0

I have a web page which needs to send data back to a MySQL database but the first two form boxes data is not sent across to the database.

I have very limited php mysql knowledge and cannot figure out the problem on my own. 

//create the connection 
$conn = mysqli_connect($servername, $username, $password, $dbname);

if(!$conn)
{

//Error handler
die("MySQL Connection Error: ".mysqli_error());
}

//Extracting information from the user to add to the outputs table in the Database
if (isset($_POST['confirmbut'])) {
    $sensorname = mysqli_real_escape_string($conn,$_POST['sensorname']);
    $sensorip = mysqli_real_escape_string($conn,$_POST['sensorip']);
    $state = mysqli_real_escape_string($conn,$_POST['state']);

//Selecting Database and inserting user inputted data to the database
    mysqli_query($conn,"SELECT * FROM outputs");
    mysqli_query($conn,"INSERT INTO outputs(Sensor_ID, Sensor_IP, State, Pending_Update) VALUES ('$sensorname', '$sensorip','$state','1')");

    header("location: insertname.php");
}


?>

<!DOCTYPE html>
    <html>
        <head>
        <meta charset="utf-8">
        <title> Switch </title>
    </head>
<body>

<h2 class="title">Please fill in your switches Details</h2>

    <!-- Posts data inserted here -->
    <form method="post" action="insertname.php">

        <!-- Form to enter Device Name, Output IP, State --> 
        <tr>    
            <td>  Relay Name: </td>
            <td><input type="text" name="output name" class="textInput" required="required"></td>
        </tr> 

        <tr>
            <td>  Relay IP:</td>
            <td><input type="text" name="outputIP" class="textInput" required="required"></td>
        </tr>

        <tr>
            <td>  Relay State: On = 1  Off = 0</td>
            <td><input type="text" name="state" class="textInput" required="required"></td>
        </tr>
            <td><input type="submit" name="confirmbut" value="Enter" class="enterbutton" > </td>
        </tr>

       </form>  
    </body>
 </html>
Improve this question
4
  • Notice how there is a line that says mysqli_query($conn,"INSERT[...]? That line inserts data into the database. It is trying to insert data previously defined as $sensorname and $sensorip. This is defined as coming from the form from inputs named sensorname and sensorip. You don't have inputs in your form named sensorname and sensorip. And you don't have anywhere in the code that takes the values from the fields you are using named output name and outputIP. Commented Apr 26, 2017 at 0:18
  • 2
    WARNING: When using mysqli you should be using parameterized queries and bind_param to add user data to your query. DO NOT use manual escaping and string interpolation or concatenation to accomplish this because you will create severe SQL injection bugs. Accidentally unescaped data is a serious risk. Commented Apr 26, 2017 at 0:22
  • Form elements can't have spaces in the name. Change output name to output_name Commented Apr 26, 2017 at 0:22
  • I think your <form action is the wrong url, since your header('LOCATION: is the same after the post... but really... learn AJAX... and don't do $conn->query('SELECTs for no reason. Yeah, that's the syntax you will probably appreciate if you like less typing. Then you can do stuff like $conn->escape_string($stringHere). Commented Apr 26, 2017 at 0:47

1 Answer 1

Reset to default
1

I do not know if you've changed the names of the table rows in your database, but assuming they are the same as in the code, I have corrected your code so that the fields you are trying to insert are pulled from the correct inputs in your form.

if(!$conn)
{

//Error handler
die("MySQL Connection Error: ".mysqli_error());
}

//Extracting information from the user to add to the outputs table in the Database
if (isset($_POST['confirmbut'])) {
    $outputname = mysqli_real_escape_string($conn,$_POST['outputname']);
    $outputip = mysqli_real_escape_string($conn,$_POST['outputip']);
    $state = mysqli_real_escape_string($conn,$_POST['state']);

//Selecting Database and inserting user inputted data to the database
    mysqli_query($conn,"SELECT * FROM outputs");
    mysqli_query($conn,"INSERT INTO outputs(Sensor_ID, Sensor_IP, State, Pending_Update) VALUES ('$outputname', '$outputip','$state','1')");

    header("location: insertname.php");
}


?>

<!DOCTYPE html>
    <html>
        <head>
        <meta charset="utf-8">
        <title> Switch </title>
    </head>
<body>

<h2 class="title">Please fill in your switches Details</h2>

    <!-- Posts data inserted here -->
    <form method="post" action="insertname.php">

        <!-- Form to enter Device Name, Output IP, State --> 
        <tr>    
            <td>  Relay Name: </td>
            <td><input type="text" name="outputname" class="textInput" required="required"></td>
        </tr> 

        <tr>
            <td>  Relay IP:</td>
            <td><input type="text" name="outputip" class="textInput" required="required"></td>
        </tr>

        <tr>
            <td>  Relay State: On = 1  Off = 0</td>
            <td><input type="text" name="state" class="textInput" required="required"></td>
        </tr>
            <td><input type="submit" name="confirmbut" value="Enter" class="enterbutton" > </td>
        </tr>

       </form>  
    </body>
 </html>
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

would you be able to point out what changes you made please want to learn from my errors thanks.
First, I changed the form input name to outputname, as someone mentioned in a comment earlier, you cannot use spaces. Then changed the references I mentioned in my original comment. $sensorname and sensorname to $outputname and outputname for example. You should make sure you heed the warning in the other comment that using escaped strings leaves you open to injection attacks.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.