3

Trying to figure out how to submit a new post to a preexisting table already created with data entries from mysql database. I want it to test if the request came from a POST first and if so, to insert a new row into the database and to display the new data in the table. This is what I've came up with so far but on submit, nothing seems to happen and my table disappears. Any help is greatly appreciated.

Here's what I have so far:

      $result = mysqli_query($dbconnect, $query);
            $num_rows = mysqli_num_rows($result);
        }
        if ($num_rows > 0) // build a table to show results
        {
        echo "<table border='1'>";
        echo "<tr>";
        echo "<th>Post ID </th>"; echo "<th>Author</th>";
        echo "<th>Title</th>"; echo "<th>Post</th>";
        echo "</tr>";

     while($row = mysqli_fetch_array($result))
        {
        echo "<tr>";
        echo "<td>" . $row['pid'] . "</td>";
        echo "<td>" . $row['author'] . "</td>";
        echo "<td>" . $row['title'] . "</td>";
        echo "<td>" . $row['post'] . "</td>";
        echo "</tr>";
        }   
        echo "</table>";
    } else{
        echo "No rows returned.";
    }
    ?>

 <form name ="myForm" action ="second.php<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>"   
       method = "POST"> <br><br><br>

     <h3> Create a Post </h3>

     Author  <input type ="text" size ="40" name ="author"/><br>
     Title <input type ="text" size ="30" name ="title"/><br><br>
     Post <br><textarea rows ="15" cols ="10" name ="post"></textarea><br>
     <input type ="submit" name = "submitpost" value ="Submit Post"/>
    </form>
    <?php


  // $sql = "INSERT INTO blog_posts (pid, author, title, post) 
        VALUES (NULL, '$_POST[author]', '$_POST[title]', '$_POST[post]')";

  //if($_SERVER['REQUEST_METHOD'] === 'POST'){
   //if(isset($_POST['submitpost'])){

  //post the $sql back into the exisiting table somehow
   ?>
Improve this question
12
  • do you indeed have the matching closing braces for if($_SERVER['REQUEST_METHOD'] === 'POST'){ if(isset($_POST['submitpost'])){ ? if not, there's your problem. error reporting should be throwing you a notice. Plus, no closing </form> tag. your question is unclear and your code is unsafe. Commented Apr 22, 2015 at 22:36
  • I put those two code sections just as I knew they had to be there just not sure what to do with them from there. I'll comment them out and my </form> is present too. Commented Apr 22, 2015 at 22:39
  • 1
    Add error reporting to the top of your file(s) right after your opening PHP tag for example <?php error_reporting(E_ALL); ini_set('display_errors', 1); then the rest of your code, to see if it yields anything, as well as or die(mysqli_error($dbconnect)) to mysqli_query(). Commented Apr 22, 2015 at 22:40
  • you could narrow down action ="second.php<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>" to just action="" could be the reason why also. you shouldn't need to use the filename and the additional parameter. Commented Apr 22, 2015 at 22:40
  • Thank you, now it's really just how to plug my new data into my database table Commented Apr 22, 2015 at 22:42

1 Answer 1

Reset to default
5
  • Note to future readers. This answer was based on OP's original post. See the revisions.

Place your INSERT query inside your conditional statements:

if($_SERVER['REQUEST_METHOD'] === 'POST'){

  if(isset($_POST['submitpost'])){

  $sql = mysqli_query($dbconnect, "INSERT INTO blog_posts (pid, author, title, post) 
        VALUES (NULL, '$_POST[author]', '$_POST[title]', '$_POST[post]')") 

     or die(mysqli_error($dbconnect));

    }

}

and change action ="second.php<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>" to just action=""

Use a conditional !empty() with your POST arrays to make sure you don't get any empty data and possibly throw an error.

Sidenote:

Your present code is open to SQL injection. Use mysqli with prepared statements, or PDO with prepared statements, they're much safer.

As per your edit, you're missing two closing braces } which error reporting would have thrown a notice if it were used.

 <form name ="myForm" action =""  method = "POST"> <br><br><br>

     <h3> Create a Post </h3>

     Author  <input type ="text" size ="40" name ="author"/><br>
     Title <input type ="text" size ="30" name ="title"/><br><br>
     Post <br><textarea rows ="15" cols ="10" name ="post"></textarea><br>
     <input type ="submit" name = "submitpost" value ="Submit Post"/>
    </form>
    <?php

   if($_SERVER['REQUEST_METHOD'] === 'POST'){

     if(isset($_POST['submitpost'])){

   $sql = "INSERT INTO blog_posts (pid, author, title, post) 
        VALUES (NULL, '$_POST[author]', '$_POST[title]', '$_POST[post]')";

   $data = mysqli_query($dbconnect, $sql)

        or die(mysqli_error($dbconnect));

    }

  }
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Thank You very much! Seemed to do the trick I just have a foreign key error. I don't get how data is entered in for the foreign key or why it would even need to be but I'll have to sort through this next.
@StevieP don't forget to give him the big green tick(he likes blood suckers)
@Dagon Just an "all-day sucker" will do lol I don't like quickies haha

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.