Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
I am trying this code but data is not getting saved and it is throwing an error
<?php
include 'core/int.php';
include 'includes/overall/header.php';
if(!empty($_POST)){
$add_status = $insert->add_status($user_data['user_id']);
}
?>
<form action = "" method = "POST">
<ul>
<li>
<input name = "question_time" type = "hidden" value = "<?php echo time()?>" />
</li>
<li>
<h2>Post your Question <?php echo $user_data['username'];?></h2>
<textarea name = "question"></textarea>
</li>
<li>
<p><input type = "submit" value = "submit"></p>
</li>
</ul>
</form>
and the function is defined like this :
function add_status($user_id){
mysql_query("INSERT into `post` (user_id, status_time, status_content) VALUES($user_id, '$_POST[question_time]', '$_POST[question]')");
}
It is throwing and error that
Undefined variable: insert in C:\wamp\www\zr\sheet.php on line 7
Call to a member function add_status() on a non-object in C:\wamp\www\zr\sheet.php on line 7
Line 7 is "$add_status = $insert->add_status($user_data['user_id']);"
I am a new learner in PHP and MYSQL
Thanks in advance..
I would do it like this:
function add_status($id, $status_time, $status_content)
{
$db = //your db connection
$query = $mysqli_query('INSERT into table WHERE user_id, status_time, status_content VALUES (?, ?, ?)');
$db->bind_param('i,i,s' $id, $status_time, $status_content);
$db->execute();
}
and then call it as
if(isset($_POST['submit']))
{
$questionTime = $_POST['question_time'];
$question = $_POST['question'];
$allFields = $questionTime . $question;
if (!empty($allFields)) {
$insert->add_status($user_data['user_id'], $questionTime, $question);
}
}
Remember, always use prepared statements and NEVER use mysql_ functions.
first of all, you should extract using POST. This is the ideal way..
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 1 year ago.
Improve this question
I am new to PHP and I am trying to enter details into my database.
Session I want to insert data into database with
<form method="post" action="">
<input name="p_date" type="date">
<input name="r_date" type="date">
</form>
if (!empty($_POST)) {
$_SESSION['p_date'] = $_POST['p_date'];
$_SESSION['r_date'] = $_POST['r_date'];
}
This code, Url on the side True is spinning but can't add data to database.
Where could i be wrong?
if(isset($_POST['dateSearch'])) {
$insert=$connect->prepare("Insert Into test (p_date,r_date) VALUES ('{$_SESSION['p_date']}','{$_SESSION['r_date']}'");
if($insert) {
header("Location:cars.php?Status=True");
}
else {
header("Location:cars.php?Status=False");
}
}
Thanks in advance..
for pdo this is how it should be done:
$sql = "INSERT INTO test (p_date,r_date) VALUES (?,?)";
$stmt= $pdo->prepare($sql);
$stmt->execute([$p_date,$r_date]);
for mysqli you can do like this:
$stmt = $conn->prepare("INSERT INTO test (p_date,r_date) VALUES (?, ?)");
$stmt->bind_param("ss", $p_date,$r_date);
$p_date = 'string';
$r_date ='string';
$stmt->execute();
$stmt->close();
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 7 years ago.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Improve this question
I have tried rewrite the code, i have looked on previously succesful codings i have made and i really cant find the problem.. i am going crazy.
I am trying to post some data from a form to a database.
The database i setup correctly as far as i can tell, but something is making the script fail every time.
IMAGE OF DATABASE: http://imgur.com/F93A9ot
(sry for the language being in danish.)
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Document</title>
</head>
<body>
<?php
// defining database information
define("HOSTNAME", "localhost");
define("MYSQLUSER", "admin");
define("MYSQLPASS", "admin");
define("MYSQLDB", "lynx");
// establishing database connection
if(isset($_POST['submit'])){
$connection = new mysqli(HOSTNAME, MYSQLUSER, MYSQLPASS, MYSQLDB);
$name = mysqli_real_escape_string($connection, $_POST['name']);
$price = mysqli_real_escape_string($connection, $_POST['price']);
$desc = mysqli_real_escape_string($connection, $_POST['desc']);
$insert = "INSERT into products (id, name, price, desc) VALUES (NULL, '$name', '$price', '$desc')";
if($connection->query($insert)) {
echo "Succes";
} else {
echo "Something went wrong";
}
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<input type="text" name="name">
<input type="text" name="price">
<input type="text" name="desc">
<input type="submit" name="submit">
</form>
</body>
</html>
Can you see what i am doing wrong?
products (id, name, price, desc)
Tried reading the manual as well? desc is a reserved word.
If you didnt have this useless piece of code
else {
echo "Something went wrong";
}
and had
else {
echo $connection-error;
}
You would find that out yourself
desc is reverse keyword of mysql you can use it using backtick
$insert = "INSERT into products (`id`, `name`, `price`, `desc`) VALUES (NULL, '$name', '$price', '$desc')";
This is with your field 'desc' . this is not allowed by MYSQL because it is reserved. So please rename it. It will solve your issue.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
I have been programming a telephone directory and i am now facing a problem.
When I enter ime and prezime (which are name and surname in english), I can not get broj (which is telephone number in english) of that person.
<?php
mysql_connect ("localhost", "root", "");
mysql_select_db ("imenik");
mysql_set_charset('utf8');
if (isset ($_POST['ime']) && isset ($_POST['prezime'])){
if (!empty ($_POST['ime']) && !empty ($_POST['prezime'])){
$trazeno_ime = $_POST('ime');
$trazeno_prezime = $_POST('prezime');
$query = "SELECT broj_telefona, adresa FROM korisnici WHERE ime='$trazeno_ime' AND prezime='$trazeno_prezime'";
if ($query_run = mysql_query($query)){
if(mysql_num_rows($query_run)==NULL){
echo "Nema korisnika u bazi";
}
else {
$query_row = mysql_fetch_assoc($query_run);
$brojtel = $query_row["broj_telefona"];
$adresa = $query_row["adresa"];
echo "Broj: ".$brojtel."<br>";
echo "Adresa: ".$adresa;
}
}
else {
echo "Unesi podatke";
}
}
}
?>
Change these lines:
$trazeno_ime = $_POST('ime');
$trazeno_prezime = $_POST('prezime');
To:
$trazeno_ime = $_POST['ime'];
$trazeno_prezime = $_POST['prezime'];
and you should take a look at PDO or Prepared Statements, since msyql_ functions are depricated.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
I want to insert the values of a form into the database table called company. But this program again and again tells me that my query did not get executed. May I know why this is so??
I have stored all the values of the form into an array called insert and than I implode the array and name it as newarray so that it is in a form which can be inserted into the database.
But this does not seem to work for me. Please tell me what's the problem in here??
<?php
$host = "localhost";
$name = "root";
$password = "";
$db = "shopinz";
$con = mysqli_connect($host,$name,$password,$db);
$insert = array();
$newarray = array();
if(mysqli_connect_errno()){
echo("Cannot connect to the databse".mysqli_connect_errno());
exit();
}
else{
if($_SERVER['REQUEST_METHOD'] == 'POST'){
foreach($_POST as $value){
if($value == $_POST['submit']){
break;
}
else{
array_push($GLOBALS['insert'],$value);
}
}
$newarray = implode(',',$insert);
$result = mysqli_query($con,"INSERT INTO company (company_name,company_number,company_address) VALUES($newarray)");
if($result){
echo("1 row added");
}
else{
echo("Query not executed");
}
}
}
?>
This line has no significance:
array_push($GLOBALS['insert'],$value);
Push your values to the one that you need which is $insert
unset($_POST['submit']);
foreach($_POST as $value){
$insert[] = "'".$con->real_escape_string($value)."'";
}
$newarray = implode(',',$insert);
Note: I suggest use prepared statements instead.
$insert = $con->prepare('INSERT INTO company (company_name,company_number,company_address) VALUES(?, ?, ?)');
$insert->bind_param('sss', $_POST['company_name'], $_POST['company_number'], $_POST['company_address']);
$insert->execute();
Looking at your code the problem I can see is here:
foreach($_POST as $value){
In your foreach you have $_POST but you dont define what posit it si it should be $_POST['something']
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking for code must demonstrate a minimal understanding of the problem being solved. Include attempted solutions, why they didn't work, and the expected results. See also: Stack Overflow question checklist
Closed 9 years ago.
Improve this question
I'm trying to create a self-submitting page that will create a form for a user to fill out. The information will be stored in a MySQL database. The form seems to be working, but I can't insert the information from the form into a database for some reason. Here's what I have:
<!DOCTYPE html>
<html>
<head>
<title>MySQL Test</title>
</head>
<body>
<h1>MySQL Test</h1>
<?php
if($_SERVER["REQUEST_METHOD"] == "GET") {
?>
<form action="" method="post">
<input type="text" name="name" placeholder="Name" /><br />
<input type="submit" value="Send" />
</form>
<?php
} else if ($_SERVER["REQUEST_METHOD"] == "POST") {
$name = $_POST["name"];
$server = new PDO("mysql:dbname=test;host=localhost", "root", "root");
$server->execute("INSERT INTO test ('name') VALUES $name;");
}
?>
</body>
</html>
What should I change?
your insert should look as follows:
$name = $_POST["name"];
$server = new PDO("mysql:dbname=test;host=localhost", "root", "root");
$stmt = $server->prepare("INSERT INTO test (name) VALUES (:name)");
$stmt->bindParam(':name', $name);
$stmt->execute();
Please do your insert like this:
$name = "john";
$query = "INSERT INTO test(col) VALUES(:name);";
$statement = $server->prepare($query);
$statement->execute(array(":name" => $name));
This is called using prepared statements, it's very easy and will avoid sql-injection. You can execute multiple variables on multiple cols on your query by separating with commas after each ":col" => $colVal, but that's not needed here, just a tip.
You can do it for updates aswell.
Remember to check if your being-inserted value is empty or not.