I'm new to PHP and I'm not sure what I'm doing wrong. I can open the html form and give the data but when I hit submit it shows me the php code and the database is (obviously) not updated. I have tried inserting values to the table manually through phpMyAdmin and it works. I have looked online but me syntax looks fine (to me). Am I doing some different wrong? If the mistake is not too obvious is there an efficient way to debug (ie see the errors)?
I have this HTML code
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title>Hotel Start Page</title>
</head>
<body>
<form action="customerCreate.php" method="post">
<fieldset><legend>Enter your information in the form below:</legend>
<header align="center"> <b>Customer Sign Up</b></header>
<p><b>Surname: </b><input type="text" name="surname" size="30" maxlength="40"/></p>
<p><b>Name: </b><input type="text" name="name" size="30" maxlength="40"/></p>
<p><b>E-mail: </b><input type="text" name="email" size="30" maxlength="40"/></p>
<p><b>Telephone: </b><input type="text" name="tel" size="30" maxlength="10"/></p>
<p><b>Password: </b><input type="password" name="passwd" size="30" maxlength="10"/></p>
</fieldset>
<div align="center"><input type="submit" name="submit" value="Create Account"/></div>
</form>
</body>
This PHP code
<?php
$host = 'localhost';
$username = 'root';
$password = '';
$db = 'my_hotel';
$conn = new mysqli($host,$username,$password,$db);
if ($conn->connect_error) {
die("Connection Error: " .$conn->connect_error);
}
$sname = $_POST['surname'];
$name = $_POST['name'];
$email = $_POST['email'];
$tel = $_POST['tel'];
$passwd = $_POST['passwd'];
$sql = "INSERT INTO Customer (sname, name, email, tel, passwd) VALUES
(?,?,?,?,?)";
$stmt = $conn->prepare($sql);
$stmt->bind_param("sssss",$sname,$name,$email,$tel,$passwd);
$stmt->execute();
$cid = "SELECT cid FROM Customers WHERE sname='$sname' AND passwd='$passwd' ";
$result = $conn->query($cid);
$row = $result->fetch_assoc();
echo "Customer Added.<br>";
echo "Your Customer ID is ".$row['cid'];
$stmt->close();
$conn->close();
?>
And this table in a database called My_hotel in phpMyAdmin
CREATE TABLE Customer (
cid INT AUTO_INCREMENT,
sname VARCHAR(15),
name VARCHAR(15),
email VARCHAR(15),
tel VARCHAR(15),
passwd VARCHAR(15),
PRIMARY KEY (cid)
);
If you get the php code, it must be that your application is not in your web server, so the browser downloads the source file. You should copy/synchronize your files into/with (probably) /var/www/html.
Look into this: http://thisinterestsme.com/php-displayed-in-browser/
Related
So I want to create an html form and save it to a databas in WordPress
First I created the form which I put on this page here
<form action="addperson.php" method="post">
<label>First Name:</label>
<input type="text" name="firstname"/><br>
<label>Last Name:</label>
<input type="text" name="lastname"/><br>
<label>Email:</label>
<input type="text" name="email"/><br>
<input type="submit" name=submit value="Submit"/>
</form>
Then, in public html-->wp-content-my theme I created a file called addperson.php
In this file I put the following code :
<?php
//Block 1
$user = "user"; //Enter the user name
$password = "password"; //Enter the password
$host = "host"; //Enter the host
$dbase = "database"; //Enter the database
$table = "table"; //Enter the table name
//Block 2
$firstname= $_POST['firstname_entered'];
$lastname= $_POST['lastname_entered'];
$email= $_POST['email_entered'];
//Block 3
$connection= mysql_connect ($host, $user, $password);
if (!$connection){
die ('Could not connect:' .
mysql_error());
}
mysql_select_db($database, $connection);
//Block 4
$username_table= mysql_query( "SELECT username FROM $table WHERE username= '$username'" ) or die("SELECT Error: ".mysql_error());
//Block 5
mysql_query("INSERT INTO $table (column1, column2, column3) VALUES (value1, value2, value 3)");
//Block 6
echo 'You have been added.';
//Block 7
mysql_close($connection);
?>
Then I created a database and a table email_list like so:
CREATE TABLE IF NOT EXISTS
email_list (first_name VARCHAR(50),
last_name VARCHAR(50), email VARCHAR
(50));
Next, I entered info into formhere
It saved absolutely nothing.
Where am I going wrong?
Look at your HTML.
<input type="text" name="firstname"/>
<input type="text" name="lastname"/>
<input type="text" name="email"/>
And after submiting form, that data will be under firstname, lastname, email keys in $_POST array.
So you probably should change this
$firstname = $_POST['firstname_entered'];
$lastname = $_POST['lastname_entered'];
$email = $_POST['email_entered'];
to this
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
You should also consider enabling errors displaying in php to get more info about your potentials mistakes.
// Put this on top of your php file
ini_set('display_errors', '1');
I am trying to get data from a form into a database, have searched all the answers and code on yours and other websites but none of them work.
It is connecting to the database OK, but keep getting an error message when submitting the form.
Thanks
My form is
<html><head>
<link rel="stylesheet" href="form.css" type="text/css">
<meta charset="utf-8">
</head>
<body>
<h1>A small example page to insert some data in to the MySQL database using
PHP</h1>
<form action="insert.php" method="post">
Firstname: <input type="text" name="firstname" /><br><br>
Lastname: <input type="text" name="lastname" /><br><br>
<input type="submit" />
</form>
</body>
</html>
My PHP code is
<?php
$servername = "server";
$username = "username";
$password = "xxxx";
$database = "xxx_com";
$conn = mysqli_connect($servername, $username, $password, $database);
{
$first_name = $_POST['firstname'];
$last_name = $_POST['lastname'];
$dbh->query = "INSERT INTO nametable (firstname, lastname)
VALUES ('$_POST[firstname]', '$_POST[lastname]')";
}
if (!mysqli_query($user_info, $connect)) {
die('Error: ' . mysqli_error());
}
echo “Your information was added to the database.”;
mysqli_close($connect);
?>
Your html form using
Firstname: <input type="text" name="fname" /><br><br>
Lastname: <input type="text" name="lname" /><br><br>
but your PHP get from
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
it should used the same name. Like
$first_name = $_POST['fname'];
$last_name = $_POST['lname'];
As mention by people comment, please learn how to avoid the SQL injection problem
I wanna update just one data from a record using php form but the thing is, when i do that, the rest of the data gets removed from the record.. What do i do :/ here are my codes for updating. What is the mistake i am making.. I am very confused. Would really appreciate some help.
<?php
include('db.php');
if(isset($_POST['update']))
{
$hostname = "localhost";
$username = "root";
$password = "";
$databaseName = "winc sports";
$connect = mysqli_connect($hostname, $username, $password, $databaseName);
$id = $_POST['id'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$age = $_POST['age'];
$country=$_POST['country'];
$phone=$_POST['phone'];
$email=$_POST['email'];
$select = "SELECT * FROM studens WHERE id = '$id'";
$selected = mysqli_query($connect, $select);
$row = mysqli_fetch_assoc($selected);
if (empty($_POST['fname'])) {$fname = $row['fname'];} else {$fname = $_POST['fname'];}
if (empty($_POST['country']))
{
$country = $row['country'];
}
else {
$country = $_POST['country'];
}
if (empty($_POST['id'])) {
$id = $row['id'];
}
else {
$id = $_POST['id'];
}
if (empty($_POST['age'])) {$age = $row['age'];} else {$age = $_POST['age'];}
if (empty($_POST['phone'])) {$phone = $row['phone'];} else {$phone = $_POST['phone'];}
if (empty($_POST['email'])) {$email = $row['email'];} else {$email = $_POST['email'];}
$query = "UPDATE students SET Fname= '$fname', Lname = '$lname', Nationality = '$country', PhoneNumber = '$phone', Email= '$email', Age = '$age' WHERE Id = '$id'";
$result = mysqli_query($connect, $query);
var_dump($result);
if($result)
{
echo 'Data Updated';
}else
{
echo 'Data Not Updated';
}
mysqli_close($connect);
}
?>
<!DOCTYPE html>
<html>
<head>
<title>PHP INSERT DATA USING PDO</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
<form action="updating.php" method="post">
<input type="text" name="id" placeholder="Enter new ID"><br><br>
<input type="text" name="fname" placeholder="Enter new First Name"><br><br>
<input type="text" name="lname" placeholder="Enter new Last Name"><br><br>
<input type="number" name="age" placeholder="Enter new age" min="13" max="90"><br><br>
<input type="text" name="country" placeholder="Enter new Nationality"><br><br>
<input type="number" name="phone" placeholder="Enter new Phone Number"><br><br>
<input type="text" name="email" placeholder="Enter new Email"><br><br>
<input type="submit" name="update" value="update">
</form>
</body>
</html>
The select statement is fetching data from a table called studens. This looks like a typo of the actual table so it won't actually fetch any results for you to update. Thus, the data you wind up updating the table with is empty. Rename the initial select table to students and it should properly fetch the data.
Also, please look into prepared statements or various other methods to sanitize inputs. Using POST variables directly in a query makes you extremely vulnerable to SQL Injection.
I am fairly new to PHP (I've read a few books on PHP and watched tons of PHP w/ mysqli videos), and I'm trying to make a simple login system. When you register, a table is created with the $username as a title, and then it puts all the other register info in the newly created table.
How would I get the table's name to check if the username matches a table name? Then, how would I get the password from inside the table to check if the password matches?
Thanks in advance for your help!
index.php:
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Blog</title>
</head>
<body>
<table>
<form action="loginaction.php" method="post">
<tr>
<td>Login</td>
<td> <input type="text" name="username" placeholder="Username"></input></td>
<td> <input type="text" name="password" placeholder="Password"></input></td>
<td><input type="submit" value="Submit"></input> </td>
</tr>
</form>
</table>
<table>
<form action="registeraction.php" method="post">
<tr>
<td><input type="text" name="firstname" placeholder="First Name"></input></td>
<td><input type="text" name="lastname" placeholder="Last Name"></input></td>
<td><input type="text" name="rusername" placeholder="Username"></input></td>
<td><input type="password" name="rpassword" placeholder="Password"></input></td>
<td><input type="email" name="email" placeholder="Email"></input></td>
<td><input type="submit" value="Register"></input></td>
</tr>
</form>
</table>
</body>
</html>
loginaction.php:
<?php
include "config.php";
$username = $_POST['username'];
$password = $_POST['password'];
$umatch = $_GET[]
if(!isset($_POST['username']) && ($_POST['password'])){
echo 'NOT FILLED OUT!';
}else{
}
?>
regiseraction.php:
<?php
// put your code here
include 'config.php';
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$rusername = $_POST['rusername'];
$rpassword = $_POST['rpassword'];
$email = $_POST['email'];
$query = "CREATE TABLE $rusername (
firstname VARCHAR(50) NOT NULL,
lastname VARCHAR(50) NOT NULL,
username VARCHAR(50) NOT NULL,
password VARCHAR(50) NOT NULL,
email VARCHAR(50) NOT NULL
)";
$sql = mysqli_query($link, $query);
$addinfo = "INSERT INTO $rusername(firstname, lastname, username, password, email)
VALUES ('$firstname', '$lastname', '$rusername', '$rpassword', '$email')";
mysqli_query($link, $addinfo);
?>
Below is my html code...
<form action="http://mycloud.zymichost.com/registerPHP.php" method="post" id="register" data-ajax="false">
<label>Name: <br></label>
<input name="name" type="text" maxlength="50" ><br>
<label>Email: <br></label>
<input name="email" type="text" maxlength="50" ><br>
<label>Password: <br></label>
<input name="password" type="password" maxlength="50" ><br>
<input name="fsubmit" type="button" value="Submit"><br>
</form>
Below is my php code...
<title>registerPHP</title>
<?php
$name = $_POST ['name'];
$mail = $_POST['email'];
$pass = $_POST ['pass'];
//$un = 'abc';
//$pw = 'abc';
$mysql_hostname = "localhost";
$mysql_database = "mycloud_zymichost_register";
$mysql_user = "lorem-ipsum";
$mysql_password = "********";
$conn = mysql_connect($mysql_hostname,$mysql_user,$mysql_password);
mysql_select_db($mysql_database, $conn );
//$query = "SELECT * FROM Login WHERE username = '$un' AND password = '$pw'";
$query = "INSERT INTO Register (name,email,pass) VALUES ('$name','$email','$pass')";
$result = mysql_query($query) or die("Unable to insert user data because : " . mysql_error());
if ($result = mysql_query($query))
echo "Data is inserted";
?>
i cnt send the input data to my database which is mysql online.. may i know why? the sometimes null value is send to the database.. i tried input from my php.. it can.. bt using the post method in html to call the php file to insert.. the value is nt go in.. and everytime i refresh the php page.. null value will be inserted into my db...
Looks like (from a guess) that you're trying to submit the form data to loginPHP but the PHP that saves the data is registerPHP?!
Your formaction has loginphp.php.
Are you sure the php code you posted has the name loginphp.php?