I want to send the values from one form to a php file that posts it to a database, then to another php file that posts the same values, how can I do this using php?
This is my php
<?php
$con = mysql_connect("localhost","user","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("database_name", $con);
$sql="INSERT INTO players (first_name, last_name, company, phone, email, zip, street, city, state, country, reasons, notes, callback)
VALUE
('$_POST[first_name]','$_POST[last_name]','$_POST[company]','$_POST[phone]','$_POST[email]','$_POST[zip]','$_POST[street]','$_POST[city]','$_POST[state]','$_POST[country]','$_POST[reasons]','$_POST[notes]','$_POST[callback]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 record added";
mysql_close($con)
?>
Thank you for your help. (i'm sorry if this is a duplicate, i did not find anything on this)
In submit.php file
<?php
$con = mysql_connect("localhost","user","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("database_name", $con);
$sql="INSERT INTO players (first_name, last_name, company, phone, email, zip, street, city, state, country, reasons, notes, callback)
VALUE
('$_POST[first_name]','$_POST[last_name]','$_POST[company]','$_POST[phone]','$_POST[email]','$_POST[zip]','$_POST[street]','$_POST[city]','$_POST[state]','$_POST[country]','$_POST[reasons]','$_POST[notes]','$_POST[callback]')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
//Add more
$id = mysql_insert_id();
mysql_close($con);
header('Location: review.php?id=' . $id);
?>
Then get data from review.php file
<?php
$id = $_GET['id'];
//SELECT * FROM tbl ... WHERE id = $id
//Your code
?>
Related
I have a form with data I will like to insert in 2 different tables (order and order_etails). Here is what I did. But it is inserting in only 1 form.
<?php
include '../db/connect.php';
$sql="INSERT INTO order_etails (part_id, quantity, price, status_id,order_id)
VALUES
('$_POST[part_id]','$_POST[quantity]','$_POST[price]','$_POST[status_id]','$_POST[order_id] '),
('$_POST[part_id2]','$_POST[quantity2]','$_POST[price2]','$_POST[status_id2]','$_POST[order _id2]'),
('$_POST[part_id3]','$_POST[quantity3]','$_POST[price3]','$_POST[status_id3]','$_POST[order _id3]')";
$sql1="INSERT INTO order (platform)
VALUE
('$_POST[platform]')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
echo "record(s) added";
mysqli_close($con);
?>
I have also tried this:
<?php
include '../db/connect.php';
$sql="INSERT INTO order_details (part_id, quantity, price, status_id,order_id)
VALUES
('$_POST[part_id]','$_POST[quantity]','$_POST[price]','$_POST[status_id]','$_POST[order_id]'),
('$_POST[part_id2]','$_POST[quantity2]','$_POST[price2]','$_POST[status_id2]','$_POST[order_id2]'),
('$_POST[part_id3]','$_POST[quantity3]','$_POST[price3]','$_POST[status_id3]','$_POST[order_id3]');
INSERT INTO order (platform)
VALUE
('$_POST[platform]')";
mysql_query($sql1);
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
echo "record(s) added";
mysqli_close($con);
?>
Try VALUES instead of VALUE in your second query.
Also, you don't seem to actually execute both queries in either of your examples. You should have something like:
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
if (!mysqli_query($con,$sql1))
{
die('Error: ' . mysqli_error($con));
}
echo "record(s) added";
You should also consider wrapping the two executions in a transaction, so that if the 2nd insert fails the first will also be rolled back.
First of all you need using mysql multi query.
$sql="INSERT INTO order_details (part_id, quantity, price, status_id,order_id)
VALUES
('$_POST[part_id]','$_POST[quantity]','$_POST[price]','$_POST[status_id]','$_POST[order_id]'),
('$_POST[part_id2]','$_POST[quantity2]','$_POST[price2]','$_POST[status_id2]','$_POST[order_id2]'),
('$_POST[part_id3]','$_POST[quantity3]','$_POST[price3]','$_POST[status_id3]','$_POST[order_id3]');
$sql.= INSERT INTO order (platform)
VALUES
('$_POST[platform]')";
if (mysqli_multi_query($link, $sql)) {
//do action
}
Thank you for both of you. It worked and here is how I did it:
<?php
include '../db/connect.php';
$sql="INSERT INTO order_details (part_id, quantity, price, status_id,order_id)
VALUES
('$_POST[part_id]','$_POST[quantity]','$_POST[price]','$_POST[status_id]','$_POST[order_id]'),
('$_POST[part_id2]','$_POST[quantity2]','$_POST[price2]','$_POST[status_id2]','$_POST[order_id2]'),
('$_POST[part_id3]','$_POST[quantity3]','$_POST[price3]','$_POST[status_id3]','$_POST[order_id3]')";
$sql1="INSERT INTO order (platform)
VALUES
('$_POST[platform]')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
if (!mysqli_query($con,$sql1))
{
die('Error: ' . mysqli_error($con));
}
echo "record(s) added";
?>
This php is suposed to send five attributes {id, description, email, price, shape} to the sales table in the salesinformation database.
<?php
define('DB_NAME', 'salesinformation');
define('DB_USER', 'root');
define('DB_PASSWORD', '');
define('DB_HOST', 'localhost');
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die('Cannot connect: ' . mysql_error());
}
$db_selected = mysql_select_db(DB_NAME, $link);
if(!$db_selected){
die('Cannot use ' . DB_NAME . ': ' . mysql_error());
}
$value = $_POST['description'];
$value2 = $_POST['email'];
$value3 = $_POST['price'];
$value4 = $_POST['shape'];
$sql = mysql_query("INSERT INTO sales (id, description, email, price, shape) VALUES ('', '$value', '$value2', '$value3', '$value4')");
if (!mysql_query($sql)){
die('Error: ' . mysql_error());
}
mysql_close();
?>
If I echo $value it prints out the correct information that I filled in my html form (So the part that extracts values from the HTML is working atleast). I run xampp and created the database with PhpMyAdmin, and when this PHP runs all I get is Error: Query was empty and nothing is added to the database at all.
What makes the mysql_query empty?
EDIT: I had missed a ' sign at one of the values.
Now instead I get this error message
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1' at line 1
Question: What makes the mysql_query empty?
It's you, who calls mysql_query without a real query:
$sql = mysql_query("INSERT INTO sales (id, description, email, price, shape) VALUES ('', '$value', '$value2', '$value3', '$value4')");
if (!mysql_query($sql)){ // <---- look here
die('Error: ' . mysql_error());
}
What we see in your code is that you pass $sql to mysql_query which isn't a valid query and you can check it with var_dump($sql);
Remove the ID column from your query. Assuming you made made it a INDEX (and AUTO_INCREMENT) probably:). You can either remove it out the fieldlist, or instead of the '' put a NULL there :).
PHP code is inserting blank records when inserting data in the database with the _POST Method, However when I use _GET everything works fine.
Thanks in Advace.
<?php
$con=mysqli_connect("localhost","root","*******","student");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql="INSERT INTO Student (textnames, fathername, mom, occu, homenum, paddress, offcontact, Course, District, State, pincode, emailid, dob, mobileno)
VALUES
('$_POST[textnames]','$_POST[fathername]','$_POST[mom]','$_POST[occu]','$_POST[homenum]','$_POST[paddress]','$_POST[offcontact]','$_POST[Course]','$_POST[District]','$_POST[State]','$_POST[pincode]','$_POST[emailid]','$_POST[dob]','$_POST[mobileno]')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
echo "Successfully Added Record";
mysqli_close($con);
?>
Any suggestions how to avoid this.....
a good rule of thumb is checking PHP Variables availability with phpinfo (this is related to your web server configuration).
Try and add:
echo phpinfo();
exit;
just before your
if (!mysqli_query($con,$sql))
The reason is that you are most probably doing the post not same as get
'$_POST[textnames]'// is wrong
'$_POST["textnames"]'// is correct
and same with all others. You must have used quotes to get these values without quotes your index like textnames would be incorrect both for GET and POST
try to initialise the $_POST to a local variable and use the query as follows
<?php
$a=$_POST['textname'];
$b=$_POST['fathername'];
$c=$_POST['mom'];'
$d=$_POST['occu'];
$e=$_POST['homenum'];
$f=$_POST['paddress'];
$g=$_POST['offcontact'];
$i=$_POST['Course'];
$j=$_POST['District'];
$k=$_POST['State'];
$l=$_POST['pincode'];
$m=$_POST['emailid'];
$o=$_POST['dob'];
$p=$_POST['mobileno']
$con=mysqli_connect("localhost","root","*******","student");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql="INSERT INTO Student (textnames, fathername, mom, occu, homenum, paddress, offcontact, Course, District, State, pincode, emailid, dob, mobileno) VALUES('$a','$b','$c','$d','$e','$f','$g','$i','$j','$k','$l','$m','$o','$p')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
echo "Successfully Added Record";
mysqli_close($con);
?>
First check whether your form is sending value by
if(isset($_POST["submit"]))
{
Your insert query here
}
also in form try using following code
<form methode = "POST" action = "">
</form>
It works with the _REQUEST i think it'll do
<?php
$con=mysqli_connect("localhost","root","********","student");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql="INSERT INTO Student (textnames, fathername, mom, occu, homenum, paddress, offcontact, Course, District, State, pincode, emailid, dob, mobileno)
VALUES
('$_REQUEST[textnames]','$_REQUEST[fathername]','$_REQUEST[mom]','$_REQUEST[occu]','$_REQUEST[homenum]','$_REQUEST[paddress]','$_REQUEST[offcontact]','$_REQUEST[Course]','$_REQUEST[District]','$_REQUEST[State]','$_REQUEST[pincode]','$_REQUEST[emailid]','$_REQUEST[dob]','$_REQUEST[mobileno]')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
echo "Successfully Added Record";
mysqli_close($con);
?>
You can change your code like this. The point is you missed the single quotes when accessed the post variables.
<?php
$con=mysqli_connect("localhost","root","*******","student");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql="INSERT INTO Student (textnames, fathername, mom, occu, homenum, paddress, offcontact, Course, District, State, pincode, emailid, dob, mobileno)
VALUES
('".$_POST['textnames']."','".$_POST['fathername']."','".$_POST['mom']."','".$_POST['occu']."','".$_POST['homenum']."','".$_POST['paddress']."','".$_POST['offcontact']."','".$_POST['Course']."','".$_POST['District']."','".$_POST['State']."','".$_POST['pincode']."','".$_POST['emailid']."','".$_POST['dob']."','".$_POST['mobileno']."')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
echo "Successfully Added Record";
mysqli_close($con);
}
}
?>
Simple question for you guys - I'm trying to submit data to a table in a database and it does so successfully, before continuing to add an infinite number of blank rows to the table.
Here's the code:
<?php
$name = $_POST['name'];
$email = $_POST['email'];
$about = $_POST['about'];
$msg = $_POST['message'];
$con = mysql_connect("DATABASE","USERNAME","PASSWORD");
if (!$con) {
die('Could not connect: ' . mysql_error());
}
$database = mysql_select_db("benpearl_co_uk_db", $con);
if(!$database) {
die('Houston, we have a problem: ' . mysql_error());
}
$sql="INSERT INTO contact (name, email, about, message) VALUES ('$name', '$email', '$about', '$msg')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
?>
<script language="JavaScript">
self.location="?email=1";
</script>
Just to reiterate, I have no problem in connecting to the database or successfully putting the values from the form into the table. However once the values are inputted the page continually refreshes, adding blank lines to the table.
What's going wrong with my code here?
You always redirect to the the same page with:
self.location="?email=1";
Try something like:
$sql = "INSERT INTO contact (name, email, about, message) VALUES ('$name', '$email', '$about', '$msg')";
if (mysql_query($sql, $con))
{
header('Location: $other_page');
}
die('Error: ' . mysql_error());
The problem is here:
<script language="JavaScript">
self.location="?email=1";
</script>
Self.location redirects the browser, you are redirecting to the same page with the addition of the url parameter email = 1 which of course runs the script again causing an infinite loop. You should check whether $_POST contains valid values and only then insert into the database.
Well, that's exactly what your code does:
on the server side write a DB row
return page to client, that contains <script language="JavaScript">self.location="?email=1";</script>
which in turn makes the page refresh.
You would need to make the JS part conditional.
you should run the insert only when the button submit is clicked if you have , so even when you load the page again it will not insert again the data
try doing this
if (isset($_POST['submit'])) //then run your insert sql
{
$sql="INSERT INTO contact (name, email, about, message) VALUES ('$name', '$email', '$about', '$msg')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
}
I have a the following code for inputing data in a database..i specifically echoed the values to see whether they have correct values or not...they have correct values but the values i get in the database are totally different.
Here is my code
<?php
$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("sm_sample");
$source=$_POST['source'];
$username=$_POST['username'];
$location=$_POST['location'];
$category=$_POST['category'];
$complaint=$_POST['complaint'];
$status=$_POST['status'];
$date=$_POST['date'];
echo $source.$username.$location.$category.$complaint.$status.$date;
$sql="INSERT INTO sample VALUES(ID=NULL,source='$source',username=
'$username', location='$location', category='$category',complaint=
'$complaint',date='$date',status='$status')";
if (!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
echo "1 record added";
echo "<BR>";
echo "<a href='usercom1.php'>View result</a>";
mysql_close($con)
?>
the values i get in the database r like this:
List data from mysql
Source Username Location Category Complaint Date Status Update
0 Singapore 0 0000-00-00 Pending Edit
The correct syntax:
$sql="INSERT INTO `sample`(`ID`,`source`,`username`, `location`,`category`,`complaint`,`date`,`status`)
VALUES (0, '$source','$username','$location','$category','$complaint','$date','$status')";
later edit ... you are using wrong mysql_query and connection syntax
$con = mysql_connect("localhost","root","") or die('database connection?');
mysql_select_db("sm_sample", $con) or die('wrong database?');
// and for $_POST you sould use mysql_real_escape_string
$source = mysql_real_escape_string($_POST['source']);
// ........................................
$sql="INSERT INTO `sample`(`ID`,`source`,`username`, `location`,`category`,`complaint`,`date`,`status`)
VALUES (0, '$source','$username','$location','$category','$complaint','$date','$status')";
mysql_query($sql) or die('Error: '.mysql_error().': '.mysql_errno());
// ........................................
mysql_close($con);
<?php
$con = mysql_connect("localhost","root","");
if (!$con)
{
echo ('Could not connect: ' . mysql_error());
}
mysql_select_db("sm_sample",$con);
$source=$_POST['source'];
$username=$_POST['username'];
$location=$_POST['location'];
$category=$_POST['category'];
$complaint=$_POST['complaint'];
$status=$_POST['status'];
$date=$_POST['date'];
echo $source.$username.$location.$category.$complaint.$status.$date;
$sql="INSERT INTO sample ('source','username','location','category','complaint','status') VALUES('$source','$username','location','category','complaint','status' )";
if (!mysql_query($sql))
{
echo ('Error: ' . mysql_error());
}
echo "1 record added";
echo "<BR>";
echo "<a href='usercom1.php'>View result</a>";
mysql_close($con);
?>
First thing you do not have to add id if it is auto increment and date if it uses current timestamp and one more thing that never use die(); , use echo instead.
You should provide only VALUES of data with no column names:
$sql="INSERT INTO sample VALUES(ID, '$source', '$username', '$location', '$category', '$complaint', '$date', '$status')";
Also if you have only one DB connection you can not to define $con variable in mysql_query(). Like this: mysql_query($sql).
The problem is with the following line:
<?php
$sql="INSERT INTO sample VALUES(ID=NULL,source='$source',username='$username', location='$location', category='$category',complaint=
'$complaint',date='$date',status='$status')";
?>
If you check the result in the database, you'll see that the values are getting in the wrong order, use this instead:
<?php
$sql="INSERT INTO sample(ID, source, username, location, category, complaint, date, status) VALUES(NULL, '$source', '$username', '$location', '$category', '$complaint','$date','$status')";
?>
PLEASE read what Albireo posted in his comment. Your code is extremely vulnerable.