Actually i'm trying to create a table by name that user suggests and insert data into that table, also by user's suggestion.
I've two php files: CreateTable.php and EnterData.php
Here is my code of CreateTable.php:
<?php
$conn = new mysqli("localhost","root","","mywebsite");
if (isset($_POST['tbButton'])) {
$qry = "Create Table ".$_POST['tableName']."(firstname varchar(25),lastname varchar(25));";
$res = mysqli_query($conn,$qry);
if ($res) {
echo "Table Created!";
}
else{
die("query failed!");
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Create Table</title>
</head>
<body>
<form action="EnterData.php" method="post">
<p><input type="text" name="tableName" placeholder="Enter Table Name..."></p>
<p><input type="submit" name="tbButton"></p>
</form>
</body>
</html>
Here is my code of EnterData.php:
<?php
$tbname = $_POST['tableName'];
$conn = new mysqli("localhost","root","","mywebsite");
if (isset($_POST['dataButton'])) {
$qry = "Insert into ".$tbname."(firstname,lastname) values('".$_POST['firstname']."','".$_POST['lastname']."');";
$res = mysqli_query($conn,$qry);
if ($res) {
echo "Data Inserted!";
}
else{
die("query failed!");
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Create Table</title>
</head>
<body>
<form action="" method="post">
<p><input type="text" name="firstname" placeholder="Enter First Name..."></p>
<p><input type="text" name="lastname" placeholder="Enter Last Name..."></p>
<p><input type="submit" name="dataButton"></p>
</form>
</body>
</html>
Problem is that when I write action="EnterData.php" Table doesn't create in database but form values passes to 'EnterData' file.
and when I write action="CreateTable.php" table is created in database but values doesn't pass to 'EnterData' file.
I want to pass values to EnterData file and database too.
this my first attempt on stackoverflow, hope i explained my question very nicely
You can pass your tablename through get method
CreateTable.php
<?php
$conn = new mysqli("localhost","root","","mywebsite");
$tableName = $_POST['tableName'];
if (isset($_POST['tbButton'])) {
$qry = "Create Table ".$tableName ."(firstname varchar(25),lastname varchar(25));";
$res = mysqli_query($conn,$qry);
if ($res) {
header("Location: EnterData.php?tableName=".$tableName);
}
else{
die("query failed!");
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Create Table</title>
</head>
<body>
<form action="CreateTable.php" method="post">
<p><input type="text" name="tableName" placeholder="Enter Table Name..."></p>
<p><input type="submit" name="tbButton"></p>
</form>
</body>
</html>
EnterData.php
<?php
$tbname = $_GET['tableName'];
$conn = new mysqli("localhost","root","","mywebsite");
if (isset($_POST['dataButton'])) {
$qry = "Insert into ".$tbname."(firstname,lastname) values('".$_POST['firstname']."','".$_POST['lastname']."');";
$res = mysqli_query($conn,$qry);
if ($res) {
echo "Data Inserted!";
}
else{
die("query failed!");
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Create Table</title>
</head>
<body>
<form action="EnterData.php?tableName=<?php echo $tbname;?>" method="post">
<p><input type="text" name="firstname" placeholder="Enter First Name..."></p>
<p><input type="text" name="lastname" placeholder="Enter Last Name..."></p>
<p><input type="submit" name="dataButton"></p>
</form>
</body>
</html>
Why would you let the user create tables in your database in the first place (with root privileges!)?
As for your question... Both php files submit to EnterData.php (that is if EnterData.php's blank action attribute is properly interpreted by the browser), so your CreateTable.php has no idea of what $_POST['tableName'] is.
I don't know what it is you are trying to do, but php files don't magically get to know each other's variables - you actually have to include a file in another one to let them share a set of variables, pass the variables through $_REQUEST or use AJAX to take care of things.
I would personally recommend using uppercase for GET and POST whenever possible.
Related
I'm creacting an admin zone for a blog I'm building. For some reason, the database is inserted with the last information I've submitted each time I refresh the page, instead of whenever I click "submit".
This is the page itself:
<?php
//send uploaded files to mysql
include_once 'conn.php';
include_once 'submit.php';
?>
<!DOCTYPE html>
<html>
<head>
<title>Your admin page</title>
</head>
<body>
<h1>Admin page</h1>
<h2>upload text</h2>
<form action="" method="POST">
<label>Header</label>
<input type="header" name="header" required><br>
<label>Text</label>
<input type="text" name="text" required><br>
<label>Image</label>
<input type="file" name="image">
<input type="submit" value="submit">
</form>
This is the submit.php file:
<?php
include_once 'conn.php';
$header = $_POST['header'];
$text = $_POST['text'];
$file_get = $_FILES['image']['name'];
$temp = $_FILES['image']['tmp_name'];
$file_to_saved = "uploads/".$file_get;
move_uploaded_file($temp, $file_to_saved);
if (isset($_POST['submit'])) {
$insert = ("INSERT INTO posts (postHeader,postText,picture) VALUES ('$header','$text','$file_to_saved')");
if ($link->query($insert) === TRUE) {
echo "record created succesfully";
} else{
echo "something went wrong with the file";
}
}
Im trying to get the taskid variable from the url:
Long story short the database never updated trying to echo $tasked is blank and im not sure why.
I have looked over all of the suggestions and many different websites I do not see what i'm missing
http://domain.com/ubxtask/addnote.php?taskid=163994
<!DOCTYPE html>
<html lang="en">
<head>
<title>Add Note to Task</title>
</head>
<body>
<form action="" method="post">
<p>
<textarea name="notetoadd" rows="4" cols="50"></textarea>
</p>
<input type="submit" value="Submit" name="submit">
</form>
</body>
</html>
<?php
if ( isset( $_POST['submit'] ) ) {
$servername = "localhost";
$username = "dbusr";
$password = "dbpass";
$dbname = "db";
$notetoadd = $_POST['notetoadd'];
if (isset($_GET["taskid"])) {
//$taskid = $_GET['taskid'];
echo $_GET["taskid"];
//echo $taskid;
}
$sql = "INSERT INTO tasknotestbl (tasknum, tasknote)
VALUES ('$taskid', '$notetoadd')";
if ($conn->query($sql) === TRUE) {
header('Location: http://domain.com/task/tasklist.php');
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
}
?>
You should add the task id to your forms action, or it would be lost, if you submit the form
<form action="addnote.php?taskid=<?php echo $_GET['taskid']; ?>" method="post">
You can add hidden field to form with taskid and use post method:
<?php
if (empty($_GET['taskid'])) {
$taskid = '1';
}else{
$taskid = (int)$_GET['taskid'];
}
// your code submit code and
if (isset($_POST["taskid"])) {
echo $_POST["taskid"];
}
echo '<form action="" method="post">
<p><textarea name="notetoadd" rows="4" cols="50"></textarea></p>
<input type="hidden" name="taskid" value="'.$taskid.'" placeholder="taskID">
<input type="submit" value="Submit" name="submit">
</form>';
?>
I have connected my website to my database successfully when i submit the form it goes through but nothing is getting inserted into the database.
Code Below:
<?php
if( $_POST )
{
$con = mysql_connect("server","user","pass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("buycruisesdb", $con);
$users_name = $_POST['name'];
$users_email = $_POST['email'];
$users_name = mysql_real_escape_string($users_name);
$users_email = mysql_real_escape_string($users_email);
$query = "
INSERT INTO `website_subscribers`(`name_sub`, `email_sub`) VALUES ([$users_name],[$users_email])";
mysql_query($query);
echo "<h2>Thank you for subscribing!</h2>";
echo $query;
echo $users_name;
echo $users_email;
mysql_close($con);
}
?>
buycruisesdb = database
website_subscribers = table inside the database
name_sub/email_sub = columns inside the table
the form html is below:
!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<form action="php/subscriber.php" id="form" method="post" name="form">
<input id="name_sub" name="name" placeholder="Name" type="text">
<input id="email_sub" name="email" placeholder="Email" type="text">
<input type="submit" value="Submit" name="f_submit">
</form>
</body>
</html>
Not sure exactly why this is not inputing anyone have an idea?
it says that it is inserting the proper values and into the proper tables
Image
Square brackets are not valid in MySQL queries. You should be using quotes around the strings.
$query = "INSERT INTO `website_subscribers` (`name_sub`, `email_sub`) VALUES ('$users_name', '$users_email')";
change it to:
$query = "
INSERT INTO website_subscribers (name_sub,email_sub) VALUES ('".$users_name."','".$users_email."') ";
just copy the code and try it out
I have written a very simple PHP to search for a record in a field on MySQL database and return all details for that field.
Unfortunately, every time I enter the number to search for anything, nothing comes back, not even any errors.
My Code below:
<?php
mysql_connect("localhost", "root", "") or die("cant connect to db");
mysql_select_db("db name")or die("cant connect.....");
$output='';
//collect
if(isset($_POST['search'])){
$searchq=$_POST['search'];
$query = mysql_query("SELECT * FROM register WHERE licence LIKE '%$searchq%'") or die("cant search....");
$count = mysql_num_rows($query);
if($count==0){
$output='no results';
} else {
while($row=mysql_fetch_array($query)){
$fdriver=$row['driver'];
$flicence=$row['licence'];
$fofficer=$row['officer'];
$fspeed=$row['speed'];
$ffine=$row['fine'];
$fcategory=$row['category'];
$output.='<div> '.$fdriver.' '.$flicence.' '.$fspeed.' '.$ffine.' '.$fcategory.'</div>';
}
}
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Search</title>
</head>
<body>
<h3>Search</h3>
<p>You have to enter your number to search</p>
<form method="post" action="search_start.php" >
<input type="text" name="name">
<input type="submit" name="submit" value="Search">
</form>
<?php print("$output"); ?>
</body>
</html>
first change the name of your textbox to search
<input type="text" name="search">
second your query should be like this
$query = mysql_query("SELECT * FROM register WHERE licence LIKE '%".$searchq."%'");
You're checking $_POST['search'], so the name of your text element field should be changed to search.
<input type="text" name="search">
I am working on PHP CRUD operations and I have created a basic edit form in PHP. I have not used any field validations and all I want is simply editing information.
I am following this tutorial
Once a user is clicked on Edit link he is directed to the following form on which the user is supposed to edit his data.
Here is the code
<?php
include_once './functions.php';
include_once './database.php';
function renderForm($firstName,$lastName,$age){
?>
<!DOCTYPE html>
<html>
<head>
<title>Edit</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width">
</head>
<body>
<form action="edit.php" method="post">
First Name<input type="text" name="firstname" value="<?php $firstName ;?>"><br/>
Last Name<input type="text" name="lastname" value="<?php $lastName ;?>"><br/>
Age<input type="text" name="age" value="<?php $age ;?>"><br/>
<input type="submit" name="submit" value="Edit">
Cancel
</form>
<?php
}
?>
<?php
if (isset($_POST['submit'])) {
$firstName = cleanData($_POST['firstname']);
$lastName = cleanData($_POST['lastname']);
$age = (int) $_POST['age'];
$id = $_GET['id'];
$query = "UPDATE basic ";
$query.="SET first_name='$firstName',last_name='$lastName',age=$age ";
$query.="WHERE id=$id";
confirmQuery($query);
closeDatabase();
}else{
$id=cleanData($_GET['id']);
$query="SELECT * FROM basic WHERE id= {$id} ";
$result=confirmQuery($query);
$rows= mysqli_fetch_assoc($result);
$firstName=$rows['first_name'];
$lastName=$rows['last_name'];
$age=$rows['age'];
renderForm($firstName, $lastName, $age);
}
?>
</body>
</html>
//Additional information
//functions included in other files
function cleanData($input){
global $connection;
return mysqli_real_escape_string($connection,$input);
}
function confirmQuery($query){
global $connection;
$result=mysqli_query($connection, $query);
if(!$result){
return "Query failed : ".mysqli_error($connection);
}
else{
return $result;
}
}
function closeDatabase(){
global $connection;
mysqli_close($connection);
}
//I have not included the file which I am using to
//connect to the DB. I am sure there is no error with that file since it works
//properly with other php files
The problem that I have with my edit form is it does not show previously entered data and just shows only a blank form (similar to create form). (It does not happen when I run the demo in the above mentioned tutorial)
Netbenas IDE says variables which are inside HTML input tags seems to be unused in its scope. I have googled this question and found that warning can be simply ignored.
But Where have I gone wrong?
I am grateful to anyone who can kindly go through my code and show me the error.
Thank You :)
I have change your PHP code to below code use in your edit.php.if u get any issue put comment.
<?php
include_once './functions.php';
include_once './database.php';
if (isset($_POST['submit'])) {
$firstName = cleanData($_POST['firstname']);
$lastName = cleanData($_POST['lastname']);
$age = (int) $_POST['age'];
$id = $_GET['id'];
$query = "UPDATE basic ";
$query.="SET first_name='$firstName',last_name='$lastName',age=$age ";
$query.="WHERE id=$id";
$r=mysql_query($query);
if($r)
{
echo "Record updated";
}
}
$id=$_GET['id'];
$query="SELECT * FROM basic WHERE id='$id' ";
$result=confirmQuery($query);
$rows= mysqli_fetch_assoc($result);
$firstName=$rows['first_name'];
$lastName=$rows['last_name'];
$age=$rows['age'];
?>
<!DOCTYPE html>
<html>
<head>
<title>Edit</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width">
</head>
<body>
<form action="edit.php" method="post">
First Name<input type="text" name="firstname" value="<?php echo $firstName ;?>"><br/>
Last Name<input type="text" name="lastname" value="<?php echo $lastName ;?>"><br/>
Age<input type="text" name="age" value="<?php echo $age ;?>"><br/>
<input type="submit" name="submit" value="Edit">
Cancel
</form>
</body>
</html>