php coding Form submission to server using php - php

I have typed this coding by using php and mysql. In If statement condition Id part is not inserted into database. But other fields are inserted into database. I couldn't find out the error. Can anyone tell what is the error?
<?php
$conn=mysqli_connect("localhost","root","database","user") or die("unable to connect");
//echo "Connected Successfully";
?>
<h2>Form Submission to Server</h2>
<?php
if(isset($_POST["submit"]))
{// get user inputs
$error="";
$resultmessage="";
$id=$_POST["id"];
$firstname=$_POST["firstname"];
$lastname=$_POST["lastname"];
$email=$_POST["email"];
$password=$_POST["password"];
//error messages
$missingfirstname="<p>Enter your First name</p>";
$missinglastname="<p>Enter your Last name</p>";
$missingemail="<p>Enter your Email id</p>";
$invalidmail="<p>enter your valid mail id</p>";
$missingpwd="<p>Enter your password</p>";
if(!$firstname)
{
$error.=$missingfirstname;
}
else
{
$firstname=filter_var($firstname,FILTER_SANITIZE_STRING);
}
if(!$lastname)
{
$error.=$missinglastname;
}
else
{
$lastname=filter_var($lastname,FILTER_SANITIZE_STRING);
}
if(!$email)
{
$error.=$missingemail;
}
else
{
$email=filter_var($email,FILTER_SANITIZE_EMAIL);
if(!filter_var($email,FILTER_VALIDATE_EMAIL))
{
$error.=$invalidmail;
}
}
if(!$password)
{
$error.=$missingpwd;
}
if($error)
{
$resultmessage='<div class="alert alert-danger">'.$error.'</div>';
echo $resultmessage;
}
else
{
//no errors,prepare variables for query
$tblname="attend4";
$firstname=mysqli_real_escape_string($conn,$firstname);
$lastname=mysqli_real_escape_string($conn,$lastname);
$email=mysqli_real_escape_string($conn,$email);
$password=mysqli_real_escape_string($conn,$password);
$password=md5($password);
//execute the query
if(!$id)
{
$sql="INSERT INTO attend4(firstname,lastname,email,password)VALUES('$firstname','$lastname','$email','$password')";
}
else
{
$sql="INSERT INTO attend4(id,firstname,lastname,email,password)VALUES('$id',$firstname','$lastname','$email','$password')";
} if(mysqli_query($conn,$sql))
{
$resultmessage="Data added successfully";
echo $resultmessage;
}
else
{
$resultmessage="unable to add";
echo $resultmessage;
}
}
}
?>
<form action="33.populateusigform.php" method="post">
<div class="form-group">
<label for="number">Number</label>
<input type="number" name="id" id="id" class="form-control" maxlength="4" placeholder="Enter your Number">
</div>
<div class="form-group">
<label for="firstname">First Name</label>
<input type="text" name="firstname" id="firstname" maxlength="30" class="form-control" placeholder="Enter your Firstname">
</div>
<div class="form-group">
<label for="lastname">Lastname</label>
<input type="text" name="lastname" id="lastname" maxlength="30" placeholder="Enter your lastname" class="form-control">
</div>
<div class="form-group">
<label for="email">Email</label>
<input type="email" name="email" id="email" maxlength="30" placeholder="Enter your Email Id"class="form-control">
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" name="password" maxlength="30" placeholder="Enter your Password" class="form-control">
</div>
<input type="submit" name="submit" class="btn btn-success center-block" value="Send data">
</form>

I suspect your issue is with the if($id) which may act strangely if given 0, triggering the sql query without the id term.
I would use if(empty($id)) instead it will be more reliable.

Too many problems...
1) you have kept your action "33.populateusigform.php" for form but are inserting data from same file....
2) have you kept your id to auto increment?
3) what is use to save id in your case, it will automatically be saved if you use as primary key in db.
Need to check your db schema for further assistance.

Related

$_SESSION messages not displaying

Please, I dont know what might be the problem that my $_SESSION['error'] does not display in my html file. I dont see what might be the problem.
I have error messages in session but none of them displays
in my html, i included my backend code that is php and session is started there
//HTML FILE
register.php
<? php
require_once 'php.php';
?>
<h4>Registration</h4>
<div><?php
if ( isset($_SESSION['error']) ) {
echo '<p style="color:red">'.$_SESSION['error']."</p>\n";
unset($_SESSION['error']);
}
if ( isset($_SESSION['success']) ) {
echo '<p style="color:green">'.$_SESSION['success']."</p>\n";
unset($_SESSION['success']);
}
?>
</div>
<form action="about.php" method="post" enctype="multipart/form-data">
<p id="head"></p>
<!-- <div class="mb-3"> -->
<label for="surname" class="form-label">Surname</label>
<input class="form-control" type="text" id="surname" name="surname"
<label for="firstname" class="form-label">First name</label>
<input class="form-control" type="text" id="firstname" name="firstname" value="<?= htmlentities($firstname) ?>" required>
<label for="othername" class="form-label">Othername</label>
<input class="form-control" type="text" id="othername" name="othername" value="<?= htmlentities($othername) ?>"><br>
<button type="submit" id="submitform" name="signup-btn" class="btn btn-primary btn-inline-block btn-lg">Sign Up</button>
</form>
//PHP
<?php
session_start();
require_once "pdo.php";
if (isset($_POST['signup-btn'])) {
if (strlen($_POST['surname']) < 1) {
$_SESSION['error'] = "Please, add surname";
header("Location:register.php");
return;
}
if (strlen($_POST['firstname']) < 1) {
$_SESSION['error'] = "Please, add your first name";
header("Location:register.php");
return;
}
The session_start must be before any HTML is emitted. In the file, you have <h4> before session_start is executed.
Shift the session_start to the top of the file. If php.php has no HTML then it can be after the include, otherwise, put it before the include.

how to take input from options ,while i have to input data into two tables of a same database,based on option data will be inserted

I have two tables in a database where i have to input data through a form, but the condition is-there is a select option in the form and as the option we have to insert data .
if option 1 is chosen then the data should be inserted to table x
and if option 2 is chosen then the data should be inserted to table y
I have tried using switch case and elseif
but couldn'
t find the right condition for it.
html code-
<form method="post" class="register-form" id="register-form">
<div class="form-group">
<label for="name"><i class="zmdi zmdi-account material-icons-name"></i></label>
<input type="text" name="aname" id="name" placeholder="Your Name"/>
</div>
<div class="form-group">
<label for="email"><i class="zmdi zmdi-email"></i></label>
<input type="email" name="email" id="email" placeholder="Your Email"/>
</div>
<div class="form-group">
<label for="address"><i class="zmdi zmdi-home"></i></label>
<input type="text" name="address" id="address" placeholder="Your Address"/>
</div>
<div class="form-group">
<label for="user"><i class="zmdi zmdi-accounts-alt"></i></label>
<select id="person-type" name="logtype" required style="border-top: rgba(0,0,0,0.0);border-right: rgba(0,0,0,0.0);border-left: rgba(0,0,0,0.0); width: 100%;margin-left: 22px;">
<option disabled selected value="">Select your login type</option>
<option value="consumer" name="consumer">Consumer</option>
<option value="electrician" name="electrician">Electrician</option>
</select>
</div>
<div class="form-group">
<label for="pass"><i class="zmdi zmdi-lock"></i></label>
<input type="password" name="apass" id="password" pattern=".{6,}" required placeholder="Password " oninvalid="this.setCustomValidity('Password must be 6 digit long or more')" oninput="this.setCustomValidity('')" />
</div>
<div class="form-group">
<label for="re-pass"><i class="zmdi zmdi-lock-outline"></i></label>
<input type="password" name="re_pass" id="confirm_password"required="#" minlength="8" placeholder="Repeat your password"/>
</div>
<div class="form-group">
<input type="checkbox" name="agree-term" id="agree-term" class="agree-term" required/>
<label for="agree-term" class="label-agree-term"><span><span></span></span>I agree all statements in Terms of service</label>
</div>
<div class="form-group form-button">
<input type="submit" name="signup" id="signup" class="form-submit" value="Register"/>
</div>
</form>
php code-
if (isset($_POST['signup']))
{
if ($_POST['logtype'] == 'consumer')
{
$consumer=mysqli_query($edb,"insert into consumer(name,email,address,logtype,password) values('".$_POST['aname']."','".$_POST['email']."','".$_POST['address']."','".$_POST['logtype']."',md5.
('".$_POST['apass']."'))");
header("Location:loginonly.php");
}
elseif ( $_POST['logtype'] == 'electrician' )
{
$electrician=mysqli_query($edb,"insert into electrician(name,email,address,logtype,password) values('".$_POST['aname']."','".$_POST['email']."','".$_POST['address']."','".$_POST['logtype']."',md5.
('".$_POST['apass']."'))");
header("Location:loginonly.php");
}
no errors, while the data is not inserted in tables
You should add some error handling to your query execution to help find what's happening.
Basic mysqli error handing in php would be something like:
<?php
if (!mysqli_query($edb,"YOUR QUERY HERE"))
{
echo("Error description: " . mysqli_error($con));
}
?>
if ($_POST['logtype'] == 'consumer') {
$consumer=mysqli_query($edb,"insert into consumer(name,email,address,logtype,password) values('".$_POST['aname']."','".$_POST['email']."','".$_POST['address']."','".$_POST['logtype']."',md5('".$_POST['apass']."'))"); header("Location:loginonly.php");
}
elseif ( $_POST['logtype'] == 'electrician' )
{
$electrician=mysqli_query($edb,"insert into electrician(name,email,address,logtype,password) values('".$_POST['aname']."','".$_POST['email']."','".$_POST['address']."','".$_POST['logtype']."',md5('".$_POST['apass']."'))");
header("Location:loginonly.php");
}
May be you are using md5 method wrong
I think you're using the md5 function wrong.
'" . md5($_POST['apass']) . "'
instead of
md5.('".$_POST['apass']."') //md5 has to be in the PHP part in double quotes
To minimize the error sources i would prefer this code:
if ($_POST['logtype'] === 'consumer') {
$table = "consumer";
}elseif ( $_POST['logtype'] === 'electrician' ){
$table = "electrician";
}
$apass = md5($_POST['apass']);
$consumer = mysqli_query($edb,"insert into " . $table . " (name,email,address,logtype,password) values('".$_POST['aname']."','".$_POST['email']."','".$_POST['address']."','".$_POST['logtype']."','" . $apass . "'))");
header("Location:loginonly.php");
There was syntax error in your query near md5 function. Its getting executed as md5.(password) instead of md5(password).
Also its advisable to keep error logging on php in development mode. https://www.php.net/manual/en/function.error-reporting.php

PHP Register Form Not Working

I am trying to make a register form for my website using PHP. Everything in the HTML code & most of the PHP code works fine, however, when I add the code for putting the data into the database the website does not work, instead, I get an error saying, 'HTTP ERROR 500'. What is wrong with my code that is making this happen?
Thanks in advance for your help.
My HTML Code:
<form role="form" method="post" id="msgform" action="phpcodes/register.php" autocomplete="off">
<fieldset>
<div class="row" style="width: 95%; margin: 0% 2.5%;">
<div class="form-group">
<input class="form-control" placeholder="First Name" value="" name="firstname" type="text" autofocus required>
</div>
<div class="form-group">
<input class="form-control" placeholder="Last Name" name="lastname" type="text" value="" required>
</div>
<div class="form-group">
<input class="form-control" placeholder="Email" name="email" type="email" value="" required>
</div>
<div class="form-group">
<input class="form-control" placeholder="Password" name="password" type="password" value="" required>
</div>
<div class="form-group">
<input class="form-control" placeholder="Confirm Password" name="cpassword" type="password" value="" required>
</div>
<div class="checkbox">
<label>
<input type="checkbox" value="TERMS & CONDITIONS & PRIVACY POLICY" unchecked required />
<a style="text-align: right; color: black; text-decoration: none; font-size: 11px;">I have read & accept Teen Jobs TERMS & CONDITIONS & PRIVACY POLICY.</a>
</label>
</div>
<div class="checkbox">
<label>
<input type="checkbox" value="NZ WORK" unchecked required />
<a style="text-align: right; text-decoration: none; color: black; font-size: 11px;">I have the right to work in New Zealand & undertake employment.</a>
</label>
</div>
<button style="outline: none; background-color: #00a63f;" id="btn" class="btn btn-lg btn-success btn-block">REGISTER</button>
</fieldset>
</form>
My PHP Code:
<?php
session_start();
include('connection.php');
if(!$con)
{
echo "<br/>";
echo '<div class="alert alert-warning">Something went wrong, please try again!</div>';
}
else {
$fname= mysqli_real_escape_string($con,$_POST['firstname']);
$lname=mysqli_real_escape_string($con,$_POST['lastname']);
$email=mysqli_real_escape_string($con,$_POST['email']);
$pass=mysqli_real_escape_string($con,$_POST['password']);
$cpass=mysqli_real_escape_string($con,$_POST['cpassword']);
if($cpass!=$pass) {
echo "The two passwords entered do not match!";
}
else {
$result = $con->query("SELECT * FROM `signin` WHERE `email` = '$email'");
if($result->num_rows == 0) {
$query="INSERT INTO `signin`(`user_id`, `email`, `password`) VALUES (default,'$email','$pass')";
if(mysqli_query($con,$query)) {
$last_user_id="SELECT * `user_id` FROM `signin` ORDER BY `user_id` DESC LIMIT 1";
$result = mysqli_query($con,$last_user_id);
if(mysqli_num_rows($result)>0) {
while($row=mysqli_fetch_array($result)) {
$user_id = $row['user_id'];
$_SESSION['user_id']=$user_id;
echo $user_id;
}
}
else {
echo "NOT USER ID";
}
$query1="INSERT INTO `user_prfile`(`profile_id`, `firstname`, `lastname`, `user_id`) VALUES (default,'$fname','$lname','$user_id')";
if(mysqli_query($con,$query1)) {
header('Location: ../sign-in.php');
}
else {
echo '<div class="alert alert-warning">Data not inserted</div>';
}
}
else {
echo '<div class="alert alert-warning">Data not inserted</div>';
}
}
else {
echo '<div class="alert alert-warning">Data not inserted</div>';
}
}
else {
echo '<div class="alert alert-warning">That Email Already Exist.</div>';
}
}
}
?>
your conditions are not properly closed, there is no "if" for this "else"
else {
echo '<div class="alert alert-warning">That Email Already Exist.</div>';
}
}
You should look for a PHP editor that helps you to format the code properly and find inconsistences (MS Code maybe? or Brackets?).

How to input image in database using pdo?

I use PDO to input data to database. I try use this scripts but it doesn't work for image file.
This error message:
Notice:
Undefined index: gambar in C:\xampp\htdocs\data\add-buku.php on line
23 SQLSTATE[HY093]: Invalid parameter number: number of bound
variables does not match number of tokens
How to fix it? Thanks in advance
<?php if(isset($_POST['input-buku'])){
$id_buku=trim($_POST['id_buku']);
$judul_buku=trim($_POST['judul_buku']);
$isbn=trim($_POST['ISBN']);
$harga=trim($_POST['harga']);
$gambar=trim($_FILES['gambar']['name']);
if(strlen($gambar)>0){
if(is_uploaded_file($_FILES['gambar']['tmp_name'])){
move_uploaded_file($_FILES['gambar']
['tmp_name'],"../images/buku".$gambar);
} } try {
$stmt = $con->prepare("SELECT id_buku from tb_buku where id_buku=:id_buku ");
$stmt->execute(array(':id_buku'=>$id_buku));
$row=$stmt->fetch(PDO::FETCH_ASSOC);
if($row > 0)
{
$error[] = "maaf ID yang Anda inputkan sudah ada !";
}
else
{
if($crud->create_buku($id_buku, $judul_buku,$isbn, $harga $gambar))
{
$crud->redirect('add-buku.php?berhasil');
}
}
}
catch(PDOException $e)
{
echo $e->getMessage();
}
}?>
HTML
<form role="form" method="post">
<div class="form-group">
<label for="id_buku">ID Buku</label>
<input type="text" class="form-control" name="id_buku" value="<?php if(isset($error)){echo $id_buku;}?>" placeholder="Masukan ID Buku">
</div><div class="form-group">
<label for="ISBN">ISBN</label>
<input type="text" class="form-control" name="ISBN" placeholder="Masukan ISBN"></div>
<div class="form-group">
<label for="judul_buku">Judul Buku</label>
<input type="text" class="form-control" name="judul_buku" value="<?php if(isset($error)){echo $judul_buku;}?>" placeholder="Masukan Judul Buku"></div>
<div class="form-group">
<label for="harga">Harga</label>
<input type="text" class="form-control" name="harga" value="<?php if(isset($error)){echo $harga;}?>" placeholder="Masukan Harga Buku"></div>
<div class="form-group">
<label for="gambar">Gambar</label>
<input type="file" name="gambar" value="<?php if(isset($error)){echo $gambar;}?>">
<p class="help-block">Pilih Gambar Buku</p></div>
<div class="box-footer">
<button type="submit" class="btn btn-primary">Submit</button></div>
</form>
May be you have not added enctype="multipart/form-data" in your form. This is also give like that error. Better post your html code also

How do I get proper data while saving to mysql database?

I have a form made that appears to be connected to a mysql database. When I enter information into the form and submit it, it registers in the database as "0000-00-00" and the data is returned as "0000-00-00". None of the actual data is showing up. Any Ideas?
connection.php:
<?php
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'root';
$db = 'sm_residents';
$conn = mysql_connect($dbhost,$dbuser,$dbpass);
mysql_select_db($db);
?>
Create.php:
<?php
include ('connection.php');
$FirstName= $_POST['inputFirstName'];
$LastName= $_POST['inputLastName'];
$Address= $_POST['inputAddress'];
$Birthday= $_POST['inputBirthday'];
$FormerResidence= $_POST['inputFormerResidence'];
$Career= $_POST['inputCareer'];
$Education= $_POST['inputEducation'];
$SpecialInterests= $_POST['inputSpecialInterests'];
if ($_FILES["file"]["error"] > 0) {
} else {
if (file_exists("upload/" . $_FILES["file"]["name"])) {
} else {
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/" . $_FILES["file"]["name"]);
}
}
Picture= $_FILES["file"]["name"];
mysql_query("INSERT INTO residents (`ID`,`FirstName`,`LastName`,`Address`,`Birthday`,`FormerResidence`,`Career`,`Education`,`SpecialInterests`,`Picture`)
VALUES(NULL,'$FirstName','$LastName','$Address','$Birthday','$FormerResidence','$Career','$Education','$SpecialInterests','$Picture')") or die(mysql_error());
?>
<script> window.location = "index.php"; </script>
Index.php:
<?php
include ('connection.php');
if(isset($_POST['submit'])) {
echo "Please Fill Out The Form";
//header ('Location: create.php');
} else {
//echo "User Has Been Added";
//header('Location: create.php');
}
?>
<h1>Add A Resident</h1>
<form action="create.php" method="post" enctype="multipart/form-data">
<div class="form-group">
<label for="inputFirstName">First Name</label>
<input type="text" class="form-control" id="inputFirstName" placeholder="First Name">
</div>
<div class="form-group">
<label for="inputLastName">Last Name</label>
<input type="text" class="form-control" id="inputLastName" placeholder="Last Name">
</div>
<div class="form-group">
<label for="inputAddress">Address</label>
<input type="text" class="form-control" id="inputAddress" placeholder="Address">
</div>
<div class="form-group">
<label for="inputBirthday">Birthday</label>
<input type="date" class="form-control" id="inputBirthday">
</div>
<div class="form-group">
<label for="inputFormerResidence">Former Residence</label>
<input type="text" class="form-control" id="inputFormerResidence" placeholder="Former Residence">
</div>
<div class="form-group">
<label for="inputCareer">Career</label>
<input type="text" class="form-control" id="inputCareer" placeholder="Career">
</div>
<div class="form-group">
<label for="inputEducation">Education</label>
<input type="text" class="form-control" id="inputEducation" placeholder="Education">
</div>
<div class="form-group">
<label for="inputSpecialInterests">Special Interests</label>
<input type="text" class="form-control" id="inputSpecialInterests" placeholder="Special Interests">
</div>
<div class="form-group">
<label for="inputFile">File input</label>
<input type="file" id="inputFile">
</div>
<button type="submit" class="btn btn-default">Submit</button>
</form>
I'll make this an answer: (or a BIG 90% / 95% partial at best)
None of the actual data is showing up
There aren't even any named elements for the inputs, so nothing is going to go through, they're all IDs.
<input type="text" class="form-control" id="inputFirstName" placeholder="First Name">
which should read as
<input type="text" name="inputFirstName" class="form-control" id="inputFirstName" placeholder="First Name">
^^^^^^^^^^^^^^^^^^^^^
then do the same for the others by "naming" them as I did above.
PHP is looking for named elements, not IDs which cannot be relied upon.
This also doesn't have a name <input type="file" id="inputFile">
change to: <input type="file" name="file" id="inputFile">
as per $_FILES["file"]
Use error reporting
while placing the following underneath your opening <?php tag:
error_reporting(E_ALL);
ini_set('display_errors', 1);
which will throw many Undefined index warnings with your present code.
Also as pointed out by Barmar in his comment, you're missing a $ for Picture= $_FILES["file"]["name"]; unless that was a typo, it should read as:
$Picture= $_FILES["file"]["name"];
In regards to it registers in the database as "0000-00-00" make sure your column is of the correct type to accomodate a DATE.
Try formatting first your Birthdate:
$Birthday = date("Y-m-d", strtotime($_POST['inputBirthday']));

Categories