hi to all
i have made a form to insert values in mysql using php, but it does not working and also not generating any error, please guide me.
--------------------------
This is HTML form :
<form action="query.php" method="post">
<table cellpadding="3" cellspacing="3">
<tr>
<td colspan="3"> </td>
</tr>
<tr>
<td colspan="3">
<strong>Query Form</strong>
</td>
</tr>
<tr>
<td colspan="3"> </td>
</tr>
<tr>
<td>Name:</td><td> </td>
<td>
<INPUT TYPE="text" NAME="Name" id="Name" SIZE="30" MAXLENGTH="40"/>
</td>
</tr>
<tr>
<td>Email:</td><td> </td>
<td>
<INPUT TYPE="text" NAME="email" id="email" SIZE="30" MAXLENGTH="40"/>
</td>
</tr>
<tr>
<td>Company:</td><td> </td>
<td>
<INPUT TYPE="text" NAME="company" id="company" SIZE="30" MAXLENGTH="40"/>
</td>
</tr>
<tr>
<td>Country:</td><td> </td>
<td>
<INPUT TYPE="text" NAME="country" id="country" SIZE="30" MAXLENGTH="40"/>
</td>
</tr>
<tr>
<td>Telephone:</td><td> </td>
<td>
<INPUT TYPE="text" NAME="tel" id="tel" SIZE="30" MAXLENGTH="40"/>
</td>
</tr>
<tr>
<td>Fax:</td><td> </td>
<td>
<INPUT TYPE="text" NAME="fax" id="fax" SIZE="30" MAXLENGTH="40"/>
</td>
</tr>
<tr>
<td>Mobile:</td><td> </td>
<td>
<INPUT TYPE="text" NAME="mob" id="mob" SIZE="30" MAXLENGTH="40"/>
</td>
</tr>
<tr valign="top">
<td>Query Detail:</td><td> </td>
<td>
<TEXTAREA NAME="query" id="query" COLS=40 ROWS=10></TEXTAREA>
</td>
</tr>
<tr valign="top" align="center">
<td colspan="3">
<input type="submit" name="" value="Submit Query"/>
</td>
</tr>
<tr valign="top">
<td colspan="3"> </td>
</tr>
</table>
</form>
-----------------
This is the php file named as query.php using with form
<?php
$con = mysql_connect("localhost","username","password");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("oscobizz_test", $con);
$sql="INSERT INTO query(name, email, company, country, tel, fax, mob, query)
VALUES
('$_POST[name]','$_POST[email]','$_POST[company]','$_POST[country]','$_POST[tel]','$_POST[fax]','$_POST[mob]','$_POST[query]')";
echo "Thanks for submit Query: we will contact you soon.";
mysql_close($con);
?>
php insertion not working
Moderator: General Moderators
-
mianmajidali
- Forum Commoner
- Posts: 30
- Joined: Tue Dec 01, 2009 8:05 pm
Re: php insertion not working
1. Please do not post long code listings like that without using
Code: Select all
and [/php ] tags surrounding them (don't include spaces) so they will look like this:[syntax=php]$sql="INSERT INTO query(name, email, company, country, tel, fax, mob, query)
VALUES
('$_POST[name]','$_POST[email]','$_POST[company]','$_POST[country]','$_POST[tel]','$_POST[fax]','$_POST[mob]','$_POST[query]')";[/syntax]
2. Your problem is that you cannot use array notation like $_POST[name] within a double-quoted string. You can use this:[syntax=php]VALUES ('" . $_POST['name'] . "','" . $_POST['email'] ... etc.
[/syntax]but that is very dangerous, because of what is called SQL injection, which can destroy your database and do other damage to your web site. You should always do like this:
[syntax=php]...
$name = isset($_POST['name']) ? mysql_real_escape_string($_POST['name']) : "";
$email = isset($_POST['email']) ? mysql_real_escape_string($_POST['email']) : "";
$company = isset($_POST['company']) ? mysql_real_escape_string($_POST['company']) : "";
$country = isset($_POST['country']) ? mysql_real_escape_string($_POST['country']} : "";
$tel = isset($_POST['tel']) ? mysql_real_escape_string($_POST['tel']) : "";
$fax = isset($_POST['fax']) ? mysql_real_escape_string($_POST['fax']) : "";
$mob = isset($_POST['mob']) ? mysql_real_escape_string($_POST['mob'] : "";
$query = isset($_POST['query']) ? mysql_real_escape_string($_POST['query'] : "";
...
$sql="INSERT INTO query(name, email, company, country, tel, fax, mob, query)
VALUES
('$name','$email','$company','$country','$tel','$fax','$mob','$query')";[/syntax]
The mysql_real_escape_string() function is essential, to protect your site! Look up that function in the PHP manual to see how it works.-
mianmajidali
- Forum Commoner
- Posts: 30
- Joined: Tue Dec 01, 2009 8:05 pm
Re: php insertion not working
thanks to all guys for helping me,
i have solved this problem, there was one thing missing that was
" mysql_query(); "
i have solved this problem, there was one thing missing that was
" mysql_query(); "