Search bar not working correctly [duplicate] - php

Hello when i am searching a product from its keywords that i inserted in MYSQL all the products are appearing please help me this is the code of the search
i corrected as in the comments but it is till not working
This is my whole results page
<!DOCTYPE html>
<?php
include ("functions/functions.php");
?>
<html>
<head>
<title>eRiviera</title>
<meta charset='utf-8'>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="styles/style.css" media="all"/>
<script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"></script>
<script src="js/menubarscript.js"></script>
</head>
<body>
<div class="main_wrapper">
<ul class="btn-circles">
<li>Login<span class="round">That is, if you already have an account.</span></li>
<li>Sign Up<span class="round">But only if you really, really want to.</span></li>
</ul>
<!--Header starts here-->
<div class="header_wrapper">
<!--Logo-->
<img id="logo" src="http://localhost/ecommerce/images/logo.png" width="500px" height="300px" alt="Logo" />
<!--Logo-->
</div>
<!--Header ends here-->
<!--Menu bar starts here-->
<div id='cssmenu'>
<ul>
<li class='active'><a href='index.php'>Home</a></li>
<li><a href='#'>Products</a></li>
<li><a href='#'>About</a></li>
<li><a href='#'>Contact</a></li>
<p style="float:right; margin-right:140px; margin-top:21px; color:red;">Welcome Guest!</p>
<li><a id="shopping_cart" style="margin:14px 0 0 0;left:750px; color:blue; font-size:12px;" href="cart.php">Shopping Cart</a></li>
</ul>
</div>
<form class="form-wrapper cf">
<input type="text" name="user_query" placeholder="Search here..." required>
<form method="get" action="results.php" enctype="multipart/form-data">
<button type="submit" name="search" value="Search">Search</button>
</form>
<ul id="cats">
<?php getCats(); ?>
</ul>
<!--Menu bar ends here-->
<!--Content wrapper starts here-->
<div class="content_wrapper">
<div id="content_area">
<div id="products_box">
<?php
if(isset$_GET['search'])) {
$search_query = $_GET['user_query'];
$get_pro = "select * from products where product_keywords like '%$search_query%'";
$run_pro = mysqli_query($con, $get_pro);
while($row_pro = mysqli_fetch_array($run_pro)) {
$pro_id = $row_pro['product_id'];
$pro_cat = $row_pro['product_cat'];
$pro_brand = $row_pro['product_brand'];
$pro_title = $row_pro ['product_title'] ;
$pro_price = $row_pro['product_price'];
$pro_image = $row_pro['product_image'];
echo "
<div id='single_product'>
<h3 id='product_title'>$pro_title</h3>
<img src='admin_area/product_images/$pro_image' width='180' height='200' />
<p><b> $ $pro_price <b></p>
<a id='details-button' href='details.php?pro_id=$pro_id'>Details</a>
<a href='index.php?pro_id=$pro_id'><button class='button'>Add to Cart</button></a>
</div>
";
}
}
?>
?>
</div>
</div>
</div>
<!--Content wrapper ends here-->
<div id="footer">
<h5 style="text-align:center; padding-top:30px;">©2014 eRiviera All Rights Reserved</h5>
</div>
<!--Main wrapper ends here-->
</body>
</html>


Your form is not properly structured - the "user_query" field is outside of the form so $_GET['user_query'] would never be set. Try changing this:
<form class="form-wrapper cf">
<input type="text" name="user_query" placeholder="Search here..." required>
<form method="get" action="results.php" enctype="multipart/form-data">
<button type="submit" name="search" value="Search">Search</button>
</form>
To something like this:
<div class="form-wrapper cf">
<form method="get" action="results.php" enctype="multipart/form-data">
<input type="text" name="user_query" placeholder="Search here..." required>
<button type="submit" name="search" value="Search">Search</button>
</form>
</div>
Also, as several others have noted, this is susceptible to SQL injection. This post discusses a scenario very similar to yours: How can I prevent SQL injection in PHP?
I strongly suggest you run your generated code through a validation service in order to catch errors in your html. Be sure to use the generated html (copy from "view source" in browser), not just the code from your php file because the validator won't understand the PHP. The WWW Consortium has a good tool: http://validator.w3.org/#validate_by_input

Related

PDO I can't get the title to show in the select tag from a query made in php

I'm trying to get the select tag to show the titles of the posts that are in the DB so i can select them individually and up date them instead of updating all the titles with the same name.
So my problem is that i can't get it to work and maybe someone may be able to help me.
This is what i mean->https://imgur.com/a/ie1g4hF
if you want the full version you can get it from my github:
https://github.com/TwistedZebra/blog
That version up there does not contain the select tags but uses a text box to delete the post that is named but with a disadvantage of deleten every post named the same.
<?php
require 'config.php';
if (isset($_POST['submit'])) {
$updatetitle = $_POST['updatetitle'];
$title = $_POST['title'];
$content = $_POST['content'];
if (empty($title) || empty($content)) {
header('Location: update.php?=error');
exit();
} else {
$updatedcontent = $connection->prepare('UPDATE posts SET title = :title , content = :content WHERE title = :updatetitle');
$updatedcontent->execute(['title' => $title, 'content'=> $content, 'updatetitle' => $updatetitle]);
header('Location: update.php?=success');
}
}
?>
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css" integrity="sha384-WskhaSGFgHYWDcbwN70/dfYBj47jz9qbsMId/iRN3ewGhXQFZCSftd1LZCfmhktB" crossorigin="anonymous">
<link rel="stylesheet" type="text/css" href="public/css/main.css">
<title>Control panel</title>
</head>
<body>
<div class="navbar navbar-expand-lg navbar-dark bg-dark">
<div class="navbar-brand ">
<h2>BloggerWorld</h2>
</div>
<ul class="nav">
<li class="nav-item">
<a class="nav-link" href="public/index.php">Home</a>
</li>
<li class="nav-item">
<a class="nav-link" href="public/posts.php">Posts</a>
</li>
<li class="nav-item">
<a class="nav-link" href="adminpanel.php">Admin Panel</a>
</li>
</ul>
</div>
<br><br><br><br><br><br><br>
<div class="container-fluid">
<div class="container">
<h1>Update post</h1>
<form method="post" action="update.php" >
<select name="delTitle" class="form-control">
<?php foreach ($updatedcontent as $update) { ?>
<option><?php echo $post['title']; ?></option>;
<?php } ?>
</select>
<br>
<input type="text" name="title" class="form-control" placeholder="New title" >
<br>
<textarea name="content" rows="5" cols="60" class="form-control" placeholder="Enter post"></textarea>
<br>
<br>
<button type="submit" name="submit" class="btn btn-success">Update post</button>
</form>
</div>
</div>
<script>
document.write('<script src="http://' + (location.host || 'localhost').split(':')[0] +
':35729/livereload.js?snipver=1"></' + 'script>')
</script> enter code here
</body>
</html>

Part of html file inside php file doesnt appear when executing the code in localhost

I'm creating a regitration page which includes php,html and css in bootstrap.Here is my php file.
<?php include "header.php"; ?>
<html>
<head></head>
<body>
<!--content-->
<div class=" container">
<div class=" register">
<h1>Register</h1>
<?php if(isset($_GET[ 'error'])) { echo '<font color="red">'.$_GET[ 'error']. '</font>'; echo '<br><br>'; } if(isset($_GET[ 'ok'])) { echo '<font color="blue">You are successfully Registered..</font>'; echo '<br><br>'; } ?>
<form action="process_register1.php" method="POST">
</div>
<div class="col-md-6 register-bottom-grid">
<h3>Personal infomation</h3>
<div>
<span>Full Name</span>
<input type="text" size="30" maxlength="30" name='fnm'>
</div>
<div>
<span>Username</span>
<input type="text" size="30" maxlength="30" name='unm'>
</div>
<div>
<span>Password</span>
<input type='password' name='pwd' size="30">
</div>
<div>
<span> Confirm password</span>
<input type='password' name='cpwd' size="30">
</div>
<div>
<span> Gender</span>
<input type="radio" value="Female" name="gender" id='f'>Female
<input type="radio" value="Male" name="gender" id='m'>Male
</div>
<div>
<span>E-mail address</span>
<input type='mail' name='mail' size="30">
</div>
<div>
<span> No contact</span>
<input type="text" name='contact' size="30">
</div>
<div>
<span> City</span>
<select style="width: 195px;" name="city">
<option>Tirana</option>
<option>Korca</option>
<option>Vlora</option>
<option>Kavaja</option>
</select>
</div>
<input type="submit" value="submit">
</div>
<div class="clearfix"></div>
</form>
</div>
</div>
</body>
</html>
Here is my header.php file:
<?php session_start(); require( 'config.php'); ?>
<!DOCTYPE html>
<html>
<head>
<title>Online Shopping</title>
<link href="css/bootstrap.css" rel="stylesheet" type="text/css" media="all" />
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="js/jquery.min.js"></script>
<!-- Custom Theme files -->
<!--theme-style-->
<link href="css/style.css" rel="stylesheet" type="text/css" media="all" />
<!--//theme-style-->
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="keywords" content="New Store Responsive web template, Bootstrap Web Templates, Flat Web Templates, Andriod Compatible web template,
Smartphone Compatible web template, free webdesigns for Nokia, Samsung, LG, SonyErricsson, Motorola web design" />
<script type="application/x-javascript">
addEventListener("load", function() {
setTimeout(hideURLbar, 0);
}, false);
function hideURLbar() {
window.scrollTo(0, 1);
}
</script>
<!--fonts-->
<link href='http://fonts.googleapis.com/css?family=Lato:100,300,400,700,900' rel='stylesheet' type='text/css'>
<link href='http://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900' rel='stylesheet' type='text/css'>
<!--//fonts-->
<!-- start menu -->
<link href="css/memenu.css" rel="stylesheet" type="text/css" media="all" />
<script type="text/javascript" src="js/memenu.js"></script>
<script>
$(document).ready(function() {
$(".memenu").memenu();
});
</script>
<script src="js/simpleCart.min.js">
</script>
</head>
<body>
<!--header-->
<div class="header">
<div class="header-top">
<div class="container">
<div class="search">
<form>
<input type="text" value="Search " onfocus="this.value = '';" onblur="if (this.value == '') {this.value = 'Search';}">
<input type="submit" value="Go">
</form>
</div>
<div class="header-left">
<?php if(isset($_SESSION[ 'status'])) { echo '<ul><li>Logout</li></ul>'; } else { echo '<ul>
<li ><a href="login1.php" >Login</a></li>
<li><a href="register.php" >Register</a></li>
</ul>'; } ?>
<div class="cart box_1">
<a href="checkout.html">
<h3> <div class="total">
<span class="simpleCart_total"></span> (<span id="simpleCart_quantity" class="simpleCart_quantity"></span> items)</div>
<img src="images/cart.png" alt=""/></h3>
</a>
<p>Empty Cart
</p>
</div>
<div class="clearfix"></div>
</div>
<div class="clearfix"></div>
</div>
</div>
<div class="container">
<div class="head-top">
<div class="logo">
<a href="index.html">
<img src="images/logo.png" alt="">
</a>
</div>
<div>
<h1 class="title">Welcome
<?php
if(isset($_SESSION['status']))
{
echo $_SESSION['unm'];
}
else
{
echo 'Book Store';
}
?>
</div>
<div class=" h_menu4">
<ul class="memenu skyblue">
<li class="active grid"><a class="color8" href="index1.php">Home</a></li>
<li><a class="color1" href="#">Categories</a>
<div class="mepanel">
<div class="row">
<?php
$query="select * from category ";
$res=mysqli_query($conn,$query);
while($row=mysqli_fetch_assoc($res))
{
echo' <div class="col1">
<div class="h_nav">
<ul>';
echo '<li>
<a href="subcat.php?cat='.$row['cat_id'].'&catnm='.$row["cat_nm"].'">'.$row["cat_nm"].'
</a>
</li>';
}
echo' </ul>
</div>
</div>';
mysqli_close($conn);
?>
<li><a class="color6" href="contact.html">Contact Us</a></li>
</ul>
</div>
<div class="clearfix"> </div>
</div>
</div>
</div>
The problem is when I try to open the files from localhost only the header of the page appears so this is the result:
How is it possible that the form doesnt appear?

I assume, that your header.php begins a proper html page with doctype, <html> etc... but after
<?php include "header.php"; ?>
you start your html file again:
<html>
<head></head>
<body>
Make sure your markup is valid!

So it looks like your header file isn't a header, it's a complete HTML document. It opens the document (<html>) and then closes it (</html>). So it makes sense that any HTML you put after including the header won't get rendered - the browser will render the header and assume the document is complete.
Instead you header file should end where the markup for the header ends. Usually this is the opening tag for the container of your content.
Then when you include the header file, it will contain all the markup up to where your content begins, and in your form's file you can put the code for the form and it'll get rendered next.
In your case, try removing the </body> and </html> tags from the header file. That will likely work, though your markup will likely need to be updated to make the design coherent. Also, since those are being created by your header, remove the <html>, <head></head>, and <body> tags from your form's file.
You can also create a footer file that you can include after your form content, and it will close the container and the body and html tags.
Edit
May have scrolled to the end of the first code block when I saw the </body></html>, so you can probably disregard the advice to remove them from the header file - they appear to be there only in my imagination. Removing the opening <html>, <body>, and <head> tags from the from file should do the trick however.

Delete and update row using edit and delete image in php

This is my branch.php page and I want to delete and update row when the user click on the edit and delete image in php and directly the row should be deleted or updated in the table.But It is not working neither row is getting updated or deleted.
<?php
$a1=mysql_connect('localhost','root1','oec#123');
$b1=mysql_select_db('rms',$a1);
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>branch</title>
<link href="styles/branch.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="wrapper">
<header id="top">
<h1>Reporter Management System</h1>
<nav id="mainnav">
<ul>
<li>Home</li>
<li>Branch</li>
<li>Branch Admin</li>
<li>Reporters</li>
<li>Accountant</li>
<li>Settings</li>
<li>Log out</li>
</ul>
</nav>
</header>
<div id="hero">
<img src="News2.jpg" width="1000" height="320" alt=""/> </div>
<form role="form" action ="searchbranch.php" method="post">
<p><label for="Search">Search Branch :</label>
<input class="textbox" type="Search" placeholder="Name" name="Search">
<input type="submit" class="classname" value="Search" >
</form>
<form role= "form" action="createbranch.php" method="post">
<input type="submit" class="classname" value="Add Branch" onClick="href 'createbranch.php' " ></p>
</form>
<section class="page container">
<div>
<div class="span12">
<div class="box pattern ">
<div class="box-header">
<i class="icon-list"></i>
</div>
<table id="sample-table" class="table table-hover table-bordered tablesorter">
<thead>
<tr>
<th>Sl no</th>
<th>Branch</th>
<th>Description</th>
<th>Action</th>
</tr>
<?php
$w='SELECT Sl_no, branch, description from create_branch;';
$recordset=mysql_query($w,$a1) or die(mysql_error());
$totalrows=mysql_num_rows($recordset);
$row_recordset=mysql_fetch_assoc($recordset);
if($totalrows>0)
{
do
{
$r=$row_recordset['Sl_no'];
$d=$row_recordset['branch'];
$d1=$row_recordset['description'];
?>
</thead>
<tbody id='tb-content'>
<tr>
<td><?php echo $r ;?></td>
<td><?php echo $d ;?></td>
<td><?php echo $d1 ;?></td>
<td> <?php echo '
<a href="edit_branch.php?no='.$row_recordset['Sl_no'].'">'?>
<img src="pencil.png" />
<?php '</a>';? > | <?php echo'
<a href="branch_delete.php?no1='.$row_recordset['branch'].'">'?>
<img src="cross.png" /> <?php '</a>';?>
</td>
</tr>
<?php
}while($row_recordset=mysql_fetch_assoc($recordset));
}
mysql_free_result($recordset);
mysql_close($a1);
?>
</tbody>
</table>
</div>
</div>
</div>
</section>
</body>
<footer>
<p> </p><hr>
<center>©Copyright 2015 RepoterManagnmentSystem
</center>
</footer>
</div>
</body>
</html>
This is branch_delete.php
<?php
$cn=mysql_connect('localhost','root1',"oec#123");
$db_selected=mysql_select_db('rms',$cn);
$bn=$_REQUEST['no1'];
$sql='DELETE au.Sl_no,au.name,au.company_name,au.email_id,au.password,au.confirm_password,au.group,au.branch,au.phone,au.wordcount,au.rating,cb.Sl_no,cb.branch,cb.description from admin_user au,create_branch cb where cb.branch="'.$bn.'" AND au.branch=cb.branch ;';
$s1=mysql_query($sql,$cn);
mysql_close($cn);
header('Location: branch.php');
?>
This is update_branch.php
<?php
$a1=mysql_connect('localhost','root1','oec#123');
$b1=mysql_select_db('rms',$a1);
$bn=$_REQUEST['bname'];
$sn=$_REQUEST['Sl_no'];
$d=$_REQUEST['descp'];
$w= 'SELECT branch,description FROM create_branch;';
$recordset=mysql_query($w,$a1) or die(mysql_error());
$totalrows=mysql_num_rows($recordset);
$row_recordset=mysql_fetch_assoc($recordset);
if($totalrows>0)
{
do
{
$r=$row_recordset['branch'];
$s=$row_recordset['description'];
if($bn==$r and $d==$s)
{
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
<link href="styles/createbranch.css" rel="stylesheet" type="text/css">
</head>
<body>
<div id="wrapper">
<header id="top">
<h1>Reporter Management System</h1>
<nav id="mainnav">
<ul>
<li>Home</li>
<li>Branch</li>
<li>Branch Admin</li>
<li>Reporters</li>
<li>Accountant</li>
<li>Settings</li>
<li>Log out</li>
</ul>
</nav>
</header>
<div id="hero">
<img src="News2.jpg" width="1000" height="320" alt=""/>
</div>
<form method="post" action="edit_branch.php">
<article id="main">
<?php echo '<h2>branch already exists</h2>' ; ?>
<h2>Create Branch</h2><hr>
<p><label for="branch name">Branch Name:</label><br><br>
<input class="textbox" type="text" placeholder=" <?php echo $bn ;?>" name="bname"></p><br>
<p><label for="Description">Description:</label><br><br>
<input class="textbox" type="text" placeholder="<?php echo $d ;?>" name="descp"></p><br>
<input type="submit" class="classname" value="Update Branch" ></p> <br>
</article>
</form>
<footer>
<p> </p><hr>
<center> © Copyright 2015 ReporterManagementSystem</center> </footer>
</div>
</body>
</html>
<?php
exit(0);
}
}
while($row_recordset=mysql_fetch_assoc($recordset));
$w1='UPDATE create_branch set branch="'.$bn.'" and description="'.$d.'" where Sl_no="'.$sn.'";';
$x=mysql_query($w1,$a1) or die(mysql_error());
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Untitled Document</title>
</head>
<body>
<div id="wrapper">
<header id="top">
<h1>Reporter Management System</h1>
<nav id="mainnav">
<ul>
<li>Home</li>
<li>Reporters</li>
<li>News Content</li>
<li>Add user</li>
<li>Log Out</li>
</ul>
</nav>
</header>
<img src="News2.jpg" width="1000" height="320" alt=""/>
<?php
echo "<br>";
if($x=="true")
{
header('Location: branch.php');
}
else
{
echo "fail to update branch";
}
echo"<br>";
}
mysql_free_result($recordset);
mysql_close($a1);
?>

The sql query incorrectly built.
To update an SQL query should look like this
UPDATE table_name SET
column1=value1,column2=value2,...
WHERE some_column=some_value;
Your update:
UPDATE create_branch SET
branch="'.$bn.'" ,
description="'.$d.'"
WHERE Sl_no="'.$sn.'"
Sql query - delete:
DELETE FROM table_name
WHERE some_column=some_value;
Your delete:
DELETE FROM create_branch
WHERE cb.branch="'.$bn.'"
Read MySQL documentation about FOREIGN KEY Constraints.
In the case of two tables joined the foreign key, delete or modify a record in the first result will be an appropriate operation on record in the second table.
Example:
MySQL Foreign Key On Delete

Is it possible to get 'Session User" to display

Hi there I'm trying to get a user who comments and is logged in to their account for their 'Login Name' to display when they comment currenlty when a user wants to comment it asks for their name and their comment. Is it possible to display their name getting it from the session to display it? Thanks!
http://puu.sh/cByNU/697e58cdf6.jpg http://puu.sh/cByNU/697e58cdf6.jpg
On the image I'm logged in as 'Testing' is it possible to remove the field 'Name' and when they post a comment it will get their name where the search box is (testing).
Thanks!
My CODE:
<?php
session_start();
include "../includes/config.php";
include "function.php";
include ('../includes/header.php');
?>
<!DOCTYPE HTML>
<html>
<head>
<title>Honda</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href='http://fonts.googleapis.com/css?family=Julius+Sans+One' rel='stylesheet' type='text/css'>
<link href="../css/style.css" rel="stylesheet" type="text/css" media="all" />
<!--start lightbox -->
<link rel="stylesheet" type="text/css" href="../css/jquery.lightbox.css">
<script src="../js/jquery.min.js"></script>
<script src="../js/jquery.lightbox.js"></script>
<script>
// Initiate Lightbox
$(function() {
$('.gallery1 a').lightbox();
});
</script>
</head>
<body>
<!--start header-->
<div class="h_bg">
<div class="wrap">
<div class="wrapper">
<div class="header">
<div class="logo">
<img src="../images/logo.png">
</div>
<div class="cssmenu">
<ul>
<li><span>Home</span></li>
<li><span>About</span></li>
<li class="active" class="has-sub"><span>Gallery</span>
</li>
<li class="last"><span>Contact</span></li>
<div class="clear"></div>
<form action="search.php" method="GET">
<div class="search">
<h2>search</h2>
<form>
<input type="text" name="query" placeholder="Enter Your search..." />
<input type="submit" value="">
</form>
</div>
</form>
<div class="search1">
<form action="" method="POST">
<br>
<h2>Welcome, <?=$_SESSION['sess_user'];?>!</h2><br><br>
<div class="pw">
<h3>Change details</h3>
</div>
<br><br>
<h2>Logout</h2>
</form>
</div>
</div>
</ul>
</div>
<div class="clear"></div>
</div>
</div>
</div>
</div>
<!-- start content -->
<div class="content_bg">
<div class="wrap">
<div class="wrapper">
<div class="main">
<div class="ser-main">
<h2 class="style">Gallery of honda</h2>
<div class="ser-grid-list img_style">
<div class="gallery1">
<img src="../images/ser_pic1.jpg" alt="">
</div>
</div>
<div class="ser-grid-list img_style">
<div class="gallery1">
<img src="../images/ser_pic2.jpg" alt="">
</div>
</div>
<div class="ser-grid-list img_style">
<div class="gallery1">
<img src="../images/ser_pic3.jpg" alt="">
</div>
</div>
<div class="ser-grid-list img_style">
<div class="gallery1">
<img src="../images/ser_pic4.jpg" alt="">
</div>
</div>
<div class="clear"></div>
</div>
</div>
</div>
</div>
<div class="footer_bg">
<div class="wrap">
<div class="wrapper">
<div class="footer">
<div class="search69">
<?php
if(isset($_POST['submit'])
&& !empty($_POST['name'])
&& !empty($_POST['comment']) ){
$name=$_POST['name'];
$comment=$_POST['comment'];
$submit=$_POST['submit'];
$insert=mysql_query("INSERT INTO comment (name,comment) VALUES ('$name','$comment') ");
echo "<meta HTTP-EQUIV='REFRESH' content='0; url=service.php'>";
}
else
{
echo "";
}
?>
<form class="comments" action="service.php" method="POST">
<h2>Name: </h2><br><input type="text" name="name" required/><br><br>
<h2>Comment:</h2><textarea name="comment" rows="10" cols="50" required></textarea><br><br><br>
<input type="submit" name="submit" value="Comment">
</form>
<?php
$getquery=mysql_query("SELECT * FROM comment ORDER BY id DESC");
while($rows=mysql_fetch_assoc($getquery))
{
$id=$rows['id'];
$date=$rows['date'];
$name=$rows['name'];
$comment=$rows['comment'];
echo '<h2><hr size="1"/><br><font color="green">' . $name . '</font><h2><br/>' . '<br/>' . $comment . '<br/><br><font color="red">' . $date. '</font><br/>' . '<hr size="1"/>'
;}
?>
</div>
<div class="copy">
<p class="w3-link">2014 </p>
Privacy & Policy
</div>
<div class="f_nav">
<ul>
<li>Skype</li>
<li>Linked in</li>
<li>Twitter</li>
<li>Facebook</li>
</ul>
</div>
<div class="clear"></div>
</div>
</div>
</div>
</div>
</body>
</html>
(ALL MY CODE ON THAT PAGE)

UPDATE:
The guys here will kill me, because now i am just edited your code, and not rewrite to mysqli or PDO, but as i saw, you stuck, so i've just updated, bacause i do not want to confuse with that too. I do some modifications, check my comments about that. (Moved the block of insertion to the top of file, add an error message, remove unnecesarry variables, rename the rows variable to row, etc...)
<?php
session_start();
include "../includes/config.php";
include "function.php";
include ('../includes/header.php');
//Set an empty errorMsg because later we will check it.
$errorMsg = '';
//If everything is set, or the SESSION["sess_user"] not empty.
//I moved this whole thing here, because if there are no output, we can
//redirect user from PHP, and do not need to use META REFREHS...
if (isset($_POST['submit']) && !empty($_POST['comment']) && (!empty($_POST["name"]) || !empty($_SESSION["sess_user"]))) {
if (!empty($_SESSION["sess_user"])) {
$name = $_SESSION["sess_user"];
} else {
$name = $_POST["name"];
}
//$comment = $_POST['comment']; //Use $_POST["comment"] directly
//$submit = $_POST['submit']; //Do not use it anywhere
$insert = mysql_query("INSERT INTO comment (name,comment) VALUES ('" . mysql_real_escape_string($name) . "','" . mysql_real_escape_string($_POST["comment"]) . "')");
Header("Location: service.php");
} else {
$errorMsg = "You need to fill all the fields.";
}
?>
<!DOCTYPE HTML>
<html>
<head>
<title>Honda</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<link href='http://fonts.googleapis.com/css?family=Julius+Sans+One' rel='stylesheet' type='text/css'>
<link href="../css/style.css" rel="stylesheet" type="text/css" media="all" />
<!--start lightbox -->
<link rel="stylesheet" type="text/css" href="../css/jquery.lightbox.css">
<script src="../js/jquery.min.js"></script>
<script src="../js/jquery.lightbox.js"></script>
<script>
// Initiate Lightbox
$(function() {
$('.gallery1 a').lightbox();
});
</script>
</head>
<body>
<!--start header-->
<div class="h_bg">
<div class="wrap">
<div class="wrapper">
<div class="header">
<div class="logo">
<img src="../images/logo.png">
</div>
<div class="cssmenu">
<ul>
<li><span>Home</span></li>
<li><span>About</span></li>
<li class="active" class="has-sub"><span>Gallery</span>
</li>
<li class="last"><span>Contact</span></li>
<div class="clear"></div>
<form action="search.php" method="GET">
<div class="search">
<h2>search</h2>
<form>
<input type="text" name="query" placeholder="Enter Your search..." />
<input type="submit" value="">
</form>
</div>
</form>
<div class="search1">
<form action="" method="POST">
<br>
<h2>Welcome, <?= $_SESSION['sess_user']; ?>!</h2><br><br>
<div class="pw">
<h3>Change details</h3>
</div>
<br><br>
<h2>Logout</h2>
</form>
</div>
</div>
</ul>
</div>
<div class="clear"></div>
</div>
</div>
</div>
</div>
<!-- start content -->
<div class="content_bg">
<div class="wrap">
<div class="wrapper">
<div class="main">
<div class="ser-main">
<h2 class="style">Gallery of honda</h2>
<div class="ser-grid-list img_style">
<div class="gallery1">
<img src="../images/ser_pic1.jpg" alt="">
</div>
</div>
<div class="ser-grid-list img_style">
<div class="gallery1">
<img src="../images/ser_pic2.jpg" alt="">
</div>
</div>
<div class="ser-grid-list img_style">
<div class="gallery1">
<img src="../images/ser_pic3.jpg" alt="">
</div>
</div>
<div class="ser-grid-list img_style">
<div class="gallery1">
<img src="../images/ser_pic4.jpg" alt="">
</div>
</div>
<div class="clear"></div>
</div>
</div>
</div>
</div>
<div class="footer_bg">
<div class="wrap">
<div class="wrapper">
<div class="footer">
<div class="search69">
<?php
//Added here the errorMsg
if (!empty($errorMsg)) {
?>
<div class="error"><?php echo $errorMsg; ?></div>
<?php
}
?>
<form class="comments" action="service.php" method="POST">
<?php
if (!empty($_SESSION['sess_user'])) {
//If user logged in, use the name of it
?>
<h2>Name: </h2><br><?php echo $_SESSION['sess_user']; ?>
<br><br>
<?php
} else {
//Else, ask it
?>
<h2>Name: </h2><br><input type="text" name="name" required/><br><br>
<?php
}
?>
<h2>Comment:</h2><textarea name="comment" rows="10" cols="50" required></textarea><br><br><br>
<input type="submit" name="submit" value="Comment">
</form>
<?php
$getquery = mysql_query("SELECT * FROM comment ORDER BY id DESC");
//This is one row, not rows
while ($row = mysql_fetch_assoc($getquery)) {
/*
* These are not necessary
$id = $rows['id'];
$date = $rows['date'];
$name = $rows['name'];
$comment = $rows['comment'];
*/
echo '<h2><hr size="1"/><br><font color="green">' . $row['name'] . '</font><h2><br/>' . '<br/>' . $row['comment'] . '<br/><br><font color="red">' . $row['date'] . '</font><br/>' . '<hr size="1"/>'
;
}
?>
</div>
<div class="copy">
<p class="w3-link">2014 </p>
Privacy & Policy
</div>
<div class="f_nav">
<ul>
<li>Skype</li>
<li>Linked in</li>
<li>Twitter</li>
<li>Facebook</li>
</ul>
</div>
<div class="clear"></div>
</div>
</div>
</div>
</div>
</body>
</html>
NOTE: Do not use mysql functions since they are deprecated. use mysqli or PDO functions instead.
Acoid for sql injections, so escape your data!

If i got it well, you want the form to automatically gets the name of a logged user. You should:
<?php $username = isset($_SESSION['sess_user']) ? $_SESSION['sess_user'] : "";?>
To store the username or "" into $username, depending on whether user is authentified or not. Then in your input line within the form:
<h2>Name: </h2><br><input type="text" name="name" value="<?php echo $username; ?>" required/><br><br>

PHP using sqlite3 with forms

I am new to php and sqlite and wanted to make a form that inserts everything there into the database.
This is my contact.html
<!DOCTYPE html>
<html lang="en">
<head>
<title>G6 Mall | Contact</title>
<meta charset="utf-8">
<link rel="stylesheet" href="css/reset.css" type="text/css" media="all">
<link rel="stylesheet" href="css/layout.css" type="text/css" media="all">
<link rel="stylesheet" href="css/style.css" type="text/css" media="all">
<script type="text/javascript" src="js/jquery-1.5.2.js" ></script>
<script type="text/javascript" src="js/cufon-yui.js"></script>
<script type="text/javascript" src="js/cufon-replace.js"></script>
<script type="text/javascript" src="js/Terminal_Dosis_300.font.js"></script>
<script type="text/javascript" src="js/atooltip.jquery.js"></script>
<script type="text/javascript" src="js/script.js"></script>
<!--[if lt IE 9]>
<script type="text/javascript" src="js/html5.js"></script>
<style type="text/css">.bg {behavior:url("js/PIE.htc")}</style>
<![endif]-->
</head>
<body id="page6">
<div class="body1">
<div class="body2">
<div class="body3">
<div class="main">
<!-- header -->
<header>
<div class="wrapper">
<h1></h1>
<form id="search" action="#" method="post">
<div>
<input type="submit" class="submit" value="">
<input class="input" type="text" value="Site Search" onBlur="if(this.value=='') this.value='Site Search'" onFocus="if(this.value =='Site Search' ) this.value=''">
</div>
</form>
<nav>
<ul id="menu">
<li>Home</li>
<li>About</li>
<li>Services</li>
<li>Directory</li>
<li>News</li>
<li id="active" class="end">Contact</li>
</ul>
</nav>
</div>
</header>
<!-- / header-->
<!-- content -->
<section id="content">
<div class="wrapper">
<h2>General Enquiry Form</h2>
<form id="FeedbackForm" action="post.php" method="post">
<div>
<div class="wrapper"> <span>Name:</span>
<input type="text" class="input" name="NAME">
</div>
<div class="wrapper"> <span>Contact:</span>
<input type="text" class="input" name="CONTACT">
</div>
<div class="wrapper"> <span>E-mail:</span>
<input type="text" class="input" name="EMAIL">
</div>
<div class="textarea_box"> <span>Message: (50char)</span>
<textarea name="COMMENT" cols="1" rows="1"></textarea>
</div>
<input type="submit" name="update" value="update">
<!--<span> </span> Clear Send </div>-->
</form>
</div>
</section>
</div>
</div>
</div>
</div>
<div class="body4">
<div class="main">
<section id="content2">
<div class="wrapper">
<div style="text-align: center;">
<h2>Where are we located at? </h2>
<strong>Lot-6 G6 Street, Wollongong, 6666 NSW</strong>
<p><!--spacing between the headers-->
</div>
<div class="line3 wrapper">
<article class="col2">
<h2>G6 Card privileges+ </h2>
<div class="pad"> <span class="col3"> <strong>
Telephone:<br>
Email: </strong> </span>
+614 1234 6666<br>
g6card#g6.com </div>
</article>
<article class="col2">
<h2>Customer Service Centre </h2>
<div class="pad"> <span class="col3"> <strong>
Telephone:<br>
Email: </strong> </span>
+614 1234 5555<br>
custserv#g6.com </div>
</article>
<article class="col2">
<h2>Advertisement & Promotion</h2>
<div class="pad"> <span class="col3"> <strong>
Telephone:<br>
Fax No:<br>
Email: </strong> </span>
+614 1234 7777<br>
+614 1234 1212<br>
adsPromo#g6.com </div>
</article>
<article class="col2">
<h2>Leasing</h2>
<div class="pad"> <span class="col3"> <strong>
Telephone:<br>
Fax No:<br>
Email: </strong> </span>
+614 7728 8878<br>
+614 7726 8869<br>
leasing#g6.com </div>
</article></div>
</div>
</section>
</div>
</div>
<!-- / content -->
<div class="main">
<!-- footer -->
<footer>
<div class="wrapper"> <span class="left"> Copyright © G6. All Rights Reserved<br>
Design by LM-02</a><br>
</span>
<ul id="icons">
Connect with us: <br>
<li><img src="images/icon1.png" alt=""></li>
<li><img src="images/icon4.png" alt=""></li>
</ul>
</div>
<!-- {%FOOTER_LINK} -->
</footer>
<!-- / footer -->
</div>
</body>
</html>
Then i made a post.php and put this code down
<?php
$NAME = sqlite_escape_string($_POST['NAME']);
$CONTACT = sqlite_escape_string($_POST['CONTACT']);
$EMAIL = sqlite_escape_string($_POST['EMAIL']);
$COMMENT = sqlite_escape_string($_POST['COMMENT']);
class MyDB extends SQLite3
{
function __construct()
{
$this->open('final_mall_management_system.db');
}
}
$db = new MyDB();
if(!$db){
echo $db->lastErrorMsg();
} else {
echo "Opened database successfully\n";
}
$sql =<<<EOF
INSERT INTO Enquiry (Name,Contact,Email,Comment)
VALUES ( '$NAME', '$CONTACT', '$EMAIL', '$COMMENT' );
EOF;
$ret = $db->exec($sql);
if(!$ret){
echo $db->lastErrorMsg();
} else {
echo "Records created successfully\n";
}
$db->close();
?>
When I entered the data in the form and click the submit it doesn't work I get this instead
open('final_mall_management_system.db'); } } $db = new MyDB(); if(!$db){ echo $db->lastErrorMsg(); } else { echo "Opened database successfully\n"; } $sql =<<exec($sql); if(!$ret){ echo $db->lastErrorMsg(); } else { echo "Records created successfully\n"; } $db->close(); ?>
I have no idea what I'm doing wrong. Could anyone please help me?
<section id="content">
<div class="wrapper">
<h2>General Enquiry Form</h2>
<form id="FeedbackForm" action="post.php" method="post">
<div>
<div class="wrapper"> <span>Name:</span>
<input type="text" class="input" name="NAME">
</div>
<div class="wrapper"> <span>Contact:</span>
<input type="text" class="input" name="CONTACT">
</div>
<div class="wrapper"> <span>E-mail:</span>
<input type="text" class="input" name="EMAIL">
</div>
<div class="textarea_box"> <span>Message: (50char)</span>
<textarea name="COMMENT" cols="1" rows="1"></textarea>
</div>
<input type="submit" name="update" value="update">
<!--<span> </span> Clear Send </div>-->
</form>
</div>
</section>
Is the main section of the "form" html code from the whole code (content.html) that i showed above.

Change remove EOF thing and use double quotes for your sql, I think that's the problem.
$sql ="INSERT INTO Enquiry (Name,Contact,Email,Comment)
VALUES ( '$NAME', '$CONTACT', '$EMAIL', '$COMMENT' )";

most likely you redefined constructor to SQLite3 class itself.
http://www.php.net/manual/en/language.oop5.decon.php
try changing
function __construct() {
$this->open('final_mall_management_system.db');
}
to
function __construct() {
parent::__construct();
$this->open('final_mall_management_system.db');
}

Categories