kessie Posted March 1, 2017 Share Posted March 1, 2017 (edited) Hey guys, I created a form which has both text fields and select fields. I am able to display the values in the dropdown select field but i'm having troubles getting the id when trying to insert it into the database. Here's the code <?php /* * assigning vars to fields */ if(isset($_POST['submit'])){ $surname = $_POST['surname']; $forenames = $_POST['forenames']; $dob = $_POST['dob']; $gender = $_POST['gender']; $domination = $_POST['domination']; $nationality = $_POST['nationality']; $address = $_POST['address']; $country = $_POST['country']; $accommodation = $_POST['accommodation']; $session = $_POST['session']; $connection = $_POST['connection']; $parent_name = $_POST['parent_name']; $profession = $_POST['profession']; $phone = $_POST['phone']; $email = $_POST['email']; /* * set error flag to false */ $error = false; /* * set validation checks */ if(!preg_match("/^['a-zA-Z ']+$/", $surname)){ $error = true; $surname_error = "surname should only contain alphabets!"; } if(!preg_match("/^['a-zA-Z ']+$/", $forenames)){ $error = true; $forenames_error = "forenames should only contain alphabets and space!"; } if(!preg_match("/^['a-zA-Z ']+$/", $domination)){ $error = true; $domination_error = "domination should only contain alphabets!"; }if(!preg_match("/^['a-zA-Z ']+$/", $parent_name)){ $error = true; $parent_name_error = "parent name should only contain alphabets!"; } if(!preg_match("/^['a-zA-Z ']+$/", $profession)){ $error = true; $profession_error = "profession should only contain alphabets!"; } if(strlen($phone)<11){ $error = true; $phone_error = "enter a valid phone number"; } if(!filter_var($email, FILTER_VALIDATE_EMAIL)){ $error = true; $email_error = "enter a valid email"; } /* * insert records into the database */ $query5 = "INSERT INTO candidate (surname,forenames,dob,gender_id,domination,nationality_id,address,country_id,accommodation_id,session,connection_id,) VALUES ('".$surname."','".$forenames."','".$dob."','".$gender."','".$domination."','".$nationality."','".$address."','".$country."','".$accommodation."','".$session."','".$connection."')" && " INSERT INTO `guardian` (parent_name,profession,phone,email) VALUES ('".$parent_name."','".$profession."','".$phone."','".$email."') "; if(!$error){ if($insert_record = $db->query($query5)){ $success_msg = "successfully inserted record"; }else{ $error_msg = "failed to insert record!"; } } } /* * Get gender from the database */ $query1 = "SELECT * FROM `gender`"; $stmt1 = $db->query($query1); /* * Get nationality from the database */ $query2 = "SELECT * FROM `nationality`"; $stmt2 = $db->query($query2); /* * Get accommodation type from the database */ $query3 = "SELECT * FROM `accommodation`"; $stmt3 = $db->query($query3); /* * Get connection from the database */ $query4 = "SELECT * FROM `connection`"; $stmt4 = $db->query($query4); /* * Get country from the database */ $query6 = "SELECT * FROM `country`"; $stmt6 = $db->query($query6); ?> <!-- form body --> <div class="container" style="margin-top: 5%;margin-bottom: 4%"> <form method="post" action="register.php" class="col-lg-5 col-lg-offset-3 well"> <span class="text-success"><?php if (isset($success_msg)) echo $success_msg;?></span> <span class="text-danger"><?php if (isset($error_msg)) echo $error_msg;?></span> <h1 style="text-align: center">Registeration Form</h1><br> <legend>Child's Details</legend> <div class="form-group"> <label for="surname">Surname</label> <input type="text" name="surname" placeholder="enter surname" class="form-control"> </div> <div class="form-group"> <label for="forenames">Forenames (in full)</label> <input type="text" name="forenames" placeholder="enter forenames" class="form-control"> </div> <div class="form-group"> <label for="dob">Date of Birth</label> <input type="Date" name="dob" class="form-control"> </div>urlogin info data <div class="form-group"> <label for="gender">Gender</label> <select name="gender" class="form-control"> <?php while($row1 = $stmt1->fetch(PDO::FETCH_ASSOC)): ?> <?php if($row1['gender_id'] == $_POST['gender']){ $selected = 'selected'; }else{ $selected = ''; } ?> <option <?php echo $selected; ?> value="<?php echo $row1['gender_id'];?>" ><?php echo $row1['gender_name'];?></option> <?php endwhile;?> </select> </div> <div class="form-group"> <label for="domination">Religious Domination</label> <input type="text" name="domination" placeholder="enter domination" class="form-control"> </div> <div class="form-group"> <label for="nationality">Nationality</label> <select name="nationality" class="form-control"> <?php while($row2 = $stmt2->fetch(PDO::FETCH_ASSOC)): ?> <?php if($row2['nationality_id'] == $_POST['nationality']){ $selected = 'selected'; }else{ $selected = ''; } ?> <option <?php echo $selected; ?> value="<?php echo $row2['nationality_id'];?>" ><?php echo $row2['nationality_name'];?></option> <?php endwhile;?> </select> </div> <div class="form-group"> <label for="address">Home Address</label> <textarea type="text" name="address" class="form-control"></textarea> </div> <div class="form-group"> <label for="country">Country of Birth</label> <select name="country" class="form-control"> <?php while($row6 = $stmt6->fetch(PDO::FETCH_ASSOC)): ?> <?php if($row6['country_id'] == $_POST['country']){ $selected = 'selected'; }else{ $selected = ''; } ?> <option <?php echo $selected; ?> value="<?php echo $row6['country_id'];?>" ><?php echo $row6['country_name'];?></option> <?php endwhile;?> </select> </div> <div class="form-group"> <label for="accommodation">Accommodation Type</label> <select name="accommodation" class="form-control"> <?php while($row3 = $stmt3->fetch(PDO::FETCH_ASSOC)): ?> <?php if($row3['accommodation_id'] == $_POST['accommodation']){ $selected = 'selected'; }else{ $selected = ''; } ?> <option <?php echo $selected; ?> value="<?php echo $row3['accommodation_id'];?>" ><?php echo $row3['accommodation_type'];?></option> <?php endwhile;?> </select> </div> <div class="form-group"> <label for="session">Proposed year and term of entry (e.g 2016, Summer)</label> <input type="text" name="session" placeholder="enter year and term" class="form-control"> </div> <div class="form-group"> <label for="connection">Have a Grange Connection?</label> <select name="connection" class="form-control"> <?php while($row4 = $stmt4->fetch(PDO::FETCH_ASSOC)): ?> <?php if($row4['connection_id'] == $_POST['connection']){ $selected = 'selected'; }else{ $selected = ' '; } ?> <option <?php echo $selected; ?> value="<?php echo $row4['connection_id'];?>" ><?php echo $row4['connection_name'];?></option> <?php endwhile;?> </select> </div> <br> <legend>Details of Parent/Guardians.</legend> <div class="form-group"> <label for="parent_name">Name of Parent/Legal Guardian</label> <input type="text" name="parent_name" placeholder="enter Parent's name" class="form-control"> </div> <div class="form-group"> <label for="profession">Profession</label> <input type="text" name="profession" placeholder="enter Parent's Profession" class="form-control"> </div> <div class="form-group"> <label for="phone">Mobile Telephone Number</label> <input type="Number" name="phone" placeholder="phone number" class="form-control"> </div> <div class="form-group"> <label for="email">Email Address</label> <input type="Email" name="email" placeholder="example@.com" class="form-control"> </div> <input type="submit" name="submit" value="Submit" class="btn btn-primary"> <input type="submit" name="cancel" value="Cancel" class="btn btn-default"> </form> </div> I want to be able to insert the id into the candidate table where gender_id, nationality_id, country_id, accommodation_id, connection_id are all foreign keys Edited March 1, 2017 by requinix please use [code] tags when posting code Quote Link to comment Share on other sites More sharing options...
ginerjm Posted March 1, 2017 Share Posted March 1, 2017 (edited) Does your script show you any errors? YOu have a mistake in your query so I'm thinking that you should be getting some error message but perhaps you don't have error checking turned on to see them. What tells you that the info is not being posted? The mere lack of it? Does your script give the error you setup for the query failure? Give us a hint as to what is NOT happening in your script. If you don't know, add some echo lines to show the progress of your script so you can pinpoint the spot where it goes south. PS - you really need to learn how to sanitized your inputs so avoid problems when plugging them into queries. Look up the use of prepared queries asap. Also - you should learn how to intermingle " and ' chars to help you avoid having to break up your strings like you are doing. An ex.: "INSERT INTO candidate (surname,forenames,dob,gender_id,domination,nationality_id,address,country_id,accommodation_id,session,connection_id,) VALUES ('".$surname."','".$forenames."','".$dob."','".$gender."','".$domination."','".$nationality."','".$address."','".$country."','".$accommodation."','".$session."','".$connection."')" && " INSERT INTO `guardian` (parent_name,profession,phone,email) VALUES ('".$parent_name."','".$profession."','".$phone."','".$email."') "; could be written as: $query5 = "INSERT INTO candidate ( surname, forenames, dob, gender_id, domination, nationality_id, address, country_id, accommodation_id, session, connection_id,) VALUES ( '$surname', '$forenames', '$dob', '$gender', '$domination', '$nationality', '$address', '$country', '$accommodation', '$session', '$connection' )" && " INSERT INTO `guardian` ( parent_name, profession, phone, email ) VALUES ( '$parent_name', '$profession', '$phone', '$email' )"; Of course this is still a poorly written query statement since it is subject to injection but I am showing you how you can save a lot of frustration in writing complex string. Edited March 1, 2017 by ginerjm Quote Link to comment Share on other sites More sharing options...
Solution Psycho Posted March 1, 2017 Solution Share Posted March 1, 2017 What "problem" are you having - exactly. What IS getting saved in the database? Or, are you getting errors? If so, what are they? Here are a few things you should verify: 1. Do a View Source on the form page and inspect the Select Options are properly formatted and that their values are the IDs that you expect. 2. Run this in the code the handles the form submission to verify the complete and correct data is being submitted echo "<pre>".print_r($_POST, 1)."</pre>"; 3. echo the query tot he page to ensure it is correct. Also, you can copy/paste the derived query into your database management console (e.g. PHPMyAdmin) to verify it is valid and see if there are any errors. Pro tip: Create and test your queries in a management console first (with hard coded data). Once you have them working as you want - then put them in your code replacing with the dynamic values. NOTE 1: Your code is wide open to SQL injection. You should be using prepared statements. NOTE 2: Who are you to say what characters may be in a person's name? What about a person with a hyphentated name "Julie Brown-Smith" or what about someone with diacritic characters in their name: "Robert Muñoz" Quote Link to comment Share on other sites More sharing options...
kessie Posted March 1, 2017 Author Share Posted March 1, 2017 no errors, just the custom error message. all other fields are working, i guess, its just where i need to input the selected id Quote Link to comment Share on other sites More sharing options...
kessie Posted March 1, 2017 Author Share Posted March 1, 2017 @psycho nothing is being inserted into the database and I'm only getting the custom error from the the if-else statement Quote Link to comment Share on other sites More sharing options...
ginerjm Posted March 1, 2017 Share Posted March 1, 2017 If you turn on php error checking you should be seeing the error on your first query. YOu have an extra comma in there. See my signature. Quote Link to comment Share on other sites More sharing options...
Psycho Posted March 1, 2017 Share Posted March 1, 2017 @psycho nothing is being inserted into the database and I'm only getting the custom error from the the if-else statement "Which" custom error is being presented? I assume the custom error should prevent the record from being inserted. So, I further assume that your problem is that you believe the custom error is being triggered erroneously. But, that is a lot of assuming on my part. How about we change this around and you actually tell us the problem instead of us playing 20 questions? I know that when you are working on a problem, all these things seem "obvious" to you. But, when you need help, you need to step back and determine the relevant information to provide. A good rule of thumb would be to follow a normal bug report: 1. What are the steps to reproduce the issue 2. What is the expected result 3. What is the actual result Quote Link to comment Share on other sites More sharing options...
kessie Posted March 2, 2017 Author Share Posted March 2, 2017 thank you guys, i have been able to fix the code. i guess i just had to do thorough debugging. And thanks a lot @psycho Quote Link to comment Share on other sites More sharing options...
benanamen Posted March 2, 2017 Share Posted March 2, 2017 Now that you have it working it would be in your "be a better coder" interests to post your "fixed" code. I suspect that although it may work, it is still wrong. We are happy to review what you came up with. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.