why is my code not posting to the database

[simbae]

<?php 
session_start();

    include("connection.php");
    include("functions.php");

    if($_SERVER['REQUEST_METHOD'] == "POST")
    {
        //something was posted
        $d_name = $_POST['d_name'];
        $manner_death = $_POST['manner_death'];
        $place_death = $_POST['place_death'];
        $nok = $_POST['nok'];
        $rel_nok = $_POST['rel_nok'];
        $morgue_att = $_POST['morgue_att'];
        $tag_num = $_POST['tag_num'];
        $treatment = $_POST['treatment'];

        if(!empty($d_name) && !empty($manner_death) && !is_numeric($user_name))
        {

            //save to database
            
            $query = "insert into data (user_id,d_name,manner_death,place_death,nok,rel_nok,morgue_att,tag_num,treatment) values ('$user_id','$user_name','$d_name'.'$manner_death','$place_death','$nok','$rel_nok','$morgue_att','$tag_num','$treatment')";

            mysqli_query($con, $query);

            header("Location: post.php");
            die;
        }else
        {
            echo "Please enter some valid information!";
        }
    }
?>

<!DOCTYPE html>
<html>
<head>
    <title>Post Data</title>
</head>
<body>

    <style type="text/css">
    
    #text{

        height: 25px;
        border-radius: 5px;
        padding: 4px;
        border: solid thin #aaa;
        width: 100%;
    }

    #button{

        padding: 10px;
        width: 100px;
        color: white;
        background-color: lightblue;
        border: none;
    }

    #box{

        background-color: #ba33ff;
        margin: auto;
        width: 500px;
        padding: 20px;
    }

    </style>

    <div id="box">
        
        <form method="post">
            <div style="font-size: 20px;margin: 10px;color: white;">Enter data</div>

            Deceased name<input id="text" type="text" name="d_name"><br><br>
            Manner of death<input id="text" type="text" name="manner_death"><br><br>
            Place of death<input id="text" type="text" name="place_death"><br><br>
            Next of kin<input id="text" type="text" name="nok"><br><br>
            Relationship to Deceased<input id="text" type="text" name="rel_nok"><br><br>
            Morgue attendant<input id="text" type="text" name="morgue_att"><br><br>
            Tag name<input id="text" type="text" name="tag_num"><br><br>
            Treatment<input id="text" type="text" name="treatment"><br><br>

            <input type="submit" value="Submit"><br><br>

        </form>
        <a href="logout.php">Logout</a>
    </div>
</body>
</html>

[ginerjm]

You failed to test the result of the call to 'query'.  If you do that you may get an error message that helps you out.  Plus - you don't do any validation of the inputs you are getting which means you can be saving bad data in your db.  You need to examine your inputs and try to then use prepare statements for your database interactions from now on.

Lastly - I suggest that you look up using the PDO interface rather than the old mysqlI one.  

[simbae]

anyone who can correct the code for me

[Barand]

Rearranging your query to line up the fields with the values...

$query = "insert into data 
(user_id,       ???        d_name,   manner_death,   place_death    ,nok,   rel_nok,   morgue_att,  tag_num,  treatment) values 
('$user_id','$user_name', '$d_name'.'$manner_death','$place_death','$nok','$rel_nok','$morgue_att','$tag_num','$treatment')"; 

Whether you chage to PDO (recommended) or stay with mysqli, use prepared statements. Don't put data values into the query string.

Putting this line of code before you connect the database will get it to report mysql errors...

mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT);

 

Edited August 19, 2021 by Barand