php - Can not insert multiple text inputs into database - php

This is my html code.
<form class="form-submit" method="post" action="sign-up-form.php" >
<div id="change-color0">
<label><span class="turn-white0">01</span>Họ tên đầy đủ của bạn</label>
<input type="text" id="input" name="content[]" class="addtodo0">
</div>
<div id="change-color1">
<label><span class="turn-white1">02</span>Số chứng minh thư nhân dân của bạn</label>
<input type="text" id="input" name="content[]" class="addtodo1">
</div>
<div id="change-color2">
<label><span class="turn-white2">03</span>Địa chỉ thường trú của bạn</label>
<input type="text" id="input" name="content[]" class="addtodo2">
</div>
<div id="change-color3">
<label><span class="turn-white3">04</span>Tại sao bạn muốn trở thành học viên của dự án</label>
<input type="text" id="input" name="content[]" class="addtodo3">
</div>
<div id="change-color4">
<label><span class="turn-white4">05</span>Bạn nghĩ mình là ai</label>
<input type="text" id="input" name="content[]" class="addtodo4">
</div>
<div id="change-color5">
<label><span class="turn-white5">06</span>Trong mắt người khác bạn là ai</label>
<input type="text" id="input" name="content[]" class="addtodo5">
</div>
<div id="change-color6">
<label><span class="turn-white6">07</span>Bạn sợ nhất điều gì</label>
<input type="text" id="input" name="content[]" class="addtodo6">
</div>
<div id="change-color7">
<div class="row" id="log-out">
<div id="submit-button">
<button class="btn btn-sharp">
<a name="submit" value="submit" id="submit-form">Gửi đơn</a>
</button>
</div>
<div id="log-out-button">
ĐĂNG XUẤT
</div>
</div>
</form>
And this is my php code to insert the text fields into my database
<?php
if (isset($_POST["submit"])){
$conn = mysql_connect("localhost", "root","");
mysql_select_db("db");
foreach ($_POST['content'] as $content) {
$data = mysql_real_escape_string($content);
mysql_query("INSERT INTO form ( content ) VALUES ('".$data."')") or die(mysql_error());
}
}
header("location: thank-you.html");
?>
Text editor doesnt show any error but the database shows nothing. I've tried
implode()
UPDATE (php code)
I updated my code using PDO like this.
<?php
if (isset($_POST["submit"])){
$pdo = new PDO("mysql: host = localhost; dbname = db","root","");
die(var_dump($_POST['content']));
foreach ($_POST['content'] as $content) {
$query = $pdo->prepare("INSERT INTO form(content) VALUES (:content)");
$query->bindParam(":content", $content);
$query->execute();
}
}
?>
And thing does not show up still.

You should try this. I read this on stackover and it works.
if (isset($_POST["submit"]))
foreach ($_POST['content'] as $content) {
$data1 = mysql_real_escape_string($content);
mysql_query("INSERT INTO form (content) VALUES ('$data1')") or die(mysql_error());
}
}

Related

Control not entering if(isset()))

Below is the html code for my form and the php code which i am using to pass data to a class method.Now the problem that i have is that the control does not seem to enter the if loop which i concluded by testing as you can see."test0" gets printed but "test1" and other subsequent "tests" do not get printed.
<form action="" method="post" enctype=multipart/form-data>
<div class="form-group">
<label for="job name">Job name:</label>
<input type="text" class="form-control" id="jobnm" value="<?php echo $_GET['jobnm'];?>" disabled>
</div>
<div class="form-group">
<label for="name">Name:</label>
<input type="text" class="form-control" name="name" required>
</div>
<div class="form-group">
<label for="email">Email address:</label>
<input type="email" class="form-control" name="mail" required>
</div>
<div class="form-group">
<label for="phone">Enter a phone number:</label><br><br>
<input type="tel" id="phone" name="phone" placeholder="+91-1234567890" pattern="[0-9]{10}" required><br><br>
<small>Format: 1234567890</small><br><br>
</div>
<label >Gender</label>
<div class="radio">
<label><input type="radio" name="optradio" value="m">Male</label>
</div>
<div class="radio">
<label><input type="radio" name="optradio" value="f">Female</label>
</div>
<div class="radio">
<label><input type="radio" name="optradio" value="o">Other</label>
</div>
<div class="custom-file">
<input type="file" class="custom-file-input" name="cvFile" required>
<label class="custom-file-label" for="customFile">Upload resume</label>
</div>
<button type="submit" class="btn btn-primary">Submit</button>
<button type="reset" class="btn btn-danger" >Reset</button>
</form>
<?php
require_once 'db-config.php';
require_once 'classCandi.php';
echo "test0";
if(isset($_POST['submit']))
{
echo "test1";
$jobID = $_GET['jobid'];
echo "test2";
$canName = $_POST['name'];
$canEmail = $_POST['mail'];
$canPhone = $_POST['phone'];
$canRadio = $_POST['optradio'];
echo "test3";
//Upload file
$fnm = "cv/";
$cvDst = $fnm . basename($_FILES["cvFile"]["name"]);
move_uploaded_file($_FILES["cvFile"]["tmp_name"],$cvDst);
echo "test4";
$obj = new Candi($conn);
$obj->storeInfo($jobID,$canName,$canEmail,$canPhone,$canRadio,$cvDst);
echo "test5";
echo '<script language="javascript">';
echo 'alert("Submitted");';
echo '</script>';
echo "test6";
}
The below code won't be true anytime! It's because you didn't understand how $_POST works.
if(isset($_POST['submit']))
There's no input element in your frontend that has name="submit". And to see, there's none of the inputs have name attribute at all.
Instead, the better way to do is, understand how this works and change your code so that, it includes:
a name attribute for all the input and form elements.
a check on the values and not $_POST['submit']
And finally...
don't copy and paste without understanding the code.
don't check on $_POST['submit'] truthness.
Example, for $canName = $_POST['name']; to work, you need to have:
<input type="text" name="name" id="name" value="<?php echo $something; ?>" />
// ^^^^^^^^^^^
And have your attribute and values in quotes please:
enctype="multipart/form-data"
// ^ ^

Why is the header not working in this code?

The php code to get to the header after executing the queries
<?php
if (isset($_POST['Submit1'])) {
$con = mysqli_connect("localhost:3306", "root", "", "travels");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$fname1 = $_POST['fname'];
$lname1 = $_POST['lname'];
$pnum1 = $_POST['pnum'];
$email1 = $_POST['email'];
$fcode = $_POST['fcode'];
$sql = "insert into customer_info(fname,lname,pnumber,email) values ('$fname1','$lname1','$pnum1','$email1')";
$sql1 = "insert into booking_info(fname,lname,pnumber,email,f_code) values ('$fname1','$lname1','$pnum1','$email1','$fcode')";
$sql2 = "update flight_info set seats_available=seats_available-1 where flight_code='$fcode'";
mysqli_query($con, $sql);
mysqli_query($con, $sql1);
mysqli_query($con, $sql2);
header("Location: Booking_confirm.php");
}
?>
HTML CODE
<div class="container mt-5">
<div class="row">
<div class="col-md-6">
<form action="Booking.php" method="POST">
<div class="form-group">
<label for="fname">First Name: </label>
<input type="text" name="fname" class="form-control" id="fname"/>
</div>
<div class="form-group">
<label for="lname">Last Name: </label>
<input type="text" name="lname" class="form-control" id="lname"/>
</div>
<div class="form-group">
<label for="pnum">Phone Number: </label>
<input type="text" name="pnum" class="form-control" id="pnum"/>
</div>
<div class="form-group">
<label for="email">Email-Address: </label>
<input type="text" name="email" class="form-control" id="email"/>
</div>
<div class="form-group">
<label for="flight">Flight No: </label>
<input type="text" name="fcode" class="form-control" id="fcode"/>
</div>
<form action="Booking_confirm.php" method="POST" target="_blank">
<button type="Submit" name="Submit1" class="btn btn-primary">Book</button>
</form>
</form>
</div>
This is how my code looks. for some reason my header is not working and i am not able to find out why.
Help would be appreciated.
I have tried every possible change to get the header to work but of no use
You have two nested forms, your first form action="Booking.php" contains all fields while the second, nested form action="Booking_confirm.php", only contains the submit button an NO fields.
Replace
<form action="Booking_confirm.php" method="POST" target="_blank">
<button type="Submit" name="Submit1" class="btn btn-primary">Book</button>
</form>
with
<button type="Submit" name="Submit1" class="btn btn-primary">Book</button>
When clicking submit there is no $_POST['fname'], $_POST['lname'] etc.
Edit: you also might need to replace
<form action="Booking.php" method="POST">
with
<form action="Booking_confirm.php" method="POST" target="_blank">
depending on where your "header"/code is placed
Make sure there is not white space or html tags or any output, before the header() function...
upload the entire code, structure so we can help you find the solution

Why php form not submitting?

I'm developing a script for online admission in a website. Below is php code of the page. The problem is that it's not submitting.
<?php
include ("include/header.php"), include ("include/config.php");
if(isset($_POST['applyAdmission'])) {
$admission_no = $_POST['admission_no'];
$f_name = $_POST['f_name'];
$l_name = $_POST['l_name'];
$p_add = $_POST['p_add'];
$c_add = $_POST['c_add'];
$dob = $_POST['dob'];
$education = $_POST['education'];
$mobile = $_POST['mobile_no'];
$course = $_POST['course'];
$subjects = $_POST['subjects'];
$timing = $_POST['timing'];
$filepath_pic = $_FILES['picture']['name'];
$res_move_pic = move_uploaded_file($_FILES['picture']['tmp_name'], "/admission/".$filepath_pic);
$filepath_sign = $_FILES['sign']['name'];
$res_move_sign = move_uploaded_file($_FILES['sign']['tmp_name'], "/admission/".$filepath_sign);
$agree_terms = $_POST['agree_terms'];
$agree_cond = $_POST['agree_cond'];
if ($res_move_pic == 1 && $res_move_sign == 1 ) {
$query = "INSERT into online_admission (f_name, l_name, p_add, c_add, dob, degree, mobile_no, course, subjects, timing, pic, sign, agree_terms, agree_cond, applied_on)
values ('$f_name','$l_name','$p_add','$c_add','$dob','$education','$mobile','$course','$subjects','$timing','$filepath_pic','$filepath_sign','$agree_terms','$agree_cond','now()')";
$res = mysql_query($query) or die("ERROR: Unable to insert into database.");
if ($res == 1) {
header('Location:http://adarshclasses.in/admission_success.php/');
exit();
} else {
header('Location:http://adarshclasses.in/admission_failed.php/');
exit();
}
} else {
echo "Error in updateing profile pic and sign";
}
} else {
//echo "Please submit the form, thanks!";
}
;?>
Everything in form is correct like I added same name in form which i used in $_POST but still it's not working, please help me to fix this issue.
Here is html codes of form:
<form class="form-horizontal" id="admission_form" method="post" action="" enctype="multipart/form-data">
<!--div class="row">
<div class="col-lg-6">
<label for="admission_no"> Admission No. </label>
<input type="hidden" class="form-control" name="admission_no" value="<?php echo $admission_no ;?>" readonly disabled>
</div>
</div--><br>
<div class="row">
<div class="col-lg-6">
<label for="f_name"> First Name <span class="required">*</span> </label>
<input type="text" class="form-control" name="f_name" placeholder="Your first name" value="<?php echo $f_name ;?>" required>
</div>
<div class="col-lg-6">
<label for="l_name"> Last Name <span class="required">*</span></label>
<input type="text" class="form-control" name="l_name" placeholder="Your last name" value="<?php echo $l_name ;?>" required>
</div>
</div><br>
<div class="row">
<div class="col-lg-12">
<label for="p_add"> Permanent Address <span class="required">*</span></label>
<textarea class="form-control" name="p_add" placeholder="Please write your permanent address" value="<?php echo $p_add ;?>" required></textarea>
</div>
</div><br>
<div class="row">
<div class="col-lg-12">
<label for="c_add"> Current Address in Jodhpur <span class="required">*</span></label>
<textarea class="form-control" name="c_add" placeholder="Please write your address where you currently living" value="<?php echo $c_add ;?>" required></textarea>
</div>
</div><br>
<div class="row">
<div class="col-lg-6">
<label for="dob"> Date of birth <span class="required">*</span></label>
<input type="date" class="form-control" name="dob" placeholder="Your date of birth eg:- 25/11/1996" value="<?php echo $dob ;?>" required>
</div>
<div class="col-lg-6">
<label for="education"> Recent passed degree/exam - </label>
<input type="text" class="form-control" name="education" placeholder="for example - BA/ B.Sc etc." value="<?php echo $education ;?>" >
</div>
</div><br>
<div class="row">
<div class="col-lg-6">
<label for="mobile_no"> Mobile Number <span class="required">*</span></label>
<input type="number" class="form-control" name="mobile_no" placeholder="Enter your mobile number, eg - 8384991980" value="<?php echo $mobile_no ;?>" required>
</div>
<div class="col-lg-6">
<label for="course"> Select course <span class="required">*</span> </label>
<select class="form-control" name="course" required>
<option value="none"> --- Select one course --- </option>
<option value="IAS"> IAS </option>
<option value="RAS"> RAS </option>
<option value="Police constable"> Police constable </option>
<option value="SI"> SI </option>
<option value="Railway"> Railway </option>
<option value="REET"> REET </option>
<option value="Teacher"> Teacher </option>
<option value="Patwar"> Patwar </option>
<option value="Bank PO"> Bank PO </option>
<option value="Jr Accountant"> Jr Accountant </option>
<option value="Rajasthan police"> Rajasthan police </option>
<option value="SSC (10+2)"> SSC (10+2) </option>
</select>
</div>
</div><br>
<div class="row">
<div class="col-lg-6">
<label for="subjects"> Subjects - </label>
<input type="text" class="form-control" name="subjects" placeholder="Enter your subject you want to read" value="<?php echo $subjects ;?>" required>
</div>
<div class="col-lg-6">
<label for="timing"> Classes Timing - </label>
<input type="text" class="form-control" name="timing" placeholder="Your preferred time for coaching" value="<?php echo $timing ;?>" required>
</div>
</div><br>
<div class="row">
<div class="col-lg-6">
<label for="picture"> Upload your picture <span class="required">*</span></label>
<input type="file" class="form-control" name="picture" required>
</div>
<div class="col-lg-6">
<label for="sign"> Upload your signature <span class="required">*</span></label>
<input type="file" class="form-control" name="sign" required>
</div>
</div><br>
<div class="row">
<div class="col-md-12">
<input type="checkbox" aria-label="..." name="agree_terms" value="1"> I agree with Rules and Regulations mentioned below.<br>
<input type="checkbox" aria-label="..." name="agree_cond" value="1"> I hearbly declare that Adarsh Classes can use my pictures after my selection for advertising purpose.
</div><!-- /.col-lg-6 -->
</div><!-- /.row -->
<div class="row">
<div class="col-lg-6">
<div class="form-group">
<button type="text" name="submit" class="btn btn-success btn-lg btn-block" name="applyAdmission"> Submit my application form </button>
</div>
</div>
</div>
</form>
The reason behind that in the input type of the HTML Page for the submit you are using <input type="button"
instead of <input type="submit". Use <input type="submit" that's work.
Example:
<input type="submit" name="" value="Submit">
Changed
<button type="text">
to
<button type="submit">
Change
button type="text" to type="button" Or input type ="submit/button"
You need to change this code:
<button type="text" name="submit" class="btn btn-success btn-lg btn-block" name="applyAdmission"> Submit my application form </button>
with below code :
<input type="submit" name="applyAdmission" value="Submit my application form" class="btn btn-success btn-lg btn-block" />
You also need to make sure that your wrote PHP code in same file, otherwise you have to add PHP file name in action tag in below line:
<form class="form-horizontal" id="admission_form" method="post" action="" enctype="multipart/form-data">
You also have some PHP error in your code, so you have to add first line in your PHP code and then fix your PHP Fatal error.
ini_set('display_errors', '1');
I see a little syntax error and I think fixing this will fix your issue.
Change
include ("include/header.php"), include ("include/config.php");
to
include ("include/header.php");
include ("include/config.php");
To show you the syntax error, here is an example:
<?php
error_reporting(E_ALL);
ini_set('display_errors', 'On');
include("test.php"), include("someother.php");
The response:
Parse error: syntax error, unexpected ',' in ...\tests\includeTest.php on line 6
Incorrect input type
You should also change your button type.
Change
<button type="text"...
to
<button type="submit"...
Change <button> to <input>. Buttons can work with javascript but with only php button cant work with post data. You can not get POST data by <button>. For this you have to use <input>
Change this
<button type="text" name="submit" class="btn btn-success btn-lg btn-block" name="applyAdmission"> Submit my application form </button>
to
<input type="submit" name="applyAdmission">
Second:
Here is looking syntax error include ("include/header.php"), include ("include/config.php");
PHP requires instructions to be terminated with a semicolon at the end of each statement. Make them seperate by ; not by ,.
include ("include/header.php");
include ("include/config.php");
You can see documentation for more deep information

Page redirects when clicked anywhere in a <div>

I am designing a website, and i encountered a problem.
In the following page "samgatha.org/register.php", wherever i click inside the form-box, it redirects to "samgatha.org/register.php". I am not able to find the problem.
Below i am posting the main code for the registeration form, i am not including the template code.
<div id="register-box">
<?php
require 'connection.php';
if($_SERVER['REQUEST_METHOD']=='POST') {
if((isset($_POST['enthu_name']))&&(isset($_POST['enthu_email']))&&(isset($_POST['enthu_contact']))&&(isset($_POST['college_name']))&&(isset($_POST['branch']))&&(isset($_POST['pass']))) {
$var_name = mysql_real_escape_string($_POST['enthu_name']);
if(!preg_match("/^[a-zA-Z ]*$/",$var_name)) {
die('Only letters and white spaces allowed in Name<br>');
}
$var_email = mysql_real_escape_string($_POST['enthu_email']);
if(!filter_var($var_email, FILTER_VALIDATE_EMAIL)) {
die("Invalid email format<br>");
}
$var_contact = mysql_real_escape_string($_POST['enthu_contact']);
$var_college = mysql_real_escape_string($_POST['college_name']);
$var_branch = mysql_real_escape_string($_POST['branch']);
$passwd = mysql_real_escape_string(md5($_POST['pass']));
$v1 = rand(0,getrandmax());
$v2 = rand(0,getrandmax());
$ac_conf = $v1.$v2;
$ac_conf_hash = md5($v1.$v2);
$v1 = rand(0,getrandmax());
$v2 = rand(0,getrandmax());
$fo_pass = $v1.$v2;
$query = "insert into student_detail (name,email,phno,college,branch,password,acc_confirm_code,forgot_pass_code)".
"values".
"('$var_name','$var_email','$var_contact','$var_college','$var_branch','$passwd','$ac_conf','$fo_pass')";
$retval = mysql_query($query);
if(!$retval) {
die('Could not register'.mysql_error());
}
$reg_conf_code = "http://samgatha.org/reg_conf.php?acconf=".$ac_conf_hash."&suse=".$var_email;
$reg_conf = "Please click on the link to activate<br>".$reg_conf_code;
mail($_POST['enthu_email'],"Samgatha Account Confirmation (no reply) link",$reg_conf);
header('Location: http://samgatha.org/login.php');
}
else {
echo "Please enter details to continue <br>";
}
}
?>
Welcome to samgatha registrations. <br>
Please fill out the following form to participate in samgatha.
<form id="sam_register" action="register.php" method="post">
<div class="reg-box-in">
<label class="i2" id="ii1" for="enthu_name">Name : </label>
<input class="i1" type="text" name="enthu_name" id="enthu_name"> <br>
</div>
<div class="reg-box-in">
<label class="i2" id="ii2" for="enthu_email">E-mail Address : </label>
<input class="i1" type="text" name="enthu_email" id="enthu_email"> <br>
</div>
<div class="reg-box-in">
<label class="i2" id="ii3" for="enthu_contact">Phone No : +91</label>
<input class="i1" type="text" name="enthu_contact" id="enthu_contact"> <br>
</div>
<div class="reg-box-in">
<label class="i2" id="ii4" for="college_name">Institute : </label>
<input class="i1" type="text" name="college_name" id="college_name"> <br>
</div>
<div class="reg-box-in">
<label class="i2" id="ii5" for="branch">Discipline : </label>
<input class="i1" type="text" name="branch" id="branch"> <br>
</div>
<div class="reg-box-in">
<label class="i2" id="ii6" for="password">Password : </label>
<input class="i1" type="text" name="pass" id="pass" maxlength="30"> <br>
</div>
<div class="reg-box-in">
<button type="submit" name="register">Register</button> <br>
</div>
</form>
</div>
And this is not the problem only with the register page.
You can check the website samgatha.org.
Various html issues
Unclosed link
<a href="login.php"><div id="register" class="lay2"><div id="registert">Sign In/Up</div></div>
<div id="register-box">
<?php
require 'connection.php';
if (!empty($_POST)) {
$var_name = mysql_real_escape_string(<?php echo htmlspecialchars($_POST["name"]); ?>);
//-- same used for post ------------
header('Location: http://samgatha.org/login.php');
}
else {
echo "Please enter details to continue <br>";
}
}
?>
Welcome to samgatha registrations. <br>
Please fill out the following form to participate in samgatha.
<form action=<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?> method="post">
<div class="reg-box-in">
<label class="i2" id="ii1" for="enthu_name">Name : </label>
<input class="i1" type="text" name="enthu_name" id="enthu_name"> <br>
</div>
<div class="reg-box-in">
<label class="i2" id="ii2" for="enthu_email">E-mail Address : </label>
<input class="i1" type="text" name="enthu_email" id="enthu_email"> <br>
</div>
<div class="reg-box-in">
<label class="i2" id="ii3" for="enthu_contact">Phone No : +91</label>
<input class="i1" type="text" name="enthu_contact" id="enthu_contact"> <br>
</div>
<div class="reg-box-in">
<label class="i2" id="ii4" for="college_name">Institute : </label>
<input class="i1" type="text" name="college_name" id="college_name"> <br>
</div>
<div class="reg-box-in">
<label class="i2" id="ii5" for="branch">Discipline : </label>
<input class="i1" type="text" name="branch" id="branch"> <br>
</div>
<div class="reg-box-in">
<label class="i2" id="ii6" for="password">Password : </label>
<input class="i1" type="text" name="pass" id="pass" maxlength="30"> <br>
</div>
<div class="reg-box-in">
<button type="submit" name="register">Register</button> <br>
</form>
</div>
</div>
There is <a> tag on register-box which redirects to login.php. Please check your code it puts <a> tag.

inserting data into mysql database using php

I have a php order form named (order.php) and when the user clicks the (submit button "Next Step") it takes him to another page called (confirm-order.php)
The (confirm-order.php) shows the information that the user submitted from the (order.php) using the $_POST[] and by assigning each one of these to a variable.
Data showing on the (confirm-order.php) plain text like for example :
$itemName = $_POST['itemName'];
<?php echo $itemName; ?>
at the end of page there is a form contains only one element as (submit button)
How can i insert the $itemName data into mysql database only (after the submit button is clicked and the form actions take me to the confirmation page)?
I know how to insert data into mysql, but it didn't work with the isset() function
Do i have to write the isset function inside the form first? and below it the mysql database code?
order.php page:
<form class="form-horizontal well" action="confirm-order.php" method="POST">
<fieldset>
<legend>Personal Shopper Order Form</legend>
<div class="control-group">
<label class="control-label" for="select01">Choose a plan</label>
<div class="controls">
<select id="select01" name="plan">
<option>Lite Plan $0 per order</option>
</select>
</div>
</div>
<div class="control-group">
<label class="control-label" for="itemName">Item Name</label>
<div class="controls">
<input type="text" class="input-xlarge" id="itemName" name="itemName">
<p class="help-block">Item name exapmle: iPad3 White 32GB wifi & 3G.</p>
</div>
</div>
<div class="control-group">
<label class="control-label" for="itemID">Item ID</label>
<div class="controls">
<input type="text" class="input-xlarge" id="itemID" name="itemID">
<p class="help-block">example: Ebay Item ID, Amazon Item ID.</p>
</div><br>
<div class="control-group">
<label class="control-label" for="itemURL">Item URL</label>
<div class="controls">
<input type="text" class="input-xxlarge" id="itemURL" name="itemURL">
<p class="help-block">Direct web link to the item.</p>
</div>
</div>
<div class="control-group">
<label class="control-label" for="textarea">Item Details</label>
<div class="controls">
<textarea class="input-xlarge" id="textarea" name="itemDetails" rows="6"></textarea>
<p class="help-block">Item details (name, color, specifications etc...)</p>
</div>
</div>
<li id="li_3" data-pricefield="money_simple" data-pricevalue="0">
<div class="input-prepend input-append">
<label class="control-label" for="element_3_1">Item Price</label>
<div class="controls">
<span class="add-on">$</span>
<input id="element_3_1" data-price-value="10.00" name="element_3" type="text" class="element text large">
<p class="help-block">Item exact price on the US online store.</p>
</div>
</div>
</li>
<li id="li_7" data-pricefield="money_simple" data-pricevalue="0">
<div class="input-prepend input-append">
<label class="control-label" for="element_7_1">Local Shipping Cost</label>
<div class="controls">
<span class="add-on">$</span>
<input id="element_7_1" data-price-value="10.00" name="element_7" type="text" class="element text large">
</div>
<p class="help-block">Local shipping fee from the US Store to Sky2ship (if applicable).</p>
</div>
</li>
<li id="li_8" data-pricefield="radio" data-pricevalue="0">
<div class="control-group">
<div class="controls">
<p class="help-block">Order Processing Service Fee.</p>
<label class="radio">($0) Standard 2-3 days
<input id="element_8_1" data-pricedef="00.00" name="element_8" class="element radio" type="radio" value="$0 Standard 2-3 Day">
</label>
<label class="radio">($10) Express 1 day
<input id="element_8_2" data-pricedef="10.00" name="element_8" class="element radio" type="radio" value="$10 Express Same Day">
</label>
</div>
</div>
</li>
<legend>Personal Information & Shipping Address</legend>
<div class="control-group">
<label class="control-label" for="input04">Full Name</label>
<div class="controls">
<input type="text" class="input-medium" id="fullName" name="fullName">
<p class="help-block">First & last name.</p>
</div>
</div>
<div class="control-group">
<div class="controls">
<label class="radio">Male
<input type="radio" name="optionsRadios" id="optionsRadios1" value="option1" checked>
</label>
<label class="radio">
<input type="radio" name="optionsRadios" id="optionsRadios2" value="option2">Female
</label>
</div>
</div>
<div class="input-prepend">
<label class="control-label" for="prependedInput">Email Address</label>
<div class="controls">
<span class="add-on">#</span>
<input type="text" class="span2" id="prependedInput" name="Email">
<p class="help-block">Your email address.</p>
</div>
</div>
<div class="control-group">
<label class="control-label" for="input06">Address</label>
<div class="controls">
<input type="text" class="input-xxlarge" id="input06" name="streetAddress" placeholder="Street Address">
<p class="help-block">Your shipping address.</p>
</div>
</div>
<div class="control-group">
<div class="controls controls-row">
<input type="text" class="span2" id="City" name="City" placeholder="City">
<input type="text" class="span3" id="State" name="State" placeholder="State / Province">
</div>
</div>
<div class="control-group">
<div class="controls controls-row">
<input type="text" class="span2" id="PostalCode" name="PostalCode" placeholder="Postal Code">
<input type="text" class="span3" id="Phone" name="Phone" placeholder="Phone Number">
</div>
</div>
<div class="control-group">
<label class="control-label" for="select01">Country</label>
<div class="controls">
<select id="select02" name="Country">
<option>IRAQ</option>
<option>JORDON</option>
</select>
</div>
</div>
<li class="total_payment" align="right" data-basetotal="0">
<span>
<h3 class="alert-success">$<var>0</var></h3>
<h5>Total</h5>
</span>
</li>
<div class="control-group">
<label class="control-label" for="optionsCheckbox">Read & Agree</label>
<div class="controls">
<label class="checkbox">
<input type="checkbox" id="optionsCheckbox" value="option1">
I agree to the site's Terms of Service & Privacy Policy.
</label>
</div>
</div>
<div class="form-actions">
<button type="submit" class="btn btn-primary">Confirm Order</button>
<button type="reset" class="btn">Cancel Order</button>
</div>
</fieldset>
</form>
confirm-order.php page:
<?php
$itemName = $_POST['itemName'];
$plan = $_POST['plan'];
$itemID = $_POST['itemID'];
$itemPrice = $_POST['element_3'];
$processService = $_POST['element_8'];
$itemDetails = $_POST['itemDetails'];
$streetAddress = $_POST['streetAddress'];
$City = $_POST['City'];
$State = $_POST['State'];
$PostalCode = $_POST['PostalCode'];
$Phone = $_POST['Phone'];
$Country = $_POST['Country'];
$fullName = $_POST['fullName'];
$Email = $_POST['Email'];
$itemURL = $_POST['itemURL'];
$itemLocalShipCost = $_POST['element_7'];
?>
<?php
$db_host = "localhost";
$db_user = "root";
$db_pass = "000000";
$db_name = "dbname";
if (isset($_POST['submit'])) {
$db_connect = mysqli_connect($db_host,$db_user,$db_pass,$db_name);
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql ="INSERT INTO lite_order (lite_plan, lite_item_name)
VALUES
('$plan','$item')";
if (!mysqli_query($db_connect,$sql))
{
die('Error: ' . mysqli_error($db_connect));
}
echo "1 record added";
}
?>
<address>
<strong>Shipping Address.</strong><br>
<?php echo $streetAddress; ?><br>
<?php echo $City; ?>, <?php echo $State; ?>, <?php echo $PostalCode; ?><br><?php echo $Country; ?><br>
<abbr title="Phone">P:</abbr><?php echo $Phone; ?>
</address>
<address>
<strong><?php echo $fullName; ?></strong><br>
<?php echo $Email; ?>
</address>
<table class="table">
<thead>
<tr>
<th>Plan</th>
<th>Item Name</th>
<th>Item ID</th>
<th>Local Shipping Cost</th>
<th>Item Price</th>
<th>Order Processing Fee</th>
</tr>
</thead>
<tbody>
<tr class="success">
<td><?php echo $plan; ?></td>
<td><?php echo $itemName; ?></td>
<td><?php echo $itemID; ?></td>
<td><?php echo "$" . $itemLocalShipCost; ?></td>
<td><?php echo "$" . $itemPrice; ?></td>
<td><?php echo $processService; ?></td
></tr>
</tbody>
</table>
<strong>Item URL</strong><p class="alert alert-info"><?php echo $itemURL; ?></p>
<pre class="pre-scrollable"><?php echo $itemDetails; ?></pre>
<p>Your Total <h3 class="question"><?php echo "$" . $orderTotal; ?></h3></p>
<div class="form-actions"><form action="pending-order.php" method="post" name="confirmed-order">
<button type="submit" name="submit" class="btn btn-primary">Submit Order</button>
<button type="button" class="btn">Previous</button></form>
</div>
</div>
</div>
</div>
</div>
</div>
Whereto insert the mysql database code to insert all the variables into database after the submit button is clicked? where to place the isset() function? i tried it, it didn't insert any data into my table.
EDIT: a simple example
do <form>, validation and inserting in one file, say form.php:
<? // check if FORM has been posted
$posted = isset($_POST['submit']);
if ($posted) { // form has been posted...
// validate input
if (!isset($_POST['item']) || strlen(trim($_POST['item'])) == 0)
$error['item'] = "please insert an item-name!";
if (!isset($_POST['price']) || !is_numeric($_POST['price']))
$error['price'] = "please enter a valid price!";
// ready for input?
if (!isset($error)) { // no $error --> go insert!
// I'll do the db-operation with PDO and a prepared statement.
// this is cool, easy and safe. LEARN IT!
$sql = "INSERT INTO table (item,price) VALUES (:item,:price)";
$insert = $db->prepare($sql);
$insert->execute(array(
':item' => $_POST['item'],
':price' => $_POST['price']
));
} // $error
} // submit
?>
Now, in the <body> of the same page...
<? // check whether to display confirmation or form...
if ($posted && !isset($error)) {
// form was sent AND no error --> confirm
?>
<h1>Confirmed!</h1>
<p>Your data has been sent, thank you very much!</p>
go to somepage
<?
} else {
// form not sent or errors --> display form
?>
<h1>Please enter data</h1>
<? // display error-message, if there's one:
if (isset($error)) {
$output = "";
foreach ($error as $field => $msg)
$output .= (strlen($output) > 0?', ':'') . "[$field]: $msg";
echo "<p>There were errors: $output</p>";
} // $error
?>
<form method="post">
<!-- if the form has been sent, bring back the field's value from $_POST -->
<p>item-name: <input type="text" name="item"
value="<?=($posted?$_POST['item']:'')?>" /></p>
<p>price: <input type="text" name="price"
value="<?=($posted?$_POST['price']:'')?>" /></p>
<p><input type="submit" name="submit" value="submit" /></p>
</form>
<?
} // submit & $error
?>
See the use of a ternary-operator for setting the value-attribute of the <input>-elements:
(<condition>?<what to do if true>:<what to do if false>)
There are two specific things I can contribute.
First, isset tests for null... which is different than empty. If you have a form field that is submitted empty, then set a local variable to that posted value, then test it with isset; isset will return true because the value exists which is different than the variable not having been registered in the page load at all.
Second... ANYTHING can post to your form (think evil autonomous Korean hacker bots). Also, there are many ways a form can get submitted without having activated the submit button itself so there is no guarantee you will even see a submit key in your $_POST vars. What you need to define in your processing script is a "default action". What I mean by that is a very basic and SAFE behavior (like redirecting to a 'something is wrong' page) that kicks off by default such that the only way around it is to submit a correct form with all anticipated values correctly set.
If you do this, you can ignore the value of the submit button itself and instead focus on the contents of the POST. Did I receive everything I expected to receive? Was it all in the correct format? Was the user authenticated correctly? Only after all these questions have been tested to your satisfaction would you switch from the default behavior to a form processing behavior in which the posted data can be inserted into your database.
Example using your 3 page structure:
reference: filter vars
Page 1:
<form action=./page2 method=POST>
<input type=text value=1234 name=numericValue />
<input type=text value="dummytext" name=stringValue />
<input type=submit value=submit name=submit />
</form>
Page 2:
<?php
$args = array('numericValue' => FILTER_VALIDATE_INT
,'stringValue' => FILTER_SANITIZE_STRING);
$clean_data = filter_input_array(INPUT_POST,$args);
if (is_array($clean_data))
{
$_SESSION["saved_clean_data"] = $clean_data;
}
else
{
Header(<something wrong page>);
die();
}
?>
<form action=./page3 method=POST>
<input type=submit name=submit value=No />
<input type=submit name=submit value=Yes />
</form>
Page 3:
<?php
if ($_POST["submit"] === "Yes")
{
$cleanNum = $_SESSION["saved_clean_data"]["numericValue"];
$cleanStr = $_SESSION["saved_clean_data"]["stringValue"];
// DB insert Query, use advice from michi about PDO
// parameterize your queries to help prevent sql injection
}
else
{
Header(<somewhere for declined submits>);
die();
}
?>
Well we can do this in the following ways
You store all the data in session and use it in confirmation page and then on data insertion page. Do remember to update or delete it if user updates or cancel the order.
You can dynamically create the confirm order page using javascript and HTML and when user clicks confirm button then only we post it to the PHP page. This will also reduce a server call.
One other ways is to again send the collected posted values and keep it as hidden fields in the confirmation page and post it when clicked confirm.
create a form and store variables in hidden fields , then create this submit button in the form
So clicking this form will store the info. See the exmple here
<form class="form-horizontal well" action="confirm-order.php" method="POST">
<input type="hidden" value="<?php echo $itemName; ?>" />
<input type="submit" value="Confirm Order" />
</form>
Well there are couple of ways about doing this:
Store all the data from the previous page i.e. from order.php in the $SESSION[] variables:
Explaination: Setting it in Session will enable you to access the same variable from anywhere in the site until the session of the user. Means that after you store it in session you can access it in pending-order.php page.
How to do it: In this page at the top, instead of setting the variables at top write the following:
$SESSION['itemName'] = $_POST['itemName']
then echo it using:
echo $SESSION['itemName']
and then in the pending-order.php you can assign a value to a variable like so:
$itemName = $SESSION['itemName']
and now you can store the variable in the db.
Put hidden fields inside the form of confirm-order.php page:
Explaination: Create hidden input fields in confirm-order.php form and set the values that are in the variables. This way when you click the submit button you can access them in pending-order.php in the same way you are doing on confirm-order.php.
How to do it: Simply put the variables in value attribute of the hidden input like so:
<form action="pending-order.php" method="post" name="confirmed-order">
<input type="hidden" value="<?php $itemID ?>" id="someID">
</form>
Try
<button type="submit" class="btn btn-primary" NAME="submit">Confirm Order</button>
And use
IF (isset($_POST['submit]) {
$itemName = $_POST['itemName'];
$plan = $_POST['plan'];
$itemID = $_POST['itemID'];
$itemPrice = $_POST['element_3'];
$processService = $_POST['element_8'];
$itemDetails = $_POST['itemDetails'];
$streetAddress = $_POST['streetAddress'];
$City = $_POST['City'];
$State = $_POST['State'];
$PostalCode = $_POST['PostalCode'];
$Phone = $_POST['Phone'];
$Country = $_POST['Country'];
$fullName = $_POST['fullName'];
$Email = $_POST['Email'];
$itemURL = $_POST['itemURL'];
$itemLocalShipCost = $_POST['element_7'];
// your mysql INSERT codes here
}
EDIT 1:
change <button type="submit" class="btn btn-primary">Confirm Order</button>
TO <input type="submit" class="btn btn-primary" value="Confirm Order">
isset() function work when the input field type is submit.like
<input type="submit" value="Confirm Order" />
so update the code form
<div class="form-actions">
<button type="submit" class="btn btn-primary">Confirm Order</button>
<button type="reset" class="btn">Cancel Order</button>
</div>
to
<div class="form-actions">
<input type="submit" class="btn btn-primary" value="Confirm Order" />
<input class="btn" type="reset" value="Cancel Order" />
</div>

Categories