TalkPHP
Home Forums Articles Glossary Awards Register Rules Members Search Today's Posts Mark Forums Read
 
 
 
Account Login
Latest Articles
» The basic usage of PHPTAL, a XML/XHTML template library for PHP
by awuehr on 11-10-2008 in Tips & Tricks
» Vulnerable methods and the areas they are commonly trusted in.
by Village Idiot on 11-04-2008 in Classes & Objects
» Simple way to protect a form from bot
by codefreek on 10-23-2008 in Basic
» The Basics On: How Session Stealing Works
by wiifanatic on 09-12-2008 in Security & Permissions
» How to keep your forms from double posting data
by drewbee on 07-03-2008 in Tips & Tricks
IRC Channel
IRC Speech Bubble Join the friendly bunch on IRC...
(#TalkPHP on Freenode)

...Also available via a web interface.

See this thread for information on the TalkPHP Free Hugs Initiative™. Subject to availability.
Associates
Associates
CSS Tutorials
TalkPHP > Developer Forums > Absolute Beginners » No data inserted into database. Am I wrongdoing it?
Reply
 
LinkBack Thread Tools Search this Thread Display Modes
Old 03-29-2010, 12:02 PM   #1 (permalink)
The Wanderer
 
Join Date: Mar 2010
Posts: 14
Thanks: 4
fairytale89 is on a distinguished road
Default No data inserted into database. Am I wrongdoing it?
I have a form named:"RegistrationForm.php". when i click the "submit button", there's a data inserted in the database (the prove is, there a new row in the database),
but there's no value from user textfield(ic_no,name,email...) that have been inserted.
It means like there's a row of data inserted but without value..

p/s- however, when i click the submit button, it successfully directed me to the "BookingForm.php" with all the session value...it's just that there's no data inserted into the database.

can someone straighten this up for me? am i doing wrong with the coding with the submit button?
here's the code

Code:
<?php
session_start();
$_SESSION['ic_no']=$ic_no;
$_SESSION['name']=$name;
$_SESSION['address']=$address;
$_SESSION['tel_no']=$tel_no;
$_SESSION['email']=$email;
?>


<html>
<body>

<form action="BookingForm.php" method="post">
  <p><strong>REGISTRATION FORM</strong></p>
  <table width="285" border="1">
    <tr>
      <th width="120" scope="row">Ic No :</th>
      <td width="149"><label>
        <input type="text" name="ic_no" id="ic_no" value="<?php $ic_no; ?>">
      </label></td>
    </tr>
    <tr>
      <th scope="row">Name :</th>
      <td><label>
        <input type="text" name="name" id="name" value="<?php $name; ?>">
      </label></td>
    </tr>
    <tr>
      <th scope="row">Address :</th>
      <td><label>
        <input type="text" name="address" id="address" value="<?php $address; ?>" >
      </label></td>
    </tr>
    <tr>
      <th scope="row">Contact No :</th>
      <td><label>
        <input type="text" name="tel_no" id="tel_no" value="<?php $tel_no; ?>">
      </label></td>
    </tr>
    <tr>
      <th scope="row">Email :</th>
      <td><label>
        <input type="text" name="email" id="email"  value="<?php $email; ?>">
      </label></td>
    </tr>
  </table>
  <input type="submit" name="submit" id="submit" value="Submit">
  <?php
$con = mysql_connect("localhost","root","password");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("ambos", $con);

mysql_query("INSERT INTO customer (ic_no, name, address, tel_no, email)
VALUES ('$_POST[ic_no]', '$_POST[name]', '$_POST[address]','$_POST[tel_no]','$_POST[email]')");
mysql_close($con);

</form>
 </body>
</html>
any ideas is really appreciated
fairytale89 is offline   		Reply With Quote
Old 03-29-2010, 03:02 PM   #2 (permalink)
The Wanderer
 
Join Date: Sep 2009
Posts: 10
Thanks: 2
khr2003 is on a distinguished road
Default
if you are using the same file to process form data you have first to check if the form is being submitted:

PHP Code:
if($_POST['submit'])
{
mysql_query("INSERT INTO customer (ic_no, name, address, tel_no, email)
VALUES ('$_POST[ic_no]', '$_POST[name]', '$_POST[address]','$_POST[tel_no]','$_POST[email]')");

}
else
{
<form action="BookingForm.php" method="post">
  <p><strong>REGISTRATION FORM</strong></p>
  <table width="285" border="1">
    <tr>
      <th width="120" scope="row">Ic No :</th>
      <td width="149"><label>
        <input type="text" name="ic_no" id="ic_no" value="<?php $ic_no?>">
      </label></td>
    </tr>
    <tr>
      <th scope="row">Name :</th>
      <td><label>
        <input type="text" name="name" id="name" value="<?php $name?>">
      </label></td>
    </tr>
    <tr>
      <th scope="row">Address :</th>
      <td><label>
        <input type="text" name="address" id="address" value="<?php $address?>" >
      </label></td>
    </tr>
    <tr>
      <th scope="row">Contact No :</th>
      <td><label>
        <input type="text" name="tel_no" id="tel_no" value="<?php $tel_no?>">
      </label></td>
    </tr>
    <tr>
      <th scope="row">Email :</th>
      <td><label>
        <input type="text" name="email" id="email"  value="<?php $email?>">
      </label></td>
    </tr>
  </table>
  <input type="submit" name="submit" id="submit" value="Submit">
</form>
}
khr2003 is offline   		Reply With Quote
The Following User Says Thank You to khr2003 For This Useful Post:
fairytale89 (03-29-2010)
Old 03-29-2010, 06:12 PM   #3 (permalink)
is cute and cuddly
 
delayedinsanity's Avatar
 
Join Date: Mar 2008
Location: Vegas, Baby
Posts: 963
Thanks: 31
delayedinsanity is on a distinguished road
Default
For the luv of gawd, please don't forget to verify your data before you enter it into a database. At the very VERY least you should be sanitizing it with mysql_real_escape_string();

You're attempting to insert a row using POST information that isn't populated at the time of the statement. When the form submits (to BookingForm.php) you should be checking on that page for valid POST data. If none is found send them back to the form, if it is found, checked for validity and passes, then insert your sanitized input into the database.
delayedinsanity is offline   		Reply With Quote
The Following User Says Thank You to delayedinsanity For This Useful Post:
fairytale89 (03-29-2010)
Old 03-29-2010, 06:30 PM   #4 (permalink)
The Wanderer
 
Join Date: Mar 2010
Posts: 14
Thanks: 4
fairytale89 is on a distinguished road
Default
i do know that right now i'm passing the raw data into the database, but this is just the basic for me to see whether the form inserting will function or not.

i'm planning to make the form validating/ verifying the data after make sure that it completely success insert data into the database
fairytale89 is offline   		Reply With Quote
Reply

« Previous Thread | Next Thread »


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
SQL Injection and mysql_real_escape_string Durux General 61 01-29-2013 12:20 PM
[Tutorial] How to organize your classes | Part 1 Tanax Advanced PHP Programming 10 03-01-2009 10:08 PM
Retrving data from database to form knvuppula General 2 09-10-2008 04:33 AM
Cleaning data before entering database question Killswitch General 7 12-24-2007 11:29 PM
Tips: PHP security Village Idiot Tips & Tricks 22 11-23-2007 11:17 PM


All times are GMT. The time now is 06:35 AM.

 
     
Contact Us - TalkPHP - PHP Community - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.1.0
Inactive Reminders By Icora Web Design