i am trying to get data from user and store into database using php. when i add date & phone number , it store any 1st number of date what you entered & any random number in phone number.
$fname = $_GET['fname'];
$lname = $_GET['lname'];
$mname = $_GET['mname'];
$dob = $_GET['dob'];
$pnumber = $_GET['pnumber'];
$occupation = $_GET['occupation'];
$joindate = $_GET['join date'];
$ffname = $_GET['ffname'];
$flname = $_GET['flname'];
$peraddress = $_GET['peraddress'];
$fpnumber = $_GET['fpnumber'];
$mpnumber = $_GET['mpnumber'];
$roomnumber = $_GET['roomnumber'];
$deposite = $_GET['deposite'];
//$password = $_GET['password'];
//$sha1password = sha1($password);
//create connection
$connection = mysqli_connect('localhost', 'root', 'root', 'Hostel');
//check connection
if ($connection->connect_error) {
die('Connection error (' . $connection->connect_errno . ') ' .$connection->connect_error);
}
echo 'Cool!' .$connection->host_info . "\n";
$sqlin = "INSERT INTO Student (First_Name, Last_Name, Middle_Name, Date_of_Birth, Phone_Number, Occupation, Join_Date, Father_First_Name, Father_Last_Name, Permenent_Address, Father_Phone_Number, Mother_Phone_Number, Room_Number, Deposite)
VALUES ('$fname', '$lname', '$mname', '$dob', '$pnumber', '$occupation', '$joindate', '$ffname', '$flname', '$peraddress', '$fpnumber', '$mpnumber', '$roomnumber', '$deposite')";
if ($connection->query($sqlin) === TRUE) {
echo"Thank you! Your info has been entered into database";
}else{
echo"Error: " . $sqlin . "<br>" . $connection->error;
}
$connection->close();
?>
i already set date type is date in html and for phone number is text.
how i can correct date with any format with calender option and phone number ?
Since you are posting your data from the form using _GET, that might have caused the problem with date when saving in database. Change the form post method to 'POST' and read posted values using $_POST
I think if you mentioned the type of colomn you created as date. It has to be sent only in the format 'YYYY-MM-DD HH:MM:SS' and I don't think it support other format you entered to store and you ca store the telephone number even in text format. you can use strotime() to convert the entered date into that format $dob1 = date('Y-m-d', strtotime($dob)); so that you could store in database without any errors and you should specify the entire date if you declare the variable to be stored as date in database
Related
I am trying to do a project from university and I can't figure out how to insert the date which I pick from calendar function. I have tried a couple of things, but I get 0000-00-00 or the current date: 2014-06-08.
<?php
$con=mysqli_connect("","","","");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$checkin = mysqli_real_escape_string($con, $_POST['checkin']);
$checkout = mysqli_real_escape_string($con, $_POST['checkout']);
$firstname = mysqli_real_escape_string($con, $_POST['firstname']);
$lastname = mysqli_real_escape_string($con, $_POST['lastname']);
$title = mysqli_real_escape_string($con, $_POST['title']);
$roomtype = mysqli_real_escape_string($con, $_POST['roomtype']);
$email = mysqli_real_escape_string($con, $_POST['email']);
$phone = mysqli_real_escape_string($con, $_POST['phone']);
$checkout = date("Y-m-d");
$sql="INSERT INTO reservation (checkin, checkout, firstname, lastname, title, roomtype, email, phone)
VALUES ('$checkin', '$checkout', '$firstname','$lastname', '$title', '$roomtype', '$email', '$phone')";
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
echo "Your booking has been completed";
mysqli_close($con);
header("Location: ");
exit;
?>
$checkout = date("Y-m-d");
The function give you the current date in the format "Y-m-d" That is the first reason why you get the current date and because you save the current date after you did : $checkout = mysqli_real_escape_string($con, $_POST['checkout']); you override the date you get with $_POST['checkout']
You should do this:
$checkout = mysqli_real_escape_string($con, $_POST['checkout']);
$checkout = date_format(date_create($checkout), 'Y-m-d');
The problem is probably with your html form. HTML5 allows for an easy date picker:
<input type="date" name="checkin">
<input type="date" name="checkout">
You dont need value="DD/MM/YY" and onfocus and those other arguments. If a date input is left empty it will return nothing. The input also outputs the date as a unix timestamp I believe
I have an html form with checkboxes and I managed to store the values using an array to my database .
I added a name field to the form, and added a column on mysql table .
The problem is, the newly added name field is not storing any values and is malfunctioning the previous code. I'm pretty sure my definition for the $fname value is incorrect, here is the full php code
$dbcon = mysqli_connect("$host","$username","$password","$db_name") ;
if (!$dbcon) {
die('error connecting to database'); }
echo 'Courses successfully registerd , ' ;
// escape variables for security
$studentid = mysqli_real_escape_string($dbcon, $_GET['studentid']);
$fname = $_POST["name"];
// Get Cources
$name = $_GET['ckb'];
if(isset($_GET['ckb']))
{
foreach ($name as $courcess){
$cc=$cc. $courcess.',';
}
}
//$ckb = join (', ', var_dump($_POST['ckb']));
$sql="INSERT INTO courses (studentid, ckb)
VALUES ('$studentid', '$cc', $fname)";
if (!mysqli_query($dbcon,$sql)) {
die('Error: ' . mysqli_error($dbcon));
}
echo " Thank you for using IME Virtual Registeration ";
mysqli_close($dbcon);
?>
$sql="INSERT INTO courses (studentid, ckb)
VALUES ('$studentid', '$cc', $fname)";
is your problem. You are attempting to insert three values into two fields. You need to add your new field after ckb so that the argument $fname can be inserted into it.
Im trying to make a simple ordersystem where the user inputs basic contact information, to this I want to add a fixed value that will allways be sent to the database in this case the price for the product. Also I want the date when the order is placed to also be sent to the database. I have solved the the user input part with a simple input form but have no idea how to get a fixed value for price or pris in this case and the date when the form i submitted to always be sent to the database along with the users contact information.
The code I have right now looks like this:
<?php /*Detta är kod för Order*/ include('input.php');?>
<?php if(!empty($_POST)){
//Contact
$mail = $_POST['mail'];
$first_name = $_POST['fname'];
$last_name = $_POST['lname'];
$adress = $_POST['adress'];
$phone = $_POST['phone'];
//Zip code
$zip = $_POST['zip'];
$city = $_POST['city'];
//Orders
$type = $_POST['type'];
$price = $_POST['price'];
$many = $_POST['many'];
$date = $_POST['date'];
$img = $_POST['img'];
$paymentstatus = $_POST['paymentstatus'];
$sqlContact = "INSERT INTO Contact (Mail, FName, LName, Adress, Phone) Values('$mail', '$first_name', '$last_name', '$adress', '$phone');";
$sqlZipCode = "INSERT INTO ZipCode (Zip, City) Values('$zip', '$city')";
$sqlOrders = "INSERT INTO Orders (Type, Price, Many, Date, IMG, Paymentstatus) Values('$typ','$pris','$antal','$datum','$img', '$betaldstatus')";
$resultKontakt = mysql_query($sqlKontakt) or die(mysql_error() . mysql_errno());
$resultPostNr = mysql_query($sqlPostNr) or die(mysql_error() . mysql_errno());
$resultOrders = mysql_query($sqlOrders) or die(mysql_error() . mysql_errno());
}
https://www.dropbox.com/s/x8c53o2865hln58/Input.php
https://www.dropbox.com/s/5yyq33uux0tqd2h/Order.php
How have worked around so that I get a fixed value "49" for the price and also so that the user can input the current date but I don't want this to be visible for the user and also not in the HTML-form as the information for the price is stated on the site and the date is to se when the order is submitted but it has to be as an attribute because I also need to show the data "submitted orders" on an Adminpage.
First of all: Never show your DB-password in a forum!
To your date-question: Use the DB-date now() of mysql so you get a reliable date:
$sqlOrders = "INSERT INTO Orders (Typ, Pris, Antal, Datum, IMG, BetaldStatus) Values('$typ','$pris','$antal',now(),'$img', '$betaldstatus')";
To your Price: (still not clear to me what you exactly want.
$pris = 49;
You have disabled the text field 'pris' but still somebody may edit the '$pirs' variable using a proxy tool and change the price, so i suggest according to the product the user has selected get the price and insert into the table, do not receive the price using the form (using post variable).
header ('Refreash: 1;url=registrationform.php');
include 'dbconnect.php';
$id = $_POST['id'];
$firstName = $_POST['firstName'];
$lastName = $_POST['lastName'];
$email = $_POST['email'];
$password = $_POST['password'];
$DOB = $_POST['dob'];
$gender = $_POST['gender'];
$telephone = $_POST['telephone'];
$memberTypeID = $_POST['memberTypeID'];
$Active = $_POST['Active'];
$sql = "UPDATE user SET firstName = '$firstName', lastName = '$lastName', email = '$email', password = '$password', DOB = '$DOB', gender = '$gender', telephone = '$telephone', memberTypeID = '$memberTypeID', Active = '$Active' WHERE userID = $id";
$result=mysql_query($sql)or die ("COULD NOT UPDATE USER!!");
This is the code i am using to enter the DOB back into the database, when entered it returns 0000-00-00.
Try what is inside $_POST['dob']..Also if the input value is not a valid date value then don't try to insert it. So if its not a valid value then make the dob as null and also make your table structure compatible to allow NULL values.If your $_POST['dob'] doesn't contains a valid date value in YYYY-MM-DD format then that value will be inserted as 0000-00-00 in the database.
So try something like the following
$DOB = NULL;
if(isset($_POST['dob']) && trim($_POST['dob']) != '')
//make necessary validateions and assign the value
$DOB = $newValue;//Assume $newValue contains new date value in YYYY-MM-DD format
Also don't use mysql_ functions anymore since they are deprecated. Try using mysqli_ functions and prepare statements because your code is vulnerable to sql injections
I'm very new to PHP and am having some trouble. I have a form using HTML which is action=.php method=post
The form is using text boxes and select options, I'm not sure if it makes a difference in sqldatabase. I've tried about 30 different combinations of this script and can only get a connect successfully message but nothing is posted.
<?php
$link = mysql_connect('everybodyslistcom.ipagemysql.com', 'accounts', 'accounts');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';
mysql_select_db("user");
$FName = $_POST["FName"];
$LName = $_POST["Lname"];
$Phone = $_POST["Phone"];
$EmailAddress = $_POST["EmailAddress"];
$Month = $_POST["Month"];
$Day = $_POST["Day"];
$Year = $_POST["Year"];
$Username = $_POST["Username"];
$Password = $_POST["Password"];
$sql = 'INSERT INTO Members (ID, FName, LName, Phone, EmailAddress, Month, Day, Year, Username, Password) VALUES'
. '(\'\', \'$FName\', \'$LName\', \'$Phone\', \'$EmailAddress\', \'$Month\', \'$Day\', \'$Year\', \'$Username\', \'$Password\')';
mysql_close();
php?>
try to execute your query
mysql_query($sql);
EDIT: I see you are doing this:
$sql = 'SELECT bla bal $variable';
PHP will not parse the variable. The right way:
$sql = "SELECT bla bla $variable"; // valid
$sql = "SELECT bla bla {$variable}"; // also valid
$sql = 'SELECT bla bla '.$variable; // also valid
your closing php tag is not correct, it should be
?>
rather than
php?>
Also u r not executing your query using:
mysql_query('your query here');
this might cause the problem.
Your variables are not interpreted by PHP. If you want variable to be parsed in string, it should be wrapped in double-quote (")
It may fail if any of your posted data contains some quote character, so you must apply mysql_real_escape_string to all of them.
I hope that database connection credentials are not real you posted here? :D
You said that your form contains "action=.php" literally, you have to turn it into :
<form name="form_name" method="post" action="your_script.php">
You need to execute the query too:
mysql_query($sql, $link);
you should also check whether POST was really sent:
if (!empty($_POST)) {
// ... your code here
}
next thing: you don't need closing tag ?> if your *.php file consist only PHP code - end of file is also correct end of PHP block of code - it's "good-to-have" habit, because in some cases it helps you to avoid error: "Cannot add/modify header information - headers already sent by..."
next problem - wrong way of inserting variables into string:
$sql = 'INSERT INTO Members (ID, FName, LName, Phone, EmailAddress, Month, Day, Year, Username, Password) VALUES'
. '(\'\', \'$FName\', \'$LName\', \'$Phone\', \'$EmailAddress\', \'$Month\', \'$Day\', \'$Year\', \'$Username\', \'$Password\')';
correct way:
$sql = "INSERT INTO Members (ID, FName, LName, Phone, EmailAddress, Month, Day, Year, Username, Password) VALUES (null, '$FName', '$LName', '$Phone', '$EmailAddress', '$Month', '$Day', '$Year', '$Username', '$Password')";
more info here
next - as Deniss said, instead of:
$FName = $_POST["FName"];
should be:
$FName = mysql_real_escape_string($_POST["FName"]);
actually you should fist check weather magic quotes gpc are on or off:
if (get_magic_quotes_gpc()) {
if (!empty($_POST)) {
array_walk_recursive($_POST, 'stripslashes_value');
}
}
function stripslashes_value(&$value) {
$value = stripslashes($value);
}
without this you could have problem with double \\ inserted into db (it depends on your server configuration)
and last but not least: as Robert said you miss one more important thing:
mysql_query($sql);
I think your error because your have not call mysql_query function
can try my code edit
<?php
$link = mysql_connect('everybodyslistcom.ipagemysql.com', 'accounts', 'accounts');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';
mysql_select_db("user",$link);
$FName = $_POST["FName"];
$LName = $_POST["Lname"];
$Phone = $_POST["Phone"];
$EmailAddress = $_POST["EmailAddress"];
$Month = $_POST["Month"];
$Day = $_POST["Day"];
$Year = $_POST["Year"];
$Username = $_POST["Username"];
$Password = $_POST["Password"];
$sql = "INSERT INTO Members SET FName='{$FName}', LName='{$LName}', Phone='{$Phone}', EmailAddress='{$EmailAddress}', Month='{$Month}', Day='{$Day}', Year='{$Year}', Username='{$Username}', Password='{$Password}'";
// Call Function mysql_query insert new record in mysql table
mysql_query($sql,$link);
mysql_close($link);
?>
Comment for me if your have problem :) or notes of apache services
good day