pswThe index.php part seems to work fine, but the handler throws a internal server error (500).
index.php
<div id="contact">
<h1>Contact us</h1>
<form id="ContactForm" method="post" action="submit.php">
<p>
<label>Name<span>(optional)</span></label>
<input id="name" name="name" class="inplaceError" maxlength="120" type="text" autocomplete="on"/>`enter code here`
<span class="error" style="display:none;"></span>
</p>
<p>
<label>Email<span>(optional)</span></label>
<input id="email" name="email" type="text" />
</p>
<p>
<label>Subject<span>(optional)</span></label>
<input id="website" name="website" />
</p>
<p>
<label>Your message<br /> <span>700 characters allowed</span></label>
<textarea id="message" name="message" cols="6" rows="5"></textarea>
</p>
<p class="submit">
<input id="send" type="submit" value="Submit" name="submit"/>
<span id="loader" class="loader" style="display:none;"></span>
</p>
<input id="newcontact" name="newcontact" type="hidden" value="1"></input>
</form>
submit.php -->
if(isset($_POST['submit'])) {
$name = $_POST['name'];
$email = $_POST['email'];
$website = $_POST['website']; //subject
$message = $_POST['message'];
$connection = mysql_connect ("localhost", "root", "pswd") or die ('DB connection fail:' .mysql_error());
mysql_select_db ("contactform");
$query = "INSERT INTO contact (pk_contact, name, email, website, message, added_date)VALUES ('NULL','$name','$email','$sub','$msg','NULL')";
//good to know about the quotes, but the page still insist there's an error
mysql_query($query) or die ('Error uploading DB');
mysql_close($connection);
echo "<span id="success_message" class="success">YAY! It worked.</span>";
} else {
echo "<span class='error'>Try again.</span>";
}
I think you've got an error with your query string. It should look like
$query = "INSERT INTO contact (name, email, website, message, added_date)VALUES ('$name','$email','$sub','$msg',NULL)";
The double quotes were breaking up your string, and the different parts weren't being concatenated.
As Mikecito mentioned. You'll want to remove the quotes around NULL.
$query = "INSERT INTO contact (pk_contact, name, email, website, message, added_date)VALUES (NULL,'$name','$email','$sub','$msg',NULL)";
Assuming you have set you mysql table so the added_date field is a mysql timestamp format, attempting to enter 'NULL' into the table will result in a mysql error.
Also make sure the mysql table allows null values to be entered into the pk_contact and added_date fields.
Related
I have created a HTML form which will need to insert the data that was entered into the form straight into a table in mySQL.
newuser.php file
<?php
//including the connection page
include('./DB_Connect.php');
//get an instance
$db = new Connection();
//connect to database
$db->connect();
//fetch username and password
$usertype = $_POST['userType'];
$firstname = $_POST['firstName'];
$lastname = $_POST['lastName'];
$username = $_POST['userName'];
$password = $_POST['password'];
$address1 = $_POST['add1'];
$address2 = $_POST['add2'];
//write the sql statement
$query = "INSERT INTO USERS (usertype, fname, lname, username, password, add1, add2)
VALUES ('$usertype', '$firstname', '$lastname', '$username', '$password', '$address1', '$address2')";
mysql_query($query,$db);
if (($query) == TRUE) {
echo "New record created successfully";
header("Location: login.php", true);
exit();
}
else
{
echo "Error: " . $sql . "<br>" . $conn->error;
header("Location: register.php", true);
exit();
}
//close once finished to free up resources
$db->close();
?>
With the following html form:
<form action="newuser.php" method="POST" class="form" id="registerForm">
<label> Type of user: </label> <br>
<input type="radio" name="userType" id="itemSeeker">Item Seeker </input>
<input type="radio" name="userType" id="itemDonor">Item Donor </input>
<input type="radio" name="userType" id="peopleSeeker">People Seeker </input>
<input type="radio" name="userType" id="peopleDonor">People Donor </input>
<br>
<br>
<div class="form-inline">
<div class="form-group">
<input type="text" name="firstName" placeholder="First Name: " align="center" class="form-control" ></input>
</div>
<div class="form-group">
<input type="text" name="lastName" placeholder="Last Name: " align="center" class="form-control" ></input>
</div>
</div>
<br>
<input type="text" name="email" placeholder="Email Address: "align="center" class="form-control" ></input>
<br>
<div class="form-inline">
<div class="form-group">
<input type="text" name="userName" placeholder="Username: " align="center" class="form-control" ></input>
</div>
<div class="form-group">
<input type="password" name="password" placeholder="Password: " align="center" class="form-control" ></input>
</div>
</div>
<br>
<!-- <label> Address 1: </label>-->
<input type="text" name="add1" placeholder="Address 1: " align="center" class="form-control" ></input>
<!-- <label> Address 2: </label>-->
<input type="text" name="add2" placeholder="Address 2: " align="center" class="form-control" ></input>
<br>
<button class="btn btn-primary" name="submitReg" type="submit">Submit</button><br>
<br>
<a href="login.php" >Already have an account?</a>
</form>
The USERS table
The above two blocks of code and the code that I'm working with.
My problem here is, when the form is submitted, the data isn't actually being entered into the table. Note that the first ever submission actually did work. All submissions after the first one don't seem to be entering anything into the database.
I'm not quite sure what's wrong with my code for it to not work. It does go to the 'login.php' page which means there aren't any faults and the query submitted correctly.
Could someone please tell me what I'm doing wrong, thank you.
right now you have alot more trouble than your insert problem. your code is totaly insecure. (mysql injections).
Dont use mysql_* functions use pdo instead with prepared statements!
you output spaces before you send a header you cant send header if you have output. your redirect wouldnt work. dont relay on a clientside redirect use may have it disabled so output a link where you want the user to go.
anotherthing your radio buttons have no value check html syntax
var_dump($_POST) and check if you submit everything. also check for isset or empty befor assign variables. do some sort of validation.
have a look at some php frameworks they provide much more flexibility and error checking
dont reinvent the wheel by writing everthing by your own in a 10 or more year behind procedural way
This is the code for saving the information into mysql database from a FORM.
In the HTML section the form is being handled i.e. retrieving required data from user.
In the PHP section storing data has been handled.
But the problem is it doesn't store data.
I'm using XAMPP server.
<html>
<head>
<title>signup</title>
<link rel="stylesheet" href="css/insert.css" />
</head>
<body>
<div class="maindiv">
<!--HTML form -->
<div class="form_div">
<div class="title"><h2>Insert Data In Database Using PHP.</h2> </div>
<form action="signup.php" method="post"> <!-- method can be set POST for hiding values in URL-->
<h2>Form</h2>
<label>Name:</label>
<br />
<input class="input" type="text" name="name" value="" />
<br />
<label>Email:</label><br />
<input class="input" type="text" name="mail" value="" />
<br />
<label>Phone:</label><br />
<input class="input" type="text" name="phone" value="" />
<br />
<label>Password:</label><br />
<input class="input" type="text" name="pass" value="" />
<br />
<label>Address:</label><br />
<textarea rows="5" cols="25" name="add"></textarea>
<br />
<input class="submit" type="submit" name="submit" value="Insert" />
<?php
//Establishing Connection with Server
$connection = mysql_connect("localhost", "root", "buet2010");
//Selecting Database from Server
$db = mysql_select_db("tanni", $connection);
if(isset($_POST['submit'])){
//Fetching variables of the form which travels in URL
$name = $_POST['name'];
$mail = $_POST['mail'];
$phone = $_POST['phone'];
$pass = $_POST['pass'];
$add = $_POST['add'];
if($name !=''||$email !=''){
//Insert Query of SQL
$query = mysql_query($db, "INSERT INTO user (name, mail, phone, pass, add)VALUES('$name', '$mail', '$phone', '$pass', '$add')");
echo "<br/><br/><span>Data Inserted successfully...!!</span>";
}
else{
echo "<p>Insertion Failed <br/> Some Fields are Blank....!!</p>";
}
}
//Closing Connection with Server
mysql_close($connection);
?>
</form>
</div>
</div>
</body>
I don't understand what can be the problem.
Thanks all. I got the problem.
Actually the sequence of the column in my database was not matching with the query in php code.
I have solved this by changing the variable sequence in the query which is maintained in the database.
$query = mysql_query("INSERT INTO user (`name`, `mail`, `pass`, `address`, `phone`)VALUES('".$name."', '".$mail."', '".$pass."', '".$address."', '".$phone."')");
Here is the code and it will work for your..
I have passed connection link in your mysql_query. and used PHP_SELF for current page.
<html>
<head>
<title>signup</title>
<link rel="stylesheet" href="css/insert.css" />
</head>
<body>
<div class="maindiv">
<!--HTML form -->
<div class="form_div">
<div class="title"><h2>Insert Data In Database Using PHP.</h2> </div>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <!-- method can be set POST for hiding values in URL-->
<h2>Form</h2>
<label>Name:</label>
<br />
<input class="input" type="text" name="name" value="" />
<br />
<label>Email:</label><br />
<input class="input" type="text" name="mail" value="" />
<br />
<label>Phone:</label><br />
<input class="input" type="text" name="phone" value="" />
<br />
<label>Password:</label><br />
<input class="input" type="text" name="pass" value="" />
<br />
<label>Address:</label><br />
<textarea rows="5" cols="25" name="add"></textarea>
<br />
<input class="submit" type="submit" name="submit" value="Insert" />
<?php
//Establishing Connection with Server
$connection = mysql_connect("localhost", "root", "buet2010");
//Selecting Database from Server
$db = mysql_select_db("tanni", $connection);
if(isset($_POST['submit'])){
//Fetching variables of the form which travels in URL
$name = $_POST['name'];
$mail = $_POST['mail'];
$phone = $_POST['phone'];
$pass = $_POST['pass'];
$add = $_POST['add'];
if($name !=''||$email !=''){
//Insert Query of SQL
$query = mysql_query($db, "INSERT INTO user (name, mail, phone, pass, add)VALUES('$name', '$mail', '$phone', '$pass', '$add')",$connection);
echo "<br/><br/><span>Data Inserted successfully...!!</span>";
}
else{
echo "<p>Insertion Failed <br/> Some Fields are Blank....!!</p>";
}
}
//Closing Connection with Server
mysql_close($connection);
?>
</form>
</div>
</div>
</body>
Trying to post a simple form to my database but can't get it to work. I have PHP and MySQL activated through XAMPP. The database "E-mail list" is set up with the table "Players".
PHP code:
<?php
$mysqli = new mysqli('localhost', 'root', '', 'E-mail list');
if(isset($_POST['save']))
{
$name = $mysqli->real_escape_string($_POST['name']);
$email = $mysqli->real_escape_string($_POST['email']);
$phone = $mysqli->real_escape_string($_POST['phone']);
$other = $mysqli->real_escape_string($_POST['other']);
$query = 'INSERT INTO Players (
name,
email,
phone,
other
)
VALUES ('.$name.', "'.$email.'", "'.$phone.'","'.$other.'")';
if ($mysqli->query($query))
{
echo 'Data Saved Successfully.';
}
else
{
echo 'Cannot save data.';
}}
?>
And the form:
<form id="myForm" method="post">>
<div data-role="fieldcontain">
<label for="name">Please enter your name:</label>
<input type="text" name="name" id="name" class="required" value="" autocomplete="off" />
<label for="email">Please enter your e-mail:</label>
<input type="text" name="email" id="email" value="" class="required" autocomplete="off" />
<label for="phone">Please enter your phone number:</label>
<input type="number" name="phone" id="phone" value="" class="required" autocomplete="off" />
<br><br>
<label for="other">Other comments</label>
<textarea name="other" id="other" autocomplete="off" placeholder="Anything else you'd like to add?">
</textarea>
</form>
<p><strong id="error"></strong></p>
<br><br>
<input type="button" id="save" name="save" value="Submit Form" />
<p id="response"></p>
I did some changes in your codes both PHP and HTML Parts.,
For PHP :
<?php
$mysqli = new mysqli('localhost', 'root', '', 'E-mail list');
/* check connection */
if ($mysqli->connect_errno) {
printf("Connect failed: %s\n", $mysqli->connect_error);
exit();
}
if(isset($_POST['save']))
{
$name = $mysqli->real_escape_string($_POST['name']);
$email = $mysqli->real_escape_string($_POST['email']);
$phone = $mysqli->real_escape_string($_POST['phone']);
$other = $mysqli->real_escape_string($_POST['other']);
$query = "INSERT INTO Players (`name`,`email`,`phone`,`other`) VALUES ('".$name."','".$email."','".$phone."','".$other."')";
if($mysqli->query($query))
{
echo 'Data Saved Successfully.';
}
else
{
echo 'Cannot save data.';
}
}
?>
For HTML :
<form id="myForm" method="post" action="">
<div data-role="fieldcontain">
<label for="name">Please enter your name:</label>
<input type="text" name="name" id="name" class="required" value="" autocomplete="off" /><br />
<label for="email">Please enter your e-mail:</label>
<input type="text" name="email" id="email" value="" class="required" autocomplete="off" /><br />
<label for="phone">Please enter your phone number:</label>
<input type="number" name="phone" id="phone" value="" class="required" autocomplete="off" />
<br><br>
<label for="other">Other comments</label>
<textarea name="other" id="other" autocomplete="off" placeholder="Anything else you'd like to add?">
</textarea>
<p><strong id="error"></strong></p>
<br><br>
<input type="submit" id="save" name="save" value="Submit Form" />
<p id="response"></p>
</form>
I think this may help you to resolve your problem.
Missing double quotes for name value in your SQL.
VALUES ("'.$name.'", "'.$email.'", "'.$phone.'","'.$other.'")';
Use Firefox/firebug to see the parameters and result, and add an echo($query); so you can see it in firebug.
'E-mail list' doesn't seem like convenient database name, though it should be okay.
Anyway, your goal should be to display all possible error that may occur.
So, you have to always check for the errors and report them in more usable form than just 'Cannot save data.'
Always check your connect
$mysqli = new mysqli('localhost', 'root', '', 'E-mail list');
if ($mysqli->connect_error) {
trigger_error($mysqli->connect_error);
}
same for the query
if (!$mysqli->query($query)) {
trigger_error($mysqli->error." ".$query);
}
If you see no error messages - check the logic of your code: if you ever run the code, if you run the code you wrote, if PHP works, typos etc.
I would like to get some user data using a php form and store it in a mysql database , trouble is, the page simply refreshes when I submit the form.
Here is my php form:
<form id="companyform" name="companyform" method="post" action="index3.php" data-ajax="false">
<b>To enlist your business fill in the form below:</b>
<p>
<label for="name">Company Name:</label>
<input type="text" name="companyname" id="companyname" data-mini="true"/>
</p>
<p>
<label for="name">Company Address:</label>
<input type="text" name="companynaddress" id="companynaddress" data-mini="true"/>
</p>
<p>
<label for="textfield">Tel No.:</label>
<input type="text" name="tel" id="tel" data-mini="true"/>
</p>
<p>
<label for="textfield">Fax No.:</label>
<input type="text" name="fax" id="fax" data-mini="true"/>
</p>
<p>
<label for="textfield">Email:</label>
<input type="text" name="email" id="email" data-mini="true"/>
</p>
<p>
<label for="textfield">Website Address:</label>
<input type="text" name="website" id="website" data-mini="true"/>
</p>
<p>
<label for="textfield">Contact Person Name:</label>
<input type="text" name="contactname" id="contactname" data-mini="true"/>
</p>
<p>
<label for="textfield">Contact Person Number:</label>
<input type="text" name="contactnumber" id="contactnumber" data-mini="true"/>
</p>
<p>
<label for="textfield">Contact Person Email:</label>
<input type="text" name="contactemail" id="contactemail" data-mini="true"/>
</p>
<p>
<input name="submit" type="submit" id="submit" value="Submit" />
</p>
</form>
and here is my database connection code:
<?php
if (array_key_exists('submit', $_POST)) {
$con = mysql_connect("host", "user", "pass");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("botswanasearchdb", $con);
$companyname = $_POST['companyname'];
$companyaddress = $_POST['companyaddress'];
$tel = $_POST['tel'];
$fax = $_POST['fax'];
$emailid = $_POST['emailid'];
$website = $_POST['website'];
$contactname = $_POST['contactname'];
$contactnumber = $_POST['contactnumber'];
$contactemail = $_POST['contactemail'];
// prepare the SQL query
$sql = "INSERT INTO businessuser (companyname, companyaddress, tel, fax, emailid, website, contactname, contactnumber, contactemail) VALUES ('$companyname', '$companyaddress', '$tel', '$fax', '$emailid', '$website', '$contactname', '$contactnumber', '$contactemail')";
mysql_close($con);
}
?>
This is your form tag:
<form id="companyform" name="companyform" method="post" action="index3.php" data-ajax="false">
So you are submitting the form to index3.php (the action attribute). According to your comment index3.php contains your form and that is why the form refreshes when you submit it. You are basically reloading your form on form submit.
You need to submit the form to your php script that contains the php code you posted.
Edit: If everything is on the same page, you can do something like:
if (array_key_exists('submit', $_POST))
{
// your code
// show thank you message
}
else
{
// show form
}
Another edit: As you are using the deprecated mysql_* functions and not escaping the data, you have an sql injection whole and a ' character in your data will break your query. You should switch to PDO / mysqli and prepared statements. And always add error handling.
Here is the code:
contact_us2.php
<form id="form1" method="post" action="enquires.php">
<fieldset>
<legend>Form to database example</legend>
<label for="text">
<span>Comments:</span>
<textarea id="text" name="comments" rows="4" cols="80"></textarea>
</label>
<label for="name">
<span>Name:</span>
<input id="name" type='text' name='name' size='50'/>
</label>
<label for="email">
<span>Email:</span>
<input id="email" type='text' name='email' size='50'/>
</label>
<label for="submit1" id="submit"><span> </span>
<input id="submit1" class="submit" type="submit" name="submit" value="Submit"/>
</label>
</fieldset>
</form>
enquires.php
<?php
session_start();
error_reporting(E_ALL & ~E_NOTICE);
require('authenticate.php');
include_once"../scripts/connect_to_mysql.php";
$name = $_post['name'];
$email = $_post['email'];
$comments = $_post['comments'];
echo "$email";
// Query the body section for the proper page
mysql_select_db("hardware_cms" )or die (mysql_error());
$sqlCommand = MYSQL_QUERY("INSERT INTO enquires (id, name, email, comments)". "VALUES ('NULL', '$name', '$email', '$comments')") or die (mysql_error());
?>
There is no errors. The only thing that is inserted into the database is the id. I think the problem is in contact_us2.php. I'm new to html and php sorry if this is a silly question.
The error is in the php code because you have to use $_POST and don't $_post
$name = $_POST['name'];
$email = $_POST['email'];
$comments = $_POST['comments'];
Replace $_post with $_POST and see what happens.
Also, PLEASE sanitize your SQL inputs (either by using mysql_real_escape_string, or better - by using PDO prepared statements).