Add User
* required field
<label for="firstname"> First Name</label>
<input type="text" name="firstname">
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
<label for="lastname">Last Name</label>
<input type="text" name="lastname">
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
<label for="email">Email</label>
<input type="text" name="email">
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
<label for="Password">Password</label>
<input type="text" name="Password">
<span class="error">* <?php echo $nameErr;?></span>
<br><br>
<label for="usertype">User Type</label>
<span class="error">* <?php echo $genderErr;?></span>
<div>
<label for="Admin" class="radio-inline">
<input type="radio" name="user" id="Admin" value="Admin">Admin</label>
<label for="Member" class="radio-inline">
<input type="radio" name="user"id="Member" value="Member">Member</label>
<label for="Guest" class="radio-inline">
<input type="radio" name="user" id="Guest" value="Guest">Guest</label>
</div>
<br><br>
<label for="Status">Status</label>
<span class="error">* <?php echo $genderErr;?></span>
<div>
<label for="Active" class="radio-inline">
<input type="radio" name="Status" id="Active" value="Active">Active</label>
<label for="Inactive" class="radio-inline">
<input type="radio" name="Status" id="Inactive" value="Inactive">Inactive</label></div>
<br><br>
<input type="submit" name="submit" value="Submit">
<input type="reset" name="reset" value="Reset">
</form>
</div>
</div>
</div>
</section>
</body>
<?php
$firstname=$_POST['firstname'];
$lastname=$_POST['lastname'];
$email=$_POST['email'];
$Password=$_POST['Password'];
$user=$_POST['user'];
$Status=$_POST['Status'];
//database connect
$conn = mysqli_connect($localhost, $root,$"", $usert);
if($conn->connect_error)
{
die('Connection Failed:'.$conn>'connect-error');
}
else{
$stmt=$conn->prepare("insert into user(firstname,lastname,email,Password,user,Status)Values(?,?,?,?,?,?)");
$stmt->bind_param('sssssii',$firstname,$lastname,$email,$Password,$user,$Status);
$stmt->execute();
echo"Success!";
$stmt->close();
$conn->close();}
?>
hi, trying to make a simple form with PHP validation for user registration. When I am giving the input value is not working. I can't understand the error .please help! I am new to PHP. Please let me know the correction.enter image description here
I suggest you to go through these PHP documentations and get yourself familiar with how the database connection, queries etc work:
MySQLi
PDO
Looking at your code quickly, here are few places to start with:
a) The things like database credentials - you should define these, those should not come through PHP forms
b) Make sure on the variable names etc. For example you've used $user at the top and later used $username.
Start here:
a) Just write this much of code in a file and make sure database is connected properly:
$mysqli = new mysqli("localhost","my_user","my_password","my_db"); // write actual database credentials and database name
if ($mysqli -> connect_errno) {
echo "Failed to connect to MySQL: " . $mysqli -> connect_error;
exit();
} else {
echo "Database connected properly";
}
b) Next, on form submission page just see first if you are getting the values from form submission:
var_dump($_POST)
Hope it is helpful.
You haven't declared your DB credentials, it is just using random variables.
Replace the variables in your mysqli_connect() function with actual values/correct variables
you should use PDO for connect your php code to databes.read this document for help:
https://www.w3schools.com/php/php_mysql_connect.asp
Related
this is the html
<form action="addadd.php" method="post" enctype="multipart/form-data" name="form1" id="form1">
<p>
First Name<br>
<label for="firstname"></label>
<input type="text" name="firstname" id="firstname" />
</p>
<p>
Last Name<br>
<label for="lastname"></label>
<input type="text" name="lastname" id="lastname" />
</p>
<p>
Mobile<br>
<label for="mobile"></label>
<input type="text" name="mobile" id="mobile" />
</p>
<p>
Email<br>
<label for="email"></label>
<input type="text" name="email" id="email" />
</p>
<p>
<input type="submit" name="button" id="button" value="Submit" />
<input type="reset" name="button3" id="button3" value="Reset" />
</p>
</form>
This is the php
database connection
<?php
$con = mysql_connect("localhost","root","");
if(!$con)
{
die("connection to database failed".mysql_error());
}
$dataselect = mysql_select_db("qoot",$con);
if(!$dataselect)
{
die("Database namelist not selected".mysql_error());
}
?>
<?php
$unm = $_SESSION['name'];
$fname=$_POST['firstname'];
$lname=$_POST['lastname'];
$ema=$_POST['email'];
$mob=$_POST['mobile'];
?>
<?php
$qry=mysql_query("INSERT INTO address( firstname, lastname, mobile, email)VALUES('$fname',$lname','$ema','$mob')", $con);
?>
Now the problem is that this is inserting nothing in to my database.
What else can i try in order to check where things go wrong?
updated database connection details
Place your tablename address in backticks
Using mysqli_
<?php
/start session
session_start();
//establish connection
$con = mysqli_connect("localhost","root","","qoot");
if(!$con)
{
die("connection to database failed".mysqli_error($con));
}
//read the values from form
$unm = $_SESSION['name'];
$fname=$_POST['firstname'];
$lname=$_POST['lastname'];
$ema=$_POST['email'];
$mob=$_POST['mobile'];
?>
<?php
//insert to database
$qry=mysqli_query($con,"INSERT INTO `address` ( firstname, lastname, mobile, email)VALUES('$fname',$lname','$ema','$mob')") or die(mysqli_error($con));
?>
P.S I'd say you are at risk of mysql injection, check here How can I prevent SQL injection in PHP?. You should really use prepared statements to avoid any risk.
I have created a HTML form which will need to insert the data that was entered into the form straight into a table in mySQL.
newuser.php file
<?php
//including the connection page
include('./DB_Connect.php');
//get an instance
$db = new Connection();
//connect to database
$db->connect();
//fetch username and password
$usertype = $_POST['userType'];
$firstname = $_POST['firstName'];
$lastname = $_POST['lastName'];
$username = $_POST['userName'];
$password = $_POST['password'];
$address1 = $_POST['add1'];
$address2 = $_POST['add2'];
//write the sql statement
$query = "INSERT INTO USERS (usertype, fname, lname, username, password, add1, add2)
VALUES ('$usertype', '$firstname', '$lastname', '$username', '$password', '$address1', '$address2')";
mysql_query($query,$db);
if (($query) == TRUE) {
echo "New record created successfully";
header("Location: login.php", true);
exit();
}
else
{
echo "Error: " . $sql . "<br>" . $conn->error;
header("Location: register.php", true);
exit();
}
//close once finished to free up resources
$db->close();
?>
With the following html form:
<form action="newuser.php" method="POST" class="form" id="registerForm">
<label> Type of user: </label> <br>
<input type="radio" name="userType" id="itemSeeker">Item Seeker </input>
<input type="radio" name="userType" id="itemDonor">Item Donor </input>
<input type="radio" name="userType" id="peopleSeeker">People Seeker </input>
<input type="radio" name="userType" id="peopleDonor">People Donor </input>
<br>
<br>
<div class="form-inline">
<div class="form-group">
<input type="text" name="firstName" placeholder="First Name: " align="center" class="form-control" ></input>
</div>
<div class="form-group">
<input type="text" name="lastName" placeholder="Last Name: " align="center" class="form-control" ></input>
</div>
</div>
<br>
<input type="text" name="email" placeholder="Email Address: "align="center" class="form-control" ></input>
<br>
<div class="form-inline">
<div class="form-group">
<input type="text" name="userName" placeholder="Username: " align="center" class="form-control" ></input>
</div>
<div class="form-group">
<input type="password" name="password" placeholder="Password: " align="center" class="form-control" ></input>
</div>
</div>
<br>
<!-- <label> Address 1: </label>-->
<input type="text" name="add1" placeholder="Address 1: " align="center" class="form-control" ></input>
<!-- <label> Address 2: </label>-->
<input type="text" name="add2" placeholder="Address 2: " align="center" class="form-control" ></input>
<br>
<button class="btn btn-primary" name="submitReg" type="submit">Submit</button><br>
<br>
<a href="login.php" >Already have an account?</a>
</form>
The USERS table
The above two blocks of code and the code that I'm working with.
My problem here is, when the form is submitted, the data isn't actually being entered into the table. Note that the first ever submission actually did work. All submissions after the first one don't seem to be entering anything into the database.
I'm not quite sure what's wrong with my code for it to not work. It does go to the 'login.php' page which means there aren't any faults and the query submitted correctly.
Could someone please tell me what I'm doing wrong, thank you.
right now you have alot more trouble than your insert problem. your code is totaly insecure. (mysql injections).
Dont use mysql_* functions use pdo instead with prepared statements!
you output spaces before you send a header you cant send header if you have output. your redirect wouldnt work. dont relay on a clientside redirect use may have it disabled so output a link where you want the user to go.
anotherthing your radio buttons have no value check html syntax
var_dump($_POST) and check if you submit everything. also check for isset or empty befor assign variables. do some sort of validation.
have a look at some php frameworks they provide much more flexibility and error checking
dont reinvent the wheel by writing everthing by your own in a 10 or more year behind procedural way
i want that when ever a login user want they can change their record(address,etc). for such purpose i make a autofill form for the current login user.Now the Problem is that the data won,t be updated..
My Form Code IS........
<?php session_start();
include 'conn.php';
include '../includes/layouts/header.php';
if(!isset($_SESSION['user']))
{
header("location:signin.php");
}
$sql="SELECT * FROM signup";
$qry=mysql_query($sql);
$rows=mysql_fetch_array($qry);
?>
<div id="main">
<div id="navigation">
</div>
<div id="page">
<h2>Login Section</h2>
<p>Welcome to LMS</p>
<form method="post" action="update.php">
<div class="reg_section">
<h3>Your Personal Information</h3>
<input type="text" name="fname" value="<?php echo $rows[1];?>" placeholder="First Name"><br>
<input type="text" name="lname" value="<?php echo $rows[2];?>" placeholder="Last Name"><br>
<input type="text" name="uname" value="<?php echo $rows[3];?>" placeholder="Desired Username"><br>
<input type="text" name="email" value="<?php echo $rows[4];?>" placeholder="Email"><br>
<input type="text" name="department" value="<?php echo $rows[5];?>" placeholder="Department"><br>
<input type="text" name="id" value="<?php echo $rows[6];?>" placeholder="Id #"/><br>
<input type="text" name="phone" value="<?php echo $rows[7];?>" placeholder="Phone #"/><br>
</div>
<div class="reg_section">
<h3>Your Password</h3>
<input type="password" name="pass" value="<?php echo $rows[8];?>" placeholder="Your Password"><br>
<input type="password" name="cpass" value="<?php echo $rows[8];?>" placeholder="Confirm Password">
</div>
<div class="reg_section">
<h3>Your Address</h3>
<input type="text" name="address" value="<?php echo $rows[9];?>" placeholder="Address">
</div>
<p class="submit"><input type="submit" name="submit" value="Update Info"></p>
</form>
</div>
</div>
My PHP CODE IS..........
<?php session_start();
if(isset($_POST['submit']))
{
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$user=$_POST['uname'];
$email=$_POST['email'];
$depart=$_POST['department'];
$id=$_POST['id'];
$phone=$_POST['phone'];
$pass=$_POST['pass'];
$address=$_POST['address'];
$qry="UPDATE signup SET First_Name=$$fname,Last_Name=$$lname,Username=$$user,Email=$$email,Department=$$depart,Employe_Id=$$id,Phone=$$phone,Password=$$pass,Address=$$address WHERE Username=$$user";
if(mysql_query($qry))
{
header('location:setting.php');
}
}
?>
Can any one know that what is the error...
try this sql
$qry="UPDATE signup
SET First_Name='$fname', Last_Name='$lname', Username='$user', Email='$email',Department='$depart', Employe_Id='$id', Phone='$phone', Password='$pass', Address='$address'
WHERE Username='$user' LIMIT 1 ";
As mentioned in my first comment above you have a problem in how you construct your query. You were using double dollar chars ($$) which does not make any sense. The result is that you run an empty query which explains why not record is updated.
As a first step alter your query like this:
$qry = "UPDATE signup SET
First_Name='$fname', Last_Name='$lname', Username='$user',
Email='$email', Department='$depart', Employe_Id='$id',
Phone='$phone', Password='$pass', Address='$address'
WHERE Username='$user'";
You do not implement any form of error handling, that is why you don't see the error you get from mysql. Please take a look at some tutorials about how to do that.
Also consider my second comment about preventing sql injections. At least, as some kind of "hot fix" you should use mysql_real_ecape() on all user input you integrate into your query. But as said, the only real solution is to switch to "prepared statements".
Trying to post a simple form to my database but can't get it to work. I have PHP and MySQL activated through XAMPP. The database "E-mail list" is set up with the table "Players".
PHP code:
<?php
$mysqli = new mysqli('localhost', 'root', '', 'E-mail list');
if(isset($_POST['save']))
{
$name = $mysqli->real_escape_string($_POST['name']);
$email = $mysqli->real_escape_string($_POST['email']);
$phone = $mysqli->real_escape_string($_POST['phone']);
$other = $mysqli->real_escape_string($_POST['other']);
$query = 'INSERT INTO Players (
name,
email,
phone,
other
)
VALUES ('.$name.', "'.$email.'", "'.$phone.'","'.$other.'")';
if ($mysqli->query($query))
{
echo 'Data Saved Successfully.';
}
else
{
echo 'Cannot save data.';
}}
?>
And the form:
<form id="myForm" method="post">>
<div data-role="fieldcontain">
<label for="name">Please enter your name:</label>
<input type="text" name="name" id="name" class="required" value="" autocomplete="off" />
<label for="email">Please enter your e-mail:</label>
<input type="text" name="email" id="email" value="" class="required" autocomplete="off" />
<label for="phone">Please enter your phone number:</label>
<input type="number" name="phone" id="phone" value="" class="required" autocomplete="off" />
<br><br>
<label for="other">Other comments</label>
<textarea name="other" id="other" autocomplete="off" placeholder="Anything else you'd like to add?">
</textarea>
</form>
<p><strong id="error"></strong></p>
<br><br>
<input type="button" id="save" name="save" value="Submit Form" />
<p id="response"></p>
I did some changes in your codes both PHP and HTML Parts.,
For PHP :
<?php
$mysqli = new mysqli('localhost', 'root', '', 'E-mail list');
/* check connection */
if ($mysqli->connect_errno) {
printf("Connect failed: %s\n", $mysqli->connect_error);
exit();
}
if(isset($_POST['save']))
{
$name = $mysqli->real_escape_string($_POST['name']);
$email = $mysqli->real_escape_string($_POST['email']);
$phone = $mysqli->real_escape_string($_POST['phone']);
$other = $mysqli->real_escape_string($_POST['other']);
$query = "INSERT INTO Players (`name`,`email`,`phone`,`other`) VALUES ('".$name."','".$email."','".$phone."','".$other."')";
if($mysqli->query($query))
{
echo 'Data Saved Successfully.';
}
else
{
echo 'Cannot save data.';
}
}
?>
For HTML :
<form id="myForm" method="post" action="">
<div data-role="fieldcontain">
<label for="name">Please enter your name:</label>
<input type="text" name="name" id="name" class="required" value="" autocomplete="off" /><br />
<label for="email">Please enter your e-mail:</label>
<input type="text" name="email" id="email" value="" class="required" autocomplete="off" /><br />
<label for="phone">Please enter your phone number:</label>
<input type="number" name="phone" id="phone" value="" class="required" autocomplete="off" />
<br><br>
<label for="other">Other comments</label>
<textarea name="other" id="other" autocomplete="off" placeholder="Anything else you'd like to add?">
</textarea>
<p><strong id="error"></strong></p>
<br><br>
<input type="submit" id="save" name="save" value="Submit Form" />
<p id="response"></p>
</form>
I think this may help you to resolve your problem.
Missing double quotes for name value in your SQL.
VALUES ("'.$name.'", "'.$email.'", "'.$phone.'","'.$other.'")';
Use Firefox/firebug to see the parameters and result, and add an echo($query); so you can see it in firebug.
'E-mail list' doesn't seem like convenient database name, though it should be okay.
Anyway, your goal should be to display all possible error that may occur.
So, you have to always check for the errors and report them in more usable form than just 'Cannot save data.'
Always check your connect
$mysqli = new mysqli('localhost', 'root', '', 'E-mail list');
if ($mysqli->connect_error) {
trigger_error($mysqli->connect_error);
}
same for the query
if (!$mysqli->query($query)) {
trigger_error($mysqli->error." ".$query);
}
If you see no error messages - check the logic of your code: if you ever run the code, if you run the code you wrote, if PHP works, typos etc.
I have an html form where people can subscribe to a mailing list. The form includes form validation and when the form is submitted, the data is stored in a database using My SQL.
Here is the code on the index.html page where the form is
<form id="subscribe-form" action="send.php" method="post">
<p id="status"></p>
<div>
<label for="title">Title:</label>
<select class="uniform" name="title" id="title">
<option>Please Choose</option>
<option>Mr</option>
<option>Mrs</option>
<option>Miss</option>
<option>Ms</option>
</select>
</div>
<div>
<label for="firstName">First name:</label>
<input type="text" id="firstName" name="firstName" />
</div>
<div>
<label for="surname">Surname:</label>
<input type="text" id="surname" name="surname" />
</div>
<div>
<label for="email">Email:</label>
<input type="text" id="email" name="email" />
</div>
<div>
<label for="phone">Contact Number:</label>
<input type="text" id="phone" name="phone" />
</div>
<div>
<label for="title">How did you hear about us?</label>
<select class="uniform" name="refer" id="refer">
<option>Please Choose</option>
<option>Google</option>
<option>Yahoo</option>
<option>Word of Mouth</option>
<option>Others</option>
</select>
</div>
<div>
<input type="checkbox" name="news_updates" value="1" />
I'd like to hear about the latest news and events updates</div>
<div>
<input class="button" type="submit" value=""/>
</div>
</form>
Here is the code for send.php
<?php
include ('connection.php');
$sql="INSERT INTO form_data (title,firstName, surname, email, phone, refer, news_updates)
VALUES
('$_POST[title]', '$_POST[firstName]','$_POST[surname]','$_POST[email]','$_POST[phone]','$_POST[refer]','$_POST[news_updates]')";
if (!mysql_query($sql, $connected))
{
die('Error: ' . mysql_error());
}
mysql_close($connected);
?>
I would like to make another html (unsubscribe.html) page where people can unsubscribe by entering their email address so that their email address would match the corresponding email that is in the database already and remove it from the My Sql database .
I found this tutorial which was kind of helpful -
http://www.phpsuperblog.com/php/delete-records-from-mysql-database-with-html-form-and-php/
and this is the form on my unsubscribe.html page.
<form id="unsubscribe_form" action="delete.php" method="post">
<div>
<label for="email_remove">Email:</label>
<input type="text" id="email_remove" name="email_remove" />
</div>
<div>
<input name="delete" type="submit" id="delete" value="" class="unsubscribe_btn">
</div>
</form>
but when I enter method="post" in the unsubscribe form. The data from the form on the subscribe / index.html does not get stored in My Sql, instead they come up as blank.
So I am guessing I can't have two "post" method maybe??
If someone could guide me in the right direction that would be much appreciate. Thanks.
I guess you are at your learning stage. So, I will suggest you to have a check for POST method being called on the page which receives the post.
Example: in your subscribe.php
you should have :
<input class = "button" type = "submit" value = "Subscribe" name = "subscribe" />
in send.php
you must do:
if(!isset($_POST['subscribe'])
{
header('location: subscribe.html');
}
You must use isset for your pages.
If you could display your delete.php, perhaps I can edit this post and assist you further but, so far... A check is required and you can use as many forms as many you like (even on one page) but, make sure they all have different id/names.
Your delete.php script should be:
<?php
require ('connection.php'); // User require for important functions so that if not found, it throws fatal error
$email = $_POST['email_remove'];
// Check for isset POST
$query = "DELETE from form_data WHERE email = '".$email."'";
if(mysql_query($query)){ echo "deleted";} else{ echo "fail";}
?>
your delete.php seems OK to me.
Can add the following to Line 2
echo "";
print_r($_POST);
and post array in comments?