enrmpaga Posted February 19, 2008 Share Posted February 19, 2008 I'm brushing up on my php, haven't used it in over 3 years but fancied refreshing my skills however i've hit a wall and some help would be greaty appriciated. I'm writing a script were user enter data into form, that is posted to following page were data is inserted to mySQL database, then the user can forward to the display page.. Everything seems to be working except for the fact that when I enter data into the textboxes the data is returned as NULL, i.e. the row is created, the ID field in generated, but the following fields are blank. Link: http://www.michaelpagan.co.uk/phprefresher/ Form Submission(index.php): <head> <title>Practice</title> </head> <html> <body> <form method="post" action="input.php"> <table> <tr> <td>Name:</td> <td><input name="txtNAME" type="text"></td> </tr> <tr> <td>Address:</td> <td><input name="txtADD" type="text"></td> </tr> <tr> <td>Phone Number:</td> <td><input name="txtPHONE" type="text"></td> </tr> <tr> <td>Email:</td> <td><input name="txtEMAIL" type="text"></td> </tr> <tr> <td colspan="2" align="center"><input type="Submit" text="Confirm"></td> </tr> </table> </form> </body> </html> record insert(input.php): <html> <body> <?php $username="username"; $password="password"; $database="database"; $server = "server"; $db_handle = mysql_connect($server, $username, $password); $db_found = mysql_select_db($database, $db_handle); if ($db_found) { $SQL = "INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$POST_[txtNAME]', '$POST_[txtADDRESS]', '$POST_[txtPHONE]', '$POST_[txtEMAIL]')"; $result = mysql_query($SQL); mysql_close($db_handle); print "Records added to the database"; } else { print "Database NOT Found". $db_handle; mysql_close($db_handle); } ?> <form action="output.php"> <p>View Database-------> <input type="submit" value="Click Me"></p> <br /> <br /><a href="http://www.michaelpagan.co.uk/phprefresher/index.php">Enter more records</a> </form> </body> </html> records display (output.php) <?php $username="username"; $password="password"; $database="database"; $server = "server"; $db_handle = mysql_connect($server, $username, $password); $db_found = mysql_select_db($database, $db_handle); if ($db_found) { $SQL = "SELECT * FROM CUSTTAB"; $output = mysql_query($SQL); while ($db_field = mysql_fetch_assoc($output)) { print $db_field['ID'] . "<BR>"; print $db_field['NAME'] . "<BR>"; print $db_field['ADDRESS'] . "<BR>"; print $db_field['PHONE'] . "<BR>"; print $db_field['EMAIL'] . "<BR>"; } mysql_close($db_handle); } else { print "Database NOT Found". $db_handle; mysql_close($db_handle); } ?> There could 2 reasons for the fields returning empty, 1. my field collation is set to latin1_general_cs and the textbox entries are invalid. 2. Insert method maybe flawed. any feedback?? Quote Link to comment Share on other sites More sharing options...
Sulman Posted February 19, 2008 Share Posted February 19, 2008 your POST syntax is a bit off: $POST_[txtNAME] should be $_POST[txtNAME] That might sort it. Quote Link to comment Share on other sites More sharing options...
naveenbj Posted February 19, 2008 Share Posted February 19, 2008 $SQL = "INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$POST_[txtNAME]', '$POST_[txtADDRESS]', '$POST_[txtPHONE]', '$POST_[txtEMAIL]')"; shuold be "INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$_POST[txtNAME]', '$_POST[txtADDRESS]', '$_POST[txtPHONE]', '$_POST[txtEMAIL]')"; ----------- Hope this will work:) Regards Nj Quote Link to comment Share on other sites More sharing options...
enrmpaga Posted February 19, 2008 Author Share Posted February 19, 2008 worked a treat guys thankyou very much much apprciated Quote Link to comment Share on other sites More sharing options...
redarrow Posted February 19, 2008 Share Posted February 19, 2008 crap wrong code that code provided is secuity risk.... $sql="INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$_POST[txtNAME]', '$_POST[txtADDRESS]', '$_POST[txtPHONE]', '$_POST[txtEMAIL]')"; correct example to insert info to a database...... <?php $txtNAME=mysql_real_escape_string($_POST['txtNAME']); $txtADDRESS=mysql_real_escape_string($_POST['txtADDRESS']); $txtPHONE=mysql_real_escape_string($_POST['txtPHONE']); $txtEMAIL=mysql_real_escape_string($_POST['txtEMAIL']); $sql="INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$txtNAME', '$txtADDRESS', '$txtPHONE', '$txtEMAIL')"; $result=mysql_query($sql) or die (mysql_error()); Quote Link to comment Share on other sites More sharing options...
enrmpaga Posted February 19, 2008 Author Share Posted February 19, 2008 thx redarrow, that is a better way to input the form variables, my way was alittle more crude .. thanks for the feedback guys Quote Link to comment Share on other sites More sharing options...
naveenbj Posted February 19, 2008 Share Posted February 19, 2008 crap wrong code that code provided is secuity risk.... $sql="INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$_POST[txtNAME]', '$_POST[txtADDRESS]', '$_POST[txtPHONE]', '$_POST[txtEMAIL]')"; correct example to insert info to a database...... <?php $txtNAME=mysql_real_escape_string($_POST['txtNAME']); $txtADDRESS=mysql_real_escape_string($_POST['txtADDRESS']); $txtPHONE=mysql_real_escape_string($_POST['txtPHONE']); $txtEMAIL=mysql_real_escape_string($_POST['txtEMAIL']); $sql="INSERT INTO CUSTTAB (NAME, ADDRESS, PHONE, EMAIL) VALUES ( '$txtNAME', '$txtADDRESS', '$txtPHONE', '$txtEMAIL')"; $result=mysql_query($sql) or die (mysql_error()); redarrow the code which i placed there is wrong ?? i just want to confirm only Regards Nj Quote Link to comment Share on other sites More sharing options...
redarrow Posted February 19, 2008 Share Posted February 19, 2008 ok mate but you need to exsplain the code you provided in deatail, even if you no it wrong sometimes wrong code still solves a solution in the user getting an idear off your code, but next time trie to post corrected code mate............ USE THE MODIFY FORUM BUTTON LOL Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.