Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 7 of 7
  1. #1
    New Coder
    Join Date
    Nov 2011
    Location
    London
    Posts
    31
    Thanks
    5
    Thanked 1 Time in 1 Post

    Insert to database when submit button is clicked

    I need to insert user session to a database when the submit button is clicked.
    So far i have the insert query set up, i just need to know how to run that when the button is clicked.

    Thanks

  • #2
    Regular Coder
    Join Date
    Jun 2011
    Location
    Swindon, England
    Posts
    124
    Thanks
    3
    Thanked 9 Times in 9 Posts
    On the page that is the action in the form (<form action="thispage.php">...) place your code.

    If it is in the page in which the form is in then use the isset() function e.g.

    PHP Code:
    if(isset($_POST['fieldname']){script
    Otherwise it will only be triggered when the form calls the action so the need for that security is less.

    If this doesn't make any sense... Please can you post your HTML and PHP script.
    Xipux Design (Currently Unavailable)
    Laurence S Care

  • #3
    New Coder
    Join Date
    Nov 2011
    Location
    London
    Posts
    31
    Thanks
    5
    Thanked 1 Time in 1 Post
    ive got this so far. i just want an add button, not a whole form.

    PHP Code:
    <form name="freinds_request" method="post" action="friendrequest.php">
    <input type="submit" name="Submit" id="'$username'" value="Login">
    </form>

    <?php
    if(isset($friends_request)){
        
    $sendfriend $mysql_fetch_assoc("INSERT INTO users(friend_request) WHERE name='$friends_name' VALUES('$username')");
        while(isset(
    $friends_request)){
            echo 
    'Friends request sent!';
            }
        }
    ?>
    i guess i could have a button that acts like a like to another page (say friendsrequest.php) and in friends request.php it automatically runs the query. That idea is open to vulnerabilitys thoyugh because then anyone could type in friendsrequest.php?id=whatever and add them as a friend.

    any better ways?
    Last edited by Artyboy2011; 12-07-2011 at 01:44 PM. Reason: had an idea for a solution

  • #4
    Senior Coder
    Join Date
    Jul 2011
    Posts
    1,226
    Thanks
    3
    Thanked 171 Times in 171 Posts
    To check if a form is submitted, you can check for empty($_POST).

    Form items need to be named, as the names become indexes in the sent POST array.

    PHP Code:
    <?php
    if(empty($_POST)){
    ?>
        <form name="freinds_request" method="post" action="friendrequest.php">
            <input type="text" name="username" /> 
            <input type="submit" name="Submit" id="'$username'" value="Login"> 
        </form>
    <?php
    }
    else{
        
    $username $_POST['username'];
        
    // IMPORTANT FUNCTION - secures user input in sql queries against SQL injection.
        
    $username mysql_real_escape_string($username);
        
    // mysql_fetch_* functions are not for executing queries - they're for fetching results from a query
        // You need to use this instead. Or die will kill the script on error, and output the value in mysql_error().
        
    $result mysql_query("INSERT INTO `table` (`username`) VALUES ('$username')") or die(mysql_error());
        echo 
    'Username inserted'

    ?>

  • #5
    New Coder
    Join Date
    Nov 2011
    Location
    London
    Posts
    31
    Thanks
    5
    Thanked 1 Time in 1 Post
    i understand that, but i need to have 2 variables ($userid-created as a session and $friendid-the page will be friends.php?id=$friendid) posted from 1 submit button.
    is there anyway to do this?

    Quote Originally Posted by BluePanther View Post
    To check if a form is submitted, you can check for empty($_POST).

    Form items need to be named, as the names become indexes in the sent POST array.

    PHP Code:
    <?php
    if(empty($_POST)){
    ?>
        <form name="freinds_request" method="post" action="friendrequest.php">
            <input type="text" name="username" /> 
            <input type="submit" name="Submit" id="'$username'" value="Login"> 
        </form>
    <?php
    }
    else{
        
    $username $_POST['username'];
        
    // IMPORTANT FUNCTION - secures user input in sql queries against SQL injection.
        
    $username mysql_real_escape_string($username);
        
    // mysql_fetch_* functions are not for executing queries - they're for fetching results from a query
        // You need to use this instead. Or die will kill the script on error, and output the value in mysql_error().
        
    $result mysql_query("INSERT INTO `table` (`username`) VALUES ('$username')") or die(mysql_error());
        echo 
    'Username inserted'

    ?>

  • #6
    Regular Coder
    Join Date
    Jun 2011
    Location
    Swindon, England
    Posts
    124
    Thanks
    3
    Thanked 9 Times in 9 Posts
    Yes.. Add another input to the form.

    Code:
    <form name="freinds_request" method="post" action="friendrequest.php"> 
      <input type="text" name="username" />
      <input type="..." name="..." />
      <input type="submit" name="Submit" id="'$username'" value="Login">  
    </form>
    Then both will be sent with the submit button (the names of each input must be different though).
    Xipux Design (Currently Unavailable)
    Laurence S Care

  • #7
    New Coder
    Join Date
    Nov 2011
    Location
    London
    Posts
    31
    Thanks
    5
    Thanked 1 Time in 1 Post
    Quote Originally Posted by LSCare View Post
    Yes.. Add another input to the form.
    Thats exactly my problem, i need it to all be sent in 1 form. At the moment i have it set up like this.

    site.com/addfriend.php?id=FRIENDSIDHERE
    PHP Code:
    <?php
    session_start
    ();
    $username $_SESSION['myusername'];
    $friendid $_GET['friendid'];
       if(isset(
    $_SESSION['$username']) && isset($_GET['friendid'])){
          
    $sendfriend $mysql_query("INSERT INTO users(friend_request) WHERE id='$friendid' VALUES('$username')");
        while(
    $row mysql_fetch_assoc($sendfriend)){
            echo 
    "'$username' has requested to be friends with '$friendid'";
    }
    }
    ?>
    This doesn't seem to be working though.

    NOTE: I WILL BE MAKING THE SCRIPT MORE SECURE ONCE IT IS ALL WORKING.


  •  

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •