I am trying to get the name of a certain '$_SESSION' variable into a SQL query from another PHP page, I keep on getting errors..
The scenario is, If i enter a review for a certain page, I want the name of that page to go into the database. (Refer to screenshot below) If i submit a review i want the name 'SEDGLEY PK...' etc stored in the database.
I get the following error message: (Click Picture to enlarge)
Below is the code of the page: (enter_review.php)
$value1 = $_POST['review'];
$value2 = $_SESSION['id'];
$value3 = $date = date("Y-m-d");
$value4 = $_POST['rating'];
$value5 = $_SESSION['SUBURB'];
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO dog_parks.reviews (review_text, username, date, rating, item)
VALUES ('$value1', '$value2', '$value3', '$value4', '$value5')";
// use exec() because no results are returned
$conn->exec($sql);
echo "Review Successful";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
header( "refresh:20; url=index.php" );
?>
I suspect there is something not right at the $value5 variable...
Here is the code for the page that the review was entered on..
<?php
if (isset($_GET['suburb']))
{
$_SESSION["SUBURB"] = $_GET['suburb']; ?>
<!-- PRINTING DOG PARK NAME -->
<h1><?php echo $_SESSION["SUBURB"]; ?></h1>
<table border="1" cellspacing="5" cellpadding="5" width="100%">
<thead>
<tr>
<th>Park Name</th>
<th>Street</th>
<th>Suburb</th>
<th>Dog Park Area (m2)</th>
</tr>
</thead>
<tbody>
<?php
$result = $conn->prepare("SELECT * FROM dog_parks.items where dog_park_name = $_SESSION[SUBURB]");
$result->execute();
for($i=0; $row = $result->fetch(); $i++){
?>
<tr>
<td><label><?php echo $row['Park_Name']; ?></label></td>
<td><label><?php echo $row['Street']; ?></label></td>
<td><label><?php echo $row['Suburb']; ?></label></td>
<td><label><?php echo $row['Dog_Park_Area_(m2)']; ?></label></td>
</tr>
<?php } ?>
</tbody>
</table>
<?php
}
PHP can't recognize $_SESSION['id'] due to the single quotes. So either use curly braces {} or take our the single quotes.
hello deluxenathan
SQL Error you are getting is because of quote in your session variable value $value5 = $_SESSION['SUBURB'];
if you will print/echo $value5/$_SESSION['SUBURB'] you will get actual text quoted like
'SEDGLEY PK DOG OFF LEASH AREA'
instead of
SEDGLEY PK DOG OFF LEASH AREA
quick solution is either remove quote from session variable $value5/$_SESSION['SUBURB'] or from query like
$sql = "INSERT INTO dog_parks.reviews (review_text, username, date, rating, item)
VALUES ('$value1', '$value2', '$value3', '$value4', $value5)";
I think that should be a string. Try this instead
$sql = "INSERT INTO dog_parks.reviews (review_text, username, date, rating, item) VALUES (:review_text,:username,:date,:rating,:item)"; $conn->bindParam(':review_text', $value1, PDO::PARAM_STR); $conn->bindParam(':username', $value2, PDO::PARAM_STR); $conn->bindParam(':date', $value3, PDO::PARAM_STR); $conn->bindParam(':rating', $value4, PDO::PARAM_STR); $conn->bindParam(':item', $value5, PDO::PARAM_STR);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.