Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
Hey I have a database that contains information about different countries. I also have a html page where you can submit information about countries. Can someone help me to write a code that says that the information has been stored in the database instead of it just redirecting to a blank page?
Here is my html page where you submit information:
<!DOCTYPE HTML>
<html>
<head>
<meta charset="UTF-8">
<title>Sett inn land</title>
</head>
<body>
<form action="geoinn.php" method="get">
Land: <input type="text" name="navn"> <br>
Hovedstad: <input type="text" name="hovedstad"> <br>
Areal: <input type="text" name="areal"> <br>
Folketall: <input type="text" name="folketall"> <br>
<input type="submit" value="Legg inn informasjon">
</form>
</body>
</html>
And here is the page that you are redirected to when you click submit on the other page. This is the page where I want to have a code saying either that "The information has been stored in our database" or that it has not:
<?php
$tjener = "localhost";
$brukernavn = "root";
$passord ="";
$database ="Geografi";
$kobling = mysqli_connect($tjener,$brukernavn,$passord,$database);
$kobling->set_charset("utf8");
?>
<!DOCTYPE HTML>
<html>
<head>
<meta charset="UTF-8">
<title>Geografi</title>
</head>
<body>
<?php
$land = $_GET["navn"];
$hovedstad = $_GET["hovedstad"];
$areal = $_GET["areal"];
$folketall = $_GET["folketall"];
$sql ="INSERT INTO land (navn,hovedstad, areal, folketall) VALUES('$land','$hovedstad','$areal', '$folketall')";
mysqli_query($kobling, $sql);
mysqli_close($kobling);
?>
</body>
</html>
Add some output and you will get some output. The blank page you get is the page that does the updates. You add the basic HTML page tags but do not output anything inside the <body>
$sql ="INSERT INTO land
(navn,hovedstad, areal, folketall)
VALUES('$land','$hovedstad','$areal', '$folketall')";
$result = mysqli_query($kobling, $sql);
if ( $result === FALSE ) {
echo '<p>FAILED MESSAGE</p>';
} else {
echo '<p>SUCCESS MESSAGE</p>';
}
echo "<p>Land = $land</p>";
echo "<p>hovedstad = $hovedstad</p>";
// and so on
mysqli_close($kobling);
As Jay says,
Your script is at risk for SQL Injection Attacks. Learn about prepared statements for MySQLi.
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 7 months ago.
Improve this question
i download 2 php file, one is index. php for input form, and other is insert.php. i have put them on the same folder.
when i click submit it execute insert.php file it work fine and it insert form data into my database. but the question is: how it is called? no code line on the index.php calling the insert.php file.
here is a code of index.php
<!DOCTYPE html>
<html lang="en">
<head>
<title>GFG- Store Data</title>
</head>
<body>
<center>
<h1>Storing Form data in Database</h1>
<form action="insert.php" method="post">
<p>
<label for="firstName">Name:</label>
<input type="text" name="name" id="name">
</p>
<p>
<label for="lastName">Branch:</label>
<input type="text" name="branch" id="branch">
</p>
<p>
<label for="Gender">Roll Number:</label>
<input type="text" name="roll_no" id="roll_no">
</p>
<input type="submit" value="Submit">
</form>
</center>
</body>
</html>
here is the code of insert.php
<!DOCTYPE html>
<html>
<head>
<title>TEST</title>
</head>
<body>
<center>
<?php
$conn = mysqli_connect("localhost", "root", "", "test");
// Check connection
if($conn === false){
die("ERROR: Could not connect. "
. mysqli_connect_error());
}
// Taking all 3 values from the form data(input)
$name = $_REQUEST['name'];
$branch = $_REQUEST['branch'];
$roll_no = $_REQUEST['roll_no'];
// Performing insert query execution
// here our table name is college
$sql = "INSERT INTO student VALUES ('$name','$branch','$roll_no')";
if(mysqli_query($conn, $sql)){
echo "<h3>data stored in a database successfully."
. " Please browse your localhost php my admin"
. " to view the updated data</h3>";
}
else{
echo "ERROR: Hush! Sorry $sql. "
. mysqli_error($conn);
}
// Close connection
mysqli_close($conn);
?>
</center>
</body>
</html>
insert.php is calling after clicking on submit button by "action" attribute which you have used in tag.
<form action="insert.php" method="post">
You can set another path as well as if you want to keep insert.php on any other folder location.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
Observation:
Sending form data from page_1 and page_2 does not show both data in result file.
If sending page_1 one sees the result in result file. When sending page_2 the result of page_1 is gone and you only see the page_2. It behaves as the content of $_SESSION['data'] is
overwritten every time one sends either page_1 or page_2.
The session id of all 3 pages are identical.
Wanted result:
Every time running result.php one should see the accumulated actions, e.g. if pressing page_1 first time you only see page_1 data, if pressing page_2 you would see both page_1- and page_2- data. When pressing page_1 the second time, the page_1 value should be updated and visible when pressing result.php
PHP version
Terminal: PHP 7.4.6
Browser: 7.3.18-1+ubuntu18.04.1+deb.sury.org+1
Page_1:
<?php
session_start();
echo session_id();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Page-1</title>
</head>
<body>
<form method="post">
<br><br>
<input type="text" name="input_1" value="">
<button type="submit" name="button">Save</button>
</form>
<pre>
<?php
$_SESSION["data"] = $_POST;
print_r($_SESSION);
?>
</body>
</html>
Page_2:
<?php
session_start();
echo session_id();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Page-2</title>
</head>
<body>
<form method="post">
<br><br>
<input type="text" name="input_2" value="">
<button type="submit" name="button">Save</button>
</form>
<pre>
<?php
$_SESSION["data"] = $_POST;
print_r($_SESSION);
?>
</body>
</html>
Result:
<pre>
<?php
session_start();
echo session_id() . "<br /><br />";
print_r($_SESSION);
Every time you send form you overwrite $_SESSION
You should use either
if(!empty($_POST)) {
$_SESSION["data"]['page1'] = $_POST; //and analogically for page2
}
OR
$_SESSION["data"] = array_merge($_SESSION["data"],$_POST);
It behaves as the content of $_SESSION['data'] is overwritten every time one sends either page_1 or page_2.
Because this is exactly what you're doing. The line $_SESSION["data"] = $_POST; appears in both page_1 and page_2, and there's nothing that preserves the old value of $_SESSION["data"] before new data is written.
If you want to add the data instead of replacing it, you could write, for example, $_SESSION["data"][] = $_POST; in both pages. This will create an array in $_SESSION["data"] and append $_POST data to it each time you open either page.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 4 years ago.
Improve this question
this is my html code
<?php include('process.php') ?>
<!doctype html>
<html lang="en">
<head>
<title>Title</title>
</head>
<body>
<from action="index.php.php" method="post">
<?php include('errors.php'); ?>
<lable> name </lable>
<input type="text" name="name" placeholder="enter your name">
<lable>location</lable>
<input type="text" name="location" placeholder="enter your location">
<button type="submit" name="save_btn" >update</button>
</from>
</body>
</html>
this is my php code
<?php
session_start();
// initializing variables
$name="";
$location="";
// connect to the database
$db = mysqli_connect('localhost', 'newuser', 'password', 'curd');
// REGISTER USER
if (isset($_POST['save_btn'])) {
// receive all input values from the form
$name = mysqli_real_escape_string($db, $_POST['name']);
$location = mysqli_real_escape_string($db, $_POST['location']);
$query = "INSERT INTO data (name, location) VALUES('$name', '$location')";
mysqli_query($db, $query);
}
why its not store in data base? data base name correct and i have 3 tables
id (ai)
name (var 200)
location (var 200)
in my browser i can locate index.php but when i click button nothing happen any one can explain why its not working?
Fine, it seems that the problem is caused by 2 important typos:
<from action="index.php.php" method="post"> should be <form action="index.php" method="post">.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
So, i am learning how to write php now.I want to build a small shopping website. My index.html looks something like this:
<!DOCTYPE html>
<html>
<head>
<link href="index.css" rel="stylesheet" />
<title>
eShop
</title>
</head>
<body>
<div class="topnav">
<a class="active" href="#index.html">Home</a>
Administrator
Register User
Register New Account
</div>
<img class="centerImage" src="eshop.jpg">
</body>
</html>
and the loginAdmin.php file looks like this:
<?php
session_start();
// here is the code that connects to the database. Note that the username
// and password are "hard-coded".
$user="root";
$passwd="";
$database="";
$link = mysqli_connect(localhost,$user,$passwd);
#mysqli_select_db($link,$database) or die ("Unable to select database");
// try to create a new record from the submission
$username = mysqli_real_escape_string($link,$_REQUEST['username']);
$password= mysqli_real_escape_string($link,$_REQUEST['password']);
if ($username && $password) {
// here we define the SQL command
$query = "SELECT * FROM people WHERE Username='$username' AND Password='$password'";
// submit the query to the database
$res=mysqli_query($query);
// make sure it worked!
if (!$res) {
echo mysql_error();
exit;
}
// find out how many records we got
$num = mysqli_numrows($res);
if ($num==0) {
echo "<h3>Invalid login</h3>\n";
exit;
} elseif ($num!=1) {
echo "<h3>Error - unexpected result!\n";
exit;
}
// valid login, set the session variable
$_SESSION['userid']=mysql_result($res,0,'userid');
echo "<h3>Welcome $username</h3>\n";
?>
<head>
<link href="login.css" rel="stylesheet" />
<title>
eShop
</title>
</head>
<body>
<div class="login-page">
<div class="form">
<form class="login-form">
<input type="text" placeholder="User Name:" />
<input type="password" placeholder="Password:" />
<button onclick="writeMsg()">login</button>
</form>
</div>
</div>
</body>
If the user pressed on the loginAdmin link so the php code will be executed, and i dont want that, only after the user pressed on the login button i want the php code block will be executed. How can i do that? Maybe i should seperate the files (php and html) and not user href on the php files in the index.html ? and the index.html file should be index.php?
You need to add your php code within a condition which satisfies when the form submission happens. Also you need to add name to your input fields
Your code will look like this,
<?php
session_start();
if(isset($_POST['username']) && isset($_POST['password'])) { //Added this line
// here is the code that connects to the database. Note that the username
// and password are "hard-coded".
$user="root";
$passwd="";
$database="";
$link = mysqli_connect(localhost,$user,$passwd);
#mysqli_select_db($link,$database) or die ("Unable to select database");
// try to create a new record from the submission
$username = mysqli_real_escape_string($link,$_REQUEST['username']);
$password= mysqli_real_escape_string($link,$_REQUEST['password']);
if ($username && $password) {
// here we define the SQL command
$query = "SELECT * FROM people WHERE Username='$username' AND Password='$password'";
// submit the query to the database
$res=mysqli_query($query);
// make sure it worked!
if (!$res) {
echo mysql_error();
exit;
}
// find out how many records we got
$num = mysqli_numrows($res);
if ($num==0) {
echo "<h3>Invalid login</h3>\n";
exit;
} elseif ($num!=1) {
echo "<h3>Error - unexpected result!\n";
exit;
}
// valid login, set the session variable
$_SESSION['userid']=mysql_result($res,0,'userid');
echo "<h3>Welcome $username</h3>\n";
}
} //Added this line
?>
<head>
<link href="login.css" rel="stylesheet" />
<title>
eShop
</title>
</head>
<body>
<div class="login-page">
<div class="form">
<form class="login-form" method="POST"> <!-- edited this line -->
<input type="text" name="username" placeholder="User Name:" /> <!-- edited this line -->
<input type="password" name="password" placeholder="Password:" /> <!-- edited this line -->
<button onclick="writeMsg()">login</button>
</form>
</div>
</div>
</body>
I have just added name to the form fields & then kept all your PHP code within a condition
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 5 years ago.
Improve this question
So I am writing this code and I want to make it by getting the data of the database using a loop. The problem that I got is that I can't seem to find a way to push through a value to the database from the buttons that I got. I am open to ideas. Thanks !
<!Doctype HTML>
<html>
<head>
<link rel="stylesheet" href="style.css" type="text/css"/>
<title>Online Catalog</title>
</head>
<body>
<form action="" method="get">
<?php
session_start();
require('database.php');
echo "<h1>Catalog</h1>
<b id=".cart.">Show cart</b>";
if ($result = $connection->query("SELECT * FROM `store`")) {
$row_cnt = $result->num_rows;
while ($row = $result->fetch_assoc()) {
echo "<p>
<table>
<th>
<img src=".$row[img_path].'/'.$row[img_name].">
</th>
<td>
<h2>". $row[name] ."</h2><br>
". $row[description] ."<br><br>
Price : ". $row[price] ."$<br>
</td>
<td >
<input type='submit' name='add".$row[id]."' value='Add to cart'/>
</td>
</table>
</p>
";
if(isset($_GET['add.$row[id].'])){
$cart=1;
if(mysqli_query($connection, "INSERT INTO `store-project`.`store` (`incart`) VALUES ('$cart')")){
mysqli_close($connection);
header("Location: cart.php");
}
}
}
$result->close();
}
?>
</form>
</body>
</html>
Here is the database
And here is how it generally looks
try to use Post method in your form.
if($_POST['add.$row['id'].']){
$insert = "insert into store-project.store
set incart = '".$cart1."';
mysqli_query($insert);
header("Location: cart.php");
}
Hope it helps