How to insert values from editor to database - php

I am new to PHP development. I am trying to insert values in database
Using HTML form I had used PHP editor in form but I do not know how to insert
values from editor to database.
Here is the field there is no name attribute so how to insert value in
database without the name attribute.
<div class="form-group">
<label for="pwd">
<span class="glyphicon glyphicon-pencil"></span> Question:
</label>
<?php
echo $rte->GetString();
?>
</div>


Assuming you're using MySQL for your database solution:
You will need an input field for this to work.
HTML:
<div class="form-group">
<form method="post" action="yourphpfile.php">
<span class="glyphicon glyphicon-pencil"></span> Question:
</label>
<input type="text" id="question" name="question">
<input type="submit" value="submit">
</form>
</div>
PHP:
$question = $_POST['question'];
$query = "INSERT INTO database (question) VALUES ($question);";
if(mysqli_query($conn, $query)){
//success
}
This is simply how I do my form actions. Some users like to use the isset() function on the same page, but I think making separate pages for actions is a bit more of an organized approach.

Related

How to get and store menu values in php

First sorry for my bad english. below is my form image i have a form in my My Website first how to get the values from menu to text box then store the values in to database using Php .i have attached my code and image.I am beginner in Php .
Please help me
HTML CODE
<div class="taxi-form-full">
<div class="container">
<form method="POST" action="">
<div class="menu-types">
Standart
Business
Vip
Bus-Minivan
</div>
<div class="row forms">
<div class="col-md-3">
<div class="form-group">
<input type="text" id="searchTextSrc" name="source" value="" placeholder="From Address..." class="ajaxField"><span class="fa fa-map-marker"></span>
<input type="hidden" id="citySrc" name="citySrc" />
<input type="hidden" id="cityLatSrc" name="cityLatSrc" />
<input type="hidden" id="cityLngSrc" name="cityLngSrc" />
</div>
</div>
<div class="col-md-3">
<div class="form-group">
<input type="text" id="searchTextDes" name="destination" value="" placeholder="To..." class="ajaxField"><span class="fa fa-map-marker"></span>
<input type="hidden" id="cityDes" name="cityDes" />
<input type="hidden" id="cityLatDes" name="cityLatDes" />
<input type="hidden" id="cityLngDes" name="cityLngDes" />
</div>
</div>
<div class="col-md-3">
<div class="form-group">
<input type="text" id="phone" name="phone" value="" placeholder="Phone Number" class="ajaxField required"><span class="fa fa-phone"></span>
</div>
</div>
<div class="col-md-3">
<div class="form-group">
<input type="text" id="text" name="datetime" value="" placeholder="Date and Time" class="ajaxField js-datetimepicker"><span class="fa fa-calendar"></span>
</div>
</div>
</div>
<input type="submit" name="submit" value="submit" class="btn btn-lg btn-red aligncenter">
</form>
</div>
</div>
Php Code
<?php
$hname = 'localhost';
$uname = 'root';
$pword ='';
$dbase ='sample';
$con = mysqli_connect($hname, $uname , $pword ,$dbase );
if ($con->connect_error) {
die("Connection failed: " . $con->connect_error);
}
if(isset($_POST['submit'])){
$phone = $_POST['phone'];
$datetime = $_POST['datetime'];
$query = mysqli_query($con,"insert into test(phone, datetime) values ('$phone', '$datetime')");
}

Instead of using anchors as part of your navigation you can use radio fields.
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/radio
This will then send you the appropriate menu item chosen via the $_POST variable.
<label class="type-1">
<input type="radio" name="menu" value="Standart" checked /> Standart
</label>
<label class="type-2">
<input type="radio" name="menu" value="Business" /> Business
</label>
<label class="type-3 red">
<input type="radio" name="menu" value="VIP" /> Vip
</label>
<label class="type-4">
<input type="radio" name="menu" value="Bus" /> Bus-Minivan
</label>
In PHP you'll receive the value based on what option was checked.
<?php
$menu = $_POST['menu'];
You'll need to change the styling of the radio fields to match what you had for your anchors. As the input is within the label you can style the label and hide the input field to keep the same look and feel.
Styling radio button
This method is far more attractive than capturing the clicks with JavaScript and injecting the value into a text field as it'll work with or without JavaScript.

One of the ways you could achieve this is by using AJAX. In my example, I'll use jQuery AJAX, which will require you to include a jQuery library to your application. The reason I personally use jQuery is because it simplifies the JavaScript code a lot, and so it makes it easier to write and understand.
Now, in your question, you mention the element textbox, but I do not see that element anywhere? Do you mean your input fields, which is an entirely different thing? Since I don't see any textbox elements, I am going to assume that you mean input fields.
Before jumping straight into the AJAX function, I'd like to explain a few things. Basically what we will do with the AJAX function is to parse values to another page, which will handle our database logic, such as INSERT the data etc.
The key elements in an AJAX function is its options that you define in the function.
type, which is the data type of your data that you are going to
parse. Examples would be GET and POST
url, which is where you define the page where the data that will get parsed.
data, which is where you will define your data variables that you will be parsing.
optionally, success, which is a function where you can define certain actions to occur upon success of your AJAX function.
The AJAX function:
function submitForm() {
$.ajax({
type : "POST",
url : "/your_page.php",
data : {
standart: $("[data-value='Standart']").val(),
business: $("[data-value='Business']").val(),
vip: $("[data-value='VIP']").val(),
bus: $("[data-value='Bus']").val(),
searchTextSrc: $("#searchTextSrc").val(),
citySrc: $("#citySrc").val(),
cityLatSrc: $("#cityLatSrc").val(),
searchTextDes: $("#searchTextDes").val(),
cityDes: $("#cityDes").val(),
cityLatDes: $("#cityLatDes").val(),
cityLngDes: $("#cityLngDes").val(),
phone: $("[name='phone']").val(),
datetime: $("[name='datetime']").val()
},
success: function (html) {
//do something on success
}
})
}
Note that I encapsulated the AJAX function into another function that I named submitForm(). You can choose to call this function onclick on your button in order to trigger your AJAX function.
<button onclick="submitForm();">Submit content</button>
Since you weren't entirely specific on precisely which elements values you'd like to retrieve, I targeted them all. I am actually uncertain if $("[data-value='whatever']") is a valid selector. If it's not, simply give them an id or a name attribute to go by instead.
Now, since I defined the type in the AJAX function to be POST, you will have to use $_POST in your PHP file to fetch the data that has been parsed from the AJAX function.
In your PHP page:
<?php
$standart = $_POST['standart'];
$business = $_POST['business'];
$vip = $_POST['vip'];
$bus = $_POST['bus'];
$searchTextSrc = $_POST['searchTextSrc'];
$citySrc = $_POST['citySrc'];
$cityLatSrc = $_POST['cityLatSrc'];
$searchTextDes = $_POST['searchTextDes'];
$cityDes = $_POST['cityDes'];
$cityLatDes = $_POST['cityLatDes '];
$cityLngDes = $_POST['cityLngDes '];
$phone = $_POST['phone '];
$datetime = $_POST['datetime '];
/* You now have all your parsed variables as PHP variables
that you can choose to INSERT into your database. */
$hname = 'localhost';
$uname = 'root';
$pword ='';
$dbase ='sample';
$con = mysqli_connect($hname, $uname , $pword ,$dbase );
if ($con->connect_error) {
die("Connection failed: " . $con->connect_error);
}
$sql="INSERT INTO test SET phone='$phone', datetime='$datetime'";
mysqli_query($con, $sql);
?>
However, please note that you are wide open to SQL Injections, which is one of the reasons #R. Chappell dropped this link in the comment section.

Method POST not working with datetime-local fields

I am trying to get two datetime-local fields from a HTML form and insert them in a SQL database and they're not getting inserted.
user-stardate and user-enddate are the datetime-local fields, and I cannot get neither user-totalhours which is the difference between enddate - startdate.
<form role="form" action="sendFdata.php" method="POST">
<div class="row">
<input type="text" name="username">
<input type="text" name="user-role">
</div>
<div class="row">
<input type="text" name="user-pm">
<select name="user-project">
<option>Text1</option>
<option>Text2</option>
<option>Text3</option>
</select>
</div>
<div class="row">
<input type="text" name="user-agroup">
<input type="text" name="user-task">
</div>
<div class="row">
<input type="datetime-local" name="user-startdate">
<input id="end-time" type="datetime-local" name="user-enddate">
<input type="text" name="user-totalhours" placeholder="Total Hours">
</div>
<div class="rule"></div>
<div class="form-footer">
<button type="submit" name="button-submit">Submit</button>
<button type="button">Reset</button>
</div>
</form>
PHP:
<?php
$link = mysqli_connect("localhost","admin","") or die("failed to connect to
server !!");
mysqli_select_db($link,"test");
$username=$_POST['username'];
$userRole=$_POST['user-role'];
$userPM=$_POST['user-pm'];
$userProject=$_POST['user-project'];
$useraGroup=$_POST['user-agroup'];
$userTask=$_POST['user-task'];
$userStartDate=$POST['user-startdate'];
$userEndDate=$POST['user-enddate'];
$userTotalHours=$POST['user-totalhours'];
$insqDbtb="INSERT INTO `test`.`persons`
(`UserName`, `Role`, `PM`, `Product`, `ActivityGroup`, `Task`, `StartDate`,
`EndDate`, `TotalHours`) VALUES ('$username', '$userRole', '$userPM',
'$userProject', '$useraGroup', '$userTask', '$userStartDate', '$userEndDate',
'$userTotalHours')";
mysqli_query($link,$insqDbtb) or die(mysqli_error($link));
?>

You have $POST['user-startdate'], where it should be $_POST['user-startdate'].
But aside from that, you should definitly use prepared statements to make sql queries. How can I prevent SQL injection in PHP?

First datetime-local is not a correct HTML attribute for type, you should use date or time.
see it there : https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input
Then your mysql statements are a security risk since you are not using prepared statement. You should look into it.
Finally, you should debug de the request before sending it to your database.

The attribute for the elements type "datetime-local" does not create data to be read and inputed. Especially if viewed with Firefox or IE12 (and earlier). It is an input the user on the page must enter a date and time into.
Assuming you are utilizing the input correctly. What data type is your column in your database? It must be able to handle '0000-00-00 00:00:00' as that is the restricted input that must be stored.

submitting form data to sql database in.php

i am trying to submit a query to my SQL server with a student ID as the tag and also the file names uploaded.
php part:
if(isset($_POST['submit']))
{
$card=$_POST['card'];
$SQL = "INSERT INTO cny2018 (cardnumber, timestamp, photo1) VALUES ('$card', '4-6 Days', '£75.00')";
$result = mysql_query($SQL);
html part
<div class="form-group row">
<label for="example-search-input" class="col-2 col-form-label">ID:</label>
<div class="col-10">
<form>
<input type="text" name="card"/>
</form>
</div></div>
<br><br>
Upload Photos (a maximum of 6 photos)<br>
<input id="file-input" type="file" multiple>
<div id="preview"></div>
<br><br><br>
<form method="post">
<input class="btn btn-primary" type="submit" name="submit" value="Submit">
</form>

In HTML part, you didn't mention action attribute for the form, also you are uploading images but you didn't write enctype="multipart/form-data" and you didn't provide name attribute for the file-upload element. In PHP part, if you want to store the name of the uploaded image, you need to store the name to a variable. Then you need to add the variable to the SQL query.
For example,
$card=$_POST['card'];
$orig_filename=$_FILES['your_image_name']['name'];
$SQL = "INSERT INTO cny2018 (cardnumber, timestamp, photo1) VALUES ('$card', '4-6 Days', '$orig_filename')";
$result = mysql_query($SQL);
And lastly, I would like to advice that you should not use mysql_query() function as it is deprecated, instead use mysqli_query or PDO.
http://php.net/manual/en/book.mysqli.php
http://php.net/manual/en/book.pdo.php

Dropdown value is not selected on submitting form in php

The scenario is - I have a form with multiple input fields and text areas and whenever I post this form all these values will get posted. However, I also have a dropdown that I create from my database. This dropdown value shows up properly when I get the values. I have a second submit button, which should take this selected value and post to other page.
I have tried the $_POST='name of select option' but it did not help.
I have a onlick for directing the form to other page for updating the db.
I'm fairly new to php, so it could be the use of _POST that could be incorrect.
<form name="f1" class="formoid-solid-blue" method="GET">
<div class="title">
<h2></h2>
<h2>Tracking & Receiving</h2>
</div>
<div class="element-input">
<label class="title"></label>
<div class="item-cont">
<input class="small" type="text" name="store" placeholder="Store #"/>
<span class="icon-place"></span>
</div>
</div>
<div class="element-input">
<label class="title"></label>
<div class="item-cont">
<input class="medium" type="text" name="userid" placeholder="UserId"/>
<span class="icon-place"></span>
</div>
</div>
<div class="element-input">
<label class="title"></label>
<div class="item-cont">
<input class="large" type="text" name="order" placeholder="Order Number"/>
<span class="icon-place"></span>
</div>
</div>
<div class="submit">
<input type="submit" name="Send" value="Send"/>
</div>
<div class="element-separator">
<hr>
<h3 class="section-break-title">Tracking Numbers</h3>
</div>
<div class="element-multiple">
<label class="title"></label>
<div class="item-cont">
<div class="large">
<select data-no-selected="Nothing selected" name="updTR" multiple="multiple">
<option name="op" value="<?php require 'connection.php'; ?>"> //getting value form db
<?php
echo $trackID; //DB value
$trackID = $_GET['updTR']; //getting the variable from the form
?></option>
</select>
<span class="icon-place"></span>
</div>
</div>
</div>
<div class="submit">
<input type="submit" onclick="f1.action='UpdateTR.php'; return true;" name="UpdateTR" value`enter code here`="Submit"/>
</div>
</form>

Well, looking at the form, you said you are using POST, and tested with other POST related method, but your form is using GET, as seen on your code above.
Since you are new to PHP, as an example, if you are using post, and a variable is waiting on the other page to collect this information from your form then you do it like this:
This is the form field example:
<input type="text" name="XYZ">
Then on the page that will collect this info, it would be
$someVariable = $_POST[ 'XYZ' ];
now, if you want to use GET, then its the same thing but you use this
$someVariable = $_GET[ 'XYZ' ];
hope this clears the confusion.
-- EDIT 2 --
Ok after reading your comment, and since i haven't seen how you are iterating through your DB for the options that go in that "option" list/menu, I'm going to say you cant put "connection" as the value on this part:
<option name="op" value="<?php require 'connection.php'; ?>">
because assuming that "connection.php" is connecting to the DB, then that wont help you, that goes elsewhere. Instead, once you've made that connection(elsewhere, preferably above it in the header somewhere), you then have to have code that loops through the DB, and "WHILE" its looping, spit out results into that options field. Let me give you an example with PSEUDO code.
If a normal select/option code looks like this
<select>
<option> option 1 </option>
<option> option 2 </option>
</select>
etc, then you need php that loops through your DB results, and puts the results into the "options" in that select,
here is some pseudo code:
<select>
<?php
while($row = your fetch code here){
echo "<option>your line items here</option>";
}
?>
</select>
OR.....
if "$row" has a specific value you want to use from the database that you visually want to add in that list, then you could do similar to above but with something like:
<select>
<?php
while($row = your fetch code here){
echo "<option>your line items here "' . $row['some value from DB here'] . '"</option>";
}
?>
</select>
etc.
Essentially, you want your "while loop" to iterate through your database and WHILE its doing it, to input its data into your options html.
ALSO, if you wanted a particular value from your DB, put into a GET variable, to use for the processing page (as i mentioned all the way above), then again, similarly, you can do something like this:
<?php
while($row = your fetch code here){
echo "<a href='linkHere.php?yourVariableToTrackWithGetHere='".$row['yourDBresutlToTrack']."'> Your text here </a>"; }
?>
This way, when you click the link, the database value gets added to that variable that you can call later in the processing page.
Kinda long winded but, this should set you 100% straight.
Hope this helps.

Form Action Process.php file not echoing results from mySQL DB

Currently, I have an index.php file with a form and a text input from the user as well as a submit button. When the submit button is pressed, the process.php file is supposed to get the data and echo it out. However, it just sends me to a blank page and does not echo anything out. I am well aware that I would need to style it the page, etc... But it just isn't echoing out at all. I am already connected to the mySQL DB with another php script and have tested that and it works fine so I know I am connected. What am i doing wrong?
index.php
<form action="process.php" form method="post" id="myForm">
<div class="col-xs-12 col-md-6">
<div class="input-group">
<span class="input-group-addon">
<input aria-label="..." type="checkbox" id="checkbox1">
</span>
<input aria-label="..." class="form-control" type="text" id="food1">
</div>
</div>
<input type="submit" value="Submit">
</form>
process.php
<?php
//Check whether the form has been submitted
if($_POST['submit'] == "Submit")
{
$varFood1 = $_POST['food1'];
$sql = "SELECT menu.dish FROM menu WHERE menu.description LIKE '%varFood1%'"; // sql query
$result = mysql_query($sql);
// Loop the recordset $result
// Each row will be made into an array ($row) using mysql_fetch_array
while($row = mysql_fetch_array($result)) {
echo "Items : {$row['dish']}\n";
}
}
?>

Use name attribute not id. <input aria-label="..." class="form-control" type="text" id="food1"> Try printting out the POST in the future.
<input aria-label="..." class="form-control" type="text" id="food1" name="food1">
Additional changes...
$varFood1 = mysql_real_escape_string($_POST['food1']);
$sql = "SELECT menu.dish FROM menu WHERE menu.description LIKE '%$varFood1%'";
without escaping you open yourself to injections. You should consider switching driver to mysqli or PDO as well.

The problem is that you are checking for $_POST['submit'], which the process.php file does not see, because it does not exist in the POST array. Solution: give your submit button a name, instead of this:
<input type="submit" value="Submit">,
which is what you have, do this:
<input type="submit" name="submit" value="Submit">

Categories