no luck inserting data into database |
no luck inserting data into database |
MindyT |
Nov 9 2015, 10:44 AM
Post
#1
|
Advanced Member Group: Members Posts: 165 Joined: 12-November 13 Member No.: 19,963 |
Hi, it has been a while since I have worked with PHP & MYSQL. Can someone help me understand why information from a form isn't being inserted in the database. The connection is fine.
CODE <?php require_once('functions.php'); databaseConnection(); error_reporting(-1); ini_set('display_errors', 1); if ($_POST) { $error = array(); if (empty($_POST['fname'])) { $error['fname'] = "<span class='error'>Please enter your first name.</span>"; } if (empty($_POST['lname'])) { $error['lname'] = "<span class='error'>Please enter your last name.</span>"; } if (!count($error)) { //Do something die("Do Something here"); } if(isset($_POST['submit'])) { $fname = $_POST['fname']; $lname = $_POST['lname']; $orgName = $_POST['orgName']; $address = $_POST['address']; $city = $_POST['city']; $state = $_POST['state']; $zipcode = $_POST['zipcode']; $phone = $_POST['phone']; $fax = $_POST['fax']; $email = $_POST['email']; $confirmEmail = $_POST['confirmEmail']; $projectOptions = $_POST['projectOptions']; $projectOverview = $_POST['projectOverview']; $year = $_POST['year']; $services=array('social media', 'web content management', 'marketing material creation', 'SEO', 'video editing' , 'web design'); } mysql_select_db("www_mediaservicesunlimited_com"); $sql="INSERT INTO clients & #40;fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail, projectOptions,projectOverview,year) VALUES ('$_POST[fname]','$_POST[lname]','$_POST[orgName]','$_POST[address]','$_POST[city]','$_POST[state]','$_POST[zipcode]','$_POST[phone]','$_POST[fax]','$_POST[email]','$_POST[confirmEmail]','$_POST[projectOptions]','$_POST[projectOverview]','$_POST[year]' )"; } ///mysql_query($sql,$databaseConnection); ///mysql_close($databaseConnection); ?> <!doctype html> <html> <head> <meta charset="utf-8"> <style type="text/css"> #contactForm label, #contactForm input { margin-bottom:20px; } </style> <title>Untitled Document</title> </head> <body> <div id="contactForm"> <form action ="contactUs.php" method="post"> <label> <label for "fname"> First Name:</label> <input id = "fname" type="text" name="fname" size="15" value ="<?php echo !empty($_POST['fname']) ? $_POST['fname'] : '';?>" > <?php echo !empty($error['fname']) ? $error['fname'] : '';?> <label for "lname">Last Name:</label> <input type="text" name="lname" size="20"><?php echo !empty($error['lname']) ? $error['lname'] : '';?> <label for="orgName">Organization's Name:</label> <input type="text" name="orgName" maxlength="50"> </label><br /> <label> <!--new row --> <label for "address">Street Address: </label> <input id = "address" type="text" name="address" size="15" maxlength="50"> <label id="city">City: </label> <input id = "city" type="text" name="city" size="10" maxlength="25"> <label for "state"> State: </label> <select id = "state" name = "state" value=""> <option value ="Please choose a state"> Please choose a state </option> <?php states($state); ?> </select> <label for "zipcode">Zipcode:</label> <input id = "zipcode" type="number" name="zipcode" size="5" maxlength="5"> </label><br /> <label> <!--new row --> <label for "phone"> Phone Number:(including area code) <br /> </label> <input type="text" name="phone" size="10" maxlength="10"> <label for="fax">Fax Number: (including area code) </label> <input type="text" name="fax" size="10" maxlength="10"> </label><br /> <label> <!--new row--> <label for="email">Email: </label> <input type="text" id = "email" name="email" /> <label for="confirmEmail"> Confirm Email:</label> <input type="text" id = "confirmEmail" name="ConfirmEmail" /> </label><br /> <label> <!--new row --> <label for "projectChoices"> What would you like help with? <br /></label> <table id="projectOptions"> <tr span=2> <td><input type="checkbox" name="SocialMedia">Social Media </td> <td><input type="checkbox" name="WebContentManagement">Web Content Management </td> </tr> <tr> <td><input type="checkbox" name="MarketingMaterials">Marketing Material Creation </td> <td><input type="checkbox" name="SEO">SEO (Search Engine Optimization) </td> </tr> <tr> <td><input type="checkbox" name="VideoEditing"> Video Editing </td> <td><input type="checkbox" name="WebDesign">Web Design </td> </tr> </table> <label for="projectOverview"> Overview about the project:</label><textarea rows="5" cols="10"></textarea> <br /> If you are not a robot, what year is it? <input type="text" name="year" size="4" maxlength="4"><br /> <input type="submit" name="submit" value="Contact Me!"> <input type="reset"> </form> </div> </body> </html> |
CharlesEF |
Nov 9 2015, 12:58 PM
Post
#2
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
I see a few possible problems:
1. You are open to SQL injection attacks by not sanitizing your user input. You are assigning the $_POST values to variables but in the actual SQL query you are not using them. This is the place where you should be sanitizing the data and then using the variables in the SQL query statement. 2. Where is $databaseConnection declared? Is it in the databaseConnection() function? If yes then you have a variable scope problem. The function should return the DB connection object and you would set the variable like this: $databaseConnection = databaseConnection(); 3. Your INSERT query doesn't look right. What is the actual table name? You have used: clients & #40; 4. You should not be using mysql_ functions at all, they have been removed in PHP7. You should use mysqli_ or PDO. Since you have error reporting turned on are you sure you are not getting any error messages? |
MindyT |
Nov 9 2015, 03:56 PM
Post
#3
|
Advanced Member Group: Members Posts: 165 Joined: 12-November 13 Member No.: 19,963 |
I don't have a lot of time to answer all your questions right now, but I will later tonight, but the databaseConnection is declared in the functions file which is included in this file.
I haven't worked with PHP & MYSQL in years so I'm out of the loop with mysqil or PDO. Can you recommend any tutorials? |
masonh928 |
Nov 9 2015, 10:43 PM
Post
#4
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
|
masonh928 |
Nov 9 2015, 10:43 PM
Post
#5
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
I personally recommend PDO, but mysqli is better than mysql.
|
MindyT |
Nov 11 2015, 12:32 PM
Post
#6
|
Advanced Member Group: Members Posts: 165 Joined: 12-November 13 Member No.: 19,963 |
I'm trying to use PDO to connect to the database but I'm getting an unexpected $End but I have combed thru the code and I can't find a missing quote or bracket. if I could get some help that would be great.
CODE <?php require_once('functions.php'); //databaseConnection(); $hostname = "hercules.xymmetrix.net"; $username = "mediasvcunltd"; $password = "Bls"; try { $db = new PDO("mysql:host=$hostname;dbname=mysql", $username, $password); /*** echo a message saying we have connected ***/ echo 'Connected to database'; } catch(PDOException $e) { echo $e->getMessage(); } error_reporting(-1); ini_set('display_errors', 1); if ($_POST) { $error = array(); if (empty($_POST['fname'])) { $error['fname'] = "<span class='error'>Please enter your first name.</span>"; } if (empty($_POST['lname'])) { $error['lname'] = "<span class='error'>Please enter your last name.</span>"; } if (!count($error)) { //Do something die("Do Something here"); } /* if(isset($_POST['submit'])) { $fname = $_POST['fname']; $lname = $_POST['lname']; $orgName = $_POST['orgName']; $address = $_POST['address']; $city = $_POST['city']; $state = $_POST['state']; $zipcode = $_POST['zipcode']; $phone = $_POST['phone']; $fax = $_POST['fax']; $email = $_POST['email']; $confirmEmail = $_POST['confirmEmail']; $projectOptions = $_POST['projectOptions']; $projectOverview = $_POST['projectOverview']; $year = $_POST['year']; $services=array('social media', 'web content management', 'marketing material creation', 'SEO', 'video editing' , 'web design'); } mysql_select_db("www_mediaservicesunlimited_com"); $sql="INSERT INTO clients & #40;fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail, projectOptions,projectOverview,year) VALUES ('$_POST[fname]','$_POST[lname]','$_POST[orgName]','$_POST[address]','$_POST[city]','$_POST[state]','$_POST[zipcode]','$_POST[phone]','$_POST[fax]','$_POST[email]','$_POST[confirmEmail]','$_POST[projectOptions]','$_POST[projectOverview]','$_POST[year]' )"; } ///mysql_query($sql,$databaseConnection); ///mysql_close($databaseConnection); if ($year !="2015") { print "Please enter the current year"; } */ ?> <!doctype html> <html> <head> <meta charset="utf-8"> <style type="text/css"> #contactForm label, #contactForm input { margin-bottom:20px; } </style> <title>Untitled Document</title> </head> <body> <div id="contactForm"> <form action ="contactUs.php" method="post"> <label> <label for "fname"> First Name:</label> <input id = "fname" type="text" name="fname" size="15" value ="<?php echo !empty($_POST['fname']) ? $_POST['fname'] : '';?>" > <?php echo !empty($error['fname']) ? $error['fname'] : '';?> <label for "lname">Last Name:</label> <input type="text" name="lname" size="20"><?php echo !empty($error['lname']) ? $error['lname'] : '';?> <label for="orgName">Organization's Name:</label> <input type="text" name="orgName" maxlength="50"> </label><br /> <label> <!--new row --> <label for "address">Street Address: </label> <input id = "address" type="text" name="address" size="15" maxlength="50"> <label id="city">City: </label> <input id = "city" type="text" name="city" size="10" maxlength="25"> <label for "state"> State: </label> <select id = "state" name = "state" value=""> <option value ="Please choose a state"> Please choose a state </option> <?php //states($state); ?> </select> <label for "zipcode">Zipcode:</label> <input id = "zipcode" type="number" name="zipcode" size="5" maxlength="5"> </label><br /> <label> <!--new row --> <label for "phone"> Phone Number:(including area code) <br /> </label> <input type="text" name="phone" size="10" maxlength="10"> <label for="fax">Fax Number: (including area code) </label> <input type="text" name="fax" size="10" maxlength="10"> </label><br /> <label> <!--new row--> <label for="email">Email: </label> <input type="text" id = "email" name="email" /> <label for="confirmEmail"> Confirm Email:</label> <input type="text" id = "confirmEmail" name="ConfirmEmail" /> </label><br /> <label> <!--new row --> <label for "projectChoices"> What would you like help with? <br /></label> <table id="projectOptions"> <tr span=2> <td><input type="checkbox" name="SocialMedia">Social Media </td> <td><input type="checkbox" name="WebContentManagement">Web Content Management </td> </tr> <tr> <td><input type="checkbox" name="MarketingMaterials">Marketing Material Creation </td> <td><input type="checkbox" name="SEO">SEO (Search Engine Optimization) </td> </tr> <tr> <td><input type="checkbox" name="VideoEditing"> Video Editing </td> <td><input type="checkbox" name="WebDesign">Web Design </td> </tr> </table> <label for="projectOverview"> Overview about the project:</label><textarea rows="5" cols="10"></textarea> <br /> If you are not a robot, what year is it? <input type="text" name="year" size="4" maxlength="4"><br /> <input type="submit" name="submit" value="Contact Me!"> <input type="reset"> </form> </div> </body> </html> |
CharlesEF |
Nov 11 2015, 02:44 PM
Post
#7
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
I think your problem is with this line of code:
CODE $sql="INSERT INTO clients & #40;fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail, What is the actual name of the table? You are using clients & #40 but that makes no sense. #40 is not a valid variable name. If the table name is clients#40 then it should be enclosed with backticks like this `clients#40`. Also, there should not be a semicolon after the table name, it is invalid. And you have a closing ) when none is needed (before the word VALUES).projectOptions,projectOverview,year) VALUES ('$_POST[fname]','$_POST[lname]','$_POST[orgName]','$_POST[address]','$_POST[city]','$_POST[state]','$_POST[zipcode]','$_POST[phone]','$_POST[fax]','$_POST[email]','$_POST[confirmEmail]','$_POST[projectOptions]','$_POST[projectOverview]','$_POST[year]' )"; |
MindyT |
Nov 11 2015, 03:43 PM
Post
#8
|
Advanced Member Group: Members Posts: 165 Joined: 12-November 13 Member No.: 19,963 |
that's weird. I dont have that #40; in the code I have. The table name is clients
CODE <?php require_once('functions.php'); //databaseConnection(); /*$hostname = "hercules.xymmetrix.net"; $username = "mediasvcunltd"; $password = "days=suns"; try { $db = new PDO("mysql:host=$hostname;dbname=mysql", $username, $password); echo 'Connected to database'; } catch(PDOException $e) { echo $e->getMessage(); }*/ error_reporting(-1); ini_set('display_errors', 1); if ($_POST) { $error = array(); if (empty($_POST['fname'])) { $error['fname'] = "<span class='error'>Please enter your first name.</span>"; } if (empty($_POST['lname'])) { $error['lname'] = "<span class='error'>Please enter your last name.</span>"; } if (!count($error)) { //Do something die("Do Something here"); } /* if(isset($_POST['submit'])) { $fname = $_POST['fname']; $lname = $_POST['lname']; $orgName = $_POST['orgName']; $address = $_POST['address']; $city = $_POST['city']; $state = $_POST['state']; $zipcode = $_POST['zipcode']; $phone = $_POST['phone']; $fax = $_POST['fax']; $email = $_POST['email']; $confirmEmail = $_POST['confirmEmail']; $projectOptions = $_POST['projectOptions']; $projectOverview = $_POST['projectOverview']; $year = $_POST['year']; $services=array('social media', 'web content management', 'marketing material creation', 'SEO', 'video editing' , 'web design'); } mysql_select_db("www_mediaservicesunlimited_com"); $sql="INSERT INTO clients & #40;fname,lname,orgName,address,city,state,zipcode,phone,fax,email,confirmEmail, projectOptions,projectOverview,year) VALUES ('$_POST[fname]','$_POST[lname]','$_POST[orgName]','$_POST[address]','$_POST[city]','$_POST[state]','$_POST[zipcode]','$_POST[phone]','$_POST[fax]','$_POST[email]','$_POST[confirmEmail]','$_POST[projectOptions]','$_POST[projectOverview]','$_POST[year]' )"; } ///mysql_query($sql,$databaseConnection); ///mysql_close($databaseConnection); if ($year !="2015") { print "Please enter the current year"; } */ ?> <!doctype html> <html> <head> <meta charset="utf-8"> <style type="text/css"> #contactForm label, #contactForm input { margin-bottom:20px; } </style> <title>Untitled Document</title> </head> <body> <div id="contactForm"> <form action ="contactUs.php" method="post"> <label> <label for "fname"> First Name:</label> <input id = "fname" type="text" name="fname" size="15" value ="<?php echo !empty($_POST['fname']) ? $_POST['fname'] : '';?>" > <?php echo !empty($error['fname']) ? $error['fname'] : '';?> <label for "lname">Last Name:</label> <input type="text" name="lname" size="20"><?php echo !empty($error['lname']) ? $error['lname'] : '';?> <label for="orgName">Organization's Name:</label> <input type="text" name="orgName" maxlength="50"> </label><br /> <label> <!--new row --> <label for "address">Street Address: </label> <input id = "address" type="text" name="address" size="15" maxlength="50"> <label id="city">City: </label> <input id = "city" type="text" name="city" size="10" maxlength="25"> <label for "state"> State: </label> <select id = "state" name = "state" value=""> <option value ="Please choose a state"> Please choose a state </option> <?php lstates($state); ?> </select> <label for "zipcode">Zipcode:</label> <input id = "zipcode" type="number" name="zipcode" size="5" maxlength="5"> </label><br /> <label> <!--new row --> <label for "phone"> Phone Number:(including area code) <br /> </label> <input type="text" name="phone" size="10" maxlength="10"> <label for="fax">Fax Number: (including area code) </label> <input type="text" name="fax" size="10" maxlength="10"> </label><br /> <label> <!--new row--> <label for="email">Email: </label> <input type="text" id = "email" name="email" /> <label for="confirmEmail"> Confirm Email:</label> <input type="text" id = "confirmEmail" name="ConfirmEmail" /> </label><br /> <label> <!--new row --> <label for "projectChoices"> What would you like help with? <br /></label> <table id="projectOptions"> <tr span=2> <td><input type="checkbox" name="SocialMedia">Social Media </td> <td><input type="checkbox" name="WebContentManagement">Web Content Management </td> </tr> <tr> <td><input type="checkbox" name="MarketingMaterials">Marketing Material Creation </td> <td><input type="checkbox" name="SEO">SEO (Search Engine Optimization) </td> </tr> <tr> <td><input type="checkbox" name="VideoEditing"> Video Editing </td> <td><input type="checkbox" name="WebDesign">Web Design </td> </tr> </table> <label for="projectOverview"> Overview about the project:</label><textarea rows="5" cols="10"></textarea> <br /> If you are not a robot, what year is it? <input type="text" name="year" size="4" maxlength="4"><br /> <input type="submit" name="submit" value="Contact Me!"> <input type="reset"> </form> </div> </body> </html> |
MindyT |
Nov 11 2015, 03:49 PM
Post
#9
|
Advanced Member Group: Members Posts: 165 Joined: 12-November 13 Member No.: 19,963 |
this is weird. It did it again but it 's not in my original code. I made sure it wasn't there when I pasted it but when I clicked add reply it added it.
|
CharlesEF |
Nov 11 2015, 07:07 PM
Post
#10
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
Well, are you saying the forum added it? If so then I have no control over that. We will have to see if someone else jumps in.
Anyway, based on your new code you still have a closing ) where it is not needed. And this test is wrong 'if ($_POST)', it should be 'if(isset($_POST['submit']))'. You should start a new file, copy and pasted small sections of code at a time. First, read and sanitize the $_POST values then assign them to variables. Next copy and paste the database connection code and test it. Work your way down from there, small steps |
CharlesEF |
Nov 12 2015, 08:34 AM
Post
#11
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
A thought about your copy and paste problem. Delete the white space between the table name and the first column name, then insert a new white space. Maybe what you see as a blank is not really blank?
|
Frederiek |
Nov 12 2015, 12:00 PM
Post
#12
|
Programming Fanatic Group: Members Posts: 5,146 Joined: 23-August 06 From: Europe Member No.: 9 |
Just my 2 cents.
The "& #40;" should be a ( . |
CharlesEF |
Nov 12 2015, 01:07 PM
Post
#13
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
Just my 2 cents. The "& #40;" should be a ( . |
CharlesEF |
Nov 12 2015, 11:02 PM
Post
#14
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
If you still need help with this problem then instead of copying and pasting your code into a post you can attach it to a post instead.
|
Frederiek |
Nov 13 2015, 04:22 AM
Post
#15
|
Programming Fanatic Group: Members Posts: 5,146 Joined: 23-August 06 From: Europe Member No.: 9 |
QUOTE Good point, but there should not be a space between the & and the # should there? True, w/o the space, it's Unicode for (. (Though the forum tends to render the character instead of the code if no space is added.) But I don't see why using Unicode for that in the first place. This post has been edited by Frederiek: Nov 13 2015, 04:24 AM |
Lo-Fi Version | Time is now: 19th April 2024 - 06:38 AM |