I have a problem concerning how to add data from a text field into a SQL table on a database. I would like the text fields to require some sort of data so there can be no blank data in the table. However, I cannot seem to get it to work.
The code below shows my problem.
The page where the user is created:
<html>
<head>
<title>Eksamensprojekt</title>
<style>
.outer {
display: table;
position: absolute;
top: 0;
left: 0;
height: 100%;
width: 100%;
}
.middle {
display: table-cell;
vertical-align: middle;
}
.login-form {
margin-left: auto;
margin-right: auto;
width: 400px;
font-family: Tahoma, Geneva, sans-serif;
}
.login-form h1 {
text-align: center;
color: #4d4d4d;
font-size: 24px;
padding: 20px 0 20px 0;
}
.login-form input[type="password"],
.login-form input[type="text"] {
width: 100%;
padding: 15px;
border: 1px solid #dddddd;
margin-bottom: 15px;
box-sizing:border-box;
}
.login-form input[type="submit"] {
width: 100%;
padding: 15px;
background-color: #535b63;
border: 0;
box-sizing: border-box;
cursor: pointer;
font-weight: bold;
color: #ffffff;
margin: 0;
}
</style>
</head>
<body>
<div class="outer">
<div class="middle">
<div class="login-form">
<h1>Associhunt</h1>
<form method="get">
<input type="text" name="firstname" placeholder="First name"><br>
<span class="error">* <?php echo $nameErr;?></span>
<input type="text" name="email" placeholder="E-mail"><br>
<input type="text" name="tlfnr" placeholder="Phone"><br>
<input type="text" name="position" placeholder="Current job position"><br>
<input type="text" name="username" placeholder="Username"><br>
<input type="text" name="password" placeholder="Password"><br>
<input type="submit" value="Opret bruger" name="opretbruger">
</form>
</div>
<div class="login-form">
<form method="get" action="../login/">
<input type="submit" value="Already have an account?">
</form>
</div>
</div>
</div>
<?php
$conn = new mysqli($servername, $username, $password,$dbnavn);
if ($conn->connect_error) die("Fejl: " . $conn->connect_error);
if (isset($_GET['opretbruger']))
{
$firstname=$_GET['firstname'];
if ($firstname===NULL) die();
$lastname=$_GET['lastname'];
if ($lastname===NULL) die();
$email=$_GET['email'];
if ($email===NULL) die();
$tlfnr=$_GET['tlfnr'];
if ($tlfnr===NULL) die();
$position=$_GET['position'];
if ($position===NULL) die();
$username=$_GET['username'];
if ($username===NULL) die();
$password=$_GET['password'];
if ($password===NULL) die();
$sql="INSERT INTO UserData
(
firstname,
lastname,
email,
tlfnr,
position,
username,
password
)
VALUES ('".$firstname."','".$lastname."','".$email."','".$tlfnr."','".$position."','".$username."','".$password."')";
$conn->query($sql);
if ($conn->affected_rows >0 )
{
echo "Bruger oprettet!";
}
else
{
echo "Bruger ikke oprettet!";
};
};
?>
</body>
</html>
The table creation:
<?php
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// sql to create table
$sql = "CREATE TABLE UserData (
id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
firstname VARCHAR(30) NOT NULL,
lastname VARCHAR(30) NOT NULL,
email VARCHAR(50) NOT NULL,
tlfnr INT(8) NOT NULL,
position VARCHAR(50),
username VARCHAR(40) NOT NULL,
password VARCHAR(40) NOT NULL,
reg_date TIMESTAMP
)";
if ($conn->query($sql) === TRUE) {
echo "Table UserData created successfully";
} else {
echo "Error creating table: " . $conn->error;
}
$conn->close();
?>
You can use HTML input required attribute - for example, change:
<input type="text" name="email" placeholder="E-mail">
to
<input type="text" name="email" placeholder="E-mail" required>
Have you look at the required attribute ?
Below your code with the attribute added :
<html>
<head>
<title>Eksamensprojekt</title>
<style>
.outer {
display: table;
position: absolute;
top: 0;
left: 0;
height: 100%;
width: 100%;
}
.middle {
display: table-cell;
vertical-align: middle;
}
.login-form {
margin-left: auto;
margin-right: auto;
width: 400px;
font-family: Tahoma, Geneva, sans-serif;
}
.login-form h1 {
text-align: center;
color: #4d4d4d;
font-size: 24px;
padding: 20px 0 20px 0;
}
.login-form input[type="password"],
.login-form input[type="text"] {
width: 100%;
padding: 15px;
border: 1px solid #dddddd;
margin-bottom: 15px;
box-sizing:border-box;
}
.login-form input[type="submit"] {
width: 100%;
padding: 15px;
background-color: #535b63;
border: 0;
box-sizing: border-box;
cursor: pointer;
font-weight: bold;
color: #ffffff;
margin: 0;
}
</style>
</head>
<body>
<div class="outer">
<div class="middle">
<div class="login-form">
<h1>Associhunt</h1>
<form method="get">
<input type="text" name="firstname" required placeholder="First name"><br>
<span class="error">* <?php echo $nameErr;?></span>
<input type="text" name="email" required placeholder="E-mail"><br>
<input type="text" name="tlfnr" required placeholder="Phone"><br>
<input type="text" name="position" required placeholder="Current job position"><br>
<input type="text" name="username" required placeholder="Username"><br>
<input type="text" name="password" required placeholder="Password"><br>
<input type="submit" value="Opret bruger" name="opretbruger">
</form>
</div>
<div class="login-form">
<form method="get" action="../login/">
<input type="submit" value="Already have an account?">
</form>
</div>
</div>
</div>
<?php
$conn = new mysqli($servername, $username, $password,$dbnavn);
if ($conn->connect_error) die("Fejl: " . $conn->connect_error);
if (isset($_GET['opretbruger']))
{
$firstname=$_GET['firstname'];
if ($firstname===NULL) die();
$lastname=$_GET['lastname'];
if ($lastname===NULL) die();
$email=$_GET['email'];
if ($email===NULL) die();
$tlfnr=$_GET['tlfnr'];
if ($tlfnr===NULL) die();
$position=$_GET['position'];
if ($position===NULL) die();
$username=$_GET['username'];
if ($username===NULL) die();
$password=$_GET['password'];
if ($password===NULL) die();
$sql="INSERT INTO UserData
(
firstname,
lastname,
email,
tlfnr,
position,
username,
password
)
VALUES ('".$firstname."','".$lastname."','".$email."','".$tlfnr."','".$position."','".$username."','".$password."')";
$conn->query($sql);
if ($conn->affected_rows >0 )
{
echo "Bruger oprettet!";
}
else
{
echo "Bruger ikke oprettet!";
};
};
?>
</body>
</html>
Related
I am using login and registration in the same page. Here is my HTML Code~~
body {
margin:0 !important ;
padding:0 !important ;
}
.container{
width: 100%;
height: 100vh;
background-image: url('image/innerScream.jpg');
display: flex;
justify-content: center;
align-items: center;
background-size: contain;
background-repeat: repeat;
}
.card{
width: 350px;
height: 500px;
box-shadow: 0 0 40px 20px rgba(0,0,0,0.26);
perspective: 1000px;
border-radius: 1em;
}
.inner-box{
position: relative;
width: 100%;
height: 100%;
transform-style: preserve-3d;
transition: transform 1s;
}
.card-front, .card-back{
position: absolute;
width: 100%;
height: 100%;
background-position: center;
background-size: cover;
background-image: linear-gradient(rgb(0 0 100 / 38%), rgb(0 27 100)), url(image/mirrorWindow.jpg);
padding: 55px;
padding-top: 1em;
box-sizing: border-box;
backface-visibility: hidden;
border-radius: 1em;
}
.card-back{
transform: rotateY(180deg);
}
.card h2{
font-weight: normal;
font-size: 24px;
text-align: center;
margin-bottom: 20px;
color: #fff;
}
.input-box{
width: 100%;
background: transparent;
border: 1px solid #fff;
margin: 6px 0;
height: 32px;
border-radius: 20px;
padding: 0 20px;
box-sizing: border-box;
outline: none;
text-align: center;
color: #fff;
}
::placeholder{
color: #fff;
font-size: 12px;
}
button{
width: 100%;
background: transparent;
border: 1px solid #fff;
margin: 35px 0 10px;
height: 32px;
font-size: 12px;
border-radius: 20px;
padding: 0 20px;
box-sizing: border-box;
outline: none;
color: #fff;
cursor: pointer;
}
.submit-btn {
position: relative;
display: block;
width: 55%;
margin: 0 auto;
margin-top: 6em;
}
.submit-btn::after{
content: '\27a4';
color: #333;
line-height: 32px;
font-size: 17px;
height: 32px;
width: 32px;
border-radius: 50%;
background: #fff;
position: absolute;
right: -1px;
top: -1px;
}
span{
font-size: 13px;
color: #fff;
margin-left: 10px;
}
.card .btn {
margin-top: 70px;
}
.card a{
text-decoration: none;
color: #fff;
display: block;
text-align: center;
font-size: 13px;
margin-top: 8px;
}
.check{
margin-left: 5em;
margin-top: 1em;
cursor: pointer;
}
.massage{
background: green;
}
<?php
require_once "register.php";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title> Memories - A NoteBook </title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="container">
<div class="card">
<div class="inner-box" id="card" >
<div class="card-front">
<h2>Memories - A NoteBook</h2>
<form action="" method="POST" enctype="multipart/form-data" >
<input type="email" class=" input-box" placeholder="Please Enter Your Email Id" name="email" required>
<input type="password" class=" input-box" placeholder="Password" name="password" required>
<button type="submit" class="submit-btn" value="Login"> Login </button>
<input class="check" type="checkbox"><span>Remember Me</span>
</form>
<button type="button" class="btn" onclick="openRegister()"> I am New Here </button>
Forgot Password?
</div>
<div class="card-back">
<h2>Memories - A NoteBook</h2>
<?php
if(isset($massage)){
foreach($massage as $msg){
echo '<div class="massage" style="color:red;">'.$massage.'</div>';
}
}
?>
<form action="" method="POST" enctype="multipart/form-data" >
<input type="text" class=" input-box" placeholder=" Enter Your Name" name="name" required>
<input type="email" class=" input-box" placeholder=" Enter Your Email " name="email" required>
<input type="password" class=" input-box" placeholder="Password" name="password" required>
<input type="password" class=" input-box" placeholder="Re-Type Password" name="cpassword" required>
<input type="file" class="upload-button" accept="image/jpg, image/jpeg, image/png" name="image" required>
<button type="submit" class="submit-btn" value="Register"> Register </button>
</form>
<button type="button" class="btn" onclick="openLogin()"> I've an Account !! </button>
Forgot Password?
</div>
</div>
</div>
</div>
<script>
var card = document.getElementById("card");
function openRegister(){
card.style.transform = "rotateY(-180deg)";
}
function openLogin(){
card.style.transform = "rotateY(0deg)";
}
</script>
</body>
</html>
The problem is
When I hit submit button for register the user It doesn't Insert data into data table. and doesn't redirect my desired page. After submitting it only redirect the login form. Here is the php code ~~
<?php
//include config file
include "config.php";
//register user
if (isset($_POST['submit']) ){
$name = mysqli_real_escape_string($conn, $_POST['name']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$password = mysqli_real_escape_string($conn, md5 ($_POST['password']) );
$cpassword = mysqli_real_escape_string($conn, md5 ($_POST['cpassword']) );
$image = $_FILES['image']['name'];
$image_size = $_FILES['image']['size'];
$image_tmp_name = $_FILES['image']['tmp_name'];
$image_folder = "images/".$image;
//check if email already exists
$select = mysqli_query($conn, "SELECT * FROM user WHERE email = '$email' AND userpassword = '$password' ") or die(mysqli_error($conn));
if(mysqli_num_rows($select) > 0){
$massage[] = "User already exists";
}else{
if($password != $cpassword){
$massage[] = "Password does not match";
}elseif($image_size > 5097152){
$massage[] = "Image size should be less than 5MB";
}else{
$insert = mysqli_query($conn, "INSERT INTO user (username, email, userpassword, Image) VALUES ('$name', '$email', '$password', '$image')") or die(mysqli_error($conn));
if($insert){
move_uploaded_file($image_tmp_name, $image_folder);
$massage[] = "Registration successful";
header("location: home.php");
}else{
$massage[] = "Registration failed";
}
}
}
}
?>
Here is my table information
Database is successfully connected and it's showing the success alert
The name attribute is missing in the definition of your register button:
<button type="submit" name="register" class="submit-btn" value="Register"> Register </button>
Then you can call:
if (isset($_POST['register']) ){......
I'm creating an online form and having a bit of trouble aligning the input boxes in the form. I've tried <br>, but it's always slightly off. I'm assuming this is affecting the text below as well.
Also, is PHPMailer still the preferred(simplest) way to go to retrieve the data user's input and attach? Some files might be pretty large.
head,
body {
font-family: 'Open Sans', sans-serif;
margin: 0;
padding: 0;
}
.header {
background-color: #0C2440;
color: white;
padding-top: 10px;
padding-bottom: 15px;
padding-right: 5px;
}
.header img {
float: left;
padding-top: 10px;
padding-right: 10px;
}
.header h1 {
text-align: center;
margin-right: 110px;
}
h2 {
text-align: center;
}
input[type=text],
select {
width: 80%;
padding: 12px 20px;
margin: 8px 0;
display: inline-block;
border: 1px solid #ccc;
border-radius: 4px;
box-sizing: border-box;
}
input[type=date],
select {
width: 80%;
padding: 12px 20px;
margin: 8px 0;
display: inline-block;
border: 1px solid #ccc;
border-radius: 4px;
box-sizing: border-box;
}
input[type=button] {
width: 100%;
background-color: #4CAF50;
color: white;
padding: 14px 20px;
margin: 8px 0;
border: none;
border-radius: 4px;
cursor: pointer;
}
input[type=button]:hover {
background-color: #45a049;
}
.column {
width: 50%;
float: left;
}
<!DOCTYPE html>
<html lang="en">
<head>
<title>Web Mileage Certification Change Request Form</title>
<link rel="stylesheet" href="stylesheet.css">
<link rel="stylesheet" href="//fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,400,300,600,700,800" media="all" onload="if(media!='all')media='all'">
<script src="jquery-3.4.1.min.js"></script>
<script type="text/javascript">
document.getElementById('date').value = Date();
// document.getElementById('submit').onclick = function () {
// location.href = "confirmation.html";
// return false;
// };
// document.querySelectorAll('a[href^="#"]').forEach(anchor => {
// anchor.addEventListener('click', function (e) {
// e.preventDefault();
// document.querySelector(this.getAttribute('href')).scrollIntoView({
// behavior: 'smooth'
// });
// });
// });
</script>
</head>
<body>
<div class="header">
<img src="logo.png" alt="Logo">
<h1>Planning Department</h1>
</div>
<br>
<h2>Mileage Change Request Form</h2>
<br>
<div class="form">
<form>
<fieldset>
<br>
<div class="column">
Date of Submittal:<br>
<input type="date" id="date" name="date"><br> County Name:<br>
<input type="text" id="county" name="county"><br> City/Town Name:<br>
<input type="text" id="cityname" name="cityname"><br> Name of Office and Title:<br>
<input type="text" id="officename" name="officename"><br> Address:
<br>
<input type="text" id="address" name="address"><br> City:
<br>
<input type="text" id="city" name="city"><br>
</div>
<div class="column">
State:<br>
<input type="text" id="state" name="address"><br> ZIP Code:<br>
<input type="text" id="zip" name="zip"><br> Telephone:
<br>
<input type="text" id="phone" name="phone"><br> Fax:
<br>
<input type="text" id="fax" name="fax"><br> Email:
<br>
<input type="text" id="email" name="email"><br> Comments:
<br>
<input type="text" id="comments" name="comments"><br>
</div>
<div class="reqs">
<br>
<p><b>Before we can make any changes, you MUST include items 1-3 for each submission. For annexations with mileage changes, you MUST include items 1-4. If you only have an annexation with no changes to mileage, item 4 is all you need to submit.</b></p>
<ol>
<li>Copy of a current (scaled) map(s) depicting the roads that need added and/or removed OR a shapefile or file geodatabase. If none of these are available, provide a copy of measurable (Scaled) plats depicting the roads that need added/removed.</li>
<input type="file" id="uploaded_file" name="pic" accept="image/*" required>
<li>Copy of meeting minutes at which a governing body accepted the roads into your system. If unavailable, please provide a letter stating the acceptance of the roads signed by an elected official. An example acceptance letter is available if
needed.</li> <input type="file" name="pic" accept="image/*" required>
<li>A list of each road and its requested mileage.</li> <input id="fileSelect" name="spreadsheet" type="file" accept=".csv, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet, application/vnd.ms-excel" required>
<li>Copy of annexation ordinance(s) establishing the new corporate limits along with a shapefile and/or file geodatabase of the correct corporate limits. If a shapefile is not available provide a drawing of the correct corporate limits on a scaled
map.</li> <input type="file" name="pic" accept="image/*" required>
</ol>
</div>
</fieldset>
</form>
</div>
<input id="submit" type="button" value="Submit"></input>
<!-- <?php
if(isset($_POST['submit'])) {
$emailAddress = '';
require "class.phpmailer.php";
$msg = 'Date:'.$_POST['date'].'<br /> County:'.$_POST['county'].'<br /> City/Town Name:'.$_POST['cityname'].'<br /> Name of Office and Title: '.$_POST['officename']. '<br /> Address: '.$_POST['address']. '<br /> City: '.POST['city'], '<br /> State: $_POST['state']. '<br /> ZIP Code: '.POST['zip']. '<br /> Telephone: '.$_POST['phone']. '<br /> Fax: '.$_POST['fax']. '<br /> Email: '.$_POST['email']. '<br /> Comments: '$_POST['comments']. '<br />';
move_uploaded_file($_FILES["uploaded_file"]["tmp_name"], $_FILES["uploaded_file"]["name"]);
$mail = new PHPMailer();
$mail->IsMail();
$mail->AddReplyTo($_POST['email'], $_POST['name']);
$mail->AddAddress($emailAddress);
$mail->SetFrom($_POST['email'], $_POST['name']);
$mail->Subject = "Subject";
$mail->MsgHTML($msg);
$mail->AddAttachment( $_FILES["uploaded_file"]["name"]);
$mail->Send();
echo'<script> window.location="../MCCR.html"; </script> ';
}
?> -->
</body>
</html>
Remove <br> and use CSS style. Added some style in your existing code as
// newly added style begin
h2 {
text-align: center;
margin:30px 0;
}
fieldset {
padding-top:20px;
}
.form-fields {
display: flex;
flex-direction:row;
width: 80%;
margin: 0 auto;
}
.column {
width:50%;
display:flex;
flex-direction:column;
}
input {
width:100%;
}
//end
head,
body {
font-family: 'Open Sans', sans-serif;
margin: 0;
padding: 0;
}
.header {
background-color: #0C2440;
color: white;
padding-top: 10px;
padding-bottom: 15px;
padding-right: 5px;
}
.header img {
float: left;
padding-top: 10px;
padding-right: 10px;
}
.header h1 {
text-align: center;
margin-right: 110px;
}
input[type=text],
select {
width: 80%;
padding: 12px 20px;
margin: 8px 0;
display: inline-block;
border: 1px solid #ccc;
border-radius: 4px;
box-sizing: border-box;
}
input[type=date],
select {
width: 80%;
padding: 12px 20px;
margin: 8px 0;
display: inline-block;
border: 1px solid #ccc;
border-radius: 4px;
box-sizing: border-box;
}
input[type=button] {
width: 100%;
background-color: #4CAF50;
color: white;
padding: 14px 20px;
margin: 8px 0;
border: none;
border-radius: 4px;
cursor: pointer;
}
input[type=button]:hover {
background-color: #45a049;
}
// newly added style begin
h2 {
text-align: center;
margin:30px 0;
}
fieldset {
padding-top:20px;
}
.form-fields {
display: flex;
flex-direction:row;
width: 80%;
margin: 0 auto;
}
.column {
width:50%;
display:flex;
flex-direction:column;
}
input {
width:100%;
}
//end
<!DOCTYPE html>
<html lang="en">
<head>
<title>Web Mileage Certification Change Request Form</title>
<link rel="stylesheet" href="stylesheet.css">
<link rel="stylesheet" href="//fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,400,300,600,700,800" media="all" onload="if(media!='all')media='all'">
<script src="jquery-3.4.1.min.js"></script>
<script type="text/javascript">
//document.getElementById('date').value = Date();
// document.getElementById('submit').onclick = function () {
// location.href = "confirmation.html";
// return false;
// };
// document.querySelectorAll('a[href^="#"]').forEach(anchor => {
// anchor.addEventListener('click', function (e) {
// e.preventDefault();
// document.querySelector(this.getAttribute('href')).scrollIntoView({
// behavior: 'smooth'
// });
// });
// });
</script>
</head>
<body>
<div class="header">
<img src="logo.png" alt="Logo">
<h1>Planning Department</h1>
</div>
<h2>Mileage Change Request Form</h2>
<div class="form">
<form>
<fieldset>
<div class="form-fields">
<div class="column">
Date of Submittal:
<input type="date" id="date" name="date"> County Name:
<input type="text" id="county" name="county"> City/Town Name:
<input type="text" id="cityname" name="cityname"> Name of Office and Title:
<input type="text" id="officename" name="officename"> Address:
<input type="text" id="address" name="address"> City:
<input type="text" id="city" name="city">
</div>
<div class="column">
State:
<input type="text" id="state" name="address"> ZIP Code:
<input type="text" id="zip" name="zip"> Telephone:
<input type="text" id="phone" name="phone"> Fax:
<input type="text" id="fax" name="fax"> Email:
<input type="text" id="email" name="email"> Comments:
<input type="text" id="comments" name="comments">
</div>
</div>
<div class="reqs">
<p><b>Before we can make any changes, you MUST include items 1-3 for each submission. For annexations with mileage changes, you MUST include items 1-4. If you only have an annexation with no changes to mileage, item 4 is all you need to submit.</b></p>
<ol>
<li>Copy of a current (scaled) map(s) depicting the roads that need added and/or removed OR a shapefile or file geodatabase. If none of these are available, provide a copy of measurable (Scaled) plats depicting the roads that need added/removed.</li>
<input type="file" id="uploaded_file" name="pic" accept="image/*" required>
<li>Copy of meeting minutes at which a governing body accepted the roads into your system. If unavailable, please provide a letter stating the acceptance of the roads signed by an elected official. An example acceptance letter is available if
needed.</li> <input type="file" name="pic" accept="image/*" required>
<li>A list of each road and its requested mileage.</li> <input id="fileSelect" name="spreadsheet" type="file" accept=".csv, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet, application/vnd.ms-excel" required>
<li>Copy of annexation ordinance(s) establishing the new corporate limits along with a shapefile and/or file geodatabase of the correct corporate limits. If a shapefile is not available provide a drawing of the correct corporate limits on a scaled
map.</li> <input type="file" name="pic" accept="image/*" required>
</ol>
</div>
</fieldset>
</form>
</div>
<input id="submit" type="button" value="Submit"></input>
<!-- <?php
if(isset($_POST['submit'])) {
$emailAddress = '';
require "class.phpmailer.php";
$msg = 'Date:'.$_POST['date'].'<br /> County:'.$_POST['county'].'<br /> City/Town Name:'.$_POST['cityname'].'<br /> Name of Office and Title: '.$_POST['officename']. '<br /> Address: '.$_POST['address']. '<br /> City: '.POST['city'], '<br /> State: $_POST['state']. '<br /> ZIP Code: '.POST['zip']. '<br /> Telephone: '.$_POST['phone']. '<br /> Fax: '.$_POST['fax']. '<br /> Email: '.$_POST['email']. '<br /> Comments: '$_POST['comments']. '<br />';
move_uploaded_file($_FILES["uploaded_file"]["tmp_name"], $_FILES["uploaded_file"]["name"]);
$mail = new PHPMailer();
$mail->IsMail();
$mail->AddReplyTo($_POST['email'], $_POST['name']);
$mail->AddAddress($emailAddress);
$mail->SetFrom($_POST['email'], $_POST['name']);
$mail->Subject = "Subject";
$mail->MsgHTML($msg);
$mail->AddAttachment( $_FILES["uploaded_file"]["name"]);
$mail->Send();
echo'<script> window.location="../MCCR.html"; </script> ';
}
?> -->
</body>
</html>
This question already has answers here:
How can I prevent SQL injection in PHP?
(27 answers)
Closed 3 years ago.
i'm setting up my reservation web application and support UTF-8.
I already running PHP 7 and MySQL also Apache 2.In the past i've tried doing registration form and login form and when doing my reservation form seem end up sending echo "failed".
I'm doing php using method object oriented
this is my bookingtest.php
<?php
$php_variable = 'string';
// connection
include ('config.php');
ob_start();
// if button register pressed
if(isset($_POST['book']))
{
$fname = $_POST['fname'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$country = $_POST['country'];
$swimming = $_POST['swimming'];
$date = $_POST['date'];
$numbercus= $_POST['numbercus'];
$suits= $_POST['suits'];
$certificate = $_POST['certificate'];
$guide= $_POST['guide'];
//inserting php form to mysql
$sql_book = "INSERT INTO booking (fname, email, phone, country, swim,
date, num, suits, cert, guide)
VALUES ('$fname', '$email', '$phone', '$country', $swimming, '$date',
'$numbercus', '$suits', '$certificate', '$guide')";
//result
if ($result_book = $conn->query($sql_book))
{
sleep(1);
echo "success";
}
else
{
echo "Failed ! Please check your details !";
}
}
?>
This is my bookinfo.php
<!DOCTYPE html>
<html>
<!-- header -->
<head>
<title>BOOKING INFORMATION | E-Diving</title>
<link href="https://fonts.googleapis.com/css?
family=Bungee+Outline&display=swap" rel="stylesheet">
<link href="https://fonts.googleapis.com/css?
family=Archivo+Narrow&display=swap" rel="stylesheet">
<link href="https://fonts.googleapis.com/css?
family=Patua+One&display=swap" rel="stylesheet">
</head>
<body>
<!-- top bars -->
<ul>
<li>HOME</li>
<li>ABOUT</li>
</ul>
<h1>BOOKING INFORMATION</h1>
<!-- reservation form -->
<form class="field" method="post" action="booktest.php">
<fieldset>
<legend>Personal Details: </legend>
<br>
Name: <input type="text" name="fname" placeholder="Full Name">
<br>
<br>
Email: <input type="text" name="email"
placeholder="example#example.com">
<br>
<br>
Phone:<input type="tel" name="phone" placeholder="012-3456789">
<br>
<br>
<p>Country: <select name="country" required>
<option name="country">MALAYSIA</option>
<option name="country">UNITED STATES</option>
<option name="country">UNITED KINGDOM</option>
</select> </p>
<br>
<p>Do you know Swimming ?</p>
<input type="radio" name="swimming">YES
<br>
<br>
<input type="radio" name="swimming">NO
<br>
<br>
Choose your Date: <input type="date" name="date" min="2019-01-
01">
<br>
<br>
No. Customers: <input type="number" name="numbercus" min="1"
max="100">
<br>
<br>
<p>Do you have swimming suits?</p>
<input type="radio" name="suits">YES<br><br>
<input type="radio" name="suits">NO
<br>
<br>
<p>Level of Certificate :</p>
<input type="radio" name="certificate">Recretional Scuba Diving
Certification Levels.<br>
<br>
<input type="radio" name="certificate">Professional Scuba Diving
Certification Levels.
<br>
<br>
<p>Do you need a guide?</p>
<input type="radio" name="guide">YES<br><br>
<input type="radio" name="guide">NO
<br>
<br>
</fieldset>
<br>
<br>
<input type="submit" name="book" value="Continue...">
</form>
</body>
<!-- style -->
<style>
h1 {
font-family: 'Bungee Outline', cursive;
text-align: center;
margin-top: 20px;
font-size: 70px;
color: #3A506B;
}
body {
height: 110vh;
margin: 0;
padding: 0;
font-family: 'Product', sans-serif;
background-image: linear-gradient(120deg, #6B7FD7, #BCEDF6, #EAF8BF,
#99DDC8, #F9CFF2, #A9FBD7);
}
.field p {
font-size: 19px;
}
.field input[type="radio"],
.field input[type="text"],
.field input[type="number"],
.field input[type="date"] {
font-size: 14px;}
fieldset {
background-color: #A4BAB7;
font-weight: bold;
font-family: 'Archivo Narrow', sans-serif;
color: #533E2D;
font-style: oblique;
font-size: 19px;
border-radius: 20px;
: 16px;}
.field {
margin-right: 10px;}
legend {
text-decoration: underline;
text-align: center;
font-size: 21px;
font-family: 'Patua One', cursive;
}
.field input[type="submit"] {
border: 0;
background: #4C243B;
display: block;
margin: 20px auto;
text-align: center;
border: 3px solid #07FEDE;
padding: 14px 60px;
width: 200px;
outline: none;
color: white;
border-radius: 25px;
transition: 0.6s;
cursor: pointer;
color: cornflowerblue;
font-weight: bolder;
font-family: 'Raleway', sans-serif;
font-size: 15px;
}
.field input[type="submit"]:hover {
background: #DCD6F7;
color: #151E3F;
font-family: 'Raleway', sans-serif;
}
head {
display: flex;
}
ul {
list-style-type: none;
margin: 0;
padding: 0;
overflow: hidden;
background-color: #EDF7F6;
position: fixed;
top: 0;
width: 100%;
position: fixed;
font-weight: lighter;
}
li {
float: left;
}
li a {
display: block;
color: #352208;
text-align: center;
padding: 14px 16px;
text-decoration: none;
font-weight: lighter;
}
li a:hover:not(.active) {
background-color: #FAE8EB;
color: #1F2041;
}
.active {
background-color: #CC7E85;
transition: 1s;
}
</html>
Use execute instead of query and use prepared statement to handle SQL INJECTION.
$sql = "INSERT INTO booking (fname, email, phone, country, swim, date, num, suits, cert, guide) VALUES (?,?,?,?,?,?,?,?,?,?)";
$stmt= $pdo->prepare($sql);
$stmt->execute([$fname, $email, $phone, $country, $swimming, $date, $numbercus, $suits, $certificate, $guide]);
Reference: Insert query using PDO
i want to process my comment that is contain name, email and message to database named "comment" but it cant. i really sure that my database name in phpmyadmin is same as in prosescomment.php. please help
this is my form
<form action="prosescomment.php" method="POST" id="form" >
<div class="success_wrapper">
<div class="success">Contact form submitted!<br>
<strong>We will be in touch soon.</strong> </div>
</div>
<fieldset>
<input type="text" name="nama" placeholder="Name:">
<br class="clear">
<span class="error error-empty">*This is not a valid name.</span><span class="empty error-empty">*This field is required.</span>
<label class="email">
<input type="text" name="email" placeholder="E-mail:">
<br class="clear">
<span class="error error-empty">*This is not a valid email address.</span><span class="empty error-empty">*This field is required.</span> </label>
<label class="message">
<textarea type="text" name="message" placeholder="Message"></textarea>
<br class="clear">
<span class="error">*The message is too short.</span> <span class="empty">*This field is required.</span> </label>
<div class="clear"></div>
<div class="btns"><a data-type="submit" class="link1">Send</a>
<div class="clear"></div>
</div>
</fieldset>
</form>
this is my prosescomment.php
<?php
include "connection.php";
$nama = $_POST['nama'];
$email = $_POST['email'];
$message = $_POST['message'];
$query = "INSERT INTO comment VALUES ('$nama', '$email', '$comment')";
$result = mysql_query($query);
if ($query) {
header("location:index.html");
}
else{
mysql_error();
}
?>
this is my id form
#form {
padding-top: 6px;
}
#form input {
color:#39596e;
border: 1px solid #3c7f9f;
padding: 4px 12px 9px;
background-color: white;
float:left;
font: 13px/18px Arial, Helvetica, sans-serif;
box-sizing: border-box;
-moz-box-sizing: border-box; /*Firefox 1-3*/
-webkit-box-sizing: border-box; /* Safari */
}
#form textarea {
color:#39596e;
height: 170px;
overflow: auto;
background-color: white;
border: 1px solid #3c7f9f;
padding: 12px 12px 9px;
width: 100%;
position: relative;
resize:none;
box-sizing: border-box;
-moz-box-sizing: border-box; /*Firefox 1-3*/
-webkit-box-sizing: border-box; /* Safari */
float:left;
font: 13px/18px Arial, Helvetica, sans-serif;
margin: 0;
}
#form label {
position:relative;
display: block;
min-height: 51px;
width: 185px;
float: left;
}
.email {
padding-top: 10px;
}
#form .error, #form .empty {
color: #FF0000;
display: none;
font-size: 11px;
line-height:14px;
width:auto;
position: absolute;
z-index: 999;
right: 5px;
bottom: 4px;
float:left;
}
#form .message .error, #form .message .empty {
bottom: -16px;
}
#form .error-empty {
display:none;
float:left;
}
.btns {
position:relative;
padding-top: 20px;
text-align: center;
}
.btns a {
display: inline-block;
font-size: 19px;
line-height: 18px;
background-color: #f17c72;
border: 1px solid #b76058;
min-width: 107px;
padding: 5px 10px 6px;
color: #fff;
cursor: pointer;
}
.btns a:hover {
background-color: #c2e8f4;
border-color: #3c7f9f;
color: #39596e;
}
#form .message {
width: 100%;
}
#form .btns span {
display: inline-block;
width: 13px;
}
.message br {
height: 0;
line-height: 0;
}
#form .success {
display: none;
position: absolute;
width: 100%;
color:#39596e;
border: 1px solid #3c7f9f;
background-color: #c2e8f4;
text-align: center;
padding: 20px 10px;
z-index: 999;
box-sizing: border-box;
-moz-box-sizing: border-box; /*Firefox 1-3*/
-webkit-box-sizing: border-box; /* Safari */
}
.success_wrapper {
position: relative;
}
It seems you have a Connection Class or so... however I'd suggest you use Prepared Statements & PDO...
Besides, your SQL might be wrong depending on whether you have a Primary Key (ID) or not.
Here is the route I'd suggest you go:
<?php
include "connection.php";
$nama = htmlspecialchars(trim($_POST['nama'])); //PROTECT AGAINST SQL INJECTION
$email = htmlspecialchars(trim($_POST['email'])); //PROTECT AGAINST SQL INJECTION
$message = htmlspecialchars(trim($_POST['message'])); //PROTECT AGAINST SQL INJECTION
//NOTE: YOU DON'T HAVE THE VARIABLE $comment DEFINED: YOU MUST MEAN $message
$query = "INSERT INTO comment (name, email, message) VALUES ('$nama', '$email', '$message')";
/** I WOULD SUGGEST YOU USE PDO & PREPARED STATEMENTS LIKE SO*/
// $stmt = $dbh->prepare("INSERT INTO comment (name, email, comment) VALUES (:name, :email, :message)");
// $stmt->bindParam(':name', $nama);
// $stmt->bindParam(':email', $email);
// $stmt->bindParam(':message', $message);
$result = mysql_query($query);
// NOT if($query) BUT if($result) BECAUSE $query IS A STRING AND if($query) WILL ALWAYS RETURN TRUE...
if ($result) {
header("location:index.html");
}
else{
mysql_error();
}
?>
I hope this helps a bit...
chage your html and prosescomment.php code with this codes and it will run
<form action="prosescomment.php" method="POST" id="form" >
<div class="success_wrapper">
<div class="success">Contact form submitted!<br>
<strong>We will be in touch soon.</strong> </div>
</div>
<fieldset>
<input type="text" name="nama" placeholder="Name:">
<br class="clear">
<span class="error error-empty">*This is not a valid name.</span><span class="empty error-empty">*This field is required.</span>
<label class="email">
<input type="text" name="email" placeholder="E-mail:">
<br class="clear">
<span class="error error-empty">*This is not a valid email address.</span><span class="empty error-empty">*This field is required.</span> </label>
<label class="message">
<textarea type="text" name="message" placeholder="Message"></textarea>
<br class="clear">
<span class="error">*The message is too short.</span> <span class="empty">*This field is required.</span> </label>
<div class="clear"></div>
<div class="btns"><input type="submit" name="submit" value="send" class="link1"/>
<div class="clear"></div>
</div>
</fieldset>
</form>
<?php
include "connection.php";
if(isset($_POST['submit'])) //
{
$nama = $_POST['nama'];
$email = $_POST['email'];
$message = $_POST['message'];
$query = "INSERT INTO comment VALUES ('$nama', '$email', '$message')";
$result = mysql_query($query);
if ($result) {
header("location:index.html");
}
else{
mysql_error();
}
}
?>
Please replace line of code <a data-type="submit" class="link1">Send</a> to <button class="link1" type="submit" >Send</button> and try your form data will post.
Here i have create a form with login and signup.
When i run our code, it shows undefined variable in message and couldn't store user input values at the back-end.
Here is full code for your reference:
db.php:
<?php
$connection = mysqli_connect('localhost','root','','sign-log') or die(mysqli_error($connection));
?>
index.php(with css):
<?php
include('db.php');
if(isset($_POST['action']))
{
if($_POST['action']=="login")
{
$email = mysqli_real_escape_string($connection,$_POST['email']);
$password = mysqli_real_escape_string($connection,$_POST['password']);
$strSQL = mysqli_query($connection,"select name from users where email='".$email."' and password='".md5($password)."'");
$Results = mysqli_fetch_array($strSQL);
if(count($Results)>=1)
{
$message = $Results['name']." Login Sucessfully!!";
}
else
{
$message = "Invalid email or password!!";
}
}
elseif($_POST['action']=="signup")
{
$name = mysqli_real_escape_string($connection,$_POST['name']);
$email = mysqli_real_escape_string($connection,$_POST['email']);
$password = mysqli_real_escape_string($connection,$_POST['password']);
$query = "SELECT email FROM users where email='".$email."'";
$result = mysqli_query($connection,$query);
$numResults = mysqli_num_rows($result);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) // Validate email address
{
$message = "Invalid email address please type a valid email!!";
}
elseif($numResults>=1)
{
$message = $email." Email already exist!!";
}
else
{
mysql_query("insert into users(name,email,password) values('".$name."','".$email."','".md5($password)."')");
$message = "Signup Sucessfully!!";
}
}
}
echo '<script type="text/javascript" src="jquery-1.8.0.min.js"></script>
<link rel="stylesheet" href="http://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.css" />
<script src="http://code.jquery.com/ui/1.10.3/jquery-ui.js"></script>
<style type="text/css">
input[type=text]
{
border: 1px solid #ccc;
border-radius: 3px;
box-shadow: inset 0 1px 2px rgba(0,0,0,0.1);
width:200px;
min-height: 28px;
padding: 4px 20px 4px 8px;
font-size: 12px;
-moz-transition: all .2s linear;
-webkit-transition: all .2s linear;
transition: all .2s linear;
}
input[type=text]:focus
{
width: 400px;
border-color: #51a7e8;
box-shadow: inset 0 1px 2px rgba(0,0,0,0.1),0 0 5px rgba(81,167,232,0.5);
outline: none;
}
input[type=password]
{
border: 1px solid #ccc;
border-radius: 3px;
box-shadow: inset 0 1px 2px rgba(0,0,0,0.1);
width:200px;
min-height: 28px;
padding: 4px 20px 4px 8px;
font-size: 12px;
-moz-transition: all .2s linear;
-webkit-transition: all .2s linear;
transition: all .2s linear;
}
input[type=password]:focus
{
width: 400px;
border-color: #51a7e8;
box-shadow: inset 0 1px 2px rgba(0,0,0,0.1),0 0 5px rgba(81,167,232,0.5);
outline: none;
}
</style>
<script>
$(function() {
$( "#tabs" ).tabs();
});
</script>
</head>
<body>
<b>'.$message.'</b>
<div id="tabs" style="width: 480px;">
<ul>
<li>Login</li>
<li>Signup</li>
</ul>
<div id="tabs-1">
<form action="" method="post">
<p><input id="email" name="email" type="text" placeholder="Email"></p>
<p><input id="password" name="password" type="password" placeholder="Password">
<input name="action" type="hidden" value="login" /></p>
<p><input type="submit" value="Login" /></p>
</form>
</div>
<div id="tabs-2">
<form action="" method="post">
<p><input id="name" name="name" type="text" placeholder="Name"></p>
<p><input id="email" name="email" type="text" placeholder="Email"></p>
<p><input id="password" name="password" type="password" placeholder="Password">
<input name="action" type="hidden" value="signup" /></p>
<p><input type="submit" value="Signup" /></p>
</form>
</div>
</div>';
?>
db.sql:
CREATE TABLE `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(240) NOT NULL,
`email` varchar(240) NOT NULL,
`password` varchar(240) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=3 DEFAULT CHARSET=latin1 AUTO_INCREMENT=3 ;
How to store input values at the back-end and how to fix undefined variable in message.
Can anyone help me?
I can't seem to get the point accross in a comment, so here is more complete explanation: You are mixing mysqli_* functions with the deprecated mysql_* functions. This is unrelated to the undefined variable warning you get.
The problem is here:
else
{
mysql_query("insert into users(name,email,password) values('".$name."','".$email."','".md5($password)."')");
// ^^^^^^^^^^^ not good
$message = "Signup Sucessfully!!";
}
mysqli_* and mysql_* functions are not exchangable like that, you could use both but then you would have to open a database connection for each.
So to solve your problem you need to do the same as in the previous query:
$result = mysqli_query($connection,'insert ......');
the variable $message is inside the body of IF, initialize it before isset like this
$message = '';
if(isset($_POST['action']))
{.....