PHP Problem

[webmasterjunkie]

As some of you may know I am a real estate agent. Agents have few choices in contact management systems - either Top Producer or Active Agent. I am expanding my contact managament system to replace my use of Top Producer.

I am having a problem with some of my code though :). I have broken it up into three sections, corresponding with the three different pages:

Page 1: closing.php

<html>
<head>
<title>My Contact Management System: Add a Closing</title>
</head>
<body>
<h1>My Contact Management System</h1>
<h2>Select Primary Party</h2>
<form method="post" action="full_closing.php">
<table>
<tr>
<td>Buyer</td>
<td><input type="radio" name="client" value="buyer"></td>
</tr>
<tr>
<td>Seller</td>
<td><input type="radio" name="client" value="seller"></td>
</tr>
<td><input type="submit" name="submit" value="Next"></td>
</form>
</body>
</html>

Page 2: full_closing.php

<html>
<head>
<title>My Contact Management System: Closing Details</title>
</head>
<body>
<h2>My Contact Management System: Closing Details</h2>
<?
require ("config.php");
$option_block = "";
if ($_POST['client'] == "seller") {
$table_name = "sellers";
$db = @mysql_select_db($db_name, $connection) or die(mysql_error());
$sql = "SELECT id, firstname, lastname, spouse_firstname, housenumber, streetname, city, state, zip
FROM $table_name ORDER BY lastname";
$result = @mysql_query($sql, $connection) or die(mysql_error());
$num = @mysql_num_rows($result);
if ($num < 1) {
$display_block = "

Sorry! No results.</p>";
} else {
while ($row = mysql_fetch_array($result)) {
$id = $row['id'];
$firstname = $row['firstname'];
$lastname = $row['lastname'];
$spouse_firstname = $row['spouse_firstname'];
$housenumber = $row['housenumber'];
$streetname = $row['streetname'];
$city = $row['city'];
$state = $row['state'];
$zip = $row['zip'];
if ($spouse_firstname != "") {
$option_block .= "<option value=\"$id\">$lastname, $firstname & $spouse_firstname, $housenumber $streetname, $city, $state, $zip</option>";
} else {
$option_block .= "<option value=\"$id\">$lastname, $firstname, $housenumber $streetname, $city, $state, $zip</option>";
}
}
}
}
if ($_POST['client'] == "buyer") {
$table_name = "buyers";
$db = @mysql_select_db($db_name, $connection) or die(mysql_error());
$sql = "SELECT id, firstname, lastname, spouse_firstname, housenumber, streetname, city, state, zip
FROM $table_name ORDER BY lastname";
$result = @mysql_query($sql, $connection) or die(mysql_error());
$num = @mysql_num_rows($result);
if ($num < 1) {
$display_block = "

Sorry! No results.</p>";
} else {
while ($row = mysql_fetch_array($result)) {
$id = $row['id'];
$firstname = $row['firstname'];
$lastname = $row['lastname'];
$spouse_firstname = $row['spouse_firstname'];
$housenumber = $row['housenumber'];
$streetname = $row['streetname'];
$city = $row['city'];
$state = $row['state'];
$zip = $row['zip'];
if ($spouse_firstname != "") {
$option_block .= "<option value=\"$id\">$lastname, $firstname & $spouse_firstname, $housenumber $streetname, $city, $state, $zip</option>";
} else {
$option_block .= "<option value=\"$id\">$lastname, $firstname, $housenumber $streetname, $city, $state, $zip</option>";
}
}
}
}
$primary_block = "<select name=\"primary\">$option_block</select>";
?>
<form method="POST" action="do_add_closing.php">
<div align="center">
<table border="0" width="640">
<tr>
<td>
<?
if ($_POST['client'] == "buyer") {
$client = "Buyer";
} else {
$client = "Seller";
}
echo "$client</td><td colspan=\"3\">$primary_block";
?>
</td>
</tr>
<tr>
<td>MLS #</td>
<td><input type="text" name="mls_number" size="20" tabindex="1"></td>
<td>File #</td>
<td><input type="text" name="file_number" size="20" tabindex="2"></td>
</tr>
<tr>
<td>Status</td>
<td><select size="1" name="status" tabindex="3">
<option selected value="Contract">Contract</option>
<option value="Closed">Closed/Paid</option>
<option value="Fell Through">Fell Through</option>
<option value="Contract with Kick-Out">Contract with Kick-Out</option>
</select></td>
<td>Acceptance Date</td>
<td><input type="text" name="accept_date" size="20" tabindex="4"></td>
</tr>
<tr>
<td>Settle Date </td>
<td><input type="text" name="settle_date" size="20" tabindex="5"></td>
<td>Contract Price $</td>
<td><input type="text" name="contract_price" size="22" tabindex="6"></td>
</tr>
<tr>
<td>Other Agent </td>
<td><input type="text" name="other_agent" size="20" tabindex="7"></td>
<td>Commission </td>
<td><input type="text" name="commission" size="22" tabindex="8"></td>
</tr>
<tr>
<td>Action Plan</td>
<td colspan="3"><select name="action_plan"><option></option></td>
</tr>
<tr>
<td>
<?
if ($_POST['client'] == "buyer") {
$lable = "Seller";
$table_name = "sellers";
$db = @mysql_select_db($db_name, $connection) or die(mysql_error());
$sql = "SELECT id, firstname, lastname, spouse_firstname, housenumber, streetname, city, state, zip
FROM $table_name ORDER BY lastname";
$result = @mysql_query($sql, $connection) or die(mysql_error());
$num = @mysql_num_rows($result);
$option_block2 = "";
if ($num < 1) {
$display_block2 = "

Sorry! No results.</p>";
} else {
while ($row = mysql_fetch_array($result)) {
$id = $row['id'];
$firstname = $row['firstname'];
$lastname = $row['lastname'];
$spouse_firstname = $row['spouse_firstname'];
$housenumber = $row['housenumber'];
$streetname = $row['streetname'];
$city = $row['city'];
$state = $row['state'];
$zip = $row['zip'];
if ($spouse_firstname != "") {
$option_block2 .= "<option value=\"$id\">$lastname, $firstname & $spouse_firstname, $housenumber $streetname, $city, $state, $zip</option>";
} else {
$option_block2 .= "<option value=\"$id\">$lastname, $firstname, $housenumber $streetname, $city, $state, $zip</option>";
}
}
}
} else {
$lable = "Buyer";
$table_name = "buyers";
$db = @mysql_select_db($db_name, $connection) or die(mysql_error());
$sql = "SELECT id, firstname, lastname, spouse_firstname, housenumber, streetname, city, state, zip
FROM $table_name ORDER BY lastname";
$result = @mysql_query($sql, $connection) or die(mysql_error());
$num = @mysql_num_rows($result);
$option_block2 = "";
if ($num < 1) {
$display_block2 = "

Sorry! No results.</p>";
} else {
while ($row = mysql_fetch_array($result)) {
$id = $row['id'];
$firstname = $row['firstname'];
$lastname = $row['lastname'];
$spouse_firstname = $row['spouse_firstname'];
$housenumber = $row['housenumber'];
$streetname = $row['streetname'];
$city = $row['city'];
$state = $row['state'];
$zip = $row['zip'];
if ($spouse_firstname != "") {
$option_block2 .= "<option value=\"$id\">$lastname, $firstname & $spouse_firstname, $housenumber $streetname, $city, $state, $zip";
} else {
$option_block2 .= "<option value=\"$id\">$lastname, $firstname, $housenumber $streetname, $city, $state, $zip</option>";
}
}
}
}
$display_block2 = "<select name=\"coop\">$option_block2</select>";
echo "$lable</td><td colspan=\"3\">$display_block2";
?>
<tr>
<td colspan="2"></td>
<td colspan="2">

<input type="submit" value="Add Closing" tabindex="9"></td>
</tr>
</table>
</div>
</form>
</body>
</html>

Page 3: do_add_closing.php

<?
require ("config.php");
$table_name = "closings";
$db = @mysql_select_db($db_name, $connection) or die(mysql_error());
$sql = "INSERT INTO $table_name
(id, primary, coop, mls_number, file_number, status, accept_date, settle_date, price, coop_agent, commission, action_plan) VALUES
('', '$_POST[primary]', '$_POST[coop]', '$_POST[mls_number]', '$_POST[file_number]', '$_POST[status]', '$_POST[accept_date]', '$_POST[settle_date]', '$_POST[contract_price]', '$_POST[other_agent]', '$_POST[commission]', '')";
$result = @mysql_query($sql, $connection) or die(mysql_error());
?>
<html>
<head>
<title>My Contact Management System: Contract Added</title>
</head>
<body>
<h2>My Contact Management System: Contract Added</h2>
</body>
</html>

You can view what it looks like by going to http://www.homesearch-md.com/test/closing.php

There is no index file so be aware.

User: test
Password: test

[steve0]

Without going to deep into it.. and I may be reeeeally offbase.. but

Is "status" a reserved word? (your insert clause)

[webmasterjunkie]

Thanks steve0:

It can't be that because on my listing.php page I insert a "status" variable into mysql. That goes off without a hitch.

[mushroom]

Quote:

(id, primary, coop, mls_number, file_number, status, accept_date, settle_date, price, coop_agent, commission, action_plan) VALUES
('', '$_POST[primary]', '$_POST[coop]', '$_POST[mls_number]', '$_POST[file_number]', '$_POST[status]', '$_POST[accept_date]', '$_POST[settle_date]', '$_POST[contract_price]', '$_POST[other_agent]', '$_POST[commission]', '')";

Your variables may not be working for you. $_POST["----"]

It can be dangerous to insert user input in to mysql without validateing it.
better to use $coop=$post["coop"]; make sure it lies with in acceptable values then use $coop in your query.

"status" is not on the mysql resvered word list I have but "primary is"

[mushroom]

An other thing

Quote:

(id, primary, coop, mls_number, file_number, status, accept_date, settle_date, price, coop_agent, commission, action_plan) VALUES
('', '$_POST[primary]', '$_POST[coop]', '$_POST[mls_number]', '$_POST[file_number]', '$_POST[status]', '$_POST[accept_date]', '$_POST[settle_date]', '$_POST[contract_price]', '$_POST[other_agent]', '$_POST[commission]', '')";

If your id field is auto increment it is btrter to leave it out.

Quote:

(primary, coop, mls_number, file_number, status, accept_date, settle_date, price, coop_agent, commission, action_plan) VALUES
('$_POST[primary]', '$_POST[coop]', '$_POST[mls_number]', '$_POST[file_number]', '$_POST[status]', '$_POST[accept_date]', '$_POST[settle_date]', '$_POST[contract_price]', '$_POST[other_agent]', '$_POST[commission]', '')";

[webmasterjunkie]

That "primary" problem fixed it. Also, I don't have a need to validate the fiels since only one person will have access to the finished program/pages.

Thanks again!