Hi there i am trying to setup a questionaire form although it does not seem to be writing the info to my database can anyone look at my code to see if there are any noticable errors. Thanks!

<html>
<head>
<title>SSBeats.com - Providing professional quality hip-hop instrumentals</title>
</head>

<body bgcolor="#000000" text="#FFFFFF" link="#FFCC33">
<p align="center"><img src="catalog/images/oscommerce.gif" width="746" height="133">
</p>
<p align="center"><strong><font size="5">SSBeats.com</font></strong></p>
<?php



if ($submit) {

// process form

$db = mysql_connect("localhost", "MyUsername");

mysql_select_db("questionaire",$db);


$sql = "INSERT INTO questionaire_table(email,have_you_payed,
would_consider_paying,where_did_you_buy,max_willin g_to_pay_nonx,max_willing_to_pay_x,fav_genre,
fav_tempo,rating,fav_track_on_site) VALUES ('$email','$have_you_payed','$would_consider_payin g',
'$where_did_you_buy' ,'$max_willing_to_pay_nonx','$max_willing_to_pay_x ','$fav_genre',
'$fav_tempo','$rating','$fav_track_on_site')";

$result = mysql_query($sql);


echo "Thank you! Information entered.\n";

} else{



// display form



?>



<form method="post" action="<?php echo $PHP_SELF?>">


<p align="center"> Email address:
<input type="text" name="email">
</p>
<p align="center">
<label>Have you ever payed for beats / instrumentals before?: </label>
<label>
<input type="text" name="have_you_payed">
</label>
</p>
<p align="center">Would you consider paying for hip-hop beats / instrumentals?:
<input type="text" name="would_consider_paying">
<label></label>
</p>
<p align="center">
<label></label>
<label>If yes then where did you buy these instrumentals? :
<input type="text" name="where_did_you_buy">
</label>
</p>
<p align="center">What is the maximum amount you would be willing to pay for
a <strong>non-exclusive</strong> beat / instrumental:
<input type="text" name="max_willing_to_pay_nonx">
</p>
<p align="center"> What is the maximum amount you would be willing to pay for
an <strong>exclusive</strong> beat / instrumental:
<input type="text" name="max_willing_to_pay_x">
</p>
<p align="center">What style / genre of hip-hop do you listen to the most:
<label> </label>
<label></label>
<label></label>
<input type="text" name="fav_genre">
</p>
<p align="center">What tempo would you consider to be the best tempo for a hip-hop
track:
<input type="text" name="fav_tempo">
bpm </p>
<p align="center"><strong><font size="4">Please preview some of our beats at
the following address in order to complete the rest of the questionaire :-</font></strong></p>
<p align="center"><font size="4"><strong><a href="catalog/index.php?cPath=24" target="_blank">CLICK
HERE TO PREVIEW BEATS</a></strong></font></p>
<p align="center"> How would you rate the scale of professionalism of our beats/
instrumentals? - (1=poor 5=Exellent):
<input type="text" name="rating">
<br>
</p>
<p align="center"> Please select the number of your favourite track:
<input type="text" name="fav_track_on_site">
</p>
<p align="center">&nbsp; </p>
<center><input type="Submit" name="submit" value="Submit"></center>
</form>
<p align="center">&nbsp;</p>
<?php



} // end if



?>
</body>
</html>

your problem is with register_globals being off. Very VERY common...in fact, I'd blame 25% of the posts on that. Anyway, the point being you can't refer to variables passed across pages by just the variable names...

ie.... $submit. In this case, your form POSTs the information back to itself, so you'd have to refer to $submit as $_POST['submit']. It's alot safer this way, actually, and a good habit to get into. Also, I belive $_REQUEST['submit'] works, but I prefer specifying the exact data method ($_GET vs $_POST vs $_SESSION) so people can't easily spoof input.

So anyway, find all the vars that your form passes to itself and alter then to $_POST['variable'], or do some translation of variables at the top of the page. Or you can use a custom php.ini to force register_globals to on, which you can find instructions for that all over the place in the php forums.

As an aside, what you're doing is dangerous. You're taking variables and blindly accepting them as being valid input when you format your INSERT query. This could allow someone to use SQL injection to do all kinds of naughty things. I'd recommend googling "SQL injection" to see what I'm talking about. However, the point is you should really validate all your input before stuffing it into a SQL statement. For instance, I see alot of vars that are probably integers...you could validate them by just $var = (int)var, which would translate anything to an int (and anything that's not an integer would be translated to 0).

Anyway, good luck.

Hi! thanks for the reply. however i am still confused about where to put the $_POST[] bit. I have experimented with replacing all of my variable names with $_POST[] although it does not seem to make a difference. Is the any chance you could copy and paste the above code with just a few examples of what you mean.
Thanks anyway!

Dont worry about this one now as i have firgure it out! i just had the wrong log in details! ill take care of all the validation now! cheers!