Textarea not displayed in MySQL DB

infinitix · July 22, 2014

I've spent the past 2 days googling and trying different methods that people have recommended other people try yet still I come up with the same problem. I am new to coding and I am learning the basic functions so all feedback is welcome in aiding my learning endeavor. I am using a form and all of the inputs are submitting to the database other than the text area which comes up blank. I do not get an error when submitting the form I just get a blank value for the text area 'Comments'.

FORM

<label>Website:</label><br>

<label>Comment:</label><br>

</form>

CONTACTDB.PHP

$value = $_POST['Name'];

$value2 = $_POST['E-Mail'];

$value3 = $_POST['Website'];

$value4 = $_POST['Comments'];

$sql = "INSERT INTO `contact` (`Name`, `E-Mail`, `Website`, `Comments`) VALUES ('$value', '$value2', '$value3', '$value4')";

As noted above I get returned values for $value, $value2, and $value3 but not $value4 (The 'Comments' text area)

Ch0cu3r · July 22, 2014

Remove the form="contactdb" attribute from the <textarea> tag

davidannis · July 23, 2014

Please sanitize your data using mysqli_real_escape_string before sending it to the database:

$value = $_POST['Name'];

should be:

$value = mysqli_real_escape_string ( $link , $_POST['Name'] );

where link is the link to your DB. Same for all the variables you write to your database. Not doing so leaves your site wide open to attacks by hackers.

infinitix · July 23, 2014

I tried the above corrections and I'm still lost as it is not working and when I use the sanitize escape string no values are posted to the DB.

http://s30.postimg.org/qeqcpass1/contactdb.png

http://s27.postimg.org/fsegje4w3/contactus.png

http://s29.postimg.org/h9ouaqcfr/database.png

As you can see for ID 3 and ID 4 nothing was returned to the DB when I add the escape string and the comments is still empty.

chriscloyd · July 23, 2014

do this on your page before adding to the database just to make sure you are getting everything

<?php
echo "<pre>";
print_r($_POST);
echo "</pre>";

infinitix · July 23, 2014

When I use the print_r:

Array
(
[formID] => Contact
[redirect_to] => http://www.cavalierchampions.com
[Name] => john doe
[E-Mail] => email@gmail.com
[Website] => website.com
[Comments] => test
)

mac_gyver · July 23, 2014

whatever method you are using to view the end result is likely where the problem is at.

i'm going to guess you are trying to output the content of the Comments database column using a value="..." attribute. that's not how <textarea></textarea>'s work. you need to output the content of the database column between the <textarea>output goes here</textarea> tags.

for the escape string function you use, you need to do that right before you put the data into your mysql query statement (or use prepared queries) and you need to use the escape string function from the same set of database functions you are using in your code to run the query.

infinitix · July 23, 2014

I am using phpmyadmin to view the DB.

I feel like the escape string is consistent with what you are saying, it is before the insert and it is defined as part of the value. For the <textarea>output goes here</textarea> I'm a little confused by what you mean. I have the echo command in between the text area and from my understanding of what you are saying that is incorrect. I remember reading something about values can't be assigned to text area's but i could be mistaken but every example i've seen has the text area setup as followed:

$link = mysql_connect (DB_HOST, DB_USER, DB_PASSWORD);

if (!$link) {

die('Could not connect: ' . mysql_error());

}

$db_selected = mysql_select_db(DB_NAME, $link);

if (!$db_selected) {

die('Can\'t use ' . DB_NAME . ': ' . mysql_error());

}

echo "<pre>";

print_r($_POST);

echo "</pre>";

$value = mysqli_real_escape_string ( $link , $_POST['Name'] );

$value2 = mysqli_real_escape_string ( $link , $_POST['E-Mail'] );

$value3 = mysqli_real_escape_string ( $link , $_POST['Website'] );

$value4 = mysqli_real_escape_string ( $link , $_POST['Comments'] );

$sql = "INSERT INTO `contact` (`Name`, `E-Mail`, `Website`, `Comments`) VALUES ('$value', '$value2', '$value3', '$value4')";

if (!mysql_query($sql)) {

die('Error: ' . mysql_error());

}

mysql_close();

?>

I removed some of the other input types to focus on the text area..

</form>

Edited July 23, 2014 by infinitix

mac_gyver · July 23, 2014

your current code is mixing mysql_ (no i) and mysqli_ (with an i) functions. you cannot do that (if you want it to work.) if your current code is inserting all empty values, it is because of this mixing of different functions (the mysqli functions are returning null values since there is no mysqli connection in place.)

sort the current problem out, by using all the same type of database functions and see if it works with the other changes in place.)

infinitix · July 23, 2014

I removed the ( "i" ) from the escape strings, still empty in the database and upon submitting the form this is displayed again:

Array
(
[formID] => Contact
[redirect_to] => http://www.cavalierchampions.com
[Name] => Your Name
[E-Mail] => Your E-Mail
[Website] => Your Website
[Comments] => test
)

I checked the collation and everything to see if that may effect it, the collation is set to utf8_general_ci

mac_gyver · July 24, 2014

if you are currently still getting empty values for the four columns in the database table, it's because the parameter usage for the mysql_real_escape_string() function is different form the mysqli_real_escape_string() function. the $link would be the second parameter, not the first.

to muddy the water even more, the mysql_ (no i) functions are depreciated and will be removed in an upcoming php release. you should be learning the mysqli_ or PDO database library functions, which are not obsolete.

if you had php's error_reporting set to E_ALL and display_errors set to ON, php would help you by reporting and displaying all the errors it detects. all the mismatched mysql/mysqli and $link parameter usage would be producing php errors. in fact, if you are using a high enough php version, the mysql_connect() statement would be giving you a depreciated error message.

infinitix · July 24, 2014

Mac first off, I appreciate the help a lot man. I'm going to the library tomorrow in hope to find a relevant book that I can learn some Mysqli and PDO. If I'm going to do this I want to do it right Any books or learning materials that you suggest for a beginner as myself?

Jacques1 · July 24, 2014

Keep away from MySQLi. It's cumbersome as hell and of course limited to the MySQL database system. PDO, on the other hand, is a universal database interface with a very nice API.

Don't let the seeming similarity of the mysqli_* functions and the old mysql_* functions fool you: Switching to MySQLi is not as easy as adding an “i”. It requires you to rewrite the entire database code and get rid of several bad habits like stuffing dynamic values into query strings. So you might as well do it right and jump straight to PDO.

Check out this PDO tutorial.

Sign In

Textarea not displayed in MySQL DB

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information