We Keep Coding

How to Post some datas into mySQL server

I am trying to get some informations from users such as name midterm final grades and post them into database which I am using the MySQL server.
The problem is when I press the Add to DD button nothing changes and the data does not go into my table in database.
here is my main code:
<html>
<body>
<table border ="1">
<tr>
<td>Name</td>
<td><input id="name"> </input></td>
</tr>
<tr>
<td>Midterm</td>
<td> <input id="midterm"> </input></td>
</tr>
<tr>
<td>Final</td>
<td> <input id="final"> </input></td>
</tr>
<tr>
<td>Grade</td>
<td> <input id="grade"> </input></td>
</tr>
<td><input type="button" onclick="calculate()" value="Calculate"></td>
<td> <input type="submit" value="Add to DB"> </td>
</tr>
</table>
</body>
<script type="text/javascript">
function calculate(){
var mid=document.getElementById('midterm').value;
var fin=document.getElementById('final').value;
var grade=mid*(0.3)+fin*(0.7);
document.getElementById('grade').value=grade;
}
</script>
</html>
and this is also the code that inserts datas :
<html>
<body>
<form method="get" action="grade.php">
<input type="text" value="Welcome to Student Grades Calculator">
<br>
<input type="submit" value="GO">
</form>
</body>
</html>
<?php
$name=$_POST['name'];
$midterm=$_POST['midterm'];
$final=$_POST['final'];
$grade=$_POST['grade'];
echo 'Hey';
$connect= mysql_connect('localhost','root','','test');
if(mysqli_connect_errno())
{
echo "Failed to connect to MySQL:".mysql_connect_errno();;
}
$s = "INSERT INTO(name,midterm,final,grade) VALUES('rr','33','33','33')";
$sql = "INSERT INTO(name,midterm,final,grade) VALUES ('$name','$midterm','$final','$grade')";
mysqli_query($connect , $sql);
mysqli_close($connect);
?>

You need to set your variables to $_GETnot $_POST
$name=$_GET['name'];
$midterm=$_GET['midterm'];
$final=$_GET['final'];
$grade=$_GET['grade'];
I also recommend using post instead of get just for security

php register to database [duplicate]

This question already has answers here:
mysqli_real_escape_string() expects exactly 2 parameters, 1 given
(5 answers)
Closed 5 years ago.
I am very new to stackoverflow. I want to create this form which uploads information to the database. When I click submit it does not get uploaded. I have checked my connections file and that is correct. Code below. Please help.
<?php
include("/connections/db_conx.php");
if ( isset($_POST['submit']) ) {
$title = mysqli_real_escape_string($_POST['title']);
$text = mysqli_real_escape_string($_POST['text']);
$picture = mysqli_real_escape_string($_POST['picture']);
$sql = "INSERT INTO news (title, text, picture) VALUES('$title','$text','$picture', now(),now(),now())";
$query = mysqli_query ($db_conx, $sql);
echo 'Entered into the news table';
}
?>
<html>
<head>
</head>
<body>
<table border="0">
<tr>
<form method="post" action="index.php" id="tech">
<td>Title</td><td> <input type="text" name="title"></td> </tr>
<tr> <td>Text</td><td> <textarea rows="4" name="text" cols="50" name="comment" form="tech"> </textarea>
</td> </tr>
<tr> <td>Picture</td><td> <input type="varchar" name="picture"></td> </tr>
<tr> <td><input id="button" type="submit" name="submit" value="Submit"></td>
</tr>
</form>
</table>
</body>
</html>

Here is the code you need to use:
<?php
include("/connections/db_conx.php");
if(isset($_POST['submit'])) {
$title = mysqli_real_escape_string($db_conx, $_POST['title']);
$text = mysqli_real_escape_string($db_conx, $_POST['text']);
$picture = mysqli_real_escape_string($db_conx, $_POST['picture']);
$sql = "INSERT INTO news (`title`, `text`, `picture`) VALUES('$title','$text','$picture');";
if(!$result = $db_conx->query($sql)){
die('There was an error running the query [' . $db_conx->error . ']');
}
echo 'Entered into the news table';
}
?>
<html>
<head>
</head>
<body>
<form method="post" action="index.php" id="tech">
<table border="0">
<tr>
<td>Title</td>
<td> <input type="text" name="title"></td>
</tr>
<tr>
<td>Text</td>
<td><textarea rows="4" name="text" cols="50" name="comment" form="tech"> </textarea></td>
</tr>
<tr>
<td>Picture</td>
<td> <input type="varchar" name="picture"></td>
</tr>
<tr>
<td><input id="button" type="submit" name="submit" value="Submit"></td>
</tr>
</table>
</form>
</body>
</html>
Your problem is that the mysqli_real_escape_string() function requires 2 parameters: the database connection, and the string to escape.
I've also included completely reformatted code, and error checking as well.

Try This :
$title = mysqli_real_escape_string($db_conx, $_POST['title']);
$text = mysqli_real_escape_string($db_conx, $_POST['text']);
$picture = mysqli_real_escape_string($db_conx, $_POST['picture']);
$sql = "INSERT INTO news (title, text, picture) VALUES('$title','$text','$picture')";
$query = mysqli_query ($db_conx, $sql);
if($query){
echo 'Entered into the news table'; // Your Success Message
}
else {
echo mysqli_error($db_conx);
}

inserting values in to database only once

<?php if(isset($_POST['submit']))
{
$tadd=$_POST["tadd"]; //getting values
$pname=$_POST["pname"];
$date=$_POST["date"];
$result=mysql_query("insert into pannel(tadd,pname,date)values('$tadd','$pname','$date')");
echo "<script type='text/javascript'>
alert('Quotation Generated Successfully!')
</script>";
} ?>
<center>
<h1>Title</h1>
</center>
<form name="form" method="post" action="" onSubmit="submit;">
<center><table border="0" cellspacing="0" style="width:350px">
<tr> <td><b>To Address</td> <td><textarea name="tadd" rows="5"
cols="30"></textarea></td></tr>
<tr> <td><b>Project Name</td> <td><input type="text" name="pname" required></td></tr>
<tr> <td><b>Date</td> <td><input type="text" name="date"
id="datepicker" required></td></tr>
<tr> <td colspan="2" align="center"><input type="submit" name="submit"
value="submit"/></td> </tr></center> </table> </form>
I have one record in my database with
id tadd pname date
1 hello vvv 22/10/2014
if i insert values into database again it should data already inserted
please help me regarding this issue

You can achieve this using mysql_num_rows() which is one way to do this, which I believe the goal is to avoid duplicates.
Sidenote: You can also set your column(s) as UNIQUE to avoid duplicates.
N.B.: I used the pname column as an example. It's up to you to check which one will always be unique in regards to a username for instance.
$query = "SELECT * FROM pannel where pname = '".$pname."'";
$result = mysql_query($query);
if(mysql_num_rows($result) > 0){
echo "Already exists.";
}
else{
mysql_query("insert into pannel (tadd, pname,date) values ('$tadd','$pname','$date')");
}
Do sanitize your data:
$tadd = mysql_real_escape_string($_POST["tadd"]);
and do the same for the others.
Even better, use mysqli with prepared statements, or PDO with prepared statements.
They're much safer, because your present code is open to SQL injection.
Footnotes:
You should get rid of onSubmit="submit;" in your form. As outlined in comments, it's not going to do anything.
Edit:
<?php
// assuming DB connection has been made.
if(isset($_POST['submit'])) {
$tadd= mysql_real_escape_string($_POST["tadd"]);
$pname= mysql_real_escape_string($_POST["pname"]);
$date= mysql_real_escape_string($_POST["date"]);
$query = "SELECT * FROM pannel where pname = '".$pname."'";
$result = mysql_query($query);
if(mysql_num_rows($result) > 0){
echo "Already exists.";
exit;
}
else{
mysql_query("insert into pannel (tadd, pname,date) values ('$tadd','$pname','$date')");
echo "<script type='text/javascript'>alert('Quotation Generated Successfully!')</script>";
}
} // brace for if(isset($_POST['submit']))
?>
<!DOCTYPE html>
<head></head>
<body>
<center><h1>Title</h1></center>
<form method="post" action="">
<div align="center">
<center>
<table border="0" cellspacing="0" style="width:350px">
<tr> <td><b>To Address</td> <td><textarea name="tadd" rows="5" cols="30"></textarea></td></tr>
<tr> <td><b>Project Name</td> <td><input type="text" name="pname" required></td></tr>
<tr> <td><b>Date</td> <td><input type="text" name="date" id="datepicker" required></td></tr>
<tr> <td colspan="2" align="center">
<input type="submit" name="submit" value="submit"/>
</td> </tr>
</table>
</center>
</div>
</form>
</body>
</html>

PHP Post Variable Problem

It's been a little while with PHP, so please excuse my ignorance. I have this web page:
<?php
mysql_connect ("localhost", "user", "pass");
mysql_select_db ("expiration");
if (isset ($_REQUEST['new_expire']) && $_REQUEST['new_expire'] != "") {
$insert_query = "INSERT INTO files (path, expires) VALUES ('";
$insert_query .= $_REQUEST['new_path'];
$insert_query .= "', '";
$insert_query .= $_REQUEST['new_expire'];
$insert_query .= "');";
mysql_query ($insert_query);
}
?>
<html>
<head></head>
<body>
<?php echo print_r $_REQUEST; ?>
<form action="index.php" method="POST">
<p>Add New Expiration</p>
<table>
<tr>
<td align="right">
Select File:
</td>
<td>
<select id="new_path">
<?php $options = buildOptions (); echo $options; ?>
</select>
</td>
</tr>
<tr>
<td align="right">
MySQL Expire Time:
</td>
<td>
<input type="text" id="new_expire" />
</td>
</tr>
<tr>
<td></td>
<td>
<input type="submit" value="Save" />
</td>
</tr>
</table>
</form>
</body>
</html>
<?php
mysql_close ();
?>
When I load the page, the result of the print_r is an empty array. When I submit the form, it's still empty. I get no new record in the database. Any ideas?

Change all the places you have id to name, for example:
<input type="text" id="new_expire" /> --> <input type="text" name="new_expire" />
The _REQUEST (either _POST or _GET) is only from input elements with a name

updating database with user edit post

I am trying to update my database with a post that a user has edited in a forum. The whole edit form is functioning except for: when they click edit, the form submits and goes to the main forum page, but the database and the post don't change.
My save edit code is this:
#data preparation for the query
$id=intval($_POST['id']);
$a_id=intval($_POST['a_id']);
$question_id=intval($_POST['question_id']);
foreach ($_POST as $key => $value)
$_POST[$key] =
mysql_real_escape_string($value);
$sql = "UPDATE $tbl_name SET
a_answer='$_POST[a_answer]' WHERE
a_id='$a_id' AND
question_id='$question_id'";
if (!mysql_query($sql)) {
die('Error: ' . mysql_error()); }
mysql_close; header ("location:
main_forum.php");
?>
My code for the edit page is this:
#data preparation for the query
$id=intval($_GET['id']);
$a_id=intval($_GET['a_id']);
$question_id=intval($_GET['question_id']);
# selects title and description fields from database
$sql = "SELECT a_answer FROM $tbl_name WHERE a_id='$a_id' AND question_id='$question_id'";
$result=mysql_query($sql);
$rows=mysql_fetch_array($result);
?>
And the HTML
<h3>Edit</h3>
<form action="save_edit.php" method="get" name="myForm" />
<center>
<table>
<tr>
<td valign="top">
<b>Answer</b>
</td>
<td>
<textarea cols="80%" rows="10" name="a_answer">
<?php echo htmlspecialchars($rows['a_answer']); ?>
</textarea>
</td>
</tr>
<tr>
<td colspan="3">
<input name="a_id" type="hidden" value="<? echo $rows['a_id']; ?>">
<input name="question_id" type="hidden" value="<? echo $rows['question_id']; ?>">
<input type="submit" name="Submit" value="edit post">
<?php mysql_close(); ?>
</input>
</input>
</input>
</td>
</tr>
</table>
</center>

You are mixing up get and post. In your form you use method="get" while you use $_POST in the processing page. Change your form to method="post":
<form action="save_edit.php"
method="post" name="myForm">
PS. You shouldn't close an opening tag with />.