0

I need some help with a very basic issue that I cannot resolve. A bit of background: I have a PHP form and I would like the information inside the table to insert into my SQL table. For some reason, when I hit submit nothing inserts into the table and I have no idea why. Please help! This is the PHP Code:

<?php 
try
    {
        $db = new PDO('mysql:host=' . $Database_Host . ';dbname=' . $Database_Database, $Database_Username, $Database_Password);
    }catch(PDOException $e){
        die("Failed to connect to database! Please check the database settings.");
    }
if(isset($_POST['submit'])) {  
     $result = mysql_query('INSERT INTO requests (song,name,dedicated,time) VALUES ("' . mysql_real_escape_string($_POST['name']) . '", "' . mysql_real_escape_string($_POST['dedicated']) . '", "' . mysql_real_escape_string($_POST['song']) . '", UNIX_TIMESTAMP())'); 
    if ($result) { 
        echo 'Song requested successfully!<br />'; 
    } 
} 
?>

This is the HTML Code:

<form method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>">Request:<br /><br /> 
Song:<br /> 
<input type="text" name="song"><br /> 
Name:<br /> 
<input type="text" name="name"><br /> 
Comments:<br /> 
<input type="text" name="dedicated"><br /> 
<input type="submit" name="submit" value="Submit" >
</form>

What this is meant to do is insert the request form into the SQL table, however nothing is happening. Any help is appreciated.

Kind Regards, Edward

Improve this question
6
  • 2
    You're mixing mysql_ and PDO. Don't. Commented Feb 10, 2016 at 20:25
  • Should I just remove the PDO catch then? Commented Feb 10, 2016 at 20:27
  • you are using pdo and can NOT use mysql_query() . use $db->query() instead Commented Feb 10, 2016 at 20:29
  • You have to pay attention to the order of fields you defined after table name Commented Feb 10, 2016 at 20:30
  • Since you're using PDO, you should use a prepared query instead of substituting into the SQL string. Commented Feb 10, 2016 at 20:34

2 Answers 2

Reset to default
1

You can't mix mysql and PDO like that. You should use a PDO prepared query for the insert.

Also, the order of the values in the VALUES list have to match the column list -- you had the values in the order name, dedicated, song, time instead of song, name, dedicated, time.

<?php 
if (isset($_POST['submit'])) {
    try
    {
        $db = new PDO('mysql:host=' . $Database_Host . ';dbname=' . $Database_Database, $Database_Username, $Database_Password);
    }catch(PDOException $e){
        die("Failed to connect to database! Please check the database settings.");
    }
    $stmt = $db->prepare('INSERT INTO requests (song,name,dedicated,time) VALUES (:song, :name, :dedicated, UNIX_TIMESTAMP())'); 
    $result = $stmt->execute(array(':song' => $_POST['song'], ':name' => $_POST['name'], ':dedicated' => $_POST['dedicated']));
    if ($stmt->rowCount == 1) {
        echo "Song requested successfully";
    } else {
        echo "Song could not be requested";
    }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

9 Comments

Thanks for this, so how would I relate the if statement to the submit button of the form? I have set the variables however cannot figure out how to apply them to the completion of the HTML Form.
Test whether $_POST['submit'] is set, so you know that the form was submitted. This is basic PHP form processing, any tutorial should include code like this. I've updated the answer.
For some reason, it's throwing a 500 internal error now. The full code is located here if you can spot anything out: pastebin.com/egXwvyCk Thanks again!
The reason for the error will be in your apache log. What is it?
I was missing a ) on the execute line, I've fixed it.
|
0

You should study about pdo and mysql and then use them ... just see this simple example with mysql :

<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDB";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);

// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
}

// prepare and bind
$stmt = $conn->prepare("INSERT INTO MyGuests (firstname, lastname, email) VALUES (?, ?, ?)");
$stmt->bind_param("sss", $firstname, $lastname, $email);

// set parameters and execute
$firstname = "John";
$lastname = "Doe";
$email = "[email protected]";
$stmt->execute();

$firstname = "Mary";
$lastname = "Moe";
$email = "[email protected]";
$stmt->execute();

$firstname = "Julie";
$lastname = "Dooley";
$email = "[email protected]";
$stmt->execute();

echo "New records created successfully";
$stmt->close();
$conn->close();
?>

and this one with pdo :

<?php
$servername = "localhost";
$username = "username";
$password = "password";
$dbname = "myDBPDO";

try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
// set the PDO error mode to exception
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

// prepare sql and bind parameters
$stmt = $conn->prepare("INSERT INTO MyGuests (firstname, lastname, email)
VALUES (:firstname, :lastname, :email)");
$stmt->bindParam(':firstname', $firstname);
$stmt->bindParam(':lastname', $lastname);
$stmt->bindParam(':email', $email);

// insert a row
$firstname = "John";
$lastname = "Doe";
$email = "[email protected]";
$stmt->execute();

// insert another row
$firstname = "Mary";
$lastname = "Moe";
$email = "[email protected]";
$stmt->execute();

// insert another row
$firstname = "Julie";
$lastname = "Dooley";
$email = "[email protected]";
$stmt->execute();

echo "New records created successfully";
}
catch(PDOException $e)
{
echo "Error: " . $e->getMessage();
}
$conn = null;
?>

I prefer using pdo

Source : http://www.w3schools.com/php/php_mysql_prepared_statements.asp

NOTE : use prepared statements to avoid sql injection .

Improve this answer

3 Comments

If you're not going to show how to write the code correctly, this should be a comment, not an answer.
Thank you for the help, can you write an answer for me so I can study and learn from my mistakes easier? Thank you ;)
@Barmar just want to help in few time

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.