Okay, so i believe i am having a scope issue; however, i have tried a number of the solutions i have seen here on stack that were loosely related to what i am trying to do with no success.
I have also attempted to combine all three files into one to see if that would work --also no success.
When i try to submit the form data i get a number of errors such as:
errors:
Warning: mysqli_real_escape_string() expects parameter 1 to be mysqli, null given
Warning: mysqli_query() expects parameter 1 to be mysqli, null given
Any advice here would be greatly appreciated
Setup:
settings.php (contains defined constants for various things,
including host, users, and database name).
config.php (contains a connection function).
process.php (processes form data).
all three files are located in an includes folder.
settings.php:
define ('HOST', 'localhost'); //default HOST (change to live server information)
define ('DB', 'db_name'); //default database (change to live server information)
//WRITE ACCESS USER
define ('USER_W', 'uwrite'); //default user name (change to live server information)
define ('PASS_W', '1234'); //default password (change to live server information)
//READ ACCESS USER
define ('USER_R', 'uread'); //default user name (change to live server information)
define ('PASS_R', '1234'); //default password (change to live server information)
config.php:
include ('settings.php');
function connect($userType) {
if ($userType == 'write') {
$link = mysqli_connect(HOST, USER_W, PASS_W, DB);
}
elseif ($userType == 'read') {
$link = mysqli_connect(HOST, USER_R, PASS_R, DB);
}
if ($link -> connect_error) {
die('OOPS SOMETHING WENT WRONG!: (' . $link -> connect_errno . ')' . $link -> connect_error);
}
}
process.php:
include ('config.php');
$con = connect('write');
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
else {
echo "HELLO WORLD!";
} //remove after testing
// escape variables for security
$item = mysqli_real_escape_string($con, $_POST['item']);
$description = mysqli_real_escape_string($con, $_POST['description']);
$price = mysqli_real_escape_string($con, $_POST['price']);
$sql="INSERT INTO `menus` (`item`, `description`, `price`)
VALUES ('$item', '$description', '$price')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error());
}
echo "1 record added";
form:
<form id="insertForm" action="./includes/process.php" method="post">
<fieldset>
<legend>Add New Item</legend>
<p class="red form_P_position">* Denotes required field...</p>
<p><label for="item" class="mainLabels"><span class="red">* </span>Item:</label>
<input name="item" id="item" class="mainInputs" type="text" /></p>
<p><label for="description" class="mainLabels">Description:</label>
<textarea name="description" id="description" class="mainInputs">
</textarea></p>
<p><label for="price" class="mainLabels"><span class="red">* </span>Price:</label>
<input name="price" id="price" class="mainInputs" type="text" /></p>
<p><button name="submit" id="submit" class="button" type="submit">
Add Item
</button></p>
</fieldset>
</form>