I'm trying to create a webpage that has multiple forms that people will fill, click submit, PHP will handle running a query to insert all the data into the table, in their respective fields.
I created one that submitted one field completely fine, and as soon as I expanded it to 5 fields I realised I didn't know how to handle the code.
<html>
<head>
<title>Asset Pass</title>
</head>
<body>
<h1>Asset Submission</h1>
<p>Connection status: <?php include '../mysqlconnect.php'; echo $db . " active"; ?></p>
<form method="post">
<div><label for="type">Type:
<br/><input type="text" name="type" id="type"/></label></div>
<div><label for="name">Name:
<br/><input type="text" name="name" id="name"/></label></div>
<div><label for="desc">Description:
<br/><input type="text" name="desc" id="desc"/></label></div>
<div><label for="loc">Location:
<br/><input type="text" name="loc" id="loc"/></label></div>
<div><label for="label">Label:
<br/><input type="text" name="label" id="label"/></label></div>
<div><input type="submit" name="submit" value="GO"/></div>
</form>
<?php
#function aquery($asset) {
# include '../mysqlconnect.php';
# $conn->query("INSERT INTO kit VALUES ('$asset', '$name', '$desc', '$loc', '$label');");
#}
if ($_POST['submit']) {
include '../mysqlconnect.php';
foreach ($_POST['type'] as $key => $value)
{
$type = $_POST['type'] [$key];
$name = $_POST['name'] [$key];
$desc = $_POST['desc'] [$key];
$loc = $_POST['loc'] [$key];
$label = $_POST['label'][$key];
$sql = $conn->query("INSERT INTO Kit VALUES ('$type', '$name', '$desc', '$loc', '$label');");
}
}
## $asset = $_POST['name'];
# aquery($asset);
# printf("<h3>Entry Accepted</h3>" . "<br/><br/>" . "<strong>Submission: </strong>" . $asset . "<br/><br/>");
?>
</body>
</html>
Sorry for the butchered code - the commented bits at the top and bottom are the original fragments of code I tried using, the bit in the middle is a suggested online solution, and something close to what I think would work. I'm using PDO btw!
Didn't understand how $_POST and isset worked properly.
if (isset($_POST['submit']))
{
include '../mysqlconnect.php';
$type = filter_input(INPUT_POST, 'type', FILTER_SANITIZE_MAGIC_QUOTES);
and so forth, works perfectly.
Related
I am trying to add records into a database. Each record has a corresponding image. The records are getting inserted into the database but it is not working for the image. I am getting this error "connected succesfully
Notice: Undefined variable: sql in C:\xampp\htdocs\Syokimaufc\addplayer.php on line 35
Error: Query was empty" How can i solve this?
HTML form
<p> id: <input type="text" name="playerid"/></p>
<p> Name: <input type="text" name="name"/></p>
<p> Age: <input type="text" name="age"/></p>
<p> Position: <input type="text" name="position"/></p>
<p> Nationality: <input type="text" name="nationality"/></p>
<p> Photo: <input type="file" name="image"/></p>
<input type="submit" value="submit"/>
<form/>
php script
<?php
require 'connection.php';
$id = filter_input(INPUT_POST, 'playerid');
$name = filter_input(INPUT_POST, 'name');
$age = filter_input(INPUT_POST, 'age');
$position = filter_input(INPUT_POST, 'position');
$nationality = filter_input(INPUT_POST, 'nationality');
$_id = mysql_real_escape_string( $id );
$_name = mysql_real_escape_string( $name );
$_age = mysql_real_escape_string( $age );
$_position = mysql_real_escape_string( $position );
$_nationality = mysql_real_escape_string( $nationality );
if (isset($_POST['submit']))
{
$imageName = mysql_real_escape_string($_FILES ["image"]["iname"]);
$imageData = mysql_real_escape(file_get_contents($_FILES["image"]["tmp_name"]));
$imageType = mysql_real_escape_string($_FILES["image"]["iname"]);
if (substr($imageType,0,5) == "image")
{
$sql = "INSERT INTO players ( playerid, name, age, position, nationality, iname, image ) VALUES ( '$_id', '$_name', '$_age', '$_position', '$_nationality', '$imageName', '$imageData' )";
}
else
{
echo "only images are allowed";
}
}
if (!mysql_query($sql)){
die('Error: ' . mysql_error());
}
in your form try adding an attribute:
<form enctype="multipart/form-data">
......
..
</form>
Have you tried it with the name property in the submit ?, it seems that is not going to "if"
<input type="submit" name="submit" value="submit"/>
just check following steps:
In html file, a form with image upload should be set with enctype="multipart/form-data"
e.g. <form enctype="multipart/form-data>
In PHP script
$_FILES["image"]["iname"] is wrong.
$_FILES["image"]["name"] should be the right one.
I have a php file (let's call it first) that stores names in a database. I now have a different php file with a html/php form (let's call it second). How can I make the form (second) input names into my database using my inital php (first) file?
Below is my php form:
<!DOCTYPE HTML>
<HTML>
<head>
<title>PHP FORM</title>
</head>
<body>
<h2>PHP FORM for Process Form</h2>
<form method="post" action="processForm.php">
Name: <input type="text" name="names" required = "required"><br>
<input type="submit" value="Create Users" onclick="formInputNames"><br>
<input type="checkbox" name="activate" value="Activate">Activate
</form>
</body>
</html>
Below is 'php first':
$nameList = 'Obi One, Not Naw, Lent Over, Foo Bar';
$newerName = 'Green Sauce';
$nameList = newUse($newerName,$nameList);
$email = '#email.org';
$fullnames = explode(" ",$nameList);
function newUse($nep, $nameList){
if($nep == empty($nameSplit[0]) && empty($nameSplit[1]) || empty($newName)){
return "$nameList, $nep";
}
return $nameList;
}
/*I open the database here*/
foreach ($fullnames as $fullname){
$nameSplit = explode(" ", $fullname);
if ($nameList == empty($nameSplit[0]) || empty($nameList)){
echo 'No First Name Here Or No Name At All';
echo '<br>';
echo '<br>';
} elseif ($nameList == empty($nameSplit[1])){
echo 'No Last Name Here';
echo '<br>';
echo '<br>';
} else{
$firstName = $nameSplit[0];
$lastName = $nameSplit[1];
$emailUser = $nameSplit[0].$email;
echo 'First Name: ' . $firstName;
echo '<br>';
echo 'Last Name: ' . $lastName;
echo '<br>';
echo 'Email Address: ' . $firstName . $email;
echo '<br>';
echo '<br>';
}
$queryString = "INSERT INTO `project`.`user`
(`id`, `firstName`, `lastName`, `email`, `activated`, `date_created`)
VALUES
(NULL, '$firstName', '$lastName', '$emailUser', '0', NOW())";
$result = mysqli_query($conn, $queryString)
or die (mysqli_error($conn));
}
I'm new to php and I'm really at a lost here. I'm pretty sure I need to use POST but I don't really understand how. Please help me out. Thank You.
Everything I have googled has not helped me and some of the similar questions on this site have not either. I need help.
You seem to have problem only with how to post the values, So your HTML file:
<form method="post" action="processForm.php">
First Name: <input type="text" name="firstname">
Second Name: <input type="text" name="lastname">
<input type="submit" value="Submit">
</form>
Your PHP file:
$firstName = $_POST['firstname'];
$lastName = $_POST['lastname'];
$name = $firstName ." ". $lastName;
//Code for adding the values to the database.
If you put your function at the top of your processForm.php above where it is called it could be
// I am assuming this comes from your database
$nameList = 'Obi One, Not Naw, Lent Over, Foo Bar';
$newerName = $_POST['names'];
$email = '#email.org';
function newUse($nep, $nameList){
$nameSplit = array();
$nameSplit = explode(" ", $nep);
if(!empty($nameSplit[0]) && !empty($nameSplit[1]){
return "$nameList, $nep";
}
return $nameList;
}
$nameList = newUse($newerName,$nameList);
// need to explode on comma into name pairs with spaces or there will be nothing to explode into $nameSplit later.
$fullnames = explode(',', $nameList);
It might be worth making two text boxes - one for firstname name="firstname" and one for second name name="secondname", then putting the two together as in
$newerName = $_POST['firstname'] . " " . $_POST['secondname'];
This would ensure that you would reduce the risk of people putting two spaces or something else unwanted separating their names that would make your explode(); fail.
$newerName = mysqli_real_escape_string($newerName);
Before you put it into the function will help eliminate some of the security problems but it is not infallible.
The HTML would be
<form method="post" action="processForm.php">
First Name: <input type="text" name="firstname" required /><br />
Second Name: <input type="text" name="secondname" required /><br />
<input type="submit" value="Create Users" /><br />
<input type="checkbox" name="activate" value="Activate" />Activate
</form>
You could give your checkbox a value of 1 and pick that up as $activate = intval($_POST['activate']); where the forcing to integer will have the effect of cleaning it up. You could then use that as a variable where you currently have '0' in your MySql.
Hello Im having an issue with the website I am creating for a project. Everytime I upload it to aws elastic beanstalk it works except when I use a form.
<form action="supply.php" method="POST">
Product Name: <input type="text" name="p_name"><br>
Order Qty: <input type="text" name="ord_qty"><br>
Name: <input type="text" name="user_name"><br>
Address: <input type="text" name="address"><br>
<input type="submit" name="submit" value="Submit"> <input type="reset">
</form>
this is my form and here is my supply.php where I get the 500 error
<html>
<body>
<h1>Thank you for your order. <? php echo $_POST["user_name"]; ?><br></h1>
<form action="order.php">
<input type="submit" value="Go to Orders">
</form>
<?php
$p_name = $_POST['p_name'];
$ord_qty = $_POST['ord_qty'];
$name = $_POST['user_name'];
$address = $_POST['address'];
$string = $p_name. "," . $ord_qty. "," . $name. "," . $address;
$file = "order.txt";
file_put_contents($file,$string . "/n", FILE_APPEND);
?>
</body>
</html>
Is there something wrong? I can't see any issues and its driving me crazy
<? php echo $_POST["user_name"]; ?>
You have a space in the first opening php tag
Try:
<?php echo $_POST["user_name"]; ?>
This was enough to break a simple test page I set up, let me know if you're still experiencing problems.
Hello everyone I'm studying php + html this semester and I got stuck on this code.
Everything works (list + delete from db) but adding for some reason won't add to the db even though it does validate the inputs and give the code number at the end of URL using the header function. Yes I did include the page that addProduct function at :)
here is the code if anyone can give me an advice or hint
PHP Code:
if ( $action == 'add_product' ) {
$code = $_POST['code'];
$name = $_POST['name'];
$version = $_POST['version'];
$releaseDate = $_POST['releaseDate'];
if (empty($code) || empty($name) || empty($version) || empty($releaseDate)) {
$error = "Please enter a valid and correct values.";
include('../errors/error.php');
exit();
} else {
addProduct($code, $name, $version, $releaseDate);
header("Location: .?code=$code");
}
}
here is the addProduct function
function addProduct($code, $name, $version, $releaseDate){
global $db;
$query = "INSERT INTO products
(productCode, name, version, releaseDate)
VALUES
('$code', '$name', '$version' '$releaseDate')";
$db->exec($query);
}
and this is the HTML Code
<form action="index.php" method="post">
<input type="hidden" name="action" value="add_product"/>
<label>Code:</label> <input type="input" name="code"/>
<br />
<label>Name:</label><input type="input" name="name"/>
<br />
<label>Version:</label><input type="input" name="version"/>
<br />
<label>Release Date:</label><input type="input" name="releaseDate"/> <label>Use 'yyyy-mm-dd' format</label>
<br />
<label> </label>
<input type="submit" name="submit" value="Add Product" />
<br /> <br />
</form>
Thanks :)
Is it just me or you are missing a comma here in your function?
VALUES ('$code', '$name', '$version' '$releaseDate')";
You may use mysql_query($query); instead of $db->exec($query);
I need help. What seems to be the problem with our php codes? We can't seem to insert our data into our database. I'm just a beginner and I'm tasked to store multiple data into multiple arrays into our database. What we're actually doing is to enter a number (ex: 5) and 5 forms should show within that page. each form would consist of name address and tel phone number. after that we submit it to our database. We have already controlled hot many forms to show but we weren't able to store the data inserted. Can anyone help us please? Thank you.
form.php
<form method="POST" action="form.php">
<input type="text" name="waw" />
<input type="submit" />
<?php
$i=0;
while ($i<$_POST['waw'])
{
?>
</form>
<form method="POST" action="input.php">
<!-- Person #1 -->
<input type="text" name="username[]" />
<input type="text" name="phonenum[]" />
<input type="text" name="add[]" />
<?php
$i++;
}
?>
<input type="submit" />
</form>
input.php
<?php
$username="maizakath";
$password="12345";
$database="tryinsert";
mysql_connect(localhost,$username,$password);
#mysql_select_db($database) or die("<b>Unable to specified database</b>");
$sql_start = 'INSERT INTO `mytable` VALUES ';
$sql_array = array();
$queue_num = $_POST['waw'];
foreach ($_POST['username'] as $row=>$name)
{
$username = $name;
$phonenum = $_POST['phonenum'][$row];
$add = $_POST['add'][$row];
$sql_array[] = '(' . $username . ', ' . $phonenum . ', ' . $add . ')';
if (count($sql_array) >= $queue_num)
{
mysql_query($sql_start . implode(', ', $sql_array));
$sql_array = array();
}
}
if (count($sql_array) > 0)
{
mysql_query($sql_start . implode(', ', $sql_array))or die(mysql_error());
}
?>
I've modified your code to make it work:
form.php
<form method="POST" action="form.php">
<input type="text" name="waw" />
<input type="submit" />
</form>
<form method="POST" action="input.php">
<?php
$i=0;
while ($i<$_GET['waw'])
{
?>
<!-- Person #1 -->
<input type="text" name="username[]" />
<input type="text" name="phonenum[]" />
<input type="text" name="add[]" /><br />
<?php
$i++;
}
?>
<input type="submit" />
</form>
input.php
<?php
$username="maizakath";
$password="12345";
$database="tryinsert";
mysql_connect('localhost',$username,$password);
#mysql_select_db($database) or die("<b>Unable to specified database</b>");
$sql_start = 'INSERT INTO `mytable` VALUES ';
$sql_array = array();
$queue_num = $_POST['waw'];
foreach ($_POST['username'] as $row=>$name)
{
$username = $name;
$phonenum = $_POST['phonenum'][$row];
$add = $_POST['add'][$row];
$sql_array[] = '("' . $username . '", "'.$phonenum.'", "'.$add.'")';
if (count($sql_array) >= $queue_num) {
$query_single=$sql_start . implode(', ', $sql_array);
mysql_query($query_single);
$sql_array = array();
}
}
if (count($sql_array) > 0) {
$query = $sql_start . implode(', ', $sql_array);
mysql_query($query)or die(mysql_error());
}
?>
It works fine. I've just tested it on my local machine.
EDIT(Comments):
Usage of variable $queue_num in input.php is senseless, because this variable is available only in form.php script('wow' input placed in another form, which is submitted to file form.php, not input.php). So if (count($sql_array) >= $queue_num) block works wrong;
Check your config settings for the database connection(as I've wrote in comment, you have to define constant with name 'localhost' or enclose word localhost with quotes);
I've modified your form, because it had wrong structure;
I didn't understand the objective of creating first form in form.php.
You can modify this code to make it more appropriate for your case. But firsat of all try to use this one.
Note. Use var_dump() function to see your $_POST array during debugging to understand, what variables are available.
I Had tried its work fine but when inserting into database it will insert null value also if user did'nt filled up the whole field.
I have stored two arrays in one table at the same time. Hope this will help you.
<?php
$i = 0;
foreach($element_name as $element_names){
$element_value = $_POST['element_value'];
$element_names_insert = mysql_query("insert into wp_remote_fields
set
remote_fields = '".$element_names."',
remote_values = '".$element_value[$i]."'
");
$i++;
}
?>