EDIT: IGNORE ANY SQL INJECTIONS OR VULNERABLE CODE STATEMENTS :D
(School Project).
I wish to create a insert form on my webpage where I can select an artist from a table, including a song from a table and combine them for an insert into a combined foreign key table.
I have managed to do selects and insert with only individual artist and song drop-downs on my web-page, but would wish for combining the two ID's from each table to combine them to a many to many relative table. But when I press the submit button nothing happens, and I'm a beginner and don't know if I'm missing any important bits of actually Posting the information.
For troubleshooting I have tried my code, and tested it. I see if I remove my code theres no problem, so the problem persists on the syntax I believe, as the first dropdown shows, alongside the second dropdown and submit button, but the problem is within the actual processing and SQL query part, where it never goes to the DB..
The problem:
As you can see below I have a the text Song Name appear with a drop-down menu in the bottom left corner including the Artist Name with a submit button. But my problem persists as the select and then insert from the two drop downs into the combined table does not work, it does not actually submit, I want it to post into the DB what can I do. But somethings off? I would appreciate any questions or help, this community is so amazing and wonderful to operate in!
Database
PHP
<form method='POST'>
<?php
include('connect_mysql.php');
if(isset($_POST["mangetilmange"])) {
$song_id = $_POST["song_id"];
$artist_id = $_POST["artist_id"];
$sql ="INSERT INTO artist_has_song (song_id, artist_id) VALUES
('$song_id', '$artist_id')";
if($conn->query($sql)) {
echo "Completed";
} else {
echo "Blablalbablablablablablablabl $sql
($conn->error.";
}
}
?>
Song Name
<?php
$sql = "SELECT * FROM song";
$resultat = $conn->query($sql);
echo "<select name='song_id'>";
while ($rad = $resultat->fetch_assoc()) {
$song_id = $rad["song_id"];
$songname = $rad["songname"];
echo "<option value='$song_id'>$songname</option>";
}
echo "</select>";
?>
Artist Name
<?php
$sql = "SELECT * FROM artist";
$resultat = $conn->query($sql);
echo "<select name='artist_id'>";
while ($rad = $resultat->fetch_assoc()) {
$artist_id = $rad["artist_id"];
$artistname = $rad["artistname"];
echo "<option value='$artist_id'>$artistname</option>";
}
echo "</select>";
?>
</form>
<input type="submit" name="mangetilmange" value ="Submit">
change you code to this:
<form method='POST'>
<?php
include('connect_mysql.php');
if(isset($_POST["mangetilmange"])) {
$song_id = $_POST["song_id"];
$artist_id = $_POST["artist_id"];
$sql ="INSERT INTO artist_has_song (song_id, artist_id) VALUES
('$song_id', '$artist_id')";
if($conn->query($sql)) {
echo "Completed";
} else {
echo "Blablalbablablablablablablabl";
}
}
?>
Song Name
<?php
$sql = "SELECT * FROM song";
$resultat = $conn->query($sql);
echo "<select name='song_id'>";
while ($rad = $resultat->fetch_assoc()) {
$song_id = $rad["song_id"];
$songname = $rad["songname"];
echo "<option value='$song_id'>$songname</option>";
}
echo "</select>";
?>
Artist Name
<?php
$sql = "SELECT * FROM artist";
$resultat = $conn->query($sql);
echo "<select name='artist_id'>";
while ($rad = $resultat->fetch_assoc()) {
$artist_id = $rad["artist_id"];
$artistname = $rad["artistname"];
echo "<option value='$artist_id'>$artistname</option>";
}
echo "</select>";
?>
<input type="submit" name="mangetilmange" value ="Submit">
</form>
Related
Update: I’m now getting an error telling me that roomID is null and this is why it’s not going into the database. Can you see why it would be null when it should be the option that the user selects in the select box?
I'm working on a hotel booking system as an exercise. I am trying to make a form that will insert a new booking into the database. I have the customer and room IDS in the mySQL database and I have put them into HTML select boxes for the user to select an option.
This works fine until I try to save the new booking to the database. I don't get any errors and it tells me the booking has been saved on my page but if I go into the database it hasn't been saved. I have tried inserting the customerID and roomID values from text boxes so just typing it in instead of the drop down menu and that inserts into the database just fine.
I'm pretty sure the problem is something to do with getting the value out of the select box and into the POST variable but I'm not 100% sure. I've only been coding for 6 months so I don't really know what I'm doing! I've tried to figure it out by looking at other examples on here but nothing seems to work.
Here's my code:
Getting the data to fill the select boxes:
//Locate room names
$query = $query = 'SELECT `roomID` FROM `room`';
$result2 = mysqli_query($DBC,$query);
$rowcount = mysqli_num_rows($result2);
if ($rowcount > 0) {
$row = mysqli_fetch_assoc($result2);}
//Locate customerIDs
$query = $query = 'SELECT `customerID` FROM `customer`';
$result = mysqli_query($DBC,$query);
$rowcount = mysqli_num_rows($result);
if ($rowcount > 0) {
$row = mysqli_fetch_assoc($result);}
Creating Select boxes:
<form method="POST" action="newbooking.php">
<p>
<label for="customerID">Customer ID: </label>
<?php
echo "<select name='customerID'id='customerID' input type='number'>";
// output data of each row
while($row = $result->fetch_assoc()) {
echo "<option value='customerIDselect'>" . $row['customerID'] . "</option>";
//customerID
$customerID = cleanInput($_POST['customerIDselect']);
}
echo "</select>";
?>
</p>
<p>
<label for="rooms">Room (name, type, beds): </label>
<?php
echo "<select name='roomID'id='roomID' input type='number'>";
// output data of each row
while($row = $result2->fetch_assoc()) {
echo "<option value='roomIDselect'>" . $row['roomID'] . "</option>";
//roomID
$roomID = cleanInput($_POST['roomIDselect']);
}
echo "</select>";
?>
</p>
Inserting data into database:
//save the customer data if the error flag is still clear
if ($error == 0) {
$query = 'INSERT INTO `bookings` (`customerID`,`roomID`,`checkin`,`checkout`, `extras`) VALUES (?,?,?,?,?)';
$stmt = mysqli_prepare($DBC,$query); //prepare the query
mysqli_stmt_bind_param($stmt,'sssss', $customerID, $roomID, $checkin, $checkout, $extras);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
echo "<h2>booking saved</h2>";
} else {
echo "<h2>$msg</h2>".PHP_EOL;
}
I need to enter scores for all subjects offered by all students in a class simultaneously. So I retrieved the students ID, retrieved the list of subjects being offered by the students, and placed a textbox under each subject.
Now, I want to submit the score in the database as well as the subject name and the student ID, but the score is not storing, just the subject name and the student ID.
Here is my code:
<form method="post">
<?php
include "includes/dbcon.php";
$subject_name ="";
echo "<table border='1'><thead><tr><td>Students Name</td>";
$query_subjects = mysqli_query($link,"SELECT * FROM junior_subjects ORDER BY subject_name ASC");
while ($row_subject=mysqli_fetch_array($query_subjects))
{
$subject_name .= $row_subject['subject_name'];
echo "<td>".$row_subject['subject_name']."</td>";
}
echo "</tr></thead>";
$query_students = mysqli_query($link,"SELECT * FROM students WHERE class_cat='Junior'");
while ($row_students=mysqli_fetch_array($query_students))
{
$student_id = $row_students['student_id'];
echo "<tr><td>".$row_students['student_id']."</td>";
$query_subjects2 = mysqli_query($link,"SELECT * FROM junior_subjects ORDER BY subject_name ASC");
while ($row_subject2 =mysqli_fetch_array($query_subjects2))
{
$subject_name2 =$row_subject2['subject_name'];
echo "<td>
<input type='text' hidden name='$subject_name2'>
<input type='text' size='4' name='$subject_name2'>
</td>";
/////
if (isset($_POST['submit']))
{
$score = $_POST[$subject_name2];
mysqli_query($link,"INSERT INTO score_sheet(student_id,subject_name,score) VALUES('$student_id','$subject_name2','$score') ");
}
}
}
?>
<input type='submit' name='submit'>
</form>
You should have the input score as array and make a foreach loop to insert the query.
You should have the input field like this
And do a foreach loop like this
$score = $_POST['score'];
foreach ($score as $key)
{
$query = "INSERT INTO score_sheet(student_id,subject_name,score) VALUES('$student_id','$subject_name2','$key') ";
$query = mysqli_query($link,$query);
}
Note :
You should not have have two forms inside it.
I have made an eval for you
Warning :
It is not at all a good practise to have such a bulk entry.
I'm having a hard time figuring this out..
I have two tables "teacher_info" and "section_info".
In my forms I included all the attributes in my section_info table except I used teacher name instead of teacher id for easy selection which is a dropdownlist of teacher's name, this is my code
<?php
include("anhsis.php");
mysqli_select_db($con,"anhsis");
$result= mysqli_query($con,"SELECT t_lname,t_fname FROM teacher_info");
echo"<select name='adviser' class='form-control' required>";
echo"<option value='0'>--Select Adviser--</option>";
while ($row=mysqli_fetch_array($result)) {
echo "<option value='".$row['t_lname']."".$row['t_fname']."'>".$row['t_lname'].", ".$row['t_fname']."</option>";
}
echo'</select>'
?>
and heres my php code to insert data in "section_info"
<?php
include_once('anhsis.php');
$room_id = $_POST['room_id'];
$section = $_POST['section'];
$adviser = $_POST['teacher_id'];
$level = $_POST['level'];
$curriculum = $_POST['curriculum'];
mysqli_select_db($con,"anhsis");
$result= mysqli_query($con,"SELECT * FROM section_info WHERE room_id= '$room_id'");
if (mysqli_num_rows($result)>0){
echo '<script type="text/javascript">';
echo 'alert("TIN No already exist!")';
echo '</script>';
}
else{
mysqli_query($con,"INSERT INTO section_info VALUES('$room_id','$section','$adviser','$level','$curriculum')");
}
?>
my problem is that in my section_info theres no attribute of teacher's name, instead it has teacher_id. So how am I going to insert teacher_id from the "teacher_info" table to the "section_info" table by just selecting the teacher's name in my dropdownlist. Or is it possible?
Thanks!
$result= mysqli_query($con,"SELECT t_lname,t_fname,teacher_id FROM teacher_info");
echo "<select name='adviser' class='form-control' required>";
echo "<option value='0'>--Select Adviser--</option>";
while ($row=mysqli_fetch_array($result)) {
echo "<option value='".$row['teacher_id']."'>".$row['t_lname'].", ".$row['t_fname']."</option>";
}
This way you will have teacher_id value in $adviser variable, ready to use.
I am trying to create two dropdown menus, that will enable a selected user to be added to a selected team and submitted.
There are 3 tables users, teams and teammembers. Teammembers has 2 columns for the ID's of users and teams.
I have created some code, that selects the names and id's for both teams and users in the dropdown menu. The first problem I am encountering is only the names are showing and not the id's within the dropdown box.
Secondly, when submitting the form data is inputted into the teammembers table but both as 0 and 0 rather than the users id and team id submitted.
Does anyone know where i've gone wrong?
// cpanel-addplayer.php
<link href="default.css" rel="stylesheet" type="text/css" />
<form method="post" action="cpanel_addplayerprocessing.php">
<?
session_start();
include('../utils/dbc.php');
error_reporting(-1);
echo 'Players';
$sql = "SELECT ID, user_name FROM users";
$result = mysql_query($sql);
echo "<select name='user_name'>";
while ($row = mysql_fetch_array($result)) {
echo'<option value="'.$row['ID'].'">'.$row['user_name'].'</option>';
}
echo "</select>";
?>
<?php
echo 'Teams';
$sql = "SELECT ID, name FROM teams";
$result = mysql_query($sql);
echo "<select name='teams'>";
while ($row = mysql_fetch_array($result)) {
echo "<option value='" . $row['ID'] ."'>" . $row['name'] ."</option>";
$teamid = $row['ID'];
}
echo "</select>";
?>
<input type="submit" name="submit" value="Submit">
</form>
// cpanel-addplayerprocessing.php
<?php
error_reporting(-1);
session_start();
include('../utils/dbc.php');
// escape variables for security
a
$sql="INSERT INTO teammembers (userid, teamid)
VALUES ('$userid', '$teamid')";
$result = mysql_query($sql);
if($result){
header('Location: ../thankyou.php');
}
else {
echo "ERROR";
}
mysql_close();
?>
Thanks for your help!
Use PHP concatanation to generate the SQL query
$sql="INSERT INTO teammembers (userid, teamid) VALUES ('".$userid."', '".$teamid."')";
and also print the sql before execute it and try to run the printed SQL directly in phpMyAdmin.
echo $sql;
exit;
Also check the table columns if there is space after or before the column names.
Just like the title says i'm having difficulties in achieving it.
Here's my dropdownlist:
<?php
$query = "SELECT data, rel_id FROM $tbl_rel_balansas INNER JOIN $tbl_balansas ON $tbl_rel_balansas.rel_id = $tbl_balansas.id WHERE $tbl_rel_balansas.member_id = '$_SESSION[id]' group by data";
$result = mysql_query ($query);
echo "<select name=data value=''>Data</option>";
while($nt=mysql_fetch_array($result)){
echo "<option value=$nt[data] name=\"blabla\">$nt[data]</option>";
}
echo "</select>";
?>
Here's the buttonclick:
<?php
if(isset($_POST['Submit']))
{
$query = "SELECT SUM(suma), paskirtis FROM $tbl_rel_balansas INNER JOIN $tbl_balansas ON $tbl_rel_balansas.rel_id = $tbl_balansas.id WHERE $tbl_rel_balansas.member_id = '$_SESSION[id]' AND data ='".$_POST['data']."' group by paskirtis";
$result = mysql_query ($query);
echo "<tr><td>Paskirtis:</td><td>Biudzetas:</td><td>Isleista:</td><td>Likutis:</td></tr>";
while($nt=mysql_fetch_array($result)){
if($nt['SUM(suma)'] != null){
$suma = $nt['SUM(suma)'];
}
echo "<tr><td>$nt[paskirtis]</td>
<td><input type=\"text\" name=\"isleista[]\" value=\"Skiriamų pinigų kiekis...\" method=\"post\"></td><td>".$suma." Lt</td><td>--</td></tr> <br>";
}
}
?>
After I press it, it retrieves the data I want from the date I've chosen from the drop down list and also reset whole drop down list showing the first value of the dates from sql database, not the one I selected. If anyone knows how to keep the selected value in the list any help is greatly appriciated!
Try this, you need to place select="selected" in the while loop. See below code how I placed the $selected
<?php
$query = "SELECT data, rel_id FROM $tbl_rel_balansas INNER JOIN $tbl_balansas ON $tbl_rel_balansas.rel_id = $tbl_balansas.id WHERE $tbl_rel_balansas.member_id = '$_SESSION[id]' group by data";
$result = mysql_query ($query);
echo "<select name=data value=''>Data</option>";
while($nt=mysql_fetch_array($result)){
$selected = ($_POST['blabla'] == $nt[data])?'selected="selected"':NULL;
echo "<option value=$nt[data] name=\"blabla\" $selected >$nt[data]</option>";
}
echo "</select>";
?>