Jump to content
Larry Ullman's Book Forums

Form Submit Info Not Making It To Database


Recommended Posts

Hey everyone,

 

I am in need of that high quality help I receive when visiting this website. In short, I have a php script that is supposed to automatically submit data to a MySQL database but the data doesn't seem to make it to the database. I am not good at debugging and I am not getting any errors on the pages when I submit an entry.

 

Basically I have this code which takes in the information and as you know/can tell it calls on another php script to do the auto submit to the database. Here is this code:



</head>


<?php
include('../templates/bodyandlogo.htm');
?>


<?php
include('../templates/navmenu.htm');
?>
<br />
<br />


<h1>PoemScribe: Order Form</h1>
<br />
<br />
<p>Please complete the form below and click submit to order your personalized poem.</p>
<br />
<br />

<div id="form">
   <form action="../php_scripts/orderform.php" method="post">

<label for="firstname">First Name:</label>
<div class="input"><input type="text" id="firstname" name="firstname" /></div><br />

<label for="lastname">Last Name:</label>
<div class="input"><input type="text" id="lastname" name="lastname" /></div><br />

<label for="email">Email:</label>
<div class="input"><input type="text" id="email" name="email" /></div><br />

<label for="selectpoemtype">Select Poem Type:<br />
	4-Line Poem: $15
	8-Line Poem: $25
	12-Line Poem: $40
	16-Line Poem: $50
	20-Line Poem: $75
	Please type in your desired poem length. Example: "4line".
</label><br />
<div class="input"><input type="text" id="selectpoemtype" name="selectpoemtype" /><br />

<br />
<br />

<label for="keynames">"Key names to include?"</label>
<div class="input"><input type="text" id="keynames" name="keynames"/></div><br />

<label for="specificwords">Any specific words you would like to include in your poem?</label>
<div class="input"><input type="text" id="specificwords" name="specificwords" /></div><br />

<label for="poemisfor">Who is the poem for?</label>
<div class="input"><input type="text" id="poemisfor" name="poemisfor" /></div><br />

<label for="relationship">Relationship to you?</label>
<div class="input"><input type="text" id="relationship" name="relationship" /></div><br />

<label for="occasion">What is the occasion for this poem?</label>
<div class="input"><input type="text" id="occasion" name="occasion" /></div><br />

<label for="overallmessage">What do you want the overall message of this poem to be?</label>
<div class="input"><input type="text" id="overallmessage" name="overallmessage" /></div><br />

<label for="anythingelse">Any other information you would like for me to know?</label>
<div class="input"><input type="text" id="anythingelse" name="anythingelse" /></div><br />

<div class="input"><input type="submit" value="Submit" name="submit"</div>
</form>
</div><!--form-->

<br />
<br />

<?php
include('../templates/footer.htm');

 

 

 

And then the code that is called on (the script called orderform.php):

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head><title>PoemScribe Order Form</title>
</head>
<body>

<h2>PoemScribe</h2>

<?php
	$email = "myemail@gmail.com"; // Email to notify on error
               $first_name = $_POST['firstname'];
               $last_name = $_POST['lastname'];
	$email = $_POST['email'];
	$select_poem_type = $_POST['selectpoemtype'];
	$key_names = $_POST['keynames'];
               $specific_words = $_POST['specificwords'];
	$poem_is_for = $_POST['poemisfor'];
	$relationship = $_POST['relationship'];
               $occasion  = $_POST['occasion'];
	$over_all_message = $_POST['overallmessage'];
	$anything_else = $_POST['anythingelse'];


$dbc = mysqli_connect('localhost', 'login', 'password', 'database'); " .
or die('Error connecting to MySQL server.');

$query = INSERT INTO poem_orders '(firstname, lastname, email, selectpoemtype, keynames, specificwords, poemisfor, " .
"relationship, occasion, overallmessage, anythingelse)" .

"VALUES ('$first_name', '$last_name', '$email', '$select_poem_type' '$key_names', '$specific_words', '$poem_is_for', " .
"'$relationship', '$occasion', '$over_all_message', '$anything_else')";


        echo 'Thank you, ' . $firstname . $lastname;
	echo 'Thanks for submitting the form.<br />';
	echo ' Poem Type: ' . $selectpoemtype;
	echo ' Key names to include: ' . $keynames . '<br />';
               echo 'Specific Words To Include: '. $specificwords . '<br />';
               echo 'Poem is for: ' . $poemisfor . '<br />';
	echo 'Relationship: ' . $relationship . '<br />';
	echo 'Occasion: ' . $occasion . '<br />';
               echo 'Overall Message: ' . $overallmessage . '<br />';
	echo 'You also added: ' . $anything_else;



mysqli_close($dbc);
?>
</body>
</html>

 

Again, I am trying to figure out why my database isn't being populated when someone clicks on the submit button. I tried the code Larry shows on pages 352-354 of this book, but I couldn't get it to work, so I am now trying the code posted above. Any help is appreciated.

 

Thanks in advance,

Randy

Link to post
Share on other sites

$dbc = mysqli_connect('localhost', 'login', 'password', 'database'); " .
       or die('Error connecting to MySQL server.');

 

It seems you've left the ;" . after mysqli_connect() which is causing your whole sql definition to mess up.

Take out the semicolon, quotation, and the period and see if it works:

 

$dbc = mysqli_connect('localhost', 'login', 'password', 'database')
       or die('Error connecting to MySQL server.');

Link to post
Share on other sites

Thanks for the help. I tried your suggestion and without success. Also, now I end up with my ide telling me I have an error. I have attached a picture to show what I mean.

 

 

$dbc = mysqli_connect('localhost', 'login', 'password', 'database'); " .
       or die('Error connecting to MySQL server.');

 

It seems you've left the ;" . after mysqli_connect() which is causing your whole sql definition to mess up.

Take out the semicolon, quotation, and the period and see if it works:

 

$dbc = mysqli_connect('localhost', 'login', 'password', 'database')
       or die('Error connecting to MySQL server.');

error.png

Link to post
Share on other sites

Thanks for the help. I tried your suggestion and without success. Also, now I end up with my ide telling me I have an error. I have attached a picture to show what I mean.

 

 

 

error.png

 

 

The quotes for your query seem all messed up and mismatched. You also don't need to concatenate anything. Here it is fixed:

 

$query = "INSERT INTO poem_orders (firstname, lastname, email, selectpoemtype, keynames, specificwords, poemisfor, relationship, occasion, overallmessage, anythingelse) VALUES ('$first_name', '$last_name', '$email', '$select_poem_type' '$key_names', '$specific_words', '$poem_is_for', '$relationship', '$occasion', '$over_all_message', '$anything_else')";

 

It seems you are also not executing your query. You are defining your query, but I see nothing that executes it.

I'm not familiar with mysqli as I mainly use PDO, but try adding this just after your query definition:

 

$success = mysqli_query($dbc, $query);

// if query was successful, display message to user:
if($success)
{
    echo 'Thank you, ' . $firstname . $lastname;
    echo 'Thanks for submitting the form.<br />';
    echo ' Poem Type: ' . $selectpoemtype;
    echo ' Key names to include: ' . $keynames . '<br />';
    echo 'Specific Words To Include: '. $specificwords . '<br />';
    echo 'Poem is for: ' . $poemisfor . '<br />';
    echo 'Relationship: ' . $relationship . '<br />';
    echo 'Occasion: ' . $occasion . '<br />';
    echo 'Overall Message: ' . $overallmessage . '<br />';
    echo 'You also added: ' . $anything_else;
}
else
{
    echo 'Error: Query failed.';
}

 

Also note that your query is wide open to SQL injection. While it's best to use prepared statements, you can just do this to prevent SQL injection:

 

$email               = "myemail@gmail.com"; // Email to notify on error
$first_name          = mysqli_real_escape_string($_POST['firstname']);
$last_name           = mysqli_real_escape_string($_POST['lastname']);
$email               = mysqli_real_escape_string($_POST['email']);
$select_poem_type    = mysqli_real_escape_string($_POST['selectpoemtype']);
$key_names           = mysqli_real_escape_string($_POST['keynames']);
$specific_words      = mysqli_real_escape_string($_POST['specificwords']);
$poem_is_for         = mysqli_real_escape_string($_POST['poemisfor']);
$relationship        = mysqli_real_escape_string($_POST['relationship']);
$occasion            = mysqli_real_escape_string($_POST['occasion']);
$over_all_message    = mysqli_real_escape_string($_POST['overallmessage']);
$anything_else       = mysqli_real_escape_string($_POST['anythingelse']);

 

http://www.php.net/manual/en/mysqli.real-escape-string.php

 

Zane

Link to post
Share on other sites

Thank you for taking the time to correct me. I will give this a try tonight.

Randy

 

 

 

The quotes for your query seem all messed up and mismatched. You also don't need to concatenate anything. Here it is fixed:

 

$query = "INSERT INTO poem_orders (firstname, lastname, email, selectpoemtype, keynames, specificwords, poemisfor, relationship, occasion, overallmessage, anythingelse) VALUES ('$first_name', '$last_name', '$email', '$select_poem_type' '$key_names', '$specific_words', '$poem_is_for', '$relationship', '$occasion', '$over_all_message', '$anything_else')";

 

Also note that your query is wide open to SQL injection.

 

It seems you are also not executing your query. You are defining your query, but I see nothing that executes it.

 

I'm not familiar with mysqli as I mainly use PDO, but try adding this just before your query definition:

 

mysqli_select_db($dbc, 'database');

 

and add this just after your query definition:

 

$success = mysqli_query($query);

// if query was successful, display message to user:
if($success)
{
    echo 'Thank you, ' . $firstname . $lastname;
    echo 'Thanks for submitting the form.<br />';
    echo ' Poem Type: ' . $selectpoemtype;
    echo ' Key names to include: ' . $keynames . '<br />';
    echo 'Specific Words To Include: '. $specificwords . '<br />';
    echo 'Poem is for: ' . $poemisfor . '<br />';
    echo 'Relationship: ' . $relationship . '<br />';
    echo 'Occasion: ' . $occasion . '<br />';
    echo 'Overall Message: ' . $overallmessage . '<br />';
    echo 'You also added: ' . $anything_else;
}
else
{
    echo 'Error: Query failed.';
}

 

While it's best to use prepared statements, you can just do this to prevent SQL injection:

 

$email               = "myemail@gmail.com"; // Email to notify on error
$first_name          = mysqli_real_escape_string($_POST['firstname']);
$last_name           = mysqli_real_escape_string($_POST['lastname']);
$email               = mysqli_real_escape_string($_POST['email']);
$select_poem_type    = mysqli_real_escape_string($_POST['selectpoemtype']);
$key_names           = mysqli_real_escape_string($_POST['keynames']);
$specific_words      = mysqli_real_escape_string($_POST['specificwords']);
$poem_is_for         = mysqli_real_escape_string($_POST['poemisfor']);
$relationship        = mysqli_real_escape_string($_POST['relationship']);
$occasion            = mysqli_real_escape_string($_POST['occasion']);
$over_all_message    = mysqli_real_escape_string($_POST['overallmessage']);
$anything_else       = mysqli_real_escape_string($_POST['anythingelse']);

 

 

 

Zane

Link to post
Share on other sites

You need to actually execute the query.

 

$insert = mysqli_query($dbc, $query);

 

Your query is not correct though. Follow the previous person's advice and fix that query. I like to run my queries through the mysql monitor or phpmyadmin before trying it in php code. That may help you out.

 

You also don't have to run that mysqli_select_db function, you already selected the database in your mysqli_connect function.

  • Upvote 1
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...