Submit button don't add data to MySQL - php

I tried to create a form which will send an email and add data to MySQL data base. For email part because I work on localhost I used formsubmit. All good but there is a conflict. When I press on send only the email is send without any data added to my database. If I delete the action attribute from form data will be added but in this case I can't send any emails. Here is my file:
<?php
require 'config.php';
if(!empty($_SESSION["id"]))
{
$id= $_SESSION["id"];
$result = mysqli_query($conn,"SELECT * FROM tb_user WHERE id= $id");
$row = mysqli_fetch_assoc($result);
}
else
{
header("Location: login.php");
}
if(isset($_POST["submit"]))
{
$name = $_POST['name'];
$email = $_POST['email'];
$cui = $_POST['cui'];
$tip = $_POST['tip'];
$adresa = $_POST['adresa'];
$query = "INSERT INTO beneficiari VALUES('','$email','$name','$cui','$tip','$adresa')";
mysqli_query($conn,$query);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Beneficiari </title>
<link rel="stylesheet" href="indexCSS.css">
<link rel="stylesheet" type="text/css" href="beneficiariCSS.css">
</head>
<body>
<div class="topnav">
Welcome <?php echo $row["name"]; ?>
Logout
<a class="active" href="index.php">Home</a>
Anunturi
Viz
Registration
</div>
<div class="container">
<form action="https://formsubmit.co/0e6b51872b4393271dbfa08bb0655fc8" method="POST">
<h3>Inregistrare</h3>
<input type="text" name="name" id="name" placeholder="Denumire institutie" required>
<input type="email" name="email" id="email" placeholder="Enter an valid email" required>
<input type="text" name="cui" id="cui" placeholder="CUI" required>
<input type="text" name="tip" id="tip" placeholder="Tipul institutie" required>
<input type="text" name="adresa" id="adresa" placeholder="Adresa" required>
<button type="submit" name="submit">Send</button>
</form>
</div>
</body>
</html>


You can remove the action from form, and add it after the SQL query, within the if statement as header, like so:
if(isset($_POST["submit"]))
{
$name = $_POST['name'];
$email = $_POST['email'];
$cui = $_POST['cui'];
$tip = $_POST['tip'];
$adresa = $_POST['adresa'];
$query = "INSERT INTO beneficiari VALUES('','$email','$name','$cui','$tip','$adresa')";
mysqli_query($conn,$query);
header('location: https://formsubmit.co/0e6b51872b4393271dbfa08bb0655fc8');
}
I believe this will work.
But whatever you do make sure you check the input!! The way you are handling your input right now is very dangerous, and allows users to inject you with SQLs (read up on SQL injections and protection)

Related

The data is not registered to the database

I want to make a student registration form. I get no error messages, but the data is not entered into the database.
INDEX is for INDEX NUMBER
USERNAME is for USER
EMAIL is for EMAIL
I had trouble with index variable it said that it is undefined, I am not sure if I defined the variable properly.
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<!-- TemplateBeginEditable name="doctitle" -->
<title>Untitled Document</title>
<!-- TemplateEndEditable -->
<!-- TemplateBeginEditable name="head" -->
<!-- TemplateEndEditable -->
</head>
<body>
<?php
session_start();
$_SESSION["message"] = "";
$mysqli = new MySQLi("localhost","root","","accounts");
if ($_SERVER['REQUEST_METHOD'] == "POST"){
$username = $mysqli->real_escape_string($_POST["username"]);
$email = $mysqli->real_escape_string($_POST["email"]);
$index = ($_POST["email"]);
$_SESSION["username"] = $username;
$_SESSION["email"] = $email;
$sql = "INSERT INTO users (index, email, name) "
. "VALUES ('$index', '$email', '$username')";
//check if mysql query is successful
if ($mysqli->query($sql) === true)
{
$_SESSION[ 'message' ] = "Registration succesful! Added $username to the database!";
//redirect the user to welcome.php
header( "location: welcome.php" );
}
else{
$_SESSION["message"] = "user could not be added to the database";
}
}
else{
$_SESSION["message"] = "could not initiate session";
}
?>
<link href="//db.onlinewebfonts.com/c/a4e256ed67403c6ad5d43937ed48a77b?family=Core+Sans+N+W01+35+Light" rel="stylesheet" type="text/css"/>
<link rel="stylesheet" href="form.css" type="text/css">
<div class="body-content">
<div class="module">
<h1>Create an account</h1>
<form class="form" action="form.php" method="post" enctype="multipart/form-data" autocomplete="off">
<div class="alert alert-error"></div>
<input type="text" placeholder="User Name" name="username" required />
<input type="email" placeholder="Email" name="email" required />
<br>
<input type="text" placeholder="Index Number" name="index" required /><br>
<input type="submit" value="Register" name="register" class="btn btn-block btn-primary" />
</form>
</div>
</div>
</body>
</html>

Change this line :
$sql = "INSERT INTO users (index, email, name) "
. "VALUES ('$index', '$email', '$username')";
To this :
$sql = 'INSERT INTO users (index, email, name) '
. 'VALUES ("$index", "$email", "$username")';
Hope to solve your problem.

My php code does not post to database on server but it is working on localhost

This is the code. It is working on localhost, but when I upload it to my server the PHP does not send information to MySQL.
<?php
session_start();
include('connect.php');
if(isset($_POST['signup'])){
echo "<pre>"; print_r($_POST); echo "</pre>";
$name=$_POST['name'];
$email=$_POST['email'];
$password=md5($_POST['password']);
$contact=$_POST['contact'];
$city=$_POST['city'];
$address=$_POST['address'];
$signup_sql=mysqli_query($con,"select * from signup where email='".$email."'");
//$signup_res=mysqli_query($con,$signup_sql);
//$signupresult=mysqli_fetch_array($signup_res);
$dataa = mysqli_fetch_array($signup_sql);
if(empty($signup_res)){
$sql="insert into signup (name,email,password,contact,city,address) values ('".$name."','".$email."','".$password."','".$contact."','".$city."','".$address."')";
$res=mysqli_query($con,$sql);
if($res>=1){
#header("location:login.php");
}
else{
#header("location:index.php");
}
}else{
#header("location:index.php");
}
}
?>

You're not testing the select query correctly. if(empty($signup_res)) only tests if the query got an error. But a query that doesn't match anything is not an error, it's just an empty result.
You should check the result of fetching the result:
if(empty($dataa))
And then when you perform the insert query, you're not checking its success correctly, either. $res will be either TRUE or FALSE, not a number. If you want to redirect to login.php if the insert failed, it should be:
if (!$res) {
header("location: login.php");
} else {
header("location: index.php");
}
I also recommend that while debugging you remove the redirect and display the error message when the query fails. You also shouldn't use # while debugging (and there's little reason to use # for header() calls anyway).

YiPp i fixed it by by changing code to
<?php
session_start();
header('location:login.php');
$con = mysqli_connect('localhost','id8127977_decors','Priya#1994');
if($con){
echo" connection successful";
}else{
echo " no connection";
}
mysqli_select_db($con, 'id8127977_decors');
$name=$_POST['name'];
$email=$_POST['email'];
$password=md5($_POST['password']);
$contact=$_POST['contact'];
$city=$_POST['city'];
$address=$_POST['address'];
$q = " select * from signup where email = '$email' ";
$result = mysqli_query($con, $q);
$num = mysqli_num_rows($result);
if($num == 1){
echo" duplicate data ";
}else{
$qy= "insert into signup (name,email,password,contact,city,address) values ('".$name."','".$email."','".$password."','".$contact."','".$city."','".$address."')";
mysqli_query($con, $qy);
}
?>

<!doctype html>
<html>
<head lang="en">
<meta charset="utf-8">
<title>File Upload PHP</title>
<link rel="stylesheet" href="style.css" type="text/css" />
<script type="text/javascript" src="js/jquery-1.11.3-jquery.min.js"></script>
<script type="text/javascript" src="js/script.js"></script>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
</head>
<body>
<div class="container">
<div class="row">
<div class="col-md-8">
<form id="form" action="ajaxupload.php" method="post" enctype="multipart/form-data">
<div class="form-group">
<label for="name">NAME</label>
<input type="text" class="form-control" id="name" name="name" placeholder="Enter name" required />
</div>
<div class="form-group">
<label for="email">EMAIL</label>
<input type="email" class="form-control" id="email" name="email" placeholder="Enter email" required />
</div>
<input id="uploadImage" type="file" accept="image/*" name="image" />
<div id="preview"><img src="filed.png" /></div><br>
<input class="btn btn-success" type="submit" value="Upload">
</form>
<div id="err"></div>
</div>
</div>
</div></body></html>

On user being registered redirect to different page PHP

How would I make it so on the user being registered they get redirected to a different page. Ive tried most things, and yes it registers fine but im just struggling with this one bit D:
regsister.inc.php
<?php
//Start session:
session_start();
//Include db settings and create a connection:
include("config.inc.php");
//Create variable for username input and prevent sql injections:
$username = mysql_real_escape_string($_POST['usern2']);
//Create variable for password input, prevent sql injections and hash it with md5:
$password = mysql_real_escape_string(md5($_POST['pass2']));
//Select matching username and password from admin table based on input:
$sql = "INSERT INTO admin VALUES('$username', md5('$password'))";
//$sql = "SELECT * FROM admin WHERE username = '$username' AND password = '$password'";
//Execute query to db:
$execute = mysql_query($sql);
if (mysql_num_rows($execute) == 1) {
$_SESSION['user'] = $username;
echo "<p>Register Successful</p>";
}
register.php
<?php
include ("includes/register.inc.php");
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<link href="https://fonts.googleapis.com/css?family=Ubuntu" rel="stylesheet">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="css/style.css" rel="stylesheet">
</head>
<body>
<div id="container">
<?php echo $errormsg; ?>
<h2>Register</h2>
<form method="post" action="register.php">
<label>Username: </label>
<input type="text" size="25" name="usern2" value=""><br>
<label>Password: </label>
<input type="password" size="25" name="pass2" value=""><br>
<input type="submit" value="Register!">
</form>
</div>
</body>
</html>
Much help would be appreciated, dont roast me im new to PHP D:

Information don't post in database

I try to implement an sign in form based on webcam image, apparently, i don't errors in code, but information don't posted in database.
Here is my index with php code for insert information in database:
<?php
if (isset($_POST['desc'])) {
if (!isset($_POST['iscorrect']) || $_POST['iscorrect'] == "") {
echo "Sorry, important data to submit your question is missing. Please press back in your browser and try again and make sure you select a correct answer for the question.";
exit();
}
if (!isset($_POST['type']) || $_POST['type'] == "") {
echo "Sorry, there was an error parsing the form. Please press back in your browser and try again";
exit();
}
require_once("scripts/connect_db.php");
$name = $_POST['name'];
$email = $_POST['email'];
$name = mysqli_real_escape_string($connection, $name);
$name = strip_tags($name);
$email = mysqli_real_escape_string($connection, $email);
$email = strip_tags($email);
if (isset($_FILES['image'])) {
$name = $_FILES['image']['tmp_name'];
$image = base64_encode(
file_get_contents(
$_FILES['image']['tmp_name']
)
);
}
$sql = mysqli_query($connection, "INSERT INTO users (name,email,image) VALUES ('$name', '$email','$image')")or die(mysqli_error($connection));
header('location: index.php?msg=' . $msg . '');
$msg = 'merge';
}
?>
<?php
$msg = "";
if (isset($_GET['msg'])) {
$msg = $_GET['msg'];
}
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Licenta Ionut</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<script type="application/x-javascript"> addEventListener("load", function() { setTimeout(hideURLbar, 0); }, false); function hideURLbar(){ window.scrollTo(0,1); } </script>
<!-- font files -->
<link href='//fonts.googleapis.com/css?family=Muli:400,300' rel='stylesheet' type='text/css'>
<link href='//fonts.googleapis.com/css?family=Nunito:400,300,700' rel='stylesheet' type='text/css'>
<!-- /font files -->
<!-- css files -->
<link href="css/style.css" rel='stylesheet' type='text/css' media="all" />
<link href="web.js" rel='stylesheet' type='text/css' media="all" />
<script type="text/javascript" src="web.js"></script>
<!-- /css files -->
</head>
<body>
<p style="color:#06F;"><?php echo $msg; ?></p>
<h1>LogIn with Webcam Password</h1>
<div class="log">
<div class="content1">
<h2>Sign In Form</h2>
<form>
<input type="text" name="userid" value="USERNAME" onfocus="this.value = '';" onblur="if (this.value == '') {
this.value = 'USERNAME';
}">
<input type="password" name="psw" value="PASSWORD" onfocus="this.value = '';" onblur="if (this.value == '') {
this.value = 'PASSWORD';}">
<div class="button-row">
<input type="submit" class="sign-in" value="Sign In">
<input type="reset" class="reset" value="Reset">
<div class="clear"></div>
</div>
</form>
</div>
<div class="content2">
<h2>Register</h2>
<form action="index.php", name="index.php" method="post" enctype="multipart/form-data">
<input type="text" id="name" name="name" value="Nume">
<input type="text" id="email" name="email" value="EmailAdress">
<br>
<script type="text/javascript" src="webcam.js"></script>
<script language="JavaScript">
document.write(webcam.get_html(320, 240));
</script>
<div class="button-row">
<input class="sign-in" type=button value="Configure" onClick="webcam.configure()" class="shiva">
<input class="reset" type="submit" value="Register" id="image" onClick="take_snapshot()" class="shiva">
</div>
</form>
</div>
<div class="clear"></div>
</div>
</body>
</html>
And here is the script for connection to database:
<?php
$db_host = "localhost";
// Place the username for the MySQL database here
$db_username = "Ionut";
// Place the password for the MySQL database here
$db_pass = "1993";
// Place the name for the MySQL database here
$db_name = "users";
// Run the connection here
$connection=mysqli_connect("$db_host","$db_username","$db_pass") or die (mysqli_connect_error());
mysqli_select_db($connection,"$db_name") or die ("no database");
?>
I don't find error in code and i need your advice/help!
Thank you for interest about my problem!

To solve a problem like this, break the problem into parts.
(1) First, what is the PHP file receiving? At the top of the PHP file, insert:
<?php
echo '<pre>';
print_r($_POST);
echo '</pre>';
die('-----------------------------------');
(2) If that doesn't reveal the problem, next step is to duplicate the PHP file and in the second copy, HARD CODE the information you will be submitting at the top (replacing the PHP data that would normally be submitted):
<?php
$_POST['desc'] = 'TEST - Description';
$_POST['iscorrect'] = 'what it should be';
$_POST['type'] = 'TEST - Type';
etc
Then, run that modified file and see if the data is submitted.
(3) If that doesn't reveal the problem, keep working with the duplicate PHP file and add echo statements at various places to see where the file is breaking. For example:
$name = $_POST['name'];
$email = $_POST['email'];
$name = mysqli_real_escape_string($connection, $name);
echo 'HERE 01';
$name = strip_tags($name);
$email = mysqli_real_escape_string($connection, $email);
$email = strip_tags($email);
echo 'HERE 02';
if (isset($_FILES['image'])) {
$name = $_FILES['image']['tmp_name'];
$image = base64_encode(
file_get_contents(
$_FILES['image']['tmp_name']
)
);
}
echo 'HERE 03';
$sql = mysqli_query($connection, "INSERT INTO users (name,email,image) VALUES ('$name', '$email','$image')")or die(mysqli_error($connection));
echo 'HERE 04: $sql = ' .$sql;

Why are not previosuly entered values shown in my EDIT form?

I am working on PHP CRUD operations and I have created a basic edit form in PHP. I have not used any field validations and all I want is simply editing information.
I am following this tutorial
Once a user is clicked on Edit link he is directed to the following form on which the user is supposed to edit his data.
Here is the code
<?php
include_once './functions.php';
include_once './database.php';
function renderForm($firstName,$lastName,$age){
?>
<!DOCTYPE html>
<html>
<head>
<title>Edit</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width">
</head>
<body>
<form action="edit.php" method="post">
First Name<input type="text" name="firstname" value="<?php $firstName ;?>"><br/>
Last Name<input type="text" name="lastname" value="<?php $lastName ;?>"><br/>
Age<input type="text" name="age" value="<?php $age ;?>"><br/>
<input type="submit" name="submit" value="Edit">
Cancel
</form>
<?php
}
?>
<?php
if (isset($_POST['submit'])) {
$firstName = cleanData($_POST['firstname']);
$lastName = cleanData($_POST['lastname']);
$age = (int) $_POST['age'];
$id = $_GET['id'];
$query = "UPDATE basic ";
$query.="SET first_name='$firstName',last_name='$lastName',age=$age ";
$query.="WHERE id=$id";
confirmQuery($query);
closeDatabase();
}else{
$id=cleanData($_GET['id']);
$query="SELECT * FROM basic WHERE id= {$id} ";
$result=confirmQuery($query);
$rows= mysqli_fetch_assoc($result);
$firstName=$rows['first_name'];
$lastName=$rows['last_name'];
$age=$rows['age'];
renderForm($firstName, $lastName, $age);
}
?>
</body>
</html>
//Additional information
//functions included in other files
function cleanData($input){
global $connection;
return mysqli_real_escape_string($connection,$input);
}
function confirmQuery($query){
global $connection;
$result=mysqli_query($connection, $query);
if(!$result){
return "Query failed : ".mysqli_error($connection);
}
else{
return $result;
}
}
function closeDatabase(){
global $connection;
mysqli_close($connection);
}
//I have not included the file which I am using to
//connect to the DB. I am sure there is no error with that file since it works
//properly with other php files
The problem that I have with my edit form is it does not show previously entered data and just shows only a blank form (similar to create form). (It does not happen when I run the demo in the above mentioned tutorial)
Netbenas IDE says variables which are inside HTML input tags seems to be unused in its scope. I have googled this question and found that warning can be simply ignored.
But Where have I gone wrong?
I am grateful to anyone who can kindly go through my code and show me the error.
Thank You :)

I have change your PHP code to below code use in your edit.php.if u get any issue put comment.
<?php
include_once './functions.php';
include_once './database.php';
if (isset($_POST['submit'])) {
$firstName = cleanData($_POST['firstname']);
$lastName = cleanData($_POST['lastname']);
$age = (int) $_POST['age'];
$id = $_GET['id'];
$query = "UPDATE basic ";
$query.="SET first_name='$firstName',last_name='$lastName',age=$age ";
$query.="WHERE id=$id";
$r=mysql_query($query);
if($r)
{
echo "Record updated";
}
}
$id=$_GET['id'];
$query="SELECT * FROM basic WHERE id='$id' ";
$result=confirmQuery($query);
$rows= mysqli_fetch_assoc($result);
$firstName=$rows['first_name'];
$lastName=$rows['last_name'];
$age=$rows['age'];
?>
<!DOCTYPE html>
<html>
<head>
<title>Edit</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width">
</head>
<body>
<form action="edit.php" method="post">
First Name<input type="text" name="firstname" value="<?php echo $firstName ;?>"><br/>
Last Name<input type="text" name="lastname" value="<?php echo $lastName ;?>"><br/>
Age<input type="text" name="age" value="<?php echo $age ;?>"><br/>
<input type="submit" name="submit" value="Edit">
Cancel
</form>
</body>
</html>

Categories