Already rechecked with admin. parts INSERT fulfills, the problem in the front:

case 'booking': $a = $_POST["hotelid"]." ".$_POST["roomid"]." ".$_POST["dtarrive"]." ".$_POST["dtdepart"]." ".$_POST["price"]." ".$_POST["email"]; echo $a; bookingCreate($_POST["hotelid"],$_POST["roomid"],$_POST["dtarrive"],$_POST["dtdepart"],$_POST["price"],$_POST["email"]);

I check echo comes, and in common it is not fulfilled, prompt what I miss ???

 function bookingCreate($hotelid, $roomid, $dtarrive, $dtdepart, $price, $email) { $cn = dbConnect(); $timearrive = strtotime($dtarrive); $timedepart = strtotime($dtdepart); $newformatarrive = date('Ym-d',$timearrive); $newformatdepart = date('Ym-d',$timedepart); mysql_query("INSERT INTO tbooking(hotelid, roomid, dtarrive, dtdepart, userid, bookingcode, price, status, email) VALUES (".$hotelid.",".$roomid.",'".$newformatarrive."', '".$newformatdepart."','0', UUID(), ".$price.", '1', '".$email."')"); mysql_close($cn); }
  • $sql = "INSERT INTO tbooking(hotelid, roomid, dtarrive, dtdepart, userid, bookingcode, price, status, email) VALUES (".$hotelid.",".$roomid.",'".$newformatarrive."', '".$newformatdepart."','0', UUID(), ".$price.", '1', '".$email."')" type this, and check phpmyadmin. echo $sql; die(); - L. Vadim
  • who is common ? When errors usually have logs .... you looked at them? - Alexey Shimansky
  • require_once ('smarty / Smarty.class.php'); require_once ("./ modules / common.php"); There are no errors, POST, GET variables come from the page to index.php, and after the data is sent to Common.php but the Insert is not done, in the admin index insert works - Den
  • function bookingInsert($hotelid, $roomid, $dtarrive, $dtdepart, $userid, $price, $status, $email){ $cn = dbConnect(); $timearrive = strtotime($dtarrive); $timedepart = strtotime($dtdepart); $newformatarrive = date('Ymd',$timearrive); $newformatdepart = date('Ymd',$timedepart); mysql_query("INSERT INTO tbooking(hotelid, roomid, dtarrive, dtdepart, userid, bookingcode, price, status, email) VALUES (".$hotelid.",".$roomid.",'".$newformatarrive."', '".$newformatdepart."',".$userid.", UUID(), ".$price.",".$status.",'".$email."')"); mysql_close($cn); This is admin, it works - Den
  • I hope you are aware of what will happen if a user suddenly writes xxx'); delete from tbooking; # as an email xxx'); delete from tbooking; # xxx'); delete from tbooking; # xxx'); delete from tbooking; # - teran

1 answer 1

 bookingCreate($_POST["hotelid"], $_POST["roomid"], $_POST["dtarrive"], $_POST["dtdepart"], $_POST["price"], $_POST["email"] );

Everything is correct, the problem lies in the price field, it is unclear why, when you remove the disabled attribute from the price field, everything sits in the database.

  • if your field is disabled then it is not sent to POST , so the value will be null . Here you need to make sure that the corresponding database field can be NULL . or watch the logic of the method bookingCreate() - teran
  • pardonte, bookingPrice given. When you have $price == null then in the query you get two commas in a row, which gives a syntax error. In the admin version, probably the empty price never comes, so all the rules. - teran
  • @teran price has been made disabled displayable and hidden for transmission. You said: I hope you are aware of what will happen if a user suddenly writes xxx as an email); delete from tbooking; Could you explain in more detail? The field has an email type - Den