3

I have a form. When the user submits, the values should insert in the database. Only the value of one $_POST is not inserted in the database, but the other $_POST's are inserting properly.

How to fix this?

HTML:

<input type="text" name="position" value="<?php echo $_POST['jobTitle']; ?>" id="position" required/>

PHP snippet:

$firstName = $middleName = $lastName = $email = $mobile = $resume = $position = $message = $attachment_id = $locations = "";

if(isset($_POST['submit'])){
    $firstName = isset($_POST['firstName']) ? $_POST['firstName'] : '';
    $middleName = isset($_POST['middleName']) ? $_POST['middleName'] : '';
    $lastName = isset($_POST['lastName']) ? $_POST['lastName'] : '';
    $email = isset($_POST['email']) ? $_POST['email'] : '';
    $mobile = isset($_POST['mobile']) ? $_POST['mobile'] : '';
    $locations = isset($_POST['locations_list']) ? $_POST['locations_list'] : '';
    $position = isset($_POST['jobTitle']) ? $_POST['jobTitle'] : '';
    $message = isset($_POST['message']) ? $_POST['message'] : '';
        if( ! empty($_FILES)){
            $file=$_FILES['resumeFile'];
            $attachment_id = upload_user_file($file);
        }

    $sql=$wpdb->query("INSERT INTO resume_databank(submit_time,last_name,first_name,middle_name,mobile_number,email,location,position,message,process_resume,attachment_resume_id) VALUES (now(),'$lastName','$firstName','$middleName','$mobile','$email','$locations','$position','$message','No','$attachment_id')");
}

exit();
Improve this question
4
  • 1
    from where $wpdb comes from? Commented May 25, 2016 at 3:37
  • $wpdb is a global variable in wordpress Commented May 25, 2016 at 3:44
  • 1
    you can debug it: just echo this- "INSERT INTO resume_databank(submit_time,last_name,first_name,middle_name,mobile_number,email,location,position,message,process_resume,attachment_resume_id) VALUES (now(),'$lastName','$firstName','$middleName','$mobile','$email','$locations','$position','$message','No','$attachment_id')". Commented May 25, 2016 at 3:45
  • 1
    WARNING: You've created a dangerous SQL injection bug by putting $_POST data directly in your query. NEVER do this. Instead, use the WordPress prepared statements feature to properly escape all data parameters. Commented May 25, 2016 at 3:56

1 Answer 1

Reset to default
4

Change this part 

$position = isset($_POST['jobTitle']) ? $_POST['jobTitle'] : '';

to

$position = isset($_POST['position']) ? $_POST['position'] : '';

because in your form. your field name is position and $_POST['jobTitle']; is just a value

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.