Printable Version of Topic

Click here to view this topic in its original format

HTMLHelp Forums _ Databases _ no luck inserting data into database

Posted by: MindyT Nov 9 2015, 10:44 AM

Hi, it has been a while since I have worked with PHP & MYSQL. Can someone help me understand why information from a form isn't being inserted in the database. The connection is fine.

CODE

<?php
require_once('functions.php');
databaseConnection();
error_reporting(-1);
ini_set('display_errors', 1);

if ($_POST)
    {
    $error = array();

    if (empty($_POST['fname']))
        {
        $error['fname'] = "<span class='error'>Please enter your first name.</span>";
        }
    if (empty($_POST['lname']))
        {
        $error['lname'] = "<span class='error'>Please enter your last name.</span>";
        }

    if (!count($error))

        {        //Do something
        die("Do Something here");
        }
    
    if(isset($_POST['submit'])) {
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$orgName = $_POST['orgName'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zipcode = $_POST['zipcode'];
$phone = $_POST['phone'];
$fax = $_POST['fax'];
$email = $_POST['email'];
$confirmEmail = $_POST['confirmEmail'];
$projectOptions = $_POST['projectOptions'];
$projectOverview = $_POST['projectOverview'];
$year = $_POST['year'];
$services=array('social media', 'web content management', 'marketing material creation', 'SEO', 'video editing' , 'web design');
    }
mysql_select_db("www_mediaservicesunlimited_com");
$sql="INSERT INTO clients & #40;fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail,
projectOptions,projectOverview,year)
        VALUES  ('$_POST[fname]','$_POST[lname]','$_POST[orgName]','$_POST[address]','$_POST[city]','$_POST[state]','$_POST[zipcode]','$_POST[phone]','$_POST[fax]','$_POST[email]','$_POST[confirmEmail]','$_POST[projectOptions]','$_POST[projectOverview]','$_POST[year]' )";
}
///mysql_query($sql,$databaseConnection);
///mysql_close($databaseConnection);
?>
<!doctype html>
<html>
<head>
      <meta charset="utf-8">
      <style type="text/css">
        #contactForm label, #contactForm input {
            margin-bottom:20px;
          }
      </style>
      <title>Untitled Document</title>
   </head>
   <body>
       
        <div id="contactForm">  
         <form action ="contactUs.php" method="post">
         <label>  
           <label for "fname"> First Name:</label>
                  <input id = "fname" type="text" name="fname" size="15" value ="<?php echo !empty($_POST['fname']) ? $_POST['fname'] : '';?>" >    <?php echo !empty($error['fname']) ? $error['fname'] : '';?>
            <label for "lname">Last Name:</label>
                   <input type="text" name="lname" size="20"><?php echo !empty($error['lname']) ? $error['lname'] : '';?>
            <label for="orgName">Organization's Name:</label>
            <input type="text" name="orgName" maxlength="50">
            </label><br />
            <label> <!--new row -->  
                <label for "address">Street Address: </label>
                  <input id = "address" type="text" name="address" size="15" maxlength="50">
                <label id="city">City: </label>
                  <input id = "city" type="text" name="city" size="10" maxlength="25">
                <label  for "state"> State:    </label>
                  <select id  = "state" name = "state"  value="">
                     <option value ="Please choose a state">
                        Please choose a state
                     </option>
                     <?php states($state); ?>
                  </select>
                 <label for "zipcode">Zipcode:</label>
                  <input id = "zipcode" type="number" name="zipcode" size="5" maxlength="5">
             </label><br />
             <label> <!--new row -->
              <label for "phone">  Phone Number:(including area code)  <br /> </label>
                  <input type="text" name="phone" size="10" maxlength="10">  
            <label for="fax">Fax Number: (including area code)
</label>        
                  <input type="text" name="fax" size="10" maxlength="10">
            </label><br />
            <label> <!--new row-->
                <label for="email">Email: </label>
                  <input type="text" id = "email" name="email" />
                <label for="confirmEmail"> Confirm Email:</label>
                  <input type="text" id = "confirmEmail" name="ConfirmEmail" />
</label><br />
            <label> <!--new row -->
            <label for "projectChoices"> What would you like help with?  <br /></label>
             <table id="projectOptions">
                     <tr span=2>
                        <td><input type="checkbox" name="SocialMedia">Social Media </td>
                        <td><input type="checkbox" name="WebContentManagement">Web Content Management     </td>
                     </tr>
                     <tr>
                        <td><input type="checkbox" name="MarketingMaterials">Marketing Material Creation  </td>
                        <td><input type="checkbox" name="SEO">SEO (Search Engine Optimization)     </td>
                     </tr>
                     <tr>
                        <td><input type="checkbox" name="VideoEditing"> Video Editing  </td>
                        <td><input type="checkbox" name="WebDesign">Web Design      </td>
                     </tr>
                  </table>
            <label for="projectOverview"> Overview about the project:</label><textarea rows="5" cols="10"></textarea>  <br />
If you are not a robot, what year is it? <input type="text" name="year" size="4" maxlength="4"><br />
<input type="submit" name="submit" value="Contact Me!">
<input type="reset">
         </form>
        </div>
   </body>
</html>

Posted by: CharlesEF Nov 9 2015, 12:58 PM

I see a few possible problems:

1. You are open to SQL injection attacks by not sanitizing your user input. You are assigning the $_POST values to variables but in the actual SQL query you are not using them. This is the place where you should be sanitizing the data and then using the variables in the SQL query statement.
2. Where is $databaseConnection declared? Is it in the databaseConnection() function? If yes then you have a variable scope problem. The function should return the DB connection object and you would set the variable like this: $databaseConnection = databaseConnection();
3. Your INSERT query doesn't look right. What is the actual table name? You have used: clients & #40;
4. You should not be using mysql_ functions at all, they have been removed in PHP7. You should use mysqli_ or PDO.

Since you have error reporting turned on are you sure you are not getting any error messages?

Posted by: MindyT Nov 9 2015, 03:56 PM

I don't have a lot of time to answer all your questions right now, but I will later tonight, but the databaseConnection is declared in the functions file which is included in this file.

I haven't worked with PHP & MYSQL in years so I'm out of the loop with mysqil or PDO. Can you recommend any tutorials?

Posted by: masonh928 Nov 9 2015, 10:43 PM

http://www.phpro.org/tutorials/Introduction-to-PHP-PDO.html try it

Posted by: masonh928 Nov 9 2015, 10:43 PM

I personally recommend PDO, but mysqli is better than mysql.

Posted by: MindyT Nov 11 2015, 12:32 PM

I'm trying to use PDO to connect to the database but I'm getting an unexpected $End but I have combed thru the code and I can't find a missing quote or bracket. if I could get some help that would be great.

CODE

<?php
require_once('functions.php');
//databaseConnection();
$hostname = "hercules.xymmetrix.net";
$username = "mediasvcunltd";
$password = "Bls";
try {
    
    $db = new PDO("mysql:host=$hostname;dbname=mysql", $username, $password);
    /*** echo a message saying we have connected ***/
    echo 'Connected to database';
    }
catch(PDOException $e)
    {
    echo $e->getMessage();
    }
error_reporting(-1);
ini_set('display_errors', 1);

if ($_POST)
    {
    $error = array();

    if (empty($_POST['fname']))
        {
        $error['fname'] = "<span class='error'>Please enter your first name.</span>";
        }
    if (empty($_POST['lname']))
        {
        $error['lname'] = "<span class='error'>Please enter your last name.</span>";
        }

    if (!count($error))

        {        //Do something
        die("Do Something here");
        }
    
/*    if(isset($_POST['submit'])) {
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$orgName = $_POST['orgName'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zipcode = $_POST['zipcode'];
$phone = $_POST['phone'];
$fax = $_POST['fax'];
$email = $_POST['email'];
$confirmEmail = $_POST['confirmEmail'];
$projectOptions = $_POST['projectOptions'];
$projectOverview = $_POST['projectOverview'];
$year = $_POST['year'];
$services=array('social media', 'web content management', 'marketing material creation', 'SEO', 'video editing' , 'web design');
    }
mysql_select_db("www_mediaservicesunlimited_com");
$sql="INSERT INTO clients & #40;fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail,
projectOptions,projectOverview,year)
        VALUES  ('$_POST[fname]','$_POST[lname]','$_POST[orgName]','$_POST[address]','$_POST[city]','$_POST[state]','$_POST[zipcode]','$_POST[phone]','$_POST[fax]','$_POST[email]','$_POST[confirmEmail]','$_POST[projectOptions]','$_POST[projectOverview]','$_POST[year]' )";
}
///mysql_query($sql,$databaseConnection);
///mysql_close($databaseConnection);
    if ($year !="2015") {
        print "Please enter the current year";
    } */

?>
<!doctype html>
<html>
<head>
      <meta charset="utf-8">
      <style type="text/css">
        #contactForm label, #contactForm input {
            margin-bottom:20px;
          }
      </style>
      <title>Untitled Document</title>
   </head>
   <body>
       
        <div id="contactForm">  
         <form action ="contactUs.php" method="post">
         <label>  
           <label for "fname"> First Name:</label>
                  <input id = "fname" type="text" name="fname" size="15" value ="<?php echo !empty($_POST['fname']) ? $_POST['fname'] : '';?>" >    <?php echo !empty($error['fname']) ? $error['fname'] : '';?>
            <label for "lname">Last Name:</label>
                   <input type="text" name="lname" size="20"><?php echo !empty($error['lname']) ? $error['lname'] : '';?>
            <label for="orgName">Organization's Name:</label>
            <input type="text" name="orgName" maxlength="50">
            </label><br />
            <label> <!--new row -->  
                <label for "address">Street Address: </label>
                  <input id = "address" type="text" name="address" size="15" maxlength="50">
                <label id="city">City: </label>
                  <input id = "city" type="text" name="city" size="10" maxlength="25">
                <label  for "state"> State:    </label>
                  <select id  = "state" name = "state"  value="">
                     <option value ="Please choose a state">
                        Please choose a state
                     </option>
                     <?php //states($state); ?>
                  </select>
                 <label for "zipcode">Zipcode:</label>
                  <input id = "zipcode" type="number" name="zipcode" size="5" maxlength="5">
             </label><br />
             <label> <!--new row -->
              <label for "phone">  Phone Number:(including area code)  <br /> </label>
                  <input type="text" name="phone" size="10" maxlength="10">  
            <label for="fax">Fax Number: (including area code)
</label>        
                  <input type="text" name="fax" size="10" maxlength="10">
            </label><br />
            <label> <!--new row-->
                <label for="email">Email: </label>
                  <input type="text" id = "email" name="email" />
                <label for="confirmEmail"> Confirm Email:</label>
                  <input type="text" id = "confirmEmail" name="ConfirmEmail" />
</label><br />
            <label> <!--new row -->
            <label for "projectChoices"> What would you like help with?  <br /></label>
             <table id="projectOptions">
                     <tr span=2>
                        <td><input type="checkbox" name="SocialMedia">Social Media </td>
                        <td><input type="checkbox" name="WebContentManagement">Web Content Management     </td>
                     </tr>
                     <tr>
                        <td><input type="checkbox" name="MarketingMaterials">Marketing Material Creation  </td>
                        <td><input type="checkbox" name="SEO">SEO (Search Engine Optimization)     </td>
                     </tr>
                     <tr>
                        <td><input type="checkbox" name="VideoEditing"> Video Editing  </td>
                        <td><input type="checkbox" name="WebDesign">Web Design      </td>
                     </tr>
                  </table>
            <label for="projectOverview"> Overview about the project:</label><textarea rows="5" cols="10"></textarea>  <br />
If you are not a robot, what year is it? <input type="text" name="year" size="4" maxlength="4"><br />
<input type="submit" name="submit" value="Contact Me!">
<input type="reset">
         </form>
        </div>
   </body>
</html>

Posted by: CharlesEF Nov 11 2015, 02:44 PM

I think your problem is with this line of code:

CODE
$sql="INSERT INTO clients & #40;fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail,
projectOptions,projectOverview,year) VALUES ('$_POST[fname]','$_POST[lname]','$_POST[orgName]','$_POST[address]','$_POST[city]','$_POST[state]','$_POST[zipcode]','$_POST[phone]','$_POST[fax]','$_POST[email]','$_POST[confirmEmail]','$_POST[projectOptions]','$_POST[projectOverview]','$_POST[year]' )";
What is the actual name of the table? You are using clients & #40 but that makes no sense. #40 is not a valid variable name. If the table name is clients#40 then it should be enclosed with backticks like this `clients#40`. Also, there should not be a semicolon after the table name, it is invalid. And you have a closing ) when none is needed (before the word VALUES).

Posted by: MindyT Nov 11 2015, 03:43 PM

that's weird. I dont have that #40; in the code I have. The table name is clients

CODE

<?php
require_once('functions.php');
//databaseConnection();
/*$hostname = "hercules.xymmetrix.net";
$username = "mediasvcunltd";
$password = "days=suns";
try {
    
    $db = new PDO("mysql:host=$hostname;dbname=mysql", $username, $password);
    
    echo 'Connected to database';
    }
catch(PDOException $e)
        {
    echo $e->getMessage();
    }*/
error_reporting(-1);
ini_set('display_errors', 1);

if ($_POST)
    {
    $error = array();

    if (empty($_POST['fname']))
        {
        $error['fname'] = "<span class='error'>Please enter your first name.</span>";
        }
    if (empty($_POST['lname']))
        {
        $error['lname'] = "<span class='error'>Please enter your last name.</span>";
        }

    if (!count($error))

        {        //Do something
        die("Do Something here");
        }
    
/*    if(isset($_POST['submit'])) {
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$orgName = $_POST['orgName'];
$address = $_POST['address'];
$city = $_POST['city'];
$state = $_POST['state'];
$zipcode = $_POST['zipcode'];
$phone = $_POST['phone'];
$fax = $_POST['fax'];
$email = $_POST['email'];
$confirmEmail = $_POST['confirmEmail'];
$projectOptions = $_POST['projectOptions'];
$projectOverview = $_POST['projectOverview'];
$year = $_POST['year'];
$services=array('social media', 'web content management', 'marketing material creation', 'SEO', 'video editing' , 'web design');
    }
mysql_select_db("www_mediaservicesunlimited_com");
$sql="INSERT INTO clients & #40;fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail,
projectOptions,projectOverview,year)
        VALUES  ('$_POST[fname]','$_POST[lname]','$_POST[orgName]','$_POST[address]','$_POST[city]','$_POST[state]','$_POST[zipcode]','$_POST[phone]','$_POST[fax]','$_POST[email]','$_POST[confirmEmail]','$_POST[projectOptions]','$_POST[projectOverview]','$_POST[year]' )";
}
///mysql_query($sql,$databaseConnection);
///mysql_close($databaseConnection);
    if ($year !="2015") {
        print "Please enter the current year";
    } */

?>
<!doctype html>
<html>
<head>
      <meta charset="utf-8">
      <style type="text/css">
        #contactForm label, #contactForm input {
            margin-bottom:20px;
          }
      </style>
      <title>Untitled Document</title>
   </head>
   <body>
       
        <div id="contactForm">  
             <form action ="contactUs.php" method="post">
         <label>  
           <label for "fname"> First Name:</label>
                  <input id = "fname" type="text" name="fname" size="15" value ="<?php echo !empty($_POST['fname']) ? $_POST['fname'] : '';?>" >    <?php echo !empty($error['fname']) ? $error['fname'] : '';?>
            <label for "lname">Last Name:</label>
                   <input type="text" name="lname" size="20"><?php echo !empty($error['lname']) ? $error['lname'] : '';?>
            <label for="orgName">Organization's Name:</label>
            <input type="text" name="orgName" maxlength="50">
            </label><br />
            <label> <!--new row -->  
                <label for "address">Street Address: </label>
                  <input id = "address" type="text" name="address" size="15" maxlength="50">
                <label id="city">City: </label>
                  <input id = "city" type="text" name="city" size="10" maxlength="25">
                <label  for "state"> State:    </label>
                  <select id  = "state" name = "state"  value="">
                     <option value ="Please choose a state">
                        Please choose a state
                     </option>
                     <?php lstates($state); ?>
                  </select>
                 <label for "zipcode">Zipcode:</label>
                  <input id = "zipcode" type="number" name="zipcode" size="5" maxlength="5">
             </label><br />
             <label> <!--new row -->
              <label for "phone">  Phone Number:(including area code)  <br /> </label>
                  <input type="text" name="phone" size="10" maxlength="10">  
            <label for="fax">Fax Number: (including area code)
</label>        
                  <input type="text" name="fax" size="10" maxlength="10">
            </label><br />
            <label> <!--new row-->
                <label for="email">Email: </label>
                  <input type="text" id = "email" name="email" />
                <label for="confirmEmail"> Confirm Email:</label>
                  <input type="text" id = "confirmEmail" name="ConfirmEmail" />
</label><br />
            <label> <!--new row -->
            <label for "projectChoices"> What would you like help with?  <br /></label>
             <table id="projectOptions">
                     <tr span=2>
                        <td><input type="checkbox" name="SocialMedia">Social Media </td>
                        <td><input type="checkbox" name="WebContentManagement">Web Content Management     </td>
                     </tr>
                     <tr>
                        <td><input type="checkbox" name="MarketingMaterials">Marketing Material Creation  </td>
                        <td><input type="checkbox" name="SEO">SEO (Search Engine Optimization)     </td>
                     </tr>
                     <tr>
                        <td><input type="checkbox" name="VideoEditing"> Video Editing  </td>
                        <td><input type="checkbox" name="WebDesign">Web Design      </td>
                     </tr>
                  </table>
            <label for="projectOverview"> Overview about the project:</label><textarea rows="5" cols="10"></textarea>  <br />
If you are not a robot, what year is it? <input type="text" name="year" size="4" maxlength="4"><br />
<input type="submit" name="submit" value="Contact Me!">
<input type="reset">
         </form>
        </div>
   </body>
</html>

Posted by: MindyT Nov 11 2015, 03:49 PM

this is weird. It did it again but it 's not in my original code. I made sure it wasn't there when I pasted it but when I clicked add reply it added it.

Posted by: CharlesEF Nov 11 2015, 07:07 PM

Well, are you saying the forum added it? If so then I have no control over that. We will have to see if someone else jumps in.

Anyway, based on your new code you still have a closing ) where it is not needed. And this test is wrong 'if ($_POST)', it should be 'if(isset($_POST['submit']))'.

You should start a new file, copy and pasted small sections of code at a time. First, read and sanitize the $_POST values then assign them to variables. Next copy and paste the database connection code and test it. Work your way down from there, small steps

Posted by: CharlesEF Nov 12 2015, 08:34 AM

A thought about your copy and paste problem. Delete the white space between the table name and the first column name, then insert a new white space. Maybe what you see as a blank is not really blank?

Posted by: Frederiek Nov 12 2015, 12:00 PM

Just my 2 cents.
The "& #40;" should be a ( .

Posted by: CharlesEF Nov 12 2015, 01:07 PM

QUOTE(Frederiek @ Nov 12 2015, 11:00 AM) *

Just my 2 cents.
The "& #40;" should be a ( .
Good point, but there should not be a space between the & and the # should there?. OP, that makes the closing ) needed, if the opening ( can be fixed. If you copied and pasted from somewhere else then delete that character and insert a new one.

Posted by: CharlesEF Nov 12 2015, 11:02 PM

If you still need help with this problem then instead of copying and pasting your code into a post you can attach it to a post instead.

Posted by: Frederiek Nov 13 2015, 04:22 AM

QUOTE
Good point, but there should not be a space between the & and the # should there?

True, w/o the space, it's Unicode for (. (Though the forum tends to render the character instead of the code if no space is added.)
But I don't see why using Unicode for that in the first place.

Powered by Invision Power Board (http://www.invisionboard.com)
© Invision Power Services (http://www.invisionpower.com)