The problem I have: I made a "contact" form, which should send data to my database. All works good, no errors after I access the page from localhost, shows the result I wanted to see, but the database (localhost/phpmyadmin/..) doesn't update with any info.
This is my PHP:
if(isset($_POST['insert']))
{
$hostname = 'localhost';
$username = 'root';
$password = '';
$databaseName = 'nig';
$Nume = $_POST['nume'];
$Email = $_POST['email'];
$Telefon = $_POST['telefon'];
$Subiect = $_POST['subiect'];
$Mesaj = $_POST['mesaj'];
$connect = mysqli_connect($hostname, $username, $password, $databaseName);
$query = "INSERT INTO `amar` (`nume`, `email`, `telefon`, `subiect`, `mesaj`) VALUES ('$Nume','$Email','$Telefon','$Subiect','$Mesaj')";
$result = mysqli_query($connect,$query);
if($result)
{
echo 'Mesaj trimis.';
}else{
echo 'Mesaj netrimis';
}
mysqli_free_result($result);
mysqli_close($connect);
This is my HTML:
<form action="insert2.php" action="post">
<form role="form">
<div class="form-group">
<label for="nume">Nume complet</label>
<input type="text" class="form-control" name="nume">
</div>
<div class="form-group">
<label for="email">Adresa e-mail</label>
<input type="text" class="form-control" name="email">
</div>
<div class="form-group">
<label for="telefon">Telefon</label>
<input type="text" class="form-control" name="telefon">
</div>
<div class="form-group">
<label for="subiect">Subiect</label>
<input type="text" class="form-control" name="subiect">
</div>
<div class="form-group">
<label for="mesaj">Mesaj</label>
<textarea class="form-control" name="mesaj" rows="8"></textarea>
</div>
<input type="submit" name="insert" class="btn btn-theme" value="insert"></button>
</form>
And the result should be data in my MySQL. but the database isn't getting any data, what am I doing wrong?
You have two form tags, one inside the other.
Change this....
<form action="insert2.php" action="post">
<form role="form">
To this...
<form action="insert2.php" action="post">
Also, please note, your PHP code is open to SQL injection. Never trust user input. Always validate and/or escape user entered data prior to using it in a query. Or better yet, used prepared statements or stored procedures.
Update 1:
OK, sorry to hear this is not working. Please add the following mysqli error debugging so we can see what is happening.
Change this...
$result = mysqli_query($connect,$query);
To this...
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$result = mysqli_query($connect,$query)
if (!$result)) {
printf("Errormessage: %s\n", mysqli_error($connect));
}
Then run the code and see if you get any errors that may help us.
Update 2:
OK, try another piece of debugging.
After this...
$query = "INSERT INTO `amar` (`nume`, `email`, `telefon`, `subiect`, `mesaj`) VALUES ('$Nume','$Email','$Telefon','$Subiect','$Mesaj')";
Add this...
die($query);
Save and run the code.
You will be given a SQL query. Copy and paste that SQL query and run it in your database management tool (phpMyAdmin for example). See if the record is added when you manually run the query or if you are given any errors.
Let us know the outcome.
Related
I've small php project to list Covid-Test Labs, When you press the Update button for one of the records in the list of records, the data modification window opens, and when you enter it, the entries of other records are updated with the same information
How to solve this issue ?
<!-- Update Form -->
<form style = "font-size : 30px">
<input type="text" id="lab_name" class="fadeIn second" name="lab_name" placeholder="Laboratory Name" required>
<input type="text" id="test_price" class="fadeIn second" name="test_price" placeholder="Test Price" required>
<input type="text" id="lat" class="fadeIn second" name="lat" placeholder="Lat" required>
<input type="text" id="lon" class="fadeIn second" name="lon" placeholder="Lon" required>
<div class="dropdown">
<select name="lab_city" class="dropdown" required>
<option value="">--- Select City---</option>
<option value="Khartoum">Dubai</option>
<option value="Bahri">Bahri</option>
<option value="Omdurman">Paris</option>
</select>
<input type="file" name="image" id="image" required>
</div>
<input type="submit" id="submit" class="fadeIn fourth" value="Update">
</div>
</div>
</form>
<section>
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "covidsd";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$lab_id = $_GET['lab_id'];
$lab_name= mysqli_real_escape_string($link, $_REQUEST['lab_name']);
$lab_city = mysqli_real_escape_string($link, $_REQUEST['lab_city']);
$test_price= mysqli_real_escape_string($link, $_REQUEST['test_price']);
$lat= mysqli_real_escape_string($link, $_REQUEST['lat']);
$lon= mysqli_real_escape_string($link, $_REQUEST['lon']);
$image= mysqli_real_escape_string($link, $_REQUEST['image']);
//$ServerURL = "http://192.168.43.236/AndroidUploadImage/$ImagePath";
$sql = "UPDATE laboratories SET lab_name ='$lab_name',lab_city ='$lab_city', test_price= '$test_price', lat='$lat', lon= '$lon', image= '$image' ". "WHERE lab_id='$lab_id' ";
if(mysqli_query($link, $sql)){
$message = "Laboratory has been updated successfully";
echo "<script type='text/javascript'>alert('$message');</script>";
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
// close connection
mysqli_close($link);
?>
I tried many solutions but not working
Each record in your table must have a unique id field. You will retrieve this field when loading your list. When modifying a record, you will send that id field again to PHP. Inside PHP you will use it in your SQL WHERE IdField=$ID.
You are using variable $lab_id In your PHP code $lab_id = $_GET['lab_id']; and this means that you have an input on your form with name lab_id. I can't see that input it in your HTML so you need to add it like that :
<form style = "font-size : 30px">
<input type="hidden" id="lab_id" name="lab_id" Value = "$lab_id">
<input type="text" id="lab_name" class="fadeIn second" name="lab_name" placeholder="Laboratory Name" required>
...............
...............
</form>
In your PHP code you must decide what kind of request you will accept either POST or GET. Now you are using a mix of $_GET and $_REQUEST. If you are modifying or inserting data, it will better to use $_POST. Getting variables is PHP code will looks like :
$lab_id = $_POST['lab_id'];
$lab_name= mysqli_real_escape_string($link, $_POST['lab_name']);
If you are using a framework which do the request, you can check it to make sure if it is sending lab_id, if it sends lab_id you will not need it inside form. You may also adjust the request type in your framework if you are using a one.
I am learning MySQL and PHP and I trying to build a simple login webpage and connect with MySQL.
I have built the page with HTML and CSS, also I downloaded PHP and installed MySQL, I am getting confused about how to combine those things and when I input my password and username it will go to successful page.
I am not seeking an answer but need some suggestions for the next step.
PLEASE NOTE - the way my SQL queries are written here are open to SQL injection (see here to get the changes you would need to make)
So to start. You want to create a database table to store your users, a form to create users, and some code to query the data into the database.
i would start with a form like this:
<form method="post" class="mt-3">
<input type="hidden" name="do" value="create" />
<div class="form-group">
<label for="itemName">First Name</label>
<input type="text" class="form-control" name="firstName">
</div>
<div class="form-group">
<label for="serialNumber">Last Name</label>
<input type="text" class="form-control" name="lastName">
</div>
<div class="form-group">
<label for="serialNumber">Username</label>
<input type="text" class="form-control" name="userName">
</div>
<div class="form-group">
<label for="serialNumber">Password</label>
<input type="password" class="form-control" name="passWord">
</div>
<a id="create-member" class="btn btn-success text-white">Submit</a>
</form>
then you want some code that will take the values you have in that form and turn them into a query to add that info into your table.
if(isset($_POST['do'])) && $_POST['do'] == 'create'
{
$firstName = $_POST['firstName'];
$lastName = $_POST['lastName'];
$username = $_POST['userName'];
$password = password_hash($_POST['passWord'], PASSWORD_BCRYPT);
$sql = "INSERT INTO members (first_name, last_name, username, password) VALUES ('".$firstName."', '".$lastName."', '".$username."', '".$password."')";
mysqli_query($conn, $sql); //$conn is set in my header file and included into every page.
}
That is pretty much the process for creating a user and adding it to your table, obviously you'll have to break it down and change values to what you have in your table etc.
Next it's the case of verifying a login.
first, a login form:
<form method="post">
<input type="hidden" name="do" value="login" />
<div class="form-group">
<label for="usename">Username</label>
<input type="text" class="form-control" id="username" name="username">
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" class="form-control" id="password" name="password">
</div>
<button type="submit" class="btn btn-primary">Login</button>
</form>
and then an authentication query to follow, this will take the info in the login page, hash the password you entered and then compare it with the one in your database.
if (isset($_POST['do']) && $_POST['do'] == 'login')
{
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT id, first_name, last_name, password FROM members WHERE username= '$username'";
$query = mysqli_query($conn, $sql) or die(mysqli_error($conn));
if($query->num_rows == 0)
{
echo "Username or password incorrect";
}else{
$data = mysqli_fetch_array($query);
if(!password_verify($password, $data['password']))
{
echo "Username or password incorrect";
}else{
session_regenerate_id();
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $_POST['username'];
$_SESSION['member_id'] = $data['id'];
$_SESSION['first_name'] = $data['first_name'];
$_SESSION['last_name'] = $data['last_name'];
}
}
}
}
?>
don't be scared about the $_SESSION variables at the bottom, i just set all user data as that so it's easier to access it on other pages, then i just follow with a header to my index.php page. In my header i also check to see that $_SESSION['loggedin'] is set to true and if not it redirects them to the login page (also be care to take into account the user might be on the login page, you dont want a redirect error)
This is my first detailed answer on this site so i hope it helps you :)
I've been trying to resolve this but i can't see the error. please help me. This is my code so far. What should i do? i checked every detail but cant find it. when i click the button, there's no error and it will return in the reservation.php page. I also have a "res_id" in my database which is auto increment. how should i include it in the insert statement?
Php code:
<?
$conn = mysqli_connect("localhost","root","") or die(mysql_error());
mysqli_select_db("hoteldb",$hoteldb) or die("no db found");
if(isset($_POST['confirm'])){
$fname= $_POST['fname'];
$lname= $_POST['lname'];
$contact= $_POST['contact'];
$username= $_POST['username'];
$password= $_POST['password'];
$email= $_POST['email'];
$address= $_POST['address'];
$checkin= $_POST['checkin'];
$checkout= $_POST['checkout'];
$query="INSERT INTO reservation(fname,lname,contact,username,password,email,address,checkin,checkout)
VALUES ('$fname','$lname','$contact','$username','$password','$email','$address','$checkin','$checkout')";
mysql_query($query,$conn);
mysqli_close($conn);
}
?>
Html code:
<form action="reservation.php" method="post">
<div>
<label>Title:</label>
<select name="title">
<option value="ms">Ms.</option>
<option value="mr">Mr.</option>
<option value="mrs">Mrs.</option>
</select>
</div>
<div >
<label>First Name:</label>
<input type="text" name="fname">
</div>
<div>
<label>Last Name:</label>
<input type="text" name="lname">
</div>
<div>
<label>Phone Number:</label>
<input type="text" name="contact">
</div>
<div>
<label>Username:</label>
<input type="text" name="username" >
</div>
<div >
<label>Password:</label>
<input type="password" name="password" >
</div>
<div >
<label>Email Address:</label>
<input type="text" name="email" >
</div>
<hr>
<h5>Address</h5>
<div >
<label>Full Address:</label>
<input type="text" name="address" >
</div>
<hr>
<h5>Date</h5>
<div >
<legend>Check-in</legend>
<input type="date" name="checkin">
<legend>Checkout </legend>
<input type="date" name="checkout">
</div>
<input type="submit" name="confirm">
</form>
or is it because of the date picker? if so, can you please teach me how to use the date picker? its my first time using it. Thank you! :)
try to get error description: (add after $query's definition)
if (!mysqli_query($conn, $query)) {
echo("Error description: " . mysqli_error($conn));
}
Try turning on PHP errors to not get just an empty page.
http://php.net/manual/en/mysqli.query.php
mysql_query($query, $conn);
this should be
mysqli_query($conn, $query);
I also have a "res_id" in my database which is auto increment. how should i include it in the insert statement?
Since it's set to "auto increment", you dont need to do anything with it
Also, try looking at PDO, it's safer and takes less code to use.
When you connect to the database you use mysql, after this you are trying to insert data using mysqli_query, it is impossible. You have to replace
mysql_query($query,$conn);
with
mysqli_query($conn, $query);
so your php will look like this
<?
$conn = mysqli_connect("localhost","root","") or die(mysql_error());
mysqli_select_db("hoteldb",$hoteldb) or die("no db found");
if(isset($_POST['confirm'])){
$fname= $_POST['fname'];
$lname= $_POST['lname'];
$contact= $_POST['contact'];
$username= $_POST['username'];
$password= $_POST['password'];
$email= $_POST['email'];
$address= $_POST['address'];
$checkin= $_POST['checkin'];
$checkout= $_POST['checkout'];
$query="INSERT INTO reservation(fname,lname,contact,username,password,email,address,checkin,checkout)
VALUES ('$fname','$lname','$contact','$username','$password','$email','$address','$checkin','$checkout')";
mysqli_query($conn, $query);
mysqli_close($conn);
}
?>
This is main problem.
You can use this templates any time u need insert something in your database
https://www.w3schools.com/php/php_mysql_insert.asp
If u want to use mysqli go to
Example (MySQLi Procedural) part
But I would recommend to use PDO;
The error in Mysqli_select_db statement.
You need correct your statement.
mysqli_select_db("hoteldb",$hoteldb) or die("no db found");
insted of this
mysqli_select_db($conn,"hoteldb") or die("no db found");
I have thoroughly researched my topic before coming here and can't seem to figure out my problem.
I have an HTML page:
<form role="form" action="register.php" method="POST">
<div class="form-group">
<label>First Name:</label>
<input type="text" name="first_name">
</div>
<div class="form-group">
<label>Last Name:</label>
<input type="text" name="last_name">
</div>
<div class="form-group">
<label>Student ID:</label>
<input type="number" name="student_id">
</div>
<div class="form-group">
<label>Email address:</label>
<input type="email" name="email">
</div>
<button type="submit" name="register" value="register">Register</button>
</form>
<form role="form" action="login.php" method="POST">
<div class="form-group">
<label>Email address:</label>
<input type="email" name="email">
</div>
<button type="submit" name="login" value="login">Login</button>
</form>
This functions and communicates perfectly well with my login page written in php, it checks if the submitted email address already exists in a MySQL database. It will then point the user to a profile page and the code exits itself.
My issue is with my register page, I use the same MySQL SELECT functions that I do on my login page, to check and see if the submitted student ID or email already exists in the database and if so, will return back to the form for the user to try again:
<?php
$servername = "";
$username = "";
$password = "";
$dbname = "";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$student_id = $_POST['student_id'];
$email = $_POST['email'];
if (isset($_POST['register'])) {
register($conn, $first_name, $last_name, $student_id, $email);
}
function register($conn, $first_name, $last_name, $student_id, $email) {
$Ssql = "SELECT student_id FROM AidenLocke where student_id = '$student_id'";
$Sresult = mysqli_query($conn, $sql);
if (mysqli_num_rows($Sresult) > 0) {
header('Location: form.html');
} else {
$sql = "INSERT INTO AidenLocke (first_name, last_name, email, student_id)
VALUES ('$first_name', '$last_name', '$email', '$student_id')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br />" . $conn->error;
}
header('Location: profile.php');
}
}
(I have removed my database information for security reasons but there is no connection problem)
My main issue is with the else section of the second if statement, my code does not check if the student id already exists, and regardless of what information I enter into the form, makes a new entry in to the database.
I am quite confused and hoping someone can give me a valid answer, thanks!
You seem to have a typo in your variable when you query the database:
$Ssql = "SELECT student_id FROM AidenLocke where student_id = '$student_id'";
^^^^
$Sresult = mysqli_query($conn, $sql);
^^^
That is, you're using $sql instead of $Ssql
I am trying to create a SignUp form for a web application I am developing and haven't programmed with mySQL in a while and when I fill out the HTML form I just get to a blank page (register.php) and no values are passed into the database table. The code, both HTML and PHP, are below. Any guidance as to what I'm missing or why this isn't passing through would be sincerely appreciated.
This is the HTML form to sign up:
<div class="panel-body">
Please fill out the form below.
<br>
<form action="register.php" method="post">
<div class="form-group">
<label for="exampleInputEmail1">Email address</label>
<input type="email" class="form-control" id="exampleInputEmail1" name="email" placeholder="Enter email">
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input type="password" class="form-control" id="exampleInputPassword1" name="password" placeholder="Password">
</div>
<button type="submit" class="btn btn-default">Sign Up</button>
</form>
And here is the code on register.php:
$user = "smartkrawldb";
$pass = "Nixon15!";
$db = new PDO( 'mysql:host=XX.XXX.XXX.XX,dbname=smartkrawldb, $user, $pass);
$form = $_POST;
$email = $form['email'];
$password = $form['password'];
$sql = "INSERT INTO users ( email, password) VALUES ( :email, :password)";
$query = $db->prepare( $sql );
$query->execute( array(':email'=>$email, ':password'=>$password));
Does it work if you try this instead?
$email = $_POST['email'];
$pass = $_POST['pass'];
$query = mysql_query("SELECT * FROM users WHERE email = '{$email}' AND password = '{$pass}';
I highly recommend you to switch over to PHP's PDO Object workflow instead, so much more secure and easy to work with.
$_POST['submit'] is passing no value (it'a submit button), at all.
try to var_dump, changing your last lines to this:
if(isset($_POST['submit'])) {
signUp();
}
else {
echo "the problem with post_submit is that is not here inside: ";
var_dump($_POST);
}
to get an idea of what is inside the $_POST superglobal.
cheers!