0

I want to insert data from a form into a table but everytime i hit submit nothing happens, i checked and re-checked everything but i can't find the reason.

indextest1.php

<!DOCTYPE html>

<html>    
    <head>  
        <title></title>    
        <meta charset="UTF-8">    
        <meta name="author" content="">    
        <meta name="description" content="">    
        <meta name="keywords" content="">   
    </head>    
    <body>
        <form action="test1.php" method="post">
        <input type="text" name="name"><br>
        <input type="text" name="lastname"><br>
        <input type="radio" name="radio" value="one" checked> one<br>   
        <input type="radio" name="radio" value="two" > two<br>
        <select name="drop">   
            <option value="0" selected>0</option>    
            <option value="1">1</option>    
            <option value="2">2</option>    
            <option value="3">3</option>    
            <option value="4">4</option>    
            <option value="5">5</option>   
            <option value="6">6</option>    
            <option value="7">7</option>    
            <option value="8">8</option>    
        </select>
        <input type="checkbox" name="check" value="1"><br>    
        <input type="submit" value="Submit">   
        </form>    
    </body>   
</html>

test1.php

<?php

$servername = "localhost";
$username = "root";
$password = "root";
$dbname = "db-test";

$connect = ("$servername, $username, $password, $dbname") or die ("ERROR DURING CONNECTION");

$name = $_POST["name"];
$lastname = $_POST["lastname"];
$radio = $_POST["radio"];
$drop = $_POST["drop"];
$check = $_POST["check"];

$sql_insert = mysql_query("INSERT INTO test-table (id, name, lastname, radio, drop, check) VALUES ('', '$name', '$lastname', '$radio', '$drop', '$check')");
        header("location: indextest1.php");

?>

Table values

enter image description here

Thanks in advance, i hope i provided all the info needed.

Improve this question
8
  • 3
    your connect line is foobar'd Commented Sep 7, 2015 at 1:24
  • 1
    id shouldn't be defined in the insert query as it's probably an auto increment field. Also, your code is vulnerable to SQL injection, I'd recommend escaping any funny chars by doing mysql_real_escape_string() Commented Sep 7, 2015 at 1:26
  • 1
    Actually hang on, @Drew is correct. Therefore you should have got an error on your PHP page or in the logs pointing you to that exact line Commented Sep 7, 2015 at 1:27
  • 1
    Don't use mysql, it is deprecated, use mysqli. You're using mysql_query wrong and you're defining your connection wrong. (You need mysqli_connect). Commented Sep 7, 2015 at 1:34
  • 1
    What drew said without a an explanation means nothing to me as im completely new to this, also, removed the id field and the data still wont be inserted. Im not worried about an sql injection atm. Commented Sep 7, 2015 at 1:34

3 Answers 3

Reset to default
3

Besides the other answer,

Firstly, this part of your query:

INSERT INTO test-table (id, name, lastname, radio, drop, check)

should read as

INSERT INTO `test-table` (id, name, lastname, radio, `drop`, `check`)

MySQL is interpreting your table as "test minus table". Use ticks, or rename it using an underscore test_table which is a safe seperator.

Then you're using two MySQL reserved words, "drop" and "check". Use ticks for those also.

Reference:

See how MySQL is telling you where the syntax error begins?

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'drop, check)

and it would have shown you another one after that being

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'check)

Just to clarify, you are mixing MySQL APIs with

mysql_query("INSERT ...

which those mysql_ functions do not intermix with your present method. Use the same from connection to query

mysqli_query($connect, "INSERT ...

and of course the fact that you're open to SQL injection. Use a prepared statement:

You should also check for empty fields against your POST arrays such as !empty().

Sidenote: If an apostrophe or any other character is to be inserted that MySQL will complain about, then you must escape them. Either way, you should.

Plus, remember to add exit; after header. Otherwise and if you have more code below that, it may want to continue and execute.

header("location: indextest1.php");
exit;
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Now it worked im sad the fun is over, after the error message and besides my language barrier i figured the drop and check thing but didn't knew about the reserved words, after reading your comment i added ' ' to the words and still got the error so figured to get rid of the problem at the core and replaced every word on the code and the data got inserted correctly.
@Minnen Just to append this on to Fred's answer - backticks are your friend the: ` character if you're unsure.
1

I'd recommend you read up on how to connect to MySQL first from PHP before proceeding as your code posted evidently shows otherwise.

http://php.net/manual/en/function.mysqli-connect.php http://php.net/manual/en/mysqli.query.php

Stop using mysql, as it is deprecated. You need to specify the arguments correctly in your script. Your $connect is completely invalid syntax (for connecting to MySQL)

<?php

$servername = "localhost";
$username = "root";
$password = "root";
$dbname = "db-test";

$connect = mysqli_connect($servername, $username, $password, $dbname)
or die ("ERROR DURING CONNECTION");

$name = $_POST["name"];
$lastname = $_POST["lastname"];
$radio = $_POST["radio"];
$drop = $_POST["drop"];
$check = $_POST["check"];
$sql = "INSERT INTO test-table (name, lastname, radio, drop, check) VALUES ('$name', '$lastname', '$radio', '$drop', '$check')";
//Don't need to insert id since it's an PRI_KEY A_I
$result = mysqli_query($connect, $sql)
or die (mysqli_error($connect));
header("location: indextest1.php");
?>

Among other things, you are asking to be hit with an SQL injection attack which you can easily block via. mysqli_real_escape_string

Improve this answer

5 Comments

so yeah, make sure the conversion from mysql_* to mysqli_* is not a quick and dirty port, passing on user-supplied data to dbengine. Just because the OP is not worried 'atm' as he said, he will be
i get this error whit your code Valkyrie "Warning: mysqli_connect(): php_network_getaddresses: getaddrinfo failed: Host desconocido. in C:\wamp\www\workspace\test\test1.php on line 8" and "Warning: mysqli_connect(): (HY000/2002): php_network_getaddresses: getaddrinfo failed: Host desconocido. in C:\wamp\www\workspace\test\test1.php on line 8"
From my basic understanding of Spanish, your connection is failing, likely because of either wrong server address, password, connection errors, many reasons
everyone missed the table name. double check that.we're not doing math here. and there is more than just the table name
@Fred-ii- i noticed myself while rewriting the code in its mysqli version properly, i aldo got rid of the '-' on the database name, now the connection seems to work properly but i get the following error "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'drop, check) VALUES ('test', 'test', 'two', '1', '1')' at line 1"
1

to add varchar data type to a sql table we have to put it in single quote, so first put single quote after that if the value is in variable than put between double quotes and dots (for php only).

For auto increment value we only have to pass null.

write your query as following.

$sql_insert = mysql_query("INSERT INTO test-table (id, name, lastname, radio, drop, check) VALUES (null, '".$name."', '".$lastname."', '".$radio."', ".$drop.", ".$check.")");

Hope this will work.

Improve this answer

1 Comment

While this probably is a perfectly good answer, please consider explaining why and how it works.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.