Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5

Thread: PHP Form

  1. #1
    New Coder
    Join Date
    Mar 2010
    Posts
    48
    Thanks
    0
    Thanked 0 Times in 0 Posts

    PHP Form

    I copied this php form off of w3 schools because it seemed perfect for what I need. I edited the form a bit to fit my liking but it doesn't seem to insert into the database or even say anything after you submit it.

    PHP Code:
    <html>
    <
    body>

    <
    form action="insert.php" method="post">
    First Name: <input type="text" name="name" />
    Age: <input type="text" name="age" />
    Email: <input type="text" name="email" />
    <
    input type="submit" />
    </
    form>

    </
    body>
    </
    html
    PHP Code:
    <?php
    $con 
    mysql_connect("localhost","blank","blank");
    if (!
    $con)
      {
      die(
    'Could not connect: ' mysql_error());
      }

    mysql_select_db("database"$con);

    $sql="INSERT INTO table (FirstName, Age, Email)
    VALUES
    ('$_POST[name]','$_POST[age]','$_POST[email]')"
    ;

    if (!
    mysql_query($sql,$con))
      {
      die(
    'Error: ' mysql_error());
      }
    echo 
    "1 record added";

    mysql_close($con)
    ?>
    The database name, table name, and password are all correct.
    Last edited by AlCapwn; 03-15-2010 at 02:26 AM.

  • #2
    bdl
    bdl is offline
    Regular Coder
    Join Date
    Apr 2007
    Location
    Camarillo, CA US
    Posts
    590
    Thanks
    4
    Thanked 83 Times in 82 Posts
    Please edit your code and remove your username (root) and password. I suggest you never allow any connections as root from anything but the mysql command line running on localhost. Always create a 'php only' or 'web only' database user with limited privileges. Always create an admin user with somewhat limited privileges to oversee day to day DDL and DML functions.

    Ok, now to the actual problem. You're saying the script doesn't output anything; is it simply giving you a blank page? No error? What does the HTML source of the parsed PHP script look like? Is the form target attribute correct?

    At the top of your script, add this:
    PHP Code:
    <?php
    error_reporting
    (E_ALL);
    ini_set('display_errors',1);

    var_dump($_POST);

    ...
    $con= ...

  • #3
    New Coder
    Join Date
    Mar 2010
    Posts
    48
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by bdl View Post
    Please edit your code and remove your username (root) and password. I suggest you never allow any connections as root from anything but the mysql command line running on localhost. Always create a 'php only' or 'web only' database user with limited privileges. Always create an admin user with somewhat limited privileges to oversee day to day DDL and DML functions.

    Ok, now to the actual problem. You're saying the script doesn't output anything; is it simply giving you a blank page? No error? What does the HTML source of the parsed PHP script look like? Is the form target attribute correct?

    At the top of your script, add this:
    PHP Code:
    <?php
    error_reporting
    (E_ALL);
    ini_set('display_errors',1);

    var_dump($_POST);

    ...
    $con= ...
    Yea it doesn't put anything in the database nor does it put anything on the page after you submit it's just blank white. Even after I put that code at the top of it.

  • #4
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    You need to add this

    PHP Code:
    if (isset($_POST['submit'])) {
    //Database insert

    Also your submit button doesn't have a name. That should help
    Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?

  • #5
    Senior Coder tomws's Avatar
    Join Date
    Nov 2007
    Location
    Arkansas
    Posts
    2,644
    Thanks
    29
    Thanked 330 Times in 326 Posts
    Follow bdl's advice and turn on error reporting. Blank pages usually mean you have some kind of syntax error or parse error and your error reporting is off.

    Once you turn it on, I suspect it might complain about an "unexpected $end". You're missing a semi-colon on the mysql_close line.

    When that's fixed, it may break because you're handling your POST variables incorrectly in the query string. Array notation needs to be handled a little differently. Try changing that to:
    PHP Code:
    $sql="INSERT INTO table (FirstName, Age, Email)
    VALUES
    ('{$_POST['name']}','{$_POST['age']}','{$_POST['email']}')"

    Note the curly braces and quoted array keys.

    Furthermore, your code is vulnerable to SQL injection. In the vernacular, that means you'll get hacked. So this code should not be used in a live project. If it's your intention to use this online somewhere, read up on php sql injection and mysql_real_escape_string().

    There may be other problems. These are just the obvious ones on first glance.
    Are you a Help Vampire?


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •