Combine separate HTML and PHP MYSQL form into one file - php

The reasons behind my needing this are complicated but I have a currently working HTML form that inserts a row into my MYSQL database. However... I need to combine the two separate processes into one HTML file but after many attempts at arranging the code cannot come to a working solution. Hopefully someone can point me in the right direction.
Here is the HTML file:
<form method="post" action="process.php">
<input type="text" name="id" placeholder="Enter ID" /><br />
<input type="hidden" name="user_text" id="hiddenField" value="x" /><br />
<input type="submit" value="Submit" />
</form>
Here is the related process.php file:
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//mysql credentials
$mysql_host = "localhost";
$mysql_username = "*";
$mysql_password = "*";
$mysql_database = "*";
$u_name = $_POST["id"];
$u_text = $_POST["user_text"];
if (empty($u_name)){
die("Please enter your id");
}
//Open a new connection to the MySQL server
$mysqli = new mysqli($mysql_host, $mysql_username, $mysql_password, $mysql_database);
//Output any connection error
if ($mysqli->connect_error) {
die('Error : ('. $mysqli->connect_errno .') '. $mysqli->connect_error);
}
$statement = $mysqli->prepare("INSERT INTO users_data (contractor_id, status) VALUES(?, ?)"); //prepare sql insert query
$statement->bind_param('ss', $u_name, $u_text); //bind values and execute insert query
}
?>
I know this isn't the right way to do things but it isn't for a public site, more a personal logging project. Thank you in advanced!


You can simply have a file like this:
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
process();
}
else {
show_form();
}
function show_form () {
?>
<form method="post">
<input type="text" name="id" placeholder="Enter ID" /><br />
<input type="hidden" name="user_text" id="hiddenField" value="x" /><br />
<input type="submit" value="Submit" />
</form>
<?php
}
function process () {
//mysql credentials
$mysql_host = "localhost";
$mysql_username = "*";
$mysql_password = "*";
$mysql_database = "*";
$u_name = $_POST["id"];
$u_text = $_POST["user_text"];
if (empty($u_name)){
die("Please enter your id");
}
//Open a new connection to the MySQL server
$mysqli = new mysqli($mysql_host, $mysql_username, $mysql_password, $mysql_database);
//Output any connection error
if ($mysqli->connect_error) {
die('Error : ('. $mysqli->connect_errno .') '. $mysqli->connect_error);
}
$statement = $mysqli->prepare("INSERT INTO users_data (contractor_id, status) VALUES(?, ?)"); //prepare sql insert query
$statement->bind_param('ss', $u_name, $u_text); //bind values and execute insert query
}
If you do not set theaction for form, by default, it submits to itself

Related

"php not inserting in to mysql server in xampp"

"I have read a lot of problem been solved in stackoverflow similar to my problem, and have seen a lot of example, yet still my code is not inserting in to mysql. however if i hard feed the php it would insert. my info is coming as submit from html post.I have good server connection and also connection to the database, can any one help me if i miss any thing. here is my code below."
<?php
$servername = "localhost";
$username = "root";
$password = "";
$db="image";
// Create connection
$connection = mysqli_connect($servername, $username, $password, $db); // Establishing Connection with Server
if (!$connection) {
die("Connection failed: " . mysqli_connect_error());
}
else{
echo "Connected successfully";
}
if(isset($_POST['submit'])){ // Fetching variables of the form which travels in URL
$name = $_POST['name'];
$image = $_POST['image'];
echo $name;
echo $image;
if($name !=''||$image !=''){
//Insert Query of SQL
$query = mysqli_query("INSERT INTO image (id, name, imagename) VALUES ('NULL', '$name', '$image')");
echo "Data Inserted successfully...!!";
}
else{
echo "Insertion Failed <br/> Some Fields are Blank....!!";
}
}
mysqli_close($connection); // Closing Connection with Server
?>
<form action = "test2.php" method="POST" enctype="multipart/form-data">
<label>name: </label><input type="text" name="name" />
<label>File: </label><input type="text" name="image" />
<input type="submit" />
</form>
</body>
</html>
" i expect output of 5/2 to be 2.5"

Write the name for submit button
<input type="submit" name="submit" />
then in php file
if(isset($_POST['submit'])){ // Fetching variables of the form which travels in URL
}
this if statement will run

you not given name attribute to button so give name="submit" and if you want to upload file then change type="file"
<?php
$servername = "localhost";
$username = "root";
$password = "";
$db="image";
// Create connection
$connection = mysqli_connect($servername, $username, $password, $db); // Establishing Connection with Server
if (!$connection) {
die("Connection failed: " . mysqli_connect_error());
}
else{
echo "Connected successfully";
}
if(isset($_POST['submit'])){ // Fetching variables of the form which travels in URL
$name = $_POST['name'];
$image = $_POST['image'];
echo $name;
echo $image;
if($name !=''||$image !=''){
//Insert Query of SQL
$query = mysqli_query("INSERT INTO image (id, name, imagename) VALUES ('NULL', '$name', '$image')");
echo "Data Inserted successfully...!!";
}
else{
echo "Insertion Failed <br/> Some Fields are Blank....!!";
}
}
mysqli_close($connection); // Closing Connection with Server
?>
<form action = "test2.php" method="POST" enctype="multipart/form-data">
<label>name: </label><input type="text" name="name" />
<label>File: </label><input type="file" name="image" />
<input type="submit" name="submit" />
</form>
</body>
</html>

You're checking isset($_POST['submit']) but there is no input field which is posted with submit name.. you need to add the name attribute in the submit button. also you're not passing the $connection in the mysqli_query.
$servername = "localhost";
$username = "root";
$password = "";
$db="image";
// Create connection
$connection = mysqli_connect($servername, $username, $password, $db); // Establishing Connection with Server
if (!$connection) {
die("Connection failed: " . mysqli_connect_error());
}
else{
echo "Connected successfully";
}
if(isset($_POST['submit'])){ // Fetching variables of the form which travels in URL
$name = $_POST['name'];
$image = $_POST['image'];
echo $name;
echo $image;
if($name !=''||$image !=''){
//Insert Query of SQL
$query = mysqli_query($connection, "INSERT INTO image (id, name, imagename) VALUES ('NULL', '$name', '$image')");
if($query !== false){
echo "Data Inserted successfully...!!";
}
else{
echo "Query failed";
}
}
else{
echo "Insertion Failed <br/> Some Fields are Blank....!!";
}
}
mysqli_close($connection); // Closing Connection with Server
?>
<form action = "test2.php" method="POST" enctype="multipart/form-data">
<label>name: </label><input type="text" name="name" />
<label>File: </label><input type="text" name="image" />
<input type="submit" name = "submit" />
</form>
</body>
</html>
One more suggestion always use PDO in code to prevent SQL injection. Your code is vulnerable to sql injection.

MYSQL insert into database using php and html form

I'm trying to insert into an MYSQL database using php and an html form. When I press submit it says an item inserted successfully but when I log into phpmyadmin the table is empty?
My html form code is creon.html.
<form name="bmr_calc" action="https://cs1.ucc.ie/~lmm12/Project/creon.php" method="POST" id="BMRform">
<h1 id="info">Creon Calculator</h1>
<table>
<tr>
<td colspan="2" align="center">I take one: <br>
<input type="radio" name="creon1" value="10" required> Creon 10,000
<input type="radio" name="creon1" value="25" required> Creon 25,000
<br>per <input type="text" name="creon3" required>g of fat
</td>
</tr>
<br>
<tr>
<td>There are:</td>
<td><input type="text" name="creon4" required>g of fat in the item I'm about to eat</td>
</tr>
</table>
<td><input type="submit" value="Submit" style="float:center">
<br>
<img src="img/regpic.jpg" alt="reg" id="reg">
<br>
</td>
</form>
My php code is creon.php and it's saved on my college server;
<?php
$creon1 = $_POST['creon1'];
$creon3 = $_POST['creon3'];
$creon4 = $_POST['creon4'];
if (!empty($creon1) || !empty($creon3) || !empty($creon4)) {
$host = "cs1.ucc.ie";
$dbUsername = "lmm12";
$dbPassword = "----";
$dbname = "mscim2018_lmm12";
//create connection
$conn = new mysqli($host, $dbUsername, $dbPassword, $dbname);
if (mysqli_connect_error()) {
die('Connect Error('. mysqli_connect_errno().')'. mysqli_connect_error());
} else {
$INSERT = "INSERT Into creon (creon1, creon3, creon4) values(?, ?, ?)";
//Prepare statement
$stmt = $conn->prepare($INSERT);
$stmt->bind_param("sss", $creon1, $creon3, $creon4);
$stmt->execute();
echo "New record inserted sucessfully";
$stmt->close();
$conn->close();
}
} else {
echo "All field are required";
die();
}

This seems to be either a type issue in MySQL or a Type issue in your PHP code
To be sure, upload your data types from the table creon aka are the fields varchars, text etc.
Notice the if/else statement around bind_param you need to do that too just in case something isn't quite right, also capitalize INTO in your statement.
I ran the following:
<?php
$creon1 = $_POST['creon1'];
$creon3 = $_POST['creon3'];
$creon4 = $_POST['creon4'];
if (!empty($creon1) || !empty($creon3) || !empty($creon4)) {
$host = "localhost";
$dbUsername = "root";
$dbPassword = "";
$dbname = "quick";
//create connection
$conn = new mysqli($host, $dbUsername, $dbPassword, $dbname);
if (mysqli_connect_error()) {
die('Connect Error('. mysqli_connect_errno().')'. mysqli_connect_error());
} else {
$test = "INSERT INTO testing (creon1, creon3, creon4) values(?, ?, ?)";
//Prepare statement
$stmt = $conn->prepare($test);
if ($stmt != false)
$stmt->bind_param("sss", $creon1, $creon3, $creon4);
else
print("Returns false");
$stmt->execute();
echo "New record inserted sucessfully";
$stmt->close();
$conn->close();
}
} else {
echo "All field are required";
die();
}
?>
It gave me this result after submitting the form:
In my database it inserted the row:

Why this code inserts blank?

I´m trying to create a form connected to a database but when I fill out the form and I refer to the table in phpMyAdmin I see that it have entered a blank record instead of form data. I´m using PhpStorm.
I think all this code is correct...
That is the form of the .html:
<form id="form1" name="form1" method="post" action="index.php">
<label for="userSignUp">Email</label>
<input type="text" name="userSign" id="userSignUp" />
<label for="passwordSignUp">Password</label>
<input type="password" name="passwordSign" id="passwordSignUp" />
<input type="submit" name="Submit" id="Submit" value="Submit" />
</form>
I have the following .php:
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$db_selected = mysqli_select_db($conn, $dbname);
$userSignUp = ""; // If I substitute "" with characters at this time the table is well updated
$passwordSignUp = ""; // Same as before
if(isset($_POST['userSign'])){
$userSignUp = $_POST['userSign'];
}
if (isset($_POST['passwordSign'])) {
$passwordSignUp = $_POST['passwordSign'];
}
$sql = "INSERT INTO test.person (FirstName, Password) VALUES ('$userSignUp', '$passwordSignUp')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();

Adding user to MySQL database in php using phpMyAdmin

I think I am successfully connecting to my database by:
<?php
$user = 'root';
$pass = '9KSroMDjEqNmEYY4';
$db = 'chatservice';
$host = '127.0.0.1';
$conn = new mysqli($host, $user, $pass, $db, 3306) or die("Unable to connect");
if ($conn->connect_error){
die("Connection failed: " . $conn->connect_error);
}
?>
My question is how I would use the registration code to successfully add a user to the database. When entering the form I press register I do not get any error messages stating that the registration didn't succeed. It seems that the php code is not being reached after the initial connection. I am new to php and mySQL so any tips on formatting would be nice too!
<?php
require('connect.php');
if(isset($_POST['user']) && isset($_POST['password'])){
$user = $_POST['user'];
$id = $_POST['IDNUM'];
$password = $_POST['password'];
$query = "INSERT INTO 'users' (user ,IDNUM ,password) VALUES('$user', '$id', '$password')";
$result = mysqli_query($query);
if($result){
$msg = "Registered Sussecfully";
echo $msg;
}
else
$msg = "Error Registering";
echo $msg;
}
?>
<div class="register-form">
<title>Chat Page Start</title>
<form action="" methods="POST">
<p>
<label>Username: </label>
<input id="user" type="text" name="user" placeholder="user" />
</p>
<p>
<label>ID: </label>
<input id="IDNUM" type="text" name="IDNUM" placeholder="ID number" />
</p>
<p>
<label>Password: </label>
<input id="password" type="password" name="password" placeholder="password" />
</p>
<a class="btn" href="login.php">Login</a>
<input class="btn register" type="submit" value="Register" />
</form>
</div>
Another thing is how would I check the status of my database connection and where I should be checking this status?

your database connection is mysqli_connect and you execute the query in mysql_query is not proper.
<?php
require('connect.php');
if(isset($_POST['user']) && isset($_POST['password'])){
$user = $_POST['user'];
$id = $_POST['IDNUM'];
$password = $_POST['password'];
$query = "INSERT INTO 'users' (user ,IDNUM ,password) VALUES('$user', ' $id ', '$password')";
$result = mysqli_query($query,$conn);
if($result){
$msg = "Registered Sussecfully";
}
else
$msg = "Error Registering";
}
?>

You are connecting database using mysqli:
$conn = new mysqli('localhost', $user, $pass, $db, 3306) or die("Unable to connect");
And executing query using mysql:
$query = "INSERT INTO 'users' (user ,IDNUM ,password) VALUES('$user', '$IDNUM', '$password')";
$result = mysql_query($query);

Trying to add items to a database using php

I am trying to a items to my database (sql) using php and a form, however the data is not being added and nothing seems to happening i just stay on the create.php page.
php code
<?php
$servername = "localhost";
$username = "root";
$password = "root";
$dbname = "PolyTest";
// Create connection
$conn = mysql_connect($servername, $username, $password);
mysql_select_db($dbname)
$doorName = $_POST['doorName'];
$doorDes = $_POST['doorDes'];
$doorPrice = $_POST('doorPrice');
$doorColour = $_POST('doorColour');
$doorImage = $_POST['doorImage'];
if(!$_POST['submit']){
echo "please fill in the boxs";
header('Location: dooradd.php');
} else {
mysql_query("INSERT INTO Doors ('ID', 'name', 'description', 'price', 'colour', 'image') VALUES(NULL, '$doorName', '$doorDes', '$doorPrice', '$doorColour', '$doorImage')") or die(mysql_error());
echo "Door been added!";
header('Location: doorlist.php');
}
?>
HTML FORM
<form class="add" action="doorCreate.php" method="post">
<input type="text" name="doorName" value="doorName">
<input type="text" name="doorDes" value="doorDes">
<input type="text" name="doorPrice" value="doorPrice">
<input type="text" name="doorColour" value="doorColour">
<input type="text" name="doorImage" value="doorImage">
<input type="submit" name="submit">
</form>

change mysql_select_db($dbname) with mysql_select_db($dbname);
and change;
$doorPrice = $_POST('doorPrice');
$doorColour = $_POST('doorColour');
with
$doorPrice = $_POST['doorPrice'];
$doorColour = $_POST['doorColour'];

Categories