In my code below, it should clear the table Banner, which it does, then insert a message into it, which it does not
This is my code, thanks
<?php
error_reporting(-1);
mysql_connect('localhost', 'username', 'password');
mysql_select_db("induadmi_db");
if($_POST['submit']){
$bannermsg = $_POST['newBanner'];
mysql_query("TRUNCATE `Banner`");
mysql_query("INSERT INTO `Banner` SET Message='$bannermsg'");
}
?>
<html>
<body>
<form method="post">
<input type="text" id="newBanner" name="newBanner' placeholder="Enter Message"/>
<input type="submit" id="submit" name="submit" value="Submit">
</form>
</body>
</html>
This is the error I get by the way:
Notice: Undefined index: newBanner in
/home/induadmi/public_html/por/newbanner.php on line 5
Here is Your Error In HTML
<html>
<body>
<form method="post">
<input type="text" id="newBanner" name="newBanner" placeholder="Enter Message"/>
<input type="submit" id="submit" name="submit" value="Submit">
</form>
</body>
</html>
name="newBanner' is Error name="newBanner"
your error means $_POST['newBanner'] has not been defined. so put $bannermsg = $_POST['newBanner']; inside if($_POST['submit']){ condition
try like this by checking whether $_POST exixts
<?php
error_reporting(-1);
mysql_connect('localhost', 'username', 'password');
mysql_select_db("induadmi_db");
if(isset($_POST['submit']))
{
$bannermsg = $_POST['newBanner'];
mysql_query("TRUNCATE `Banner`");
mysql_query("INSERT INTO `Banner` SET Message='$bannermsg'");
}
?>
try this
<?php
error_reporting(-1);
mysql_connect('localhost', 'username', 'password');
mysql_select_db("induadmi_db");
if (isset($_POST['submit'])) {
$bannermsg = $_POST['newBanner'];
mysql_query("TRUNCATE `Banner`");
mysql_query("INSERT INTO `Banner` SET Message='$bannermsg'");
}
?>
<html>
<body>
<form method="post">
<input type="text" id="newBanner" name="newBanner" placeholder="Enter Message"/>
<input type="submit" id="submit" name="submit" value="Submit">
</form>
</body>
</html>
You need to check the results of mysql_query to see if the call succeeded, and if it didn't, to check mysql_error to see what the error is.
http://us2.php.net/manual/en/function.mysql-query.php
http://us2.php.net/manual/en/function.mysql-error.php
You did not close the quotes properly on your <form> ..
name="newBanner' place
^----------
That is why you were getting the Undefined:index Notice.. Always make use of the isset construct.
Also...Your TRUNCATE syntax is wrong..
It should be
mysql_query("TRUNCATE TABLE `Banner`");
The fixed code..
<?php
if(isset($_POST['submit'])){
error_reporting(-1);
mysql_connect('localhost', 'induadmi_main', '$admiNiNd/U');
mysql_select_db("induadmi_db");
$bannermsg = $_POST['newBanner'];
mysql_query("TRUNCATE TABLE `Banner`");
mysql_query("INSERT INTO `Banner` SET Message='$bannermsg'");
}
?>
<html>
<body>
<form method="post" action="">
<input type="text" id="newBanner" name="newBanner" placeholder="Enter Message"/>
<input type="submit" id="submit" name="submit" value="Submit">
</form>
</body>
</html>
This (mysql_*) extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, Prepared Statements of MySQLi or PDO_MySQL extension should be used to ward off SQL Injection attacks !
Related
The problem is in insert query.If we insert a single data in the db it is inserted for multiple time in that the primary key(auto increment) is increased but the value give by the user didn't store in db why?
<html>
<head>
<title>comment</title>
</head>
<body>
<?php
require('db.php');
?>
<form action="db.php" method="get">
<input type="textarea" name="textarea" rows="4" value="" >
<input type="submit" name="submit" value="submit">
</form>
<?php
$comment = isset($_GET['textarea']) ? $_GET['textarea'] : '';
$sql="INSERT INTO comment(comments) VALUES('$comment')";
mysqli_query($con,$sql);
?>
</body>
</html>
the actual table name is comment and the column name is comment_id and comments.
if a user ask some question in textarea(in HTML design) that should be inserted in comments column.
You should not submit the form to the same file you are requiring on line 7.
Rather submit the form to itself. Try this:
<html>
<head>
<title>comment</title>
</head>
<body>
<?php
require('db.php');
if(!isset($_GET['submit']))
{
?>
<form method="get">
<input type="textarea" name="textarea" rows="4" value="" >
<input type="submit" name="submit" value="submit">
</form>
<?php
} else {
$comment = isset($_GET['textarea']) ? $_GET['textarea'] : '';
$sql="INSERT INTO comment(comments) VALUES('$comment')";
mysqli_query($con,$sql);
}
?>
</body>
</html>
Also like #aynber mentioned in the comments, take advantage of prepared statements and bind_param, to secure your app a bit.
I have some PHP and HTML code which should send data from the form to my MySQL database. However, on clicking Submit in the form, the page reloads and nothing happens. No echo or anything. The HTML is in the same file as the PHP file.
PHP
<?php
if(isset($_POST['submit'])){
$usernamep = $_POST['usernameinput'];
$passwordp = $_POST['passwordinput'];
$servername = "localhost";
$username = "USERNAMECENSOR";
$password = "PASSWORDCENSOR";
$dbname = "database";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO accounts (username, password)
VALUES ('$usernamep', '$passwordp')";
// use exec() because no results are returned
$conn->exec($sql);
echo "Success";
}
catch(PDOException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
$conn = null;
}
?>
HTML
<form method="POST" action="">
<input type="text" name="usernameinput"><br>
<input type="password" name="passwordinput"><br>
<input type="submit" class="button" value="Sign in">
</form>
Note: I know this code is currently subject to SQL injection, and the password is not encrypted. It is temporary starting code in an attempt to get it working first.
You lack the name attribute in the submit button, add name="submit".
<form method="POST" action="">
<input type="text" name="usernameinput"><br>
<input type="password" name="passwordinput"><br>
<input type="submit" name="submit" class="button" value="Sign in">
</form>
Your test is wrong. You have no input named "submit" (with attribute name = submit). It should be:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
...
}
A broad test like this will not even need a named submit. The HTML form may even be posted on another event using jQuery or JavaScript.
In your PHP file, you use isset($_POST['submit']). You don't have any form input with name="submit". You could make your submit button be
<input type="submit" name="submit" class="button" value="Sign in">
You have to include your php file into the action of the form tag.
<form method="POST" action="<?php echo $_SERVER['PHP_SELF']?>">
<input type="text" name="usernameinput"><br>
<input type="password" name="passwordinput"><br>
<input type="submit" class="button" value="Sign in">
</form>
I am starting to learn the basics of SQL and PHP codes.
I am trying to create a simple newsletter subscription page. this would require the user to enter their email and submit. That will then get added to my database.
Now, this works well when the HTML and PHP code are separate and the submission occurs but redirects to the PHP page with the echo.
I want to get the message on the same page and I tried merging the PHP code in the page as below
<?php
if($_SERVER['REQUEST_METHOD'] === 'POST'){
mysql_connect("hostname", "username", "password");
mysql_select_db("db name");
$user = $_POST['email'];
$query = "INSERT INTO tablename(columname)VALUES('$email')";
echo "inserted";
}
?>
<html>
<form method="POST" action="" >
<label>Email:</label> <input name="email" type="text"/>
<input type="submit" name="submit" value="Insert" /> <br>
</form>
</html>
Hoever with this code it just doesnt do anything.
What have am I doing wrong here? Appreciate your expert advice.
There are few mistakes in the code, you can fix them by doing the following:
Save the file as a php file first. For example name it "email.php".
Make the form action="email.php"
Don't write two complete separate codes in the same file, one for php file and the other for html file like you did. You can include the html code inside the php code using heredoc syntax which allows you to include a long html code like the following:
echo<<<_HTMLCODE
<form method="POST" action="" >
<label>Email:</label> <input name="email" type="text"/>
<input type="submit" name="submit" value="Insert" /> <br>
</form>
_HTMLCODE;
In the query syntax, add $user instead $email because the variable $user contains the value submitted by the form.
Add a code to excute the inserted query. for example:
mysql_query($query);
So your final code will be like this:
<?php
if($_SERVER['REQUEST_METHOD'] === 'POST'){
mysql_connect("hostname", "username", "password");
mysql_select_db("db name");
$user = $_POST['email'];
$query = "INSERT INTO tablename VALUES('$user')";
mysql_query($query);
echo "inserted";
}
echo<<<_HTMLCODE
<form method="POST" action="email.php" >
<label>Email:</label> <input name="email" type="text"/>
<input type="submit" name="submit" value="Insert" /> <br>
</form>
_HTMLCODE;
?>
I have tried the code above after I added the data of my database on the localhost and after I created a table for the emails and it worked. Here is the edited code with my database access info and the table name in my code editor:
When i opened the table emails in my database, I found the email that I had submitted using the form (your modified code):
(advice: use mysqli instead of mysql)
Please use prepare statements to prevent Sql Injections.
Here is sample code try this.
ini_set('display_errors', 1);
ini_set('log_errors', 1);
error_reporting(E_ALL);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$connect = new mysqli ("localhost", "root", "usbw", "test");
if (mysqli_connect_errno()) {
echo 'Failed to connect to MySQL:' . mysqli_connect_error();
}
if (isset($_POST['submit'])) {
$email = filter_input(FILTER_VALIDATE_EMAIL, $_POST['email']);
$sql = "INSERT INTO table (email) VALUES (?)";
$stmt = $connect->prepare($sql);
$stmt->bind_param('s', $email);
$result = $stmt->execute();
if ($result) {
$msg = 'Succesfully added';
} else {
$msg = 'OOPS Error Occured';
}
}
?>
<html>
<form method="POST" action="" >
<label>Email:</label> <input name="email" type="text"/>
<input type="submit" name="submit" value="Insert" /> <br>
</form>
</html>
I want to make a database which I can fill from my webpage. I want it to be an Integer input. I created a database and everything.
I connected php and phpmyadmin, but when I insert a number it adds an empty row (null).
Where did I go wrong?
This is the whole code...
This is the Insert.html
<html>
<head>
<title>SITE</title>
</head>
<body>
<form action="insert.html" method="post">
Value1: <input type="text" name="field1-name" />
<input type="Submit" /></form>
</body>
</html>
This is Connect.php
<?php
$username="root";
$password="";
$database="test";
$field1-name=$_POST['Value1'];
mysql_connect(localhost,$username,$password);
#mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO temp VALUES('$field1-name')";
mysql_query($query);
mysql_close();
?>
And this is Test.php
<?php
include 'insert.html';
include 'connect.php';
$a=$_POST["temp"];
$sql="INSERT INTO temp(val) values ($a);";
?>
One issue you have it with your choice of variable names. You cannot have a dash in your variable name. So $field1-name is an invalid name. You should either remove the dash or change it to an underscore.
You also named your input field1-name but you try to access $_POST['Value1']. Where does Value1 come from?
First fix your form so your input name does not have a dash:
<form action="insert.html" method="post">
Value1: <input type="text" name="field1name" />
<input type="Submit" /></form>
Then fix your variable assignment:
$field1name=$_POST['field1name'];
try changing your form action and form field name. on html file you can't get post values so change it to connect.php
<html>
<head>
<title>SITE</title>
</head>
<body>
<form action="Connect.php" method="post">
Value1: <input type="text" name="field1_name" />
<input type="Submit" /></form>
</body>
</html>
This is Connect.php
<?php
$username="root";
$password="";
$database="test";
$field1_name=$_POST['field1_name'];
mysql_connect(localhost,$username,$password);
#mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO temp VALUES('$field1_name')";
mysql_query($query);
mysql_close();
?>
In Connect.php you use:
$field1-name=$_POST['Value1'];
There are two problems with that. The variable name might be invalid and $_POST['Value1'] is always empty because the form field is named "field1-name".
Try this:
$value = $_POST['field1-name'];
...
$query = "INSERT INTO temp VALUES('$value')";
Simply put connect.php in action and do whatever you want in connect.php
<html>
<head>
<title>SITE</title>
</head>
<body>
<form action="connect.php" method="post">
Value1: <input type="text" name="field1-name" />
<input type="Submit" /></form>
</body>
</html>
And Connect.php
$username="root";
$password="";
$database="test";
$fieldname=$_POST['field1-name'];
mysql_connect('localhost',$username,$password);
#mysql_select_db($database) or die( "Unable to select database");
$query = "INSERT INTO temp VALUES ('".$fieldname."')";
mysql_query($query);
I have the simplest database entry that when I hit "submit", it takes me to my home directory and nothing is added to the database. How do I fix it so it inputs the data? I haven't had any problems like this in the past using the same code...
<?php
if(isset($_POST['submit'])) {
$text = $_POST['text'];
$link = mysql_connect("localhost", "******", "********") or die("Couldn't make connection.");
#mysql_select_db("*****") or die("Couldn't select database");
mysql_query("INSERT INTO wall (message) VALUES ('$text')");
}
?>
<html>
<form action="post" name="post" id="post">
<input type="text" id="text" name="text"/>
<input type="submit" name="submit" id="submit" value="submit"/>
</form>
</html>
I know my password and database name are correct, because when I take away the "form" and "isset", it uploads no problem every time I reload the page:
<?php
$link = mysql_connect("localhost", "******", "*******") or die("Couldn't make connection.");
#mysql_select_db("********") or die("Couldn't select database");
mysql_query("INSERT INTO wall (message) VALUES ('test')");
?>
change
<form action="post" name="post" id="post">
to
<form method="post" name="post" id="post">
Action is the page you want the form to submit to
Method is the type (which defaults to get)
Your form<> has no method, try this:
<form method="post" name="post" id="post">
</form>