0

I have some problems while trying to send data from form to mysql database using php.I know how to fix this when i set form action to anothen page (<form action="example.php>, but i want that all procces stay on one page. WHen i run my php script and enter name in both of fields and go send, only url page changes, nothing else.Hope u can help me.Thanks

<?php
$con=mysqli_connect("localhost","root","","test");
if (mysqli_connect_errno())
{
echo"Error connecting to database". mysqli_connect_error();
}
if (isset($_POST['input_send']))
{
$name=($_POST['input_name']);
$lastname=($_POST['input_lastname']);
$insert="INSERT INTO test_mysql (name, lastname) VALUES ('$name', $lastname)";
echo"record added";
}
?>
<form action="" action="post">
First name: <input type="text" name="input_name"/>
Last name: <input type="text" name="input_lastname"/>
<input type="submit" value="send" name="input_send"/>
</form>
Improve this question
6
  • and the error message is ? Error connecting to database ?? Commented Mar 29, 2014 at 21:53
  • Can you clarify what your problem is exactly? It's not clear.. Commented Mar 29, 2014 at 21:54
  • THere is no error message.Only problem is that when i click on send only url of the page changes to http://localhost/form_2/guestbook.php?input_name=myname&input_lastname=mylastname&input_send=send Commented Mar 29, 2014 at 21:55
  • you said error in your question ?? are you getting echo"record added"; ?? Commented Mar 29, 2014 at 21:56
  • 1
    SQL INJECTION ALERT Commented Mar 29, 2014 at 21:58

3 Answers 3

Reset to default
1

Your error is that you typed

action="post"

instead of

method="post"

Without a method specified, PHP will fall back to GET. Hence your isset($_POST) will return false and you are not seeing 'record added'

Another error, as pointed out by echo_ME is that you are not submitting the MySQL Query to the Database:

$insert="INSERT INTO test_mysql (name, lastname) VALUES ('$name', $lastname)";

With the function mysqli_query you can perform your query:

mysqli_query($insert);

As noted by others you should escape your variables to prevent SQL Injections

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

change this

  $insert="INSERT INTO test_mysql (name, lastname) VALUES ('$name', $lastname)";

to

 mysqli_query("INSERT INTO test_mysql (name, lastname) VALUES ('$name', '$lastname')");

and this

action="post"

to

method="post"

and escape your variables like that:

$name=mysqli_real_escape_string($_POST['input_name']);
$lastname=mysqli_real_escape_string($_POST['input_lastname']);
Improve this answer

1 Comment

I made that all changes but when i click send it says "record added" but it wasn't added to database.
0 
<form action="<?=echo $_SERVER['PHP_SELF']?>" method='post'>

You can take info about the page url from your server.

It basicly action to the same page, i mean itself.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.