LearningScholar Posted November 26, 2014 Share Posted November 26, 2014 Hey guys, Earlier I mentioned making search criteria in my database. I also had to put in something to make it add to the database. I made some code like this: <form id="form" name="form" method="post" action="Website2.php"> <p> <label for="Genre">Genre</label> <input type="text" name="Genre" id="Genre" /> </p> <p> <label for="Naam">Naam</label> <input type="text" name="Naam" id="Naam" /> </p> <p> <label for="Jaar">Jaar</label> <input type="text" name="Jaar" id="Jaar" /> </p> <p> <label for="Regisseur">Regisseur</label> <input type="text" name="Regisseur" id="Regisseur" /> </p> <p> <input type="submit" name="Verzenden" id="Verzenden" value="Verzenden" /> </p> </form> <?php $Genre = $_POST["Genre"]; $Naam = $_POST["Naam"]; $Jaar = $_POST["Jaar"]; $Regisseur = $_POST["Regisseur"]; /*Hier hoeft geen verbinden meer gemaakt te worden met de database*/ if (isset($_POST['Verzenden']) && trim($_POST['Verzenden'])!=''){ $sql = "INSERT INTO Movies (Genre, Naam, Jaar, Regisseur) VALUES ('$Genre', '$Naam', '$Jaar', '$Regisseur')"; $resultaat = mysqli_query($db, $sql); $verbreken = mysqli_close($db); echo "De gegevens van $Naam zijn opgeslagen in de database.";} else echo 'Hier kunt u iets toevoegen'; ?> However it didn't work. I got the problem "Warning: mysqli_query() expects parameter 1 to be mysqli, null given in... on line 119" Can you guys help please? Link to comment https://forums.phpfreaks.com/topic/292726-warning-mysqli_query-expects-parameter-1-to-be-mysqli-null-given-in/ Share on other sites More sharing options...
cyberRobot Posted November 26, 2014 Share Posted November 26, 2014 Did you establish a database connection with mysqli prior to calling mysqli_query()? If so, is the connection object saved to $db? Link to comment https://forums.phpfreaks.com/topic/292726-warning-mysqli_query-expects-parameter-1-to-be-mysqli-null-given-in/#findComment-1497726 Share on other sites More sharing options...
QuickOldCar Posted November 26, 2014 Share Posted November 26, 2014 Along with what cyberRobot said... For your own good, take a look at mysqli_real_escape_string() and protect those $_POST variables before using them in your query. Furthermore you should check all of those $_POST values are set and not empty. Some changes. <form id="form" name="form" method="post" action="Website2.php"> <p> <label for="Genre">Genre</label> <input type="text" name="Genre" id="Genre" /> </p> <p> <label for="Naam">Naam</label> <input type="text" name="Naam" id="Naam" /> </p> <p> <label for="Jaar">Jaar</label> <input type="text" name="Jaar" id="Jaar" /> </p> <p> <label for="Regisseur">Regisseur</label> <input type="text" name="Regisseur" id="Regisseur" /> </p> <p> <input type="submit" name="Verzenden" id="Verzenden" value="Verzenden" /> </p> </form> <?php if (isset($_POST['Verzenden']){ include("/path/to/database/connection");//<--database connection http://php.net/manual/en/function.mysqli-connect.php $errors = array(); if(isset($_POST['Genre']) && trim($_POST['Genre']) != ''){ $Genre = mysqli_real_escape_string($db, trim($_POST['Genre'])); } else { $errors[] = 'No Genre'; } if(isset($_POST['Naam']) && trim($_POST['Naam']) != ''){ $Naam = mysqli_real_escape_string($db, trim($_POST['Naam'])); } else { $errors[] = 'No Naam'; } if(isset($_POST['Jaar']) && trim($_POST['Jaar']) != ''){ $Genre = mysqli_real_escape_string($db, trim($_POST['Jaar'])); } else { $errors[] = 'No Jaar'; } if(isset($_POST['Regisseur']) && trim($_POST['Regisseur']) != ''){ $Regisseur = mysqli_real_escape_string($db, trim($_POST['Regisseur'])); } else { $errors[] = 'Regisseur'; } /*Hier hoeft geen verbinden meer gemaakt te worden met de database*/ if (empty($errors)) { $sql = "INSERT INTO Movies (Genre, Naam, Jaar, Regisseur) VALUES ('$Genre', '$Naam', '$Jaar', '$Regisseur')"; $resultaat = mysqli_query($db, $sql); if(!$resultaat){ echo 'No query resultaat'; } else { echo "De gegevens van $Naam zijn opgeslagen in de database."; } $verbreken = mysqli_close($db); } else { foreach($errors as $error){ echo "$error <br />"; } } else { echo "Hier kunt u iets toevoegen <br />"; } ?> Link to comment https://forums.phpfreaks.com/topic/292726-warning-mysqli_query-expects-parameter-1-to-be-mysqli-null-given-in/#findComment-1497730 Share on other sites More sharing options...
LearningScholar Posted November 26, 2014 Author Share Posted November 26, 2014 oh thanks guys! using 'mysqli_real_escape_string' worked but are the '$errors' and '$error' necessary? Link to comment https://forums.phpfreaks.com/topic/292726-warning-mysqli_query-expects-parameter-1-to-be-mysqli-null-given-in/#findComment-1497757 Share on other sites More sharing options...
QuickOldCar Posted November 27, 2014 Share Posted November 27, 2014 using 'mysqli_real_escape_string' worked Using that just escaped the variables but are the '$errors' and '$error' necessary? Because I wrote to only execute the queries if no errors...yes If you wanted to remove them for some reason you can, but then you need something like this instead of if (empty($errors)) { would do if($Genre && $Naam && $Jaar && $Regisseur){ or if(isset($Genre) && isset($Naam) && isset($Jaar) && isset($Regisseur)){ I doubt you want any empty columns in your database. Otherwise you should set a default in your database or the query fails Could be a custom default, NULL Link to comment https://forums.phpfreaks.com/topic/292726-warning-mysqli_query-expects-parameter-1-to-be-mysqli-null-given-in/#findComment-1497794 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.