<?php
if(isset($_POST["submit"]))
if (!empty($_FILES["uploadImage"]["name"])) {
//Including dbconfig file.
require 'config.php';
$ImageSavefolder = "images/student/";
move_uploaded_file($_FILES["uploadImage"]["tmp_name"] ,
"$ImageSavefolder".$_FILES["uploadImage"]["name"]);
$name = mysqli_real_escape_string($conn, $_POST['name']);
$fathername = mysqli_real_escape_string($conn, $_POST['fathername']);
$htno = mysqli_real_escape_string($conn, $_POST['htno']);
$phoneno = mysqli_real_escape_string($conn, $_POST['phoneno']);
$department = mysqli_real_escape_string($conn, $_POST['department']);
$class = mysqli_real_escape_string($conn, $_POST['class']);
$address = mysqli_real_escape_string($conn, $_POST['address1']);
$address2 = mysqli_real_escape_string($conn, $_POST['address2']);
$city = mysqli_real_escape_string($conn, $_POST['city']);
$state = mysqli_real_escape_string($conn, $_POST['state']);
$zip = mysqli_real_escape_string($conn, $_POST['zip']);
$sql= "INSERT INTO student_detail(name,fathername,htno,phoneno,department,class,address1,address2,city,state,zip) VALUES ('$name','$fathername','$htno','$phoneno','$department','$class','$address','$address2','$city','$state','$zip','".$_FILES['uploadImage']['name']."')";
if(!mysqli_query($conn,$sql))
{
echo "Not Updated";
}
else
{
echo "<br><div class='alert alert-success' role='alert'>Added Sucessfully !</div>";
}
}
?>
This code is not working for adding the following data into database. Did I do anything wrong? Please help me sort the problem.
I already created database with config.php
Form Data
<form method="post" action="" enctype="multipart/form-data">
<div class="form-row">
<div class="form-group col-md-6">
<label for="name">Name</label>
<input type="text" class="form-control" placeholder="Please Enter Name" name="name">
</div>
<div class="form-group col-md-6">
<label for="fathername">Father's Name</label>
<input type="text" class="form-control" placeholder="Please Enter Father's Name" name="fathername">
</div>
<div class="form-group col-md-6">
<label for="htno">Hall Ticket/ Roll No.</label>
<input type="text" class="form-control" placeholder="Please Enter Hall Ticket/ Roll No." name="htno">
</div>
<div class="form-group col-md-6">
<label for="phoneno">Phone Number</label>
<input type="text" class="form-control" placeholder="Please Enter Phone No." name="phoneno">
</div>
<div class="form-group col-md-6">
<label for="department">Department</label>
<select class="form-control" name="department">
<option selected="selected">Choose your Department</option>
<?php
require('config.php');
$result = mysqli_query($conn,"SELECT * FROM department");
while($test= mysqli_fetch_array($result))
{
echo "<option value='".$test['department_name']."'>".$test['department_name']."</option>";
}
?>
</select>
</div>
<div class="form-group col-md-6">
<label for="class">Class</label>
<select class="form-control" name="class">
<option selected="selected">Choose your Class</option>
<?php
require('config.php');
$result = mysqli_query($conn,"SELECT * FROM class");
while($test= mysqli_fetch_array($result))
{
echo "<option value='".$test['class_name']."'>".$test['class_name']."
</option>";
}
?>
</select>
</div>
</div>
<div class="form-group">
<label for="address">Address</label>
<input type="text" class="form-control" placeholder="House No./Flat No." name="address1">
</div>
<div class="form-group">
<label for="address2">Address 2 (Optional)</label>
<input type="text" class="form-control" placeholder="Locality/Area/Street" name="address2">
</div>
<div class="form-row">
<div class="form-group col-md-6">
<label for="city">City</label>
<input type="text" class="form-control" name="city">
</div>
<div class="form-group col-md-4">
<label for="state">State</label>
<select class="form-control" name="state">
<option selected="selected"name="bihar">bihar</option>
<option>...</option>
</select>
</div>
<div class="form-group col-md-2">
<label for="zip">Zip</label>
<input type="text" class="form-control" name="zip">
</div>
<div class="form-group col-md-6">
<label for="profile">Profile Pic</label><br>
<input type="file" accept="image/*" onchange="loadFile(event)" name="uploadImage" id="uploadImage">
<img id="output" style="width:20%;"/>
<script>
var loadFile = function(event) {
var reader = new FileReader();
reader.onload = function(){
var output = document.getElementById('output');
output.src = reader.result;
};
reader.readAsDataURL(event.target.files[0]);
};
</script>
</div>
</div>
<button type="submit" name="submit" class="btn btn-primary">Submit</button>
</form>
you are trying to insert extra value which is not exist in query see here.
your field
(name,fathername,htno,phoneno,department,class,address1,address2,city,state,zip)
and your values
('$name','$fathername','$htno','$phoneno','$department','$class','$address','$address2','$city','$state','$zip','".$_FILES['uploadImage']['name']."')
you need to do add image field also
your full query
$sql= "INSERT INTO student_detail(name,fathername,htno,phoneno,department,class,address1,address2,city,state,zip,imageFieldName) VALUES ('$name','$fathername','$htno','$phoneno','$department','$class','$address','$address2','$city','$state','$zip','".$_FILES['uploadImage']['name']."')";
<?php
/* dbconnection.php file
$conn = mysqli_connect("localhost","root","12345") or die (mysqli_error());
mysqli_select_db($conn,"student") or die (mysqli_error());
*/
//Including dbconnection file here
include('dbconnection.php');
if(isset($_POST["submit"]))
{
if (!empty($_FILES["uploadImage"]["name"]))
{
$ImageSavefolder = "images/student/";
$name = $_FILES["uploadImage"]["name"];
$tmp_name = $_FILES["uploadImage"]["tmp_name"];
move_uploaded_file(tmp_name, $ImageSavefolder.$name);
$sql = "INSERT INTO students (name,fathername,htno,phoneno,department,class,address1,address2,city,state,zip,image) VALUES ('".$_POST["name"]."','".$_POST["fathername"]."','".$_POST["htno"]."','".$_POST["phoneno"]."','".$_POST["department"]."','".$_POST["class"]."','".$_POST["address1"]."','".$_POST["address2"]."','".$_POST["city"]."','".$_POST["state"]."','".$_POST["zip"]."','".$name."')";
if ($conn->query($sql) === TRUE)
{
echo "<script type= 'text/javascript'>alert('Record Inserted Successfully');</script>";
}
else
{
echo "<script type= 'text/javascript'>alert('Error: " . $sql . "<br>" . $conn->error."');</script>";
}
}
}
?>
Related
I have an autofill current date column in php. It goes to the oracle database further. After the form submission I get the above error.
Here's the code:
<form class="cmxform" action ='functions/processform.php' id="Form1" method="post">
<legend> Add Member</legend>
<label for="addname">Select*</label>
<select class="form-control" name="school" id="school">
<?php
$names = $getnames->getnames();
oci_execute($names, OCI_DEFAULT);
while ($row = oci_fetch_array($names, OCI_ASSOC+OCI_RETURN_NULLS)) {
echo '<option value="' . $row['NAME'] . '">' . $row['NAME']. '</option>';
}
?>
</select>
<div class="form-row">
<div class="form-group col-md-4">
<label for="fName">First Name* </label>
<input type="text" class="form-control" id="fName" name="fName" required>
</div>
<div class="form-group col-md-4">
<label for="mName">Middle Name</label>
<input type="text" class="form-control" id="mName" name="mName">
</div>
<div class="form-group col-md-4">
<label for="lName">Last Name* </label>
<input type="text" class="form-control" id="lName" name="lName" required>
</div>
<div class="form-row">
<input type="radio" id="p" name="paidunpaid" value="p">
<label for="paid">Paid</label><br>
<input type="radio" id="female" name="paidunpaid" value="u">
<label for="unpaid">Unpaid</label><br>
</div>
<div class="form-row">
<div class="form-group">
<label for="date">Date</label>
<input name="date" id="date" required type="text" value="<?php echo date('d/m/Y'); ?>" />
</div>
</div>
<div class="form-row">
<div class="form-group col-md-4">
<label for="Id">Id </label>
<input type="text" class="form-control" id="Id" name="Id">
</div>
</div>
<button class="btn btn-info btn-primary" type="submit">Add Role</button>
processform.php
$fName = filter_input(INPUT_POST, "fName", FILTER_SANITIZE_STRING);
$lName = filter_input(INPUT_POST, "lName", FILTER_SANITIZE_STRING);
$mName = filter_input(INPUT_POST, "mName", FILTER_SANITIZE_STRING);
$id = filter_input(INPUT_POST, "Id", FILTER_SANITIZE_STRING);
$school = filter_input(INPUT_POST, "school", FILTER_SANITIZE_STRING);
$paidunpaid = filter_input(INPUT_POST, "paidunpaid", FILTER_SANITIZE_STRING);
$dt = filter_input(INPUT_POST, "dt", FILTER_SANITIZE_STRING);
$dbUser = "xxxx";
$dbPass = "xxxx";
$dbConn = "(DESCRIPTION = (ADDRESS = (PROTOCOL=TCP)(HOST=xxxx)(PORT=1521))(CONNECT_DATA=(SID=xxxx)))";
$conn = oci_connect($dbUser, $dbPass, $dbConn);
$sql =oci_parse($conn, "INSERT INTO person (LastName, FirstName, MiddleName, ID, Primaryschool, Paidunpaidposition,date)
VALUES(:lName,:fName,:mName, :id, :school, :paidunpaid, :date)");
oci_bind_by_name($sql, ':dt', $dt);
oci_bind_by_name($sql, ':fName', $fName);
oci_bind_by_name($sql, ':lName', $lName);
oci_bind_by_name($sql, ':mName', $mName);
oci_bind_by_name($sql, ':id', $id);
oci_bind_by_name($sql, ':school', $school);
oci_bind_by_name($sql, ':paidunpaid', $paidunpaid);
$result = oci_execute($sql);
if ($result) {
echo
'<script >
alert("Thank you for registration.");
window.location = "http://google.com/";
</script>';
return true;
} else {
echo '
<script>
alert("Error, please try submitting again. Error code 1");
window.history.back();
</script>';
return false;
}
I have updated the entire code as one error leads to another. I am new to php any help would be apprecidated. And I am writing this as I can't post so much of code just for one error. Needed some text to update the rest of the code. Thank you in advance.
You are trying to bind string instead of date data type.
Modify it as follows
$sql =oci_parse($conn, "INSERT INTO person (date)
VALUES(to_date(:dt,'dd/mm/yyyy'))");
oci_bind_by_name($sql, ':dt', $date);
I'm working on this feature in my project where I want to add three(3) images along side other details into my database row and I want this images to be in separate columns in one row.... So far below is my code. the code is not working yet... The images and texts are not uploading to the database....
Please help me out guys. What am I doing wrong. Thanks.
Below is my code sample:
//THE PHP SECTION//
<?php
session_start();
include 'includes/config.php';
if (isset($_POST['post']) && isset($_POST['itemtype'])) {
$title = mysqli_real_escape_string($link, $_POST['title']);
$itemtype = mysqli_real_escape_string($link, $_POST['itemtype']);
$description = mysqli_real_escape_string($link, $_POST['description']);
$image1 = $_FILES['image1']['name'];
$image1_tmp_name = $_FILES['image1']['tmp_name'];
$image2 = $_FILES['image2']['name'];
$image2_tmp_name = $_FILES['image2']['tmp_name'];
$image3 = $_FILES['image3']['name'];
$image3_tmp_name = $_FILES['image3']['tmp_name'];
$price = mysqli_real_escape_string($link, $_POST['price']);
$category = mysqli_real_escape_string($link, $_POST['category']);
$name = mysqli_real_escape_string($link, $_POST['name']);
//image file directory
$target1 = 'images/user_ads/'.basename($image1);
$target2 = 'images/user_ads/'.basename($image2);
$target3 = 'images/user_ads/'.basename($image3);
if (move_uploaded_file($_FILES['image1_tmp_name'], $target1)) {
}
if (move_uploaded_file($_FILES['image2_tmp_name'], $target2)) {
}
if (move_uploaded_file($_FILES['image3_tmp_name'], $target3)) {
}
//insert into ost database
$insert = "INSERT INTO products(Title,Product_Type,Description,Image1,Image2,Image3,Price,Category,Name,PostedDate)VALUES('$title','$itemtype','$description','$target1','$target2','$target3','$price','$category','$name',NOW())";
$insertKwary = mysqli_query($link, $insert);
if ($insertKwary) {
$msg = "<div class='alert alert-danger alert-success'>Product Submitted</div>";
}else{
$msg = "<div class='alert alert-danger alert-success'>Product Not Submitted...Try again</div>";
}
}
?>
//THE HTML SECTION//
<div class="col-md-8 col-md-offset-2">
<?php if(isset($msg)) { echo $msg; } ?>
<form action="" method="POST" enctype="multipart/form-data" class="postAdForm" id="postAdForm">
<div class="form-group">
<label for="Ad_title">Item Title</label>
<input type="text" name="title" class="form-control title" id="title" required=""/>
</div>
<div class="form-group">
<label for="itemtype">Item Type</label>
<select class="form-control" name="itemtype" id="itemtype">
<option>Sale</option>
<option>Request</option>
</select>
</div>
<div class="form-group">
<label for="description">Item Description</label>
<textarea name="description" class="form-control description" id="description" rows="7" required=""></textarea>
</div>
<div class="form-group">
<label for="price">First Image</label>
<input type="file" name="image1" class="form-control image1" id="image1" required="" />
</div>
<div class="form-group">
<label for="price">Second Image</label>
<input type="file" name="image2" class="form-control image2" id="image2" required="" />
</div>
<div class="form-group">
<label for="price">Third Image</label>
<input type="file" name="image3" class="form-control image3" id="image3" required="" />
</div>
<div class="form-group">
<label for="price">Price</label>
<input type="text" name="price" class="form-control price" id="price" required="" />
</div>
<div class="form-group">
<label for="category">Item Category</label>
<select class="form-control" name="category" id="category">
<option>Sale</option>
<option>Request</option>
</select>
</div>
<div class="form-group">
<label for="price">Name</label>
<input type="text" name="name" class="form-control name" id="name" required="" readonly="" />
</div>
<div class="form-group">
<input type="submit" name="post" class="btn btn-post post" id="post" value="POST AD" />
</div>
</form>
</div>
I've also attached an image of the error i'm getting..
image of web page showing thee errors i get..error gotten
The error is due to these lines:
if (move_uploaded_file($_FILES['image1_tmp_name'], $target1)) {
}
if (move_uploaded_file($_FILES['image2_tmp_name'], $target2)) {
}
if (move_uploaded_file($_FILES['image3_tmp_name'], $target3)) {
}
You're setting $image1_tmp_name, not $_FILES['image1_tmp_name'].
Try this:
if (move_uploaded_file($image1_tmp_name, $target1)) {
}
if (move_uploaded_file($image2_tmp_name, $target2)) {
}
if (move_uploaded_file($image3_tmp_name, $target3)) {
}
Edit: Using mysqli_error() to print the error helped solve additional issues (Mentioned in comments)
I'm trying to insert data into a database, the script executes all the way down and redirect the user to the page but no record gets inserted. I've been trying to figure out why for hours. I keep creating new scripts but i'm missing something apparently.
init.php
<?php
/*for error 1045 config.inc.php*/
define("DB_HOST", "localhost");
define("DB_USER", "root");
define("DB_PASSWORD", "");
define("DB_DATABASE", "databasename");
$db = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE);
if(mysqli_connect_errno()){
echo "database failed to connect with following errors:". mysqli_connect_error();
die();
}
require_once $_SERVER['DOCUMENT_ROOT'].'/ecommerce/config.php';
require_once BASEURL.'helpers/helpers.php';
form.php
<?php
ob_start();
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
require_once $_SERVER['DOCUMENT_ROOT'].'/HeleneQuirion/core/init.php';
include 'includes/header.php';
if(isset($_GET['add'])){
$parentQuery = $db->query("SELECT * FROM categories WHERE parent= 0" );
if (isset($_POST['submit'])) {
// prepare and bind
$stmt = $db->prepare("INSERT INTO product (prod_name, categories, list_price, price,prod_width,prod_depth,prod_height,prod_material,quantity,image_1,image_2,image_3,image_4,description,care_instructions) VALUES (?,?, ?,?,?,?,?,?,?,?,?,?,?,?,?)");
$stmt->bind_param("ssiiiiisissssss" ,$prod_name, $child,$list_price,$price,$prod_width,$prod_depth,$prod_height,$prod_material,$quantity,$image_1,$image_2,$image_3,$image_4,$description,$care_instructions);
// set parameters and execute
if(isset($_POST['prod_name']))
{
$prod_name = sanitize($_POST)['prod_name'];
}
if(isset($_POST['child']))
{
$categories = sanitize($_POST)['child'];
}
if(isset($_POST['list_price']))
{
$prod_name = sanitize($_POST)['list_price'];
}
if(isset($_POST['price']))
{
$price = sanitize($_POST)['price'];
}
if(isset($_POST['prod_width']))
{
$prod_width = sanitize($_POST)['prod_width'];
}
if(isset($_POST['prod_depth']))
{
$prod_depth = sanitize($_POST)['prod_depth'];
}
if(isset($_POST['prod_height']))
{
$prod_height = sanitize($_POST)['prod_height'];
}
if(isset($_POST['prod_material']))
{
$prod_material = sanitize($_POST)['prod_material'];
}
if(isset($_POST['quantity']))
{
$quantity = sanitize($_POST)['quantity'];
}
if(isset($_POST['care_instructions']))
{
$care_instructions = sanitize($_POST)['care_instructions'];
}
if(isset($_POST['image_1']))
{
$image_1 = $_FILES['image_1'];
}
if(isset($_POST['image_2']))
{
$image_2 = $_FILES['image_2'];
}
if(isset($_POST['image_3']))
{
$image_3 = $_FILES['image_3'];
}
if(isset($_POST['image_4']))
{
$image_4 = $_FILES['image_4'];
}
if(isset($_POST['description']))
{
$description = sanitize($_POST)['description'];
}
$stmt->execute() or die(mysqli_error($db));
header('Location: products.php');
$stmt->close();
$conn->close();
}
?>
<form action="products.php?add=1" method="POST" enctype="multipart/form-data">
<div class='container_12'>
<div class="form-group col-md-3">
<label for="prod_name">Product Name*:</label>
<input type="text" name="prod_name" id="prod_name" class="form-control" value="<?=((isset($_POST['prod_name']))?sanitize($_POST['prod_name']):' ');?>">
</div>
<div class="form-group col-md-3">
<label for="parent">Parent Category*:</label>
<select class="form-control" id="parent" name="parent">
<option value=""<?=((isset($_POST['parent']) && $_POST['parent'] == '')?'selected':'');?>></option>
<?php while($parent = mysqli_fetch_assoc($parentQuery)): ?>
<option value=" <?=$parent['id'];?>"<?=((isset($_POST['parent']) && $_POST['parent'] == $parent['id'])?' select':'');?>><?=$parent['category_name'];?></option>
<?php endwhile; ?>
</select>
</div>
<div class='form-group col-md-3'>
<label for='child'>Second Category*:</label>
<select id='child' name='child' class='form-control'></select>
</div>
</div>
<div class='container_12'>
<div class='form-group col-md-3'>
<label for='list_price'>List Price(OPTIONAL): </label>
<input type="text" id="list_price" name="list_price" class="form-control" value="<?=((isset($_POST['list_price']))?sanitize($_POST['list_price']):'');?>">
</div>
<div class="form-group col-md-3">
<label for="price">Price*:</label>
<input type="text" id="price" name="price" class="form-control" value="<?=((isset($_POST['price']))?sanitize($_POST['price']):'');?>">
</div>
<div class='form-group col-md-3'>
<label for='prod_width'>Width* (in inches):</label>
<input type="text" id="prod_width" name="prod_width" class="form-control" value="<?=((isset($_POST['prod_width']))?sanitize($_POST['prod_width']):'');?>">
</div>
<div class='form-group col-md-3'>
<label for='prod_depth'>Height*(in inches):</label>
<input type="text" id="'prod_depth" name="'prod_depth" class="form-control" value="<?=((isset($_POST['prod_depth']))?sanitize($_POST['prod_depth']):'');?>">
</div>
</div>
<div class='container_12'>
<div class='form-group col-md-3'>
<label for='prod_height'>Depth*(in inches):</label>
<input type="text" id="prod_height" name="prod_height" class="form-control" value="<?=((isset($_POST['prod_height']))?sanitize($_POST['prod_height']):'');?>">
</div>
<div class='form-group col-md-3'>
<label for='prod_material'>Construction Material:</label>
<input type="text" id="prod_material" name="prod_material" class="form-control" value="<?=((isset($_POST['prod_material']))?sanitize($_POST['prod_material']):'');?>">
</div>
<div class='form-group col-md-6'>
<label>Quantity * :</label>
<input type="text" id="quantity" name="quantity" class="form-control" value="<?=((isset($_POST['quantity']))?sanitize($_POST['quantity']):'');?>">
</div>
</div>
<div class='container_12'>
<div class="form-group col-md-3"> <label for="image_1">Product Photo #1:</label>
<input type="file" name="image_1" id="image_1" class="form-control">
</div>
<div class="form-group col-md-3"> <label for="image_2">Product Photo #2:</label>
<input type="file" name="image_2" id="image_2" class="form-control">
</div>
<div class="form-group col-md-3"> <label for="image_3">Product Photo #3:</label>
<input type="file" name="image_3" id="image_3" class="form-control">
</div>
<div class="form-group col-md-3"> <label for="image_4">Product Photo#4:</label>
<input type="file" name="image_4" id="image_4" class="form-control">
</div>
</div>
<div class='container_12'>
<div class="form-group col-md-6">
<label for="description">Description:</label>
<textarea id="description" name="description" class="form-control" rows="6"><?=((isset($_POST['description']))?sanitize($_POST['description']):'');?></textarea>
</div>
<div class="form-group col-md-6">
<label for="care_instructions">Care Instructions*:</label>
<textarea id="care_instructions" name="care_instructions" class="form-control" rows="6"><?=((isset($_POST['care_instructions']))?sanitize($_POST['care_instructions']):'');?></textarea>
</div></div>
<div class='container_12'>
<div class="form-group pull-right">
<input type='submit' name='submit' value='Add Product' class='form-control btn-success pull-right'>
</div></div>
</form>
This is just to clarify one of the points in the comments above...
So I knocked up some test code to check what is going on...
<?php
$_POST['prod_name'] = 'fred';
function sanitize($thing){
var_dump("Inside Sanitize- ", $thing);
return $thing;
}
// Original Code - sends an array to sanitize
if(isset( $_POST['prod_name'] )) {
$prod_name = sanitize($_POST)['prod_name'];
}
var_dump('Original Version '.$prod_name);
// New Code 1 - Sends a String to sanitize
if(isset( $_POST['prod_name'] )) {
$prod_name = sanitize($_POST['prod_name']);
}
// New Code 2 - Should use this one, or could make this a function.
$prod_name = isset($_POST['prod_name'])? sanitize($_POST['prod_name']):'';
var_dump($prod_name);
I am trying to build a multiple choice exam portal. It's working fine but when I am adding a question in my add.php file it get inserted but the choices of the question is not inserted in database
Here is my database:
Choices table:
Questions table:
Here is my code for add.php
<?php include 'includes/header.php'; ?>
<?php include 'config/config.php'; ?>
<?php include 'lib/Database.php'; ?>
<?php
$db = new Database();
if (isset($_POST['submit'])) {
//Grab Post Data
$question_number = $_POST['question_number'];
$question_text = $_POST['question_text'];
$correct_choice = $_POST['correct_choice'];
$choices = array();
$choices[1] = $_POST['choice1'];
$choices[2] = $_POST['choice2'];
$choices[3] = $_POST['choice3'];
$choices[4] = $_POST['choice4'];
//Insert question into database
$query = "INSERT INTO `questions`(question_number, text) VALUES('$question_number','$question_text')";
$insert_row = $db->insert($query);
//validate
if ($insert_row) {
foreach ($choices as $choice => $value) {
if ($value != '') {
if ($correct_choice == $choice) {
$is_correct = 1;
} else {
$is_correct = 0;
}
//Choice Query
$query = "INSERT INTO `choices`(question_number,is_correct,text) VALUES('$question_number','$is_correct',
'$value')";
//insert row
$insert_row = $db->insert($query);
if ($insert_row) {
continue;
} else {
die($mysqli->error);
}
}
}
}
}
$query1 = "SELECT * FROM `questions`";
$result = $db->select($query1);
$total = $result->num_rows;
$next = $total + 1;
?>
<form class="form-horizontal" action="signup.php" method="POST">
<fieldset>
<div id="legend">
<legend class="text-center">Add Questions</legend>
</div>
<div class="control-group">
<label class="control-label" for="username">Question Number</label>
<div class="controls">
<input name="question_number" value="<?php echo $next; ?>" placeholder="" class="form-control input-lg" type="number"/>
</div>
</div>
<div class="control-group">
<label class="control-label" for="text">Question Text</label>
<div class="controls">
<input name="text" placeholder="" class="form-control input-lg" type="text">
</div>
</div>
<div class="control-group">
<label class="control-label" for="choice1">#Choice 1</label>
<div class="controls">
<input name="choice1" placeholder="" class="form-control input-lg" type="text">
</div>
</div>
<div class="control-group">
<label class="control-label" for="username">#Choice 2</label>
<div class="controls">
<input id="choice2" name="choice2" placeholder="" class="form-control input-lg" type="text">
</div>
</div>
<div class="control-group">
<label class="control-label" for="username">#Choice 3</label>
<div class="controls">
<input id="choice3" name="choice3" placeholder="" class="form-control input-lg" type="text">
</div>
</div>
<div class="control-group">
<label class="control-label" for="username">#Choice 4</label>
<div class="controls">
<input id="username" name="choice4" placeholder="" class="form-control input-lg" type="text">
</div>
</div>
<div class="control-group">
<label class="control-label" for="username">Correct Choice Number</label>
<div class="controls">
<input id="username" name="correct_choice" placeholder="" class="form-control input-lg" type="number"/>
</div>
</div>
<input type="submit" name="submit" class="btn btn-block btn-primary" value="Submit" class="submit"/>
</fieldset>
</form>
<?php include 'includes/footer.php';?>
Now only the question is adding in the database but not the choices.
The syntax appears to be correct, but you can delete simple quotes around numbers. In addition, it's better to make one request to insert all choices.
//validate
if ($insert_row) {
$values = [];
foreach ($choices as $choice => $value) {
if ($value == '')
continue;
$is_correct = $correct_choice == $choice ? 1 : 0;
$values[] = "($question_number, $is_correct, '$value')";
}
if (count($values) > 0)
{
$query = "INSERT INTO choices (question_number, is_correct, text) VALUES ".implode(',', $values);
$insert_row = $db->insert($query);
if (!$insert_row)
die($mysqli->error);
}
}
And your variables $value and $question_number come from $_POST variable, you have to use prepared statement to protect your query from SQL injection.
PHP Code
<?php
if (!isset($_SESSION)) { session_start(); }
include "connect.php";
include "functions.php";
if (!isset($_SESSION['login']) || $_SESSION['login'] !== true) {
header('location: no_acces.php');
exit();
} else {
$id_user = $_SESSION['userid'];
$q_user = mysqli_query($conn, "SELECT * FROM users WHERE id = $id_user");
if (mysqli_num_rows($q_user) === 1) {
$r_user = mysqli_fetch_assoc($q_user);
} else {
unset($_SESSION['login']);
unset($_SESSION['userid']);
header('location: no_acces.php');
exit();
}
}
$error = "";
$userQuery = mysqli_query($conn, "SELECT username FROM users");
$user = mysqli_fetch_assoc($userQuery);
$id = $_GET['id'];
if (isset($_POST['edit_contact'])) {
$roepnaam = $_POST['roepnaam'];
$naam = $_POST['naam'];
$land = $_POST['land'];
$bedrijf = $_POST['bedrijf'];
$adres1 = $_POST['adres1'];
$adres2 = $_POST['adres2'];
$stad = $_POST['stad'];
$postcode = $_POST['postcode'];
$provincie = $_POST['provincie'];
$telefoon = $_POST['telefoon'];
$email = $_POST['email'];
$captcha= $_POST['g-recaptcha-response'];
if(!$captcha){
$error = "Er is een fout opgetreden";
}
if ($error == "") {
$insertUser = ("UPDATE address SET
roepnaam = '$roepnaam', naam = '$naam', bedrijf = '$bedrijf', telefoon = '$telefoon', email = '$email', adres1 = '$adres1', adres2 = '$adres2', stad = '$stad', postcode = '$postcode', provincie = '$provincie', land = '$land' WHERE id = $id");
if (mysqli_query($conn, $insertUser)) {
$_SESSION['edit_contact'] = true;
header('location: address_book.php');
} else {
$error = "Er is een fout opgetreden";
}
}
}
?>
HTML Code
<!DOCTYPE html>
<html lang="en">
<body>
<form action="" method="post">
<?php if ($error !== "") { ?>
<div class="row">
<div class="col-md-12 error">
<?php echo $error; ?>
</div>
</div>
<?php } ?>
<label for="firstName" class="control-label">Naam:</label>
<div class="row ">
<div class="col-md-6">
<input type="text" class="form-control" id="firstName" placeholder="Roepnaam" name="roepnaam" value="<?php if (isset($_POST['roepnaam'])) { echo $_POST['roepnaam']; } ?>" required/>
</div>
<div class="col-md-6">
<input type="text" class="form-control" id="lastName" placeholder="Naam" name="naam" value="<?php if (isset($_POST['naam'])) { echo $_POST['naam']; } ?>" required/>
</div>
</div>
<label for="username" class="control-label">Bedrijf:</label>
<div class="row ">
<div class="col-md-12">
<input type="text" class="form-control" id="username" placeholder="Bedrijf" name="bedrijf" value="<?php if (isset($_POST['bedrijf'])) { echo $_POST['bedrijf']; } ?>" required/>
</div>
</div>
<label for="password" class="control-label">Telefoonnummer:</label>
<div class="row ">
<div class="col-md-12">
<input type="text" class="form-control" id="password" placeholder="Telefoonnummer" name="telefoon" value="<?php if (isset($_POST['telefoon'])) { echo $_POST['telefoon']; } ?>" required/>
</div>
</div>
<label for="email" class="control-label">Email:</label>
<div class="row ">
<div class="col-md-12">
<input type="text" class="form-control" id="email" placeholder="E-mailadres" name="email" value="<?php if (isset($_POST['email'])) { echo $_POST['email']; } ?>" required/>
</div>
</div>
<label for="adres1" class="control-label">Adres:</label>
<div class="row">
<div class="col-md-12">
<input type="text" class="form-control" id="adres1" placeholder="Adres 1" name="adres1" value="<?php if (isset($_POST['adres1'])) { echo $_POST['adres1']; } ?>" required/>
</div>
</div>
<div class="row padding-top-10">
<div class="col-md-12">
<input type="text" class="form-control" id="adres2" placeholder="Adres 2" name="adres2" value="<?php if (isset($_POST['adres2'])) { echo $_POST['adres2']; } ?>"/>
</div>
</div>
<div class="row">
<div class="col-md-3">
<label for="postcode" class="control-label">Postcode:</label>
</div>
<div class="col-md-5">
<label for="city" class="control-label">Stad:</label>
</div>
<div class="col-md-4">
<label for="regio" class="control-label">Regio:</label>
</div>
</div>
<div class="row ">
<div class="col-md-3">
<input type="text" class="form-control" id="postcode" placeholder="Postcode" name="postcode" value="<?php if (isset($_POST['postcode'])) { echo $_POST['postcode']; } ?>" required/>
</div>
<div class="col-md-5">
<input type="text" class="form-control" id="city" placeholder="Stad" name="stad" value="<?php if (isset($_POST['stad'])) { echo $_POST['stad']; } ?>" required/>
</div>
<div class="col-md-4">
<input type="text" class="form-control" id="regio" placeholder="Provincie" name="provincie" value="<?php if (isset($_POST['provincie'])) { echo $_POST['provincie']; } ?>" required/>
</div>
</div>
<label for="land" class="control-label">Land:</label>
<div class="row ">
<div class="col-md-12">
<input type="text" class="form-control" id="password" placeholder="Land" name="land" value="<?php if (isset($_POST['land'])) { echo $_POST['land']; } ?>" required/>
</div>
</div>
<div class="row">
<div class="col-md-8 padding-top-10 ">
<div class="g-recaptcha " data-sitekey="6LcCsBoTAAAAAK72uzyJSrgWwD8xuF6jFIfgFaHX"></div>
</div>
</div>
<div class="row">
<div class="col-md-2 padding-top-10">
<input type="submit" name="edit_contact" class="btn btn-succes" value="Wijzigen">
</div>
<div class="col-md-2 padding-top-10">
<input type="text" name="delete_contact" action="delete_contact.php" class="btn btn-succes" value="Contact verwijderen">
</div>
</div>
</form>
</body>
</html>
PHP Code
<?php
if (!isset($_SESSION)) { session_start(); }
include "connect.php";
include "functions.php";
if (!isset($_SESSION['login']) || $_SESSION['login'] !== true || !isset($_SESSION['userid']) || $_SESSION['userid'] == "") {
header('location: login.php');
exit();
} else {
session_regenerate_id();
}
$id = $_GET['id'];
$query = "DELETE FROM address WHERE id= $id";
mysqli_query ($query);
if (mysql_affected_rows() == 1) {
header('location: addressbook.php');
} else {
echo "Verwijderen mislukt";
}
?>
I'm trying to make a delete button for my contacts within the addressbook. but everytime I click "Contact verwijderen" the webpage resets it self and the contact won't be deleted. Could anyone help me to fix this?
You input is a text input and you don't have a form asociated with it,create one and change the type of submit to submit
<form action="delete_contact.php" method="post">
//other inputs
<input type="submit" name="delete_contact" class="btn btn-succes" value="Contact verwijderen">
</form>
You are mixing MySQL and MySQLi functions:
mysqli_query ($query);
if (mysql_affected_rows() == 1)
You cannot mix MySQL with MySQLi, your code should be:
mysqli_query ($query);
if (mysqli_affected_rows($conn) == 1)
Add a normal link to delete the contact, you don't need a form.
<a href="delete_contact.php?id=<?php echo $id ?>">
Contact verwijderen
</a>