Jump to content

Recommended Posts

HELLO EVERYONE

I HAVE A HTML FORM ON A HTML PAGE FOR USE AS A FEEDBACK FORM.
I WANT TO WRITE THE USER-ENTERED DETAILS INTO A MYSQL DATABASE
I AM USING A WEB HOSING SERVICE WHO HAVE TOLD ME THAT TO CONNECT TO THE DATABASE I NEED TO USE PDO (PHP DATABASE OBJECT).
HERE IS MY PRESENT PHP CODING TO DO THIS TASK AS OF DATE:
 

<?php

if(isset($_POST['email'])) {

function died($error) {

// your error code can go here

echo "We are very sorry, but there were error(s) found with the form you submitted. ";

echo "These errors appear below.<br /><br />";

echo $error."<br /><br />";

echo "Please go back and fix these errors.<br /><br />";

die();

}

// validation expected data exists

if(!isset($_POST['firstname']) ||

!isset($_POST['lastname']) ||

!isset($_POST['email']) ||

!isset($_POST['telephone']) ||

!isset($_POST['bustype']) ||

!isset($_POST['description'])) {

died('We are sorry, but there appears to be a problem with the form you submitted.');

}

$firstname = $_POST['firstname']; // required

$lastname = $_POST['lastname']; // required

$email = $_POST['email']; // required

$telephone = $_POST['telephone']; // not required

$bustype = $_POST['bustype']; // required

$description = $_POST['description']; // required

$con = new PDO("mysql:host=mysql.hostinger.in;dbname=databasename",'username', 'password');

$query = "INSERT INTO `databasename` (`id`, `firstname`, `lastname`, `bustype`, `email`, `telephone`, `description`, `timestamp`,) VALUES (NULL, '$firstname', '$lastname', '$bustype', '$email', '$telephone', '$description', CURRENT_TIMESTAMP,)";

$q = $con->prepare($query);
$q->execute(array(':$firstname' => $_POST['firstname'], ':$lastname' => $_POST['lastname'], ':$bustype' => $_POST['bustype'], ':$email' => $_POST['email'],':$telephone' => $_POST['telephone'], ':$description' => $_POST['description'], ));

echo "<h2>Thank you for filling in our contact. We shall get back to you as soon as possible.</h2>";
$con = null;

?>

but I AM GETTING AN ERROR MESSAGE WHEN I TRY TEST THE HTML FORM PAGE WHICH SAYS
 

PHP Code:
Parse errorsyntax errorunexpected $end in /home/u196883532/public_html/form.php on line 69 

PLUS THERE IS NO DATA WRITTEN TO THE DATABASE. I NEED HELP. WHAT CAN I DO? THANKS SmileBulb.gif

Link to comment
https://forums.phpfreaks.com/topic/294179-php-contact-form/
Share on other sites

Also note that the form variables are being added directly to the query. To use the named parameters defined in $q->execute(), you should change this:

... VALUES (NULL, '$firstname', ...

To this:

... VALUES (NULL, ':$firstname', ...

Note that I'm not very familiar with PDO, so hopefully someone will correct me if the syntax is incorrect. More information about preparing queries can be found here:

http://php.net/manual/en/pdo.prepare.php

Link to comment
https://forums.phpfreaks.com/topic/294179-php-contact-form/#findComment-1503918
Share on other sites

Proper code styling can go a long way to not only prevent them, but make finding errors like these much, much easier.

 

Consider the following adjustments to your code:

<?php

if(isset($_POST['email'])) {
    function died($error) {
        // your error code can go here
        echo "We are very sorry, but there were error(s) found with the form you submitted. ";
        echo "These errors appear below.<br /><br />";
        echo $error."<br /><br />";
        echo "Please go back and fix these errors.<br /><br />";
        die();
    }

    // validation expected data exists

    if 
        (
            !isset($_POST['firstname'])   ||
            !isset($_POST['lastname'])    ||
            !isset($_POST['email'])       ||
            !isset($_POST['telephone'])   ||
            !isset($_POST['bustype'])     ||
            !isset($_POST['description'])
        )
    {
        died('We are sorry, but there appears to be a problem with the form you submitted.');
    }

    $firstname   = $_POST['firstname'];   // required
    $lastname    = $_POST['lastname'];    // required
    $email       = $_POST['email'];       // required
    $telephone   = $_POST['telephone'];   // not required
    $bustype     = $_POST['bustype'];     // required
    $description = $_POST['description']; // required

    $con = new PDO("mysql:host=mysql.hostinger.in;dbname=databasename",'username', 'password');

    $query = 
        "INSERT INTO `databasename` " .
        "(`id`, `firstname`, `lastname`, `bustype`, `email`, `telephone`, `description`, `timestamp`,) " .
        "VALUES " .
        "(NULL, '$firstname', '$lastname', '$bustype', '$email', '$telephone', '$description', CURRENT_TIMESTAMP,)"
    ;

    $q = $con->prepare($query);
    $q->execute(array(
        ':$firstname'   => $_POST['firstname'],
        ':$lastname'    => $_POST['lastname'],
        ':$bustype'     => $_POST['bustype'],
        ':$email'       => $_POST['email'],
        ':$telephone'   => $_POST['telephone'],
        ':$description' => $_POST['description'], 
    ));

    echo "<h2>Thank you for filling in our contact. We shall get back to you as soon as possible.</h2>";
    $con = null;
}
This is much easier to read. It's a lot harder to here to miss brackets, because everything is properly indented.

 

If you're interested, I'd recommend you check out the PSR-2 style guide.

Link to comment
https://forums.phpfreaks.com/topic/294179-php-contact-form/#findComment-1503920
Share on other sites

Also note that the form variables are being added directly to the query.

No they're not, they're in single quotes.

 

To use the named parameters defined in $q->execute(), you should change this:

... VALUES (NULL, '$firstname', ...
To this:

... VALUES (NULL, ':$firstname', ...
Note that I'm not very familiar with PDO, so hopefully someone will correct me if the syntax is incorrect. More information about preparing queries can be found here:

http://php.net/manual/en/pdo.prepare.php

 

You should get rid of the $. Like so:

... VALUES (NULL, ':firstname', ...

...

$q->execute(array(':firstname' => $_POST['firstname'], ...
Edited by scootstah
Link to comment
https://forums.phpfreaks.com/topic/294179-php-contact-form/#findComment-1503921
Share on other sites

No they're not, they're in single quotes.

 

The overall query is in double quotes though.

$query = "INSERT INTO `databasename` (`id`, `firstname`, `lastname`, `bustype`, `email`, `telephone`, `description`, `timestamp`,) VALUES (NULL, '$firstname', '$lastname', '$bustype', '$email', '$telephone', '$description', CURRENT_TIMESTAMP,)";
Link to comment
https://forums.phpfreaks.com/topic/294179-php-contact-form/#findComment-1503923
Share on other sites

This has resolved the error code. But there is no data being written to the database. what shall i do?

 

Have you checked to see if any MySQL errors are being thrown? More information on how to do that can be found here:

http://php.net/manual/en/pdo.errorinfo.php

Link to comment
https://forums.phpfreaks.com/topic/294179-php-contact-form/#findComment-1503925
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.