simbae Posted August 19, 2021 Share Posted August 19, 2021 <?php session_start(); include("connection.php"); include("functions.php"); if($_SERVER['REQUEST_METHOD'] == "POST") { //something was posted $d_name = $_POST['d_name']; $manner_death = $_POST['manner_death']; $place_death = $_POST['place_death']; $nok = $_POST['nok']; $rel_nok = $_POST['rel_nok']; $morgue_att = $_POST['morgue_att']; $tag_num = $_POST['tag_num']; $treatment = $_POST['treatment']; if(!empty($d_name) && !empty($manner_death) && !is_numeric($user_name)) { //save to database $query = "insert into data (user_id,d_name,manner_death,place_death,nok,rel_nok,morgue_att,tag_num,treatment) values ('$user_id','$user_name','$d_name'.'$manner_death','$place_death','$nok','$rel_nok','$morgue_att','$tag_num','$treatment')"; mysqli_query($con, $query); header("Location: post.php"); die; }else { echo "Please enter some valid information!"; } } ?> <!DOCTYPE html> <html> <head> <title>Post Data</title> </head> <body> <style type="text/css"> #text{ height: 25px; border-radius: 5px; padding: 4px; border: solid thin #aaa; width: 100%; } #button{ padding: 10px; width: 100px; color: white; background-color: lightblue; border: none; } #box{ background-color: #ba33ff; margin: auto; width: 500px; padding: 20px; } </style> <div id="box"> <form method="post"> <div style="font-size: 20px;margin: 10px;color: white;">Enter data</div> Deceased name<input id="text" type="text" name="d_name"><br><br> Manner of death<input id="text" type="text" name="manner_death"><br><br> Place of death<input id="text" type="text" name="place_death"><br><br> Next of kin<input id="text" type="text" name="nok"><br><br> Relationship to Deceased<input id="text" type="text" name="rel_nok"><br><br> Morgue attendant<input id="text" type="text" name="morgue_att"><br><br> Tag name<input id="text" type="text" name="tag_num"><br><br> Treatment<input id="text" type="text" name="treatment"><br><br> <input type="submit" value="Submit"><br><br> </form> <a href="logout.php">Logout</a> </div> </body> </html> Quote Link to comment Share on other sites More sharing options...
ginerjm Posted August 19, 2021 Share Posted August 19, 2021 You failed to test the result of the call to 'query'. If you do that you may get an error message that helps you out. Plus - you don't do any validation of the inputs you are getting which means you can be saving bad data in your db. You need to examine your inputs and try to then use prepare statements for your database interactions from now on. Lastly - I suggest that you look up using the PDO interface rather than the old mysqlI one. Quote Link to comment Share on other sites More sharing options...
simbae Posted August 19, 2021 Author Share Posted August 19, 2021 anyone who can correct the code for me Quote Link to comment Share on other sites More sharing options...
Barand Posted August 19, 2021 Share Posted August 19, 2021 (edited) Rearranging your query to line up the fields with the values... $query = "insert into data (user_id, ??? d_name, manner_death, place_death ,nok, rel_nok, morgue_att, tag_num, treatment) values ('$user_id','$user_name', '$d_name'.'$manner_death','$place_death','$nok','$rel_nok','$morgue_att','$tag_num','$treatment')"; Whether you chage to PDO (recommended) or stay with mysqli, use prepared statements. Don't put data values into the query string. Putting this line of code before you connect the database will get it to report mysql errors... mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT); Edited August 19, 2021 by Barand Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.