Reviews aren't being added to the database

Topic:	Reviews aren't being added to the database
lauren Freshman Posts: 3 Posted: 7.Mar 2004 - 23:17	I tested the module and it worked fine, then I added a few fields. Everything else works fine, but it won't add a new review to the database. I have tried submitting reviews and then checking the database with phpMyAdmin and they aren't there. I have added the new columns to the database in the same order as they are listed in the code, with the same size as the input fields (some are varchar, others are text) and the same pn_ prefix as the other columns. When I try to submit something I get the "your review has been submitted" screen after hitting the submit button. ANY help is greatly appreciated! Here's the submit code: Code function send_review() { list($date, $title, $contact, $lines, $dogtitle, $titleself, $health, $text, $reviewer, $email, $score, $cover, $url, $url_title, $hits, $id, $rlanguage) = pnVarCleanFromInput('date', 'title', 'contact', 'lines', 'dogtitle', 'titleself', 'health', 'text', 'reviewer', 'email', 'score', 'cover', 'url', 'url_title', 'hits', 'id', 'rlanguage'); list($dbconn) = pnDBGetConn(); $pntable = pnDBGetTables(); include ('header.php'); if (!(pnSecAuthAction(0, 'Reviews::', '::', ACCESS_COMMENT))) { echo _REVIEWSSUBMITNOAUTH; include 'footer.php'; return; } if (strpos($text, "<!--pagebreak-->") !== false) { $text = str_replace("<!--pagebreak-->","<!--pagebreak-->",$text); } if (strpos($text, "<!--pagebreak-->") !== false) { $text = str_replace("<!--pagebreak-->","<!--pagebreak-->",$text); } OpenTable(); echo "<br><center><font class=\"pn-normal\">"._RTHANKS."</font>"; if ($id != 0) echo "<font class=\"pn-normal\"> "._MODIFICATION."</font>"; else echo "<font class=\"pn-normal\">, $reviewer"; echo "!</font><br>"; if ($id == 0) { // New review if (!(pnSecAuthAction(0, 'Reviews::', "$title::", ACCESS_COMMENT))) { echo _REVIEWSSUBMITNOAUTH; CloseTable(); include 'footer.php'; return; } if (pnSecAuthAction(0, 'Reviews::', "$title::", ACCESS_ADD)) { // Add immediately $column = &$pntable['reviews_column']; $newid = $dbconn->GenId($pntable['reviews']); $result = $dbconn->Execute("INSERT INTO $pntable[reviews] ($column[id], $column[date], $column[title], $column[contact], $column[lines], $column[dogtitle], $column[titleself], $column[health], $column[text], $column[reviewer], $column[email], $column[score], $column[cover], $column[url], $column[url_title], $column[hits], $column[language]) VALUES ($newid, '".pnVarPrepForStore($date)."', '".pnVarPrepForStore($title)."', '".pnVarPrepForStore($contact)."', '".pnVarPrepForStore($lines)."', '".pnVarPrepForStore($dogtitle)."', '".pnVarPrepForStore($titleself)."', '".pnVarPrepForStore($health)."', '".pnVarPrepForStore($text)."', '".pnVarPrepForStore($reviewer)."', '".pnVarPrepForStore($email)."', '".pnVarPrepForStore($score)."', '".pnVarPrepForStore($cover)."', '".pnVarPrepForStore($url)."', '".pnVarPrepForStore($url_title)."', '1', '".pnVarPrepForStore($rlanguage)."' )"); if($dbconn->ErrorNo()<>0) { error_log("ERROR 1 : " . $dbconn->ErrorMsg()); } echo "<font class=\"pn-normal\">"._ISAVAILABLE."</font>"; } else { // Add to waiting list $column = &$pntable['reviews_add_column']; $nextid = $dbconn->GenId($pntable['reviews_add']); $result = $dbconn->Execute("INSERT INTO $pntable[reviews_add] ($column[id], $column[date], $column[title], $column[contact], $column[lines], $column[dogtitle], $column[titleself], $column[health], $column[text], $column[reviewer], $column[email], $column[score], $column[url], $column[url_title], $column[language]) VALUES ($nextid, '".pnVarPrepForStore($date)."', '".pnVarPrepForStore($title)."', '".pnVarPrepForStore($contact)."', '".pnVarPrepForStore($lines)."', '".pnVarPrepForStore($dogtitle)."', '".pnVarPrepForStore($titleself)."', '".pnVarPrepForStore($health)."', '".pnVarPrepForStore($text)."', '".pnVarPrepForStore($reviewer)."', '".pnVarPrepForStore($email)."', '".pnVarPrepForStore($score)."', '".pnVarPrepForStore($url)."', '".pnVarPrepForStore($url_title)."', '".pnVarPrepForStore($rlanguage)."' )"); if($dbconn->ErrorNo()<>0) { error_log("ERROR 1 : " . $dbconn->ErrorMsg()); } echo "<font class=\"pn-normal\">"._EDITORWILLLOOK."</font>"; } } else { // Updated review if (!(pnSecAuthAction(0, 'Reviews::', "$title::$id", ACCESS_EDIT))) { echo _REVIEWSEDITNOAUTH; CloseTable(); include 'footer.php'; return; } $column = &$pntable['reviews_column']; $result = $dbconn->Execute("UPDATE $pntable[reviews] SET $column[date]='".pnVarPrepForStore($date)."', $column[title]='".pnVarPrepForStore($title)."', $column[contact]='".pnVarPrepForStore($contact)."', $column[lines]='".pnVarPrepForStore($lines)."', $column[dogtitle]='".pnVarPrepForStore($dogtitle)."', $column[titleself]='".pnVarPrepForStore($titleself)."', $column[health]='".pnVarPrepForStore($health)."', $column[text]='".pnVarPrepForStore($text)."', $column[reviewer]='".pnVarPrepForStore($reviewer)."', $column[email]='".pnVarPrepForStore($email)."', $column[score]='".pnVarPrepForStore($score)."', $column[cover]='".pnVarPrepForStore($cover)."', $column[url]='".pnVarPrepForStore($url)."', $column[url_title]='".pnVarPrepForStore($url_title)."', $column[hits]='".pnVarPrepForStore($hits)."', $column[language]='".pnVarPrepForStore($rlanguage)."' WHERE $column[id] = '".pnVarPrepForStore($id)."'"); if($dbconn->ErrorNo()<>0) { error_log("ERROR 2 : " . $dbconn->ErrorMsg()); } echo "<font class=\"pn-normal\">"._ISAVAILABLE."</font>"; } echo "<br><br><font class=\"pn-normal\">[ <a class=\"pn-normal\" href=\"modules.php?op=modload&name=$GLOBALS[ModName]&file=index\">"._RBACK."</a> ]</font><br></center>"; CloseTable(); include 'footer.php'; }
lauren Freshman Posts: 3 Posted: 7.Mar 2004 - 23:25	My bad, forgot to mention I am using PostNuke 0.726 (installed via fantastico). The server has PHP 4.3.4 (http://www.bgfweb.com/main/phpinfo.php) installed. The code in question is currently at http://www.tarheelweb.com but once it is fixed I will be moving it to a different account on the same server and using realgsd.info as the domain name. This is my first time working with PHP.

Code

function send_review() 
{ 

    list($date, 
     $title, 
     $contact, 
     $lines, 
     $dogtitle, 
     $titleself, 
     $health, 
     $text, 
     $reviewer, 
     $email, 
     $score, 
     $cover, 
     $url, 
     $url_title, 
     $hits, 
     $id, 
     $rlanguage) = pnVarCleanFromInput('date', 
                       'title', 
                       'contact', 
                    'lines', 
                    'dogtitle', 
                    'titleself', 
                    'health', 
                       'text', 
                       'reviewer', 
                       'email', 
                       'score', 
                       'cover', 
                       'url', 
                       'url_title', 
                       'hits', 
                       'id', 
                       'rlanguage'); 
    list($dbconn) = pnDBGetConn(); 
    $pntable = pnDBGetTables(); 

    include ('header.php'); 

    if (!(pnSecAuthAction(0, 'Reviews::', '::', ACCESS_COMMENT))) { 
        echo _REVIEWSSUBMITNOAUTH; 
        include 'footer.php'; 
        return; 
    } 
    if (strpos($text, "<!--pagebreak-->") !== false) { 
        $text = str_replace("<!--pagebreak-->","&lt;!--pagebreak--&gt;",$text); 
    } 
    if (strpos($text, "&lt;!--pagebreak--&gt;") !== false) { 
        $text = str_replace("&lt;!--pagebreak--&gt;","<!--pagebreak-->",$text); 
    } 
    OpenTable(); 
    echo "<br><center><font class=\"pn-normal\">"._RTHANKS."</font>"; 
    if ($id != 0) 
        echo "<font class=\"pn-normal\"> "._MODIFICATION."</font>"; 
    else 
        echo "<font class=\"pn-normal\">, $reviewer"; 
    echo "!</font><br>"; 

    if ($id == 0) { 
        // New review 
        if (!(pnSecAuthAction(0, 'Reviews::', "$title::", ACCESS_COMMENT))) { 
            echo _REVIEWSSUBMITNOAUTH; 
            CloseTable(); 
            include 'footer.php'; 
            return; 
        } 

        if (pnSecAuthAction(0, 'Reviews::', "$title::", ACCESS_ADD)) { 
            // Add immediately 
            $column = &$pntable['reviews_column']; 
            $newid = $dbconn->GenId($pntable['reviews']); 
            $result = $dbconn->Execute("INSERT INTO $pntable[reviews] ($column[id], $column[date], $column[title], $column[contact], $column[lines], $column[dogtitle], $column[titleself], $column[health], $column[text], $column[reviewer], $column[email], $column[score], $column[cover], $column[url], $column[url_title], $column[hits], $column[language]) VALUES ($newid, 
            '".pnVarPrepForStore($date)."', 
                '".pnVarPrepForStore($title)."', 
                '".pnVarPrepForStore($contact)."', 
                '".pnVarPrepForStore($lines)."', 
                '".pnVarPrepForStore($dogtitle)."', 
                '".pnVarPrepForStore($titleself)."', 
                '".pnVarPrepForStore($health)."', 
                '".pnVarPrepForStore($text)."', 
                '".pnVarPrepForStore($reviewer)."', 
                '".pnVarPrepForStore($email)."', 
                '".pnVarPrepForStore($score)."', 
                '".pnVarPrepForStore($cover)."', 
                '".pnVarPrepForStore($url)."', 
                '".pnVarPrepForStore($url_title)."', 
                '1', 
                '".pnVarPrepForStore($rlanguage)."' 
            )"); 
            if($dbconn->ErrorNo()<>0) { 
                error_log("ERROR 1 : " . $dbconn->ErrorMsg()); 
            } 
            echo "<font class=\"pn-normal\">"._ISAVAILABLE."</font>"; 
        } else { 
            // Add to waiting list 
            $column = &$pntable['reviews_add_column']; 
            $nextid = $dbconn->GenId($pntable['reviews_add']); 
            $result = $dbconn->Execute("INSERT INTO $pntable[reviews_add] ($column[id], $column[date], $column[title], $column[contact], $column[lines], $column[dogtitle], $column[titleself], $column[health], $column[text], $column[reviewer], $column[email], $column[score], $column[url], $column[url_title], $column[language]) VALUES ($nextid, 
            '".pnVarPrepForStore($date)."', 
                '".pnVarPrepForStore($title)."', 
                '".pnVarPrepForStore($contact)."', 
                '".pnVarPrepForStore($lines)."', 
                '".pnVarPrepForStore($dogtitle)."', 
                '".pnVarPrepForStore($titleself)."', 
                '".pnVarPrepForStore($health)."', 
                '".pnVarPrepForStore($text)."', 
                '".pnVarPrepForStore($reviewer)."', 
                '".pnVarPrepForStore($email)."', 
                '".pnVarPrepForStore($score)."', 
                '".pnVarPrepForStore($url)."', 
                '".pnVarPrepForStore($url_title)."', 
                '".pnVarPrepForStore($rlanguage)."' 
            )"); 
            if($dbconn->ErrorNo()<>0) { 
                error_log("ERROR 1 : " . $dbconn->ErrorMsg()); 
            } 
            echo "<font class=\"pn-normal\">"._EDITORWILLLOOK."</font>"; 
        } 

    } else { 
        // Updated review 
        if (!(pnSecAuthAction(0, 'Reviews::', "$title::$id", ACCESS_EDIT))) { 
            echo _REVIEWSEDITNOAUTH; 
            CloseTable(); 
            include 'footer.php'; 
            return; 
        } 

        $column = &$pntable['reviews_column']; 
        $result = $dbconn->Execute("UPDATE $pntable[reviews] SET $column[date]='".pnVarPrepForStore($date)."', $column[title]='".pnVarPrepForStore($title)."', $column[contact]='".pnVarPrepForStore($contact)."', $column[lines]='".pnVarPrepForStore($lines)."', $column[dogtitle]='".pnVarPrepForStore($dogtitle)."', $column[titleself]='".pnVarPrepForStore($titleself)."', $column[health]='".pnVarPrepForStore($health)."', $column[text]='".pnVarPrepForStore($text)."', $column[reviewer]='".pnVarPrepForStore($reviewer)."', $column[email]='".pnVarPrepForStore($email)."', $column[score]='".pnVarPrepForStore($score)."', $column[cover]='".pnVarPrepForStore($cover)."', $column[url]='".pnVarPrepForStore($url)."', $column[url_title]='".pnVarPrepForStore($url_title)."', $column[hits]='".pnVarPrepForStore($hits)."', $column[language]='".pnVarPrepForStore($rlanguage)."' WHERE $column[id] = '".pnVarPrepForStore($id)."'"); 
        if($dbconn->ErrorNo()<>0) { 
            error_log("ERROR 2 : " . $dbconn->ErrorMsg()); 
        } 
        echo "<font class=\"pn-normal\">"._ISAVAILABLE."</font>"; 
    } 
    echo "<br><br><font class=\"pn-normal\">[ <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$GLOBALS[ModName]&amp;file=index\">"._RBACK."</a> ]</font><br></center>"; 
    CloseTable(); 
    include 'footer.php'; 
}