comment on

G'day bobafifi,

What you're really asking of us is for us to read your mind. There's a whole heap of information that you should have put into this question. This includes the following:

how much experience you've had with Perl
what you've tried
what you think is happening
what relation the snippet of code above has to your problem
where/when the file in $guestbookreal gets written.

You can read more about what kind of information we like to see in questions over at our tutorials page.

You've written this question assuming that we've already read the previous discussion from last week. If this question is entirely dependant on that discussion then this node should have gone into there, not created a new question. If this question is a new question then you need to write out all the relevant information (and only the relevant information) so that people like me can see everything I need here.

Now that I've read last week's discussion I'll discuss what's happening in your code over here.

$dbh = DBI->connect ("DBI:mysql:host=localhost;database=my_db",
 "my_id", "my_pass",
 {PrintError => 0, RaiseError => 1});
[download]

Great, you connect to the database. You almost certainly want to add ShowErrorStatement => 1 in next to RaiseError.

# Begin the Editing of the Guestbook File
open (FILE,"$guestbookreal") || die "Can't Open $guestbookreal: $!\n";
@LINES=<FILE>;
close(FILE);
$SIZE=@LINES;
[download]

Code ugliness aside, what's happening here is that we're saving the current contents of $guestbookreal into @LINES.

# Open Link File to Output
open (GUEST,">$guestbookreal") || die "Can't Open $guestbookreal: $!\n
+";
[download]

Now we're deleting everything from $guestbookreal and opening it for writing. This is just asking for 2 scripts to try to access the file at once, or any other of a myriad of problems.

for ($i=0;$i<=$SIZE;$i++) {
   $_=$LINES[$i];
   if (/<!--begin-->/) { 
      if ($entry_order eq '1') {         
      }

      {
         print GUEST "INSERT INTO `mysql_db` (`Title`, 
                     `Email`, `City`, `State`, `Country`, 
                     `URL`, `Date`, `Description`, `rid`,
                     `dt_create`, `publish` ) VALUES (";
      }
      ....
   }
   else {
      print GUEST $_;
   }
}

close (GUEST);
[download]

This code is generating SQL for all lines in $guestbookreal that contain the string "" in them. Lines without that string are printed back into the $guestbookreal as they were previously. Once they're all printed back into the file the file is closed.

my $content;
open FILE, '<', $guestbookreal; # Open a filehandle FILE to $guestbook
+real 
while (<FILE>) {
   chomp; # delete any EOL character(s)
   $content .= $_; # Add the next line to the previous parts
}

$sth=$dbh->prepare($content);
$sth->execute();

$dbh->disconnect;
[download]

This code then reads all the entries out of $guestbookreal, prepares them into one huge sql statement and executes that. I have no idea what should happen here as presumably your file contains more than one sql statement and I've never tried to do that with prepare. Nevertheless, the end result of this script is going to be to add everything already in $guestbookreal into the database (probably "again").

Because you've cut so much out of the main for loop I have no idea what specifically is wrong here. It appears obvious that the script is supposed to add your new entry (submitted from the guestbook form) into the $guestbookreal file as the first line. You seem to have lost the lines that would do that.

You're trying to shoehorn a database onto code which is designed to store guestbook entries into a flat HTML file. I recommend that instead of generating your SQL and printing it to a file you consider rewriting this part of the script entirely. Perhaps you could replace everything from:

# Begin the Editing of the Guestbook File
[download]

$dbh->disconnect;
[download]

with:

# Check that the things which must have a value have values:
if(defined $FORM{Description} and defined $FORM{Title})
{
    my $sql = "INSERT INTO `mysql_db` (`Title`, `Email`, 
              `City`, `State`, `Country`, `URL`, `Date`, 
              `Description`, `rid`, `dt_create`, `publish`
              ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
    my $sth = $dbh->prepare($sql);
    $sth->execute($FORM{Title}, $FORM{Email}, $FORM{City},
                  $FORM{State}, $FORM{Country},
                  $FORM{URL}, $FORM{Date}, 
                  $FORM{Description}, $FORM{rid},
                  $FORM{dt_create}, $FORM{publish});
    $dbh->disconnect;
}
else
{
    print "You must enter a Description and a Title";
}
[download]

This at least would make sense.

Once more I'll recommend that you change to using nms scripts rather than Matt Wrights'. As you've experienced in the past, Matt's scripts have a few security issues, and the hand-rolled CGI parameter parsing in the script I discuss here, makes me cringe.

Good luck.

jarich

In reply to An exercise in mind reading by jarich
in thread Right answer (wrong question...) by bobafifi

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.