I have a form that up to yesterday was working with post to insert the form data into mysql table. Today it all stopped working and I changed nothing. This is driving me crazy.
Allot of the answers provided on line are based on correcting incorrect code. My code is correct, at least i think it is. It all worked fine after I wrote it and used it for several days. Then one day it just stopped working.
My post code is as follows.
<?php
include 'quality_module_connect.php';
// Don't forget to properly escape your values before you send them to DB
// to prevent SQL injection attacks
echo "<p>Content variables $_POST is:</p>";
print_r($_POST);
$field1 = $mysqli_real_escape_string($_POST['field1']);
$sql = "INSERT INTO test(test)
VALUES ('$field1')";
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
echo "1 record added";
mysqli_close($con);
?>
The results are that nothing is getting posted into the mysql table and I get no error message. When I insert with an insert statement without using post it all works fine.
How do I solve the problem?
I found the answer and it was not in the code, at least I do not think it was. I was opening the form using a hypelink with target="_blank"in the hyperlink statment so that it would open on a new tab. For some reason the new tab requirements with target="_blank" was causing the POST to be empty. Once I got rid of that everything is back to normal and fine. It would be nice to understand why.
Related
I have an HTML survey. I am handling it with PHP and passing it with PHP into a MySQl database. Before this section of code, I post every input, and echo it out as a summary. Every input is reading correctly in the summary, so the form seems to be working fine. I manually input 1 dataset to test the database columns, and then 1 set of data went straight from the form to the database without issue. Now, however, I tried to insert another set of data and it isn't uploading.
I have each field outlined because I have another field that is an autoincrement for when a row is inserted. On a previous form handle I did, I also had an autoincrement field that worked perfectly without including it in the insertion process, so I'm fairly certain I don't need to include it here.
Is there something in the insert code that I've overlooked? I can manually input results just fine that match exactly what I put into the survey fields, but the digital upload from survey submission to database is not being completed. I AM connected to the database, because I have an error for failed connection set up that isn't popping up (it is paired with $dbcon. $dbcon stands for database connection).
//Data Insertion
$res_ins = "INSERT INTO Survey (name, zip,
gender, income, savings, disaster, work,
res_road, work_road, evacuation, lodging,
injury, children, num_child, educ, city_prep,
PrepComments, emer_res, info, prep, fut_prep)
VALUES ('$name', '$zip', '$gender', '$income',
'$savings', '$disaster', '$work', '$res_road',
'$work_road', '$evacuation', '$lodging',
'$injury', '$children', '$num_child', '$educ',
'$city_prep', '$PrepComments', '$emer_res',
'$info', '$prep', '$fut_prep')";
$insert = $dbcon->query($res_ins);
//Terminate connection to database and end
insertion
mysqli_close($dbcon);
I can't comment because of reputation, so I have to give you a hint in the answer: did you try to use this query directly on your database, using some interface?
However, you could try to add some rows to see what is the error, before to close the connection:
if ($dbcon->query($res_ins) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $res_ins. "<br>" . $dbcon->error;
}
before executing, print the query. it will help you to find out the root cause. most common reason of this type of issue is special character. You can check is there any special character in your query.
Sorry for my bad English,
I cant retrieve record from mysql database, there's no error messages and nothing showing. The things is I want to retrieve data on a page with session using external php file. My table has data on it, I've inserted it with phpmyadmin. Here's the code :
UPDATE
I only work on php file now, and here the konek.php
<?php
error_reporting(E_ALL);
$konek=new mysqli('localhost','root','zxcvbnm','jumat') or die(mysqli_connect_error);
$selek=mysqli_query($konek,'select * from kategori');
while($baris=mysqli_fetch_array($selek)){
echo $baris['kodekat'].' '.$baris['namakat'];
echo '<br>';
}
if($konek){
echo 'koneksi ok';
}
$konek->close();
?>
it only shows the 'koneksi ok' word, is the while not processed?
thank you in advance
What are you trying to do with this line:
if($i<=mysql_fetch_array($selek)){
If you are trying to compare with the no. of data use:
if($i<=mysql_num_rows($selek)){
From personal experience, I had trouble with this traditional MySQL api.
I'll share this small PDO tutorial that got me over this mess, hope this helps you as much as it helped me.
http://code.tutsplus.com/tutorials/php-database-access-are-you-doing-it-correctly--net-25338
Try this:
<?php
$konek=mysqli_connect("localhost","root","zxcvbnm","jumat") or die(mysqli_error());
$selek=mysqli_query($konek,"select kodekat,namakat from kategori");
$i=0;
if(mysqli_num_rows($selek) > 0 ){
while($baris = mysqli_fetch_array($selek)){
$id = $baris["kodekat"];
$nmk = $baris["namakat"];
echo"kode: ".$id."nama:".$nmk.'<br/>';
}
}else{
echo 'No items in database';
}
mysqli_close($konek);
?>
I know the problem.
Yhe problem is, my database is empty, I'm so forgetfull, :)
sorry for the inconvenience, I'm sorry I'm sorry,
the code is fine, all of them, :)
and all of answers above, I'm sure it works,
its my faults, that's my database was empty in the first place,
I have been trying to figure out why this function is working on chrome, but not on firefox.
I have an auto increment field that is my primary key that I get my id from. Here is my code.
if (isset($_GET['id'])) {
$id = $_GET['id'];
} else {
$id = mysql_insert_id();
echo $id;
}
I've tried putting my connection in the function as follows, but it still does not work. Any pointers would be appreciated. Also, I know of mysqli functions, I am using these functions because the user's setup is quite old.
$id = mysql_insert_id($conn);
Here is my code that is doing the insert.
sprintf("INSERT INTO `trade_show_orders` (`SetupDate`,`SetupEndDate`,`ShowName`,`Location`,`Literature`,`StartDate`,`EndDate`,`Attendees`,`Projected`,`File`,`Giveaways`,`AddressBox`,`LocationType`,`Title`,`FirstName`,`LastName`,`Email`,`AddressOne`,`AddressTwo`,`Zip`,`Special`,`OrderDate`,`ShippingLocation`,`ShippingAddressOne`,`ShippingAddressTwo`,`ShippingZip`,`ShippingSpecial`) VALUES ('$setupDate','$endSetup','%s','%s','$values','$eventStart','$eventEnd','%d','%d','".basename($_FILES['fileUpload']['name'])."', '%s','off','%s','%s','%s','%s','%s','%s','%s','%d','%s',NOW(),'%s','%s','%s','%d','%s')", mysql_real_escape_string($_POST['showName']), mysql_real_escape_string($_POST['location']), $_POST['numberAttendees'], $_POST['visitors'], mysql_real_escape_string($_POST['giveaways']), mysql_real_escape_string($_POST['locationType']), mysql_real_escape_string($_POST['personalTitle']), mysql_real_escape_string($_POST['personalFirstName']), mysql_real_escape_string($_POST['personalLastName']), mysql_real_escape_string($_POST['personalEmail']), mysql_real_escape_string($_POST['personalAddressOne']), mysql_real_escape_string($_POST['personalAddressTwo']), $_POST['personalZip'], mysql_real_escape_string($_POST['personalSpecial']), mysql_real_escape_string($_POST['shippingLocation']), mysql_real_escape_string($_POST['shippingAddressOne']), mysql_real_escape_string($_POST['shippingAddressTwo']), $_POST['shippingZip'], mysql_real_escape_string($_POST['shippingSpecial']));
mysql_insert_id() will only return an ID if you've done an INSERT query WITH THE CURRENT CONNECTION. That means it will not return an ID from a page request "three clicks" ago. it will not return an ID done by some other script that's executing at the same, because that's done using a different connection to mysql.
So show the rest of the code that actually does the insert. PHP shouldn't care at all what browser's running on the remote it. It's just an HTTP request with some data as far as PHP is concerned. If there is a browser-specific issue, it'll be in some client-side code that's blowing up, e.g. some bad javascript doing an AJAX request and not filling out a field properly.
Turns out it had nothing to do with my insert.
Apparently, when you use images with submits on a form in Firefox, IE. It renames the image submit from "submit" to "submit_x" or "submit_y"
Chrome and Safari look for both submit and submit_x,submit_y with images.
Firefox and IE 7,8,9 only look for submit_x and submit_y, which explains the reason why it was only working on chrome.
Whilst moving from one host to another (to hostgator) we've received many errors. We did have a news editor edit code error once we moved, but we've fixed that. Now, we have an error updating data in page editor.
It can pull/select data and says saved, but it doesn't update the data in mysql.
Hosting error? was working before.
»Events Page
»Jobs Page
»Maintenance Page
»Staff Page
Thank you,
Maybe your previous host had autocommit=on, meaning you do not have to COMMIT.
Try a COMMIT statement at the end of each data update to actually save the data
echo("The CMS for the credits page has been updated!");
is just the php saying what you want it to say, it did not actually go into the database and check...
use
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
else
{
echo("maintenance page updated");
}
to identify that your query is working fine or not
I'm still new to php and working my way around it but i'm stuck at the following piece:
code for deleting a row in my table
i have a link directing towards this piece of my script. i run through the first half just fine but when i press on submit and try to execute my delete query it won't go to my second if statement let alone get to the delete query.
$pgd is the page id
my hunch is there is problem with the action in the form i'm building after my while statement
forgive me for the wierd formatting of my msg but its 2am and very tired, i promise to format my questions in the future better! any help is appreciated
edit: ok other then the obvious mistake of missing method=post #.#;
edit:
hey everyone,
first of all, i'd like to thank everyone for their response.
i just started coding in php last weekend so forgive my messy codes. the code is still running locally and my main goal was to finish the functions and then work on securing my code.
now back to the issue, i'm sorry if i was vague about my problem. i'll try to reiterate it.
my issue isn´t selecting an item i want to delete, the issue is that it won´t get to the 2nd if statement.
Re-edit:
this time with my current code:
if($_GET['delete'] == "y")
{
//content hier verwijderen
$sqlcont1="SELECT * FROM content where id ='".$_GET['id']."'";
echo $sqlcont1;
$resultcont1 = mysql_query($sqlcont1) or die (include 'oops.php');
while($rowcont1= mysql_fetch_array($resultcont1)){
echo '<form class="niceforms" action="?pg='.$pgd.'&delete=y&remove=y&id='.$_GET['id'].'" method="post">';
echo '<h1>'.$rowcont1['Titel'].'</h1>';
echo '<p>'.$rowcont1['Content'].'</p>';
echo '<input type="submit" value="Delete article">';
echo '</form>';
}
if($_GET['remove']=="y"){
echo 'rararara';
$id=$_GET['id'];
$sqlrem="DELETE FROM content WHERE id="$id;
echo $sqlrem;
mysql_query($sqlrem);
}
}
echoing $sqlrem gives me the following now:
DELETE FROM content WHERE id=8
that being my current code, i get in to the second IF statement but now to get it to delete!
#everyone:
ok maybe thinking out loud or following my steps worked but the code works, i know its very messy and it needs fine tuning. i'd like to thank everyone for their help and feedback. i'm liking this and you'll probably see me alot more often with nubby questions and messy codes with no escapes :(
First of all, you have SQL injection vulnerability in your script. Anyone can add some string that will be attached to your query, possibly altering it in a way that can make almost anything with the data from your database.
Escape your values with one of anti-SQL-injection methods. Read more for example on php.net/manual/en/function.mysql-query.php
To the point...
Your deletion code will be executed only if you invoke URL with two params (remove and delete set to y. That means your URL should look similar to something.php?delete=y&remove=y. Maybe you just did not spot it.
Please give details about any errors that occured and tell me whether the above mentioned solution helped.
mysql_fetch_array() returns an array
your while statement acts as an if, and does not iterate thru the array returned as you think it does
you need something like
$all_rows = mysql_fetch_array($result);
foreach ($all_rows as $row) {
$sql = "delete from table where id = " . $row['id'];
}
It looks to me like you're mixing two forms together here: you're wanting to see if you went to the delete row form (the first few lines), and you're trying to present the delete row form (the while loop.) I would break these two things apart. Have a page that simply displays your forms for row deletes, and another page that processes those requests. And another page that brings you to the delete rows page.
For now, just echo all the values you're expecting to receive in $_GET[] and see if they are what you expect them to be.
You have a lot of problems in that script alone, so just to make things easier (considering you uploaded a pic), put an
echo $sqlrem;
in your second if statement, see if the query is displayed. If not, it means it doesn't even get to that part of code, if it gets displayed, copy it and run it in phpmyadmin. That should output a more coherent error message. Tell us what that is and we'll work it through.
I also noticed that your DELETE SQL query might have an issue. If your $pgd' id is a integer, you shouldn't include the ' single quote, that is for string only.
**Correction**
$sqlrem = "DELETE FROM content WHERE id = " . controw1['id'];
EDIT
Anyway, just to help out everyone, I typed out his code for easier viewing.
I think his error is $rowcont1['Tilel'] --> that might caused PHP to have an error because that column doesn't exist. I assumed, it should be `Title' causing an typo error.
if(_$GET['delete'] == "y") {
$sqlcont1 = "SELECT * FROM content where id ='" . $_GET['id'] . "'";
$resultcont1 = mysql_query($sqlcont1) or die (include 'oops.php');
while ($rowcont1 = mysql_fetch_array($resultcont1)) {
echo '<form class = "niceforms" action = "?pg=' .$pgd . '&delete=y&remove=y">';
echo '<h1>' . $rowcont1['Title'] . '<h1>'; // <-- error here
echo '<p>' . $rowcont1['Content'] . '</p>';
echo '<input type = "submit" value = "Delete article">';
echo '</form>';
}
if ($_GET['remove'] == "y"){
$sqlrem = "DELETE FROM content WHERE id = " . $rowcont1['id'];
mysql_query ($sqlrem);
}
}