I am trying to log the users name, email, and region as well as their steamid via an html form.
The html form is here:
<form class="cptxt" action="/insert.php" method="post">
PUBG NAME: <input type="text" name="username" placeholder="Enter In Game
Name">
<br><br>
Email: <input type="text" name="email" placeholder="Enter Email"><br><br>
SteamID: <input type="text" name="sid" value="<?php echo
$steamprofile['steamid'] ?>" ><br><br>
SELECT REGION:
<select name="region">
<option value="NA">North America</option>
<option value="EU">Europe</option>
<option value="AS">Aisa</option>
<option value="OC">Oceianic</option>
</select> <br>
<br>
<input type="submit" value="Submit">
</form>
This is the insert.php file
<?php
require('connect.php');
include ('steamauth/userInfo.php');
if(!$con)
{
echo "NOT CONNECTED";
}
if(!mysqli_select_db($con,'pubgfinder'))
{
echo "db not selected";
}
$Name = $_POST['username'];
$Email = $_POST['email'];
$Sid = $_POST['sid']
$Region = $_POST['region'];
$sql = "INSERT INTO users (Name,Email,Region,Sid) VALUES
('$Name','$Email','$Region','$Sid')";
if(!mysqli_query($con,$sql))
{
echo "NOT INSERTED";
}
else
{
echo "INSERTED";
}
header("refresh:2; url=home.php");
?>
So far what I get is the form working, besides the steamid part of it. It writes the steamid into the form field as well, but doesn't send to the database.
Please help. Am I writing this wrong? What's the issue here?
Related
I have made the form so that it gets the selected radio value button and it gets passed to the php section and to the database.But in the database it shows as "on" no matter what the selection is.
I have no idea where I have gone wrong
HTML form:
<form action="Database.php" name="register" method="post">
<div>
First Name <input type="text" name="fname"/><br>
Last Name <input type="text" name="lname"/><br>
Email <input type="email" name="email"/><br>
Contact No. <input type="text" name="num"/><br>
Gender <br> <input type="radio" name="g1" value="Male"/>Male
<input type="radio" name="g1" value="Female"/>Female
<br>
<br>
</form>
PHP:
$fname = $conn->real_escape_string($_POST['fname']);
$lname = $conn->real_escape_string($_POST['lname']);
$email = $conn->real_escape_string($_POST['email']);
$cnumber = $conn->real_escape_string($_POST['num']);
$gender = $conn->real_escape_string($_POST['g1']);
$sql="INSERT INTO data (fname, lname, email, cnumber, gender)
VALUES ('".$fname. "','".$lname."','".$email."', '".$cnumber."', '".$gender."')";
I expected output to be male/female
but it says "on"
Using your form I have used a small code and found this works
<form action="Database.php" name="register" method="post">
<div>
First Name <input type="text" name="fname"/><br>
Last Name <input type="text" name="lname"/><br>
Email <input type="email" name="email"/><br>
Contact No. <input type="text" name="num"/><br>
Gender <br> <input type="radio" name="g1" value="Male"/>Male
<input type="radio" name="g1" value="Female"/>Female
<br>
<input type="submit" style="min-width:100%" align="center" name='submit' value="SUBMIT">
<br>
</form>
Your PHP side should be this:
if(!isset($_POST['submit']))
{
//This page should not be accessed directly. Need to submit the form.
echo "Submitted";
}
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$g1 = $_POST['g1'];
$sql = "INSERT INTO etrack.test SET
fname = '".$fname."',
lname = '".$lname."',
g1 = '".$g1."'";
if ($conn->query($sql) === TRUE) {
echo "";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
echo("Error description: " . mysqli_error($con));
echo "Error 1";
}
I am getting the required results
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$name = $_REQUEST['teamname'];
$email = $_REQUEST['email'];
$password = (md5($_REQUEST['password']));
$query = "UPDATE users SET email = ?,password = ? WHERE name = ?";
$statemnt = $conn->prepare($query);
$statemnt->bind_param('sss',$email,$password,$name);
$statemnt->execute(); echo $name,$email,$password; var_dump();
$statemnt->close(); $conn->close(); } ?>
managed to get the SELECT Statement figured out before this one and still having issues with the UPDATE - a form above this php snippet and is suppose to fill out $email $password and $name
<form method="post" action="">Team Name:<br>
<input type="text" name="teamname" value="<?php echo $name;?>">
<br>Email:<br><input type="text" name="email" value="<?php echo $email;?>">
<br>Password:<br><input type="text" name="password" value="">
<br><br><input type="Submit" value="Update the Record" name="Submit">
</form>
EDITED TO THE FOLLOWING (there is code above this part and below dont expect u want to see the rest of my html code - the bottom is what i am have trouble with):SELECT STATEMENT and var_dump is working but when i enter a password into the form it doesnt trigger the Submit and ultimately the UPDATE Statement - i have worked on it today again to no avail. pls any help would be appreciated not sure what im doing wrong - also var_dump at the bottom is outputing all of the values now
<?php
if (isset($_POST['submit'])) {
$sql = $conn->prepare("UPDATE users SET email=? , password=? WHERE team=?");
$postedemail=$_POST['teamemail'];
$postedpassword= $_POST['teampassword'];
$sql->bind_param("ssi",$postedemail,$postedpassword,$_POST["mySelect"]);
if($sql->execute()) {
$success_message = "Edited Successfully";
} else {
$error_message = "Problem in Editing Record";
}
var_dump($postedpassword);
var_dump($postedemail);
}
$stmt = $conn->prepare("SELECT team, name, email, password FROM users WHERE team = ?");
$stmt->bind_param("i", $_POST["mySelect"]);
$stmt->execute();
$result = $stmt->get_result();
if($result->num_rows === 0) exit('No rows');
while($rows = $result->fetch_assoc()) {
$name = $rows['name'];
$email = $rows['email'];
$password = $rows['password'];
}
var_dump($password);
var_dump($name);
var_dump($email);
var_dump($_POST['mySelect']);
$stmt->close();
?>
<?php if(!empty($success_message)) { ?>
<div class="success message"><?php echo $success_message; ?></div>
<?php } if(!empty($error_message)) { ?>
<div class="error message"><?php echo $error_message; ?></div>
<?php } ?>
<form name="frmUser" method="post" action="">
<label>NAME:</label>
<input type="text" name="teamname" class="txtField" value="<?php echo $name?>">
<label>EMAIL:</label>
<input type="text" name="teamemail" class="txtField" value="<?php echo $email?>">
<label>PASSWORD</label>
<input type="text" name="teampassword" class="txtField" value="">
<input type="submit" name="submit" value="Submit" class="demo-form-submit">
</form>
thanks
You have this at the begining of your script : $selectedOption = $_POST["mySelect"];
Nowhere in your code (especially in your <form></form>) I see any input named "mySelect"
Add this field in your form and the problem should be solved.
var_dump(); helps a lot debugging.
I cannot figure out what is wrong with my code. The data is not getting stored in phpmyadmin. may be its a syntax error.I ll be glad if someone could find the problem with my code. Please help me out on this!
It is a simple form asking for the details of the person who needs blood. I need the details to be stored into the database named 'blood_share_system' and the table name 'acceptors'.
my html file:
<form action="needblood.inc.php"method="post">
<fieldset>
<legend>Personal Information</legend>
<label>FirstName</label><br>
<input type="text"name="first"required><br>
<label>LastName</label><br>
<input type="text"name="last"required><br>
<label>PatientFirstName</label><br>
<input type="text"name="pfirst" required><br>
<lable>PatientLastName</label><br>
<input type="text"name="plast"<br>
</legend>
</fieldset>
<fieldset>
<legend>Contact Information</legend>
<lable>Phone Number</label><br>
<input type="tel"placeholder="10-digit PhoneNumber"name="phno" required><br>
<lable>Email Address</label><br>
<input type="email" placeholder="Valid email address"name="email"><br>
</fieldset>
<fieldset>
<legend>Blood Group Information</legend>
<label>Blood Group</label><br>
<select name="bgroup">
<option value="1">O-positive</option>
<option value="2">O-negative</option>
<option value="3">A-positive</option>
<option value="4">A-negative</option>
<option value="5">B-positive</option>
<option value="6">B-negative</option>
<option value="7">AB-positive</option>
<option value="8">AB-negative</option>
</select><br>
<label>Quantity required(1Unit:350ml):</label><br>
<button class="nbtn"id="snbtn"onclick="nbuttonClick()">-</button>
<input type="number" readonly="true" id="inc" value="0"name="quantity"required>
<button class="pbtn"id="sbtn"onclick="buttonClick()">+</button>Unit</h4><br>
<input type="number" id="result">ml
</fieldset>
<fieldset>
<legend>Location Details</legend>
<label>Locality</lable><br>
<input type="text"name="loc"required><br>
<label>Pincode</label><br>
<input type="number"name="pincode"required>
</fieldset>
<input type="submit" name="submit"value="Submit">
</form>
my php file:
<?php
//first if
if(isset($_POST['submit'])){
$dbserverName = "localhost";
$dbuserName = "root";
$dbpassword = "";
$dbname = "blood_share_system";
$conn = mysqli_connect( $dbserverName , $dbuserName , $dbpassword , $dbname);
//2nd if
if(!$conn){
echo "connection was not established with server";
}//2nd if close
//3rd if
if(!mysqli_select_db($conn,'blood_share_system')){
echo "not connected to the database";
}//3rd if close
$first=mysqli_real_escape_string($conn,$_POST['first']);
$last=mysqli_real_escape_string($conn,$_POST['last']);
$pfirst=mysqli_real_escape_string($conn,$_POST['pfirst']);
$plast=mysqli_real_escape_string($conn,$_POST['plast']);
$phno=mysqli_real_escape_string($conn,$_POST['phno']);
$email=mysqli_real_escape_string($conn,$_POST['email']);
$bgroup=mysqli_real_escape_string($conn,$_POST['bgroup']);
$quantity=mysqli_real_escape_string($conn,$_POST['quantity']);
$locality=mysqli_real_escape_string($conn,$_POST['loc']);
$pincode=mysqli_real_escape_string($conn,$_POST['pincode']);
if (!preg_match("/^[a-zA-Z]*$/" , $first) || !preg_match("/^[a-zA-Z]*$/" , $last)||!preg_match("/^[a-zA-Z]*$/" , $pfirst)||!preg_match("/^[a-zA-Z]*$/" , $plast) ){
trigger_error('Enter valid names!',E_USER_ERROR);
} else {
if(!preg_match("/^[0-9]{10}$/", $phno)){
trigger_error('Enter 10 digit phone number!');
} else{
if (!filter_var( $email , FILTER_VALIDATE_EMAIL )){
trigger_error('Enter valid email address!',E_USER_ERROR);
} else{
if(!preg_match("/^[0-9]{6}$/", $pincode)){
trigger_error('Enter valid pincode!',E_USER_ERROR);
} else {
$sql="INSERT INTO acceptors('$first','$last','$pfirst','$plast','$phno','$email','$bgroup','$quantity','$locality','$pincode');";
if(!mysqli_query($conn, $sql)){
echo "Not inserted";
} else {
echo"Inserted";
}
}
}
}
}
}
One of the possible cause is use of insert into statement instead of insert into... values statement.
If you are using insert into statement, then you need to provide all the column values in the correct order of the columns.
Trying to insert data into my table but I keep getting an undefined index because there are "no value set when I submit my form". The if (isset($_POST['submit'])) removes my error even when I run the .php alone but no data is inserted when I submit my form. Any help is appreciated. Thank you
My form.html
<form name="supportForm" class="form" action="database.php" method="POST" onsubmit="return validateForm()">
<label>Name:</label>
<input type="text" name="name"/>
<br/>
<label>Client ID:</label>
<input type="text" name="clientID"/>
<br/>
<label>E-mail address:</label>
<input type="email" name="email"/>
<br/>
<label>Phone number:</label>
<input type="tel" name="tel"/>
<br/>
<br/>
Support Type:<br>
<input type="radio" name="suppType" value="Question/Inquiry">Question/Inquiry<br>
<input type="radio" name="suppType" value="Software">Software Issue<br>
<input type="radio" name="suppType" value="Hardware">Hardware Issue<br>
<input type="radio" name="suppType" value="Connectivity">Connectivity<br>
</br>
Operating System:
<select id="select">
<option disabled selected value="">Choose a product</option>
<option value="w7" name="OS">Windows 7</option>
<option value="w8" name="OS">Windows 8/8.1</option>
<option value="w10" name="OS">Windows 10</option>
</select>
<br> </br>
Problem Description:
<br><textarea id="ta" rows="10" cols="80" name="pDesc"></textarea></br>
<input type="checkbox" name="terms" value="agree">
I agree to the terms and conditions.
<br> </br>
<input type="hidden" name="submitted" value="true">
<input type="submit" name="submit" onClick="validateSubmit()">
</form>
My PHP file
<?php
//Creates static credentials
define('DB_NAME', 'data');
define('DB_USER', 'root');
define('DB_PASSWORD', '');
define('DB_HOST', 'localhost');
//Creates connection to the database
$con = new mysqli(DB_HOST, DB_USER, DB_PASSWORD);
//Checks for connection
if ($con->connect_error) {
die("Connection failed: " . $con->connect_error);
}
//If there are no connection, error
if (!$con) {
die ('Could not connect' . mysqli_error());
}
//Select the 'data' database
$con->select_db(DB_NAME);
//Checks if database 'data' has been selected
if (mysqli_select_db($con, DB_NAME)) {
echo "Database exists <br>";
} else {
echo "Database does not exist";
}
//Successful connection message
echo "Connected successfully <br>";
if (isset($_POST['submit'])) {
//Retrieving values from support form
$name = $_POST['name'];
$clientID = $_POST['clientID'];
$email = $_POST['email'];
$tel = $_POST['tel'];
$suppType = $_POST['suppType'];
$OS = $_POST['OS'];
$pDesc = $_POST['pDesc'];
//Inserting values into a table
$sql = "INSERT INTO info (fullname, clientID, email, tel,
suppType, OS, pDesc)
VALUES ($name, $clientID, $email, $tel,
$suppType, $OS, $pDesc)";
if (!mysqli_query($con, $sql)) {
echo "No data";
} else {
echo "Data recorded successfully";
}
}
//Closes connection
mysqli_close($con);
You must write name="OS" in <select> not in <option>
<select id="select" name="OS">
<option disabled selected value="">Choose a product</option>
<option value="w7">Windows 7</option>
<option value="w8">Windows 8/8.1</option>
<option value="w10">Windows 10</option>
</select>
And Sql must be like this you need apostrophes ('') around variables
$sql = "INSERT INTO `info` (fullname, clientID, email, tel, suppType, OS, pDesc)
VALUES ('$name', '$clientID', '$email', '$tel', '$suppType', '$OS', '$pDesc')";
You not showing us the validateForm() function, therefore we won't really know whats happening there, nonetheless I have edited your form and did a validation using php,
what you need to do first is to check if all values are set before jumping to insert into db, and make sure email is a proper email, also the select option the name attribute needs to be on the select tag not on the option tag, the option must only have values.
Then Validate,Filter and sanitize user input before storing to the
database. Treat every userinput on your form as if its from a very dangerous hacker.
There's something called prepared statements, in mysqli and PDO you should try to learn that and use it :) you will enjoy it, I will leave it to you to research as to why you need to use prepared statements.
This is how your code should look
<form name="supportForm" class="form" action="database.php" method="POST">
<label>Name:</label>
<input type="text" name="name"/>
<br/>
<label>Client ID:</label>
<input type="text" name="clientID"/>
<br/>
<label>E-mail address:</label>
<input type="email" name="email"/>
<br/>
<label>Phone number:</label>
<input type="tel" name="tel"/>
<br/>
<br/>
Support Type:<br>
<input type="radio" name="suppType" value="Question/Inquiry">Question/Inquiry<br>
<input type="radio" name="suppType" value="Software">Software Issue<br>
<input type="radio" name="suppType" value="Hardware">Hardware Issue<br>
<input type="radio" name="suppType" value="Connectivity">Connectivity<br>
</br>
Operating System:
<select id="select" name="OS">
<option value="0">Choose a product</option>
<option value="w7">Windows 7</option>
<option value="w8">Windows 8/8.1</option>
<option value="w10">Windows 10</option>
</select>
<br> </br>
Problem Description:
<br>
<textarea id="ta" rows="10" cols="80" name="pDesc"></textarea>
</br>
<input type="checkbox" name="terms" value="agree">
I agree to the terms and conditions.
<br> </br>
<input type="hidden" name="submitted" value="true">
<input type="submit" name="submit">
</form>
Then database.php
<?php
//Creates static credentials
define('DB_NAME', 'data');
define('DB_USER', 'root');
define('DB_PASSWORD', '');
define('DB_HOST', 'localhost');
$errors = ""; //checking for errors
//Creates connection to the database
$con = new mysqli(DB_HOST, DB_USER, DB_PASSWORD);
//Checks for connection
if ($con->connect_error) {
die("Connection failed: " . $con->connect_error);
}
//If there are no connection, error
if (!$con) {
die('Could not connect' . mysqli_error());
}
//Select the 'data' database
$con->select_db(DB_NAME);
//Checks if database 'data' has been selected
if (mysqli_select_db($con, DB_NAME)) {
echo "Database exists <br>";
} else {
echo "Database does not exist";
}
//Successful connection message
echo "Connected successfully <br>";
if (isset($_POST['submit'])) {
//check values are set
if (empty($_POST['name'])) {
echo "enter name";
$errors++;
} else {
$name = userIput($_POST['name']);
}
if (empty($_POST['clientID'])) {
echo "enter id";
$errors++;
} else {
$clientID = userIput($_POST['clientID']);
}
if (empty($_POST['email'])) {
echo "enter email";
$errors++;
} else {
$email = userIput($_POST['email']);
if (!preg_match("/([\w\-]+\#[\w\-]+\.[\w\-]+)/", $email)) { //validate email,
echo "enter valid email";
$errors++;
}
}
if (empty($_POST['tel'])) {
echo "enter tel";
$errors++;
} else {
$tel = userIput($_POST['tel']);
}
if (!isset($_POST['suppType'])) {
echo "select one option";
$errors++;
} else {
$suppType = userIput($_POST['suppType']);
}
if (isset($_REQUEST['OS']) && $_REQUEST['OS'] === "0") {
echo "please select product";
$errors++;
} else {
$OS = userIput($_POST['OS']);
}
if (empty($_POST['pDesc'])) {
echo "enter Description";
$errors++;
} else {
$pDesc = userIput($_POST['pDesc']);
}
if ($errors <= 0) { // No errors
//prepare and insert query
$sql = $con->prepare("INSERT INTO info (fullname, clientID, email, tel,suppType, OS, pDesc) VALUES (?, ?, ?, ?, ?, ?, ?)");
$sql->bind_param("sssssss", $name, $clientID, $email, $tel, $suppType, $OS, $pDesc);
if ($sql->execute()) {
echo "records inserted successfully";
} else {
echo "Could not insert " . mysqli_error();
}
$sql->close();
$con->close();
}
}
function userIput($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
Hope this will help a little, and you will learn a thing or two, and I'm always available for suggessions, just incase I missed something. Thanks
Hi I am trying to create a form for the school I work so that staff can book when they want a projector setting up in the school hall. So far i have textbox fields for date, time, name but I also want a checkbox field so they can select if they want to loan a laptop and have sound.
My problem is I can't find how to put the value from the checkbox into the database. Thanks in advance for any help.
Here is what I have so far...
HTML
<form action="mysql-insert.php" method="post">
<p>Date: <input name="date" type="text" id="datepicker" /></p>
<p>Time : <input name="time" type="text" /></p>
<p>Name : <input name="name" type="text" /></p>
<p>Laptop <input name="chkbox[]" type="checkbox" value="Laptop" /></p>
<p>Sound <input name="chkbox[]" type="checkbox" value="Sound" /></p>
<p><input name="submit" type="submit" value="Save Hall Setup Request" /></p>
</form>
PHP
<?php
$dbserver = 'localhost';
$dbuser = 'root';
$dbpassword = '';
$dbdatabase = 'hall_setup';
$cn = mysql_connect($dbserver , $dbuser, $dbpassword);
if (!mysql_select_db($dbdatabase, $cn)) {
echo "Sorry, could not connect to $dbdatabase";
die();
}
if (!isset($_POST['submit'])) {
header("Location: mysql-insert-form.php");
die();
}
$date = $_POST['date'];
$time = $_POST['time'];
$name = htmlspecialchars(trim($_POST['name']));
$laptop = $_POST['chkbox'];
$name = mysql_real_escape_string($name);
$sql = "INSERT INTO laptoprequest
(date, time, name, laptop)
VALUES
('$date', '$time', '$name', '$laptop')";
if(!mysql_query($sql, $cn)) {
print "Error - data not submitted";
die();
};
header("Location: hall_setup.php");
?>
<?php
<input type="checkbox" name="check_list[]" value="English" required>
<label>English</label>
<input type="checkbox" name="check_list[]" value="Non English" required>
<label>Non English</label>
<input id="button" type="submit" name="submit" value="Submit">
?>
//above question for answer this..>>>
<?php
$checkbox = $_POST['check_list'];
if($_POST["submit"]=="submit"){
for($i=0;$i<sizeof($checkbox);$i++){
$query1="INSERT INTO user(language) VALUES
('".$checkbox[$i]."')";
mysql_query($query1) or die(mysql_error());
}
echo "Record is inserted.."
}
?>