Form entry to database won't send

Tags: php mysqli
Question!

Here goes, I've been trying to follow a few tutorials and build a basic form.

<form name="ContactInformation" method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" class="uk-form blcform">

        <fieldset data-uk-margin>
            <legend>For enquires please leave your contact information below</legend>

            <div class="uk-form-row blcinput">
                <input type="text" name="firstname" placeholder="First name">
            </div>

            <div class="uk-form-row blcinput">
                <input type="text" name="secondname" placeholder="Second name">
            </div>

            <div class="uk-form-row blcinput">
                <input type="text" name="urcompany" placeholder="Company">
            </div>

            <div class="uk-form-row blcinput">
                <input type="text" name="email" placeholder="Email address">
            </div>

            <div class="uk-form-row blcinput">
                <input type="text" name="telephone" placeholder="+tel">
            </div>

            <div class="uk-form-row blcinput">
                <textarea name="comment" placeholder="Information about your enquiry" rows="6" ></textarea>
            </div>

            <div class="uk-form-row blcinput"><input type="submit" name="submit" value="Submit"></div>

        </fieldset>

    </form>

Followed by a php segment

    <?php


$conn = new mysqli($servername, $username, $password, $mydb);

// Check connection

if (!$conn) {
    die("Connection failed: " . mysqli_connect_error());
}

echo "Connected successfully";


 if(isset($_POST["submit"])){

 //insert into database


 $sql = "INSERT INTO ContactInformation (fname, sname, email, comment, telephone, company)
        VALUES ('".$_POST["fname"]."','".$_POST["sname"]."','".$_POST["email"]."','".$_POST["comment"]."','".$_POST["telephone"]."','".$_POST["company"]."')";
     }   

//fetch from database
$sql = "SELECT email, fname, sname FROM ContactInformation";
$result = $conn->query($sql);


//Test pre existing database entries


if ($result->num_rows > 0) {
    // output data of each row
    while($row = $result->fetch_assoc()) {
        echo "id: " . $row["email"]. " - Name: " . $row["fname"]. " " . $row["sname"]. "<br>";
    }
} else {
    echo "0 results";
}

                 $conn->close();

?>  

So I'm connecting to the database fine because I'm getting info back from it, my issue is new user input isn't put to the server.

By : Jay.Smyth


Answers

See this part of your code?

 if(isset($_POST["submit"])){

 //insert into database


 $sql = "INSERT INTO ContactInformation (fname, sname, email, comment, telephone, company)
        VALUES ('".$_POST["fname"]."','".$_POST["sname"]."','".$_POST["email"]."','".$_POST["comment"]."','".$_POST["telephone"]."','".$_POST["company"]."')";
     } 

That only gets executed when you hit the submit button, yet you didn't query() as you did for the SELECT query. Plus, you're using the same $sql variable for both.

  • Use a different variable; it helps to differentiate between both of them.

You're not getting undefined index notices from error reporting because that query never gets executed; that's why.

You have 2 of those inputs that bear the wrong name attributes.

  • name="firstname"
  • name="secondname"

who respectively belong to:

  • $_POST["fname"]
  • $_POST["sname"]

You need to use a prepared statement here, since your code is prone to an SQL injection.

References:

Debugging tools:

and apply that to your code.

By : Fred -ii-


Well, there is nothing wrong with your code, it works perfectly, but there are 2 things that you missed o forgot:

As Proger_Cbsk wrote, you never call $conn->query($sql)

Also, you are using $_POST["fname"] which is wrong if you have your form with a name like name="firstname".

The issue relays that you are using wrong post names

$sql = "INSERT INTO ContactInformation 
                (fname, sname, email, comment, telephone, company)
        VALUES ('".$_POST["fname"]."','".$_POST["sname"].
                "','".$_POST["email"]."','".$_POST["comment"].
                "','".$_POST["telephone"]."','".$_POST["company"]."')";`

It should be:

$sql = "INSERT INTO ContactInformation 
                (fname, sname, email, comment, telephone, company)
        VALUES ('".$_POST["firstname"]."','".$_POST["secondname"].
              "','".$_POST["email"]."','".$_POST["comment"].
              "','".$_POST["telephone"]."','".$_POST["urcompany"]."')";`
By : Rhopercy


This video can help you solving your question :)
By: admin