I am using WAMP to try and learn a little PHP and SQL. I'm trying to take user input from a very basic table here:
<form action="input.php" method="post" class="registration_form"/>
<fieldset>
<div class="elements">
<label for="name">Username :</label>
<input type="text" id="name" name="name" size="25" />
</div>
<div class="elements">
<label for="e-mail">E-mail :</label>
<input type="text" id="e-mail" name="e-mail" size="25" />
</div>
<div class="elements">
<label for="Password">Password:</label>
<input type="password" id="Password" name="Password" size="25" />
</div>
<div class="submit">
<input type="hidden" name="formsubmitted" value="TRUE" />
<input type="submit" value="Register" />
</div>
</fieldset>
</form>
and I want to be able to take the input and post to a database. I've been trying to make this happen with this code:
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
//Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
//Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO MyGuests (name, email, password)
VALUES ($_POST[name], $_POST[e-mail], $_POST[password])";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;//
}
$conn->close();
var_dump('name', 'e-mail', 'password');
?>
When I try and insert the "" as in $_POST["name"] I get an error:
Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in C:\wamp\www\input.php on line 16
When I try to remove the "" I get this error:
Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in C:\wamp\www\input.php on line 16
I also tried to set the variables in the top of the code:
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
$name=$_POST['name']
//Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
//Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "INSERT INTO MyGuests (name, email, password)
VALUES ('name','email', 'password');
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;//
}
$conn->close();
var_dump('name', 'e-mail', 'password');
?>
This way I ended up with an error message saying:
( ! ) Parse error: syntax error, unexpected '$conn' (T_VARIABLE) in C:\wamp\www\input.php on line 9
I was able to echo the name in another script using the $_POST, I am not sure why it will not work with the SQL command. If anyone would help out, and/or give me some resources to learn/study from as well I would appreciate it!
You have a missing ';' after:
$name=$_POST['name']
Hi Please note some points
1) You will get warnings of undefined index because you are not checking about values posted or not. We Should use isset() before using values.
2) Second try to use lowercase whenever you are giving any name to any tag in php to be sure that no error exist due to typing in lowercase or uppercase.
3) Try to use underscore if your word is long so use e_mail;
So you can use this php code
<?php
if(isset($_POST['register'])){
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "test";
$conn = new mysqli($servername, $username, $password, $dbname);
//Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$name = $_POST['name'];
$email = $_POST['e_mail'];
$password = $_POST['password'];
$sql = "INSERT INTO MyGuests(name, email, password) VALUES('$name','$email','$password')";
if ($conn->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;//
}
$conn->close();
}
?>
I have added name to your submit button also changed e-mail to e_mail and name="Password" to name="password"
<form action="input.php" method="post" class="registration_form"/>
<fieldset>
<div class="elements">
<label for="name">Username :</label>
<input type="text" id="name" name="name" size="25" />
</div>
<div class="elements">
<label for="e-mail">E-mail :</label>
<input type="text" id="e_mail" name="e_mail" size="25" />
</div>
<div class="elements">
<label for="Password">Password:</label>
<input type="password" id="Password" name="password" size="25" />
</div>
<div class="submit">
<input type="hidden" name="formsubmitted" value="TRUE" />
<input type="submit" value="Register" name="register" />
</div>
</fieldset>
</form>
Related
I am trying to pinpoint the problem in these form scripts.
I would like to create a line in the SQL server with the data that will be inserted into the HTML form, but each time only the empty line is created without also inserting the form inputs.
HTML
<form action="insert2.php" method="post">
<label for="First_name">First_name:</label>
<input type="text" name="First_name" id="First_name">
<label for="PASSWORD">PASSWORD:</label>
<input type="text" name=value name="pass" id="pass">
<label for="Emailaddress">Emailaddress:</label>
<input type="text" name=value name="email" id="email">
<input name="submit" type="submit" value="Submit">
</form>
PHP
<?php
if(isset($_POST['submit'])){
$First_name = $_REQUEST['First_name'];
$pass = $_REQUEST['password'];
$email = $_REQUEST['Emailaddress'];
}
$servername = "host";
$username = "user";
$password = "";
$dbname = "dbname";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO users(First_name, PASSWORD, Emailaddress)
VALUES ('$First_name', '$pass', '$email')";
$conn->exec($sql);
echo "New record created successfully";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
?>
The posted values should be set as $_POST['ExampleField'] not just a variable with that name.
Ex: $First_name should be $_POST['First_name']
If you look in your error logs you are likely getting undefined variable errors with the code as it is now, because $First_name, $PASSWORD and $Emailaddress are never defined.
Also you should avoid directly putting variables into queries like that, it opens you up to large security risks. I would recommend reading up on SQL Injection (https://www.w3schools.com/sql/sql_injection.asp) and binding parameters (https://www.php.net/manual/en/pdostatement.bindparam.php) to see how to avoid those risks.
You need to retrieve the values after a submit of some sort. You have a submit button but you'll want to give it a name (I named it submit). This code should work but you'll be vulnerable to injection attacks.
PHP
<?php
if(isset($_POST['submit'])){
$First_name = $_REQUEST['First_name'];
$pass = $_REQUEST['PASSWORD'];
$email = $_REQUEST['Emailaddress'];
}
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO users(First_name, PASSWORD, Emailaddress)
VALUES('$First_name','$pass','$email')";
$conn->exec($sql);
echo "New record created successfully";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
?>
HTML
<form action="insert2.php" method="post">
<label for="First_name">First_name:</label>
<input type="text" name="First_name" id="First_name">
<label for="PASSWORD">PASSWORD:</label>
<input type="text" name="PASSWORD" id="PASSWORD">
<label for="Emailaddress">Emailaddress:</label>
<input type="text" name="Emailaddress" id="Emailaddress">
<input name="submit" type="submit" value="Submit">
</form>
Goal: I want to create an HTML form that displays pre-populated information from the 22 arrays from array_file.php.
First, I will go on index.php. On index.php, I will see a form with pre-populated data. I will not be able to edit the first and last name fields, but I will be able to edit the email field (if necessary).
Second, once everything looks okay, I will click the "Submit" button.
Third, if nothing is wrong (i.e., email field is populated), the "Submit" button should take me to the second record in the array.
Finally, once it has looped through all the arrays, it will provide a message, such as, "You're done!"
Current problem: My current index.php page shows all 22 pre-populated forms on one page. While I can edit and submit to the database using the individual "Submit" button, I'd rather be able to look at each pre-populated form one at a time.
Here is the code:
<?php
ob_start();
include 'array_file.php';
ob_end_clean();
?>
<?php
$i=1;
while ($i<=22){
?>
<form action="index.php" method="post">
<h2>Form</h2>
<label>First Name:</label>
<input class="input" name="first_name" type="text" value="<?php echo htmlentities($array[$i][1]) ?>" disabled><br>
<label>Last Name:</label>
<input class="input" name="last_name" type="text" value="<?php echo htmlentities($array[$i][2]) ?>" disabled><br>
<label>Email:</label>
<input class="input" name="email" type="text" value="<?php echo htmlentities($array[$i][3]) ?>"><br><br>
<input class="submit" name="submit" type="submit" value="Submit">
</form>
<?php
$i=$i+1;
}
?>
<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "database";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if(isset($_POST['submit'])){
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = mysqli_real_escape_string($conn,$_POST['email']);
if($email !=''){
//Insert Query of SQL
mysqli_query(#conn,"INSERT into form(form_first_name, form_last_name, form_email) values ('$first_name', '$last_name', '$email')");
echo "<br/><br/><span>Data inserted successfully!</span>";
}
else{
echo "<p>Insertion Failed <br/> Some required fields are blank!</p>";
}
}
$mysqli->close(); // Closing Connection with Server
?>
Let me know if you need me to provide any more information. Thank you in advance!
I hope this code is what you need.
<?php
ob_start();
include 'array_file.php';
ob_end_clean();
if(isset($_POST['submit']) and isset($_POST[email])){
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "database";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = mysqli_real_escape_string($conn,$_POST['email']);
if($email !=''){
//Insert Query of SQL
mysqli_query(#conn,"INSERT into form(form_first_name, form_last_name, form_email) values ('$first_name', '$last_name', '$email')");
echo "<br/><br/><span>Data inserted successfully!</span>";
}
}
/// find which form will be published
if( isset($_SESSION["form"]) and $_SESSION["form"]<22){
$form=$_SESSION["form"]+1;
$_SESSION["form"]=$form;
}else{
$form=1;
$_SESSION["form"]=$form;
}
// determine which is the next form number
if($form<22){ $nextForm=$form+1; }else{ $nextForm="??"; }
<!-- form area !-->
<form action="index.php?form=<?php echo $nextForm; ?>" method="post">
<h2>Form</h2>
<label>First Name:</label>
<input class="input" name="first_name" type="text" value="<?php echo htmlentities($array[$form][1]) ?>" disabled><br>
<label>Last Name:</label>
<input class="input" name="last_name" type="text" value="<?php echo htmlentities($array[$form][2]) ?>" disabled><br>
<label>Email:</label>
<input class="input" name="email" type="text" value="<?php echo htmlentities($array[$form][3]) ?>"><br><br>
<input class="submit" name="submit" type="submit" value="Submit">
</form>
I've been trying to figure this out for hours and it seems like there are multiple ways of doing it but for some reason I can't seem to get it to work correctly. For some reason my table is being updated and I am only seeing new rows with a new auto increment integer but the remaining columns are left blank. There is a bit more to that form but I left it off to keep this as short as possible. Thanks for the help!
File: dbh.inc.php
$dbServername = "localhost";
$dbUsername = "username";
$dbPassword = "password";
$dnName = "database_name";
$conn = mysqli_connect($dbServername, $dbUsername,
$dbPassword, $dnName);
if(!$conn)
// creation of the connection object failed
die("connection object not created: ".mysqli_error($conn));
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
File with form:
$name7 = $_POST['name7'];
$email7 = $_POST['email7'];
$phone7 = $_POST['phone7'];
$message7 = $_POST['message7'];
$sql = "INSERT INTO user_contacts (name7, email7, phone7, message7) VALUES ('".$_POST["name7"]."','".$_POST["email7"]."','".$_POST["phone7"]."','".$_POST["message7"]."')";
mysqli_query($conn, $sql);
?>
<div class="form-group">
<form action="dbh.inc.php" method="POST">
<input type="text" class="form-control" name="name7" id="name7" placeholder="<?php esc_html_e('Name:','listingpro'); ?>">
<span id="name7"></span>
</div>
<div class="form-group form-group-icon">
<i class="fa fa-envelope" aria-hidden="true"></i>
<input type="email" class="form-control" name="email7" id="email7" placeholder="<?php esc_html_e('Email:','listingpro'); ?>">
</div>
<div class="form-group">
<input type="text" class="form-control" name="phone7" id="phone7" placeholder="<?php esc_html_e('Phone','listingpro'); ?>">
<span id="phone7"></span>
</div>
<div class="form-group">
<textarea class="form-control" rows="5" name="message7" id="message7" placeholder="<?php esc_html_e('Message:','listingpro'); ?>"></textarea>
</div>
I have Just Edited your sql a little bit. Try It
$sql = "INSERT INTO user_contacts (name7, email7, phone7, message7) VALUES ('".
$name7. "','" . $email7 . "','". $phone7 ."','". $message ."')";
There is something wrong with my code :
On the edit page, I want to show the user the previous value in the input box.
But one error I keep getting about the value is the following :
Notice: Undefined variable: gebruikers_naam in C:\xampp\htdocs\website_herkansing\edit_gebruiker.php on line 72
I think there is something wrong with the isset/submit part but I just
can not figure it out..
Here is the code I'm working with
<?php
session_start();
define('DB_NAME', 'ochtendgloren');
$servername = "localhost";
$username = "root";
$password = "";
$db = "ochtendgloren";
$tbl = "members";
// Create connection
$conn = new mysqli($servername, $username, $password, $db);
//Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if (isset($_POST['submit']))
{
$gebruikers_naam = mysqli_real_escape_string($db, $_POST['gebruikers_naam']);
htmlentities($gebruikers_naam);
$id = $_GET['id'];
$query = "UPDATE members
SET gebruikers_naam = '$gebruikers_naam'
WHERE id = '$id' " ;
$result = $conn->query($query);
if($result){
echo ("<SCRIPT LANGUAGE='JavaScript'>
window.alert('edit succesvol!')
window.location.href='admin_members.php';
</SCRIPT>");
}
}
?>
<html>
<head>
<link rel="stylesheet" href="boekingsform.css">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Abel">
</head>
<div class="boeken">
<h1>Wijzig hier de gebruiker</h1>
<form action="editrij.php?id=<?= $id ?>" method="post" >
<div class="row">
<div class="col-25">
<label for="gebruikers_naam"> vul hier de nieuwe gebruikers naam in: </label>
</div></div>
<br>
<div class="row">
<div class="col-75">
<input type="text" name="voornaam" required="required" value="<?= $gebruikers_naam['gebruikers_naam'] ?>"/>
</div>
</div>
<br>
<input type="submit" value="submit" name="submit" />
</form>
</div>
</html>
I think the problem is related with your variable usage and name of input box it must be gebruikers_naam
On line :
<input type="text" name="voornaam" required="required" value="<?= $gebruikers_naam['gebruikers_naam'] ?>"/>
You may use $gebruikers_naam only to print the name.
Also you must assign a global variable before before using it in if clause.
Just assign null like $gebruikers_naam = ""; after variables declarations.
You aren't sending the variable gebruikers_naam, but voornaam. This line of code
<input type="text" name="voornaam" required="required" value="<?= $gebruikers_naam['gebruikers_naam'] ?>"/>
Should be
<input type="text" name="gebruikers_naam" required="required" value="<?= $gebruikers_naam['gebruikers_naam'] ?>"/>
Also, because you are using the variables $id and $gebruikers_naam in the form, you should assign them a value before the if clause.
Still not completely sure the 'flow' of your code makes a lot of sense, but following should help a bit:
<?php
session_start();
//define('DB_NAME', 'ochtendgloren'); // not used in your code, commented out
$servername = "localhost";
$username = "root";
$password = "";
$db = "ochtendgloren";
$tbl = "members";
// Create connection
$conn = new mysqli($servername, $username, $password, $db);
//Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if (isset($_POST['submit']))
{
if(isset($_POST['gebruikers_naam']) && !empty($_POST['gebruikers_naam'])) { // added condition: we need a 'gebruikers_naam'
$gebruikers_naam = mysqli_real_escape_string($conn, $_POST['gebruikers_naam']); // changed $db to $conn
// the return value (encoded string) of htmlentities is not used in your code
// so commented it out
//htmlentities($gebruikers_naam);
$id = $_GET['id'];
$query = "UPDATE members
SET gebruikers_naam = '$gebruikers_naam'
WHERE id = '$id' " ;
$result = $conn->query($query);
}
if($result){
echo ("<SCRIPT LANGUAGE='JavaScript'>
window.alert('edit succesvol!')
window.location.href='admin_members.php';
</SCRIPT>");
} else { // added else {} statement
echo "<script> alert('Error: could not update the database'); </script>"; // added: error message
}
}
?>
<html>
<head>
<link rel="stylesheet" href="boekingsform.css">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Abel">
</head>
<div class="boeken">
<h1>Wijzig hier de gebruiker</h1>
<form action="editrij.php?id=<?php echo $id; ?>" method="post" > <!-- you need to echo $id and close with ';' - changed: echo $id; -->
<div class="row">
<div class="col-25">
<label for="gebruikers_naam"> vul hier de nieuwe gebruikers naam in: </label>
</div></div>
<br>
<div class="row">
<div class="col-75">
<?php $gebruikers_naam = (isset($gebruikers_naam)) ? $gebruikers_naam : 'N/A'; ?> <!-- added a test to see if $gebruikers_naam is available -->
<input type="text" name="voornaam" required="required" value="<?php echo $gebruikers_naam; ?>"/> <!-- variable is $gebruikers_naam, changed (echo and ';') -->
</div>
</div>
<br>
<input type="submit" value="submit" name="submit" />
</form>
</div>
</html>
so i am working on the simple project and i dont know why, but i can't insert data into the database
Here is my connection to database
<?php
$servername = "localhost";
$username = "root";
$password = "root";
$database = "register";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $register);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
echo "Connected successfully";
?>
And in this part of code i am trying to insert data:
<?php
if (isset($_POST['submitreg'])){
$username = mysqli_real_escape_string($conn, $_POST['username']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$password = mysqli_real_escape_string($conn, $_POST['password']);
$sql = "INSERT INTO users (email, username, password) VALUES ('$email', '$username', '$password')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
header("Location: signin.php");
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
}
mysqli_close($conn);
?>
And then i am inserting the code, i am getting this error:
Error: INSERT INTO users (email, username, password) VALUES ('gerulisjonas#gmail.com', 'jonas2422', 'password')
Thank you in advance :)
extra:
Form
<form id="register" class="signinform" action="includes/registerinc.php" method="post">
<div class="formcenter">
<input type="text" name="username" value="" placeholder="user name"><br>
<input type="email" name="email" value="" placeholder="email"><br>
<input type="password" id="passwordid" name="password" value="" placeholder="password"><br>
<input type="password" name="passwordtwo" value="" placeholder="repeat password"><br>
<input type="submit" name="submitreg" class="btn btn-success" value="Register"></input>
</div>
</form>
When creating your connection you named the variable that holds the database name $database, but when you pass it along to mysqli_connect you are using $register.
Try this instead:
$database = "register";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $database);
Hey guys sorry I did bother you, i just run trough my code and i found that i did not included connection.php file in my register.php file