I would like to get some user data using a php form and store it in a mysql database , trouble is, the page simply refreshes when I submit the form.
Here is my php form:
<form id="companyform" name="companyform" method="post" action="index3.php" data-ajax="false">
<b>To enlist your business fill in the form below:</b>
<p>
<label for="name">Company Name:</label>
<input type="text" name="companyname" id="companyname" data-mini="true"/>
</p>
<p>
<label for="name">Company Address:</label>
<input type="text" name="companynaddress" id="companynaddress" data-mini="true"/>
</p>
<p>
<label for="textfield">Tel No.:</label>
<input type="text" name="tel" id="tel" data-mini="true"/>
</p>
<p>
<label for="textfield">Fax No.:</label>
<input type="text" name="fax" id="fax" data-mini="true"/>
</p>
<p>
<label for="textfield">Email:</label>
<input type="text" name="email" id="email" data-mini="true"/>
</p>
<p>
<label for="textfield">Website Address:</label>
<input type="text" name="website" id="website" data-mini="true"/>
</p>
<p>
<label for="textfield">Contact Person Name:</label>
<input type="text" name="contactname" id="contactname" data-mini="true"/>
</p>
<p>
<label for="textfield">Contact Person Number:</label>
<input type="text" name="contactnumber" id="contactnumber" data-mini="true"/>
</p>
<p>
<label for="textfield">Contact Person Email:</label>
<input type="text" name="contactemail" id="contactemail" data-mini="true"/>
</p>
<p>
<input name="submit" type="submit" id="submit" value="Submit" />
</p>
</form>
and here is my database connection code:
<?php
if (array_key_exists('submit', $_POST)) {
$con = mysql_connect("host", "user", "pass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("botswanasearchdb", $con);
$companyname = $_POST['companyname'];
$companyaddress = $_POST['companyaddress'];
$tel = $_POST['tel'];
$fax = $_POST['fax'];
$emailid = $_POST['emailid'];
$website = $_POST['website'];
$contactname = $_POST['contactname'];
$contactnumber = $_POST['contactnumber'];
$contactemail = $_POST['contactemail'];
// prepare the SQL query
$sql = "INSERT INTO businessuser (companyname, companyaddress, tel, fax, emailid, website, contactname, contactnumber, contactemail) VALUES ('$companyname', '$companyaddress', '$tel', '$fax', '$emailid', '$website', '$contactname', '$contactnumber', '$contactemail')";
mysql_close($con);
}
?>
This is your form tag:
<form id="companyform" name="companyform" method="post" action="index3.php" data-ajax="false">
So you are submitting the form to index3.php (the action attribute). According to your comment index3.php contains your form and that is why the form refreshes when you submit it. You are basically reloading your form on form submit.
You need to submit the form to your php script that contains the php code you posted.
Edit: If everything is on the same page, you can do something like:
if (array_key_exists('submit', $_POST))
{
// your code
// show thank you message
}
else
{
// show form
}
Another edit: As you are using the deprecated mysql_* functions and not escaping the data, you have an sql injection whole and a ' character in your data will break your query. You should switch to PDO / mysqli and prepared statements. And always add error handling.
Related
This question already has answers here:
PHP code is not being executed, but the code shows in the browser source code
(35 answers)
Closed 8 years ago.
I am using wamp server and trying to create simple sign up page with html forms and php script; but the problem is whenever I am hitting on submit button on html page, it is directly showing the entire content of php file in next browser instead of executing the php file.
the following is my form code(index.php)
<form id="login" action="register.php" method="post">
<p>
<label for="first name" >First Name</label>
<input type="text" name="fname" value="" />
</p>
<p>
<label for="last name" >Last Name</label>
<input type="text" name="lname" value="" class="radius2" />
</p>
<p>
<label for="gender" >Gender</label>
<input type="text" name="gender" />
</p>
<p>
<label for="username" >Email</label>
<input type="text" name="username" />
</p>
<p>
<label for="password" >Password</label>
<input type="password" name="password" />
</p>
<p>
<input type="submit" name="submit">Login</input>
</p>
</form>
the following is my php code
$bd = mysqli_connect("localhost", "root","yash1991","shaunak") or die("Could not connect database");
echo" hello1";
mysqli_query($bd,"INSERT INTO users (fname, lname, gender, email_id, username, password) VALUES ("$fname", "$lname", "$gender", "$username", "$password")");
mysqli_close($bd);
?>
I suppose that you running WAMP server, and stored your files (index.php & register.php) in folder inside "C:\wamp\www\" and you access your index page using url "127.0.0.1/stack/index.php"
Check your index.php file with the following code:
<form id="login" action="register.php" method="post">
<p>
<label for="First Name">First Name</label>
<input type="text" name="fname" value="" />
</p>
<p>
<label for="last Name">Last Name</label>
<input type="text" name="lname" value="" class="radius2" />
</p>
<p>
<label for="gender">Gender</label>
<input type="text" name="gender" />
</p>
<p>
<label for="username">Email</label>
<input type="text" name="username" />
</p>
<p>
<label for="password">Password</label>
<input type="password" name="password" />
</p>
<p>
<input type="submit" name="submit" value="Login" />
</p>
</form>
Check your register.php file with the following code:
<?php
session_start();
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$gender=$_POST['gender'];
$username=$_POST['username'];
$password=$_POST['password'];
echo "hello ";
$bd= mysqli_connect("localhost","root","yash1991","shaunak") or die ("Could not connect DB");
$try = mysqli_query($bd, "INSERT INTO users (`fname`, `lname`, `gender`, `email_id`, `password`) VALUES ('$fname', '$lname', '$gender', '$username', '$password')");
if($try === false)
{
echo '<br />error - ';
echo mysqli_error($bd);
} else {
echo '<br />all good';
}
mysqli_close($bd);
?>
I am wondering which one are errors. I've tried to check mysql and nothing inserted into my database.
First of all, my HTML code are like this
<form action="registerAction" method="POST">
<p class="titleRegister"> Login Details </p>
<!-- login details -->
<p> <label for="emailAddress" class="inputField" > Email Address : </label> </p>
<p> <input id="emailAddress" class="registerField" name="ename" required="required" type="text" placeholder="Your email address"/> </p>
<p> <label for="password" class="inputField" > Password : </label> </p>
<p> <input id="password" class="registerField" name="pwd" required="required" type="password" placeholder="Your password"/> </p>
<p> <label for="password" class="inputField" > Confirmation Password : </label> </p>
<p> <input id="password" class="registerField" name="mpwd" required="required" type="password" placeholder="Confirmation password" onBlur="pwdCompare()"/> </p>
<!-- personal details -->
<p class="titleRegister"> Personal Details </p>
<!-- hidden to insert db -->
<input name="registerID" type="hidden"/>
<input name="pic" type="hidden"/>
<p>
<label for="socialTitle" class="inputField" > Title : </label>
<div class="radio">
<input type="radio" name="sTitle" value="mr"> Mr
<input type="radio" name="sTitle" value="mrs"> Mrs
<input type="radio" name="sTitle" value="ms"> Ms
</div>
</p>
<p> <label for="firstName" class="inputField" > First Name : </label> </p>
<p> <input id="firstName" class="registerField" name="fname" required="required" type="text" placeholder="Your first name"/> </p>
<p> <label for="lastName" class="inputField" > Last Name : </label> </p>
<p> <input id="lastName" class="registerField" name="lname" required="required" type="text" placeholder="Your last name"/></p>
<p> <label for="mainAddress" class="inputField" > Main Address : </label> </p>
<p> <input id="mainAddress" class="registerField" name="address" required="required" type="text" placeholder="Your main address"/> </p>
<p> <label for="countryName" class="inputField" > Country : </label> </p>
<?php
include 'dbconnect.php';
echo "<select class=\"selectCSS\" name=\"country\">";
$country = "SELECT DISTINCT * FROM geo_country ORDER BY country";
$showCountry = mysqli_query($mysqli, $country);
while($countryRow = mysqli_fetch_assoc($showCountry))
{
$country = htmlspecialchars ($countryRow['country']);
$countryCode = $countryRow['countryCode'];
echo "<option value=\"$country\">$country</option>\n";
}
echo "</select>";
?>
<p> <label for="cityName" class="inputField" > City : </label> </p>
<?php
include 'dbconnect.php';
echo "<select class=\"selectCSS\" name=\"city\">";
$city = "SELECT DISTINCT * FROM geo_country INNER JOIN geo_city ORDER BY city WHERE geo_country.countryCode = geo_city.countryCode";
$showCities = mysqli_query($mysqli, $city);
while($cityRow = mysqli_fetch_assoc($showCities))
{
$city = htmlspecialchars ($cityRow['city']);
$countryCode = $cityRow['countryCode'];
echo "<option value=\"$city\">$city</option>\n";
}
echo "</select>";
?>
<p> <label for="postalCode" class="inputField" > Postal Code : </label> </p>
<p> <input id="postalCode" class="registerField" name="pcode" required="required" type="text" placeholder="Your postal code"/> </p>
<p> <input class="registerButton" type="submit" value="REGISTER"> </p>
</form>
and my php action come here:
<?php
include 'dbconnect.php';
if ($_POST['pwd']!= $_POST['mpwd']) {
echo("Oops! Password did not match! Try again. ");
}
$register_ID = $_POST['registerID'];
$socialTitle = $_POST['sTitle'];
$firstName = ucfirst(strtoupper($_POST['fname']));
$lastName = ucfirst(strtoupper($_POST['lname']));
$emailAddress = htmlspecialchars($_POST['ename']);
$mainAddress = htmlspecialchars($_POST['address']);
$registerCity = $_POST['city'];
$registerCountry = $_POST['country'];
$postalCode = htmlspecialchars($_POST['pcode']);
$profilePic = $_POST['pic'];
$registerPassword = $_POST['pwd'];
$check = "SELECT * FROM register_user where emailAddress = '$emailAddress'";
$checkTitle = mysqli_query($mysqli,$check);
if (mysqli_num_rows($checkTitle) > 0) {
header("Location: register?error=The name of email has already been taken");
} else {
$insertSQL =
"INSERT INTO register_user ('registerID', 'socialTitle', 'firstName', 'lastName', 'emailAddress', 'mainAddress', 'registerCity', 'registerCountry', 'postalCode', 'profilePic', 'registerPassword')
VALUES ('$register_ID', '$socialTitle', '$firstName', '$lastName', '$emailAddress', '$mainAddress', '$registerCity', '$registerCountry', '$postalCode', '$profilePic', '$registerPassword')";
$queryResult = mysqli_query($mysqli,$insertSQL);
if($queryResult) {
echo "SUCCESS";
echo "<p> Name : $emailAddress </p>";
echo "<p> Detail : $fname </p>";
echo "<p> BACK </p>";
}
}
?>
The results are nothing come out on the new html page and neither in DB. Can you check it out please? Thanks.
You're using the wrong identifiers for your columns, being (single) quotes '.
('registerID', 'socialTitle', 'firstName', 'lastName', 'emailAddress', 'mainAddress', 'registerCity', 'registerCountry', 'postalCode', 'profilePic', 'registerPassword')
change that to:
(registerID, socialTitle, firstName, lastName, emailAddress, mainAddress, registerCity, registerCountry, postalCode, profilePic, registerPassword)
or use backticks.
(`registerID`, `socialTitle`, `firstName`, `lastName`, `emailAddress`, `mainAddress`, `registerCity`, `registerCountry`, `postalCode`, `profilePic`, `registerPassword`)
Using or die(mysqli_error($mysqli)) to mysqli_query() would have shown you the error.
Plus, unless the form action is an index file in a folder called registerAction or a mod rewrite:
it would need to be
<form action="registerAction.php" method="POST">
so, check that. Just an insight.
I would also like to note that your present code is open to SQL injection.
Use prepared statements, or PDO with prepared statements, they are much safer.
Not 100% sure about it, but try changing your html.
This:
<form action="registerAction" method="POST">
To:
<form action="registerAction.php" method="POST">
Assuming registerAction is the name of you php file..
My PHP form will not post into the database. I understand php and mysql connections fairly well but I'm stumped on this one. When I hit submit on my form it doesn't echo the values that I(the user) put in. The date shows up as 1969-12-31, not the date the user submits. If anyone could help that would be great. My code is as follows
The form code is:
<form method="POST" action="add_event.php" id="create_event">
<label for="event_name">Event Name:</label>
<input type="text" id="event_name"><br />
<label for="date">Date:</label>
<input class="datepicker" type="date" id="date"><br />
<label for="zip_code">Zip Code:</label>
<input type="text" id="zip_code" maxlength="5"><br />
<label for="description">Description</label>
<textarea id="description" rows="5" columns="10"></textarea>
<br>
<input type="submit" name="submit">
</form>
The add_event.php insert code is:
<?php
require_once '../app_config.php';
require_once '../database_connection.php';
require_once '../authorize.php';
session_start();
// Authorize any user, as long as they're logged in
authorize_user();
//Get the user ID of the user to show
$user_id = $_SESSION['user_id'];
$select_query = "SELECT first_name, last_name FROM users WHERE user_id = " . $user_id;
// Run the query
$result = mysql_query($select_query);
if ($result) {
$row = mysql_fetch_array($result);
$first_name = $row['first_name'];
$last_name = $row['last_name'];
}
$name = $first_name . ' ' . $last_name;
$event_name = trim($_POST['event_name']);
$date = trim($_POST['date']);
$zip_code = trim($_POST['zip_code']);
$description = trim($_POST['description']);
// $date = "2012-08-22";
$newdate = date("Y-m-d", strtotime($date));
// $event_name = "test";
// $zip_code = "22153";
// $description = "test";
$insert_sql = sprintf("INSERT INTO events " .
"(name, user_profile_id, event_name, date, zip_code, description) " .
"VALUES ('%s', %d, '%s', '%s', '%s', '%s');",
mysql_real_escape_string($name),
mysql_real_escape_string($user_id),
mysql_real_escape_string($event_name),
mysql_real_escape_string($newdate),
mysql_real_escape_string($zip_code),
mysql_real_escape_string($description));
//insert the user into the database
mysql_query($insert_sql);
echo $insert_sql;
?>
Much thanks in advance.
The problem is that you are not naming your input fields. If you add the name property to the input in your html code the value will be stored in the $_POST array in php once the form is submitted. The correct html code should be:
<form method="POST" action="add_event.php" id="create_event">
<label for="event_name">Event Name:</label>
<input type="text" name="event_name"><br />
<label for="date">Date:</label>
<input class="datepicker" type="date" name="date"><br />
<label for="zip_code">Zip Code:</label>
<input type="text" name="zip_code" maxlength="5"><br />
<label for="description">Description</label>
<textarea name="description" rows="5" columns="10"></textarea>
<br>
<input type="submit" name="submit">
</form>
I am not sure if you needed the ids on the inputs for anything else, otherwise you should re-add those. For more information on html forms, visit: http://www.w3schools.com/html/html_forms.asp
You have not included any name attribute in your form. Here is how it should be:
<label for="event_name">Event Name:</label>
<input type="text" id="event_name" name="event_name"><br />
<label for="date">Date:</label>
<input class="datepicker" type="date" id="date" name="date"><br />
<label for="zip_code">Zip Code:</label>
<input type="text" id="zip_code" maxlength="5" name="zip_code"><br />
<label for="description">Description</label>
<textarea id="description" rows="5" columns="10" name="description"></textarea>
Note that only form inputs element that have the name attribute will be sent to the server. ID is only used on the client side.
Don't you need some name attributes in your form?
For example:
<input class="datepicker" type="date" id="date" name="date">
and the value within your POST['your_value'] must be the same as the value for the name attribute.
so:
$my_date = $_POST['date']
You need to give your input elements a name attribute... This is how php uses the $_POST['name attribute'] global to identify the field you are referring to.
so for example...
<form method="POST" action="add_event.php" id="create_event">
<label for="event_name">Event Name:</label>
<input type="text" name="event_name" id="event_name"><br />
<label for="date">Date:</label>
<input class="datepicker" name="date" type="date" id="date"><br />
<label for="zip_code">Zip Code:</label>
<input type="text" id="zip_code" name="zip_code" maxlength="5"><br />
<label for="description">Description</label>
<textarea id="description" name="description" rows="5" columns="10"></textarea>
<br>
<input type="submit" name="submit">
</form>
Complete Newbie to PHP, but trying to do a simple form submit to a MySQL Database. I keep getting the Notice: Undefined index: warning on my form input variables. What could be issue here. The form is on a seperate PHP page submitting to the process.php file.
Form Code:
<form name="example" id="example" method="POST" action="process.php" enctype="multipart/form-data">
<p>
<label for="first_name">First Name:</label>
<input size="20" name="first_name" id="first_name" />
</p>
<p>
<label for="city">city</label>
<input size="20" name="city" id="city" />
</p>
<p>
<label for="state">state</label>
<input size="20" name="state" id="state" />
</p>
<p>
<label for="zip">zip</label>
<input size="20" name="zip" id="zip" />
</p>
<p>
<label for="email">e-mail</label>
<input size="20" name="email" id="email" />
</p>
<p>
<label for="form_upload">file</label>
<input size="40" type="file" name="form_data" id="form_data" />
</p>
<p>
<input type="submit" value="Submit form" name="submit" />
</p>
</form>
Process.php
<?php
mysql_connect("localhost", 'root', '') or die('Could not connect:' . mysql_error());
mysql_select_db("practice") or die(mysql_error());
mysql_query("CREATE TABLE user (id INT(5)NOT NULL AUTO, name VARCHAR(30), email VARCHAR(40), city VARCHAR(40), state VARCHAR(3), zip INT(5) )");
if (isset($_POST)) {
$name = $_POST['first_name'];
$email = $_POST['email'];
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
}
mysql_query("INSERT INTO user VALUES('$name', '$email', '$city', '$state', '$zip')");
?>
i guess you should change this
if (isset($_POST)){
and give an index like that
if (isset($_POST['submit'])){
and also
change the query to
mysql_query("INSERT INTO user (name , email, city,state, zip)
VALUES('$name', '$email', '$city', '$state', '$zip')" );
and you should escape your variables like that before inserting them.
$name = mysql_real_escape_string($name) ;
// and so on
last thing is why you create table everytime you submit ? you should check if exist .
Trying to post a simple form to my database but can't get it to work. I have PHP and MySQL activated through XAMPP. The database "E-mail list" is set up with the table "Players".
PHP code:
<?php
$mysqli = new mysqli('localhost', 'root', '', 'E-mail list');
if(isset($_POST['save']))
{
$name = $mysqli->real_escape_string($_POST['name']);
$email = $mysqli->real_escape_string($_POST['email']);
$phone = $mysqli->real_escape_string($_POST['phone']);
$other = $mysqli->real_escape_string($_POST['other']);
$query = 'INSERT INTO Players (
name,
email,
phone,
other
)
VALUES ('.$name.', "'.$email.'", "'.$phone.'","'.$other.'")';
if ($mysqli->query($query))
{
echo 'Data Saved Successfully.';
}
else
{
echo 'Cannot save data.';
}}
?>
And the form:
<form id="myForm" method="post">>
<div data-role="fieldcontain">
<label for="name">Please enter your name:</label>
<input type="text" name="name" id="name" class="required" value="" autocomplete="off" />
<label for="email">Please enter your e-mail:</label>
<input type="text" name="email" id="email" value="" class="required" autocomplete="off" />
<label for="phone">Please enter your phone number:</label>
<input type="number" name="phone" id="phone" value="" class="required" autocomplete="off" />
<br><br>
<label for="other">Other comments</label>
<textarea name="other" id="other" autocomplete="off" placeholder="Anything else you'd like to add?">
</textarea>
</form>
<p><strong id="error"></strong></p>
<br><br>
<input type="button" id="save" name="save" value="Submit Form" />
<p id="response"></p>
I did some changes in your codes both PHP and HTML Parts.,
For PHP :
<?php
$mysqli = new mysqli('localhost', 'root', '', 'E-mail list');
/* check connection */
if ($mysqli->connect_errno) {
printf("Connect failed: %s\n", $mysqli->connect_error);
exit();
}
if(isset($_POST['save']))
{
$name = $mysqli->real_escape_string($_POST['name']);
$email = $mysqli->real_escape_string($_POST['email']);
$phone = $mysqli->real_escape_string($_POST['phone']);
$other = $mysqli->real_escape_string($_POST['other']);
$query = "INSERT INTO Players (`name`,`email`,`phone`,`other`) VALUES ('".$name."','".$email."','".$phone."','".$other."')";
if($mysqli->query($query))
{
echo 'Data Saved Successfully.';
}
else
{
echo 'Cannot save data.';
}
}
?>
For HTML :
<form id="myForm" method="post" action="">
<div data-role="fieldcontain">
<label for="name">Please enter your name:</label>
<input type="text" name="name" id="name" class="required" value="" autocomplete="off" /><br />
<label for="email">Please enter your e-mail:</label>
<input type="text" name="email" id="email" value="" class="required" autocomplete="off" /><br />
<label for="phone">Please enter your phone number:</label>
<input type="number" name="phone" id="phone" value="" class="required" autocomplete="off" />
<br><br>
<label for="other">Other comments</label>
<textarea name="other" id="other" autocomplete="off" placeholder="Anything else you'd like to add?">
</textarea>
<p><strong id="error"></strong></p>
<br><br>
<input type="submit" id="save" name="save" value="Submit Form" />
<p id="response"></p>
</form>
I think this may help you to resolve your problem.
Missing double quotes for name value in your SQL.
VALUES ("'.$name.'", "'.$email.'", "'.$phone.'","'.$other.'")';
Use Firefox/firebug to see the parameters and result, and add an echo($query); so you can see it in firebug.
'E-mail list' doesn't seem like convenient database name, though it should be okay.
Anyway, your goal should be to display all possible error that may occur.
So, you have to always check for the errors and report them in more usable form than just 'Cannot save data.'
Always check your connect
$mysqli = new mysqli('localhost', 'root', '', 'E-mail list');
if ($mysqli->connect_error) {
trigger_error($mysqli->connect_error);
}
same for the query
if (!$mysqli->query($query)) {
trigger_error($mysqli->error." ".$query);
}
If you see no error messages - check the logic of your code: if you ever run the code, if you run the code you wrote, if PHP works, typos etc.