1

I am playing around with php, i wish to make a simple api to save my name field in database using chrome postman

The is my php code:

<?php

header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type,x-prototype-version,x-requested-with');
header('Cache-Control: max-age=900');
header("Content-Type: application/json"); // tell client that we are sending json data


$servername = "localhost";
$username = "";
$password = "";
$dbname = "";

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
} 

$dxname  =$_GET['name'];

$sql = "INSERT INTO crudtable(firstname, lastname, email,favjob)
VALUES ('".$dxname."', 'Doe', '[email protected]','coder')";

if ($conn->query($sql) === TRUE) {
    echo json_encode("New record created successfully");
   // echo "New record created successfully";
} else {
    echo json_encode("Some error");
   // echo "Error: " . $sql . "<br>" . $conn->error;
}

$conn->close();
?>

When i am using postman , 1. the name is not getting saved in db [only hard coded values are being saved] 2. I am not getting echo json_encode("New record created successfully"); once data is saved.

Please help, attaching screenshot of my postman result and how i am passing the name variable

Click here to see the image

Improve this question
2
  • WARNING: When using mysqli you should be using parameterized queries and bind_param to add user data to your query. DO NOT use string interpolation or concatenation to accomplish this because you have created a severe SQL injection bug. NEVER put $_POST, $_GET or any user data directly into a query, it can be very harmful if someone seeks to exploit your mistake. Commented Jun 9, 2017 at 6:56
  • Do try and get out of the habit of cluttering up your code with needless things like === TRUE. Many functions are designed to return values that evaluate as logically true or false so that's redundant. Commented Jun 9, 2017 at 6:56

2 Answers 2

Reset to default
2

You are sending data through post method and you are using GET.

Change:

$dxname  =$_GET['name'];

To

$dxname  =$_POST['name'];

ALso:

if ($conn->query($sql) === TRUE) {

To

if ($result = $conn->query($sql))
{ echo json_encode("New record created successfully");
   // echo "New record created successfully";
} else {
    echo json_encode("Some error");
   // echo "Error: " . $sql . "<br>" . $conn->error;
}

Cannot query MySQL database via PHP

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

data saved but still not getting the success message, i am getting same thing in postman, see above attached image or i am copying message here aswell - <br /> <b>Warning</b>: Cannot modify header information - headers already sent by (output started at /home2/saurabh/public_html/edits/pro/users/funiks/adminv8/products-api/crudtable-add.php:2) in <b>/home2/saurabh/public_html/edits/pro/users/funiks/adminv8/products-api/crudtable-add.php</b> on line <b>4</b>
i think you don't need to add headers
worked without header, but if i am sending data in json i'll be needing it, right ?
0

Json should be an array.. try this

echo json_encode(array("Success"));

where did you get the $_GET method? can you show us the html page? you can try using $_POST['name'];

Improve this answer

1 Comment

json issue still there

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.