2

I have a form in add.html and I'm trying to add a row in mysql table with the values of this form but the new row is added with all columns NULL except id (PK, AI). I thought that could be any problem with the $_POST variables ...then I checked with 

if(isset($_POST['nome']))
    $nome=mysqli_real_escape_string($db,$_POST['nome']); 
else 
    $nome="nomevazio";

then, if the $_POST['nome'] is empty the $nome would be "nomevazio" in table but not. It still insert a row with all columns null.

There's the form html code: 

          <form class="col s12" id="myForm" action="addparceiro.php" method="POST" >
            <div class="row">
              <div class="input-field col s6">
                <i class="mdi-action-account-circle prefix"></i>
                <input  id="name" type="text" class="validate" name="nome">
                <label for="name">Nome do Parceiro</label>
              </div>            
              <div class="input-field col s6">
                <i class="mdi-communication-email prefix"></i>
                <input id="email" type="email" class="validate" name="email">
                <label for="email">Email</label>
              </div>
            </div>
            <div class="row">
              <div class="input-field col s12">
                <i class="mdi-communication-location-on prefix"></i>
                <input id="address" type="text" class="validate" name="endereco">
                <label for="address">Endereço</label>
              </div>
            </div>
            <div class="row">
              <div class="input-field col s12">
                <i class="mdi-action-settings-phone prefix"></i>
                <input id="phone" type="number" class="validate" name="telefone">
                <label for="phone">Telefone</label>
              </div>
            </div>
            <div class="row">
              <div class="input-field col s12">
                <i class="mdi-action-restore prefix"></i>
                <input type="date" class="datepicker" name="data">
                <label for="date">Data de cadastro</label>
              </div>
            </div> 
            <div class="row">
              <div class="input-field col s12">
                <i class="mdi-action-lock prefix"></i>
                <input id="login" type="text" class="validate" name="login">
                <label for="login">Login</label>
              </div>
            </div>

            <div class="row">
              <div class="input-field col s12">
                <i class="mdi-communication-vpn-key prefix"></i>
                <input id="password" type="password" class="validate" name="senha">
                <label for="password">Senha</label>
              </div>
            </div>
            <div class="row">
              <div class="input-field col s12 center">
                <a onclick="Materialize.toast('CADASTRO REALIZADO COM SUCESSO', 4000)">
                  <button id="envia" class="btn waves-effect waves-light" type="submit" value="submit form" name="action">Enviar
                    <i class="mdi-content-send right"></i>
                  </button>
                </a>
              </div>
            </div>            
          </form>

and there's the addparceiro.php code 

<?php
include("config.php");
session_start();
// if(isset($_SESSION['login_user'])
//  {
if($_SERVER["REQUEST_METHOD"] == "POST")
{
// username and password sent from Form
if(isset($_POST['nome']))
    $nome=mysqli_real_escape_string($db,$_POST['nome']); 
else 
    $nome="nomevazio";  
$email=mysqli_real_escape_string($db,$_POST['email']); 
$endereco=mysqli_real_escape_string($db,$_POST['endereco']); 
$telefone=mysqli_real_escape_string($db,$_POST['telefone']); 
$data=mysqli_real_escape_string($db,$_POST['data']); 
$login=mysqli_real_escape_string($db,$_POST['login']); 
$senha=mysqli_real_escape_string($db,$_POST['senha']); 

$sql="INSERT INTO TB_ESTABELECIMENTOS (nome, endereco, email, telefone, data, login, senha) VALUES (nome='$nome', endereco='$endereco', email='$email', telefone='$telefone', data='$data', login='$login', senha='$senha')";
$result=mysqli_query($db,$sql);

if($result)
{

include("lista.html");
}
else 
{       
 echo
        '
            <script>
               alert(\'Não foi possível cadastrar este parceiro! Tente novamente mais tarde ou contate a equipe técnica!\');
            </script> 
        ';
    include("add.html");
}
}

?>
Improve this question
1
  • so var_dump($sql) and make sure your values are there to begin with. if they're not, then it's either the escape call failing, or your form isn't submitting the values properly in the first place. Commented Apr 24, 2015 at 16:15

2 Answers 2

Reset to default
2

I think your INSERT syntax is a bit off. Just tried this same syntax on my server and everything was inserted NULL.

Change to:

"INSERT INTO TB_ESTABELECIMENTOS 
(nome, endereco, email, telefone, data, login, senha) 
VALUES 
('$nome', '$endereco', '$email', '$telefone', '$data', '$login', '$senha');

Take a look at various INSERT syntax here: http://www.w3schools.com/sql/sql_insert.asp

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Your Syntax is false:

$sql="INSERT INTO TB_ESTABELECIMENTOS (nome, endereco, email, telefone, data, login, senha) VALUES ('$nome', '$endereco', '$email', '$telefone','$data', '$login', '$senha')";

Also you should use prepared statements. And you should check for Errors.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.