Okay so my objective is to have people able to select there schedule. her is the code so far
<?php
//if form has been submitted process it
if(isset($_POST['submit'])){
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "jesuitschedule";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = 'INSERT INTO schedule (Saturdaymorning, Saturdayafternoon, Sundaymorning, Sundayafternoon, weekday) VALUES (:Saturdaymorning, :Saturdayafternoon, :Sundaymorning, :Sundayafternoon, :weekday)';
// use exec() because no results are returned
$conn->exec($sql);
echo "New record created successfully";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
}
//define page title
$title = 'schedule';
//include header template
require('layout/header.php');
?><!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>schedule</title>
<link href="//netdna.bootstrapcdn.com/bootstrap/3.1.0/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="style/main.css">
</head>
<body>
<div class="container">
<div class="row">
<div class="col-xs-12 col-sm-8 col-md-6 col-sm-offset-2 col-md-offset-3">
<form role="form" method="post" action="" autocomplete="off">
<h2>Please Select your schedule</h2>
<hr>
<div class="form-group">
<input type="checkbox" name="Saturdamorning" id="Satmor" class="form-control input-lg" placeholder="User Name" value="yes" tabindex="1">Saturday Morning <br>
</div>
<div class="form-group">
<input type="checkbox" name="Saturdayafternoon" id="Sataft" class="form-control input-lg" placeholder="S" value="yes" tabindex="2">Saturday Afternoon <br>
</div>
<div class="form-group">
<input type="checkbox" name="Sundaymorning" id="Sunmor" class="form-control input-lg" placeholder="S" value="yes" tabindex="3">Sunday afternoon <br>
</div>
<div class="form-group">
<input type="checkbox" name="Sundayafternoon" id="Sataft" class="form-control input-lg" placeholder="S" value="yes" tabindex="4">Sunday Morning <br>
</div>
<div class="form-group">
<input type="checkbox" name="weekday" id="email" class="form-control input-lg" placeholder="S" value="yes" tabindex="5">weekday <br>
</div>
<div class="row">
<div class="col-xs-6 col-md-6"><input type="submit" name="submit" value="Register" class="btn btn-primary btn-block btn-lg" tabindex="6"></div>
</div>
</form>
</div>
</div>
</div>
</body>
</html>
When I run my code all it works no errors but I when I check the table all I get is blank rows. The code adds a new sets of rows just doesn't add the data to them. I am trying to add either Yes, or to keep it blank if they do not select it. Any help would be great thanks.
As pointed out by Fred -ii-, you've not bound anything to your statement. Here's you code using a prepared statement. I've also commented the code as well to explain my position
if(isset($_POST['submit'])){
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "jesuitschedule";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// You have a sql statement, but attempting to insert non-existant values. So you'll either
// wind up with an error, those values given in the statement inserted into the table,
// or just empty values.
//$sql = 'INSERT INTO schedule (Saturdaymorning, Saturdayafternoon, Sundaymorning, Sundayafternoon, weekday) VALUES (:Saturdaymorning, :Saturdayafternoon, :Sundaymorning, :Sundayafternoon, :weekday)';
// Create a prepared statement, let's you easily bind parameters
$stmt = $con->prepare(
'INSERT INTO schedule (
Saturdaymorning, Saturdayafternoon, Sundaymorning, Sundayafternoon, weekday
) VALUES (
:Saturdaymorning, :Saturdayafternoon, :Sundaymorning, :Sundayafternoon, :weekday
)';
);
// use exec() because no results are returned
//$conn->exec($sql); // You're executing a statement with no bound parameters
// You can use bindParam, but I find this method a tad easier
// Take the stmt created above, and bind the values to the parameters given
// in the statement, BUT, also execute. :)
$stmt->execute(array(
':Saturdaymorning' => 'value',
':Saturdayafternoon' => 'value',
':Sundaymorning' => 'value',
':Sundayafternoon' => 'value',
':weekday' => 'value'
));
echo "New record created successfully";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
}
If you'd like more info on this, take a look at the PDO page from the PHP site, which is where I pulled your fix: PHP: PDO - Manual
Related
Looks like I have 1 last issue that I can't solve due to the fact of being too unexperienced with this matter. This last issue that I can't get to work or basically I don't understand the order in how to do this.
Been able to do the following:
Form that writes records to database
Page that shows database records in a table
Added an edit button to the table that takes you to an edit.php page with a form that has all values pre filled.
What I'm trying to get to work now is to edit one of the inputs on the form so it get's updated in the database.
So far I have this on the edit.php page:
<?php
$servername = "localhost";
$username = "";
$password = "";
$dbname = "";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT id, name, email, age FROM members WHERE id =" .$_GET['id'];
$result = mysqli_query($conn,$sql);
if(mysqli_num_rows($result) > 0) {
$row = mysqli_fetch_assoc($result);
$id = $row['id'];
$name = $row['name'];
$email = $row['email'];
$age = $row['age'];
?>
<form action=" <?=$_SERVER['PHP_SELF']?> " method="POST">
<div align="center">
<div class="container">
<div class="row">
<div class="col-25">
<label for="#"></label>
</div>
<div class="col-75">
<h2>ID: <?php echo $row['id']; ?></h2>
</div>
</div>
<br>
<div class="row">
<div class="col-25">
<label for="name">Name:</label>
</div>
<div class="col-75">
<input type="text" name="name" value="<?php echo $row['name']; ?>" id="my-input" class="input-res">
</div>
</div>
<div class="row">
<div class="col-25">
<label for="email">Email:</label>
</div>
<div class="col-75">
<input type="text" name="email" value="<?php echo $row['email']; ?>" class="input-res">
</div>
</div>
<div class="row">
<div class="col-25">
<label for="age">Age:</label>
</div>
<div class="col-75">
<input type="text" name="age" value="<?php echo $row['age']; ?>" class="input-res">
</div>
</div>
<div class="row"><br>
<input type="submit" name="submit" value="Save updates" class="button">
</div>
</div>
</div>
</form>
</body>
</html>
Have tried adding this code below the form:
<?php
if(isset($_POST['Submit'])){//if the submit button is clicked
$sql="UPDATE name, email, age SET name, email, age WHERE name = ".$name.", email = ".$email.", age = ".$age.";
$conn->query($sql) or die("Cannot update");//update or error
}
?>
But the the page doesn't work anymore, tried changing from single quotes to double qoutes etc. but no success and a few other solutions (that unfortunatelly didn't work).
Need $_POST to get posted value
Use prepare for security
note: die is a wrong idea here
Correct code will be:
<?php
if (isset($_POST['Submit'],$_POST['name'],$_POST['email'],$_POST['age'],$_GET['id'])) { //if the submit button is clicked
$stmt = $conn->prepare('UPDATE name, email, age SET name = ?, email = ?, age = ? WHERE id=?');
$stmt->bind_param('ssii', $_POST['name'], $_POST['email'], $_POST['age'], $_GET['id']);
$stmt->execute();
echo "Updated successfully"; // Updated Successfully
}
I've been going at this for a couple of hours now (searching here and google) but nothing I find helped me to get this to work.
I'm trying to make one form and have a Insert INTO and UPDATE $table SET function in the same form, using buttons.
But whatever I try the Update doesn't copy the data from the form. INSERT INTO works. But when I try to edit the form, no data is copied.
HTML:
<form id="contact-form" method="post" action="cms_data.php" role="form">
<div class="col-sm-12">
<h2>id</h2>
<input name="id" type="text" placeholder="<?php echo $id;?>" value="1">
</div>
<div class="col-sm-12">
<h2>Omschrijving</h2>
<textarea name="omschrijving" type="text" style="height:220px;width:100%;resize:none;"><?php echo $omschrijving;?></textarea>
</div>
<div class="col-sm-12">
<h2>Datum</h2>
<input name="datum" type="text" value="<?php echo $datum;?>">
</div>
<div class="col-sm-12">
<h2>Tijd</h2>
<input name="tijd" type="text" value="<?php echo $tijd;?>">
</div>
<div class="col-sm-12">
<h2>Locatie</h2>
<input name="locatie" type="text" value="<?php echo $locatie;?>">
</div>
<div class="col-sm-12">
<h2>Dresscode</h2>
<input name="dresscode" type="text" value="<?php echo $dresscode;?>">
</div>
<div class="col-sm-12 text-right">
<input type="submit" class="btn btn-success btn-send" value="Versturen" id="sent" <?php // echo $_SESSION['disabled']; ?>>
Update
</div>
</form>
CMS_DATA.php
<?php session_start();?>
<?php
$servername = "localhost";
$username = "xxx";
$password = "xxx";
$dbname = "xxx";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
//echo '<div style="width:100%;background:green;color:#FFF;font-size:2rem;text-align:center;">Connected to '. $dbname. '</div>';
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$id = $_POST['id'];
$omschrijving = $_POST["omschrijving"];
$datum = $_POST["datum"];
$item = $_POST["tijd"];
$locatie = $_POST["locatie"];
$dresscode = $_POST["dresscode"];
$quote = iconv("UTF-8", "WINDOWS-1252//TRANSLIT");
$date = date('Y-m-d');
date_default_timezone_set("Europe/Amsterdam");
$time = date("h:i:sa");
$sql = "INSERT INTO $table (ID, Omschrijving, Datum, Tijd, Locatie, Dresscode )
VALUES ('" .$id."','" .$omschrijving."','".$datum."',' ".$item."','".$locatie."','".$dresscode."')";
if ($conn->query($sql) === TRUE) {
echo "";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
UPDATE-CMS.php
<?php session_start();?>
<?php
$servername = "localhost";
$username = "xxx";
$password = "xxx";
$dbname = "xxx";
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
//echo '<div style="width:100%;background:green;color:#FFF;font-size:2rem;text-align:center;">Connected to '. $dbname. '</div>';
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$id = $_POST['id'];
$omschrijving = $_POST["omschrijving"];
$datum = $_POST["datum"];
$item = $_POST["tijd"];
$locatie = $_POST["locatie"];
$dresscode = $_POST["dresscode"];
$quote = iconv("UTF-8", "WINDOWS-1252//TRANSLIT");
$date = date('Y-m-d');
date_default_timezone_set("Europe/Amsterdam");
$time = date("h:i:sa");
$sql = "UPDATE $table SET
Omschrijving = '$omschrijving', Datum = '$datum', Tijd = '$item', Locatie = '$locatie', Dresscode = '$dresscode' WHERE ID = '1'";
if ($conn->query($sql) === TRUE) {
echo "Done";
} else {
echo "Error: " . $sql . "<br>" . $conn->error;
}
$conn->close();
?>
Like I said, the INSERT INTO works fine. But no data (values) are copied when using the update. I just overrides ID 1 with empty rows... I hope someone can help me... thanks in advance.
You have defined action on your form action="cms_data.php", so your button that is responsible for submitting that form works correctly, but on the other hand you've defined another button (anchor tag), that only has href (hence points to another page), so if you click on it, you won't pass any arguments with it.
My suggestion here is, as I mentioned in comment below your question, to use two buttons, both with submit property, but then handle clicking on them via JavaScript.
When you capture submitment, you can dinamically change action on your form, so your data will be passed to desired script.
Handling multiple buttons in a form:
Process a Form Submit with Multiple Submit Buttons in Javascript
Manipulating form's action property:
How to use JavaScript to change the form action
Another suggestion would be that you use prepared statements in your query, so you wouldn't be vulnerable to SQL injections (from the comments section, I see you'll only be using this locally, but this is a good practice).
Using Mysqli prepared statements:
https://stackoverflow.com/a/24989090/5018750
Echo only prints value on the screen in your respective textbox and does not assign that value to your actual field.
Instead what you can do is start the session in the start of your contact form and store those fields in session variable.
When user selects UPDATE option he will get redirected to UPDATE-CMS.php page. In UPDATE-CMS.php you can retrieve your stored session variables and assign them to your actual variables. In this way you can carry forward your old as well as new values.
anchor just links the page it will not pass data
you are trying to have submit and update button in one form
solution:
in html5 button has formaction attribute .formaction specifies page data to be transferred .so that different button can have different action page
<form id="contact-form" method="post" action="cms_data.php" role="form">
<div class="col-sm-12">
<h2>id</h2>
<input name="id" type="text" placeholder="<?php echo $id;?>" value="1">
</div>
<div class="col-sm-12">
<h2>Omschrijving</h2>
<textarea name="omschrijving" type="text" style="height:220px;width:100%;resize:none;"><?php echo $omschrijving;?></textarea>
</div>
<div class="col-sm-12">
<h2>Datum</h2>
<input name="datum" type="text" value="<?php echo $datum;?>">
</div>
<div class="col-sm-12">
<h2>Tijd</h2>
<input name="tijd" type="text" value="<?php echo $tijd;?>">
</div>
<div class="col-sm-12">
<h2>Locatie</h2>
<input name="locatie" type="text" value="<?php echo $locatie;?>">
</div>
<div class="col-sm-12">
<h2>Dresscode</h2>
<input name="dresscode" type="text" value="<?php echo $dresscode;?>">
</div>
<div class="col-sm-12 text-right">
<buttin formaction="CMS-DATA.php" type="submit" class="btn btn-success btn-send" value="Versturen" id="sent" <?php // echo $_SESSION['disabled']; ?>>
<button formaction="UPDATE-CMS.php" >Update </button>
</div>
</form>
The problem I have: I made a "contact" form, which should send data to my database. All works good, no errors after I access the page from localhost, shows the result I wanted to see, but the database (localhost/phpmyadmin/..) doesn't update with any info.
This is my PHP:
if(isset($_POST['insert']))
{
$hostname = 'localhost';
$username = 'root';
$password = '';
$databaseName = 'nig';
$Nume = $_POST['nume'];
$Email = $_POST['email'];
$Telefon = $_POST['telefon'];
$Subiect = $_POST['subiect'];
$Mesaj = $_POST['mesaj'];
$connect = mysqli_connect($hostname, $username, $password, $databaseName);
$query = "INSERT INTO `amar` (`nume`, `email`, `telefon`, `subiect`, `mesaj`) VALUES ('$Nume','$Email','$Telefon','$Subiect','$Mesaj')";
$result = mysqli_query($connect,$query);
if($result)
{
echo 'Mesaj trimis.';
}else{
echo 'Mesaj netrimis';
}
mysqli_free_result($result);
mysqli_close($connect);
This is my HTML:
<form action="insert2.php" action="post">
<form role="form">
<div class="form-group">
<label for="nume">Nume complet</label>
<input type="text" class="form-control" name="nume">
</div>
<div class="form-group">
<label for="email">Adresa e-mail</label>
<input type="text" class="form-control" name="email">
</div>
<div class="form-group">
<label for="telefon">Telefon</label>
<input type="text" class="form-control" name="telefon">
</div>
<div class="form-group">
<label for="subiect">Subiect</label>
<input type="text" class="form-control" name="subiect">
</div>
<div class="form-group">
<label for="mesaj">Mesaj</label>
<textarea class="form-control" name="mesaj" rows="8"></textarea>
</div>
<input type="submit" name="insert" class="btn btn-theme" value="insert"></button>
</form>
And the result should be data in my MySQL. but the database isn't getting any data, what am I doing wrong?
You have two form tags, one inside the other.
Change this....
<form action="insert2.php" action="post">
<form role="form">
To this...
<form action="insert2.php" action="post">
Also, please note, your PHP code is open to SQL injection. Never trust user input. Always validate and/or escape user entered data prior to using it in a query. Or better yet, used prepared statements or stored procedures.
Update 1:
OK, sorry to hear this is not working. Please add the following mysqli error debugging so we can see what is happening.
Change this...
$result = mysqli_query($connect,$query);
To this...
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
$result = mysqli_query($connect,$query)
if (!$result)) {
printf("Errormessage: %s\n", mysqli_error($connect));
}
Then run the code and see if you get any errors that may help us.
Update 2:
OK, try another piece of debugging.
After this...
$query = "INSERT INTO `amar` (`nume`, `email`, `telefon`, `subiect`, `mesaj`) VALUES ('$Nume','$Email','$Telefon','$Subiect','$Mesaj')";
Add this...
die($query);
Save and run the code.
You will be given a SQL query. Copy and paste that SQL query and run it in your database management tool (phpMyAdmin for example). See if the record is added when you manually run the query or if you are given any errors.
Let us know the outcome.
Hi I'm having some problems when I'm trying to submit a form of mine, everything seems to look fine on my end but im not quite sure why it's still not working any help would be appreciated.
config.php
<?php
$servername = "localhost";
$username = "release";
$password = "";
$dbname = "release";
// Create connection
$con = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
?>
submit.php
<?php
include('config.php');
$producers = $_POST['producers'];
$company = $_POST['company'];
$title = $_POST['title'];
if(!$producers or !$company or !$title) {
echo 'Please make sure to fill out all required feilds.';
} else {
// Insert into DB
$sql = "INSERT INTO release (id, producers, company, title)
VALUES ('null', '$producers', '$company', '$title')";
}
if ($con->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $con->error;
}$con->close();
?>
index.php
<html>
<head>
<link href="css/bootstrap.min.css" rel="stylesheet" media="screen">
<link href="css/bootstrap-responsive.min.css" rel="stylesheet" media="screen">
<script type="text/javascript" src="js/jquery-1.8.0.min.js"></script>
<script type="text/javascript" src="js/bootstrap.min.js"></script>
<style>
input[type="text"] {
height: 30px;
}
</style>
<title>RRP ยป Welcome!</title>
</head>
<body>
<div style="width: 1080px; margin-top: 50px;">
<h3>Welcome!</h3>
<h4>You can edit the basic release form info below. <br /> Once done hit the "Submit" button to carry on to the new form!</h4>
<div class="container">
<form class="contact-us form-horizontal" action="submit.php" method="post">
<div class="control-group">
<label class="control-label">Producers</label>
<div class="controls">
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<input type="text" class="input-xlarge" name="producers" placeholder="Producers(seperate by commas)">
</div>
</div>
</div>
<div class="control-group">
<label class="control-label">Production Company</label>
<div class="controls">
<div class="input-prepend">
<span class="add-on"><i class="icon-globe"></i></span>
<input type="text" class="input-xlarge" name="company" placeholder="Rolling Ridges Productions">
</div>
</div>
</div>
<div class="control-group">
<label class="control-label">Title</label>
<div class="controls">
<div class="input-prepend">
<span class="add-on"><i class="icon-pencil"></i></span>
<input type="text" class="input-xlarge" name="title" placeholder="Desperate Measures">
</div>
</div>
</div>
<div class="control-group">
<div class="controls">
<button type="submit" class="btn btn-primary">Submit</button>
<button type="button" class="btn">Cancel</button>
</div>
</div>
</form>
</body>
</html>
error
Error: INSERT INTO release (id, producers, company, title) VALUES ('null', 'lol', 'lol', 'lol')
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'release (id, producers, company, title) VALUES ('null', 'lol', 'lol', 'lol')' at line 1
Resolved: was as simple as adding ticks to release
release is a MySQL keyword, and should be enclosed in backticks: `release`
try to use backticks in table name if it is keyword release
$sql = "INSERT INTO `release` (id, producers, company, title)
VALUES ('null', '$producers', '$company', '$title')";
Also it is better to write your database in the following format
database name -> db_name eg db_release, and
table name -> tb_name eg tb_release
so as to avoid keywords errors
It seems to me that id should not be assigned the string value 'null'. Typically id columns are auto increment, in which case you should simply omit the column:
$sql = "INSERT INTO `release` (producers, company, title)
VALUES ('".addslashes($producers)."', '".addslashes($company)."', '".addslashes($title)."'";
The addslashes is to protect again SQL injection. You should also sanitize your inputs:
$producers = strval($_POST['producers']);
$company = strval($_POST['company']);
$title = strval($_POST['title']);
Im new in MYSQL & PHP so don't mind me about my stolen code XD
I want to publish simple posts by using PHP/HTML & saving on Database.
Ayway here is the file that i've created to post stuff on home.php
admin.php
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "dblogin";
$newsTitle = null;
$newsShortDescription = null;
$newsFullContent = null;
$newsColor = null;
$newsIcon = null;
$users_website = null;
$users_comment = null;
if(isset($_POST['btn-post']))
{
$newsTitle = $_POST['news_title'];
$newsShortDescription = $_POST['news_short_description'];
$newsFullContent = $_POST['news_full_content'];
$newsColor = $_POST['news_color'];
$newsIcon = $_POST['news_author'];
}
$newsTitle = mysql_real_escape_string($newsTitle);
$newsShortDescription = mysql_real_escape_string($newsShortDescription);
$users_website = mysql_real_escape_string($users_website);
$users_comment = mysql_real_escape_string($users_comment);
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO info_news (news_title, news_short_description, news_full_content, news_author, news_color)
VALUES ('$newsTitle', '$newsShortDescription', '$newsFullContent', '$newsIcon', '$newsColor')";
// use exec() because no results are returned
$conn->exec($sql);
echo "New record created successfully";
$conn = null;
?>
<form method="post">
<div class="form-group">
<input type="text" class="form-control" name="news_title" placeholder="Title" required />
</div>
<div class="form-group">
<input type="text" class="form-control" name="news_short_description" placeholder="Description" required />
</div>
<div class="form-group">
<input type="text" class="form-control" name="news_full_content" placeholder="Full Content" required />
</div>
<div class="form-group">
<input type="text" class="form-control" name="news_color" placeholder="Color" required />
</div>
<div class="form-group">
<input type="text" class="form-control" name="news_author" placeholder="Icon" required />
</div>
<div class="clearfix"></div>
<div class="form-group">
<button type="submit" name="btn-post" class="btn btn-block btn-primary">
Post
</button>
</div>
<br />
</form>
Thank you :)
I want to make kind of a simple blog, only Title, Short Description and so... It works while i make new posts, but when i refresh it shows an empty post. Here is a pic: Here is the Image also i've tried to edit the admin.php ( By looking other questions on SOF )
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "dblogin";
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = $conn->prepare("INSERT INTO info_news (news_title, news_short_description, news_full_content, news_author, news_color) VALUES (:news_title, :news_short_description, :news_full_content, :news_author, :news_color)");
$stmt->bindParam(':news_title', $news_title);
$stmt->bindParam(':news_short_description', $news_short_description);
$stmt->bindParam(':news_full_content', $news_full_content);
$stmt->bindParam(':news_author', $news_author);
$stmt->bindParam(':news_color', $news_color);
$stmt->execute($_POST);
?>
<form method="post">
<div class="form-group">
<input type="text" class="form-control" name="news_title" placeholder="Title" required />
</div>
<div class="form-group">
<input type="text" class="form-control" name="news_short_description" placeholder="Description" required />
</div>
<div class="form-group">
<input type="text" class="form-control" name="news_full_content" placeholder="Full Content" required />
</div>
<div class="form-group">
<input type="text" class="form-control" name="news_color" placeholder="Color" required />
</div>
<div class="form-group">
<input type="text" class="form-control" name="news_author" placeholder="Icon" required />
</div>
<div class="clearfix"></div>
<div class="form-group">
<button type="submit" name="btn-post" class="btn btn-block btn-primary">
Post
</button>
</div>
<br />
</form>
By looking some other questions on stackoverflow but still no luck ;/
it's not an empty post what makes the empty row inserted, try this:
if(isset($_POST['btn-post']))
{
$newsTitle = $_POST['news_title'];
$newsShortDescription = $_POST['news_short_description'];
$newsFullContent = $_POST['news_full_content'];
$newsColor = $_POST['news_color'];
$newsIcon = $_POST['news_author'];
$newsTitle = mysql_real_escape_string($newsTitle);
$newsShortDescription = mysql_real_escape_string($newsShortDescription);
$users_website = mysql_real_escape_string($users_website);
$users_comment = mysql_real_escape_string($users_comment);
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO info_news (news_title, news_short_description, news_full_content, news_author, news_color)
VALUES ('$newsTitle', '$newsShortDescription', '$newsFullContent', '$newsIcon', '$newsColor')";
// use exec() because no results are returned
$conn->exec($sql);
echo "New record created successfully";
$conn = null;
}
I moved the "}" after $conn = null; ;)
And BTW, you should redirect after each POST. So POST is not sent once more on page refresh.
And you can't redirect while the content was "echoed" already. It will work for a while thanks to buffer, but when the header will grow in its size (like 4kB, depends on server settings) it will fail one day. (saw it few times in github you posted)