0

Edit: I can see the form but it does not write to the database. Here's the code:

<html>
<head>Test PAge</head>
<body>
<form action="testform3.php" method="POST">
<h1 align="center">Client Registration</h1><br>
<br>
<table>
<tr><td>
CID: <input type = "text" name="cid">
</td></tr>
<tr><td>Client Name: <input type="text" name="cname"></td></tr>
<tr><td>Client Short Name: <input type="text" name="cshortname"></td></tr>
<tr><td>Representative/Coordinator: <input type="text" name="coordinator"></td></tr>
<tr><td>BusinessHead: <input type=text name="bizhead"></td></tr>
<tr><td>Mobile: <input type=text name="mob_no"></td></tr>
<tr><td>[Phone (1)]: <input type=text name="phone1"></td>
<td>[Phone (2)]: <input type=text name="phone2"></td>
<td>[Fax (1)]: <input type=text name="fax1"></td>
<td>[Fax (2)] : <input type=text name="fax2"></td>
</tr>
<tr><td>Area : <input type=text name="area"></td>
<td>City : <input type=text name="city"></td>
<td>[Postal Code] : <input type=text name="postalcode"></td>
<td>[Zip Code] : <input type=text name="zipcode"></td></tr>
<tr><td>State : <input type=text name="state"></td>
<td>Country : <input type=text name="country"></td></tr>

<tr><td>
Remarks : <input type=text name="remarks">
</td></tr>
<tr><td><input type="submit" name="savetoDB" value="registerclient"></td></tr>
</table>
</form>
</body>
</html> 

<?php
if (isset($_POST['savetoDB']))
{

$host="localhost:3306"; // Host name with mysql port no
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="mediaplus_test"; // Database name
$tbl_name="clientele"; // Table name

// Connect to server and select databse.


$con = mysql_connect("$host", "$username", "$password");
if ( ! $con )
{
die("Cannot connect to database....!" . mysql_error());
}
echo "connected";


 //Selecting the database to insert form data to


mysql_select_db("$db_name",$con) or die("cannot select DB...!"  . mysql_error());
echo "connected to database";

//SQL Querty to write to database. using a variable to store sql insert query

extract($_POST); 

$sql = "INSERT INTO    (ID, ClientFullName, ClientShortName, Representative, 
BusinessHead, Mobile, Phone (1), Phone (2), Fax(1), Fax (2), Area, City, State, 
Country, Postal Code, Zip Code, Remarks) " .
 "VALUES  

('$cid', '$cname', '$cshortname', '$coordinator', '$bizhead', '$mob_no', '$phone1',   
 '$phone2', '$fax1', '$fax2', '$area', '$city', '$state', '$country', '$postalcode', 
'$zipcode', '$remarks')";


    //'coordinator']."','".$_POST['bizhead']."','".$_POST['mob_no']."','".$_POST['phone1']."','//".$_POST['phone2']."','".$_POST['fax1']."','".$_POST['fax2']."','".$_POST['area']."','".$//_POST['city']."','".$_POST['postalcode']."','".$_POST['zipcode']."','".$_POST['state']."'//,'".$_POST['country']."','".$_POST['remarks']."')";

mysql_query($sql,$con);
mysql_close($con);
}
//Echo "Data inserted into clientele";
?>

question ends here..!

I am trying to insert data from form input to mysql database using php. I get the following error in the browser:

Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in J:\xampp\htdocs\testform.php on line 70

This is my query:

sql = "INSERT INTO clientele(ID,ClientFullName,ClientShortName,Representative,BusinessHead,Mobile,Phone (1),Phone (2),Fax(1),Fax (2),Area,City,State,Country,Postal Code,Zip Code,Remarks)" .
"VALUES ('$_POST'[cid]',
'$_POST['cname']', '$_POST['cshortname']',
'$_POST['coordinator']',
'$_POST['bizhead']',
'$_POST['mob_no']',
'$_POST['phone1']',
'$_POST['phone2']',
'$_POST['fax1']',
'$_POST['fax2']',
'$_POST['area']',
'$_POST['city']',
'$_POST['postalcode']',
'$_POST['zipcode']',
'$_POST['state']',
'$_POST['country']',
'$_POST['remarks']',)";

What could be the problem here? Thanks.

Improve this question
9
  • 1
    this would be the problem: Phone (1),Phone (2),Fax(1),Fax (2) put it into backticks Commented Aug 26, 2013 at 15:27
  • 2
    You really need to get a proper editor which highlights parse errors. Commented Aug 26, 2013 at 15:28
  • this is another problem: '$_POST'[cid]' - it should be '$_POST[cid]' and you should really escape your $_POST-Data Commented Aug 26, 2013 at 15:30
  • 3
    Your code is vulnerable to SQL Injection, see this question for more info: stackoverflow.com/questions/60174/… Commented Aug 26, 2013 at 15:32
  • Time to start over again on String concatenation, its not only one problem: they are multiple Commented Aug 26, 2013 at 15:34

4 Answers 4

Reset to default
1

i dont like to rewrite your hole query.

Here is an example how it may be done without syntax error:

$sql = "INSERT INTO clientele(`ID`,`ClientFullName`, `ClientShortName`) " .
"VALUES ('".$_POST['cid']."','".$_POST['cname']."','".$_POST['cshortname']."')";

But you have to care about the SQL Injection issue!!! Dont't put it online like this!

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

To avoid complicating Query,use extract(), so @steven's answer will be simple like this :

extract($_POST); 

$sql = "INSERT INTO clientele(`ID`,`ClientFullName`, `ClientShortName`) VALUES ('$cid','$cname','$cshortname')";

OR:

$sql = "INSERT INTO clientele(`ID`,`ClientFullName`, `ClientShortName`) VALUES ('".$cid."','".$cname ."','".$cshortname."')";

But you have to care about the SQL Injection issue!!! Dont't put it online like this!

Improve this answer

3 Comments

This is a test project. I will consider your suggestions about string concatenation, sql injection..
Try this query : $sql = "INSERT INTO ('ID', 'ClientFullName','ClientShortName', 'Representative', 'BusinessHead', 'Mobile', 'Phone (1)', 'Phone (2)', 'Fax(1)', 'Fax (2)', 'Area', 'City', 'State', 'Country', 'Postal Code', 'Zip Code', 'Remarks')VALUES ('$cid', '$cname', '$cshortname', '$coordinator', '$bizhead', '$mob_no', '$phone1', '$phone2', '$fax1', '$fax2', '$area', '$city', '$state', '$country', '$postalcode', '$zipcode', '$remarks')";
Just tried this query, doesn't seem to work. For the record, i am using this in conjunction with extract($_POST); state else i get Notice: Undefined variable: cid in J:\xampp\htdocs\testform4.php on line 73,74.... error.
0 
'$_POST'[cid]'

Don't know about you but that doesn't look like it isn't going to run very well to me.

Ammend too:

'$_POST['cid']'
Improve this answer

2 Comments

Won't work much better. The variable should be in braces, like "... '{$_POST['cid']}' ...", or the quotes around the key will cause issues. Alternatively, you could just say "... '$_POST[cid]' ...", but that'll give you notices about undefined constants.
Hello everyone...I have changed the code as suggested and can see the form but it does not seem to write to database. How can I paste my code in the comment, it has limited character length?
0

try inputting values like

'{$_POST['cid']}'
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.