I am trying to do a project from university and I can't figure out how to insert the date which I pick from calendar function. I have tried a couple of things, but I get 0000-00-00 or the current date: 2014-06-08.
<?php
$con=mysqli_connect("","","","");
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$checkin = mysqli_real_escape_string($con, $_POST['checkin']);
$checkout = mysqli_real_escape_string($con, $_POST['checkout']);
$firstname = mysqli_real_escape_string($con, $_POST['firstname']);
$lastname = mysqli_real_escape_string($con, $_POST['lastname']);
$title = mysqli_real_escape_string($con, $_POST['title']);
$roomtype = mysqli_real_escape_string($con, $_POST['roomtype']);
$email = mysqli_real_escape_string($con, $_POST['email']);
$phone = mysqli_real_escape_string($con, $_POST['phone']);
$checkout = date("Y-m-d");
$sql="INSERT INTO reservation (checkin, checkout, firstname, lastname, title, roomtype, email, phone)
VALUES ('$checkin', '$checkout', '$firstname','$lastname', '$title', '$roomtype', '$email', '$phone')";
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
echo "Your booking has been completed";
mysqli_close($con);
header("Location: ");
exit;
?>
$checkout = date("Y-m-d");
The function give you the current date in the format "Y-m-d" That is the first reason why you get the current date and because you save the current date after you did : $checkout = mysqli_real_escape_string($con, $_POST['checkout']); you override the date you get with $_POST['checkout']
You should do this:
$checkout = mysqli_real_escape_string($con, $_POST['checkout']);
$checkout = date_format(date_create($checkout), 'Y-m-d');
The problem is probably with your html form. HTML5 allows for an easy date picker:
<input type="date" name="checkin">
<input type="date" name="checkout">
You dont need value="DD/MM/YY" and onfocus and those other arguments. If a date input is left empty it will return nothing. The input also outputs the date as a unix timestamp I believe
Related
i am trying to get data from user and store into database using php. when i add date & phone number , it store any 1st number of date what you entered & any random number in phone number.
$fname = $_GET['fname'];
$lname = $_GET['lname'];
$mname = $_GET['mname'];
$dob = $_GET['dob'];
$pnumber = $_GET['pnumber'];
$occupation = $_GET['occupation'];
$joindate = $_GET['join date'];
$ffname = $_GET['ffname'];
$flname = $_GET['flname'];
$peraddress = $_GET['peraddress'];
$fpnumber = $_GET['fpnumber'];
$mpnumber = $_GET['mpnumber'];
$roomnumber = $_GET['roomnumber'];
$deposite = $_GET['deposite'];
//$password = $_GET['password'];
//$sha1password = sha1($password);
//create connection
$connection = mysqli_connect('localhost', 'root', 'root', 'Hostel');
//check connection
if ($connection->connect_error) {
die('Connection error (' . $connection->connect_errno . ') ' .$connection->connect_error);
}
echo 'Cool!' .$connection->host_info . "\n";
$sqlin = "INSERT INTO Student (First_Name, Last_Name, Middle_Name, Date_of_Birth, Phone_Number, Occupation, Join_Date, Father_First_Name, Father_Last_Name, Permenent_Address, Father_Phone_Number, Mother_Phone_Number, Room_Number, Deposite)
VALUES ('$fname', '$lname', '$mname', '$dob', '$pnumber', '$occupation', '$joindate', '$ffname', '$flname', '$peraddress', '$fpnumber', '$mpnumber', '$roomnumber', '$deposite')";
if ($connection->query($sqlin) === TRUE) {
echo"Thank you! Your info has been entered into database";
}else{
echo"Error: " . $sqlin . "<br>" . $connection->error;
}
$connection->close();
?>
i already set date type is date in html and for phone number is text.
how i can correct date with any format with calender option and phone number ?
Since you are posting your data from the form using _GET, that might have caused the problem with date when saving in database. Change the form post method to 'POST' and read posted values using $_POST
I think if you mentioned the type of colomn you created as date. It has to be sent only in the format 'YYYY-MM-DD HH:MM:SS' and I don't think it support other format you entered to store and you ca store the telephone number even in text format. you can use strotime() to convert the entered date into that format $dob1 = date('Y-m-d', strtotime($dob)); so that you could store in database without any errors and you should specify the entire date if you declare the variable to be stored as date in database
I am receiving this error, and not being to insert DATEDIFF into the database. I can't seem to find the problem. I tried checking the syntax. Can anyone help please?
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$pdate = mysqli_real_escape_string($con, $_POST['pdate']);
$mdate = mysqli_real_escape_string($con, $_POST['mdate']);
$amt = mysqli_real_escape_string($con, $_POST['amt']);
$first = mysqli_real_escape_string($con, $_POST['first']);
$last = mysqli_real_escape_string($con, $_POST['last']);
$pid = mysqli_real_escape_string($con, $_POST['pid']);
$cno = mysqli_real_escape_string($con, $_POST['cno']);
$madd = mysqli_real_escape_string($con, $_POST['madd']);
$bene = mysqli_real_escape_string($con, $_POST['bene']);
$swc = mysqli_real_escape_string($con, $_POST['swc']);
$bacc = mysqli_real_escape_string($con, $_POST['bacc']);
$bank = mysqli_real_escape_string($con, $_POST['bank']);
$badd = mysqli_real_escape_string($con, $_POST['badd']);
$bno = mysqli_real_escape_string($con, $_POST['bno']);
$sql="INSERT INTO contacts (
nodays, interest, pdate, mdate, amt, first, last,
pid, cno, madd, bene, swc, bacc, bank, badd, bno
)
VALUES (
DATEDIFF($mdate,$pdate) AS nodays,
(DATEDIFF($mdate,$pdate) * $amt / 365 * 0.1) AS interest,
'$pdate','$mdate','$amt','$first','$last',
'$pid','$cno','$madd','$bene','$swc','$bacc','$bank','$badd','$bno'
)";
if (!mysqli_query($con,$sql)) {
die('Error: ' . mysqli_error($con));
}
echo "Client record has been added to the database!";
mysqli_close($con);
The problem is that you try to execute 2 queries at the same time - only delimited by comma. That does not work. Seperagte them and execute them one by one.
You are inserting 2 more columns into contacts:
You say INSERT INTO CONTACTS with all the columns, but then you use
SELECT *, DATEDIFF... FROM CONTACTS. So you try to insert more columns into the same table.
I assume you are trying to calculate the nodays and interest as you do the insert, this should work:
INSERT INTO contacts (
nodays, interest, pdate, mdate, amt, first, last,
pid, cno, madd, bene, swc, bacc, bank, badd, bno
)
VALUES (
DATEDIFF($mdate,$pdate),
(DATEDIFF($mdate,$pdate) * $amt / 365 * 0.1),
'$pdate','$mdate','$amt','$first','$last',
'$pid','$cno','$madd','$bene','$swc','$bacc','$bank','$badd','$bno'
);
header ('Refreash: 1;url=registrationform.php');
include 'dbconnect.php';
$id = $_POST['id'];
$firstName = $_POST['firstName'];
$lastName = $_POST['lastName'];
$email = $_POST['email'];
$password = $_POST['password'];
$DOB = $_POST['dob'];
$gender = $_POST['gender'];
$telephone = $_POST['telephone'];
$memberTypeID = $_POST['memberTypeID'];
$Active = $_POST['Active'];
$sql = "UPDATE user SET firstName = '$firstName', lastName = '$lastName', email = '$email', password = '$password', DOB = '$DOB', gender = '$gender', telephone = '$telephone', memberTypeID = '$memberTypeID', Active = '$Active' WHERE userID = $id";
$result=mysql_query($sql)or die ("COULD NOT UPDATE USER!!");
This is the code i am using to enter the DOB back into the database, when entered it returns 0000-00-00.
Try what is inside $_POST['dob']..Also if the input value is not a valid date value then don't try to insert it. So if its not a valid value then make the dob as null and also make your table structure compatible to allow NULL values.If your $_POST['dob'] doesn't contains a valid date value in YYYY-MM-DD format then that value will be inserted as 0000-00-00 in the database.
So try something like the following
$DOB = NULL;
if(isset($_POST['dob']) && trim($_POST['dob']) != '')
//make necessary validateions and assign the value
$DOB = $newValue;//Assume $newValue contains new date value in YYYY-MM-DD format
Also don't use mysql_ functions anymore since they are deprecated. Try using mysqli_ functions and prepare statements because your code is vulnerable to sql injections
I have a sign up form and I am trying to record the date the form was filled out, into MySQL table. All of the information that I am requesting within the form is being recorded, except for the date. Would anyone be able to help me out with this task?
Here is a snippet of my PHP code of where I think the problem resides. I am also using PHPmyadmin for my database; if that is relevant.
Here is the link to the page www.3elementsreview.com/sign-up
$value = $_POST['First'];
$value2 = $_POST['Last'];
$value3 = $_POST['City'];
$value4 = $_POST['State'];
$value5 = $_POST['Country'];
$value6 = $_POST['Email'];
$value7 = $_POST['Y-m-d H:i:s'];
$sql = "INSERT INTO members (First, Last, City, State, Country, Email, Date) VALUES ('$_POST[First]','$_POST[Last]','$_POST[City]','$_POST[State]','$_POST[Country]','$_POST[Email]','$_POST[Date]')";
Your code is dangerous and allows sql injection attacks.
First off mysql_* library is depreciated.
Second if you are going to use mysql_* functions, use mysql_real_escape string on ALL your POST fields.
Thirdly this will solve your issue:
$value = mysql_real_escape_string($_POST['First']);
$value2 = mysql_real_escape_string($_POST['Last']);
$value3 = mysql_real_escape_string($_POST['City']);
$value4 = mysql_real_escape_string($_POST['State']);
$value5 = mysql_real_escape_string($_POST['Country']);
$value6 = mysql_real_escape_string($_POST['Email']);
$sql = "INSERT INTO members (First, Last, City, State, Country, Email, Date) VALUES ('$value','$value2','$value3','$value4','$value5','$value6',NOW())";
in mysql, the function NOW() is used to return the current date/time.
Unless your parameter is called Y-m-d%20H:i:s=____, you should probably be collecting a $_POST['date'] variable or something, then converting it into a date after assigning it to a variable.
$value7 = $_POST['date'];
$value7 = date('Y-m-d H:i:s', $value7);
I'm very new to PHP and am having some trouble. I have a form using HTML which is action=.php method=post
The form is using text boxes and select options, I'm not sure if it makes a difference in sqldatabase. I've tried about 30 different combinations of this script and can only get a connect successfully message but nothing is posted.
<?php
$link = mysql_connect('everybodyslistcom.ipagemysql.com', 'accounts', 'accounts');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';
mysql_select_db("user");
$FName = $_POST["FName"];
$LName = $_POST["Lname"];
$Phone = $_POST["Phone"];
$EmailAddress = $_POST["EmailAddress"];
$Month = $_POST["Month"];
$Day = $_POST["Day"];
$Year = $_POST["Year"];
$Username = $_POST["Username"];
$Password = $_POST["Password"];
$sql = 'INSERT INTO Members (ID, FName, LName, Phone, EmailAddress, Month, Day, Year, Username, Password) VALUES'
. '(\'\', \'$FName\', \'$LName\', \'$Phone\', \'$EmailAddress\', \'$Month\', \'$Day\', \'$Year\', \'$Username\', \'$Password\')';
mysql_close();
php?>
try to execute your query
mysql_query($sql);
EDIT: I see you are doing this:
$sql = 'SELECT bla bal $variable';
PHP will not parse the variable. The right way:
$sql = "SELECT bla bla $variable"; // valid
$sql = "SELECT bla bla {$variable}"; // also valid
$sql = 'SELECT bla bla '.$variable; // also valid
your closing php tag is not correct, it should be
?>
rather than
php?>
Also u r not executing your query using:
mysql_query('your query here');
this might cause the problem.
Your variables are not interpreted by PHP. If you want variable to be parsed in string, it should be wrapped in double-quote (")
It may fail if any of your posted data contains some quote character, so you must apply mysql_real_escape_string to all of them.
I hope that database connection credentials are not real you posted here? :D
You said that your form contains "action=.php" literally, you have to turn it into :
<form name="form_name" method="post" action="your_script.php">
You need to execute the query too:
mysql_query($sql, $link);
you should also check whether POST was really sent:
if (!empty($_POST)) {
// ... your code here
}
next thing: you don't need closing tag ?> if your *.php file consist only PHP code - end of file is also correct end of PHP block of code - it's "good-to-have" habit, because in some cases it helps you to avoid error: "Cannot add/modify header information - headers already sent by..."
next problem - wrong way of inserting variables into string:
$sql = 'INSERT INTO Members (ID, FName, LName, Phone, EmailAddress, Month, Day, Year, Username, Password) VALUES'
. '(\'\', \'$FName\', \'$LName\', \'$Phone\', \'$EmailAddress\', \'$Month\', \'$Day\', \'$Year\', \'$Username\', \'$Password\')';
correct way:
$sql = "INSERT INTO Members (ID, FName, LName, Phone, EmailAddress, Month, Day, Year, Username, Password) VALUES (null, '$FName', '$LName', '$Phone', '$EmailAddress', '$Month', '$Day', '$Year', '$Username', '$Password')";
more info here
next - as Deniss said, instead of:
$FName = $_POST["FName"];
should be:
$FName = mysql_real_escape_string($_POST["FName"]);
actually you should fist check weather magic quotes gpc are on or off:
if (get_magic_quotes_gpc()) {
if (!empty($_POST)) {
array_walk_recursive($_POST, 'stripslashes_value');
}
}
function stripslashes_value(&$value) {
$value = stripslashes($value);
}
without this you could have problem with double \\ inserted into db (it depends on your server configuration)
and last but not least: as Robert said you miss one more important thing:
mysql_query($sql);
I think your error because your have not call mysql_query function
can try my code edit
<?php
$link = mysql_connect('everybodyslistcom.ipagemysql.com', 'accounts', 'accounts');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';
mysql_select_db("user",$link);
$FName = $_POST["FName"];
$LName = $_POST["Lname"];
$Phone = $_POST["Phone"];
$EmailAddress = $_POST["EmailAddress"];
$Month = $_POST["Month"];
$Day = $_POST["Day"];
$Year = $_POST["Year"];
$Username = $_POST["Username"];
$Password = $_POST["Password"];
$sql = "INSERT INTO Members SET FName='{$FName}', LName='{$LName}', Phone='{$Phone}', EmailAddress='{$EmailAddress}', Month='{$Month}', Day='{$Day}', Year='{$Year}', Username='{$Username}', Password='{$Password}'";
// Call Function mysql_query insert new record in mysql table
mysql_query($sql,$link);
mysql_close($link);
?>
Comment for me if your have problem :) or notes of apache services
good day