0

I'm trying to insert data in a database after fill a text box. When I submit the form it doesn't do anything and I don't know why. This is the code:

<?
include("../connect537.php");
include("seguridad501.php");
include("funciones.php");
$zona = 'nuevapagina';

if ($_POST["ins_art"]) {
    echo "Pruebas";

    if (mysql_query("INSERT INTO landing_articulos (id_articulo, nombre, url, h1, texto, title, description, keywords, visitas, valido) VALUES (NULL, '" . $_POST["ins_nom"] . "', '" . urls(utf8_encode($_POST["ins_nom"])) . "', '" . $h1 . "', '" . $texto . "', '" . $title . "', '" . $description . "', '" . $keywords . "', '0', '1');")) {
        $idins = mysql_insert_id();
        redirige('editar_nuevapagina.php?id=' . $idins);
    }
}
if ($_GET["act"] == 'eliminarart' && $_GET["id"] != '') {
    mysql_query("DELETE FROM `landing_articulos` WHERE `id_articulo` = " . $_GET["id"] . " LIMIT 1");
    redirige('nuevapagina.php');
}
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//ES" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
   <head>
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
      <title><?=$nomproyecto?></title>
      <link rel="stylesheet" type="text/css" href="estilos_contenidos.css"/>
      <link rel="stylesheet" type="text/css" href="estilos.css"/>
      <script language="javascript">
         function eliminar_art(id){
         var mensaje='Deseas eliminar este articulo?' ;
         eliminar=confirm(mensaje);
         if (eliminar)
         document.location='nuevapagina.php?act=eliminarart&id='+id;
         }
      </script>
   </head>
   <body>
      <?
         include("header.php");
         ?>
      <div id="contenidototal">
         <fieldset>
            <div style="float:left; margin-right:25px;">
               <p class="titulos">Landings Art&iacute;culos</p>
            </div>
            <div style="float:left; width:550px;margin-top:5px;">
               <form action="" method="POST" id="insertar" name="insertar">
                  <p><strong>Nuevo Art&iacute;culo</strong> - Nombre: <input name="ins_nom" type="text" class="texto" id="ins_nom" /> <input name="button2" type="submit" class="texto" id="button2" value="Insertar" /><input name="ins_art" type="hidden" value="1" /></p>
               </form>
            </div>
            <div style="clear:both"></div>
            <p class="texto">&nbsp;</p>
            <?
               if(mysql_num_rows($c1=mysql_query("SELECT id_articulo, nombre, url, valido FROM landing_articulos WHERE 1 ORDER BY valido DESC, nombre ASC"))){

                while($f1=mysql_fetch_array($c1)){
               ?>
            <div style="float:left; width:32%; padding-left:0px; color:#ef5000; font-weight:bold; margin:5px;">
               <p><a href="/ce-<?=$f1["url"]?>_<?=$f1["id_articulo"]?>.html" target="_blank"><strong><?=$f1["nombre"];?></strong></a> <a href="editar_nuevapagina.php?id=<?=$f1["id_articulo"]?>"><img src="imagenes/lapiz.png" width="15" height="15" border="0"/></a> </a> <a href="javascript:eliminar_pro('<?=$f1["id_articulo"]?>');"><img src="imagenes/delete.png" width="15" height="15" border="0"/></a> <? if($f1["valido"]=='0')echo ' - SIN VALIDAR';?></p>
            </div>
            <?
               }
                }
               ?>
         </fieldset>
      </div>
   </body>
</html>

So, when I try to submit it,don't work it doesn't anything. I used another page which I have which do the same with other parametes and it works perfectly, so I don't know why. Could you please help me with this?. I have ommited a piece of code because it would be so long.

Thanks so much

Santosh Ram Kunjir
  • 1,074
  • 1
  • 12
  • 23
Charly66
  • 54
  • 1
  • 9
  • 1
    Note: mysql is deprecated, use PDO or mysqli. – Erik Terwan Apr 29 '16 at 16:35
  • 2
    Please take some time to read both [Why shouldn't I use mysql_* functions in PHP?](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php) and [How can I prevent SQL-injection in PHP?](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php). Your code is very outdated and very vulnerable to hacker attacks. – Oldskool Apr 29 '16 at 16:36
  • I don't believe you need (or are supposed to!) use `if` statements for a `query`. – The Codesee Apr 29 '16 at 16:38
  • You are mixing $_POST and $_GET, what is $_GET["act"] ? – Jose Manuel Abarca Rodríguez Apr 29 '16 at 16:38
  • 1
    @Santosh Ram Kunjir He doesn't need an action since the php script is on the same page – Matt Apr 29 '16 at 16:50
  • Does `if($_POST['ins_art'])` do anything? Shouldn't it be `if(isset($_POST ['ins_art']))` – Matt Apr 29 '16 at 16:56

1 Answers1

1

Try to get the last error with mysql_error() and then check what is going on. Maybe you are not sending some parameter or have some constrain in your database. mysql_query() only returns true/false for update/insert commands.

Felippe Duarte
  • 14,901
  • 2
  • 25
  • 29