Hi. Please excuse my noobiness, but I'm new to PHP. My problem is data was not inserted into the database but PHP didn't return any error. Row was added since there was a new ID number, but then the rest of the columns are blanks and Sequence No and Date inserted 0's(zeros) instead of the real data. Could you kindly please check my code for any discrepancies? Please also check the images attached. Thanks.
***PROCESS PAGE*** - <?php include("includes/db_connect.php"); ?>
-
<?php require_once("includes/functions.php"); ?>
-
-
<html>
-
<head><title>Add Equipment</title></head>
-
-
<body>
-
<h3>Please review the data before finally submitting to the database.</h3>
-
<h3>Press the back button of your browser if you want to edit the data.</h3>
-
<h3>Press the submit button to submit it to the database.</h3><hr>
-
<br />
-
<?php
-
-
$equipname = $_POST['equipname'];
-
$manufacturer = $_POST['manufacturer'];
-
$serno = $_POST['serno'];
-
$modelno = $_POST['modelno'];
-
$capacity = $_POST['capacity'];
-
$curloc = $_POST['curlocation'];
-
$equipcode = $_POST['equipcode'];
-
$seqno = $_POST['seqno'];
-
$addDate = $_POST['dateYr']. "-";
-
$addDate .= $_POST['dateMO']. "-";
-
$addDate .= $_POST['dateDay'];
-
-
echo "Equipment Name : <b>{$equipname}</b><br />";
-
echo "Manufacturer : <b>{$manufacturer}</b><br />";
-
echo "Serial No. : <b>{$serno}</b><br />";
-
echo "Model No. : <b>{$modelno}</b><br />";
-
echo "Capacity/Range : <b>{$capacity}</b><br />";
-
echo "Current Location : <b>{$curloc}</b><br />";
-
echo "Equipment Code : <b>{$equipcode}</b><br />";
-
echo "Sequence No. : <b>{$seqno}</b><br />";
-
echo "Date Added : <b>{$addDate}</b>";
-
?>
-
<hr>
-
<form action="adddata.php" method="POST">
-
<input type="submit" name="submit" id="submit" value="Submit"></form>
-
-
</body></html>
-
<?php
-
if (isset($equip_db)) {
-
mysqli_close($equip_db);
-
}
-
?>
-------------
***ADDDATA*** - <?php include("includes/db_connect.php"); ?>
-
<?php require_once("includes/functions.php"); ?>
-
<?php
-
-
$equipname = $_POST['$equipname'];
-
$manufacturer = $_POST['$manufacturer'];
-
$serno = $_POST['$serno'];
-
$modelno = $_POST['$modelno'];
-
$capacity = $_POST['$capacity'];
-
$curloc = $_POST['$curlocation'];
-
$equipcode = $_POST['$equipcode'];
-
$seqno = $_POST['$seqno'];
-
$addDate = $_POST['$dateYr'] ."-". $_POST['$dateMO'] ."-". $_POST['$dateDay'];
-
-
$query_add = "INSERT INTO tblequipmentmasterlist (equipname, manufacturer, serno,
-
modelno, capacity, curlocation, equipcode, seqno, adddate)
-
VALUES ('{$equipname}','{$manufacturer}','{$serno}','{$modelno}',
-
'{$capacity}','{$curloc}','{$equipcode}','{$seqno}','{$addDate}')";
-
-
if (mysqli_query($db_cxn, $query_add)) {
-
header ("Location: newequipment.php");
-
exit;
-
} else {
-
echo "<p>Data addition has failed. Please contact the site administrator.</p>";
-
echo "<p>" . mysqli_error($db_cxn) . "</p>";
-
}
-
?>
-
<?php
-
if (isset($db_cxn)) {
-
mysqli_close($db_cxn);
-
}
-
?>
actually, I can’t see anything odd in the material given. you may try var_dump($_POST) to check that all data are correctly passed.
additionally, the redirect may fail in adddata.php.
I may also note that there are no precautions against SQL Injection attacks.
4 1643
actually, I can’t see anything odd in the material given. you may try var_dump($_POST) to check that all data are correctly passed.
additionally, the redirect may fail in adddata.php.
I may also note that there are no precautions against SQL Injection attacks.
Thanks for the quick reply. I inserted a var_dump and a print_r to my ADDDATA script and they came up empty actually. It returned an error but when I checked my database, it added another row. I really don't understand it. And what do you mean by "no precautions against SQL injection attacks?" I've revised both my PROCESS and ADDDATA scripts. Also, I've attached some new images showing the results. Thanks.
PROCESS_STRING_ESCAPED - <?php include("includes/db_connect.php"); ?>
-
<?php require_once("includes/functions.php"); ?>
-
-
<html>
-
<head><title>Add Equipment</title></head>
-
-
<body>
-
<h4>Please review the data before finally submitting to the database.</h4>
-
<h4>Press the back button of your browser if you want to edit the data.</h4>
-
<h4>Press the submit button to submit it to the database.</h4><hr>
-
<br />
-
<?php
-
-
$equipname = mysqli_real_escape_string($db_cxn, $_POST['equipname']);
-
$manufacturer = mysqli_real_escape_string($db_cxn, $_POST['manufacturer']);
-
$serno = mysqli_real_escape_string($db_cxn, $_POST['serno']);
-
$modelno = mysqli_real_escape_string($db_cxn, $_POST['modelno']);
-
$capacity = mysqli_real_escape_string($db_cxn, $_POST['capacity']);
-
$curloc = mysqli_real_escape_string($db_cxn, $_POST['curlocation']);
-
$equipcode = mysqli_real_escape_string($db_cxn, $_POST['equipcode']);
-
$seqno = mysqli_real_escape_string($db_cxn, $_POST['seqno']);
-
$addDate = mysqli_real_escape_string($db_cxn, $_POST['dateYr']). "-";
-
$addDate .= mysqli_real_escape_string($db_cxn, $_POST['dateMO']). "-";
-
$addDate .= mysqli_real_escape_string($db_cxn, $_POST['dateDay']);
-
-
echo "Equipment Name : <b>{$equipname}</b><br />";
-
echo "Manufacturer : <b>{$manufacturer}</b><br />";
-
echo "Serial No. : <b>{$serno}</b><br />";
-
echo "Model No. : <b>{$modelno}</b><br />";
-
echo "Capacity/Range : <b>{$capacity}</b><br />";
-
echo "Current Location : <b>{$curloc}</b><br />";
-
echo "Equipment Code : <b>{$equipcode}</b><br />";
-
echo "Sequence No. : <b>{$seqno}</b><br />";
-
echo "Date Added : <b>{$addDate}</b>";
-
?>
-
<hr>
-
<form action="adddata.php" method="POST">
-
<input type="submit" name="submit" id="submit" value="Submit"></form>
-
-
</body></html>
-
<?php
-
if (isset($db_cxn)) {
-
mysqli_close($db_cxn);
-
}
-
?>
----------------
ADDDATA with VAR_DUMP and PRINT_R - <?php include("includes/db_connect.php"); ?>
-
<?php require_once("includes/functions.php"); ?>
-
<?php
-
-
$equipname = $_POST['$equipname'];
-
$manufacturer = $_POST['$manufacturer'];
-
$serno = $_POST['$serno'];
-
$modelno = $_POST['$modelno'];
-
$capacity = $_POST['$capacity'];
-
$curloc = $_POST['$curlocation'];
-
$equipcode = $_POST['$equipcode'];
-
$seqno = $_POST['$seqno'];
-
$addDate = $_POST['$dateYr'] ."-". $_POST['$dateMO'] ."-". $_POST['$dateDay'];
-
-
$query_add = "INSERT INTO tblequipmentmasterlist (equipname, manufacturer, serno,
-
modelno, capacity, curlocation, equipcode, seqno, adddate)
-
VALUES ('{$equipname}','{$manufacturer}','{$serno}','{$modelno}',
-
'{$capacity}','{$curloc}','{$equipcode}','{$seqno}','{$addDate}')";
-
-
if ($query_add != null) {
-
mysqli_query($db_cxn, $query_add);
-
echo "<pre>";
-
echo print_r($query_add);
-
echo var_dump($query_add);
-
echo "</pre>";
-
//header ("Location: newequipment.php");
-
exit;
-
} else {
-
echo "<p>Record was not added : ". $query_add. " Please contact the site administrator.</p>";
-
echo "<p>" . mysqli_error($db_cxn) . "</p>";
-
}
-
?>
-
<?php
-
if (isset($db_cxn)) {
-
mysqli_close($db_cxn);
-
}
-
?>
I inserted a var_dump and a print_r to my ADDDATA script and they came up empty actually.
that is indicating that there is something wrong with your HTML form.
when I checked my database, it added another row.
even if the values are empty, they will be inserted.
besides that, did you really name the form elements like $eqipname?
The problem is now resolved. What I did was do away with the ADDDATA page and just insert the record at the PROCESSFORM page, taking into account character escaping. It is now working as it should be. Here is my new code for the revised PROCESSFORM page. Thanks for the help.
NEW PROCESS FORM PAGE -
<?php include("includes/db_connect.php"); ?>
-
<?php require_once("includes/functions.php"); ?>
-
-
<?php
-
-
$equipname = mysqli_real_escape_string($db_cxn, trim(htmlspecialchars($_POST['equipname'])));
-
$manufacturer = mysqli_real_escape_string($db_cxn, trim(htmlspecialchars($_POST['manufacturer'])));
-
$serno = mysqli_real_escape_string($db_cxn, trim(htmlspecialchars($_POST['serno'])));
-
$modelno = mysqli_real_escape_string($db_cxn, trim(htmlspecialchars($_POST['modelno'])));
-
$capacity = mysqli_real_escape_string($db_cxn, trim(htmlspecialchars($_POST['capacity'])));
-
$curloc = mysqli_real_escape_string($db_cxn, trim(strip_tags($_POST['curlocation'])));
-
$equipcode = mysqli_real_escape_string($db_cxn, trim(strip_tags($_POST['equipcode'])));
-
$seqno = mysqli_real_escape_string($db_cxn, trim(strip_tags($_POST['seqno'])));
-
$addDate = mysqli_real_escape_string($db_cxn, trim(strip_tags($_POST['dateYr']))). "-";
-
$addDate .= mysqli_real_escape_string($db_cxn, trim(strip_tags($_POST['dateMO']))). "-";
-
$addDate .= mysqli_real_escape_string($db_cxn, trim(strip_tags($_POST['dateDay'])));
-
-
$query_add = "INSERT INTO tblequipmentmasterlist (equipname, manufacturer, serno,
-
modelno, capacity, curlocation, equipcode, seqno, adddate)
-
VALUES ('{$equipname}','{$manufacturer}','{$serno}','{$modelno}',
-
'{$capacity}','{$curloc}','{$equipcode}','{$seqno}','{$addDate}')";
-
-
if ($query_add != null) {
-
mysqli_query($db_cxn, $query_add);
-
echo "<pre>";
-
echo "<h4>You have successfully added the following records to the database : </h4>";
-
echo "<hr>";
-
echo "<br />";
-
echo "Equipment Name : <b>{$equipname}</b><br />";
-
echo "Manufacturer : <b>{$manufacturer}</b><br />";
-
echo "Serial No. : <b>{$serno}</b><br />";
-
echo "Model No. : <b>{$modelno}</b><br />";
-
echo "Capacity/Range : <b>{$capacity}</b><br />";
-
echo "Current Location : <b>{$curloc}</b><br />";
-
echo "Equipment Code : <b>{$equipcode}</b><br />";
-
echo "Sequence No. : <b>{$seqno}</b><br />";
-
echo "Date Added : <b>{$addDate}</b>";
-
//echo print_r($_POST);
-
//echo var_dump($_POST);
-
echo "</pre>";
-
echo "<hr>";
-
echo "<form action='newequipment.php' method='POST'>";
-
echo "<input type='submit' name='submit' id='submit' value='Continue' /></form>";
-
//header ("Location: processform_old.php");
-
//exit;
-
} else {
-
echo "<p>Record was not added : ". $query_add. " Please contact the site administrator.</p>";
-
echo "<p>" . mysqli_error($db_cxn) . "</p>";
-
}
-
?>
-
-
<?php
-
if (isset($db_cxn)) {
-
mysqli_close($db_cxn);
-
}
-
?>
Sign in to post your reply or Sign up for a free account.
Similar topics
by: rami |
last post by:
Hi
I'm using ADO.Net and Access 2002.
I have two processes written in vc++ .net, lets call them for,
example A and B.
A opens a connection, do something and closes the connection.
Then A...
|
by: krian |
last post by:
Hi,
I need a help from anybody. My problem is here
I wrote two WebApplication in ASP.net Using C#. The name of the
applications are (Journal.aspx and Payment.aspx). These Two pages have
DataGrids...
|
by: Chris |
last post by:
I have a meetings section I'm developing on our intranet. Using PHP/MySQL.
Meeting info and Meeting docs reside on 2 related tables in the db. Users
may want to upload anywhere from 1 to 10 or...
|
by: cheergurl |
last post by:
i have a problem to display the data inserted at parent page.After i click a button submit at child page,the data that was inserted before are lost...can anybody give a solution to me how to remain...
|
by: fjm |
last post by:
Hi everyone,
I am looking for a php and maybe javascript solution that will show a particular php page when there is new data entered into a database table.
So when a field in a table has new...
|
by: vinci |
last post by:
Greetings!
I Have A Little Problem...
Is It Possible To Make The Identity In My Table Reset?
I Have Used The Table Already To Make Insert Some Sample Data.. Now I Deleted Those Data Inserted.....
|
by: robin1983 |
last post by:
Dear All,
Firstly I would like thank all senior and junior who helping and sharing the knowledge to us. Actually, I have a small query.
The problem is that I have a form which have only two...
|
by: jinalpatel |
last post by:
I have two tables. tblClass and tblWithdrawn. On my main form(bound to tblClass) I have several data entry fields like
Date withdrawn,
Status (active or withdrawn)
Date Classified etc.
Also...
|
by: digituf |
last post by:
I have a form named:"RegistrationForm.php". when i click the "submit button", there's a data inserted in the database (the prove is, there a new row in the database),
but there's no value from user...
|
by: Faran Akhtar |
last post by:
Hello everyone.
i m new on asp.net
i m trying to insert data in sql database from textboxes on the page, but i m not succeded.
i got no errors when i run my code, but no data get inserted in the...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |