num_rows($query_band_add)!=0){
            echo '<li id="item_'.$my_id.'" style="float:left; border:1px solid #000; width:20%; margin-right:10px; margin-bottom:10px;">';
            echo '<div class="del_wrapper"><a href="#" class="del_button" id="del-'.$my_id.'">';
            echo '<img src="icon_del.gif" border="0" />';
            echo '</a></div>';
            echo '<div style="float:left; width:110px;"> <img src="../../'.$band_add['banda_logotipo'].'" width="100" style="margin-right:5px;" /></div>';
            echo '<div style="float:left; width:50px;"> <a href="../band_one.php?idbnd='.$band_add['banda_id'].'">'.$band_add["banda_nome"].'</a></div>'.'</li>';
            mysql_close($con); //close db connection
        }
        else{
            if(mysql_query("INSERT INTO bandas_fav(new_band) VALUES('".$contentToSave."') WHERE band_fav_id='".$my_id."'")){
                echo '<li id="item_'.$my_id.'" style="float:left; border:1px solid #000; width:20%; margin-right:10px; margin-bottom:10px;">';
                echo '<div class="del_wrapper"><a href="#" class="del_button" id="del-'.$my_id.'">';
                echo '<img src="icon_del.gif" border="0" />';
                echo '</a></div>';
                echo '<div style="float:left; width:110px;"> <img src="http://cache.gawkerassets.com/assets/images/9/2011/01/rock-band-2-wii.jpg" width="100" height="100" style="margin-right:5px;" /></div>';
                echo '<div style="float:left; width:50px;"> '.$contentToSave.'</div>'.'</li>';
                mysql_close($con); //close db connection
            }
            else{
                echo mysql_error();
            }
        }   
    }
3
Contributors
7
Replies
37
Views
4 Years
Discussion Span
Last Post by minitauros
0

You forgot to mention the problem . I can see many problems in this code , but what is the one that is troubling you ?

0

The second Insert gives me error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE band_fav_id='64'' at line 1

0

Where do you define the $contentToSave ? And more over band_fav_id should be string or int ? And why don’t you take a day or two learning PDO and a day or two more to learn separate logic from view? It is obvious that you are at first steps of programming and in that sense you have my full support, but why not taking a few steps further?

Edited by jkon

0

My question would be the same as jkon's, what's in $contentToSave? And maybe you could read a bit about MySQL Injection, because your script seems not to be as secure as you might think :).

0

$contentToSave is the name of the band that you write:

<div class="form_style">
        <textarea name="content_txt" id="contentText" cols="45" rows="5"></textarea>
        <button id="FormSubmit" style="padding:5px;" >Adicionar Banda</button>
</div>

About security, it's not my main problem right now, i will take care of it later...

0

Again I can’t see where you define $contentToSave , (but without knowing the code and the table I can only see that this code is really a first attempt to programming) again I can’t see where did you provide us with the result of “SHOW CREATE TABLE bandas_fav” . The one thing is solving the problem , the main is understanding what you are doing and give you opinions about it . With no clues at all I am just wandering why there aren’t space in bandas_fav(new_band) new_band isn’t a column , a field of the table ?

Edited by jkon

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.