我有一个网站,登录用户可以在其中记录电池销售,但我遇到了一些麻烦......
我有两个问题:
当我提交表单时,我收到一条错误消息,内容为“MySQL 错误:您的 SQL 语法有错误;检查与您的 MySQL 服务器版本相对应的手册以获取正确的语法使用',它发生在 'INSERT INTO npc_sales_list' 查询之后并且不知道为什么。
我也在尝试验证下拉菜单('npc_battery_n_code' 和 'npc_battery_other_code'),以便如果在一个下拉菜单中选择了一个电池,另一个将恢复为“无”。
目前,如果问题 1 可以在 2 之前得到回答,那就太好了,但欢迎提出任何建议。
<?php //logsale.php
require_once ('./includes/config.inc.php');
$page_title = 'Log a sale';
include ('./includes/header.html');
if (!isset($_SESSION['sp_user_id'])) {
$url = 'http://' . $_SERVER['HTTP_HOST']
. dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
$url .= '/login.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
}
$users = $_SESSION['sp_user_id'];
?>
<h1>Heading</h1>
<?php
if (isset($_POST['submitted'])) {// Handle the form.
require_once ('mydatabase.php');
if (!empty($_POST['npc_quantity'])) {
$quantity = escape_data($_POST ['npc_quantity']);
} else {
$quantity = FALSE;
echo '<p><font color="red">You forgot to enter the Quantity</font></p>';
}
if (!empty($_POST['npc_customer_name'])) {
$customer = escape_data($_POST ['npc_customer_name']);
} else {
$customer = FALSE;
echo '<p><font color="red">You forgot to enter the Customer Name</font></p>';
}
if (!empty($_POST['npc_registration_no'])) {
$rego = escape_data($_POST ['npc_registration_no']);
} else {
$rego = FALSE;
echo '<p><font color="red">You forgot to enter the Customer Rego Number</font></p>';
}
if (!empty($_POST['npc_suo_no'])) {
$suo = escape_data($_POST ['npc_suo_no']);
} else {
$suo = FALSE;
echo '<p><font color="red">You forgot to enter the SUO Number</font></p>';
}
if (!empty($_POST['npc_amb_club_no'])) {
$repair_order = escape_data($_POST ['npc_amb_club_no']);
} else {
$repair_order = FALSE;
echo '<p><font color="red">You forgot to enter the A-Club number</font></p>';
}
if (!empty($_POST['npc_repair_order'])) {
$amb_club = escape_data($_POST ['npc_repair_order']);
} else {
$amb_club = FALSE;
echo '<p><font color="red">You forgot to enter the Repair Order</font></p>';
}
if (!empty($_POST['npc_invoice_no'])) {
$inv = escape_data($_POST ['npc_invoice_no']);
} else {
$inv = FALSE;
echo '<p><font color="red">You forgot to enter the Invoice Number </font></p>';
}
if (!empty($_POST['npc_entry_userdate'])) {
$inv_date = escape_data($_POST ['npc_entry_userdate']);
} else {
$inv_date = FALSE;
echo '<p><font color="red">You forgot to enter the Invoice Date</font></p>';
}
if ($quantity && $customer && $rego && $suo && $repair_order && $amb_club && $inv && $inv_date) {
$uid = @mysql_insert_id(); //Get the url ID.
$query = "INSERT INTO npc_sales_list
(npc_item_id , sp_user_id, npc_battery_n_code, npc_battery_other_code, npc_quantity,
npc_customer_name, npc_registration_no, npc_suo_no, npc_amb_club_no, npc_repair_order,
npc_entry_userdate, npc_usertype, npc_points, npc_bonus_points, npc_entry_date)
VALUES
('$uid', '$users', '$_POST[npc_battery_n_code]', '$_POST[npc_battery_other_code]', '$quantity',
$customer , $rego, $suo, $amb_club , $repair_order,
$inv , 'NPC', '5' , '0' , NOW())";
$result = mysql_query ($query) or trigger_error
("Query: $query\n<br />MySQL Error: " .mysql_error());
if ($result = @mysql_query($query)) {
//Finish the page.
echo '<p>The sale with invoice number: <strong>' . $inv . '</strong> <br />
is now registered into the system.</p>
<p>If you would like to log in further sales, please <a href="logsale.php">click here</a></p>
<p>If you would like to view your sales log, please <a href="viewsales.php">click here</a></p>
';
include ('./includes/footer.html'); // Include the HTML footer.
exit();
} else { // If it did not run OK.
echo '<p><font color="red" size="+1">You could not be
registered due to a system error. We apologize for any
inconvenience.</font></p>';
}
}
} else { // If one of the data tests failed.
echo '<p><font color="red" size="+1">Please check all manatory fields are complete and try again.
</font></p>';
}
mysql_close(); // Close the database connection.
?>
<form enctype="multipart/form-data" action="logsale.php" method="post">
<table width="520" border="0" cellspacing="3" cellpadding="2">
<tr>
<td width="184"><div align="right">NPC Vehicle<span class="style2">*</span></div></td>
<td width="323"><select name="npc_battery_n_code" id="npc_battery_n_code">
<option value="None"
<?php if (isset($_POST['npc_battery_n_code']) && $_POST['npc_battery_n_code'] == 'None')
{echo 'selected="selected"';} ?>>None
</option>
<option value="55D23L"
<?php if (isset($_POST['npc_battery_n_code']) && $_POST['npc_battery_n_code'] == '55D23L')
{echo 'selected="selected"';} ?>>55D23L
</option>
<option value="55D23R"
<?php if (isset($_POST['npc_battery_n_code']) && $_POST['npc_battery_n_code'] == '55D23R')
{echo 'selected="selected"';} ?>>55D23R
</option>
<option value="75D23R"
<?php if (isset($_POST['npc_battery_n_code']) && $_POST['npc_battery_n_code'] == '75D23R')
{echo 'selected="selected"';} ?>>75D23R
</option>
</select></td>
</tr>
<tr>
<td width="184"><div align="right">Other <span class="style2">*</span></div></td>
<td width="323">
<select name="npc_battery_other_code" id="npc_battery_other_code">
<option value="50D20L"
<?php if (isset($_POST['npc_battery_other_code']) && $_POST['npc_battery_other_code'] == '50D20L')
{echo 'selected="selected"';} ?>>50D20L
</option>
<option value="50D20R"
<?php if (isset($_POST['npc_battery_other_code']) && $_POST['npc_battery_other_code'] == '50D20R')
{echo 'selected="selected"';} ?>>50D20R
</option>
<option value="55D23LMF"
<?php if (isset($_POST['npc_battery_other_code']) && $_POST['npc_battery_other_code'] == '55D23LMF')
{echo 'selected="selected"';} ?>>55D23LMF
</option>
<option value="55D23RMF"
<?php if (isset($_POST['npc_battery_other_code']) && $_POST['npc_battery_other_code'] == '55D23RMF')
{echo 'selected="selected"';} ?>>55D23RMF
</option>
</select></td>
</tr>
<tr>
<td><div align="right">Quantity <span class="style2">*</span></div></td>
<td><input type="text" name="npc_quantity" size="10" maxlength="10"
value="<?php if (isset($_POST['npc_quantity'])) echo $_POST['npc_quantity']; ?>" /></td>
</tr>
<tr>
<td><div align="right">Customer name<span class="style2">*</span></div></td>
<td><input type="text" name="npc_customer_name" size="30" maxlength="30"
value="<?php if (isset($_POST['npc_customer_name'])) echo $_POST['npc_customer_name']; ?>" /></td>
</tr>
<tr>
<td><div align="right">Rego number <span class="style2">*</span></div></td>
<td><input type="text" name="npc_registration_no" size="10" maxlength="7"
value="<?php if (isset($_POST['npc_registration_no'])) echo $_POST['npc_registration_no']; ?>" /></td>
</tr>
<tr>
<td><div align="right">SUO No.<span class="style2">*</span></div></td>
<td><input type="text" name="npc_suo_no" size="10" maxlength="7"
value="<?php if (isset($_POST['npc_suo_no'])) echo $_POST['npc_suo_no']; ?>"/></td>
</tr>
<tr>
<td><div align="right">A-Club ID<span class="style2">*</span></div></td>
<td><input type="text" name="npc_amb_club_no" size="15" maxlength="7"
value="<?php if (isset($_POST['npc_amb_club_no'])) echo $_POST['npc_amb_club_no']; ?>"/></td>
</tr>
<tr>
<td><div align="right">Repair Order <span class="style2">*</span></div></td>
<td><input type="text" name="npc_repair_order" size="15" maxlength="12"
value="<?php if (isset($_POST['npc_repair_order'])) echo $_POST['npc_repair_order']; ?>" /></td>
</tr>
<tr>
<td><div align="right">Invoice No. <span class="style2">*</span></div></td>
<td><input size="10" name="npc_invoice_no"
value="<?php if (isset($_POST['npc_invoice_no'])) echo $_POST['npc_invoice_no']; ?>" /></td>
</tr>
<tr>
<td><div align="right">Invoice Date <span class="style2">*</span></div></td>
<td><input size="12" name="npc_entry_userdate" maxlength="10"
value="<?php if (isset($_POST['npc_entry_userdate'])) echo $_POST['npc_entry_userdate']; ?>"/> </td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submit" value="Submit" /></p><input type="hidden" name="submitted" value="TRUE" />
</td>
</tr>
</table>
</form>
<p>Footer</p>
<?php
include ('./includes/footer.html');
?>