0

I need to redirect submissions so that users aren't taken to a blank screen.

Here's the code for my form::

<form action="giveaway_execute.php" method="post">
    First Name:
    <input type="text" name="firstname" /><br />
    Last Name:
    <input type="text" name="lastname" /><br />
    etc...
    ...
    ...
    <p><input type="submit" value="Submit"/>
    </p>
    </form>

and here's the php for 'giveaway_execute.php' which interacts with the mySQL db (everything submits; removed password and db name for security)::

<?php 

define ( 'DB_NAME','xxxx');
define ( 'DB_USER','xxxx');
define ( 'DB_PASSWORD','xxxx');
define ( 'DB_HOST','localhost');

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);

if (!link) {
die('Could not connect: ' .mysql_error());
}

$db_selected = mysql_select_db(DB_NAME, $link);

if (!$db_selected) {
die('Can\'t use ' . DB_NAME . ': ' . mysql_error());
}

$value1 = $_POST['firstname'];
$value2 = $_POST['lastname'];
$value3 = $_POST['phone'];
$value4 = $_POST['street'];
$value5 = $_POST['city'];
$value6 = $_POST['state'];
$value7 = $_POST['zip'];
$value8 = $_POST['email'];
$value9 = $_POST['weddingdate'];

$sql = "INSERT INTO entrants (firstname, lastname, phone, street, city, state, zip, email, weddingdate) VALUES ('$value1', '$value2', '$value3', '$value4', '$value5', '$value6', '$value7', '$value8', '$value9')";


 if (!mysql_query($sql)) {
die('Error: ' . mysql_error());
}

mysql_close();
?>

I've tried redirects on the PHP file but nothing is working. Any suggestions would be greatly appreciated.

Thank you.

Improve this question

3 Answers 3

Reset to default
1

You can just include another page after you're done with your database operations, or as suggested you can use a header call but be sure to use an absolute url.

Also worth noting your code is highly vulnerable to SQL injection, and it doesn't do any validation.

It's a good idea to use isset on your fields to avoid getting notices and SQL errors if fields aren't set.

Finally, it's recommended to use a library such as PDO or mysqli over the older mysql_* extension.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks for the tips on SQL (this is a first for me). Tried the header function in a variety of way that didn't work. Includes not working either. Can you give me an example of where to put either one?
It wont work if your output has already started, enable error reporting
0

try 

header('location:page2.php');

at the end of the file.

Replace page2.php with the actual page you want to send them to

Improve this answer

4 Comments

You should use absolute urls for a location header
I guess you are right --- w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30 I always have been using relative... oops
Yeah. I've tried that and retried just now. Not working... thanks though!
what mdo you mean it isn't working? What happens? is there an error? This is a pretty standard function.. dont think there is any reason it shouldnt be working
0 
// process.php
$db = new PDO('mysql:host=localhost;dbname=test', 'root', 'root');
if(isset($_POST['value'])){
  error_log(print_r($_POST,1),0);
  $db->query('INSERT INTO test (id, value) VALUES (NULL, "'.$_POST['value'].'")');
  header('Location: http://google.com');
  exit();
}
else {
  echo "$_POST is not set.";
}

// form.php
<form action="process.php" method="post">
  <input type="text" name="value">
  <input type="submit" id="submit-btn" value="Submit">
</form>

Try something simpler and build from there. Also read this: http://www.php.net/manual/en/pdo.prepared-statements.php

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.