php - Inserted data was not saving in phpmyadmin database - php

I want to save my data in my phpmyadmin database.But it's not saving. So while saving my data, it refresh the page but data not showing in database
Here is my class by which i want to save data:
class User{
public function __construct(){
$host='localhost';
$user='root';
$password='';
$conn=mysql_connect($host,$user,$password);
if(!$conn){
die("Database Not Connected" . mysql_error());
}
mysql_select_db("db_sign_up");
echo "Database created! ";
}
public function save_user($data){
$sql="INSERT INTO tbl_user(first_name,last_name,email_address,password,mobile_number,address,
city_name,country_name,zip_code)
VALUES('$data[first_name]','$data[last_name]','$data[email_address]','$data[password]',
'$data[mobile_number]','$data[address]','$data[city_name]','$datacountry_name]','$data[zip_code]')";
if(!mysql_query($sql)){
die("sl Error". mysql_error());
}
echo "Saved Successfully!";
//mysql_close($conn);
}
}
here is UI
<?php
require_once './classes/user.php';
$obj=new User();
if(isset($_POST['btn'])){
$obj->save_user($_POST);
}
?>
<html>
<head><title> Database Basic</title></head>
<body>
<form action="sign_up.php" method="post">
<table border="1">
<tr><td>Personal Information</td><td></td></tr>
<tr>
<td> First Name</td>
<td>
<input type="name" name="first_name" value="<?php if(isset($_POST['first_number'])){ echo htmlentities($_POST['first_name']);} ?> "/>
</td>
</tr>
<tr>
<td> Last Name</td>
<td>
<input type="name" name="last_name" value="<?php if(isset($_POST['last_name'])){ echo htmlentities($_POST['last_name']);} ?> "/>
</td>
</tr>
<tr>
<td> Email Address</td>
<td>
<input type="name" name="email_address" value="<?php if(isset($_POST['email_address'])){ echo htmlentities($_POST['email_address']);} ?> "/>
</td>
</tr>
<tr>
<td> Password</td>
<td>
<input type="password" name="password" value="<?php if(isset($_POST['password'])){ echo htmlentities($_POST['password']);} ?> "/>
</td>
</tr>
<tr>
<td> Mobile Number</td>
<td>
<input type="name" name="mobile_number" value="<?php if(isset($_POST['mobile_number'])){ echo htmlentities($_POST['mobile_number']);} ?> "/>
</td>
</tr>
<tr>
<td> Address</td>
<td>
<textarea name="address" rows="4" cols="30"></textarea>
</td>
</tr>
<tr>
<td> City</td>
<td>
<input type="" name="city_name" value="<?php if(isset($_POST['city_name'])){ echo htmlentities($_POST['city_name']);} ?> "/>
</td>
</tr>
<tr>
<td> Country</td>
<td>
<select name="country_name">
<option value=" ">Select Country ...</option>
<option value="bangladesh">Bangladesh</option>
<option value="srilanka">Srilanka </option>
<option value="india">India</option>
</select>
</td>
</tr>
<tr>
<td> Zip Code</td>
<td>
<input type="name" name="zip_code" value="<?php if(isset($_POST['zip_code'])){ echo htmlentities($_POST['zip_code']);} ?> "/>
</td>
</tr>
<tr>
<td></td>
<td>
<input type="submit" name="btn" value="Save">
</td>
</tr>
</table>
</form>
</body>


You have an error in your INSERT STATEMENT:
you are using countryname variable in your query as:
'$datacountry_name]'
I think this should be like this:
'$data[country_name]'
Side note:
You are using mysql_ its deprecated I suggest you to use mysqli_ or PDO.
secondly your code is open for SQL Injection, you need to prevent with sql injection.


its function receives an array, then check your array. The type fields in the db, and if are properly filled.
field int type = int value
if it is returned as a string, you can convert this:
$string = $data[mobile_number];
$int = (int)$string; // convert string type for int.
or use the type varchar to the field
if not the case, say more about the your code.

Related

how to change text box values from mysql on click of drop down menu

I am at the very basic level of coding and I need help regarding this. You can post other links if there are any, related to this thing.
I want to get values from database dynamically on selection of city drop down and set it in a text box.
Any help will be appreciated.!!
enter image description here
<tr>
<td>
<label>City</label>
</td>
<td>
<select id="state" name="city" class="form-control" >
<?php
$sql = "SELECT city FROM service_point GROUP BY city";
$sel = mysql_query($sql);
// output data of each row
while($row = mysql_fetch_array($sel)) {
$city=$row['city'];
?>
<option value="<?php echo $row['city'] ?>">
<?php echo $row['city']; ?></option>
<?php }?>
</select>
</td>
</select>
</tr>
<tr>
<td> </td>
</tr>
<?php
include('config.php');
$s_name="";
$address="";
$phone_no="";
$email="";
$cperson="";
$city="";
$id=$_POST['city'];
$sql = "SELECT * FROM service_point where city = $id'' ";
$query = mysql_query($sql);
echo $sql;
while($row = mysql_fetch_array($query)){
?>
<tr>
<td> Name Of Service Point</td>
<td><input type="text" name="name" value="<?php echo $row['s_name'];?>"/></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td>Address </td>
<td><textarea name="address" col="5" value="<?php echo $row['address'];?>"></textarea></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td>Phone No</td>
<td><input type="text" name="phoneno" value="<?php echo $row[' phone_no'];?>"/></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td>Email Id</td>
<td><input type="text" name="email" value="<?php echo $row['email'];?>"/></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td>Contact Person</td>
<td><input type="text" name="cperson" value="<?php echo $row['cperson'];?>"/></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td></td>
<td align="center"><input type="submit" name="submit" value="submit"/><td>
</tr>
</table>
<?php }?>
</form>

PHP MYSQL Insert dynamic array into database

The dynamic HTML form (with some js help) and PHP script below insert user entered values into MySQL successfully, except that all rows from the form are placed in one row on the database. What am I doing wrong?
Dynamic form HTML:
<table id="dataTable" class="form" border="4">
<tbody style="font-size:8pt">
<th>
<td align="center">Company</td>
<td align="center">Project</td>
<td align="center">Sub-Project</td>
<td align="center">Change From</td>
<td align="center">Change To</td>
<td align="center">Activity</td>
<td align="center">Responsible</td>
<td align="center">Dur</td>
</th>
<tr >
<p>
<td><input type="checkbox" required="required" name="chk[]" checked="checked" /></td>
<td><input style="width:100px" type="text" readonly="readonly" name="coa[]" value="<?php echo $co; ?>">
</td>
<td>
<select name="Projectname[]" style="font-size:10pt">
<option selected="selected" required="required">Select project</option>
<?php
foreach($proj as $item){
?>
<option value="<?php echo $item; ?>"><?php echo $item; ?></option>
<?php
}
mysqli_close($conn);
?>
</select>
</td>
<td><input style="width:100px" type="text" required="required" name="Subproj[]"></td>
<td><input style="width:130px" type="text" required="required" name="Changefrom[]"></td>
<td><input style="width:130px" type="text" required="required" name="Changeto[]"></td>
<td><input style="width:300px" type="text" required="required" name="Activity[]"></td>
<td><input style="width:90px" type="text" required="required" name="Resp[]"></td>
<td><input type="text" required="required" class="small" name="Durest[]"></td>
</p>
</tr>
</tbody>
</table>
PHP script:
<?php
include("../../db_conn_ci_i.php");
if(isset($_POST)==true && empty($_POST)==false){
$co=$_POST['co'];
$chkbox = $_POST['chk'];
$Projectname=$_POST['Projectname'];
$Subproj=$_POST['Subproj'];
$Changefrom=$_POST['Changefrom'];
$Changeto=$_POST['Changeto'];
$Activity=$_POST['Activity'];
$Resp=$_POST['Resp'];
$Durest=$_POST['Durest'];
}
$pco=implode(',',$co);
$pa=implode(',',$Projectname);
$pb=implode(',',$Subproj);
$c=implode(',',$Changefrom);
$d=implode(',',$Changeto);
$e=implode(',',$Activity);
$f=implode(',',$Resp);
$g=implode(',',$Durest);
$sql=" INSERT INTO projects (co,Projectname,Subproj,Changefrom,Changeto,Activity,Resp,Durest)
VALUES ('.$pco.','.$pa.','.$pb.','.$c.','.$d.','.$e.','.$f.','.$g.') ";
$query = mysqli_query($conn,$sql);
etc,etc
?>
Any advice?
Thank you.

You have added an extra column but not added a value for it. Since you are inserting seven columns with eight values, that's why it's not working for you. Your insert query is like below.
$sql=" INSERT INTO projects (Projectname,Subproj,Changefrom,Changeto,Activity,Resp,Durest)
VALUES ('.$pa.','.$pb.','.$c.','.$d.','.$e.','.$f.','.$g.') ";
$query = mysqli_query($conn,$sql);

How to paste dummy text from 1 site to my own using PHP and MySQL?

When I'm pasting dummy text from any website to my textarea it is not saving into MySQL server but sometimes it works correctly. I don't know why it is happening.
Here is my code:
<table align="center" border="10">
<form method="post" action="insert.php" enctype="multipart/form-data">
<tr>
<td>News Title</td>
<td><input type="text" name="title" /></td>
</tr>
<tr>
<td>Select Category</td>
<td>
<select name="cat">
<option>Select Your category</option>
<?php
include('db.php');
$query="select * from nav";
$run=mysql_query($query);
while($row=mysql_fetch_array($run)){
$m_id=$row[0];
$m_title=$row['m_title'];
echo "<option value='$m_id'>$m_title</option>";
}
?>
</select>
</td>
</tr>
<tr>
<td>News Image</td>
<td><input type="file" name="news_image" /></td>
</tr>
<tr>
<td>News Description</td>
<td><textarea cols="40" rows="10" name="desc"></textarea></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="btn" value="Insert News"/> </td>
</tr>
</form>
</table>`
<?php
if(isset($_POST['btn'])){
$news_title=$_POST['title'];
$news_cat=$_POST['cat'];
$news_desc=$_POST['desc'];
$news_image=$_FILES['news_image']['name'];
$tmp_image=$_FILES['news_image']['tmp_name'];
if($news_title=='' || $news_cat=='' || $news_desc==''){
echo "<script>alert('Any of your field is Empty')</script>";
exit();
}
else{
move_uploaded_file($tmp_image,"../images/$news_image");
$insert_query="insert into pages(cat_id,page_title,news_image,page_desc) VALUES ('$news_cat','$news_title','$news_image','$news_desc')";
$insert_run=mysql_query($insert_query);
echo "<script>alert('News Inserted...!!!')</script>";
}
}
?>`

You need to escape the input data in case it contains quote characters.
$news_title=mysql_real_escape_string($_POST['title']);
$news_cat=mysql_real_escape_string($_POST['cat']);
$news_desc=mysql_real_escape_string($_POST['desc']);
$news_image=mysql_real_escape_string($_FILES['news_image']['name']);
It would be better if you switched form the deprecated mysql extension to PDO or mysqli, and used prepared statements.

avoiding duplicate entries and caching entered form values

i have some code that controls duplicate entries in particular the USER ID. it checks in the database at submit and if that USER ID exists already it gives that notification. now the problem is when i submit and if that USER ID entered already exists in the database, all the other entries on the form are cleared, prompting me to re_enter all the other details again. i find this annoying and retrogressive. i want some help on how better i can do it such that only the USER ID text box returns empty, keeping other details safe/unchanged or indeed alternatively keeping/buffering/caching all details previously entered so that i can also review the duplicate USER ID before changing it.
new_user.php
<h1 align="center">Create New User</h1>
<p align="center" style="color:#F00"><?php if(isset($_GET['dup'])){ echo "That User ID Already Exists!"; } ?> </p>
<form id="form1" method="post" action="add_user.php">
<table width="100%">
<tr>
<td width="204"><div align="right">User ID:</div></td>
<td width="286">
<input type="text" name="user_id" id="user_id" />
</td>
</tr>
<tr>
<td><div align="right">Full Names:</div></td>
<td>
<input type="text" name="fname" id="fname" />
</td>
</tr>
<tr>
<td><div align="right">Gender:</div></td>
<td><select id="sex" name="sex">
<option selected="selected" value="male">Male</option>
<option name="female">Female</option>
</select></td>
</tr>
<tr>
<td><div align="right">NRC Number:</div></td>
<td>
<input type="number" name="nrcno" id="nrcno" min="1" />
</td>
</tr>
<tr>
<td><div align="right">Phone Number:</div></td>
<td>
<input type="number" name="cellno" id="cellno" />
</td>
</tr>
<tr>
<td><div align="right">Email Address:</div></td>
<td>
<input type="email" name="emailad" id="emailad" />
</td>
</tr>
<tr>
<td><div align="right">Position Held:</div></td>
<td>
<input type="text" name="posh" id="posh" />
</td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="create" id="create" value="Add User" /></td>
</tr>
</table>
</form>
add_user.php
<?php
$user_id=$_POST['user_id'];
$fname = $_POST['fname'];
$sex= $_POST['sex'];
$name= $_POST['name'];
$nrcno = $_POST['nrcno'];
$cellno= $_POST['cellno'];
$emailad = $_POST['emailad'];
$posh = $_POST['posh'];
require("get_func.php");
checkID($id);
include("connect.php");
mysql_select_db("ceec", $con);
$query = "INSERT INTO user VALUES ('$user_id', '$fname', '$sex','$name', '$nrcno', '$cellno', '$emailad', '$posh')";
if (mysql_query($query)){
header("Location: success.php");
}
else {echo "Nada" . mysql_error(); }
mysql_close($con);
?>
get_func.php
<?php
function checkID($id){
include_once("connect.php");
mysql_select_db("ceec",$con);
$query = "SELECT * FROM user WHERE user_id = '$id'";
$result= mysql_query($query);
if($row = mysql_fetch_array($result))
{
header("Location: new_user.php?dup=true");
break;
}
else {}
}
?>

<input type="text" name="user_id" id="user_id"
<?php if(isset($_POST['user_id'])){echo htmlentities($_POST['user_id'];} ?>/>

MySQL:(PHP) UPDATE Query issue

I have an UPDATE Query in MySQL
UPDATE users
SET fname='$fname',lname='$lname',username='$user',password='$pass',role='$role',status=$status
where id=$id
It works perfectly when I run it in Phpmyadmin by giving values manually but it gives me an error message when I use it in PHP Page.
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
The error is generated because I am doing echo mysql_error() I am getting values from the FORM like this;
$id=$_POST['id'];
$fname=$_POST['txt_fname'];
$lname=$_POST['txt_lname'];
$user=$_POST['txt_user'];
$pass=$_POST['txt_pass'];
$role=$_POST['txt_role'];
$status=$_POST['status'];
Frankly I sound like a stupid asking such a simple question, but I am stuck and need a bit of help. Thanks
FORM HTML
<div id="cuntable" style=" width:400px; margin:0 auto;">
<div class="CSSTableGenerator">
<form name="userform" action="updateuser.php" method="post">
<table >
<tr>
<td colspan="2"> Edit / Modify User Details </td>
</tr>
<tr>
<td>First Name </td>
<td><input type="text" name="txt_fname" placeholder="<?php echo $row[1];?>" /></td>
</tr>
<tr>
<td>Last Name </td>
<td><input type="text" name="txt_lname" placeholder="<?php echo $row[2];?>" /></td>
</tr>
<tr>
<td>Username</td>
<td><input type="text" name="txt_user" placeholder="<?php echo $row[3];?>"/></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="txt_pass" placeholder="<?php echo $row[4];?>" /></td>
</tr>
<tr>
<td>Username</td>
<td>
<select name="txt_role">
<option value=""> Select User Role </option>
<option value="user"> User </option>
<option value="admin">Administrator</option>
<option value="operator">Operator</option>
<option value="accountant">Accountant </option>
</select>
</td>
</tr>
<tr>
<td> Status </td>
<td>
<select name="status">
<option value="1"> Active </option>
<option value="0"> Suspended </option>
</select>
</td>
</tr>
</table>
</div>
<br />
<input type="submit" value=" ADD USER " />
<input type="hidden" name="txt_id" value="<?php echo $row[0];?>"
</form>

Categories