PHP/MYSQLI issue - php

EDIT:
The problem now is there are no more code errors causing error/notice splats thanks to contributors, but the data still isn't being posted into the MYSQL db, the table is just empty even though script says it's been uploaded.
Here's the code:
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$ogrod_id = trim(sql_safe($_POST['ogrod_id']));
$doborsadzenieroslin = trim(sql_safe($_POST['doborsadzenieroslin']));
$nawierzchnia = trim(sql_safe($_POST['nawierzchnia']));
$systnawadn = trim(sql_safe($_POST['systnawadn']));
$malaarchitektura = trim(sql_safe($_POST['malaarchitektura']));
$oczkawodne = trim(sql_safe($_POST['oczkawodne']));
$trawniki = trim(sql_safe($_POST['trawniki']));
$oswietlenie = trim(sql_safe($_POST['oswietlenie']));
$tarasy = trim(sql_safe($_POST['tarasy']));
$pielegnacja = trim(sql_safe($_POST['pielegnacja']));
$opis = trim(sql_safe($_POST['opis']));
if ($opis === '') {
$opis = '(brak opisu)';
}
if ($password !== 'jeeus') {
$msg = 'Błąd - błędne hasło wgrywania.';
} else {
if (isset($_FILES['image'])) {
$image = $_FILES['image'];
#list(, , $imtype, ) = getimagesize($_FILES['image']['tmp_name']);
if ($imtype === 3)
$ext="png";
elseif ($imtype === 2)
$ext="jpeg";
elseif ($imtype === 1)
$ext="gif";
else
$msg = 'Błąd - nieznany format pliku.';
if (!isset($msg)) {
$data = file_get_contents($_FILES['image']['tmp_name']);
$data = mysqli_real_escape_string($con, $data);
mysqli_query($con, "INSERT INTO realizacje (ext,opis,image,ogrod_id,doborsadzenierosli,nawierzchnia,systnawadn,malaarchitektura,oczkawodne,trawniki,oswietlenie,tarasy,pielegnacja) VALUES ('$ext','$opis','$data','$ogrod_id','$doborsadzenieroslin','$nawierzchnia','$systnawadn','$malaarchitektura','$oczkawodne','$trawniki','$oswietlenie','$tarasy','$pielegnacja')");
$msg = 'Sukces - obraz został wgrany na serwer.';
}
} else if (isset($_GET['ogrod_id'])) {
$msg = 'Błąd - plik nie został wgrany.';
}
}
}
?>
Here's the HTML markup for image along with it's name property.
Also, the whole form HTML part:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" enctype="multipart/form-data">
<div id="filtry">
<div class="realizacjedodaj">
<b>Czy na zdjęciu znajduje/ą się <br>wykonany/e przez firmę:</b><br><br>
<label for="doborsadzenieroslin">dobór/sadzenie roślin?</label><br />
<input type="radio" name="doborsadzenieroslin" value="0" checked> Tak
<input type="radio" name="doborsadzenieroslin" value="1"> Nie<br><br>
<label for="nawierzchnia">nawierzchnia?</label><br />
<input type="radio" name="nawierzchnia" value="0" checked> Tak
<input type="radio" name="nawierzchnia" value="1"> Nie<br><br>
<label for="systnawadn">system nawadniający?</label><br />
<input type="radio" name="systnawadn" value="0" checked> Tak
<input type="radio" name="systnawadn" value="1"> Nie<br><br>
<label for="malaarchitektura">mała architektura?</label><br />
<input type="radio" name="malaarchitektura" value="0" checked> Tak
<input type="radio" name="malaarchitektura" value="1"> Nie<br><br>
</div>
<div class="realizacjedodaj">
<label for="oczkawodne">oczko wodne?</label><br />
<input type="radio" name="oczkawodne" value="0" checked> Tak
<input type="radio" name="oczkawodne" value="1"> Nie<br><br>
<label for="trawniki">trawnik?</label><br />
<input type="radio" name="trawniki" value="0" checked> Tak
<input type="radio" name="trawniki" value="1"> Nie<br><br>
<label for="oswietlenie">oswietlenie?</label><br />
<input type="radio" name="oswietlenie" value="0" checked> Tak
<input type="radio" name="oswietlenie" value="1"> Nie<br><br>
<label for="tarasy">taras?</label><br />
<input type="radio" name="tarasy" value="0" checked> Tak
<input type="radio" name="tarasy" value="1"> Nie<br><br>
<label for="pielegnacja">pielęgnacja ogrodu?</label><br />
<input type="radio" name="pielegnacja" value="0" checked> Tak
<input type="radio" name="pielegnacja" value="1"> Nie<br><br>
</div>
</div>
<div id="listaOgrodow">
<div class="realizacjedodaj">
<label for="ogrod_id"><b>Ogród:</b></label><br />
<?php
$ogrodysql = "SELECT id_ogrodu, nazwa FROM ogrody";
$result = mysqli_query($con, $ogrodysql);
if (mysqli_num_rows($result) > 0) {
while ($row = mysqli_fetch_assoc($result)) {
echo "#" . $row["id_ogrodu"]. " " . $row["nazwa"]. "<input type='radio' name='ogrod_id' value=" .$row["id_ogrodu"]." <br>";
}
} else {
echo "0 results";
}
?>
<br /><br /><br />
</div>
</div>
<div id="resztaDanych" class="realizacjedodaj">
<br><br>
<label for="image">Zdjęcie realizacji:</label><br />
<input type="file" name="image" id="image"/><br /><br /><br />
<label for="opis">Opis (opcjonalnie):</label><br />
<textarea rows="4" cols="50" name="opis" id="opis"></textarea><br /><br /><br />
<input type="submit" value="Wgraj"/>
</div>
</form>


Looks like you have multiple issues in your code:
1st, the proper simple way to insert into MySQL is:
INSERT INTO table_name (field1,field2) VALUES ('$value1','$value2')
NOT
INSERT INTO {$table} SET ext='$ext', opis='$opis',
2nd, are you trying to post a normal form's field named image?
trim(sql_safe($_POST['image']));
$_POST is different than $_FILE
also, use
if (isset($_FILE['image'])) {
$image= $_FILE['image'];
}


Do you have an element (most likely the file upload element) named image in your form? If not then add it.

Related

php+html multiple row submit with checkbox filter

I created a page for multiple rows submit data to mysql with php!
But, I need filter check the checkbox[] has been checked for submit current row data
In my demo,
If I checked the row2 and row3, I expected I will get id=2 & id=3
finally I get the id=1 & id=2
In the same situation, if I checked row3 only, I will get the id=1
I probably understand the principle, but I really can’t find a solution
<?php
$row = "";
if ($_POST) {
foreach ($_POST["checked"] as $key => $v) {
if (#$_POST['checked'][$key] == "on") {
$row[$key]['id'] = $_POST['id'][$key];
$row[$key]['other_value'] = $_POST['other_value'][$key];
}
}
}
print_r($row);
?>
<form action="" method="POST">
<p>
<input type="checkbox" name="checked[]">
<input type="text" name="id[]" value="1">
<input type="text" name="other_value[]" value="a">
</p>
<p>
<input type="checkbox" name="checked[]">
<input type="text" name="id[]" value="2">
<input type="text" name="other_value[]" value="b">
</p>
<p>
<input type="checkbox" name="checked[]">
<input type="text" name="id[]" value="3">
<input type="text" name="other_value[]" value="c">
</p>
<button type="submit">submit</button>
</form>
I try #CBroe
if checked row3, I still get a
<?php
$row = "";
if ($_POST) {
foreach ($_POST["checked"] as $key => $v) {
$row[$key]['checkbox'] = $_POST['checkbox'][$key];
$row[$key]['other_value'] = $_POST['other_value'][$key];
}
}
print_r($row);
?>
<form action="" method="POST" >
<p>
<input type="checkbox" name="checked[]" value="1">
<input type="text" name="other_value[]" value="a">
</p>
<p>
<input type="checkbox" name="checked[]" value="2">
<input type="text" name="other_value[]" value="b">
</p>
<p>
<input type="checkbox" name="checked[]" value="3">
<input type="text" name="other_value[]" value="c">
</p>
<button type="submit">Submit</button>
</form>

#CBroe Thanks for your
<?php
$row = "";
if ($_POST) {
foreach ($_POST["id"] as $key => $v) {
$row[$key]['id'] = $_POST['id'][$key];
$row[$key]['other_value'] = $_POST['other_value'][$key];
}
}
print_r($row);
?>
<form action="" method="POST" >
<p>
<input type="checkbox" name="id[1]" value="1">
<input type="text" name="other_value[1]" value="a">
</p>
<p>
<input type="checkbox" name="id[2]" value="2">
<input type="text" name="other_value[2]" value="b">
</p>
<p>
<input type="checkbox" name="id[3]" value="3">
<input type="text" name="other_value[3]" value="c">
</p>
<button type="submit">submit</button>
</form>

Success without any errors shown anywhere but any data is not going to my database

<?PHP
session_start();
if (isset($_SESSION['loggedin'])) {
$loggedin = $_SESSION['loggedin'];
} else {
header('Location: ../login');
}
$user = $_SESSION['ID'];
$kuva = "Space";
$date = gmdate("j\.m\.Y H:i:s ");
include 'config.php';
$query = $connection->query("INSERT INTO rate(userID, kuva, rate) VALUES(?,?,?)");
$query2 = $connection->query("INSERT INTO picture(nimi, userID, rate, kommentti) VALUES (?,?,?,?)");
$query3 = $connection->query("INSERT INTO comment(userID, picture, date, text) VALUES (?,?,?,?)");
$result = $connection->query("SELECT picture, date, text, user.username FROM comment INNER JOIN users WHERE picture = '$picture' LIMIT 3");
if (isset($_POST['submitPic'])) {
if (isset($_POST['rating'])) {
$rating = htmlspecialchars($_POST['rating']);
$comment = htmlspecialchars($_POST['comment']);
$query = array($user, $picture, $rating);
$query2 = array($picture, $user, $rating, $comment);
$success = '<span style="color:green;font-size:32px;">Success</span>';
} else {
$error = '<span style="color:red;font-size:32px;">Error</span>';
}
}
if (isset($_POST['submitPic'])) {
if (isset($_POST['comment'])) {
} else {
$query3 = array($user, $kuva, $date, $comment);
}
}
$connection->close();
?>
I get success after rating and commenting but any data doesn't go in to my database
What is wrong with my code? Success without any errors shown anywhere but any data is not going to my database
There shouldn't be any problem with my database. It's just I don't see error
EDIT: HERES MY HTML
Here is my HTML
<!-- Star rating -->
<center>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<fieldset class="starability-basic">
<input type="radio" id="rate1" name="rating" value="1" />
<label for="rate1" title="1/10">1 star</label>
<input type="radio" id="rate2" name="rating" value="2" />
<label for="rate2" title="2/10">2 stars</label>
<input type="radio" id="rate3" name="rating" value="3" />
<label for="rate3" title="3/10">3 stars</label>
<input type="radio" id="rate4" name="rating" value="4" />
<label for="rate4" title="4/10">4 stars</label>
<input type="radio" id="rate5" name="rating" value="5" />
<label for="rate5" title="5/10">5 stars</label>
<input type="radio" id="rate6" name="rating" value="6" />
<label for="rate6" title="6/10">6 stars</label>
<input type="radio" id="rate7" name="rating" value="7" />
<label for="rate7" title="7/10">7 stars</label>
<input type="radio" id="rate8" name="rating" value="8" />
<label for="rate8" title="8/10">8 stars</label>
<input type="radio" id="rate9" name="rating" value="9" />
<label for="rate9" title="9/10">9 stars</label>
<input type="radio" id="rate10" name="rating" value="10" />
<label for="rate10" title="10/10">10 stars</label>
</fieldset>
</center>
<center>
<textarea name="comment" cols="50" rows="4"></textarea>
</textarea>
</center>
<center>
<button type="submit" name="submitPic" class="submitPic">Send</button>
</center>
</form>

Why dont u use prepared statements.
$query = $connection->prepare("INSERT INTO rate(userID, kuva, rate) VALUES(?,?,?)");
$query->bind_param('iii', $user, $picture, $rating);
$query->execute();
$query->close();

Explode/foreach not working to record multiple values from checkbox into multiple rows in database

I'm currently working on a online youth mentorship portal which requires mentors and mentees to sign up.
The mentor sign up form has a checkbox area where they click on the categories they wish to mentor in. They can click on as many as they want. My problems are as follows:
1) Despite noting it as an array and using implode while using $_POST and explode and foreach while inserting into the database, i only seem to get the first option chosen in the checkbox being recorded in the database. Please kindly help me out with this.
2) i have 3 tables for this particular script; Mentor, Category and Logged Category to record the data for normalization purposes. On top of the problem number (1), the mentor table seems to be getting 3 replicated row entries per sign up. What might be the issue?
Here is an excerpt from the form:
<form id="form1" name="form1" action="registration.php" method=POST>
<label for="name">Full name:</label>
<input type="text" id="name" name="name">
<label for="mail">Email:</label>
<input type="email" id="mail" name="email">
<label for="password">Password:</label>
<input type="password" id="password" name="pass">
<label>Gender:</label>
<input type="radio" id="m" value="m" name="gender"><label for="male" class="light">Male</label><br>
<input type="radio" id="f" value="f" name="gender"><label for="female" class="light">Female</label>
<label for="bio">Biography:</label>
<textarea id="bio" name="bio"></textarea>
<label>Category to Mentor in:</label><br>
<input type="checkbox" id="ICT" value="1" name="catID[]">
<label class="light" for="ICT">ICT</label><br>
<input type="checkbox" id="Music" value="2" name="catID[]">
<label class="light" for="Music">Music</label><br>
<input type="checkbox" id="Politics" value="3" name="catID[]">
<label class="light" for="Politics">Politics</label><br>
<input type="checkbox" id="Entrepreneurship" value="4" name="catID[]">
<label class="light" for="Entrepreneurship">Entrepreneurship</label><br>
<input type="checkbox" id="Sports" value="5" name="catID[]">
<label class="light" for="Sports">Sports</label><br>
<input type="checkbox" id="Religious" value="6" name="catID[]">
<label class="light" for="Religious">Religious</label><br>
<input type="checkbox" id="Agriculture" value="7" name="catID[]">
<label class="light" for="Agriculture">Agriculture</label><br>
<input type="checkbox" id="Finance" value="8" name="catID[]">
<label class="light" for="Finance">Finance & Banking</label><br>
<input type="checkbox" id="Leadership" value="9" name="catID[]">
<label class="light" for="Leadership">Leadership</label><br>
<input type="checkbox" id="Science" value="10" name="catID[]">
<label class="light" for="Science">Science</label><br>
<input type="checkbox" id="Fashion" value="11" name="catID[]">
<label class="light" for="Fashion">Fashion/Beauty</label><br>
<input type="checkbox" id="Medical" value="12" name="catID[]">
<label class="light" for="Medical">Medical</label><br>
<input type="submit" name="submit" class="submit" value="Sign Up">
</form>
This is my registration.php
<?php
$a = $_POST['name'];
$b = $_POST['email'];
$c = $_POST['pass'];
$d = $_POST['gender'];
$e = $_POST['bio'];
$fimp= implode(', ', $_POST['catID']);
if($a && $b && $c && $d && $e && $fimp) {
if ( filter_var(($_POST["email"]), FILTER_VALIDATE_EMAIL) == TRUE) {
$con=mysqli_connect('localhost','root','');
if(!$con) {
die('Error in connection'.mysqli_error());
}else {
mysqli_select_db($con,'ymp');
$query = mysqli_query($con, "select * from mentor where email = '".$b."'");
if (!$query) {
die ("Failed to query database" . mysqli_error($con));
}
if(mysqli_num_rows($query) > 0) {
echo "<div ><h3>Email has already been used</h3><br/>Click <a href='mentorsignup.php'>here</a> to try again</div>";
}else{
$sql = ("INSERT INTO mentor VALUES(DEFAULT,'$a','$b','$c','$d','$e')");
$result = mysqli_query($con, $sql);
// insertion to logged category table
$fs = explode(', ', $fimp);
foreach ($fs as $f ){
mysqli_query($con, "INSERT INTO logged_cat
(mentorID, catID)
VALUES (LAST_INSERT_ID(), '$f')");
}
$result = mysqli_query($con, $sql);
if(!mysqli_query($con, $sql)){
die('Could not register'.mysqli_error($con));
}else{
echo "<div class='form'><center><h3>You have successfully registered!</h3><br/>Click here to <a href='loginmentor.php'>login</a></center></div>";
}
}
}
}else {
echo "<div class='form'><center><h3>Invalid email address</h3><br/>Click <a href='mentorsignup.php'>here</a> to try again</center></div>";
}
}else{
echo "<div class='form'><center><h3>Enter values in all fields</h3><br/>Click <a href='mentorsignup.php'>here</a> to try again</center></div>";
}
?>
Kindly excuse my inexperience, i'm a newbie. Thank you in advance

This should do the trick.
..............
$f = implode(', ', $_POST['catID']);
if($a && $b && $c && $d && $e && $f)
..........
mysqli_query($con, "INSERT INTO mentor VALUES(DEFAULT,'$a','$b','$c','$d','$e')");
$mentorID = mysqli_insert_id($con);
$fs = explode(', ', $f);
foreach ($fs as $f )
{
mysqli_query($con, "INSERT INTO logged_cat (mentorID, catID) VALUES ('$mentorID', $f)");
}

Displaying a column that a user created in a form

Im trying to display a single column from where a user created a form, i have a table and user sessions set up. I need it so that only that column is displayed for the user that created it.
This is the form
<form action="core/process.php" method="post" id="registration" >
<input type="hidden" name="formID" value="Product_Tracker" />
<input type="hidden" name="id_user" value="<?php echo $_SESSION['name_of_user']; ?>" />
<p>Name of product:<input type="text" name="Name of Product" class="input" />
<p>Please select the tests that were done on the product.</p>
<p>In Circuit Test (ICT): Yes: <input type="radio" name="ICT" value="yes" /> No: <input type="radio" name="ICT" value="no" /></p>
<p>Visual Inspection: Yes: <input type="radio" name="Visual Inspection" value="yes" /> No: <input type="radio" name="Visual Inspection" value="no" /></p>
<p>XRAY: Yes: <input type="radio" name="XRAY" value="yes" /> No: <input type="radio" name="XRAY" value="no" /></p>
<p>Automated Optical Inspection (AOI): Yes: <input type="radio" name="AOI" value="yes" /> No: <input type="radio" name="AOI" value="no" /></p>
<!--<p>Checkbox1 <input type="checkbox" name="checkbox" value="checkbox1" /> Checkbox2: <input type="checkbox" name="checkbox" value="checkbox2" /></p>-->
<input type="submit" value="Submit" />
<p>
<a href='access-controlled.php'>Back</a>
</p>
</form>
</div>
</body>
</html>
<?php VDEnd(); ?>
Ive tried this but it doesnt work,
$con = mysql_connect("","","");
if (!$con){
die("Can not connect: " . mysql_error());
}
mysql_select_db("database",$con);
$result = mysql_query("SELECT id_user, Name_of_product FROM Product_Tracker WHERE id_user=$_SESSION['name_of_user']");
while ($row = mysql_fetch_assoc($result)) {
echo $row['Name_of_Product'];
echo "<br />";
this did it;
mysql_select_db("database",$con);
$id=$_SESSION['name_of_user'];
$result = mysql_query("SELECT id_user, Name_of_product FROM Product_Tracker WHERE id_user='$id'");
while ($row = mysql_fetch_array($result))
{
echo $row['Name_of_product'] . "<br/>";
}
mysql_query($query);
mysql_close($con);
?>

have you tried this
$id=$_SESSION['name_of_user'];
$result = mysql_query("SELECT id_user, Name_of_product FROM Product_Tracker WHERE id_user='$id'");

insert multi value from checkboxs into database by php

i want insert this form value to datanase :
<input type="checkbox" name="brand1" id="brand1" value="1"> <label for="brand1">Brand 1</label>
<input type="checkbox" name="brand2" id="brand2" value="1"> <label for="brand2">Brand 2</label>
<input type="checkbox" name="brand3" id="brand3" value="1"> <label for="brand3">Brand 3</label>
<input type="checkbox" name="brand4" id="brand4" value="1"> <label for="brand4">Brand 4</label>
<input type="checkbox" name="brand5" id="brand5" value="1"> <label for="brand5">Brand 5</label>
these text box are get by php from a table in database and may be Variable
i want insert to database by this format
if brand 1 are checked $brand="1,";
and Finally like this :
insert($name,$brands); and $brands = "1,2,3,4,5,";
if write this by if and while but it doesn't work because if insert run in while {} Five times insert Done and if insert run out of while {} , $brand = "5,"
thanks for your help or idea for this problem
it's mean :
<form method="post" action="#">
<?php
$result = $db->getall(brands);
if(!empty($result)) {
while ( list($key,$val)=each($result) ) {
$brand_id = stripslashes($val["id"]);
$brand_name = stripslashes($val["name"]);
?>
<input type="checkbox" name="brand<?php print"$brand_id"; ?>" value="1" style="cursor:pointer;"><label for="brand<?php print"$brand_id"; ?>" style="cursor:pointer;"> <?php print"$brand_name"; ?></label>
<?php }} ?>
Source Output:
<input type="checkbox" name="brand1" value="1"> <label for="brand1">Brand Name 1</label>
<input type="checkbox" name="brand2" value="1"> <label for="brand2">Brand Name 2</label>
<input type="checkbox" name="brand3" value="1"> <label for="brand3">Brand Name 3</label>
<input type="checkbox" name="brand4" value="1"> <label for="brand4">Brand Name 4</label>
<input type="checkbox" name="brand5" value="1"> <label for="brand5">Brand Name 5</label>
<input type="submit" value="Submit" />
</form>
when submit form , insert source is :
<?php
$result = $db->getall(brands);
if(!empty($result)) {
while ( list($key,$val)=each($result) ) {
$brand_id = brand.stripslashes($val["id"]);
$brand_name = stripslashes($val["name"]);
$brand_ids = "brand.$brand_id";
if($$brand_ids==1) {$brands="$brandid,"}
}} ?>
$db->add_submenu("$brands");

You should change the name of your checkboxes to brand[]. It will give you an array once submitted at $_POST['brand']
Ex.
<input type="checkbox" name="brand[]" value="1" ... />
<input type="checkbox" name="brand[]" value="2" ... />
<input type="checkbox" name="brand[]" value="3" ... />
<input type="checkbox" name="brand[]" value="4" ... />
<input type="checkbox" name="brand[]" value="5" ... />
on the other side you can either do something like the following:
// this will return '1, 2, 3, 4, 5' when all are selected.
$index = implode(", ", $_POST['brand']);
and at that point you will have the brands in comma delimited form.

Categories