Member Avatar for ismael ahm@d 
*********test.php**************
******************************

<form action="/forums/test_records.php" method="post" name="test" id="test">
<table width="385" border="1" align="center">
    <tr>
      <td width="120">Date: </td>
      <td width="249"><?PHP echo date("Y-m-d");?></td>
    </tr>
    <tr>
      <td>Particulars:</td>
      <td><input name="Particulars" type="text" size="40"></td>
    </tr>
    <tr>
      <td>Debit:</td>
      <td><input name="Debit" type="text" size="40"></td>
    </tr>
    <tr>
      <td>Credit:</td>
      <td><input name="Credit" type="text" size="40"></td>
    </tr>
    <tr>
      <td colspan="2"><div align="center">
        <input type="submit" name="Submit" value="Submit">
      </div></td>
    </tr>
  </table>
</form>

***********test_records.php*************
****************************************

<?php

 include 'connect/connection.php';



if (isset($_REQUEST['Submit'])) 
{
$sql = "INSERT INTO test( Date, Particulars, Debit, Credit, sum_of_debit, sum_of_credit, Balance) values ( NOW(),'".($_REQUEST['Particulars'])."', '".($_REQUEST['Debit']))."', '".($_REQUEST['Credit']))."' ,'".($_REQUEST['sum_of_debit'])."' ,'".($_REQUEST['sum_of_credit'])."' ,'".($_REQUEST['Balance'])."')";
$result = mysql_query($sql) or die (mysql_error());
}

Now my query is about that i have only four text fields in test.php through which i insert data into the database, but there in database i have 7 fields,
i just wana to insert record without using the text fiels and as well as find out the sum_debit and sum_credit from debit and credit fields respectively, and i m not sure that the above request is correct or not that i declared in the above test_records.php and the Balance field should be the result of sum_credit - sum_debit.

Plz help in this code....
** Will thankful to u ***

Edited by Reverend Jim because: Fixed formatting
  • 4 Contributors
  • 3 Replies
  • 183 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by jayreis

Recommended Answers

All 3 Replies

Member Avatar for is_set

oh accounting
great

Member Avatar for diafol

stow that 'request' rubbish - use post and clean all your variables before placing them in an sql statement.

Keeping track of your field-value pairs may be easier if you use the SET syntax.

INSERT INTO table SET field1 = value1,field2 = value2,field3 = value3
Member Avatar for jayreis

To repeat what the prior posted stated you will want to use post not request and also clean your form posts before putting them into your database

you should readup on
mysql_real_escape() function as well as using INT() function to ensure that the values of the form post are what they should be before you put them into your database.
When ever you have a form on your website that will take a users input and put it into a database you would never trust that the user will put in the type of data you are expecting them to put into the form. Which is why you need to clean and test the data before putting it into your database.

Hopw this helps get you on the right path

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.