The form is meant to capture a new user and store user data in the database, except that it does not store any data though the form still returns a successful message.
Form page:
<?php
$servername = "*****";
$username = "*****";
$password = "*****";
$database = "*****";
// Create connection
$conn = new mysqli($servername, $username, $password, $database);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
?>
<div class="row">
<div class="col-xs-12">
<section class="panel">
<header class="panel-heading">
<h2 class="panel-title">Laai Nuwe Lid</h2>
</header>
<div class="panel-body">
<form class="form-horizontal form-bordered" action=""
method="post">
<p><strong>ID:</strong> Nuwe lid</p>
<div class="form-group">
<label class="col-md-3 control-label"
for="FirstName">Naam:</label>
<div class="col-md-6">
<input type="text" class="form-control"
name="FirstName" id="FirstName" value="<?php echo $firstname; ?>">
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label"
for="LastName">Van:</label>
<div class="col-md-6">
<input type="text" class="form-control"
name="LastName" id="LastName" value="<?php echo $lastname; ?>"'>
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label"
for="Cell">Selfoon:</label>
<div class="col-md-6">
<input type="text" class="form-control"
name="Cell" id="Cell" value="<?php echo $cell; ?>">
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label"
for="Address">Addres:</label>
<div class="col-md-6">
<input type="text" class="form-control"
name="Address" id="Address" value="<?php echo $adress; ?>">
</div>
</div>
<div class="row">
<div class="col-sm-9 col-sm-offset-3">
<button value="submit" type="submit"
name="submit" class="btn btn-primary">Stoor nuwe lid</button>
<button type="reset" class="btn btn-
default">Kanselleer</button>
</div>
</div>
</form>
</div>
</section>
</div>
</div>
<?php
// check if the form has been submitted. If it has, start to process the
form and save it to the database
if (isset($_POST['submit'])) {
// get form data, making sure it is valid
$firstname =
mysql_real_escape_string(htmlspecialchars($_POST['firstname']));
$lastname =
mysql_real_escape_string(htmlspecialchars($_POST['lastname']));
$cell = mysql_real_escape_string(htmlspecialchars($_POST['cell']));
$address = mysql_real_escape_string(htmlspecialchars($_POST['address']));
$sql = "INSERT INTO `tblusers` (FirstName, LastName, Cell, Address) VALUES
('$firstname','$lastname', '$cell','$address')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
// once saved, redirect back to the view page
header("Location: index.php");
}
?>
I am not sure if the problem is with PHP or the SQL code as I get no error messages.
The database connects fine. The query works in mysql directly, but when I combine the PHP with the HTML form it stores blank rows.
The code does not work because when you tried to comment out the validation part 'if condition' you forgot to comment out its 'else condition'.
I am talking about this line:
//if ($firstname == '' || $lastname == '' || $cell == '' || $address == '') {
The reason it was not working is because the variables were not the same, PHP is case sensitive. E.G lastname while HTML was LastName.
$firstname =
mysql_real_escape_string(htmlspecialchars($_REQUEST['FirstNameirstname']));
$lastname = mysql_real_escape_string(htmlspecialchars($_REQUEST['LastName']));
$cell = mysql_real_escape_string(htmlspecialchars($_REQUEST['Cell']));
$address = mysql_real_escape_string(htmlspecialchars($_REQUEST['Address']));
Kindly use the following function :
$con->mysqli_real_escape_string ( $_POST['...'])
in place of
mysql_real_escape_string(htmlspecialchars($_POST['...']))
Related
I am making a simple PHP login with POST. However, every time I load the page, the function gets fired before I even hit submit on the html form. I have tried the method below and isset($_POST['submit']) but both ways are firing every single time I load the page. How do I stop this from occuring? Thank you.
//PHP CODE ABOVE HTML
<?php
$serverName = "localhost";
$dBUserame = "blake";
$dBPassword = "password";
$dBName = "database";
session_start();
$conn = mysqli_connect($serverName, $dBUserame, $dBPassword, $dBName);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$email = mysqli_real_escape_string($conn, $_POST['email']);
$password = mysqli_real_escape_string($conn ,$_POST['password']);
$sql = "SELECT * FROM users WHERE email = '$email' AND password = '$password'";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
$_SESSION['useremail'] = $email;
header('Location: https://allevohealth.com/admin/newsletter/contacts.php');
// output data of each row
while ($row = $result->fetch_assoc()) {
$_SESSION['name'] = $row["fullname"];
$_SESSION['email'] = $row["email"];
$_SESSION['useridid'] = $row["id"];
echo "<br> Full Name: ". $row["fullname"]. " - Email: ". $row["email"]. " " . $row["passsword"] . "<br>";
}
} else {
echo "0 results";
}
$conn->close();
}
?>
//HTML CODE BELOW PHP
<div class="col-lg-12 row justify-content-center">
<div class="col-lg-4 col-md-8 col-sm-9 mb-5">
<div class="p-5" style="border-radius: 20px !important; background-color: #161621">
<form id="myform" method="post">
<h2 class="h4 text-white mb-5">ACCOUNT LOGIN</h2>
<div class="row form-group">
<div class="col-md-9">
<label class="text-white" for="email">EMAIL</label>
<input type="email" id="input-email" name="email" class="form-control rounded-0">
<p id="result" style="padding-top: 2%; font-weight: bold;"></p>
</div>
</div>
<div class="row form-group">
<div class="col-md-7 mb-3 mb-md-0">
<label class="text-white" for="password">PASSWORD</label>
<input type="password" name="password" id="input-password" class="form-control rounded-0">
</div>
</div>
<div class="row form-group">
<div class="col-md-12" style="padding-top: 5%">
</div>
</div>
<input type="submit" name="submit" value="LOGIN" style="width: 150px" class="btn btn-primary mr-4 mb-2">
</form>
</div>
</div>
</div>
Here is my HTML and PHP code that I'm trying to use to write the form into the table.
Once submit is being pressed its loading up the PHP but it is being returned as a blank screen.
Any help would be appreciated to help me move forward from this problem.
Here is the HTML code for the contact section of the page.
</div>
<!-- Contact Info -->
<div class="row">
</div> <!-- information end -->
<!--Contact Form-->
<div class="col-md-8 col-md-offset-2 wow fadeInUp" data-wow-delay="1s">
<form class="col-md-12 contact-form" method="POST" action="beerewarded.php">
<div class="row">
<!--Name-->
<!--Email-->
<div class="col-md-8">
<input id="Email_Address" name="Email_Address" class="form-inp requie" type="text" placeholder="Email">
</div>
<div class="col-md-8">
<input id="First_Name" name="First_Name" class="form-inp requie" type="text" placeholder="First Name">
</div>
<div class="col-md-8">
<input id="Last_Name" name="Last_Name" class="form-inp requie" type="text" placeholder="Last Name">
</div>
<div class="col-md-8">
<input id="Phone_Number" name="Phone_Number" class="form-inp requie" type="text" placeholder="Phone Number">
</div>
<div class="col-md-8">
<input id="Birthday" name="Birthday" class="form-inp requie" type="date" placeholder="Birthday ">
</div>
<div class="col-md-12">
<input id="con_submit" class="site-button" type="submit">
</div>
</div>
</form>
</div> <!-- contact form end -->
Here is the PHP section of the file.
<?php
$servername = "localhost";
$username = "beeskneesbars_com";
$password = "123456";
$dbname = "beeskneesbars_com";
// Create connection
$conn = new mysqli($servername, $username, $password);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if(isset($_POST['insert'])) {
$Email_Address = $_POST['Email_Address'];
$First_Name = $_POST['First_Name'];
$Last_Name = $_POST['Last_Name'];
$Phone_Number = $_POST['Phone_Numebr'];
$Birthday = $_POST['Birthday'];
$insert_data = mysql_query('INSERT INTO Bee_Rewarded VALUES("$Email_Address", "$First_Name","$Last_Name","$Phone_Number","$Birthday",)');
echo "Data are successfully save..."; }
?>
Keeping in mind, you have already added the name attribute for your submit button, please update your code in php file to execute an sql query to this:
$sql = "INSERT INTO Bee_Rewarded VALUES('$Email_Address','$First_Name','$Last_Name','$Phone_Number','$Birthday') ";
$insert_data = mysql_query($conn,$sql);
if($insert_data)
{
echo 'Data Added Successfuly';
}
else
{
echo 'Error In Adding Data';
}
I'm having a small college project about discussion room service. I'm stuck at updating the database of the rooms.
I already used mysqli_error() function, and that didn't return any error, I wonder why.
Here's my form code:
<?php
//Tahap 1. Buat koneksi Database
$host = "localhost";
$user = "root";
$pass = "";
$name = "pinjamruang";
$koneksi = mysqli_connect($host, $user, $pass, $name);
//Periksa apakah koneksi berhasil
if(mysqli_connect_errno()){
echo "Error: ";
echo mysqli_connect_error();
echo "<br /> Error Code: ";
echo mysqli_connect_errno();
die();
}
$sql = "SELECT * FROM ruangan";
$keranjang = mysqli_query($koneksi, $sql);
$row = mysqli_fetch_assoc($keranjang);
?>
<h1 class="page-header">Edit Karyawan</h1><br>
<form class="form-horizontal" action="process/process-ruangan-edit.php" method="post" enctype="multipart/form-data">
<div class="form-group">
<label for="inputKodeRuangan" class="col-sm-2 control-label">Kode Ruangan</label>
<div class="col-sm-10">
<input type="text" name="kode" class="form-control" id="inputKodeRuangan" value="<?php echo $row['kode'];?>" placeholder="Kode Ruangan">
</div>
</div>
<div class="form-group">
<label for="inputJumlahMeja" class="col-sm-2 control-label">Jumlah Meja</label>
<div class="col-sm-10">
<input type="number" name="meja" class="form-control" id="inputJumlahMeja" value="<?php echo $row['meja'];?>"placeholder="Jumlah Meja">
</div>
</div>
<div class="form-group">
<label for="inputJumlahKursi" class="col-sm-2 control-label">Jumlah Kursi</label>
<div class="col-sm-10">
<input type="number" name="kursi" class="form-control" id="inputJumlahKursi" value="<?php echo $row['kursi'];?>"placeholder="Jumlah Kursi">
</div>
</div>
<div class="form-group">
<label for="inputStatus" class="col-sm-2 control-label">Status</label>
<div class="col-sm-10">
<select name="status" class="form-control" id="inputStatus">
<option value="available">Tersedia</option>
<option value="unavailable">Tidak Tersedia</option>
</select>
</div>
</div>
<div class="form-group">
<label for="inputNote" class="col-sm-2 control-label">Catatan Khusus</label>
<div class="col-sm-10">
<input type="text" name="note" class="form-control" id="inputNote" value="<?php echo $row['note'];?>"placeholder="Catatan Khusus">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<input type="hidden" name="id" value="<?php echo $row2['id']; ?>" />
<button type="submit" class="btn btn-primary">Update</button>
</div>
</div>
</form>
And here's my process code:
<?php
// Tahap 1. Buat koneksi database
$host = "localhost";
$user = "root";
$pass = "";
$name = "pinjamruang";
$koneksi = mysqli_connect($host, $user, $pass, $name);
//Periksa apakah koneksi berhasil
if(mysqli_connect_errno()){
echo "Error: ";
echo mysqli_connect_error();
echo "<br />Error Code: ";
echo mysqli_connect_errno();
die();
}
//Tahap 2. Lakukan Query SQL
// Dapatkan data dari form dan dibersihkan
$kode = mysqli_real_escape_string($koneksi, $_POST['kode']);
$meja = mysqli_real_escape_string($koneksi, $_POST['meja']);
$kursi = mysqli_real_escape_string($koneksi, $_POST['kursi']);
$status = mysqli_real_escape_string($koneksi, $_POST['status']);
$note = mysqli_real_escape_string($koneksi, $_POST['note']);
$sql = "UPDATE ruangan
SET kode = '$kode',
kursi = $kursi,
meja = $meja,
status = '$status',
note = '$note'
WHERE id = $_POST[id]";
mysqli_query($koneksi,$sql);
echo mysqli_error($koneksi);
//header('Location: ../index.php?page=ruangan');
?>
Any help would be much appreciated, I'm still really new at PHP and basically programming so, thanks a lot!
In your form code you are referencing $row2 which hasn't been defined yet.
<input type="hidden" name="id" value="<?php echo $row2['id']; ?>" />
You should change it to
<input type="hidden" name="id" value="<?php echo $row['id']; ?>" />
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 6 years ago.
I am trying to make a simple appeal form that the data gets posted to a SQL database. But when i submit, either nothing happens, or blank data gets submitted.
Heres my form:
<form class="form-horizontal" role="form" action="insert.php" method="post">
<div class="form-group">
<label for="user" class="col-sm-2 control-label">
Username:
</label>
<div class="col-sm-10">
<input type="text" class="form-control" name="user" id="user" placeholder="DiscordTag#0000" />
</div>
</div>
<div class="form-group">
<label for="date" class="col-sm-2 control-label">
Date of ban:
</label>
<div class="col-sm-10">
<input type="date" class="form-control" name="date" id="date" placeholder="mm/dd/yy" />
</div>
</div>
<div class="form-group">
<label for="admin" class="col-sm-2 control-label">
Who banned you?
</label>
<div class="col-sm-10">
<input type="text" class="form-control" name="admin" id="admin" />
</div>
</div>
<div class="form-group">
<label for="appeal" class="col-sm-2 control-label">
Appeal:
</label>
<div class="col-sm-10">
<textarea class="form-control" rows="4" name="appeal" id="appeal"></textarea>
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" class="btn btn-default">
Submit
</button>
</div>
</div>
</form>
And here is my insert.php
<html>
<?
error_reporting(E_ALL);
$db_host = 'redacted';
$db_username = 'redacted';
$db_password = 'redacted';
$db_name = 'redacted';
if( $_POST )
{
$conn = mysql_connect( $db_host, $db_username, $db_password);
if (!$conn)
{
die('Could not connect: ' . mysql_error());
} else {
mysql_select_db("redacted");
}
$user = $_POST['user'];
$date = $_POST['date'];
$admin = $_POST['admin'];
$appeal = $_POST['appeal'];
$sql = 'INSERT INTO appeals' . '(user, date, admin, appeal)'
.'VALUES ($user, $date, $admin, $appeal)';
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die('Could not enter data: ' . mysql_error());
}
echo "<h2>Your appeal has been submitted.</h2>";
mysql_close($conn);
}
?>
</html>
How can i make it submit all of the form data directly into my SQL table?
Use "INSERT INTO appeals (user, date, admin, appeal) VALUES ('".$user."', '".$date."', '".$admin."', '".$appeal."')";
And sanitize, because you are asking for an sql injection.
I have been trying to make a form where I can update two fields one field is going be admin_welcomebox and admin_author and I'm trying update it by the id so here go my code
<div class="col-lg-6">
<div class="panel panel-color panel-inverse">
<div class="panel-heading">
<h3 class="panel-title">Welcome Box Update</h3>
</div>
<?php
if(isset($_POST["submit"])){
$servername = "localhost";
$username = "trres";
$password = "sss";
$dbname = "txxxs";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "UPDATE admin_news SET welcomebox = '{$admin_news}' SET author = {$admin_author} id='{$id}'";
if ($conn->query($sql) === TRUE) {
echo "<h4 class='bg-success'>You have updated admin welcome box.</h4>";
} else {
echo "<script type= 'text/javascript'>alert('Error: " . $sql . "<br>" . $conn->error."');</script>";
}
$conn->close();
}
?>
<div class="panel-body">
<form method="post" action="">
<div class="form-group">
<label for="welcomebox">Welcome Box</label>
<textarea type="text" name="welcomebox" id="welcomebox" placeholder="Enter Your Message" class="form-control"></textarea>
</div>
<div class="form-group">
<label for="author">Author Name</label>
<input type="text" name="author" id="author" placeholder="Author Name" class="form-control" / >
</div>
<div class="form-group text-right m-b-0">
<button class="btn btn-primary waves-effect waves-light" type="submit" name="submit" id="submit">
Update Info
</button>
</div>
</form>
</div>
</div>
</div>
When I try update it just refresh the page nothing else.
Your query has invalid syntax. This is wrong:
UPDATE admin_news SET welcomebox = '{$admin_news}' SET author = {$admin_author} id='{$id}'
The right MySQL syntax for UPDATE is
UPDATE admin_news SET welcomebox = 'value', author = 'value' WHERE id='id'
More in the MySQL manual
Moreover, where do you define $admin_news, $admin_author and $id? I do not see any variable definition in your code.
You didn't define $admin_news ,$admin_author and $id as well. define first.
Try this code :-
<div class="col-lg-6">
<div class="panel panel-color panel-inverse">
<div class="panel-heading">
<h3 class="panel-title">Welcome Box Update</h3>
</div>
<?php
if(isset($_POST["submit"])){
$servername = "localhost";
$username = "trres";
$password = "sss";
$dbname = "txxxs";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$id=$_POST['id'];
$admin_news=$_POST['welcomebox'];
$admin_author=$_POST['author'];
$sql = "UPDATE admin_news SET welcomebox = '$admin_news', author = $admin_author where id=$id";
if ($conn->query($sql) === TRUE) {
echo "<h4 class='bg-success'>You have updated admin welcome box.</h4>";
} else {
echo "<script type= 'text/javascript'>alert('Error: " . $sql . "<br>" . $conn->error."');</script>";
}
$conn->close();
}
?>
<div class="panel-body">
<form method="post" action="">
<input type="hidden" name="id" value="<?php echo $id; ?>" /> <!-- put here your id -->
<div class="form-group">
<label for="welcomebox">Welcome Box</label>
<textarea type="text" name="welcomebox" id="welcomebox" placeholder="Enter Your Message" class="form-control"></textarea>
</div>
<div class="form-group">
<label for="author">Author Name</label>
<input type="text" name="author" id="author" placeholder="Author Name" class="form-control" / >
</div>
<div class="form-group text-right m-b-0">
<button class="btn btn-primary waves-effect waves-light" type="submit" name="submit" id="submit">
Update Info
</button>
</div>
</form>
</div>
</div>
</div>