PHP Form that updates multiple form element to different columns - php

I am trying to build a simple form that will update my mySql database.
I can succeed if I only have 1 form element (input) on the page but I can not figure out how to have more than one form element (inputs) per pgae.
When I add more than one input the database will not add any of the content.
I know that my code is close, but I am at a loss as the exactly where and what to do about it.
P.S. - I am still new to this and am learning ...
Here is what I have
<?php
$host = 'hostName';
$user = 'userName';
$password = 'password';
$link = mysql_connect($host, $user, $password);
$selected = mysql_select_db('dbName', $link);
if(!isset($_POST['text-input']))
{
echo '<html>
<body>
<form action="post.php" method="post">
<input type="text" name="text-input" id="text-input" value="Update MyDataColumn" style="width:300px;" />
<input type="submit" value="Submit" />
</form>
</body>
</html>'; }
else {
$form_input = $_POST['text-input'] ;
mysql_query('INSERT INTO `tableName` (columnName) VALUES ("' . $form_input . '");');
echo '
<html>
<body>
<script type="text/javascript">
alert(\'Database now contains: <?php echo $form_input ?>. Redirecting...\');
window.location = \'http://url.com\';
</script>
</body>
</html>';
}
?>
I would like to sort out how to post to numerous columns within the same db/table.
Ok, from the answers below I have modified the code to look like this:
<?php
$host = 'dbHost';
$user = 'dbUser';
$password = 'dbPassword';
$link = mysql_connect($host, $user, $password);
$selected = mysql_select_db('dbName', $link);
if(!isset($_POST['text-input']))
{
echo '
<form action="index.php" method="post">
<input type="text" name="text-input" id="text-input" value="Update itemName" style="width:300px;" />
<input type="text" name="text-input2" id="text-input2" value="Update itemDescription" style="width:300px;" />
<input type="text" name="text-input3" id="text-input3" value="Update productID" style="width:300px;" />
<input type="text" name="text-input4" id="text-input4" value="Update itemPrice" style="width:300px;" />
<input type="submit" value="Submit" />
</form>'
; }
else {
$form_input = $_POST['text-input'] ;
$form_input2 = $_POST['text-input2'] ;
$form_input3 = $_POST['text-input3'] ;
$form_input4 = $_POST['text-input4'] ;
mysql_query('INSERT INTO `items` (itemName, itemDescription, productID, itemPrice)
VALUES ("' . $form_input . '", "' . $form_input2 . '", "' . $form_input3 . '", "' . $form_input4 . '");
echo '
<html>
<body>
<script type="text/javascript">
alert(\'Database has been updated. Redirecting to previous url.\');
window.location = \'http://url.com\';
</script>
</body>
</html>';
}
?>
What happens with this code is I get a
syntax error, unexpected '>'


You just have to modify your query to set multiple columns.
HTML:
<form action="post.php" method="post">
<input type="text" name="text-input" id="text-input" value="Update MyDataColumn" style="width:300px;" />
<input type="text" name="text-input2" id="text-input2" value="Update MyDataColumn2" style="width:300px;" />
<input type="text" name="text-input3" id="text-input3" value="Update MyDataColumn3" style="width:300px;" />
<input type="submit" value="Submit" />
</form>
PHP:
$form_input = $_POST['text-input'] ;
$form_input2 = $_POST['text-input2'] ;
$form_input3 = $_POST['text-input3'] ;
mysql_query('INSERT INTO `tableName` (columnName, columnName2, columnName3) VALUES ("' . $form_input . '","' . $form_input2 . '","' . $form_input3 . '");');


In your HTML output you need to add another field like this one (already in your code):
<input type="text" name="text-input" id="text-input"
value="Update MyDataColumn" style="width:300px;" />
BUT, it must have a different "name" (!);
<input type="text" name="text-input2" id="text-input2"
value="Another Input" style="width:300px;" />
Now we fetch the new variable ("text-input2") out of the $_POST array like this:
$form_input = $_POST['text-input']; // Your code...
$form_input2 = $_POST['text-input2']; // for the new input field
And we need to change the SQL command to this:
mysql_query('INSERT INTO `tableName` (columnName) VALUES ("' . $form_input . '");
mysql_query('INSERT INTO `tableName` (columnName) VALUES ("' . $form_input2 . '");
The above SQL command would add both form inputs as a seperate row in your table, they are not connected to eachother.
To have them in the same row you need to change your table first and add another column to it. The SQL command for that is:
ALTER TABLE tableName ADD columnName2 VARCHAR(255);
This will add another column named 'columName2' to the table. And we finally can add both values as one row of the table:
mysql_query('INSERT INTO `tableName` (columnName, columName2)
VALUES ("' . $form_input . '", "' . $form_input2 . '");
That's it ;-)

Related

Update table in database using mysql/php when profile is edited by user

I am using local phpmyadmin as my database(MYSQL), I am doing something like this and i have no idea why this code is not updating the table in database. I am able to fetch data from database and show it on required page and place.
<?php
session_start();
require('db.php');
$id = session_id();
$query = "SELECT * from new_record where id='" . $id . "'";
$result = mysqli_query($con, $query) or die (mysqli_error());
$row = mysqli_fetch_assoc($result);
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Update Record</title>
<link rel="stylesheet" href="css/style.css"/>
</head>
<body>
<div class="form">
<h1>Update Record</h1>
<?php
$status = "";
if (isset($_POST['new']) && $_POST['new'] == 1)
{
$id = session_id();
$name = $_POST['name'];
$age = $_POST['age'];
$submittedby = $_SESSION['username'];
$update = "UPDATE new_record SET name='" . $name . "', age='" . $age . "', submittedby='" . $submittedby . "' WHERE id='" . $id . "'";
mysqli_query($con, $update) or die(mysqli_error());
$status = "Record Updated Successfully. </br></br><a href='personal-profile.php'>View Updated Record</a>";
echo '<p style="color:#FF0000;">' . $status . '</p>';
}else {
?>
<div>
<form name="form" method="post" action="">
<input type="hidden" name="new" value="1"/>
<input name="id" type="hidden" value="<?php echo $row['id']; ?>"/>
<p><input type="text" name="name" placeholder="Enter Name" required value="<?php echo $row['name']; ?>"/></p>
<p><input type="text" name="age" placeholder="Enter Age" required value="<?php echo $row['age']; ?>"/></p>
<p><input name="submit" type="submit" value="Update"/></p>
</form>
<?php } ?>
</div>
</div>
</body>
</html>

As mentioned in comments - take care of Injection issues.
session_id() taken into your $id does not have rows in your table. There are no rows in your table matching the MySQL Column id to the current session_id(). You will still have your form displayed with no values for name and age. When you fill and submit, it need to update an existing row which is not available in your table.

Second submit button not working like first one

Right now I am really confused and have been working on this problem for a couple hours now so I thought I would post on here and maybe get some feedback. So I have a program that runs this search tool on a file. The file either comes from user input generated into a file or a user actually uploading the file. I have 2 submit buttons where the first one goes with user generated files and the second one has to do with a user uploading a file.
The problem I have is that I have the same exact code for the second submit button (All that changes is the way the program gets the file) but for some reason by second submit button doesnt work. Nothing is generated and the execution of the search tool does not occur. I know this because there is not an output file created.
I was wondering if someone knows why my second button doesnt perform like the first button....
Here is my code...
<form method="POST", action="/~cs4380sp15grp4/home/blast.php" class="form-inline">
<textarea id="BlastSearch" type="textarea" name="BlastSearch" class="form-control">
Database:
<select id="database" name="database" class="form-control">
<option value="Archaea">Archaea</option>
</select>
Threshold:
<select id="evalue" name="evalue" class="form-control">
<option value="0.0001">0.0001</option>
<option value="0.001">0.001</option>
</select>
Hits:
<select id="hits" name="hits" class="form-control">
<option value="50">50</option>
<option value="100">100</option>
</select>
<button id="run" type="submit" name="submit" class="btn btn-primary"><span class="glyphicon glyphicon-wrench"></span> Run BLAST</button>
<button type="reset" value="Clear" class="btn btn-info">Clear</button>
</form>
<form enctype="multipart/form-data" action="upload.php" method="POST" class="form-inline"/>
<input type="file" name="fileToUpload" id="fileToUpload" class="form-control"/>
<input type="submit" value="upload" name="upload" class="form-control"/>
<input type="reset" value="reset" name="reset" class="form-control"/>
</form>
<form method="POST", action="/~cs4380sp15grp4/home/blast.php" class="form-inline">
<input type="submit" value="submit file" name="submit2" class="form-control"/>
</form>
<?php
//connects to db
//Insert the values into the database
if(isset($_POST['submit'])){
//declare variables to what the user defines them as
$db = $_POST['database'];
$evalue = $_POST['evalue'];
$sequence = $_POST['BlastSearch'];
$hits = $_POST['hits'];
//create a new .fasta file and put the sequence the user wants to search for in that file
$file = 'uploads/'.$mysqli->insert_id.'.fasta';
$header = ">gi|129295|sp|P01013|OVAX_CHICK GENE X PROTEIN (OVALBUMIN-RELATED)\n";
$current = $header . $_POST['BlastSearch'];
file_put_contents($file, $current);
$userid = $_SESSION['uid'];
//insert the values into the database
$mysqli->query("INSERT INTO `Job` (`uid`, `input`, `status`, `start_time`, `finish_time`) VALUES ('1', '" . $sequence . "', 'running' , NOW(), NOW())");
$mysqli->query("INSERT INTO `BLAST`(`db_name`, `evalue`, `job_id`) VALUES ('" . $db . "','" . $evalue . "', '".$mysqli->insert_id."')") or die(mysqli_error($mysqli));
//execute the BLAST Tool
// Do this execute statement if the user inputs his own sequence. (Use new.fasta)
exec('/students/groups/cs4380sp15grp4/blast/blast-2.2.26/bin/blastall -p blastp -d db -i /students/groups/cs4380sp15grp4/public_html/home/uploads/'.$mysqli->insert_id.'.fasta -m'.$evalue.' -o outputSEQ -v'.$hits.' -b'.$hits);
}
if(isset($_POST['submit2'])){
//declare variables to what the user defines them as
$db = $_POST['database'];
$evalue = $_POST['evalue'];
$sequence = $_POST['BlastSearch'];
$hits = $_POST['hits'];
$userid = $_SESSION['uid'];
//insert the values into the database
$mysqli->query("INSERT INTO `Job` (`uid`, `input`, `status`, `start_time`, `finish_time`) VALUES ('1', '" . $sequence . "', 'running' , NOW(), NOW())");
$mysqli->query("INSERT INTO `BLAST`(`db_name`, `evalue`, `job_id`) VALUES ('" . $db . "','" . $evalue . "', '".$mysqli->insert_id."')") or die(mysqli_error($mysqli));
exec('/students/groups/cs4380sp15grp4/blast/blast-2.2.26/bin/blastall -p blastp -d db -i /students/groups/cs4380sp15grp4/public_html/home/uploads/sample.fasta -m '.$evalue.' -o outputFILE -v'.$hits.' -b'.$hits);
}
$mysqli->close();
?>
I dont understand it. basically the exec function works in the first submit button, but the exec function doesnt work in the second one... I can go into terminal and run the second exec function and it runs perfectly fine. Is it because of the action for the second submit being upload.php? I could see it being that....
EDIT1: I just tried creating a new form specifically for that button and making the action the same as the first submit buttons form. It didnt work though :( any help is appreciated!

Hi there is few issues in your code you pasted.
In first form textarea does not have closing tag.
In third form you have a comma (,) after method="Post"
Your question is about second submit button and you have created 3 forms.

Should that comma after the method=POST be there? I can't actually see why it would make any difference, but it's not going to help. Having multiple forms on a page is valid of course, but it's sometimes better to have just one form and use Javascript behind multiple 'normal' buttons to set the enctype, method, action set and required defaults and then submit the form programatically.

Provide the following hidden inputs in the corresponding forms in order to get the $_POST['submit'] and $_POST['submit2'] in the server side php:
<input type="hidden" value="1" name="submit" />
<input type="hidden" value="1" name="submit2" />
Try this:
<form method="POST", action="/~cs4380sp15grp4/home/blast.php" class="form-inline">
<textarea id="BlastSearch" type="textarea" name="BlastSearch" class="form-control">
Database:
<select id="database" name="database" class="form-control">
<option value="Archaea">Archaea</option>
</select>
Threshold:
<select id="evalue" name="evalue" class="form-control">
<option value="0.0001">0.0001</option>
<option value="0.001">0.001</option>
</select>
Hits:
<select id="hits" name="hits" class="form-control">
<option value="50">50</option>
<option value="100">100</option>
</select>
<input type="hidden" value="1" name="submit" />
<button id="run" type="submit" class="btn btn-primary"><span class="glyphicon glyphicon-wrench"></span> Run BLAST</button>
<button type="reset" value="Clear" class="btn btn-info">Clear</button>
</form>
<form enctype="multipart/form-data" action="upload.php" method="POST" class="form-inline"/>
<input type="file" name="fileToUpload" id="fileToUpload" class="form-control"/>
<input type="submit" value="upload" name="upload" class="form-control"/>
<input type="reset" value="reset" name="reset" class="form-control"/>
</form>
<form method="POST", action="/~cs4380sp15grp4/home/blast.php" class="form-inline">
<input type="hidden" value="1" name="submit2" />
<input type="submit" value="submit file" class="form-control"/>
</form>
<?php
//connects to db
//Insert the values into the database
if(isset($_POST['submit'])){
//declare variables to what the user defines them as
$db = $_POST['database'];
$evalue = $_POST['evalue'];
$sequence = $_POST['BlastSearch'];
$hits = $_POST['hits'];
//create a new .fasta file and put the sequence the user wants to search for in that file
$file = 'uploads/'.$mysqli->insert_id.'.fasta';
$header = ">gi|129295|sp|P01013|OVAX_CHICK GENE X PROTEIN (OVALBUMIN-RELATED)\n";
$current = $header . $_POST['BlastSearch'];
file_put_contents($file, $current);
$userid = $_SESSION['uid'];
//insert the values into the database
$mysqli->query("INSERT INTO `Job` (`uid`, `input`, `status`, `start_time`, `finish_time`) VALUES ('1', '" . $sequence . "', 'running' , NOW(), NOW())");
$mysqli->query("INSERT INTO `BLAST`(`db_name`, `evalue`, `job_id`) VALUES ('" . $db . "','" . $evalue . "', '".$mysqli->insert_id."')") or die(mysqli_error($mysqli));
//execute the BLAST Tool
// Do this execute statement if the user inputs his own sequence. (Use new.fasta)
exec('/students/groups/cs4380sp15grp4/blast/blast-2.2.26/bin/blastall -p blastp -d db -i /students/groups/cs4380sp15grp4/public_html/home/uploads/'.$mysqli->insert_id.'.fasta -m'.$evalue.' -o outputSEQ -v'.$hits.' -b'.$hits);
}
if(isset($_POST['submit2'])){
//declare variables to what the user defines them as
$db = $_POST['database'];
$evalue = $_POST['evalue'];
$sequence = $_POST['BlastSearch'];
$hits = $_POST['hits'];
$userid = $_SESSION['uid'];
//insert the values into the database
$mysqli->query("INSERT INTO `Job` (`uid`, `input`, `status`, `start_time`, `finish_time`) VALUES ('1', '" . $sequence . "', 'running' , NOW(), NOW())");
$mysqli->query("INSERT INTO `BLAST`(`db_name`, `evalue`, `job_id`) VALUES ('" . $db . "','" . $evalue . "', '".$mysqli->insert_id."')") or die(mysqli_error($mysqli));
exec('/students/groups/cs4380sp15grp4/blast/blast-2.2.26/bin/blastall -p blastp -d db -i /students/groups/cs4380sp15grp4/public_html/home/uploads/sample.fasta -m '.$evalue.' -o outputFILE -v'.$hits.' -b'.$hits);
}
$mysqli->close();
?>

PHP show data from Oracle database in a listbox

I want to show data from a Oracle database into a listbox.
, but I don't no how to do that.
Now I'm using a textbox and that works good.
This is my HTML code
<form name="form1" method="get" action="Get_opdracht.php"
Opdrachtnummer: <br /> <input id="Password1" type="number" name="nummer1" required="required"/>
<input type="submit" name="submit1" value="Zoeken" />
<hr />
</form>
PHP code (get_opdracht.php)
// database connect
$conn = oci_connect('username', 'password', 'connect');
// variable textbox
$username = $_GET['nummer1'];
// SELECT query
$array = oci_parse($conn, "SELECT * FROM OPD_VW, MDW_VW WHERE OPD_OPDRACHTNUMMER = '$username'");
$query = oci_execute($array);
//show data on page
while (($row = oci_fetch_array($array, OCI_BOTH)) != false) {
echo "<h1>Opdrachtnummer: " . $row['OPD_OPDRACHTNUMMER'] . "</h1><p> <b>Status: </b>" . $row['OPD_STATUS'] . "<p><b>Registratiedatum: </b>" . $row['OPD_REGISTRATIEDATUM'] . "<p><b>Einddatum: </b>" . $row['OPD_EINDDATUM'] . "<p><b>BTW tarief: </b>". $row['OPD_BTW_TARIEF'] . "<p><b>Totale contractsom: €</b>" . $row['OPD_TOTALE_CONTRACTSOM'] . "<p><b>Percentage gerealiseerd: </b>" . $row['OPD_PERCENTAGE_GEREALISEERD'] . "%";
oci_free_statement($array);
oci_close($conn);

To create a listbox you need to use the select multiple as shown below.
<select name="myselect" multiple="multiple">
<option value="value">OPTION</option>
<option value="value">OPTION</option>
</select>

Inserting multiple entries into table from the same form

This is my form, a pretty simple one. I have 3 text fields in which questions will be entered and i want to put each of these in a database.
questFormtest.php:
<html>
<head><title> Test Quest</title></head>
<body>
<form id= "qform" method="post" action="quest.php">
<h3>Enter Questions</h3><br><br>
<h3>Question 1: Five marks each.<br></h3>
a) <input type="text" name="field1[][field1]" size=45>* <br><br>
b) <input type="text" name="field1[][field1]" size=45>* <br><br>
c) <input type="text" name="field1[][field1]" size=45>* <br><br>
<p><input type="submit" name="submit" value="Submit" align="center" />
<input type='reset' name='Cancel' value='Cancel' /></p>
</form>
</body>
</html>
My php file is as follows:
quest.php:
<?php
include('connectionfile.php');
$cnt = count($_POST['field1']);
if ($cnt > 0) {
$insertArr = array();
for ($i=0; $i<$cnt; $i++) {
$insertArr[] = "('" .$_POST['field1'][$i]. "')";
}
$query = "INSERT INTO paper (field1) VALUES " . implode(", ", $insertArr);
mysql_query($query) or trigger_error("Insert failed: " . mysql_error());
}
mysql_close($id_link);
?>
When i run the file, it gives me the following error:
Insert failed: Unknown column 'field1' in 'field list' in quest.php on line 15
Can somebody tell me if there's an error in the query and how i can solve it? Any help is appreciated :)

The posted value is in this index: $_POST['field1'][$i]['field1']. So you use this code : $insertArr[] = "('" .$_POST['field1'][$i]['field1']. "')" in you for loop;

Troubleshooting HTML and PHP / MySQL

Long time reader, first time poster. I am a novice PHP enthusiast, and I have a page that I have been working. Right now I have the DB connection working well and my SELECT statement is giving me the info needed. My problems are two fold (maybe more after this post; set your phasers to cringe):
At one point, I had the INSERT working, but it suddenly stopped and no amount of tweaking seems to bring it back. I have verified that the INSERT statement works in a seperate PHP file without variables.
When I did have the INSERT working, every refresh of the page would duplicate the last entry. I have tried tried several ways to clear out the $_POST array, but I think some of my experimenting lead back to problem #1.
<?php
$dbhost = "REDACTED";
$dbuser = "REDACTED";
$dbpass = "REDACTED";
$dbname = "guest_list";
// Create a database connection
$connection = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);
// Test if connection succeeded
if(mysqli_connect_errno()) {
die("DB's not here, man: " .
mysqli_connect_error() .
" (" . mysqli_connect_errno() . ")"
);
}
// replacement for mysql_real_escape_string()
function html_escape($html_escape) {
$html_escape = htmlspecialchars($html_escape, ENT_QUOTES | ENT_HTML5, 'UTF-8');
return $html_escape;
}
// Posting new data into the DB
if (isset($_POST['submit'])) {
$first = html_escape($_POST['first']);
$last = html_escape($_POST['last']);
$contact = html_escape($_POST['contact']);
$associate = html_escape($_POST['associate']);
$insert = "INSERT INTO g_list (";
$insert .= "g_fname, g_lname, g_phone, g_association) ";
$insert .= "VALUES ('{$first}', '{$last}', '{$contact}', '{$associate}')";
$insert .= "LIMIT 1";
$i_result = mysqli_query($connection, $insert);
// I have verified that the above works by setting the varialble
// in the VALUES area to strings and seeing it update
}
$query = "SELECT * ";
$query .= "FROM g_list ";
$query .= "ORDER BY g_id DESC";
$q_result = mysqli_query($connection, $query);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Guest List</title>
<link href="guest.css" media="all" rel="stylesheet" type="text/css" />
</head>
<body>
<header>
<h1>REDACTED</h1>
<h2>Guest Registry</h2>
</header>
<div class="container">
<div class="registry">
<form name="formup" id="main_form" method="post">
<fieldset>
<legend>Please enter your name into the registry</legend>
<p class="first">First Name:
<input type="text" name="first" value="" placeholder="One or more first names" size="64"></p>
<p class="last">Last Name:
<input type="text" name="last" value="" placeholder="Last name" size="64"></p>
<p class="contact">Phone Number or Email:
<input type="text" name="contact" value="" placeholder="" size="32"></p>
<p class="associate">Your relation?
<input type="text" name="associate" value="" placeholder="" size="128"></p>
<p class="submit">
<input type="submit" name="submit" title="add" value="submit" placeholder=""></p>
</fieldset>
</form>
</div>
</div>
<h3>Guest List:</h3>
<table>
<tr>
<th>Firstname(s)</th><th>Lastname</th>
<th>Phone or Email</th><th>Association</th>
</tr>
<?php while($guest = mysqli_fetch_assoc($q_result)) {
echo "<tr>" . "<td>" . $guest["g_fname"] . "</td>"
. "<td>" . $guest["g_lname"] . "</td>"
. "<td>" . $guest["g_phone"] . "</td>"
. "<td>" . $guest["g_association"] . "</td>" . "</tr>";
} ?>
</table>
<footer>
<div>Copyright <?php echo date("Y"); ?>, REDACTED, LLC.</div>
<?php
if (isset($connection)) {
mysqli_close($connection);
}
?>
</footer>
</body>
</html>

These two lines will fail:
$insert .= "VALUES ('{$first}', '{$last}', '{$contact}', '{$associate}')";
$insert .= "LIMIT 1";
Two problems here, all with the second line:
No SPACE between ) and LIMIT: )LIMIT 1 is your code;
LIMIT 1 in an INSERT is not allowed....

Categories