Jump to content

[PHP/mySQL] INSERT/DISPLAY data

enrmpaga

By enrmpaga
in PHP Coding Help

Recommended Posts

enrmpaga Newbie

enrmpaga

Posted
Posted

I'm brushing up on my php, haven't used it in over 3 years but fancied refreshing my skills however i've hit a wall and some help would be greaty appriciated.

 

I'm writing a script were user enter data into form, that is posted to following page were data is inserted to mySQL database, then the user can forward to the display page.. Everything seems to be working except for the fact that when I enter data into the textboxes the data is returned as NULL, i.e. the row is created, the ID field in generated, but the following fields are blank.

 

Link: http://www.michaelpagan.co.uk/phprefresher/

 

Form Submission(index.php):

<head>
<title>Practice</title>
</head>

<html>
<body>
<form method="post" action="input.php">

<table>

<tr>
<td>Name:</td>
<td><input name="txtNAME" type="text"></td>
</tr>

<tr>
<td>Address:</td>
<td><input name="txtADD" type="text"></td>
</tr>

<tr>
<td>Phone Number:</td>
<td><input name="txtPHONE" type="text"></td>
</tr>

<tr>
<td>Email:</td>
<td><input name="txtEMAIL" type="text"></td>
</tr>

<tr>
<td colspan="2" align="center"><input type="Submit" text="Confirm"></td>
</tr>
</table>
</form>
</body>
</html>

 

record insert(input.php):

<html>
<body>

<?php

$username="username";
$password="password";
$database="database";
$server = "server";

$db_handle = mysql_connect($server, $username, $password);
$db_found = mysql_select_db($database, $db_handle);

if ($db_found) {

    $SQL = "INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$POST_[txtNAME]',   '$POST_[txtADDRESS]', '$POST_[txtPHONE]', '$POST_[txtEMAIL]')";

$result = mysql_query($SQL);

mysql_close($db_handle);

print "Records added to the database";

}

else {
	print "Database NOT Found". $db_handle;
	mysql_close($db_handle);
	}
?>

<form action="output.php"> 
<p>View Database-------> <input type="submit" value="Click Me"></p>
<br />
<br /><a href="http://www.michaelpagan.co.uk/phprefresher/index.php">Enter more records</a> 

</form>

</body>
</html>

 

 

records display (output.php)

<?php

$username="username";
$password="password";
$database="database";
$server = "server";

$db_handle = mysql_connect($server, $username, $password);
$db_found = mysql_select_db($database, $db_handle);

if ($db_found) 
{

	$SQL = "SELECT * FROM CUSTTAB";
	$output = mysql_query($SQL);

	while ($db_field = mysql_fetch_assoc($output)) 
		{
			print $db_field['ID'] . "<BR>";
			print $db_field['NAME'] . "<BR>";
			print $db_field['ADDRESS'] . "<BR>";
			print $db_field['PHONE'] . "<BR>";
			print $db_field['EMAIL'] . "<BR>";
		}

	mysql_close($db_handle);
}

else 	
{
	print "Database NOT Found". $db_handle;
	mysql_close($db_handle);
}
?>

 

There could 2 reasons for the fields returning empty,

 

1. my field collation is set to latin1_general_cs and the textbox entries are invalid.

2. Insert method maybe flawed.

 

any feedback??

Link to comment
https://forums.phpfreaks.com/topic/91854-phpmysql-insertdisplay-data/
Share on other sites
naveenbj Member

naveenbj

Posted
Posted 

$SQL = "INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$POST_[txtNAME]',   '$POST_[txtADDRESS]', '$POST_[txtPHONE]', '$POST_[txtEMAIL]')";

 

shuold be

 

"INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$_POST[txtNAME]',   '$_POST[txtADDRESS]', '$_POST[txtPHONE]', '$_POST[txtEMAIL]')";

-----------

Hope this will work:)

 

Regards

Nj

 

redarrow Advanced Member

redarrow

Posted
Posted

crap wrong code that code provided is secuity risk....

$sql="INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$_POST[txtNAME]',  '$_POST[txtADDRESS]', '$_POST[txtPHONE]', '$_POST[txtEMAIL]')";

 

correct example to insert info to a database......

<?php
$txtNAME=mysql_real_escape_string($_POST['txtNAME']);
$txtADDRESS=mysql_real_escape_string($_POST['txtADDRESS']);
$txtPHONE=mysql_real_escape_string($_POST['txtPHONE']);
$txtEMAIL=mysql_real_escape_string($_POST['txtEMAIL']);

$sql="INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$txtNAME',   '$txtADDRESS', '$txtPHONE', '$txtEMAIL')";

$result=mysql_query($sql) or die (mysql_error());

naveenbj Member

naveenbj

Posted
Posted

crap wrong code that code provided is secuity risk....

$sql="INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$_POST[txtNAME]',   '$_POST[txtADDRESS]', '$_POST[txtPHONE]', '$_POST[txtEMAIL]')";

 

correct example to insert info to a database......

<?php
$txtNAME=mysql_real_escape_string($_POST['txtNAME']);
$txtADDRESS=mysql_real_escape_string($_POST['txtADDRESS']);
$txtPHONE=mysql_real_escape_string($_POST['txtPHONE']);
$txtEMAIL=mysql_real_escape_string($_POST['txtEMAIL']);

$sql="INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$txtNAME',   '$txtADDRESS', '$txtPHONE', '$txtEMAIL')";

$result=mysql_query($sql) or die (mysql_error());

 

 

redarrow

the code which i placed there is wrong ??

i just want to confirm only

 

Regards

Nj

 

redarrow Advanced Member

redarrow

Posted
Posted

ok mate but you need to exsplain the code you provided in deatail, even if you no it wrong sometimes wrong code still solves a solution in the user getting an idear off your code, but next time trie to post corrected code mate............

 

USE THE MODIFY FORUM BUTTON LOL

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.