0

i have code for save 3 textbox in one field in databse

no problem when i am enter 3 textbox , but when i fill 1 textbox and press ok save another textbox in database as blank

i want just take the textbox is fulled and ignore the textbox empty

this is my code

<?php

include("connect.php");


$expert_name  = trim($_POST['expert_name']);
$expert_name2 = trim($_POST['expert_name2']);
$expert_name3 = trim($_POST['expert_name3']);


// this is for arabic language.
mysql_query("SET NAMES utf8");

// Insert data into mysql 
$sql="INSERT INTO experts(id,expert_name) VALUES(NULL, '$expert_name')";
$sql2="INSERT INTO experts(id,expert_name) VALUES(NULL, '$expert_name2')";
$sql3="INSERT INTO experts(id,expert_name) VALUES(NULL, '$expert_name3')";
$result=mysql_query($sql);
$result2=mysql_query($sql2);
$result3=mysql_query($sql3);
// if successfully insert data into database, displays message "Successful". 
if($result){
echo "Successful";
echo "<BR>";
// echo "<a href='formadd.php'>Back to main page</a>";
}
else {
echo "ERROR";
echo "<br>";
// this for print error in insert process 
echo mysql_error();
echo "<a href='expert_add.php'><br>Please try again </a>";
}
//mysql_close($con);
?>
<a href="<?php echo $_POST['sys']; ?>">back to form add</a>
Improve this question
1
  • The code sample posted is dangerous, because it enables SQL injection. Commented Jan 15, 2014 at 11:45

6 Answers 6

Reset to default
2

Execute your sql query only the variable value not equal to empty. try this,

        $expert_name = trim($_POST['expert_name']);
        $expert_name2 = trim($_POST['expert_name2']);
        $expert_name3 = trim($_POST['expert_name3']);


        // this is for arabic language.
        mysql_query("SET NAMES utf8");

        // Insert data into mysql 
        if ($expert_name != "") {
            $sql = "INSERT INTO experts(id,expert_name) VALUES(NULL, '$expert_name')";
            $result = mysql_query($sql);
        }

        if ($expert_name2 != "") {
            $sql2 = "INSERT INTO experts(id,expert_name) VALUES(NULL, '$expert_name2')";
            $result2 = mysql_query($sql2);
        }
        if ($expert_name != "") {
            $sql3 = "INSERT INTO experts(id,expert_name) VALUES(NULL, '$expert_name3')";
            $result3 = mysql_query($sql3);
        }



        // if successfully insert data into database, displays message "Successful". 
        if ($result || $result2 || $result3) {
            echo "Successful";
            echo "<BR>";
            // echo "<a href='formadd.php'>Back to main page</a>";
        } else {
            echo "ERROR";
            echo "<br>";
            // this for print error in insert process 
            echo mysql_error();
            echo "<a href='expert_add.php'><br>Please try again </a>";
        }
        //mysql_close($con);
        ?>
        <a href="<?php echo $_POST['sys']; ?>">back to form add</a>

You should also check $result2 and $result3. I added that in this answer

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Beware of SQL injection!
1

try this 

if ( !empty($_POST['expert_name']) ){
   $sql="INSERT INTO experts(id,expert_name) VALUES(NULL, '$expert_name')";
   $result=mysql_query($sql);
}

if ( !empty($_POST['expert_name2']) ){
   $sql2="INSERT INTO experts(id,expert_name) VALUES(NULL, '$expert_name2')";
   $result2=mysql_query($sql2);
}

if ( !empty($_POST['expert_name3']) ){
   $sql3 ="INSERT INTO experts(id,expert_name) VALUES(NULL, '$expert_name3')";
   $result3 =mysql_query($sql3 );
}
Improve this answer

Comments

1

Then you might want to check if the variable is empty().

<?php

include("connect.php");


$expert_name  = trim($_POST['expert_name']);
$expert_name2 = trim($_POST['expert_name2']);
$expert_name3 = trim($_POST['expert_name3']);


// this is for arabic language.
mysql_query("SET NAMES utf8");

// Insert data into mysql 
if(!empty($expert_name)) {
$sql="INSERT INTO experts(id,expert_name) VALUES(NULL, '$expert_name')";
$result=mysql_query($sql);
}     
if(!empty($expert_name2)) {
$sql2="INSERT INTO experts(id,expert_name) VALUES(NULL, '$expert_name2')";
$result2=mysql_query($sql2);
}
if(!empty($expert_name3)) {
$sql3="INSERT INTO experts(id,expert_name) VALUES(NULL, '$expert_name3')";
$result3=mysql_query($sql3);
}
// if successfully insert data into database, displays message "Successful". 
if($result){
echo "Successful";
echo "<BR>";
// echo "<a href='formadd.php'>Back to main page</a>";
}
else {
echo "ERROR";
echo "<br>";
// this for print error in insert process 
echo mysql_error();
echo "<a href='expert_add.php'><br>Please try again </a>";
}

Also note: You only check if $result is okay. If you only fill textbox 2 and leave 1 empty, the value of 2 it will get inserted but an error is shown.

Improve this answer

Comments

0

I'd say your code need general review, but as it is for now you will have to do something like this each query:

if (!empty($expert_name2){
    $result2=mysql_query($sql2)
}

But you should try to loop your queries in foreach rather than manually write every on query. And by the way:

if($result){
echo "Successful";
echo "<BR>";
// echo "<a href='formadd.php'>Back to main page</a>";
}

This code only return succes when 1st wuery success because you use $result which is set in 1st query only

Improve this answer

Comments

0

The ID is probably NOT NULL AUTO_INCREMENT, so that won't accept NULL as value. try sending blank value, such as:

$sql="INSERT INTO experts(id,expert_name) VALUES ('', '$expert_name')";

Also, build bulk insert, rather than multiple. I will explain why, when you insert single insert into the database, the values being inserted, then, the DB engine flushes indexes (they written to disk), unless you have set delay_key_write=ALL in you my.cnf. Index flushing directly affects your db performance.

Please, check the reworked code out. The code adjusted for bulk insert, sql string escaping for security purposes and additional verification for post keys existence.

<?php
include("connect.php");

// this is for arabic language.
mysql_query("SET NAMES utf8");
$values = array();
$skipInsert = true;
$fields = array('expert_name', 'expert_name2', 'expert_name3');
$insert = "INSERT INTO experts(id,expert_name) VALUES ";
// Loop through predefined fields, and prepare values.
foreach($fields AS $field) {
    if(isset($_POST[$field]) && !empty($_POST[$field])) {
        $values[] = "('', '".mysql_real_escape_string(trim($_POST[$field]))."')";
    }
}

if(0 < sizeof($values)) {
    $skipInsert = false;
    $values = implode(',', $values);
    $insert .= $values;
}

if(false === $skipInsert) {
    mysql_query($insert);
}
// if successfully insert data into database, displays message "Successful".
if($result){
    echo "Successful","<BR>";
    // echo "<a href='formadd.php'>Back to main page</a>";
} else {
    echo "ERROR","<br>",mysql_error(),"<a href='expert_add.php'><br>Please try again </a>";
}

HTH, VR

Improve this answer

Comments

0 
if(!empty($textbox1_value)) {

   //DO SQL

}

You can repeat this for multiple boxes however you wish, the empty operator checks if its empty, so if its not empty the "//DO SQL" area will get run.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.