I have a piece of code which inserts user's input into a database:
Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("DB status: connection failed: " . $conn->connect_error);
} else {
echo "DB status: connected";
}
?>
<html>
<h1>Add data</h1>
<form method="post">
<p>Name: <input type="text" name="name"></p>
<p>Goals scored in:</p>
<p>14/15 <input type="text" name="14"></p>
<p>15/16 <input type="text" name="15"></p>
<p>16/17 <input type="text" name="16"></p>
<p>17/18 <input type="text" name="17"></p>
<button type="submit" name="save">save</button>
</form>
<?php
$sql = "INSERT INTO `goals` (`Name`, `14/15`, `15/16`, `16/17`, `17/18`) VALUES ('".$_POST["name"]."', '".$_POST["14"]."', '".$_POST["15"]."', '".$_POST["16"]."', '".$_POST["17"]."')";
$result = mysqli_query($conn,$sql);
?>
The problem is that when I load the page for the first time, it already sends 0's to the database. How can I prevent this from happening?
Thanks a lot for helping!
add an action to your form and use that to send the sql query. You should probably also be using form validation requiring some fields like name to be filled out.
<p>Name: <input type="text" name="name" required></p>
Calling a particular PHP function on form submit
Add this piece of code at the beginning to fix the issue:
if (isset($_POST['submit']))
{
}
Related
I've small php project to list Covid-Test Labs, When you press the Update button for one of the records in the list of records, the data modification window opens, and when you enter it, the entries of other records are updated with the same information
How to solve this issue ?
<!-- Update Form -->
<form style = "font-size : 30px">
<input type="text" id="lab_name" class="fadeIn second" name="lab_name" placeholder="Laboratory Name" required>
<input type="text" id="test_price" class="fadeIn second" name="test_price" placeholder="Test Price" required>
<input type="text" id="lat" class="fadeIn second" name="lat" placeholder="Lat" required>
<input type="text" id="lon" class="fadeIn second" name="lon" placeholder="Lon" required>
<div class="dropdown">
<select name="lab_city" class="dropdown" required>
<option value="">--- Select City---</option>
<option value="Khartoum">Dubai</option>
<option value="Bahri">Bahri</option>
<option value="Omdurman">Paris</option>
</select>
<input type="file" name="image" id="image" required>
</div>
<input type="submit" id="submit" class="fadeIn fourth" value="Update">
</div>
</div>
</form>
<section>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "covidsd";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$lab_id = $_GET['lab_id'];
$lab_name= mysqli_real_escape_string($link, $_REQUEST['lab_name']);
$lab_city = mysqli_real_escape_string($link, $_REQUEST['lab_city']);
$test_price= mysqli_real_escape_string($link, $_REQUEST['test_price']);
$lat= mysqli_real_escape_string($link, $_REQUEST['lat']);
$lon= mysqli_real_escape_string($link, $_REQUEST['lon']);
$image= mysqli_real_escape_string($link, $_REQUEST['image']);
//$ServerURL = "http://192.168.43.236/AndroidUploadImage/$ImagePath";
$sql = "UPDATE laboratories SET lab_name ='$lab_name',lab_city ='$lab_city', test_price= '$test_price', lat='$lat', lon= '$lon', image= '$image' ". "WHERE lab_id='$lab_id' ";
if(mysqli_query($link, $sql)){
$message = "Laboratory has been updated successfully";
echo "<script type='text/javascript'>alert('$message');</script>";
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
// close connection
mysqli_close($link);
?>
I tried many solutions but not working
Each record in your table must have a unique id field. You will retrieve this field when loading your list. When modifying a record, you will send that id field again to PHP. Inside PHP you will use it in your SQL WHERE IdField=$ID.
You are using variable $lab_id In your PHP code $lab_id = $_GET['lab_id']; and this means that you have an input on your form with name lab_id. I can't see that input it in your HTML so you need to add it like that :
<form style = "font-size : 30px">
<input type="hidden" id="lab_id" name="lab_id" Value = "$lab_id">
<input type="text" id="lab_name" class="fadeIn second" name="lab_name" placeholder="Laboratory Name" required>
...............
...............
</form>
In your PHP code you must decide what kind of request you will accept either POST or GET. Now you are using a mix of $_GET and $_REQUEST. If you are modifying or inserting data, it will better to use $_POST. Getting variables is PHP code will looks like :
$lab_id = $_POST['lab_id'];
$lab_name= mysqli_real_escape_string($link, $_POST['lab_name']);
If you are using a framework which do the request, you can check it to make sure if it is sending lab_id, if it sends lab_id you will not need it inside form. You may also adjust the request type in your framework if you are using a one.
I want to go from a HTML form to a SQL database using PHP.
Here is my current code:
PHP:
if(isset($_POST['submitIpG']))
{
$conn = mysqli_connect($servername, $username, $password, $dbname);
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sql = "INSERT INTO GmodServers (ipaddress)
VALUES ($_POST['submitIpG'])";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
echo "<br />\n";
}
As you can see it's hard coded with a specific IP. However, I want it to use an IP from the user input in my form.
HTML:
<form method="post">
<input type="value" name="submitIpG" value=""/>
<input type="submit" name="submitIpG" value="ADD"/>
</form>
How do I do this? I've tried things such as:
$sql = "INSERT INTO GmodServers (ipaddress)
VALUES ('$_POST['submitIpB']')";
Without success.
Thanks!
You should set the action php script in form html also your inputs should be like
<form method="post" action="your_php_file.php">
<input type="text" name="submitIpG" placeholder="the ip input"/>
<input type="submit" name="submit" value="ADD"/>
</form>
and your_php_file.php should be like
$sql = "INSERT INTO GmodServers (ipaddress)
VALUES ('$_POST['submitIpG']')";
But the most important part is DO NOT USE sql queries like that. Please consider using prepared statement.
There is a good and simple example at w3school. this is the link you may want. https://www.w3schools.com/php/php_mysql_prepared_statements.asp
I am new to programing. I have one form to create Groups. It has two text fields Code Id and Code description. After submitting it showed me that the Code Id which i entered is already exist and if not it add one record in MySQL table. What I want that when I leave the Id text field at the same time with onchange event and Ajax to search table and alert if the Id already exit and at the same time fill name text box with description of that Code Id. How to do that? My code is
HTML file
...
</style>
<body>
<H1>Create Grup</h1>
<br>
<form action="creategrup.php" method="post">
<p>
<label for="codigo">Grup Id:</label>
<input type="text" required="required" autofocus="autofocus"
maxlength="4" name="codigo" id="codigo">
</p>
<p>
<label for="nombre">Grupo description:</label>
<input type="text" required="required" name="nombre" id="nombre"">
</p>
<input type="submit" value="Submit">
</form>
</body>
</html>
And PHP is
<?php
include 'connectdb.php';
$nombre=$_POST['nombre'];
$codigo=$_POST['codigo'];
$sql = "select codigogrupo,nombregrupo from grupo where
codigogrupo='$codigo'";
$query = mysqli_query($conn, $sql);
if (mysqli_num_rows($query) >0) {
echo "<p><h1><b>Grup Id $codigo allready exist....</h1></b></p><br>";
echo "<a href='creategrup.html'>Go Back</a>";
}
else {
mysqli_query($conn, "insert into grupo(codigogrupo,nombregrupo)
values('$codigo','$nombre')");
if(mysqli_affected_rows($conn)>0){
echo "<p><h1><b>Grup $nombre added</h1></b></p>";
echo "<a href='creategrup.html'>Go Back</a>";
} else {
echo "Grup not added<br>";
echo mysqli_error ($conn);
}
}
?>
Connectdb.php
<?php
$servername = "server name";
$username = "user name";
$password = "password";
$dbname = "database";
// Create connection
$conn = mysqli_connect($servername, $username, $password,$dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
// echo "Connected successfully";
?>
Please help me.
You are getting already exist message so that may be confirm that there is another data with same id. For further assistance please knock me
I'm trying to add a string to my database, where I have two columns: "id" and "image". The "id" column is supposed to increment and the "image" column should get a string. This is my phpcode:
<?php
$servername = "somename";
$username = "someusername";
$password = "somepssword";
$dbname = "somedatabase";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$image = $_POST["image"];
$sql = "INSERT INTO photos (image) VALUES ('$image')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
the html form:
the html form:
<body>
<form method="post" action="phpcode.php">
<input type="text" name="message" size="55">
<input type="submit"name="submit" value="Send">
</form>
</body>
</html>
I use this app to send a post to the server: https://www.getpostman.com/ yet for some reason it only increments a value id and doesn't receive anything for image like here:
enter image description here
<form method="post" action="phpcode.php">
<input type="text" name="message" size="55">
<input type="submit"name="submit" value="Send">
</form>
As suspected, your name attribute field is wrong as it does not correspond to what you are trying to post .
Change to
<form method="post" action="phpcode.php">
<input type="text" name="image" size="55">
<input type="submit"name="submit" value="Send">
</form>
When submitting forms, PHP reads from your "name" attribute on your form. That is what you are posting to your controller file.
Hello guys i need some help.I connected to database from server and can insert some info like $sql = "INSERT INTO Posts (Text_Post) VALUES ('Sample Text')";. Now I want to save on click text from <input type="text" /> to database. Can you tell me what i am doing wrong.
<?php
$servername = "google.com";
$username = "google";
$password = "google";
$dbname = "google";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if(isset($_POST['Submit'])) {
$sql = "INSERT INTO Posts (Text_Post) VALUES ('".$_POST['text']."')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
}
?>
<!DOCTYPE html>
<html>
<head>
<title>anonim</title>
</head>
<body>
<form name="form" action="" method="post">
<input type="text" name="text" id="text" value="Salut" /=>
<input type="submit" id="Submit" />
</form>
</body>
</html>
You're missing the name tag on your submit. When data is POST'ed to the server, it uses the name tag.
<input type="submit" id="submit" name="Submit">
Remember to watch your Capitals also - (since you're checking if Submit is SET then you need to POST the submit).
You could just do:
if(isset($_POST['text'])) {
Also, going off the comments: I'd suggest taking a look at this link because you're prone to SQL Injections.
when we are going to post a form using POST or GET. we should always give name to all our fieds so we get get them just using $_POST['name'] or $_GET['name']. In Your case just give a name to your submit tag and check whether data is submitted or not.
replace
<input type="submit" id="Submit" />
with
<input type="submit" id="submit" name="submit">
and check it like
if(isset($_POST['submit'])) {// it will only check where form is posted or not
// your code...
}