I created a table & when Submit button is hit after filling the form, those particulars should be inserted into the DB TABLE. But idk what's wrong with the code, it's echoing "Unable to select table".. My code is as follows:
<?php
if ( isset ( $_POST['submit'] ) )
{
mysql_connect("localhost","root","1234");
mysql_select_db("my_db")or die( "Unable to select database</span></p>");
$name1 = $_POST['name1'];
$email = $_POST['email'];
$password = $_POST['password'];
$confirmpassword = $_POST['confirmpassword'];
$gender = $_POST['gender'];
$place = $_POST['place'];
$college = $_POST['college'];
$result=MYSQL_QUERY("INSERT INTO USERS3 (id,name1,email,password,confirmpassword,gender,college,place)".
"VALUES ('NULL', '$name1', '$email', '$password', '$confirmpassword', '$gender', '$place', '$college')")or die( "<p><span style=\"color: red;\">Unable to select table</span></p>");
mysql_close();
echo "<p><span style=\"color: red;\">Thank You;</span></p>";
}
else
{
// close php so we can put in our code
?>
<form id="form1" action="" method="post">
Name:
<input type="text" name="name1" /><br/>
E-mail:
<input type="text" name="email" /><br/>
Password:
<input type="password" name="password" /><br/>
Confirm Password:
<input type="password" name="confirmpassword" /><br/>
Gender:
<input type="radio" name="gender" />
Male
<input type="radio" name="gender" />
Female
<br/>
Location:
<input type="text" name="place" /><br/>
College:
<input type="text" name="college" /><br/>
<input id="submit1" class="submit" type="submit" name="submit" value="Submit"/><br/>
<input type="reset" value="reset" />
</form>
<?php
} //close the else statement
?>
PHP doesn't recognise function with capital letters. Use small-case characters:
mysql_query( "INSERT INTO USERS3 ( id, name1, email,
`password`, confirmpassword, gender, college, place)
VALUES ('NULL', '$name1', '$email',
'$password', '$confirmpassword', '$gender', '$place',
'$college')") or die( "<p><span style=\"color: red;\">Unable to select table</span></p>");
mysql_close();
If 'id' is an autoincrement field, you shouldn't be passing any value for it - the database will deal with that.
Everything looks fine.Only problem(s) could be:
The table name might be incorrect.Especially, i suspect your correct table name is users3 instead of USERS3 .
The ideal way to check is:
Add following statement before $result=.....
echo "INSERT INTO USERS3 (id,name1,email,password,confirmpassword,gender,college,place)".
"VALUES ('NULL', '$name1', '$email', '$password', '$confirmpassword', '$gender', '$place', '$college')";
Run/Load the page.
Whatever is printed - copy it.
Go to phpmyadmin and select SQL Tab.Paste what you copied in previous step and run it.
phpmyadmin will display the exact error.
Related
I am trying to add data from html form to database. However , I think everthing is OK but there are 2 errors: undefined sql and empty query. I research something and I learned sql injection but I dont understand what is the difference in INSERT INTO query. How can I solve this problem?(I have also one more column in database its name is id and it is auto inceremented. So I havent add it)
<?php
include('dbConnection.php');
?>
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" href="addMember.css">
<script src="addMember.js"></script>
<title>Nature Apartment-Add Member</title>
</head>
<body>
<h1>Nature Apartment</h1>
<?php
if($_SERVER["REQUEST_METHOD"]=="POST"){
if(isset($_POST['submit'])){
$apartmentID= $_REQUEST['apartmentID'];
$uname= $_REQUEST['uname'];
$pwd= $_REQUEST['pwd'];
$phoneNumber= $_REQUEST['phoneNumber'];
$secondPhoneNumber= $_REQUEST['secondPhoneNumber'];
$whoseNumber= $_REQUEST['whoseNumber'];
$sql = "INSERT INTO members (apartmentID, username, password, phoneNumber, secondPhoneNumber, whoseNumber)
VALUES '$apartmentID', '$uname', '$pwd', '$phoneNumber', '$secondPhoneNumber', '$whoseNumber')";
}
}
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
?>
<ul>
<li>HomePage</li>
<li>Members</li>
<li>Payments</li>
<li>General Expenses </li>
<li>Chat</li>
<li>Settings</li>
</ul>
<br><br>
<h2>Add New Member</h2>
<br><br>
<form id="form" method="POST" >
<label for="apartmentID">Apartment ID</label><br>
<input type="text" id="id" name="id"><br><br>
<label for="username">Username</label><br>
<input type="text" id="uname" name="uname"><br><br>
<label for="Password">Password</label><br>
<input type="password" id="pwd" name="pwd"><br><br>
<label for="phoneNumber">Phone number</label><br>
<input type="text" id="phoneNumber" name="phoneNumber"><br><br>
<label for="secondPhoneNumber">Second phone number</label><br>
<input type="text" id="secondPhoneNumber" name="secondPhoneNumber"><br><br>
<label for="whoseNumber">Whose phone number? </label><br>
<input type="text" id="whoseNumber" name="whoseNumber"><br><br>
<input type="submit" value="Add" name="submit" >
</form>
</body>
</html>
I think you forgot a bracket??
$sql = "INSERT INTO members (apartmentID, username, password, phoneNumber, secondPhoneNumber, whoseNumber)
VALUES '$apartmentID', '$uname', '$pwd', '$phoneNumber', '$secondPhoneNumber', '$whoseNumber')";
Should be
$sql = "INSERT INTO members (apartmentID, username, password, phoneNumber, secondPhoneNumber, whoseNumber)
VALUES **(**'$apartmentID', '$uname', '$pwd', '$phoneNumber', '$secondPhoneNumber', '$whoseNumber')";
I am trying to input the information from the form html into mysql table. I keep getting an error code but I do not understand it and I tried to research for solution but i came up short.
I put security because protecting my login information.
Please help me?
Here is the html:
<!DOCTYPE HTML>
<html>
<head>
<title> form</title>
<style type="text/css/css">
h2{
text-align: center;
margin-top: 2cm;
}
</style>
</head>
<body>
<form action='formDB2.php' method='POST'>
<p> Your Last Name: <input type="text" name="lastname" id="lastname" value="" size="30" /></p>
<p> Your First Name: <input type="text" name="firstname" id="firstname" value="" size="30" /></p>
<p>Age: <input name="age" type="text " id="age "/> </p>
<p>gender: <select name="sex" id="gender">
<option> Male </option>
<option>Female </option>
</select> </p>
<hr />
<p><input type="reset" value="REST"/><input type="submit" name="Submit" value="Submit" /></p>
</form>
</body>
</html>
Here the mysql/php code:
<?php
$link = mysqli_connect("localhost","*security*","*security*","*security*");
if($link === false){
die("ERROR: Could not connect. " . mysqli_connect_error());
}
$lastname = mysqli_real_escape_string($link, $_POST['lastname']);
$firstname = mysqli_real_escape_string($link, $_POST['firstname']);
$age = mysqli_real_escape_string($link, $_POST['age']);
$gender = mysqli_real_escape_string($link, $_POST['sex']);
$sql = "INSERT INTO trainer(trainer_id, lastname, firstname, age, gender) VALUES (0,'$firstname', '$lastname', '$age' , '$gender')";
if(mysqli_query($link,$sql)){
echo "Records added successfully.";
} else{
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
mysqli_close($link);
?>
Here is the output:
Here the account I want it to display:
trainer_id is your primary key, so it must be unique. You are always setting to 0 on your code:
$sql = "INSERT INTO trainer(trainer_id, lastname, firstname, age, gender) VALUES (0,'$firstname', '$lastname', '$age' , '$gender')";
You should set the field with auto increment http://dev.mysql.com/doc/refman/5.7/en/example-auto-increment.html and don't pass anything on your code:
$sql = "INSERT INTO trainer(lastname, firstname, age, gender) VALUES ('$firstname', '$lastname', '$age' , '$gender')";
I am inserting data in my WAMP database from user input:
PHP
<?php
$con=mysqli_connect("127.0.0.1","beni","2155","visitbulgaria");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
// escape variables for security
$forename = mysqli_real_escape_string($con,$_POST['Forename']);
$surname = mysqli_real_escape_string($con,$_POST['Surname']);
$email = mysqli_real_escape_string($con,$_POST['Email']);
$username = mysqli_real_escape_string ($con,$_POST['Username']);
$password = mysqli_real_escape_string ($con,$_POST['Password']);
$sql="INSERT INTO `customer`(`Forename`, `Surname`, `Email`, `Username`, `Password`)
VALUES ('$forename', '$surname', '$email', '$username', '$password')";
if (!mysqli_query($con,$sql))
{
die('Error: ' . mysqli_error($con));
}
echo "1 record added";
mysqli_close($con);
?>
HTML
<html>
<body>
<form action="insert.php" method="post">
Firstname: <input type="text" name="Forename">
Lastname: <input type="text" name="Surname">
Email: <input type="text" name="Email">
username: <input type="text" name="Username">
pass: <input type="text" name="Password">
<input type="submit">
</form>
</body>
</html>
whah happens here is that on submit it does work but when I look at the database in phpMyAdmin it has only added the first three record (forename, surname and email and then the username and password field are left blank, and I have no idea how to fix that and why it is doing it.
I have a PHP variable $admin which corresponds to a checkbox. When the form is submitted with the checkbox ticked, the value is passed (set as 1) and everything is fine, however if it's not ticked the variable causes an undefined index error:
Notice: Undefined index: admin in C:...\admin.php
This is the php section of the form that queries the db:
if($row == 1)
{
echo '<div id="errormsg">This username is already taken</div>';
}
else
{
$add = mysqli_query($dbcon, "INSERT INTO users (id, firstname, lastname, username, password, admin) VALUES
(null, '$fname', '$lname', '$user', '$pass', '$admin') ") or die ("Can't insert data");
echo '<div id="create-success">Successfully added user!</div>';
}
And the HTML form:
<form action="admin.php" method="post" onSubmit="return validate(this)">
<fieldset>
<label class="reg">Username *</label> <input type="text" name="user" /><br />
<label class="reg">Password *</label> <input type="password" name="pass" /><br />
<label class="reg">Repeat Password *</label> <input type="password" name="rpass" /><br />
<label class="reg">First name:</label> <input type="text" name="fname" /><br />
<label class="reg">Last name:</label> <input type="text" name="lname" /><br />
<label class="reg">Admin?:</label> <input type="checkbox" value="1" name="admin" /><br/>
</fieldset>
<input type="submit" name="submit" value="Create User" />
</form>
Ha anyone any ideas why NOT checking the box causes an error specific to the $admin variable?
Checkboxes are only actually passed to the script if they are checked.
So you need to check for there existance in your php code, something like this:
if ( $_POST && isset( $_POST['admin'] ) {
$admin = $_POST['admin'];
} else {
$admin = 0;
}
EDIT:
In your script I would do this
if($row == 1) {
echo '<div id="errormsg">This username is already taken</div>';
} else {
$admin = ( $_POST && isset( $_POST['admin'] ) ? $_POST['admin'] : 0;
$add = mysqli_query($dbcon, "INSERT INTO users
(id, firstname, lastname, username, password, admin)
VALUES(null, '$fname', '$lname', '$user', '$pass', '$admin') ") or die ("Can't insert data");
echo '<div id="create-success">Successfully added user!</div>';
}
First, you have to check is that admin variable in Post Array. Please check code.
<?php
if($row == 1)
{
echo '<div id="errormsg">This username is already taken</div>';
}
else
{
// check is exist in post array
$isAdminCheck = (isset($_POST['admin']) && $_POST['admin'] == 1 )? $_POST['admin']:0;
$add = mysqli_query($dbcon, "INSERT INTO users (id, firstname, lastname, username, password, admin) VALUES (null, '$fname', '$lname', '$user', '$pass', '$isAdminCheck') ") or die ("Can't insert data");
echo '<div id="create-success">Successfully added user!</div>';
}
?>
I am trying to insert into customer table in eshop_db
When I run it, it does not have any error, but it did not store in mysql.
What it is problem in my code?
I don't understand really.
Please give some answer. Thanks.
--registerForm.php--
<form action="register.php" method="post">
<p>User ID: <input type="text" name="userId" size="30"/>*</p>
<p>Password: <input type="password" name="password" size="30"/>* </p>
<p>Retype Password: <input type="password" name="repassword" size="30"/>*</p>
<p>First Name: <input type="text" name="firstName" size="30"/>*</p>
<p>Last Name: <input type="text" name="lastName" size="30"/>*</p>
<p>Your Address (*):</p>
<p><textarea name="address" rows="5" cols="30"></textarea></p>
<p>Phone: <input type="text" name="phone" size="20"/>*</p>
<p>E-mail: <input type="text" name="email" size="21"/>*</p>
<p><input type="submit" value="Create Account"/></p>
</form>
--register.php--
<?php
require "sql_connection.php";
if(isset($_POST['submit']))
{
if($_POST["password"]==$_POST["repassword"])
{
mysql_query("insert into customer (userId, password, firstName, lastName, address, phone, email)
values ('$_POST[userId]','$_POST[password]','$_POST[firstName]','$_POST[lastName]','$_POST[addres]]','$_POST[phone]','$_POST[email]')")
or die(mysql_error());
}
}
?>
--sql_connection.php--
<?php
$db_host = "localhost";
$db_username = "root";
$db_pass = "mypass";
$db_name = "eshop_db";
#mysql_connect("$db_host", "$db_username", "$db_pass", "$db_name") or die("connection is fail.");
#mysql_select_db("$db_name") or die("database does not exsist.");
echo "Successfully connected!!";
?>
Typo, correct this part here:
'$_POST[addres]]' // wrong
'$_POST[address]' // right
Try this:
<?php
require "sql_connection.php";
if(isset($_POST['submit']) && $_POST["password"] == $_POST["repassword"]) {
mysql_query(
'INSERT INTO `customer` (`userId`, `password`, `firstName`, `lastName`, `address`, `phone`, `email`)
VALUES ('.$_POST['userId'].', '.$_POST['password'].', '.$_POST['firstName'].', '.$_POST['lastName'].', '.$_POST['address'].', '.$_POST['phone'].', '.$_POST['email'].')'
) or die(mysql_error());
}
Finally, filter and validate your incoming data.
Well, besides the obviously bad idea to directly use the values in the POST array, your indexes need to be quoted. So, $_POST['address'], etc. Also, array values need to be escaped with curly-braces if you're trying to do string injection.