Inserting data into MySQL server - php

I'm doing a e-commerce admin panel and I need a quick script for inserting data into MySQL. Here's what i've done and it does nothing.
<form action="#" id="form_sample_1" class="form-horizontal" method="post">
<div class="control-group">
<label class="control-label">Package Name<span class="required">*</span></label>
<div class="controls">
<input type="text" name="pkg_name" data-required="1" class="span6 " value=""/>
</div>
</div>
<div class="control-group">
<label class="control-label">Package Price <span class="required">*</span><small>(In Dollars)</small></label>
<div class="controls">
<input name="pkg_price" type="number" class="span6 " value=""/>
</div>
</div>
<div class="control-group">
<label class="control-label">Package Contains</label>
<div class="controls">
<input name="pkg_contains" type="text" class="span6 " value=""/>
</div>
</div>
<div class="control-group">
<label class="control-label">Your Password</label>
<div class="controls">
<input name="sifre" type="password" class="span6 " value=""/>
</div>
</div>
<div class="form-actions">
<button type="button"name="btn" class="btn btn-primary">Send request to server.</button>
</div>
</form>
<!-- END FORM-->
</div> <!--widget box light-grey end-->
<!-- Mass PHP starts here! -->
<?php
echo mysql_error();
include("include/baglan.php");
// set posts here.
$_POST['pkg_name'] = $pkg_name;
$_POST['pkg_price'] = $pkg_price;
$_POST['pkg_contains'] = $pkg_contains;
$sifre = mysql_real_escape_string(md5($_POST['sifre']));
if($_POST['btn'] and $_POST["sifre"] = $sifre){
mysql_query("INSERT INTO packages (pkg_name, pkg_price,pkg_contains) VALUES $pkg_name $pkg_price $pkg_contains");
echo "Success.";
}
else {
echo mysql_error();}
It returns nothing! I've re-written all code but nothing! please help me. The databae variables are;
id, auto incerment
pkg_name text
pkg_price int
pkg_contains mediumtext


Assign variable name should be the left side.
// set posts here.
$pkg_name=$_POST['pkg_name'];
$pkg_price=$_POST['pkg_price'];
$pkg_contains=$_POST['pkg_contains'];
Values() is function, put all vars in bracket and split them with ','.
mysql_query("INSERT INTO packages (pkg_name, pkg_price,pkg_contains) VALUES($pkg_name,$pkg_price,$pkg_contains)");

Related

Unable insert in mysql table when I call another php

When I press register button in crudindex.php It will insert data in to cruduser(table)
once done Call crudadd.php and insert data into crud(table) with max(id) from cruduser table as id.
The issue is :Once I press REGISTER button Cruduser(table) is getting inserted properly.
But In crud(table) it inserts only the id and other fields are blank.
I have a doubt the post is not picking the values or insert command some issues.
But when I give static values ex : firstname as 'Tim', lastname as 'cook' etc its inserting in the table crud.
Also when I run crudadd.php separately it inserts properly.
Structure :
cruduser(
id(int),
username(varchar),
password(varchar)
)
crud(
id(int),
firstname(varchar),
lastname(varchar),
email(varchar),
gender(varchar),
age(varchar)
)
used : tables : cruduser and crud
php : crudindex.php and crudadd.php
Core issue : data is not properly inserted in to crud table
Crudindex.php
<?php
$con = mysqli_connect("127.0.0.1", "kkits996_ganesh", "mysql123#", "kkits996_testmysql") or die("Error " . mysqli_error($con));
if (isset($_POST) && (!empty($_POST))){
$uname=mysqli_real_escape_string($con,$_POST["uname"]);
$pwd=mysqli_real_escape_string($con,$_POST["pwd"]);
$cpwd=mysqli_real_escape_string($con,$_POST["cpwd"]);
if (isset($_POST['register'])) {
# Register-button was clicked
$createsql1="INSERT INTO cruduser(id,username,password) VALUES
('','$uname','$pwd')";
if (mysqli_query($con,$createsql1)) {
echo "Insert Successful in Table cruduser";
mysqli_close($con);
include ("crudadd.php");
}
else
{
die(mysqli_error($con));
}
}
mysqli_close($con);
}
?>
<!--DocType HTML -->
<! bootstrap link is downloaded from bootstrapcdn.com for css and js -->
<! col-mod-6 col-mod-offset are bootstrap related-->
<HTML>
<head>
<title>"Add records in CRUD Table"</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="row">
<form method="post" class="form-horizontal col-mod-6 col-mod-offset-3">
<h2>Create The table CRUD</h2>
<div class="form-group">
<label for="input" class="col-sm-2 control-label">Firstname</label>
<div class="col-sm-10">
<input type="text" name="uname" class="form-control" id="input1" placeholder="Username"/>
</div>
</div>
<div class="form-group">
<label for="input" class="col-sm-2 control-label">Lastname</label>
<div class="col-sm-10">
<input type="text" name="pwd" class="form-control" id="input1" placeholder="Password"/>
</div>
</div>
<div class="form-group">
<label for="input" class="col-sm-2 control-label">Email</label>
<div class="col-sm-10">
<input type="text" name="cpwd" class="form-control" id="input1" placeholder="Confirm Password"/>
</div>
</div>
<div class="row">
<div class="col-mod-6 col-mod-offset-3">
<button id="submit1" name="register" class="btn btn-primary pull-right">Register</button>
<button id="submit2" name="login" class="btn btn-secondary pull-right">Login</button>
</div>
</div>
</form>
</body>
</html>
Crudadd.php
<?php
//session_start();
//$maxiid = $_SESSION['id'];
//echo $maxiid;
$con = mysqli_connect("127.0.0.1", "kkits996_ganesh", "mysql123#", "kkits996_testmysql") or die("Error " . mysqli_error($con));
$result = mysqli_query($con,"SELECT * FROM cruduser WHERE id=(SELECT MAX(id) FROM cruduser)");
$row1 = mysqli_fetch_array($result);
$c1 = $row1['id'];
mysqli_close($con);
$con = mysqli_connect("127.0.0.1", "kkits996_ganesh", "mysql123#", "kkits996_testmysql") or die("Error " . mysqli_error($con));
if (isset($_POST) && (!empty($_POST))){
$fname=mysqli_real_escape_string($con,$_POST["fname"]);
$lname=mysqli_real_escape_string($con,$_POST["lname"]);
$email=mysqli_real_escape_string($con,$_POST["email"]);
$gender=$_POST["gender"];
$age=$_POST["age"];
print "I am here";
echo $finame;
echo $liname;
print email;
//Notes : In Insert if numeric do not use quotes. if string use quotes.for auto use ''
$createsql="INSERT INTO crud(id,firstname,lastname,email,gender,age) VALUES
($c1,'$fname','$lname','$email','$gender','$age')";
if (mysqli_query($con,$createsql)) {
echo "Connection Successful";
}
else
{
echo "Connection Issue";
die(mysqli_error($con));
}
mysqli_close($con);
}
?>
<!--DocType HTML -->
<! bootstrap link is downloaded from bootstrapcdn.com for css and js -->
<! col-mod-6 col-mod-offset are bootstrap related-->
<HTML>
<head>
<title>"Add records in CRUD Table"</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="row">
<form method="post" class="form-horizontal col-mod-6 col-mod-offset-3">
<h2>Create The table CRUD</h2>
<div class="form-group">
<label for="input" class="col-sm-2 control-label">Firstname</label>
<div class="col-sm-10">
<input type="text" name="finame" class="form-control" id="input1" placeholder="First name"/>
</div>
</div>
<div class="form-group">
<label for="input" class="col-sm-2 control-label">Lastname</label>
<div class="col-sm-10">
<input type="text" name="liname" class="form-control" id="input1" placeholder="Last name"/>
</div>
</div>
<div class="form-group">
<label for="input" class="col-sm-2 control-label">Email</label>
<div class="col-sm-10">
<input type="text" name="eimail" class="form-control" id="input1" placeholder="Email"/>
</div>
</div>
<div class="form-group">
<label for="input" class="col-sm-2 control-label">Gender</label>
<div class="col-sm-10">
<label>
<input type="radio" name="giender" id="optionsRadios1" value="male" checked> Male
</label>
<label>
<input type="radio" name="giender" id="optionsRadios1" value="female" > Female
</label>
</div>
</div>
<div class="form-group">
<label for="input" class="col-sm-2 control-label">Age</label>
<div class="col-sm-10">
<select name="aige" class="form-control">
<option>Select your age</option>
<option value="20">20</option>
<option value="21">21</option>
<option value="22">22</option>
<option value="23">23</option>
<option value="24">24</option>
<option value="25">25</option>
<option value="26">26</option>
</select>
</div>
</div>
<input type="submit" class="btn btn=primary col-md-2 col-md-offset-10" value="submit"/>
</form>
</body>
</html>

While clicking on 'Register' you are sending uname, pwd and cpwd ina POST request which are properly used to be inserted into cruduser. After that you are including the crudadd.php (include ("crudadd.php");). But remember you are still at the same request. So the only data available is uname, pwd and cpwd. This is why your rows are semi-empty.

if Id is AUTO INCREMENT.
you must use
$createsql1="INSERT INTO cruduser(id,username,password) VALUES
(NULL,'$uname','$pwd')";
not ((you can not set string for id value. Your id is of int type ))
$createsql1="INSERT INTO cruduser(id,username,password) VALUES
('','$uname','$pwd')";

Form posting does not work

I am having trouble to post a html form. I am posting one form and getting the post value to my variable and then I am post this form but this form is not posting.
HTML code:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" autocomplete="off">
<div class="widget-box">
<div class="widget-title"> <span class="icon"> <i class="icon-user"></i> </span>
<h5>Amc details</h5>
</div>
<div class="widget-content">
<div class="controls controls-row">
<div class="control-group span3">
<label for="normal" class="control-label">Installation Date<span style="color:red">*</span></label>
<div class="controls">
<input type="text" id="amc-ins-date" data-date="01-02-2016" name="amc-ins-date" data-date-format="dd-mm-yyyy" class="datepicker span12" placeholder="Enter installation date">
</div>
</div>
<div class="control-group span3">
<label for="normal" class="control-label">Start Date<span style="color:red">*</span></label>
<div class="controls">
<input type="text" id="amc-start-date" data-date="01-02-2016" name="amc-start-date" data-date-format="dd-mm-yyyy" placeholder="Enter amc start date" class="datepicker span12 ins-date">
</div>
</div>
<div class="control-group span3">
<label class="control-label">End Date<span style="color:red">*</span></label>
<div class="controls">
<input type="text" id="amc-end-date" data-date="01-02-2016" name="amc-end-date" data-date-format="dd-mm-yyyy" placeholder="Enter amc end date" class="datepicker span12 ins-date">
</div>
</div>
<div class="control-group span3">
<label class="control-label">Amount<span style="color:red">*</span></label>
<div class="controls">
<input type="text" id="amc-amount" name="amc-amount" class="span12" placeholder="Enter amc amount">
</div>
</div>
</div>
</div>
<div class="form-actions">
<input style="float:right" type="submit" name="amc-installation" class="btn btn-success" value="Save">
</div>
</form>
PHP code:
// i have submitted a form here and its posted
// installation details
$mc_serial = $_POST['mc-serial'];
$mc_model = $_POST['mc-model'];
$contract_type = $_POST['contract_type'];
$no_of_copies = $_POST['no-of-copies'];
$spare_part = join(",",$_POST['spare-part']);
$eng_name = $_POST['eng-name'];
$review = $_POST['review'];
// check if the machine already exits
if(IsMachine($mc_serial,$con)){
echo msgIsMachine();
exit();
}
if($contract_type == 'AMC'){
require './forms/amc.php'; // this is the html i have shown above
} elseif ($contract_type == 'ASC') {
require './forms/asc.php';
} elseif ($contract_type == '4C') {
require './forms/4c.php';
} elseif ($contract_type == 'RENTAL') {
require './forms/rental.php';
} elseif ($contract_type == 'WARRANTY') {
require './forms/warranty.php';
}
if(isset($_POST['amc-installation']) && !empty($_POST['amc-installation'])){
echo "posted";
var_dump($_POST);($_POST);
}
The output of var_dump is NULL. I don't get any problem.

You echo the second form (during the script which responds to the submission of the first one), but then immediately check for values returned from it within the same script execution. You have to wait for the user to post the form back before you can check the submitted values. This would be a separate postback, and therefore a separate execution context for the PHP.
So the code to check the values from the second form needs to be in a separate section (or file) which is triggered by the submission of the second form.

There's no $POST in PHP you should use $_POST instead :
if(isset($_POST['amc-installation']) && !empty($_POST['amc-installation'])){
echo "posted";
var_dump($_POST);
}
NOTE : You should place the var_dump($_POST); inside the if statement, so it will be trrigered just after the submit.
Hope this helps.

if(isset($_POST['amc-installation']) && !empty($_POST['amc-installation'])){
echo "posted";
var_dump($_POST);
}
You should use $_POST not $POST.
Hope this will helps you :)

An empty row getting inserted in database

Hey I am trying to get this code running for the past few days now. I do not know what is the problem. Whenever I run the code I can see it running but an empty row gets inserted. Basically I ave tried to hard code the data and the data gets inserted. Here is the HTML form:
<form action="register.php" id="contactForm" type="post">
<div class="row">
<div class="form-group">
<div class="col-md-6">
<label>First name *</label>
<input type="text" class="form-control" name="fname" >
</div>
<div class="col-md-6">
<label>Last name *</label>
<input type="text" class="form-control" name="lname" >
</div>
</div>
</div>
<div class="row">
<div class="form-group">
<div class="col-md-6">
<label>Gender *</label><br>
<select name="gender">
<option> Male </option>
<option> Female </option>
</select>
</div>
<div class="col-md-6">
<label>Stream *</label><br>
<select name="stream">
<option> B-Tech </option>
<option> M-Tech </option>
</select>
</div>
</div>
</div>
<div class="row">
<div class="form-group">
<div class="col-md-6">
<label>Email *</label>
<input type="text" class="form-control" name="email" >
</div>
<div class="col-md-6">
<label>Mobile *</label>
<input type="text" class="form-control" name="mobile">
</div>
</div>
</div>
<div class="row">
<div class="form-group">
<div class="col-md-6">
<label>College *</label>
<input type="text" class="form-control" name="college" >
</div>
<div class="col-md-6">
<label>Job Kind *</label>
<input type="text" class="form-control" name="job" >
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
&nbsp&nbsp&nbsp&nbsp
<input type="submit" value="Register" class="btn btn-primary btn-lg"
data-loading-text="Loading..." name="submit">
</div>
</div>
</form>
Here is the registration.php
<?php
$connection = mysql_connect("EDITED by billy, was an I.P and port number", "user", "password"); // Establishing Connection with Server
$db = mysql_select_db("Registrations_connect", $connection); // Selecting Database from Server
$first_name = $_POST["fname"];
$last_name = $_POST["lname"];
$sex = $_POST["gender"];
$field = $_POST["stream"];
$contact = $_POST["mobile"];
$eaddress = $_POST["email"];
$institute = $_POST["college"];
$naukri = $_POST["job"];
$query = mysql_query("insert into students(fname, lname, gender, stream, mobile, email, college, job)
values ('$name', '$last_name', '$sex', '$field','$contact', '$eaddress', '$intitute', '$naukri')");
echo "<br/><br/><span>Data Inserted successfully...!!</span>";
mysql_close($connection); // Closing Connection with Server
?>
After running; In the inspect element I checked the response:- It shows Data Inserted successfully but actually an empty row is getting inserted. Basically what i think I am not able to correctly grab the data properly from form. Can somebody please check what is the problem. It will be a great help.

The attribute is method, not type. This typo is causing your form to process a GET rather than a POST. So all your variable assignments are wrong.
$first_name = $_POST["fname"];
would be
$first_name = $_GET["fname"];
or you could use the $_REQUEST; or you can just correct the attribute,
<form action="register.php" id="contactForm" method="post">
Your code also is wide open to SQL injections and is using the deprecated mysql_ functions. You should update to mysqli or pdo and be using prepared statements with parameterized queries.
More on SQL injections:
http://php.net/manual/en/security.database.sql-injection.phpHow can I prevent SQL injection in PHP?https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet#Defense_Option_1:_Prepared_Statements_.28Parameterized_Queries.29

HTML/PHP Form not working

I have a HTML Form that uses partial PHP to grab the value, the form is basically like an edit account details form.
The Problem
I cannot work out why the form is not working and when using notepad++ to edit my code if I click on the it shows the start to be a DIV which just confuses the matter even more... When submitting the form it takes you back to the form page with no message so I am lost for a reason..
Form Page
<form method="POST" action="dev.php">
<!-- Row -->
<div class="row-fluid">
<!-- Column -->
<div class="span6">
<!-- Group -->
<div class="control-group">
<label class="control-label" for="fname">First name</label>
<div class="controls">
<input type="text" name="fname" id="fname" value="<?php echo $user_fname; ?>" class="span10" />
<span style="margin: 0;" class="btn-action single glyphicons circle_question_mark" data-toggle="tooltip" data-placement="top" data-original-title="First name is mandatory"><i></i></span>
</div>
</div>
<!-- // Group END -->
<!-- Group -->
<div class="control-group">
<label class="control-label" for="lname">Last name</label>
<div class="controls">
<input type="text" name="lname" id="lname" value="<?php echo $user_sname; ?>" class="span10" />
<span style="margin: 0;" class="btn-action single glyphicons circle_question_mark" data-toggle="tooltip" data-placement="top" data-original-title="Last name is mandatory"><i></i></span>
</div>
</div>
<!-- // Group END -->
</div>
<!-- // Column END -->
<!-- Column -->
<div class="span6">
<!-- Group -->
<div class="control-group">
<label class="control-label" for="email">Email Address</label>
<div class="controls">
<input type="text" name="email" id="email" value="<?php echo $user_email; ?>" class="span10" />
<span style="margin: 0;" class="btn-action single glyphicons circle_question_mark" data-toggle="tooltip" data-placement="top" data-original-title="First name is mandatory"><i></i></span>
</div>
</div>
<!-- // Group END -->
<!-- Group -->
<div class="control-group">
<label class="control-label" for="phonenumber" >Phone Number:</label>
<div class="controls">
<input type="text" name="phonenumber" id="phonenumber" value="<?php echo $user_number; ?>" class="span10" />
</div>
</div>
<!-- // Group END -->
</div>
<!-- // Column END -->
</div>
<!-- // Row END -->
<div class="separator line bottom"></div>
<!-- Group -->
<div class="control-group row-fluid">
<label class="control-label" for="bio">About me</label>
<div class="controls">
<textarea id="bio" name="bio" class="span12" rows="5"><?php echo $user_bio;?></textarea>
</div>
</div>
<!-- Form actions -->
<div class="form-actions" style="margin: 0;">
<button type="submit" id="accountdetails" name="accountdetails" class="btn btn-icon btn-primary glyphicons circle_ok"><i></i>Save changes</button>
</div>
</div>
</form>
<!-- // Form actions END -->
dev.php
if (isset($_POST['accountdetails'])) {
if (isset($_POST['fname']) || isset($_POST['lname']) || isset($_POST['email']) || isset($_POST['phonenumber']) || isset($_POST['bio'])) {
die ("HERE");
};
};
I probably need to drink more Coffee but I cannot for the life of me work out why it is not working.
Any help would be appreciated!
Thanks in advance.
EDIT
I put the name's in and this did not help, now the URL of the page shows this:
update.php?fname=Aaron&lname=Hatton&email=me%40aaronhatton.co.uk&phonenumber=0123456789&bio=+18+%7C+London+%7C+Taken&accountdetails=
any ideas?

One: do what Fred said (name attributes on your input tags).
Two: You're missing the </form> tag at the end.

Your form page seems correct, however, since the form updates the user data, look what the dev.php code is doing:
isset() function returns true if the value is set and you manual set the fields so it will evaluate to true.
and in your if statement you are ORing all the conditions so as soon as it finds 1 true condition, it will go into the if statement body and execute die which will do nothing.
so if you want to test, instead of using die, try echo "here" to see if a message is printed.

So I found out the form works perfect and there was some AJAX being used by another coder, removed and surprise surprise it works perfectly!
Damn co-workers!
Thanks to all that helped!

inserting different data with different id on single save button

I do have three fields which are text input which is of type number.these three data are being saved with different ids but on the same save button.i.e i am inserting data into all the field and then clicking on the save button but the my first data is being saved by different id and the same for the rest of two data.for example if i put 1 in first input,2 in second and 3 in the next since these are number type.but 1 is being saved by say by id:11,2 is being saved by say by id:12,3 is being saved by say by id:13.
my view is like below:
<form class="form">
<div class="control-group">
<label class="control-label">High Priority</label>
<div class="controls">
<input type="number"name="sval"id="sval"/>Days
</div>
</div>
<div class="control-group">
<label class="control-label ">Low Priority</label>
<div class="controls">
<input type="number"name="sval" id="sval"/>Days</div>
</div>
<div class="control-group">
<label class="control-label ">Normal</label>
<div class="controls">
<input type="number" name="sval" id="sval"/>Days </div>
</div>
<button id="btn" class="btn btn-primary insert">Save</button>
</form>
and the queries are:
var sqld:String;
sqld = "Delete from app_settings where kunnr = '"+kunnr+"' and ( skey = 'hp_days' or skey = 'np_days' or skey = 'lp_days' )";
wcisql.query(sqld,'clearRDays');
}
public function saveRDays():void{
var sqlu:String;
sqlu = "Insert into app_settings(kunnr,skey,sval) Values ('"+kunnr+"','hp_days','"+hp_days.value+"')";
wcisql.query(sqlu,'saveRDays');
sqlu = "Insert into app_settings(kunnr,skey,sval) Values ('"+kunnr+"','np_days','"+np_days.value+"')";
wcisql.query(sqlu,'saveRDays');
sqlu = "Insert into app_settings(kunnr,skey,sval) Values ('"+kunnr+"','lp_days','"+lp_days.value+"')";
wcisql.query(sqlu,'saveRDays');
$sql = "Select * from app_settings where kunnr = '$kunnr'";
}
i am adding image as well so that u can get better idea:
how to do this please suggest..
and for my view:

use Multiple Insert statement
ckeck out this referenced link:
Multiple INSERT statements vs. single INSERT with multiple VALUES
&
http://www.techonthenet.com/sql/insert.php

The problem is you can only use one ID for each HTML element.
So there are two ways to achieve this, one is dynamic the second is static.
Static Solutions:
<div class="control-group">
<label class="control-label">High Priority</label>
<div class="controls">
<input type="number"name="sval1"id="sval1"/>Days
</div>
</div>
<div class="control-group">
<label class="control-label ">Low Priority</label>
<div class="controls">
<input type="number"name="sval2" id="sval2"/>Days</div>
</div>
<div class="control-group">
<label class="control-label ">Normal</label>
<div class="controls">
<input type="number" name="sval3" id="sval3"/>Days </div>
</div>
<button id="btn" class="btn btn-primary insert">Save</button>
Dynamic Solution
<div class="control-group">
<label class="control-label">High Priority</label>
<div class="controls">
<input type="number" name="sval[]"/>Days
</div>
</div>
<div class="control-group">
<label class="control-label ">Low Priority</label>
<div class="controls">
<input type="number" name="sval[]"/>Days</div>
</div>
<div class="control-group">
<label class="control-label ">Normal</label>
<div class="controls">
<input type="number" name="sval[]"/>Days </div>
</div>
<button id="btn" class="btn btn-primary insert">Save</button>
Now when you post the form the items will come in array so you have an array
$_GET['sval'] or $_POST['sval'] contains array(1,2,3)

Categories