Jump to content

Posting to the database


Travist6983

Recommended Posts

Hello - I am trying to learn PHP here and i have created a simple form that should be posting to the database but i cant for the life of me figure out why? If anyone could point me at what i am missing that would be great

 

PHP Code at the top of my page...

<?php
if($_POST['formSubmit'] == "Submit") 
    {
		$mysqli = new mysqli("localhost", "root", "060983tt", "test");
		if ($mysqli->connect_error) {die('Connect Error: ' . $mysqli->connect_error);}
		
		$varAssign = $_POST['formAssign'];
        $varDue = $_POST['formDue'];
		$varLink = $_POST['formLink'];
			
		$sql = "INSERT INTO table (assign, due, link) 
					VALUES (".
						$varAssign . ", " .
						$varDue . ", " .
						$varLink . ")";
		
		$mysqli->query($sql);
		
		header("location: index.php?success=1");
		exit();
	}

?>

HTML Form 

<form action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>" method="post">
				  <fieldset>
					<h2>Assignment 1</h2>
					<div class="form-group">
					  <label for="exampleInputEmail">Assignment Title</label>
					  <input type="text" class="form-control" name="formAssign1" placeholder="John Smith">
					</div>
					<div class="form-group">
					  <label for="exampleInputEmail">Due Date</label>
					  <input type="text" class="form-control" name="formDue1" placeholder="john@sample.com">
					</div>
					<div class="form-group">
					  <label for="exampleInputEmail">File Name </label>
					  <input type="text" class="form-control" name="formLink1" placeholder="123 Main">
					</div>
					
					<input type="submit" name="formSubmit" value="Submit" class="btn btn-default" />

					<?php 
						$success = $_GET["success"];
						if(isset($success)) {
						echo("<div class=\"success\">");
						echo "Message was sent successfully!";
						echo("</div>\n");
						}
					?>
				  </fieldset>
				</form>

Thanks

Link to comment
Share on other sites

Just to tack on, make sure that you escape anything that comes from a user/form or else you'll get an SQL injection attack 

$varAssign = mysqli_real_escape_string($_POST['formAssign1']);
$varDue = mysqli_real_escape_string($_POST['formDue1']);
$varLink = mysqli_real_escape_string($_POST['formLink1']);

$sql = "INSERT INTO table (assign, due, link) VALUES ('$varAssign','$varDue','$varLink')";
Link to comment
Share on other sites

Thanks for the reply parkerj and thanks for the prevention against SQL injections JD. But it still isnt posting to the database. I am thinking maybe it is the way that i configured the database. I have uploaded a screenshot of PHPMyAdmin below does anything look off to you?

post-65684-0-03406500-1377694418_thumb.png

Edited by Travist6983
Link to comment
Share on other sites

is your table actually named table? if so, that's a reserved mysql keyword and is producing a query error. to use a reserved keyword as a table or column name, you must enclose it in back-ticks `` or even better, rename it to something else that indicates the purpose of the table.

 

you need to ALWAYS have error checking logic in your code to test if a step that might fail has worked or not before trying to use the result from that step. your code would have been telling you that the query failed and provided some information about where in the query the problem was at.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.