If I insert a new record into the database via PHP and then click the submit button and then each time I refresh the page it inserts the recently added record into the database. How do I stop this from happening? I don't want to redirect to another form after the submit button too. The weird thing is, if I click the submit button twice and then refresh the form it doesn't insert duplicates into the database. Why is this? Please help :/ thanks
Here's the code:
<div class="insertDiv">
<form method="POST" action="contracts.php">
<?php
if(empty($_POST['ContractDate']) && empty($_POST['ComputerId2']) && empty($_POST['CustomerId']) && empty($_POST['ContractLevel']))
{
}
else
{
include("dbinfo.inc.php");
$comm=#mysql_connect(localhost,$username,$password);
$rs=#mysql_select_db($database) or die( "Unable to select database");
$contractDate=$_POST['ContractDate'];
$computerID=$_POST['ComputerId'];
$customerID=$_POST['CustomerId'];
$contractLevel=$_POST['ContractLevel'];
$sql="INSERT INTO contract VALUES ('','$contractDate','$computerID', '$customerID', '$contractLevel')";
$result=mysql_query($sql)or die("Insert Error: ".mysql_error());
mysql_close();
}
?>
<div class = "myButton">
Insert
</div>
<p></p>
Enter contract start date: 
<input type="date" name="ContractDate" size=30 class="input"><br><br>
Enter computerID: 
<input type="text" name="ComputerId" size=30 class="input"><br><br>
Enter customerID: 
<input type="text" name="CustomerId" size=30 class="input"><br><br>
Enter contract level: 
<input type="text" name="ContractLevel" size=30 class="input"><br><br>
<input type="reset" value="Reset" class="button">    
<input type="submit" value="Submit" class="button">
</form>
</div>
check with some value from form which is already exists in table if no then insert the data into the table
or
1.generate a random string and store it in session,
2.then output it to your form as a hidden value,
3.check the submitted and store variable, if matches process your request,
4.go to 1.
Just make sure the form has only been submitted once, by using sessions.
This should work (I haven't been able to test it)
<?php
// you should start the session before sending any output to the browser
session_start();
if($_SESSION['prevent'] && $_SESSION['prevent'] == $_POST['prevent'])$valid=true;
$_SESSION['prevent']=sha1(mt_rand(0,9999999));
?>
<div class="insertDiv">
<form method="POST" action="contracts.php">
<?php
if(empty($_POST['ContractDate']) && empty($_POST['ComputerId2']) && empty($_POST['CustomerId']) && empty($_POST['ContractLevel']))
{
}
else
{
if($valid){
include("dbinfo.inc.php");
$comm=#mysql_connect(localhost,$username,$password);
$rs=#mysql_select_db($database) or die( "Unable to select database");
$contractDate=$_POST['ContractDate'];
$computerID=$_POST['ComputerId'];
$customerID=$_POST['CustomerId'];
$contractLevel=$_POST['ContractLevel'];
$sql="INSERT INTO contract VALUES ('','$contractDate','$computerID', '$customerID', '$contractLevel')";
$result=mysql_query($sql)or die("Insert Error: ".mysql_error());
mysql_close();
}
}
?>
<div class = "myButton">
Insert
</div>
<p></p>
Enter contract start date: 
<input type="date" name="ContractDate" size=30 class="input"><br><br>
Enter computerID: 
<input type="text" name="ComputerId" size=30 class="input"><br><br>
Enter customerID: 
<input type="text" name="CustomerId" size=30 class="input"><br><br>
Enter contract level: 
<input type="text" name="ContractLevel" size=30 class="input"><br><br>
<input type="reset" value="Reset" class="button">    
<input type="hidden" value="<?php echo $_SESSION['prevent']; ?>">
<input type="submit" value="Submit" class="button">
</form>
</div>
Have a read of this article and it'll explain how to redirect so refreshing doesn't resubmit the form.
http://en.wikipedia.org/wiki/Post/Redirect/Get
Related
I created a section for editing. When I edit the information and click the save button, the information is not saved and the header section does not display completely.
<?php
if (isset($_POST['submit_btn']))
{
$id = $_POST['id'];
$fn = trim($_POST['name']);
$ln = trim($_POST['lastname']);
$age = trim($_POST['age']);
$q = "UPDATE `users` SET `fn` = '$fn',
`ln` = '$ln',
`age` = '$age'
WHERE id = '$id'";
mysqli_query($dbconnect,$q);
if (mysqli_affected_rows($dbconnect) > 0)
redirect("?msg=ok&id=**$id**");
else
redirect("?msg=error&id=**$id**");
}
else
echo ("Not In If(isset)");
?>
<form action="" method="post">
<label for="name">FirstName:</label>
<input type="text" name="name" id="name" value="<?php echo $row['fn']?>">
<br>
<label for="lastname">LastName:</label>
<input type="text" name="lastname" id="lastname" value="<?php echo $row['ln']?>">
<br>
<label for="age">Age:</label>
<input type="text" name="age" id="age" value="<?php echo $row['age']?>">
<br>
<input type="submit" name="submit_btn" value="Save">
<a href="index2.php">
Back
</a>
</form>
</body>
Bold sections do not work here.
Below is a picture of the result:
In the link that I specified, after clicking on save the ID will not be displayed and all the information filled in the forms will be lost.
Sorry if the result is styleless and boring and I just created this page to practice php😁
Thank you for being responsive🙏🙏🙏
You are mistaking a POST request with a GET request.
Part, which appears in the URL is sent to the webserver in GET request.
Your form is submitting POST request to the webserver, logic in the code does the same, but you are trying to display information from url (GET).
Please check the examples in php.net:
POST variables: https://www.php.net/manual/en/reserved.variables.post.php
GET variables: https://www.php.net/manual/en/reserved.variables.get.php
You can take an example with GET request variable below, however, be careful with trusting the "end client" and always prepare your statements, which you send to your database to execute queries.
if (isset($_GET['submit']))
{
$number = $_GET['number'];
echo $number
? "Number which was submitted: $number <br>"
: 'Number is not set';
} else {
echo 'Form has not been yet submitted';
}
?>
<form action="" method="get">
<input type="number" name="number" placeholder="Number">
<input type="submit" name="submit" value="Save">
</form>
please correct me here.
i have created multi page form where i want to pass data from each pages to final pages and then submit those on email. first one is apply.php, there are many input fields, but i have listed some of those, here when some enters passport number in passport field, i want this to be passed in everypage of the form and print this at couple of places on each page. here getting some issues when passing some of these fields.
this is first page ( apply.php )
<?php
// Start the session
session_start();
?>
<form name="search_form" method="post" onSubmit="return chk();" action="apply2.php">
<input name="passportno" id="passportno" type="text" maxlength="20" placeholder="Enter Passport No." size="43" >
<input name="birthdate" type="date" class="textBoxDashed" size="43" id="birthdate" datepicker="true" datepicker_min="01/01/1900" datepicker_max="21/11/2017" maxlength="10" datepicker_format="DD/MM/YYYY" isdatepicker="true" value="">
<input name="button1" type="submit" value="Continue">
this is apply2.php . here there is some issues, i am not able to find, as you can see below codes, i am able to print date of birth but not able to print passport no ( input from form1 ). Please correct where i am wrong here.
<?php
session_start();
$msg="";
////include("connect.php");
if (isset($_POST['button1']))
{
extract($_POST);
$code=strtolower($_POST['captcha_code']);
$sess=strtolower($_SESSION["code"]);
if ($sess==$code)
{
$appid=time().rand();
$result=mysqli_query($con,"select *from registration where email='$email'");
if (mysqli_fetch_row($result)>0)
{
?>
<script>
alert("This email is already exist");
</script>
<?php
}
else
{
$query="insert into registration values('$appid','$passportno','$birthdate','$email')";
if (mysqli_query($con,$query))
$msg="Data saved Successfully.Please note down the Temporary Application ID $appid";
else
echo "not inserted".mysqli_error($con);
if (!isset($_SESSION["appid"]))
{
$_SESSION["appid"]=$appid;
}
}
}
else
{
?>
<?php
}
}
?>
<form name="OnlineForm" method="post" onsubmit="return OnSubmitForm();" action="apply3.php">
<input name="applid" id="applid" value="<?php echo $_SESSION["appid"];?>">
<input type="hidden" name="birthdate" value="<?php echo $birthdate;?>"><b><?php echo $birthdate;?>
<input name="passportno" type="text" class="textBoxDashed" id="passportno" value="" size="43" maxlength="14" value="<?php echo $passportno;?>">
input name="sc" type="submit" class="btn btn-primary" id="continue" value="Save and Continue" onclick="document.pressed=this.name">
Don't use extract. Also do some checking to see if the data is set. As for not getting the the data try $_POST['passportno'] and if you want to pull the values and put them back into the input boxes simply use <?php echo isset($_POST['passportno'])?$_POST['passportno']:'' ?> to return nothing if it is not defined.
Also you need to do add some protection to your inputs.
You can add protection by using $passportno = mysqli_real_escape_string($con, $passportno);
When my page loads it has a form with a hidden input that is named “email”. This input value is equal to that of a logged in users email and loads this value automatically upon page load.
How can I show column data based on email in a drop down menu as selections?
This is what I'm trying to do:
http://oi61.tinypic.com/258tmhd.jpg
Heres my Code thats not working:
<html>
<header>
</header>
<body>
<?php
// Create the connection to the database
$con=mysqli_connect("xxx","xxx","xxx","xxx");
// Check if the connection failed
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
die();
}
$query = "SELECT itemname FROM seguin_orders";
$result = mysqli_query($con,$query);
?>
<select name="xxx"><option value="">-- Select One --</option>
while($row = mysqli_fetch_array($result))
{
echo("<option value=". $row['itemname'] . ">". $row['itemname'] ."</option>");
}
</select>
<form action="/demoform/contact_form.php" class="well" id="contactForm" method="post" name="sendMsg" novalidate="">
<input type="text" required id="mile" name="mile" placeholder="Miles"/>
</br>
<input id="email" name="email" placeholder="Email" required="" type="text" value="demo#gmail.com" readonly="readonly"/>
</br>
<input id="name" name="itemname" placeholder="ITEM NAME 1" required="" type="text" />
</br>
<input type="reset" value="Reset" />
<button type="submit" value="Submit">Submit</button>
</form>
</body>
</html>
You could write a servlet where you get the email with request.getParameter(email)
The SQL statement should be something like this (use preparedstatement):
SELECT itemname FROM table_A WHERE email=?
then set your String with ps.setString(1, email);, execute the Query, pass the results to an arraylist and then forward them back to your jsp where you want to show your results.
See here also
I've created a members area where a user can update their bio. The problem is that the information the user submits isn't updating the rows in the database.
Member's Area
<body bgcolor="#E6E6FA">
<button>Log Out</button><br><br>
<input type="text" name="age"placeholder="Enter a your age."><br>
<input type="text" name="bio"placeholder="Enter your bio.">
<input type="submit" name="submit" value="Submit your details!">
PHP
<?php
if(isset($_POST['submit'])){
$con=mysql_connect("localhost","root","****","****");
// Check connection
if (mysql_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$age = mysql_real_escape_string($_POST['age']);
$bio = mysql_real_escape_string($_POST['bio']);
$name = mysql_real_escape_string($_SESSION['username']);
mysql_query($con,"UPDATE accs SET age='.$age.' WHERE name='.$name.'");
mysql_query($con,"UPDATE accs SET bio='.$bio.' WHERE name='.$name.'");
mysql_close($con);
};
?>
</body></html>
Any Ideas as to what is wrong here?
in your HTML page, the form should be inside the <form></form> tags
<form method="post" action="update.php">
<input type="text" name="age" placeholder="Enter a your age.">
<br>
<input type="text" name="bio" placeholder="Enter your bio.">
<input type="submit" name="submit" value="Submit your details!">
</form>
In your PHP page - to check the results, you can temporarily echo $age; echo $bio;
As you are using $_SESSION['username']; I think you are missing session_start(); to the top of your PHP code.
Also mysql_query only needs the SQL command, and not the connection ($con), that is mysqli, which is strongly advised to use instead of mysql_*.
As a side note, don't rely on user names in your database as the update criteria. If not already introduced, you can add an ID column to your table
a) create a proper submit form. use form tags around your form fields.
b) check, that the form is correctly submitted, by checking the $_POST array.
var_dump($_POST);
c) check, that you have values for the fields that you want to insert.
do a var_dump() before mysql_query(), to see what's going on.
var_dump($age, $bio, $name);
d) combine your two query calls into one:
mysql_query($con, "UPDATE accs SET age='.$age.', bio='.$bio.' WHERE name='.$name.'");
If you want to use the page it self to process your request, then empty the action property of your form. For example :
<form method="post" action="">
<input type="text" name="age"placeholder="Enter a your age."><br>
<input type="text" name="bio"placeholder="Enter your bio.">
<input type="submit" name="submit" value="Submit your details!">
</form>
I have this issue with my validation and posting the data to another page.
Here is my form:
Signup.php
<form id="regForm" action="<?php echo htmlspecialchars($_SERVER["submit.php"]);?>" method="post" name="regForm">
<label for="fname">First Name:</label><input name="fname" type="text" size="25" maxlength="35" value="<?php if(isset($_POST['fname'])){echo $_POST['fname'];}?>"/><br/>
<label for="mdname">Middle initial:</label><input name="mdname" type="text" size="10" maxlength="35" value="<?php if(isset($_POST['mdname'])){echo $_POST['mdname'];}?>"/><br/>
<label for="lname">Last Name:</label><input name="lname" type="text" size="25" maxlength="35" value="<?php if(isset($_POST['lname'])){echo $_POST['lname'];}?>"/><br/>
<br/>
<label> </label><input type="submit" name="Signup" class="formButton" value="Signup" /></form>
And here is my submit.php which will validate the signup.html input
submit.php
function msg($status,$txt)
{
return '{"status":'.$status.',"txt":"'.$txt.'"}';
}
// we check if everything is filled in and perform checks
//check if fname is empty
if(!$_POST['fname'])
{
die(msg(0,"<p>Please enter your first name.</p>"));
}
//check if lname is empty
if(!$_POST['lname'])
{
die(msg(0,"<p>Please enter your last name.</p>"));
}
Now, my issue is this, in my "submit.php" file, I want to know what codes to put after the form fields validation that would enable me post the input data to another page because, I plan making it a two-page signup form. Let's say my next page is signup-2.html
how do I post the data after validation to the next page? I know how to retrieve the posted data on the next page like using Session or Echo the $_POST data but, my main issue is....how do I make the form post the data after the validation messages in my submit.php file?
use header :
header("Location: your page url?fname=$_POST['fname']&lname=$_POST['lname']");
but before this do not echo or print anything otherwise it won't redirect to that page.
you can use the data on destination page like this:
$_GET['fname']
example:
submit.php
function msg($status,$txt)
{
return '{"status":'.$status.',"txt":"'.$txt.'"}';
}
// we check if everything is filled in and perform checks
//check if fname is empty
if(!$_POST['fname'])
{
die(msg(0,"<p>Please enter your first name.</p>"));
}
//check if lname is empty
if(!$_POST['lname'])
{
die(msg(0,"<p>Please enter your last name.</p>"));
}
header('Location:download.php?fname='.$_POST['fname']."&lname=".$_POST['lname']);
view.php
<html>
<body>
<form action="submit.php" method="post">
<input type='text' id="fname" name="fname"/>
<input type='text' id="lname" name="lname"/>
<input type="submit" id="button" value="submit"/>
</form>
</body>
</html>
download.php
<?php
echo "First Name........".$_GET['fname'];
put these three file in same directory and run view.php. you will be ok.