My PHP form will not post into the database. I understand php and mysql connections fairly well but I'm stumped on this one. When I hit submit on my form it doesn't echo the values that I(the user) put in. The date shows up as 1969-12-31, not the date the user submits. If anyone could help that would be great. My code is as follows
The form code is:
<form method="POST" action="add_event.php" id="create_event">
<label for="event_name">Event Name:</label>
<input type="text" id="event_name"><br />
<label for="date">Date:</label>
<input class="datepicker" type="date" id="date"><br />
<label for="zip_code">Zip Code:</label>
<input type="text" id="zip_code" maxlength="5"><br />
<label for="description">Description</label>
<textarea id="description" rows="5" columns="10"></textarea>
<br>
<input type="submit" name="submit">
</form>
The add_event.php insert code is:
<?php
require_once '../app_config.php';
require_once '../database_connection.php';
require_once '../authorize.php';
session_start();
// Authorize any user, as long as they're logged in
authorize_user();
//Get the user ID of the user to show
$user_id = $_SESSION['user_id'];
$select_query = "SELECT first_name, last_name FROM users WHERE user_id = " . $user_id;
// Run the query
$result = mysql_query($select_query);
if ($result) {
$row = mysql_fetch_array($result);
$first_name = $row['first_name'];
$last_name = $row['last_name'];
}
$name = $first_name . ' ' . $last_name;
$event_name = trim($_POST['event_name']);
$date = trim($_POST['date']);
$zip_code = trim($_POST['zip_code']);
$description = trim($_POST['description']);
// $date = "2012-08-22";
$newdate = date("Y-m-d", strtotime($date));
// $event_name = "test";
// $zip_code = "22153";
// $description = "test";
$insert_sql = sprintf("INSERT INTO events " .
"(name, user_profile_id, event_name, date, zip_code, description) " .
"VALUES ('%s', %d, '%s', '%s', '%s', '%s');",
mysql_real_escape_string($name),
mysql_real_escape_string($user_id),
mysql_real_escape_string($event_name),
mysql_real_escape_string($newdate),
mysql_real_escape_string($zip_code),
mysql_real_escape_string($description));
//insert the user into the database
mysql_query($insert_sql);
echo $insert_sql;
?>
Much thanks in advance.
The problem is that you are not naming your input fields. If you add the name property to the input in your html code the value will be stored in the $_POST array in php once the form is submitted. The correct html code should be:
<form method="POST" action="add_event.php" id="create_event">
<label for="event_name">Event Name:</label>
<input type="text" name="event_name"><br />
<label for="date">Date:</label>
<input class="datepicker" type="date" name="date"><br />
<label for="zip_code">Zip Code:</label>
<input type="text" name="zip_code" maxlength="5"><br />
<label for="description">Description</label>
<textarea name="description" rows="5" columns="10"></textarea>
<br>
<input type="submit" name="submit">
</form>
I am not sure if you needed the ids on the inputs for anything else, otherwise you should re-add those. For more information on html forms, visit: http://www.w3schools.com/html/html_forms.asp
You have not included any name attribute in your form. Here is how it should be:
<label for="event_name">Event Name:</label>
<input type="text" id="event_name" name="event_name"><br />
<label for="date">Date:</label>
<input class="datepicker" type="date" id="date" name="date"><br />
<label for="zip_code">Zip Code:</label>
<input type="text" id="zip_code" maxlength="5" name="zip_code"><br />
<label for="description">Description</label>
<textarea id="description" rows="5" columns="10" name="description"></textarea>
Note that only form inputs element that have the name attribute will be sent to the server. ID is only used on the client side.
Don't you need some name attributes in your form?
For example:
<input class="datepicker" type="date" id="date" name="date">
and the value within your POST['your_value'] must be the same as the value for the name attribute.
so:
$my_date = $_POST['date']
You need to give your input elements a name attribute... This is how php uses the $_POST['name attribute'] global to identify the field you are referring to.
so for example...
<form method="POST" action="add_event.php" id="create_event">
<label for="event_name">Event Name:</label>
<input type="text" name="event_name" id="event_name"><br />
<label for="date">Date:</label>
<input class="datepicker" name="date" type="date" id="date"><br />
<label for="zip_code">Zip Code:</label>
<input type="text" id="zip_code" name="zip_code" maxlength="5"><br />
<label for="description">Description</label>
<textarea id="description" name="description" rows="5" columns="10"></textarea>
<br>
<input type="submit" name="submit">
</form>
Related
I have a html form where i want 3 fields to be mandatory. If the user doesn't fill any one of those fields, then the form shouldn't be submitted and it should tell the user to fill in the mandatory one's. I've used PDO and i dont know how to do it. If someone could help me. Down below i've given both my html and php files.
HTML:
<html>
<head>
<title>Data Insertion</title>
</head>
<body>
<p><span class="Error">* required field.</span></p>
<form method="post" action="su.php">
<h2>Please Fill In Details</h2>
<label for="name">Name </label>
<input type="text" Placeholder="Enter your name" name="name" id="name" />
<span class="Error">*</span>
<br />
<br />
<label for="age">Age </label>
<input type="text" name="age" id="age" placeholder="Enter your age" />
<br />
<br />
<label for="mailid">MailId </label>
<input type="text" name="mailid" id="mailid" placeholder="Enter your Mail Id" />
<span class="Error">*</span>
<br />
<br />
<label for="gender">Gender </label>
<br />
<label for="male">Male </label>
<input type="radio" name="gender" id="gender" value="Male" id="male" />
<label for="female">Female </label>
<input type="radio" name="gender" id="gender" value="Female" id="female" />
<br />
<br />
<label for="qualification">Qualification </label>
<select name="qualification" value="Qualification" id="qualification">
<option value="B.E">SSLC</option>
<option value="P.G">HSC</option>
<option value="SSLC">UG</option>
<option value="HSC">PG</option>
</select>
<br /><br />
<label for="hobbies">Hobbies </label>
<br />
<input type="checkbox" name="hobbies" id="hobbies" value="Cricket" />Cricket
<input type="checkbox" name="hobbies" id="hobbies" value="Music" />Music
<input type="checkbox" name="hobbies" id="hobbies" value="Swimming" />Swimming
<br /><br />
<label for="textarea">Address </label>
<br />
<textarea name="address" id="textarea" rows="15" cols="30"></textarea>
<span class="Error">*</span>
<br /><br />
<input type="submit" name="submit" value="Submit" />
</form>
</body>
</html>
PHP:
<?php
$servername = 'localhost';
$username = 'root';
$password = '';
try {
$conn = new PDO("mysql:host=$servername;dbname=testing", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if(isset($_POST['submit'])){
$name = $_POST['name'];
$age = $_POST['age'];
$mailid = $_POST['mailid'];
$gender = $_POST['qualification'];
$hobbies = $_POST['address'];
if($name !='' || $mailid !='' || $address !=''){
$sql = "Insert into user (Name, Age, MailId, Gender, Qualification, Hobbies, Address)
values ('".$_POST["name"]."', '".$_POST["age"]."', '".$_POST["mailid"]."', '".$_POST["gender"]."', '".$_POST["qualification"]."', '".$_POST["hobbies"]."', '".$_POST["address"]."')";
$conn->exec($sql);
echo "Thank you for registering";
} else {
echo "<p>Insertion failed <br/> Please enter the required fields !";
}}
}
catch(PODException $e)
{
echo $sql . "<br>" . $e->getMessage();
}
?>
Try adding the html 5 attribute "required" on all the required input elements. For example
<input type="text" Placeholder="Enter your name" name="name" id="name" required />
You should also check the POST variables in the php code though, as this doesn't really prevent someone from abusing your service. Ex.
if(!isset($_POST['somevar'])) {
// Do insert
}
In html You should use javascript (e.g. jQuery) to control onsubmit event and validate if mandatory fields are filled with proper values, check this link: jQuery.submit()
In php You should check and validate each var before create and execute query. Simple article about it is here: Sanitize and Validate Data with PHP Filters
This would be good for the start I think ;)
Query string should contain placeholders and then statement should be prepared for execution, check this link:
PDOStatement::bindParam
I am wondering which one are errors. I've tried to check mysql and nothing inserted into my database.
First of all, my HTML code are like this
<form action="registerAction" method="POST">
<p class="titleRegister"> Login Details </p>
<!-- login details -->
<p> <label for="emailAddress" class="inputField" > Email Address : </label> </p>
<p> <input id="emailAddress" class="registerField" name="ename" required="required" type="text" placeholder="Your email address"/> </p>
<p> <label for="password" class="inputField" > Password : </label> </p>
<p> <input id="password" class="registerField" name="pwd" required="required" type="password" placeholder="Your password"/> </p>
<p> <label for="password" class="inputField" > Confirmation Password : </label> </p>
<p> <input id="password" class="registerField" name="mpwd" required="required" type="password" placeholder="Confirmation password" onBlur="pwdCompare()"/> </p>
<!-- personal details -->
<p class="titleRegister"> Personal Details </p>
<!-- hidden to insert db -->
<input name="registerID" type="hidden"/>
<input name="pic" type="hidden"/>
<p>
<label for="socialTitle" class="inputField" > Title : </label>
<div class="radio">
<input type="radio" name="sTitle" value="mr"> Mr
<input type="radio" name="sTitle" value="mrs"> Mrs
<input type="radio" name="sTitle" value="ms"> Ms
</div>
</p>
<p> <label for="firstName" class="inputField" > First Name : </label> </p>
<p> <input id="firstName" class="registerField" name="fname" required="required" type="text" placeholder="Your first name"/> </p>
<p> <label for="lastName" class="inputField" > Last Name : </label> </p>
<p> <input id="lastName" class="registerField" name="lname" required="required" type="text" placeholder="Your last name"/></p>
<p> <label for="mainAddress" class="inputField" > Main Address : </label> </p>
<p> <input id="mainAddress" class="registerField" name="address" required="required" type="text" placeholder="Your main address"/> </p>
<p> <label for="countryName" class="inputField" > Country : </label> </p>
<?php
include 'dbconnect.php';
echo "<select class=\"selectCSS\" name=\"country\">";
$country = "SELECT DISTINCT * FROM geo_country ORDER BY country";
$showCountry = mysqli_query($mysqli, $country);
while($countryRow = mysqli_fetch_assoc($showCountry))
{
$country = htmlspecialchars ($countryRow['country']);
$countryCode = $countryRow['countryCode'];
echo "<option value=\"$country\">$country</option>\n";
}
echo "</select>";
?>
<p> <label for="cityName" class="inputField" > City : </label> </p>
<?php
include 'dbconnect.php';
echo "<select class=\"selectCSS\" name=\"city\">";
$city = "SELECT DISTINCT * FROM geo_country INNER JOIN geo_city ORDER BY city WHERE geo_country.countryCode = geo_city.countryCode";
$showCities = mysqli_query($mysqli, $city);
while($cityRow = mysqli_fetch_assoc($showCities))
{
$city = htmlspecialchars ($cityRow['city']);
$countryCode = $cityRow['countryCode'];
echo "<option value=\"$city\">$city</option>\n";
}
echo "</select>";
?>
<p> <label for="postalCode" class="inputField" > Postal Code : </label> </p>
<p> <input id="postalCode" class="registerField" name="pcode" required="required" type="text" placeholder="Your postal code"/> </p>
<p> <input class="registerButton" type="submit" value="REGISTER"> </p>
</form>
and my php action come here:
<?php
include 'dbconnect.php';
if ($_POST['pwd']!= $_POST['mpwd']) {
echo("Oops! Password did not match! Try again. ");
}
$register_ID = $_POST['registerID'];
$socialTitle = $_POST['sTitle'];
$firstName = ucfirst(strtoupper($_POST['fname']));
$lastName = ucfirst(strtoupper($_POST['lname']));
$emailAddress = htmlspecialchars($_POST['ename']);
$mainAddress = htmlspecialchars($_POST['address']);
$registerCity = $_POST['city'];
$registerCountry = $_POST['country'];
$postalCode = htmlspecialchars($_POST['pcode']);
$profilePic = $_POST['pic'];
$registerPassword = $_POST['pwd'];
$check = "SELECT * FROM register_user where emailAddress = '$emailAddress'";
$checkTitle = mysqli_query($mysqli,$check);
if (mysqli_num_rows($checkTitle) > 0) {
header("Location: register?error=The name of email has already been taken");
} else {
$insertSQL =
"INSERT INTO register_user ('registerID', 'socialTitle', 'firstName', 'lastName', 'emailAddress', 'mainAddress', 'registerCity', 'registerCountry', 'postalCode', 'profilePic', 'registerPassword')
VALUES ('$register_ID', '$socialTitle', '$firstName', '$lastName', '$emailAddress', '$mainAddress', '$registerCity', '$registerCountry', '$postalCode', '$profilePic', '$registerPassword')";
$queryResult = mysqli_query($mysqli,$insertSQL);
if($queryResult) {
echo "SUCCESS";
echo "<p> Name : $emailAddress </p>";
echo "<p> Detail : $fname </p>";
echo "<p> BACK </p>";
}
}
?>
The results are nothing come out on the new html page and neither in DB. Can you check it out please? Thanks.
You're using the wrong identifiers for your columns, being (single) quotes '.
('registerID', 'socialTitle', 'firstName', 'lastName', 'emailAddress', 'mainAddress', 'registerCity', 'registerCountry', 'postalCode', 'profilePic', 'registerPassword')
change that to:
(registerID, socialTitle, firstName, lastName, emailAddress, mainAddress, registerCity, registerCountry, postalCode, profilePic, registerPassword)
or use backticks.
(`registerID`, `socialTitle`, `firstName`, `lastName`, `emailAddress`, `mainAddress`, `registerCity`, `registerCountry`, `postalCode`, `profilePic`, `registerPassword`)
Using or die(mysqli_error($mysqli)) to mysqli_query() would have shown you the error.
Plus, unless the form action is an index file in a folder called registerAction or a mod rewrite:
it would need to be
<form action="registerAction.php" method="POST">
so, check that. Just an insight.
I would also like to note that your present code is open to SQL injection.
Use prepared statements, or PDO with prepared statements, they are much safer.
Not 100% sure about it, but try changing your html.
This:
<form action="registerAction" method="POST">
To:
<form action="registerAction.php" method="POST">
Assuming registerAction is the name of you php file..
I want that when the user submits the form, and some reason happen some error, I want that the fields that the user already wrote to be saved, so I want to be show the values the user already wrote.
Im doing this with code below, but I dont understand why, when I submit the form the fields stay empty.
Somebody there see something wrong?
<?php
if (isset($_POST['sendForm'])) {
$f['name'] = $_POST['name'];
$f['content'] = $_POST['content'];
$f['date'] = $_POST['date'];
} ?>
<form name="form" action="" method="post">
<label class="line">
<span class="data">Name:</span>
<input type="text" name="name" value="<?php if (isset($f['name'])) echo $f['name']; ?>"/>
</label>
<label class="line">
<span class="data">Content:</span>
<textarea name="content" rows="3" value="<?php if (isset($f['content'])) echo $f['content']; ?>"></textarea>
</label>
<label class="line">
<span class="data">Date:</span>
<input type="text" name="date" value="<?php if (isset($f['date'])) {
echo $f['date'];
} else {
echo date('d/m/Y H:i:s');
} ?>"/>
</label>
<input type="submit" value="Create" name="sendForm" class="btn"/>
</form>
In short you can set by this way,
<input type="text" id="name" name="name" value="<?php if (isset($_POST['name'])) echo $_POST['name']; ?>" />
You do not need to use $f['name']. you can get value directly by $_POST['name'] method.
Trying to post a simple form to my database but can't get it to work. I have PHP and MySQL activated through XAMPP. The database "E-mail list" is set up with the table "Players".
PHP code:
<?php
$mysqli = new mysqli('localhost', 'root', '', 'E-mail list');
if(isset($_POST['save']))
{
$name = $mysqli->real_escape_string($_POST['name']);
$email = $mysqli->real_escape_string($_POST['email']);
$phone = $mysqli->real_escape_string($_POST['phone']);
$other = $mysqli->real_escape_string($_POST['other']);
$query = 'INSERT INTO Players (
name,
email,
phone,
other
)
VALUES ('.$name.', "'.$email.'", "'.$phone.'","'.$other.'")';
if ($mysqli->query($query))
{
echo 'Data Saved Successfully.';
}
else
{
echo 'Cannot save data.';
}}
?>
And the form:
<form id="myForm" method="post">>
<div data-role="fieldcontain">
<label for="name">Please enter your name:</label>
<input type="text" name="name" id="name" class="required" value="" autocomplete="off" />
<label for="email">Please enter your e-mail:</label>
<input type="text" name="email" id="email" value="" class="required" autocomplete="off" />
<label for="phone">Please enter your phone number:</label>
<input type="number" name="phone" id="phone" value="" class="required" autocomplete="off" />
<br><br>
<label for="other">Other comments</label>
<textarea name="other" id="other" autocomplete="off" placeholder="Anything else you'd like to add?">
</textarea>
</form>
<p><strong id="error"></strong></p>
<br><br>
<input type="button" id="save" name="save" value="Submit Form" />
<p id="response"></p>
I did some changes in your codes both PHP and HTML Parts.,
For PHP :
<?php
$mysqli = new mysqli('localhost', 'root', '', 'E-mail list');
/* check connection */
if ($mysqli->connect_errno) {
printf("Connect failed: %s\n", $mysqli->connect_error);
exit();
}
if(isset($_POST['save']))
{
$name = $mysqli->real_escape_string($_POST['name']);
$email = $mysqli->real_escape_string($_POST['email']);
$phone = $mysqli->real_escape_string($_POST['phone']);
$other = $mysqli->real_escape_string($_POST['other']);
$query = "INSERT INTO Players (`name`,`email`,`phone`,`other`) VALUES ('".$name."','".$email."','".$phone."','".$other."')";
if($mysqli->query($query))
{
echo 'Data Saved Successfully.';
}
else
{
echo 'Cannot save data.';
}
}
?>
For HTML :
<form id="myForm" method="post" action="">
<div data-role="fieldcontain">
<label for="name">Please enter your name:</label>
<input type="text" name="name" id="name" class="required" value="" autocomplete="off" /><br />
<label for="email">Please enter your e-mail:</label>
<input type="text" name="email" id="email" value="" class="required" autocomplete="off" /><br />
<label for="phone">Please enter your phone number:</label>
<input type="number" name="phone" id="phone" value="" class="required" autocomplete="off" />
<br><br>
<label for="other">Other comments</label>
<textarea name="other" id="other" autocomplete="off" placeholder="Anything else you'd like to add?">
</textarea>
<p><strong id="error"></strong></p>
<br><br>
<input type="submit" id="save" name="save" value="Submit Form" />
<p id="response"></p>
</form>
I think this may help you to resolve your problem.
Missing double quotes for name value in your SQL.
VALUES ("'.$name.'", "'.$email.'", "'.$phone.'","'.$other.'")';
Use Firefox/firebug to see the parameters and result, and add an echo($query); so you can see it in firebug.
'E-mail list' doesn't seem like convenient database name, though it should be okay.
Anyway, your goal should be to display all possible error that may occur.
So, you have to always check for the errors and report them in more usable form than just 'Cannot save data.'
Always check your connect
$mysqli = new mysqli('localhost', 'root', '', 'E-mail list');
if ($mysqli->connect_error) {
trigger_error($mysqli->connect_error);
}
same for the query
if (!$mysqli->query($query)) {
trigger_error($mysqli->error." ".$query);
}
If you see no error messages - check the logic of your code: if you ever run the code, if you run the code you wrote, if PHP works, typos etc.
I would like to get some user data using a php form and store it in a mysql database , trouble is, the page simply refreshes when I submit the form.
Here is my php form:
<form id="companyform" name="companyform" method="post" action="index3.php" data-ajax="false">
<b>To enlist your business fill in the form below:</b>
<p>
<label for="name">Company Name:</label>
<input type="text" name="companyname" id="companyname" data-mini="true"/>
</p>
<p>
<label for="name">Company Address:</label>
<input type="text" name="companynaddress" id="companynaddress" data-mini="true"/>
</p>
<p>
<label for="textfield">Tel No.:</label>
<input type="text" name="tel" id="tel" data-mini="true"/>
</p>
<p>
<label for="textfield">Fax No.:</label>
<input type="text" name="fax" id="fax" data-mini="true"/>
</p>
<p>
<label for="textfield">Email:</label>
<input type="text" name="email" id="email" data-mini="true"/>
</p>
<p>
<label for="textfield">Website Address:</label>
<input type="text" name="website" id="website" data-mini="true"/>
</p>
<p>
<label for="textfield">Contact Person Name:</label>
<input type="text" name="contactname" id="contactname" data-mini="true"/>
</p>
<p>
<label for="textfield">Contact Person Number:</label>
<input type="text" name="contactnumber" id="contactnumber" data-mini="true"/>
</p>
<p>
<label for="textfield">Contact Person Email:</label>
<input type="text" name="contactemail" id="contactemail" data-mini="true"/>
</p>
<p>
<input name="submit" type="submit" id="submit" value="Submit" />
</p>
</form>
and here is my database connection code:
<?php
if (array_key_exists('submit', $_POST)) {
$con = mysql_connect("host", "user", "pass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("botswanasearchdb", $con);
$companyname = $_POST['companyname'];
$companyaddress = $_POST['companyaddress'];
$tel = $_POST['tel'];
$fax = $_POST['fax'];
$emailid = $_POST['emailid'];
$website = $_POST['website'];
$contactname = $_POST['contactname'];
$contactnumber = $_POST['contactnumber'];
$contactemail = $_POST['contactemail'];
// prepare the SQL query
$sql = "INSERT INTO businessuser (companyname, companyaddress, tel, fax, emailid, website, contactname, contactnumber, contactemail) VALUES ('$companyname', '$companyaddress', '$tel', '$fax', '$emailid', '$website', '$contactname', '$contactnumber', '$contactemail')";
mysql_close($con);
}
?>
This is your form tag:
<form id="companyform" name="companyform" method="post" action="index3.php" data-ajax="false">
So you are submitting the form to index3.php (the action attribute). According to your comment index3.php contains your form and that is why the form refreshes when you submit it. You are basically reloading your form on form submit.
You need to submit the form to your php script that contains the php code you posted.
Edit: If everything is on the same page, you can do something like:
if (array_key_exists('submit', $_POST))
{
// your code
// show thank you message
}
else
{
// show form
}
Another edit: As you are using the deprecated mysql_* functions and not escaping the data, you have an sql injection whole and a ' character in your data will break your query. You should switch to PDO / mysqli and prepared statements. And always add error handling.