I need help bulding a form to send info to a mysql DB and a page to display it pls

[Michael_Baxter]

Hi I have tried and tried and tried again to get this to work

in simple terms I have very little knowledge with PHP and even less with mysql

I have a paid subscription and domain in order to learn more and I feel I have made ok progress so far

then I realised how unsafe my current work is;

here is my experience this far

I created a site for a group of voluntary online game hosts where they can posts points from their tournaments in a forum

and some info pages to go with this,

however what I did was create a base template and style sheet and then an admin dashboard linked to individual forms to allow the group admin to edit the info pages they go to my form and enter the desired info and submit this then sends through and action file which posts the text and <BR> to a .txt file,

then the connecting page reads the .txt file using the PHP code of " <? php include ( 'index.txt'); ?>

yes you are seeing this correctly I have allowed a direct edit of text in a .txt file rather silly of me but I didn't realise how unsafe this was until now I guess its a good job I trust that the admin has no knowledge or skills in coding

ok since all this I have created a DB in MySQL on my server,

My server uses PHPMyAdmin I have create a DB named " mnvbcou1_content1 " and a table named " home " with rows " ID " and " home "

what I am trying to do:

I want my page to display the content of the table row home and a form once submitted to send to the table row home

or if needed I can re make this DB if the names are not suitable

I have tried to create the needed coding to make this work but for some reason this just will not work I have already added 2 rows to my table to try and make the page to display the content but it just is not working I got an error every time

so I hope that someone out there is rather patient and is willing to help me learn how to do this correctly and safely,

 

also this is a closed group website the address to this site is only known by a handful of none programmers I am mainly trying to make this work for my own personal knowledge and server safety please help me

[ginerjm]

Let's start slowly.  Post the script that creates your form and process the entries made on it.  Let's just focus on that part of your project.

[Michael_Baxter]

//**** this is the receiving page of the form ****//

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>

<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="description" content="" />
<meta name="keywords" content="" /><meta name="author" content="" />

<link rel="stylesheet" type="text/css" href="musiccafestyle.css" media="screen" />

<title>Music Cafe Friends</title>

</head>
	<body>

<?php include('includes/sidebar.php'); ?>

		<div id="wrapper">

                  <div align="center">

<?php include('includes/header.php'); ?>
<?php include('includes/nav.php'); ?>

<div id="content">

<h3><?php include('index_header.txt'); ?></h3>
<p><?php include('index.txt'); ?>

</div> <!-- end #content -->


<?php include('includes/footer.php'); ?>

		</div> <!-- End #wrapper -->
	</body>
          </html>

//***** this is the file the form goes to ****//
//***** this is what I want to change to go to the DB ****//

<?php

$main = $_POST['main'];
$fp = fopen('index.txt', 'a');
fwrite($fp, $main);
fclose($fp);
echo '<h2>You data has been saved!</h2> <a href="http://mydomain.co.uk/admindashboard.html"> Go Back To The Admin Dashboard </a><BR> <BR>';
$file = "index.txt";
$text = $_POST["main"];
$text_ok = nl2br($text);
file_put_contents($file, $text_ok);
include "index.txt";?>

//***** this is the form that will be submitted******//

<form method="post" action="indexaction.php">
    <textarea name="main"  rows="50" cols="50">
</textarea>
    <input type="submit" name="submit" value="save changes" />
</form>

ok I think these codes are in reverse order but not to worry im sure you get the gist

[Michael_Baxter]

if you want to see this in operation I can give the address to the main working page

[Michael_Baxter]

<?php
 $con=mysqli_connect("neq3.com","usssername","password","DBname_content1");
 // Check connection
 if (mysqli_connect_errno())
   {
   echo "Failed to connect to MySQL: " . mysqli_connect_error();
   }

 $sql="INSERT INTO mnvbcou1_content1 (home)
 VALUES
 ('$_POST[header]')";

 if (!mysqli_query($con,$sql))
   {
   die('Error: ' . mysqli_error($con));
   }
 echo "1 record added";

 mysqli_close($con);
 ?>

this is one of the tests I tried to use

[ginerjm]

Actually I don't see what you are doing.

 

1 - show me the script that contains the form and the fields involved in it

2 - show me the php code that grabs the form's inputs and what you have attempted to do to save them in a db table.

 

Please name the blocks of code with actual script names so I can be sure of what I am looking at.  I am trying to approach this very slowly in order to help you understand what should be happening.  If you don't want to do it that way, I'll move on .

[Michael_Baxter]

ahhh I see what I have done here I gave you very wrong messy coding there sorry about that.....

 

I do not have all of the coding no longer it was left on my old server when I went onto premium ,

sorry to have messed you around the only coding I have complete now is my unsafe coding that saves to a .txt file and my

 

ok I have looked on my hard drive and found my codes:

//**** MY FORM ****//

<form method="post" action="indexaction.php">
    <textarea name="main"  rows="50" cols="50">
</textarea>
    <input type="submit" name="submit" value="save changes" />
</form>

//**** END OF FORM ****//


//**** MY ACTION FILE TO SEND TO DB ****//

<?php
 $con=mysqli_connect("neq3.com","USSERNAME_mike","PASSWORD","TABLENAME_content1");
 // Check connection
 if (mysqli_connect_errno())
   {
   echo "Failed to connect to MySQL: " . mysqli_connect_error();
   }

 $sql="INSERT INTO mnvbcou1_content1 (home)
 VALUES
 ('$_POST[header]')";

 if (!mysqli_query($con,$sql))
   {
   die('Error: ' . mysqli_error($con));
   }
 echo "1 record added";

 mysqli_close($con);
 ?>

//**** END OF ACTION FILE ****//

[ginerjm]

If you turn on php error checking you may see some errors.  Additionally you should be using prepared queries and not such an unsafe query that you are using with that post var being plugged in.  Incorrectly as well. 

 

As for you code - you are trying to update a table with the value of a form field named 'header'.  Perhaps you gave me the wrong code again?  I don't see a form field with that name.

 

That said - I have to wonder what you are doing here.  You have one big giant meaningless paragraph of text that you are storing into an unkeyed table.  Whatever for?

 

PS - when referencing an array element you should ALWAYS quote the index.

[Michael_Baxter]

ok this is just to re quote from the start of my topic

I know very little php but am learning as I go along and I know even less MySQL so I have no idea what I am doing I have managed to get this far

so in short I guess what I was hoping for is someone that can make a little sense of where I was trying to get to and hopefully build my code with me LOL

 

 

 

basically I want my group admin to input text DATA into a single eliment form I.E main or header

once submitted this text DATA needs to be saved within a DB

then I need to be able to retrieve this DATA and display it as so the group can read it as a web page thus allowing the group admin to be able to make changes without having to log into my main server account

 

in a sense im trying to create a ( CMS ) on a very simple scale

ya see I have my domain and I have created a sub domain for this group that are all computer illiterate

so the admin want to be able to click a link I give them and open a form type their text into it and save it without the hastle of logging into the main domain

[Michael_Baxter]

to clarify I have been working with MySQL less than 6 months and php less than a year

[ginerjm]

Php gets input data from a form via the 'name=' attribute of an input element.  So - if you want to post that data being typed into the textarea tag you need to look for THAT element's name in the POST array.  That would be $_POST['main'] since that is what you named it.

 

As for the query statement.  Read the manual on mysqli prepared queries.  Then you can build a safe query to do your database updates.  I don't use mysqli myself so I can't help you.  PDO, yes.  Mysqli - no.

 

PS - once you get this piece built how do you plan on the users retrieving specific text entries from your database.  You have no identifying criteria in a one-field table.  Perhaps you want to think about your database design and add some fields.  Maybe add a date added, a date modified, a username or id, a 'type' field to perhaps separate different types of entries from each other.  Then a specific user can sign on with their uid and provide a date or a type and query the table for entries they have made that match.  Sound like a plan?

Edited October 7, 2014 by ginerjm