I feel really dumb for asking this. :o

I'm still fairly new to coding in PHP so I'm a little confused here: Simply put, I'm trying to insert data into a table from a simple form but I can't get it to work. I've tried everything I can think of and I still don't understand.. Can anyone see an obvious error in the code?

Also, when sending the form an error popup tells me the following: (even when linking to member.php?u=$userinfo[userid])
This user has not registered and therefore does not have a profile to view.


if ($_POST['do'] == 'insertnewcomment') {
globalize($_POST, array('comment' => INT,'title' => STR_NOHTML));

$DB_site->query("
INSERT INTO ".TABLE_PREFIX."usercomment (userid,postedbyid,comment,title,dateline)
VALUES (".$userinfo[userid].",".$bbuserinfo[userid].",".mysql_escape_string($comment)."',".mysql_escape_string($title)."',".TIMENOW."')");

$url = "member.php?$session[sessionurl]u=$userinfo[userid]";
eval(print_standard_redirect('redirect_postthanks' ));

}


<form action="member.php" method="post">
<input type="hidden" name="do" value="insertnewcomment" />
<input type="hidden" name="userid" />
<input type="hidden" name="postedbyid" />
<input type="hidden" name="s" value="$session[sessionhash]" />
<input class="bginput" type="text" name="title" size="45" maxlength="80" /><br />
<input class="bginput" type="text" name="comment" size="45" maxlength="80" /><br />
<input type="submit" class="button" value="Submit" accesskey="s" />
</form>


Thanks,

$DB_site->query("
INSERT INTO ".TABLE_PREFIX."usercomment (userid,postedbyid,comment,title,dateline)
VALUES ($userinfo[userid],$bbuserinfo[userid],'".mysql_escape_string($comment)."','".mysql_escape_string($title)."',TIMENOW)");
Change line to the above.

Also you are globalizing $comment as an integer, but i think you want it to be text. So either change the globalize to STR, or remove the quotes and the mysql_escape_string.

Hmm. Thanks Marco.

I changed the line, and added "STR" instead of "INT" but I still can't seem to get it to enter into the database. Perhaps it has something to do with this?

Also, when sending the form an error popup tells me the following: (even when linking to member.php?u=$userinfo[userid])
"This user has not registered and therefore does not have a profile to view."


Which I'm also completely stuck on.. haha, I'm getting the hang of it though!
Thanks for your help.

Are you using 3.5.0? I'm editing member.php(For 3.0.7) ATM too, and I used $userid to get the userid of the member's profile currently been viewed, and it worked.

Nope, 3.0.7

Sorry, I should have specified that before.

Are you meaning:
<form action="member.php?u=$userid" method="post">

It's linking to the correct user id, but it's giving me the error message that you receive if putting in a non-existing userid. If that makes sense?

I'll post a screen:
It's giving me the error message, but the user id clearly does exist.. just kind of weird.

When you go to http://www.yoursite.com/member.php?u=1, does that bring you to a profile? Or do you get the same error message?

When I go directly there it gives me the profile. What's weird is when I have that error message, I click "Go" in the browser and it loads the profile just fine.

Oh and to get the query to run try

<form action="member.php?u=$userid&do=insertnewcomment" method="post">

That may be what's causing the query not to run, although not sure about a the error.

Dang, no deal. Still doesn't enter into the database, and still getting this strange redirect error. Thanks for the help though guys, I'm not sure if I'd have any hair left if I didn't get help on some things. :)

Hmm i am no HTML guru, but i don't think you can pass variables with the 'form action=...'.

You should use a hidden input field to pass those variables.

Well, if I have the form action point to "member.php" it still links to "member.php?u=(userid) but I still get that error message.

I do have a hidden field for the 'insertnewcomment'
<input type="hidden" name="do" value="insertnewcomment" />